Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8412202rwb;
        Tue, 13 Dec 2022 06:09:26 -0800 (PST)
X-Google-Smtp-Source: AA0mqf6J1f8pA5QzIEMYcIbii+8+PeYB9lawPIZB61vOzBhShPDR1wuOkzt8Cn7gukxXU03SADjU
X-Received: by 2002:a05:6a20:a028:b0:9d:efbe:52b2 with SMTP id p40-20020a056a20a02800b0009defbe52b2mr29917144pzj.34.1670940566159;
        Tue, 13 Dec 2022 06:09:26 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1670940566; cv=pass;
        d=google.com; s=arc-20160816;
        b=iYeo4UeLle81jXQqX67a4Xm0+MnstkX/dMTaP/xNKd3lOFKLiWxhu+O59H5CZoErur
         GeOIgb9zs1rl3da4GbZTXcOSTAQQtOXDFcZbmtNCfmPJ7lI1qNi14aIrRIgzYpp2TdOK
         oF30IX0PMfrGykYvZRfD0ZQgxmJXM0xeZoDr/r97Q1zlrsmOSnW5ZnohyQTCa60/M1wZ
         kdGc1vGPEC6UZrt67nCG5eJhs5u7XCKrWplD+Do+EuX67RwKzK28CTwN0M946DflfKzm
         4Sswz7gW6CLB34l6iQ/c9jJ4yAfajUWJiRC5wvjQwhDgfrSqBCgzlxgkXOocr50cnb75
         MdKA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:content-id:references:message-id
         :in-reply-to:subject:cc:to:from:date:dkim-signature;
        bh=7UL4JV10Lx0/ubKWd93Uqbl9IOSpgrlEkeyrS9C8YCA=;
        b=xfDB4ar43jaSJPx1JgFeZvtCU8jKMJ2M6ZJlHAYYwgDDZtKyr/5xh7v5jkMMf9KyUE
         XtpacqK/Mrne2eouo46q7gyqeXnNBz0svO7Kwd6v8Btj5DpbfNEbusTPjIQtP36AWbRg
         eJy3uoUk5vY1xbN0SEAix9cD1cABUKmBTz7vCCOyhzxTziDK2lYrAicYC4DjTHoZItee
         PZe1Fm0LtEwg6A1FeO9p1vb0Gcw9s1QsiODZf0lzix4X4Jfss/8nUR649jEoHGn15u9z
         0QgTAc2wamPrKBD83jL2cHfNSUq/aAUTOrMSYGlpAv35rAGJb/VfIbmzFsSjNb19peFS
         wVSg==
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@vigem.de header.s=selector2 header.b="LRQLMy/u";
       arc=pass (i=1 spf=pass spfdomain=vigem.de dkim=pass dkdomain=vigem.de dmarc=pass fromdomain=vigem.de);
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id h123-20020a636c81000000b0047958831653si4567876pgc.525.2022.12.13.06.09.16;
        Tue, 13 Dec 2022 06:09:26 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@vigem.de header.s=selector2 header.b="LRQLMy/u";
       arc=pass (i=1 spf=pass spfdomain=vigem.de dkim=pass dkdomain=vigem.de dmarc=pass fromdomain=vigem.de);
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235770AbiLMOAj (ORCPT <rfc822;2bno13@gmail.com> + 72 others);
        Tue, 13 Dec 2022 09:00:39 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59996 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229820AbiLMOAg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 13 Dec 2022 09:00:36 -0500
Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on2050.outbound.protection.outlook.com [40.107.105.50])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2DAD915709;
        Tue, 13 Dec 2022 06:00:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=b9BtkidUrYRPa2mtojWBhyoBQwX6g5NiFtwa9pm4dwWColrQ/lAJSCyxK/jcGc+tMRVQ/cMi9dJEcxIP72cjNHz3lXiBSlzwHyTvO4Wgil0xZKzHrcoNI0XVOxElTemNOMwntPssu4FYDmT0l1HsUq3+C/JZPAa/69KPA/oHv1eFkZS3gfHtmZFhUAPSDESrBoGxpa+zeaewRsceL+ZU1dAYkRmvshknLELFxSGjn4M0XEzmC6lYfy9CEY3y0v5Sr77AFb4NNF5T2dnfUbM5TNHb27WJHVHnWUOyiTeItTkFQCi7h14rtqM+JZ4sSEs5Le9Dtrk0tqhzSYxZmfahuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=7UL4JV10Lx0/ubKWd93Uqbl9IOSpgrlEkeyrS9C8YCA=;
 b=go5tMk9cq1fsvimoHVtNTOHgg56dl0bLwhVr3FHsabQOkEp+wOgntGMhcw8avgcVKqntd8CL58VfVg1+4SKbOLigItHPR/9t34/KHhrR3Y5doohpfw5b1toN6Adv4X7rNOVM5YR+ioojyD3vHGGit3hNqDbA2MCZ/KLwSpqru1JiABmVei4q93+uoRePgfZ7f2/JxTtklF8uW8J7kzZ2aFzMCukv0Jk4eRiqQQ84hhnt+LdvT6kGJrdUMkkUb9xvswvUOCfEv+0iQBBVPYebS1bHPeaOWEzhdOM8Coi1tC8AU9QnStPF//qbE17TgmbnQdypvAHAqDHHkbdsSg1VDQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=vigem.de; dmarc=pass action=none header.from=vigem.de;
 dkim=pass header.d=vigem.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vigem.de; s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=7UL4JV10Lx0/ubKWd93Uqbl9IOSpgrlEkeyrS9C8YCA=;
 b=LRQLMy/uXVPP9ujLZ0qUJXdo4cos96ugiW7GBqS0f8DQ4gCLhwADYuBlWBI3arW3KD98fTqvi0lsomHhGcg23T4nH8mgQbfzUfTSMOndXa4BUZ2wvaMkpTTqIuVS45FoK19rsXK3zogTApJ7eEOvWd92QIgotHex57FEohgM2U8=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=vigem.de;
Received: from DU0P190MB1930.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:3bd::20)
 by AM0P190MB0644.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:199::15) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.19; Tue, 13 Dec
 2022 14:00:32 +0000
Received: from DU0P190MB1930.EURP190.PROD.OUTLOOK.COM
 ([fe80::ece:ddee:45dd:492]) by DU0P190MB1930.EURP190.PROD.OUTLOOK.COM
 ([fe80::ece:ddee:45dd:492%4]) with mapi id 15.20.5880.019; Tue, 13 Dec 2022
 14:00:32 +0000
Date:   Tue, 13 Dec 2022 15:00:30 +0100 (CET)
From:   =?UTF-8?Q?Sven_Z=C3=BChlsdorf?= <sven.zuehlsdorf@vigem.de>
To:     Rishi Gupta <gupt21@gmail.com>
cc:     Randy Dunlap <rdunlap@infradead.org>,
        Benjamin Tissoires <benjamin.tissoires@redhat.com>,
        Enrik Berkhan <Enrik.Berkhan@inka.de>,
        linux-i2c@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: NULL pointer dereferences in hid-mcp2221
In-Reply-To: <79152feb-bcbc-9e3e-e776-13170ae4ef40@vigem.de>
Message-ID: <ef597e73-ed71-168e-52af-0d19b03734ac@vigem.de>
References: <79152feb-bcbc-9e3e-e776-13170ae4ef40@vigem.de>
Content-Type: multipart/mixed; BOUNDARY="8323329-960696319-1670604523=:61397"
Content-ID: <ab8bd398-6f4f-9745-be1d-3c54020f465d@sven-laptop>
X-ClientProxiedBy: FR2P281CA0147.DEUP281.PROD.OUTLOOK.COM
 (2603:10a6:d10:98::12) To DU0P190MB1930.EURP190.PROD.OUTLOOK.COM
 (2603:10a6:10:3bd::20)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DU0P190MB1930:EE_|AM0P190MB0644:EE_
X-MS-Office365-Filtering-Correlation-Id: 75204c95-5fba-41b6-6dd8-08dadd12664d
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ABDQnlRdfwz5NDPkIRjHc3pH5gsPzYbe154iHYU10N6XBJyCaSd+rj8AKie5wBRLj1UOT+CUMIMgHSFaR2LDFnBil8acFjjvl/p/iffArBY5C+drhktFtvsAI5o4N0NrOyNOE7fjnmJx3MUzBBpBaYPz04UhacEhclQocrym/nAIJeUpNFP5Gb8aDFcAyZDHVcVAO0JkXzJxyE6BMNTjNAduz8zK4xClxoIG9Xc2kvFgjcjjeemiiJi+bf3YuYUcXZ7AWUAiHYpgKUbUVXEdySPkAtPOf8LzXGa0JD/LDzUMo34zSPjjn9YB925ArPQnbCfCiIyYcwZPe7nYbau+1XSIv96kRj8TmaKht0hSgoWoXI/4bZ7iRYuSft0uIvOkHf9sOo/1ddc5Hf4EsAmS9GXR64a/Xf81d9ccV9m1FwRWljb+FP0i7E0q+Er04LrTwg/eRCEpSumh9YGCn1ld7i/EcCUXNnB3u3QRxlHwWzJT4tEU4fzz29fGjkpb8NS+zjb9iOKSNLG8+xwasehYenGjXqLA0VZTGlfF4bojkNH0cYpoF5+n6Aq0p5zNBC5tEtKV/LcOi+XJhQMGyv6jmCeuUKZkZd8Ob2dTnfzi7dgZC24droBiTNjK8BOSLM6LL1bXlS1GNImi+F84BPsr0U4rr8T3zB49Rlqzl/GVeSdaQKT8vN4yVZLTIVW9+p30wbUkQWlI5Lm1q9CS3pdLgEOUdt/+yiLYCXpDh4nd3LRCyIsQjU83UjRTuh67zKxq
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DU0P190MB1930.EURP190.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230022)(4636009)(346002)(376002)(39840400004)(396003)(136003)(366004)(451199015)(66946007)(41300700001)(6916009)(316002)(54906003)(83380400001)(66476007)(86362001)(2906002)(8676002)(31696002)(4326008)(8936002)(38350700002)(38100700002)(36756003)(31686004)(5660300002)(66556008)(33964004)(6486002)(52116002)(966005)(478600001)(2616005)(6506007)(186003)(66574015)(26005)(6512007)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MGczTzZOZElnbkk2MnVXYkNDV291ektLNnpIYXRYc1NGTlg1N0o1eEFRT1pq?=
 =?utf-8?B?RlQ1QVBlVkozWkYwQ0hKeERDRGhtTFJiT1kya2lRdGowTTM1cmc5VmwwaTdE?=
 =?utf-8?B?TmVMWld6QzBtTWxscmpBN21NRDFsQTgvVmpVQm1QbTJlZXRZMlJSU29PLzdl?=
 =?utf-8?B?b3ZGZGFqWlVZU1V5SEFwSi8wcVUyV0hyeDJvOWw1L1dwNWZ2aU11Qm5tRHVa?=
 =?utf-8?B?aUkrWG1Xbkl0ZHAyTVJYaVdUSnZSUEFkTXhjZGhVeENsM3ZQcDNHc3lGaitL?=
 =?utf-8?B?RWlhMDNmWkxaMEdhUzVIMElxcnQzYklaeEhRaE5KSzVoWWc1YS9kSUtaWEg0?=
 =?utf-8?B?VDJHVFByaW43RUh3ZUFlYmlUQmpHSk9wK2htNUxyenBnTUprZitld1dSVGFr?=
 =?utf-8?B?Wk1wV1pXR3FoKzUyaXFZd3d2RnBBYW5IZXUvYU14QU0vaW0rVG4rN2E4eFZw?=
 =?utf-8?B?VnA3SVQzMkRqMlV0eTFYZzZFaHlva1BiamxSMmloTkFCckNaRFpaWkNCQnNN?=
 =?utf-8?B?ZFcyUVFJbHBBcEFiVUdBa3dkenNFTmM1cCtIRC9CaUZRdi94S09lUkxRVWRu?=
 =?utf-8?B?ZFBBdHBDVzFtemVHcE1od2lzWnhnTjFLbzJQS0E3OVdid1Y0bnJJMWZPbDQr?=
 =?utf-8?B?anIwN1VpbkVzU1g2MXBLNmwwdUpuMEVaT1I4dWdPME80dW1haHBBT1V6aU5r?=
 =?utf-8?B?SUp3N0FtMHRmR3hsL3NzZFBQVC83cDZXdEIrbU9tM3BENXRSNm9YVXBab0V2?=
 =?utf-8?B?c2g2bGl4b1JBclc2cXYyWnlzVXlUUjYxR3RMMS9zakV3dERhSzBEVFJkYzZP?=
 =?utf-8?B?bVlVVCtOeDBISXpXbi8ycExuVkZxckh0NWo1ZnpTeXkySFRPQ2RBRnB4RzJn?=
 =?utf-8?B?WDlKeTBhQzl6VklaaXNBejM0emlidmx5cmpxL2E3NFF5dFBvZjJZU3VHU2xl?=
 =?utf-8?B?THZLWVZ6MmNoVW5mN3RzdTUxTU9ndEVpR1o5RE1kZEx4bENpUDc3d0dSSGFI?=
 =?utf-8?B?S2lFL0xGRzhWUzcwV1g2cHdLZTVTZGQrTS8zdm5nYTFPeHVJM1RQVGtOaGRD?=
 =?utf-8?B?aEdVZ1p1WFBvL2NmQTV0QlN2YzVVUktkTXgwRFNSVzhXYlR5bnd0ZVgxRWFr?=
 =?utf-8?B?eElqZFI5MnFTMHJndnJDT1FrUGdob1I0Zjg3MTJicGZCOEJqSnBIUU9lMWpM?=
 =?utf-8?B?bjhBVzBFVFpZU2JGZjN5M3Joa2h6dHZiTkNJWUhsaGdpQ01aRUVia1hUQXVv?=
 =?utf-8?B?R3FwdXBHNmZuaDdGSkR6NnBibUVNNFdmdi9Ta2dzdkFRU2ZqK3c2KzVJQmJ2?=
 =?utf-8?B?NkJld05nNC81NlJxZW05aHM2VkJiMGNiQTJLemFvbjRrdG5PSzJobzg5ditp?=
 =?utf-8?B?UTBrakxqZUd0TXlaZ3Zrc2s1ZHJhQXMrSHphRFpRdzZrSVlXMXc5QVR1dXA0?=
 =?utf-8?B?UE00ZFZkRXhrWDFCOElIOWZmZ2dLMHlmeTRpcmEyZnZwVlA3TjdyR1FtaU93?=
 =?utf-8?B?TGFoU1JZM0tIN2I3dTVGSlErQzA1YU40OXBiYUpoaG5odC9DMjRKWm1abXJI?=
 =?utf-8?B?TFkwU2UzNGw0RFBXQjNGQnY1bWZZRFBBVUhud3pDNTNVTkRCM0hIVjkza0t5?=
 =?utf-8?B?aTgxYjQ0bEZDZTNrbmgzKzAwL0lFdWhGT0FYeG1QcFBueHNwMnR5YTREeEpR?=
 =?utf-8?B?TTdpaXhFSU9JWlh5NnZPaGxMTHlzUnc2TFplRHRBTWk2bmsrWkJIcFJHZTlV?=
 =?utf-8?B?dGpXaHM2U29HV0Uwc0ljOHNmTFdETlJmc2YxQmlJZzg5bmEyU2hzT2VOSFBw?=
 =?utf-8?B?QTR0R2VwQXNUclRqL2tlQjYvck90K0NkNmZBUzVJaENuZk5uOWd0M0xqcVdQ?=
 =?utf-8?B?WXNtNjIyeE1VR1lTQXNGV0NQU2Q0U1lZRTNiM3JyL0RkK1dUdTBOY0IzRVdG?=
 =?utf-8?B?b0RMR2R2eHZTVU1qdHhwdTZHSG9LRkRrNkZlL3RSNGxuOERiSERKMloyQVZG?=
 =?utf-8?B?SjlWdVJ0S2ZjUk13dEFhRGVkSys1ZTJZVUNJSjZhR29nampwL04zTGU2QlMx?=
 =?utf-8?B?b00veTI1QXA1a081Rlpoa2JBVnQ1MUZseHUwOEtQL1RQQ2FCWHEvRTd4Z2Iw?=
 =?utf-8?B?NW1EMEptT2NrbHNYeEJVTUFiWEJ3MFBDeFJDbkVUc05Rby9GNkZIRnR4MlRj?=
 =?utf-8?B?Y1E9PQ==?=
X-OriginatorOrg: vigem.de
X-MS-Exchange-CrossTenant-Network-Message-Id: 75204c95-5fba-41b6-6dd8-08dadd12664d
X-MS-Exchange-CrossTenant-AuthSource: DU0P190MB1930.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Dec 2022 14:00:32.4971
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: dc3cc44e-876e-4b98-9250-42df44be4933
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: N6WbWgF92JFps1XqZFZU9+4tq/jzAG/29R3UoeaxrzsZcjGZY/NqqaRu2WRgR9Uy+ZeMqAivZT5Taz+39rJHGTV3sEM0y50S67txK3ZZLkY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P190MB0644
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

--8323329-960696319-1670604523=:61397
Content-Type: text/plain; CHARSET=UTF-8; format=flowed
Content-Transfer-Encoding: 8BIT
Content-ID: <fff13c79-4a0a-4cfb-5bf2-582716254ac1@sven-laptop>

On Tue, 25 Oct 2022, Sven Zühlsdorf wrote:
> Hi,
>
> I've run into two NULL pointer dereferences when loading the MCP2221 driver.
> Initially I observed them running the kernel used by yocto kirkstone
> (currently 5.15.68) but can reproduce them with a vanilla 6.1-rc1 as well.
> All line numbers below are for hid-mcp2221.c, taken from 6.1-rc1.
>
> The first one was easy to identify, in mcp2221_probe line 874 `hdev->hidraw`
> was NULL since I compiled the kernel without CONFIG_HIDRAW enabled. Should
> CONFIG_HID_MCP2221 perhaps depend on or imply CONFIG_HIDRAW?
>
> For the second one however, I'm stuck. The dereference happens at the top of
> mcp_smbus_xfer since i2c_get_adapdata in line 307 returned NULL. Looking at
> the call trace (see [dmesg output] below), mcp_smbus_xfer gets called
> indirectly from mcp2221_probe via i2c_add_adapter in line 876, directly
> before a call to i2c_set_adapdata. Since I couldn't identify another call to
> i2c_set_adapdata or a write to `mcp->adapter.dev.driver_data` that could
> potentially have initialized that field, I attempted to swap the order of
> calling i2c_set_adapdata and i2c_add_adapter, see [attempted fix] below. 
> While
> the driver now loads without issue, no devices appear on the i2c bus:
[...]
>
> When booting a distribution kernel (Ubunutu 22.04 with kernel 5.15.39) the 
> bus
> is populated as expected:
[...]
>
> In the patches applied by Ubuntu I couldn't find anything that'd explain this
> change in behavior. Regarding their kernel configuration the situation is
> similar: Even incorporating almost all of Ubuntu's additions (minus some
> signing and integrity stuff) into the config I've been using results in the
> NULL pointer dereference in mcp_smbus_xfer. Since this still might be a case 
> of
> me missing some config options, I'll post my config in a response to this 
> mail.
>
>
> There seem to be two recent patch series for this driver:
> https://lore.kernel.org/all/20221001005208.8010-1-matt.ranostay@konsulko.com/
> https://lore.kernel.org/all/20220926202239.16379-1-Enrik.Berkhan@inka.de/
> I tested both, but the behavior stays the same.
[...]

We managed to completely fix our second issue. While my initial patch did
fix the observed NULL pointer dereference, the second patch from Enrik
Berkhan's series could have clued me in to what was missing: The hid device
needs to be started, otherwise the responses from the chip aren't processed.
Patch, based on hid.git for-6.2/mcp2221 3d74c9eca1a2, in reply.

The differences to the kernel shipped by Ubuntu turned out to be a red
herring. What actually triggered the NULL dereference was having a driver
loaded that actively probes new I2C busses for suitable devices, thus
triggering the mcp_*_xfer functions before the adapdata was set. Unloading
and reloading hid_mcp2221 once a suitable driver is loaded will happily
trigger the bug on any kernel.
--8323329-960696319-1670604523=:61397--