[BUG 6.4-rc3] BUG: kernel NULL pointer dereference in __dev_fwnode

From: Steven Rostedt
Date: Wed May 24 2023 - 13:14:27 EST

I started adding fixes to my urgent branch rebased on top of v6.4-rc3
and ran my tests. Unfortunately they crashed on unrelated code.

Here's the dump:

BUG: kernel NULL pointer dereference, address: 00000000000003e8
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
CPU: 0 PID: 1 Comm: swapper/0 Tainted: G N 6.3.0-rc1-test-00011-g27a2195efa8d #49
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:__dev_fwnode+0x9/0x2a
Code: ff 85 c0 78 16 48 8b 3c 24 89 c6 59 e9 e0 f7 ff ff b8 ea ff ff ff c3 cc cc cc cc 5a c3 cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 <48> 8b 87 e8 03 00 00 48
83 c0 18 c3 cc cc cc cc 48
RSP: 0000:ffffc90000013d88 EFLAGS: 00010246
RAX: 0000000000000000 RBX: ffff88810b7a8800 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88810b7a8e20 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff88810b7a8800
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000fffffffe0
FS: 0000000000000000(0000) GS:ffff88817ae00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000003e8 CR3: 000000000221a001 CR4: 0000000000170eb0
Call Trace:
? preempt_count_sub+0x13/0x20
? _raw_spin_unlock_irqrestore+0x3d/0x54
? axp20x_usb_power_driver_init+0x17/0x17
? rest_init+0x14e/0x14e
Modules linked in:
CR2: 00000000000003e8
---[ end trace 0000000000000000 ]---

Attached is the config. I ran a bisect and it found it to be this commit:

27a2195efa8d2 ("power: supply: core: auto-exposure of simple-battery data")

I checked out that commit and tested it, and it crashed. I then
reverted that commit, and the crash goes away.

The crash also goes away by reverting that commit on v6.4-rc3.

-- Steve

Attachment: config-bad
Description: Binary data