Comment 6 for bug 2068602

I disassembled the offending code, the error is in the following code:

r13 is zero so the mov 0x40 is accessing data from the NULL ptr in r13

ffffffff8172898f: 4d 8b 55 40 mov 0x40(%r13),%r10 <---- here
ffffffff81728993: 4d 8d ba c0 00 00 00 lea 0xc0(%r10),%r15
ffffffff8172899a: 4c 89 55 c0 mov %r10,-0x40(%rbp)
ffffffff8172899e: 4c 89 ff mov %r15,%rdi
ffffffff817289a1: e8 6a d3 af 00 call 0xffffffff82225d10 <--- down_write()

So looking at aafs_create() in security/apparmor/apparmorfs.c I'm presuming the dir from d_inode(parent) is null and this is tripping this issue.

Would be good to get John the apparmor maintainer to look at this.

Normally I'd help debug this further, but I don't know how to get access to the RT kernel source.