Re: [PATCH 2/3] mm/hugetlb: take refcount under page table lock in follow_huge_pmd()

From: David Rientjes
Date: Mon Jul 28 2014 - 19:02:40 EST

On Mon, 28 Jul 2014, Naoya Horiguchi wrote:

> We have a race condition between move_pages() and freeing hugepages,
> where move_pages() calls follow_page(FOLL_GET) for hugepages internally
> and tries to get its refcount without preventing concurrent freeing.
> This race crashes the kernel, so this patch fixes it by moving FOLL_GET
> code for hugepages into follow_huge_pmd() with taking the page table lock.

