{"api_version":"1","generated_at":"2026-06-19T05:41:21+00:00","cve":"CVE-2023-53629","urls":{"html":"https://cve.report/CVE-2023-53629","api":"https://cve.report/api/cve/CVE-2023-53629.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-53629","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-53629"},"summary":{"title":"fs: dlm: fix use after free in midcomms commit","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs: dlm: fix use after free in midcomms commit\n\nWhile working on processing dlm message in softirq context I experienced\nthe following KASAN use-after-free warning:\n\n[  151.760477] ==================================================================\n[  151.761803] BUG: KASAN: use-after-free in dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.763414] Read of size 4 at addr ffff88811a980c60 by task lock_torture/1347\n\n[  151.765284] CPU: 7 PID: 1347 Comm: lock_torture Not tainted 6.1.0-rc4+ #2828\n[  151.766778] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-3.module+el8.7.0+16134+e5908aa2 04/01/2014\n[  151.768726] Call Trace:\n[  151.769277]  <TASK>\n[  151.769748]  dump_stack_lvl+0x5b/0x86\n[  151.770556]  print_report+0x180/0x4c8\n[  151.771378]  ? kasan_complete_mode_report_info+0x7c/0x1e0\n[  151.772241]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.773069]  kasan_report+0x93/0x1a0\n[  151.773668]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.774514]  __asan_load4+0x7e/0xa0\n[  151.775089]  dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.775890]  ? create_message.isra.29.constprop.64+0x57/0xc0\n[  151.776770]  send_common+0x19f/0x1b0\n[  151.777342]  ? remove_from_waiters+0x60/0x60\n[  151.778017]  ? lock_downgrade+0x410/0x410\n[  151.778648]  ? __this_cpu_preempt_check+0x13/0x20\n[  151.779421]  ? rcu_lockdep_current_cpu_online+0x88/0xc0\n[  151.780292]  _convert_lock+0x46/0x150\n[  151.780893]  convert_lock+0x7b/0xc0\n[  151.781459]  dlm_lock+0x3ac/0x580\n[  151.781993]  ? 0xffffffffc0540000\n[  151.782522]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.783379]  ? dlm_scan_rsbs+0xa70/0xa70\n[  151.784003]  ? preempt_count_sub+0xd6/0x130\n[  151.784661]  ? is_module_address+0x47/0x70\n[  151.785309]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.786166]  ? 0xffffffffc0540000\n[  151.786693]  ? lockdep_init_map_type+0xc3/0x360\n[  151.787414]  ? 0xffffffffc0540000\n[  151.787947]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.789004]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.789858]  ? 0xffffffffc0540000\n[  151.790392]  ? lock_torture_cleanup+0x20/0x20 [dlm_locktorture]\n[  151.791347]  ? delay_tsc+0x94/0xc0\n[  151.791898]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.792735]  ? torture_start+0x30/0x30 [dlm_locktorture]\n[  151.793606]  lock_torture+0x177/0x270 [dlm_locktorture]\n[  151.794448]  ? torture_dlm_lock_sync.isra.3+0x150/0x150 [dlm_locktorture]\n[  151.795539]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.796476]  ? do_raw_spin_lock+0x11e/0x1e0\n[  151.797152]  ? mark_held_locks+0x34/0xb0\n[  151.797784]  ? _raw_spin_unlock_irqrestore+0x30/0x70\n[  151.798581]  ? __kthread_parkme+0x79/0x110\n[  151.799246]  ? trace_preempt_on+0x2a/0xf0\n[  151.799902]  ? __kthread_parkme+0x79/0x110\n[  151.800579]  ? preempt_count_sub+0xd6/0x130\n[  151.801271]  ? __kasan_check_read+0x11/0x20\n[  151.801963]  ? __kthread_parkme+0xec/0x110\n[  151.802630]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.803569]  kthread+0x192/0x1d0\n[  151.804104]  ? kthread_complete_and_exit+0x30/0x30\n[  151.804881]  ret_from_fork+0x1f/0x30\n[  151.805480]  </TASK>\n\n[  151.806111] Allocated by task 1347:\n[  151.806681]  kasan_save_stack+0x26/0x50\n[  151.807308]  kasan_set_track+0x25/0x30\n[  151.807920]  kasan_save_alloc_info+0x1e/0x30\n[  151.808609]  __kasan_slab_alloc+0x63/0x80\n[  151.809263]  kmem_cache_alloc+0x1ad/0x830\n[  151.809916]  dlm_allocate_mhandle+0x17/0x20\n[  151.810590]  dlm_midcomms_get_mhandle+0x96/0x260\n[  151.811344]  _create_message+0x95/0x180\n[  151.811994]  create_message.isra.29.constprop.64+0x57/0xc0\n[  151.812880]  send_common+0x129/0x1b0\n[  151.813467]  _convert_lock+0x46/0x150\n[  151.814074]  convert_lock+0x7b/0xc0\n[  151.814648]  dlm_lock+0x3ac/0x580\n[  151.815199]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.816258]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.817129]  lock_t\n---truncated---","state":"PUBLISHED","assigner":"Linux","published_at":"2025-10-07 16:15:45","updated_at":"2026-06-01 17:16:25"},"problem_types":["CWE-416"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}}],"references":[{"url":"https://git.kernel.org/stable/c/84d6ce2aef1d06a53f606211da68a2085dfeb50d","name":"https://git.kernel.org/stable/c/84d6ce2aef1d06a53f606211da68a2085dfeb50d","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/a2de9f9b686c71b4fa3663ae374f5f643c46a446","name":"https://git.kernel.org/stable/c/a2de9f9b686c71b4fa3663ae374f5f643c46a446","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/a3b0e9ac3c2447008db942d51f593841d8329e99","name":"https://git.kernel.org/stable/c/a3b0e9ac3c2447008db942d51f593841d8329e99","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://git.kernel.org/stable/c/724b6bab0d75f1dc01fdfbf7fe8d4217a5cb90ba","name":"https://git.kernel.org/stable/c/724b6bab0d75f1dc01fdfbf7fe8d4217a5cb90ba","refsource":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-53629","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53629","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 489d8e559c6596eb08e16447d9830bc39afbe54e 84d6ce2aef1d06a53f606211da68a2085dfeb50d git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 489d8e559c6596eb08e16447d9830bc39afbe54e a3b0e9ac3c2447008db942d51f593841d8329e99 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 489d8e559c6596eb08e16447d9830bc39afbe54e a2de9f9b686c71b4fa3663ae374f5f643c46a446 git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 489d8e559c6596eb08e16447d9830bc39afbe54e 724b6bab0d75f1dc01fdfbf7fe8d4217a5cb90ba git","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"affected 5.14","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.14 semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 5.15.209 5.15.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.1.20 6.1.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.2.3 6.2.* semver","platforms":[]},{"source":"CNA","vendor":"Linux","product":"Linux","version":"unaffected 6.3 * original_commit_for_fix","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"53629","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Linux","programFiles":["fs/dlm/midcomms.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"lessThan":"84d6ce2aef1d06a53f606211da68a2085dfeb50d","status":"affected","version":"489d8e559c6596eb08e16447d9830bc39afbe54e","versionType":"git"},{"lessThan":"a3b0e9ac3c2447008db942d51f593841d8329e99","status":"affected","version":"489d8e559c6596eb08e16447d9830bc39afbe54e","versionType":"git"},{"lessThan":"a2de9f9b686c71b4fa3663ae374f5f643c46a446","status":"affected","version":"489d8e559c6596eb08e16447d9830bc39afbe54e","versionType":"git"},{"lessThan":"724b6bab0d75f1dc01fdfbf7fe8d4217a5cb90ba","status":"affected","version":"489d8e559c6596eb08e16447d9830bc39afbe54e","versionType":"git"}]},{"defaultStatus":"affected","product":"Linux","programFiles":["fs/dlm/midcomms.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","vendor":"Linux","versions":[{"status":"affected","version":"5.14"},{"lessThan":"5.14","status":"unaffected","version":"0","versionType":"semver"},{"lessThanOrEqual":"5.15.*","status":"unaffected","version":"5.15.209","versionType":"semver"},{"lessThanOrEqual":"6.1.*","status":"unaffected","version":"6.1.20","versionType":"semver"},{"lessThanOrEqual":"6.2.*","status":"unaffected","version":"6.2.3","versionType":"semver"},{"lessThanOrEqual":"*","status":"unaffected","version":"6.3","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.209","versionStartIncluding":"5.14","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.1.20","versionStartIncluding":"5.14","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.2.3","versionStartIncluding":"5.14","vulnerable":true},{"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3","versionStartIncluding":"5.14","vulnerable":true}],"negate":false,"operator":"OR"}]}],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs: dlm: fix use after free in midcomms commit\n\nWhile working on processing dlm message in softirq context I experienced\nthe following KASAN use-after-free warning:\n\n[  151.760477] ==================================================================\n[  151.761803] BUG: KASAN: use-after-free in dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.763414] Read of size 4 at addr ffff88811a980c60 by task lock_torture/1347\n\n[  151.765284] CPU: 7 PID: 1347 Comm: lock_torture Not tainted 6.1.0-rc4+ #2828\n[  151.766778] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-3.module+el8.7.0+16134+e5908aa2 04/01/2014\n[  151.768726] Call Trace:\n[  151.769277]  <TASK>\n[  151.769748]  dump_stack_lvl+0x5b/0x86\n[  151.770556]  print_report+0x180/0x4c8\n[  151.771378]  ? kasan_complete_mode_report_info+0x7c/0x1e0\n[  151.772241]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.773069]  kasan_report+0x93/0x1a0\n[  151.773668]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.774514]  __asan_load4+0x7e/0xa0\n[  151.775089]  dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.775890]  ? create_message.isra.29.constprop.64+0x57/0xc0\n[  151.776770]  send_common+0x19f/0x1b0\n[  151.777342]  ? remove_from_waiters+0x60/0x60\n[  151.778017]  ? lock_downgrade+0x410/0x410\n[  151.778648]  ? __this_cpu_preempt_check+0x13/0x20\n[  151.779421]  ? rcu_lockdep_current_cpu_online+0x88/0xc0\n[  151.780292]  _convert_lock+0x46/0x150\n[  151.780893]  convert_lock+0x7b/0xc0\n[  151.781459]  dlm_lock+0x3ac/0x580\n[  151.781993]  ? 0xffffffffc0540000\n[  151.782522]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.783379]  ? dlm_scan_rsbs+0xa70/0xa70\n[  151.784003]  ? preempt_count_sub+0xd6/0x130\n[  151.784661]  ? is_module_address+0x47/0x70\n[  151.785309]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.786166]  ? 0xffffffffc0540000\n[  151.786693]  ? lockdep_init_map_type+0xc3/0x360\n[  151.787414]  ? 0xffffffffc0540000\n[  151.787947]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.789004]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.789858]  ? 0xffffffffc0540000\n[  151.790392]  ? lock_torture_cleanup+0x20/0x20 [dlm_locktorture]\n[  151.791347]  ? delay_tsc+0x94/0xc0\n[  151.791898]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.792735]  ? torture_start+0x30/0x30 [dlm_locktorture]\n[  151.793606]  lock_torture+0x177/0x270 [dlm_locktorture]\n[  151.794448]  ? torture_dlm_lock_sync.isra.3+0x150/0x150 [dlm_locktorture]\n[  151.795539]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.796476]  ? do_raw_spin_lock+0x11e/0x1e0\n[  151.797152]  ? mark_held_locks+0x34/0xb0\n[  151.797784]  ? _raw_spin_unlock_irqrestore+0x30/0x70\n[  151.798581]  ? __kthread_parkme+0x79/0x110\n[  151.799246]  ? trace_preempt_on+0x2a/0xf0\n[  151.799902]  ? __kthread_parkme+0x79/0x110\n[  151.800579]  ? preempt_count_sub+0xd6/0x130\n[  151.801271]  ? __kasan_check_read+0x11/0x20\n[  151.801963]  ? __kthread_parkme+0xec/0x110\n[  151.802630]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.803569]  kthread+0x192/0x1d0\n[  151.804104]  ? kthread_complete_and_exit+0x30/0x30\n[  151.804881]  ret_from_fork+0x1f/0x30\n[  151.805480]  </TASK>\n\n[  151.806111] Allocated by task 1347:\n[  151.806681]  kasan_save_stack+0x26/0x50\n[  151.807308]  kasan_set_track+0x25/0x30\n[  151.807920]  kasan_save_alloc_info+0x1e/0x30\n[  151.808609]  __kasan_slab_alloc+0x63/0x80\n[  151.809263]  kmem_cache_alloc+0x1ad/0x830\n[  151.809916]  dlm_allocate_mhandle+0x17/0x20\n[  151.810590]  dlm_midcomms_get_mhandle+0x96/0x260\n[  151.811344]  _create_message+0x95/0x180\n[  151.811994]  create_message.isra.29.constprop.64+0x57/0xc0\n[  151.812880]  send_common+0x129/0x1b0\n[  151.813467]  _convert_lock+0x46/0x150\n[  151.814074]  convert_lock+0x7b/0xc0\n[  151.814648]  dlm_lock+0x3ac/0x580\n[  151.815199]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.816258]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.817129]  lock_t\n---truncated---"}],"providerMetadata":{"dateUpdated":"2026-06-01T16:04:23.458Z","orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux"},"references":[{"url":"https://git.kernel.org/stable/c/84d6ce2aef1d06a53f606211da68a2085dfeb50d"},{"url":"https://git.kernel.org/stable/c/a3b0e9ac3c2447008db942d51f593841d8329e99"},{"url":"https://git.kernel.org/stable/c/a2de9f9b686c71b4fa3663ae374f5f643c46a446"},{"url":"https://git.kernel.org/stable/c/724b6bab0d75f1dc01fdfbf7fe8d4217a5cb90ba"}],"title":"fs: dlm: fix use after free in midcomms commit","x_generator":{"engine":"bippy-1.2.0"}}},"cveMetadata":{"assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","assignerShortName":"Linux","cveId":"CVE-2023-53629","datePublished":"2025-10-07T15:19:32.960Z","dateReserved":"2025-10-07T15:16:59.656Z","dateUpdated":"2026-06-01T16:04:23.458Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-10-07 16:15:45","lastModifiedDate":"2026-06-01 17:16:25","problem_types":["CWE-416"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.1.20","matchCriteriaId":"11DC9B79-A3D9-48E0-ACA3-BD431CD1AEE1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.2.3","matchCriteriaId":"88C67289-22AD-4CA9-B202-5F5A80E5BA4B"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2023","CveId":"53629","Ordinal":"1","Title":"fs: dlm: fix use after free in midcomms commit","CVE":"CVE-2023-53629","Year":"2023"},"notes":[{"CveYear":"2023","CveId":"53629","Ordinal":"1","NoteData":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs: dlm: fix use after free in midcomms commit\n\nWhile working on processing dlm message in softirq context I experienced\nthe following KASAN use-after-free warning:\n\n[  151.760477] ==================================================================\n[  151.761803] BUG: KASAN: use-after-free in dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.763414] Read of size 4 at addr ffff88811a980c60 by task lock_torture/1347\n\n[  151.765284] CPU: 7 PID: 1347 Comm: lock_torture Not tainted 6.1.0-rc4+ #2828\n[  151.766778] Hardware name: Red Hat KVM/RHEL-AV, BIOS 1.16.0-3.module+el8.7.0+16134+e5908aa2 04/01/2014\n[  151.768726] Call Trace:\n[  151.769277]  <TASK>\n[  151.769748]  dump_stack_lvl+0x5b/0x86\n[  151.770556]  print_report+0x180/0x4c8\n[  151.771378]  ? kasan_complete_mode_report_info+0x7c/0x1e0\n[  151.772241]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.773069]  kasan_report+0x93/0x1a0\n[  151.773668]  ? dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.774514]  __asan_load4+0x7e/0xa0\n[  151.775089]  dlm_midcomms_commit_mhandle+0x19d/0x4b0\n[  151.775890]  ? create_message.isra.29.constprop.64+0x57/0xc0\n[  151.776770]  send_common+0x19f/0x1b0\n[  151.777342]  ? remove_from_waiters+0x60/0x60\n[  151.778017]  ? lock_downgrade+0x410/0x410\n[  151.778648]  ? __this_cpu_preempt_check+0x13/0x20\n[  151.779421]  ? rcu_lockdep_current_cpu_online+0x88/0xc0\n[  151.780292]  _convert_lock+0x46/0x150\n[  151.780893]  convert_lock+0x7b/0xc0\n[  151.781459]  dlm_lock+0x3ac/0x580\n[  151.781993]  ? 0xffffffffc0540000\n[  151.782522]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.783379]  ? dlm_scan_rsbs+0xa70/0xa70\n[  151.784003]  ? preempt_count_sub+0xd6/0x130\n[  151.784661]  ? is_module_address+0x47/0x70\n[  151.785309]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.786166]  ? 0xffffffffc0540000\n[  151.786693]  ? lockdep_init_map_type+0xc3/0x360\n[  151.787414]  ? 0xffffffffc0540000\n[  151.787947]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.789004]  ? torture_stop+0x120/0x120 [dlm_locktorture]\n[  151.789858]  ? 0xffffffffc0540000\n[  151.790392]  ? lock_torture_cleanup+0x20/0x20 [dlm_locktorture]\n[  151.791347]  ? delay_tsc+0x94/0xc0\n[  151.791898]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.792735]  ? torture_start+0x30/0x30 [dlm_locktorture]\n[  151.793606]  lock_torture+0x177/0x270 [dlm_locktorture]\n[  151.794448]  ? torture_dlm_lock_sync.isra.3+0x150/0x150 [dlm_locktorture]\n[  151.795539]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.796476]  ? do_raw_spin_lock+0x11e/0x1e0\n[  151.797152]  ? mark_held_locks+0x34/0xb0\n[  151.797784]  ? _raw_spin_unlock_irqrestore+0x30/0x70\n[  151.798581]  ? __kthread_parkme+0x79/0x110\n[  151.799246]  ? trace_preempt_on+0x2a/0xf0\n[  151.799902]  ? __kthread_parkme+0x79/0x110\n[  151.800579]  ? preempt_count_sub+0xd6/0x130\n[  151.801271]  ? __kasan_check_read+0x11/0x20\n[  151.801963]  ? __kthread_parkme+0xec/0x110\n[  151.802630]  ? lock_torture_stats+0x80/0x80 [dlm_locktorture]\n[  151.803569]  kthread+0x192/0x1d0\n[  151.804104]  ? kthread_complete_and_exit+0x30/0x30\n[  151.804881]  ret_from_fork+0x1f/0x30\n[  151.805480]  </TASK>\n\n[  151.806111] Allocated by task 1347:\n[  151.806681]  kasan_save_stack+0x26/0x50\n[  151.807308]  kasan_set_track+0x25/0x30\n[  151.807920]  kasan_save_alloc_info+0x1e/0x30\n[  151.808609]  __kasan_slab_alloc+0x63/0x80\n[  151.809263]  kmem_cache_alloc+0x1ad/0x830\n[  151.809916]  dlm_allocate_mhandle+0x17/0x20\n[  151.810590]  dlm_midcomms_get_mhandle+0x96/0x260\n[  151.811344]  _create_message+0x95/0x180\n[  151.811994]  create_message.isra.29.constprop.64+0x57/0xc0\n[  151.812880]  send_common+0x129/0x1b0\n[  151.813467]  _convert_lock+0x46/0x150\n[  151.814074]  convert_lock+0x7b/0xc0\n[  151.814648]  dlm_lock+0x3ac/0x580\n[  151.815199]  torture_dlm_lock_sync.isra.3+0xe9/0x150 [dlm_locktorture]\n[  151.816258]  torture_ex_iter+0xc3/0xea [dlm_locktorture]\n[  151.817129]  lock_t\n---truncated---","Type":"Description","Title":"fs: dlm: fix use after free in midcomms commit"}]}}}