I'm still able to recreate this issue with kernel version 3.13.0-52-generic #85-Ubuntu SMP Wed Apr 29 16:44:17 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
It looks like a different set of audit rules causes the same issue. To replicate: Install 3.13.0-52-generic kernel apt-get install auditd in /etc/audit/audit.rules --- -D -b 5000 -f 0 -r 15000 -a exit,always -F arch=b64 -S execve -S exit -S exit_group -S fork -S clone -S vfork -S accept -S accept4 -S connect -S bind -S listen --- restart auditd below stacktrace happens. Stacktrace: [ 186.897309] BUG: unable to handle kernel NULL pointer dereference at 0000000000000690 [ 186.897322] IP: [<ffffffff8136cbb0>] strlen+0x0/0x30 [ 186.897331] PGD 0 [ 186.897334] Oops: 0000 [#1] SMP [ 186.897339] Modules linked in: dm_crypt crct10dif_pclmul crc32_pclmul ghash_clmulni_intel isofs aesni_intel aes_x86_64 glue_helper lrw gf128mul ablk_helper cryptd [ 186.897357] CPU: 0 PID: 2206 Comm: sudo Not tainted 3.13.0-52-generic #85-Ubuntu [ 186.897363] task: ffff880003286000 ti: ffff880002a04000 task.ti: ffff880002a04000 [ 186.897368] RIP: e030:[<ffffffff8136cbb0>] [<ffffffff8136cbb0>] strlen+0x0/0x30 [ 186.897375] RSP: e02b:ffff880002a05df0 EFLAGS: 00010286 [ 186.897379] RAX: ffff880002a05d40 RBX: 0000000000000690 RCX: 0000000000000000 [ 186.897382] RDX: 0000000000000036 RSI: 0000000000000690 RDI: 0000000000000690 [ 186.897385] RBP: ffff880002a05e08 R08: 0000000000000000 R09: 000000000000fffe [ 186.897389] R10: 0000000000000000 R11: ffff880002a05c06 R12: ffff8801d298f340 [ 186.897393] R13: 0000000000000000 R14: ffff8801d0fa2000 R15: 0000000000000000 [ 186.897401] FS: 00007f4a94370840(0000) GS:ffff8801dee00000(0000) knlGS:0000000000000000 [ 186.897408] CS: e033 DS: 0000 ES: 0000 CR0: 000000008005003b [ 186.897412] CR2: 0000000000000690 CR3: 00000000031f5000 CR4: 0000000000002660 [ 186.897418] Stack: [ 186.897420] ffffffff810f7fda ffff8801d298f340 ffff8801d0fa2060 ffff880002a05e78 [ 186.897425] ffffffff810f9581 ffffffff8172a480 ffffffff81c55740 ffff880002a05e60 [ 186.897430] ffffffff8172a480 ffff880002a05ef0 ffff880002a05e60 ffffffff810f6b93 [ 186.897435] Call Trace: [ 186.897441] [<ffffffff810f7fda>] ? audit_log_untrustedstring+0x1a/0x30 [ 186.897445] [<ffffffff810f9581>] audit_log_name+0x281/0x320 [ 186.897451] [<ffffffff8172a480>] ? _raw_spin_unlock_irqrestore+0x20/0x40 [ 186.897455] [<ffffffff8172a480>] ? _raw_spin_unlock_irqrestore+0x20/0x40 [ 186.897459] [<ffffffff810f6b93>] ? audit_buffer_free+0x73/0xa0 [ 186.897463] [<ffffffff810fbe37>] audit_log_exit+0x3d7/0xb90 [ 186.897467] [<ffffffff810fe5bf>] __audit_syscall_exit+0x27f/0x2e0 [ 186.897472] [<ffffffff81733224>] sysret_audit+0x17/0x21 [ 186.897474] Code: 89 f8 48 89 e5 f6 82 40 c7 84 81 20 74 15 0f 1f 44 00 00 48 83 c0 01 0f b6 10 f6 82 40 c7 84 81 20 75 f0 5d c3 66 0f 1f 44 00 00 <80> 3f 00 55 48 89 e5 74 15 48 89 f8 0f 1f 40 00 48 83 c0 01 80 [ 186.897508] RIP [<ffffffff8136cbb0>] strlen+0x0/0x30 [ 186.897511] RSP <ffff880002a05df0> [ 186.897513] CR2: 0000000000000690 [ 186.897516] ---[ end trace 2626030fc35ecb54 ]--- -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1450442 Title: Kernel Oops - unable to handle kernel NULL pointer dereference at (null); Call Trace: [<ffffffff810fb39b>] ? audit_compare_dname_path+0x2b/0xa0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1450442/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
