Hello,
FYI this happens in mainline kernel 4.15.0-rc3.
It looks like a new regression.
It occurs in 23 out of 36 boots.
[ 38.592360] LUN: removable file: (no medium)
[ 38.593442] no file given for LUN0
[ 38.594589] g_mass_storage usbip-vudc.0: failed to start g_mass_storage: -22
[ 38.600881] udc usbip-vudc.0: releasing 'usbip-vudc.0'
[ 38.604397] ==================================================================
[ 38.605034] BUG: KASAN: double-free or invalid-free in (null)
[ 38.605034]
[ 38.605034] CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.0-rc3 #468
[ 38.605034] Call Trace:
[ 38.605034] dump_stack+0x2f/0x3e:
__dump_stack at lib/dump_stack.c:17
(inlined by) dump_stack at lib/dump_stack.c:63
[ 38.605034] print_address_description+0xc2/0x3b7:
print_address_description at mm/kasan/report.c:253
[ 38.605034] kasan_report_double_free+0x50/0x8c:
kasan_report_double_free at mm/kasan/report.c:334
[ 38.605034] kasan_slab_free+0x60/0x1ef:
kasan_slab_free at mm/kasan/kasan.c:514
[ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
ftrace_likely_update at kernel/trace/trace_branch.c:223
[ 38.605034] ? kobj_kset_leave+0x193/0x1dc:
kobj_kset_leave at lib/kobject.c:184
[ 38.605034] ? lock_acquired+0x8d2/0x8d2:
lock_release at kernel/locking/lockdep.c:4013
[ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
ftrace_likely_update at kernel/trace/trace_branch.c:223
[ 38.605034] ? trace_preempt_on+0x489/0x4d7:
trace_preempt_enable_rcuidle at include/trace/events/preemptirq.h:50
(inlined by) trace_preempt_on at kernel/trace/trace_irqsoff.c:855
[ 38.605034] ? static_obj+0x40/0x40:
match_held_lock at kernel/locking/lockdep.c:3567
[ 38.605034] ? kobject_put+0xf5/0x642:
refcount_dec_and_test at arch/x86/include/asm/refcount.h:75
(inlined by) kref_put at include/linux/kref.h:69
(inlined by) kobject_put at lib/kobject.c:694
[ 38.605034] ? trace_hardirqs_off+0x17/0x1f:
trace_hardirqs_off at kernel/locking/lockdep.c:2984
[ 38.605034] ? kfree+0x419/0x5e7:
slab_free_hook at mm/slub.c:1380
(inlined by) slab_free_freelist_hook at mm/slub.c:1412
(inlined by) slab_free at mm/slub.c:2968
(inlined by) kfree at mm/slub.c:3899
[ 38.605034] kfree+0x43c/0x5e7:
slab_free at mm/slub.c:2973
(inlined by) kfree at mm/slub.c:3899
[ 38.605034] usb_add_gadget_udc_release+0x693/0x6ca:
usb_add_gadget_udc_release at drivers/usb/gadget/udc/core.c:1199
[ 38.605034] usb_add_gadget_udc+0x29/0x35:
usb_add_gadget_udc at drivers/usb/gadget/udc/core.c:1247
[ 38.605034] vudc_probe+0x7e8/0x8fb:
vudc_probe at drivers/usb/usbip/vudc_dev.c:616
[ 38.605034] ? put_vudc_device+0x4f/0x4f:
vudc_probe at drivers/usb/usbip/vudc_dev.c:598
[ 38.605034] platform_drv_probe+0xa8/0x15e:
platform_drv_probe at drivers/base/platform.c:578
[ 38.605034] ? platform_drv_remove+0xac/0xac:
platform_drv_probe at drivers/base/platform.c:566
[ 38.605034] really_probe+0x5b7/0xc52:
really_probe at drivers/base/dd.c:428
[ 38.605034] ? driver_allows_async_probing+0x72/0x72:
__device_attach_driver at drivers/base/dd.c:627
[ 38.605034] driver_probe_device+0x20b/0x295:
pm_request_idle at include/linux/pm_runtime.h:205
(inlined by) driver_probe_device at drivers/base/dd.c:567
[ 38.605034] __device_attach_driver+0x2e8/0x301:
__device_attach_driver at drivers/base/dd.c:662
[ 38.605034] bus_for_each_drv+0x125/0x1f0:
bus_for_each_drv at drivers/base/bus.c:463
[ 38.605034] ? subsys_find_device_by_id+0x306/0x306:
bus_for_each_drv at drivers/base/bus.c:452
[ 38.605034] ? _raw_spin_unlock_irqrestore+0xd9/0xfa:
__raw_spin_unlock_irqrestore at include/linux/spinlock_api_smp.h:161
(inlined by) _raw_spin_unlock_irqrestore at kernel/locking/spinlock.c:191
[ 38.605034] __device_attach+0x1cc/0x339:
__device_attach at drivers/base/dd.c:719
[ 38.605034] ? device_bind_driver+0xdb/0xdb:
__device_attach at drivers/base/dd.c:693
[ 38.605034] device_initial_probe+0x1f/0x28:
device_initial_probe at drivers/base/dd.c:766
[ 38.605034] bus_probe_device+0xd0/0x260:
bus_probe_device at drivers/base/bus.c:523
[ 38.605034] device_add+0xd68/0x1264:
device_add at drivers/base/core.c:1835
[ 38.605034] ? put_device+0x37/0x37:
device_add at drivers/base/core.c:1738
[ 38.605034] ? lockdep_init_map+0x5e/0x6b:
lockdep_init_map at kernel/locking/lockdep.c:3296
[ 38.605034] ? __raw_spin_lock_init+0x37/0xf5:
__raw_spin_lock_init at kernel/locking/spinlock_debug.c:26
[ 38.605034] platform_device_add+0x5a9/0x72e:
platform_device_add at drivers/base/platform.c:418
[ 38.605034] ? arch_setup_pdev_archdata+0x5/0xd
[ 38.605034] init+0xfa/0x412:
init at drivers/usb/usbip/vudc_main.c:56
[ 38.605034] ? usbip_host_init+0x1b2/0x1b2:
init at drivers/usb/usbip/vudc_main.c:31
[ 38.605034] do_one_initcall+0x143/0x2d3:
do_one_initcall at init/main.c:826
[ 38.605034] ? start_kernel+0xa20/0xa20:
do_one_initcall at init/main.c:815
[ 38.605034] kernel_init_freeable+0x31f/0x469:
do_initcall_level at init/main.c:892
(inlined by) do_initcalls at init/main.c:900
(inlined by) do_basic_setup at init/main.c:918
(inlined by) kernel_init_freeable at init/main.c:1066
[ 38.605034] ? rest_init+0x3d0/0x3d0:
kernel_init at init/main.c:990
[ 38.605034] kernel_init+0x13/0x1fe:
kernel_init at init/main.c:993
[ 38.605034] ? rest_init+0x3d0/0x3d0:
kernel_init at init/main.c:990
[ 38.605034] ret_from_fork+0x24/0x30:
ret_from_fork at arch/x86/entry/entry_64.S:447
[ 38.605034]
[ 38.605034] Allocated by task 1:
[ 38.605034] kasan_kmalloc+0xec/0x1bb:
filter_irq_stacks at mm/kasan/kasan.c:427
(inlined by) save_stack at mm/kasan/kasan.c:448
(inlined by) set_track at mm/kasan/kasan.c:459
(inlined by) kasan_kmalloc at mm/kasan/kasan.c:551
[ 38.605034] kmem_cache_alloc_trace+0x474/0x48d:
kmem_cache_alloc_trace at mm/slub.c:2752
[ 38.605034] usb_add_gadget_udc_release+0x1de/0x6ca:
kmalloc at include/linux/slab.h:499
(inlined by) kzalloc at include/linux/slab.h:688
(inlined by) usb_add_gadget_udc_release at drivers/usb/gadget/udc/core.c:1148
[ 38.605034] usb_add_gadget_udc+0x29/0x35:
usb_add_gadget_udc at drivers/usb/gadget/udc/core.c:1247
[ 38.605034] vudc_probe+0x7e8/0x8fb:
vudc_probe at drivers/usb/usbip/vudc_dev.c:616
[ 38.605034] platform_drv_probe+0xa8/0x15e:
platform_drv_probe at drivers/base/platform.c:578
[ 38.605034] really_probe+0x5b7/0xc52:
really_probe at drivers/base/dd.c:428
[ 38.605034] driver_probe_device+0x20b/0x295:
pm_request_idle at include/linux/pm_runtime.h:205
(inlined by) driver_probe_device at drivers/base/dd.c:567
[ 38.605034] __device_attach_driver+0x2e8/0x301:
__device_attach_driver at drivers/base/dd.c:662
[ 38.605034] bus_for_each_drv+0x125/0x1f0:
bus_for_each_drv at drivers/base/bus.c:463
[ 38.605034] __device_attach+0x1cc/0x339:
__device_attach at drivers/base/dd.c:719
[ 38.605034] device_initial_probe+0x1f/0x28:
device_initial_probe at drivers/base/dd.c:766
[ 38.605034] bus_probe_device+0xd0/0x260:
bus_probe_device at drivers/base/bus.c:523
[ 38.605034] device_add+0xd68/0x1264:
device_add at drivers/base/core.c:1835
[ 38.605034] platform_device_add+0x5a9/0x72e:
platform_device_add at drivers/base/platform.c:418
[ 38.605034] init+0xfa/0x412:
init at drivers/usb/usbip/vudc_main.c:56
[ 38.605034] do_one_initcall+0x143/0x2d3:
do_one_initcall at init/main.c:826
[ 38.605034] kernel_init_freeable+0x31f/0x469:
do_initcall_level at init/main.c:892
(inlined by) do_initcalls at init/main.c:900
(inlined by) do_basic_setup at init/main.c:918
(inlined by) kernel_init_freeable at init/main.c:1066
[ 38.605034] kernel_init+0x13/0x1fe:
kernel_init at init/main.c:993
[ 38.605034] ret_from_fork+0x24/0x30:
ret_from_fork at arch/x86/entry/entry_64.S:447
[ 38.605034]
[ 38.605034] Freed by task 1:
[ 38.605034] kasan_slab_free+0xf0/0x1ef:
filter_irq_stacks at mm/kasan/kasan.c:427
(inlined by) save_stack at mm/kasan/kasan.c:448
(inlined by) set_track at mm/kasan/kasan.c:459
(inlined by) kasan_slab_free at mm/kasan/kasan.c:524
[ 38.605034] kfree+0x43c/0x5e7:
slab_free at mm/slub.c:2973
(inlined by) kfree at mm/slub.c:3899
[ 38.605034] usb_udc_release+0xe3/0xef:
usb_udc_release at drivers/usb/gadget/udc/core.c:1093
[ 38.605034] device_release+0x86/0x27e:
device_release at drivers/base/core.c:810
[ 38.605034] kobject_put+0x58d/0x642:
kobject_cleanup at lib/kobject.c:648
(inlined by) kobject_release at lib/kobject.c:677
(inlined by) kref_put at include/linux/kref.h:70
(inlined by) kobject_put at lib/kobject.c:694
[ 38.605034] put_device+0x2a/0x37:
put_device at drivers/base/core.c:1931
[ 38.605034] usb_add_gadget_udc_release+0x670/0x6ca:
usb_add_gadget_udc_release at drivers/usb/gadget/udc/core.c:1196
[ 38.605034] usb_add_gadget_udc+0x29/0x35:
usb_add_gadget_udc at drivers/usb/gadget/udc/core.c:1247
[ 38.605034] vudc_probe+0x7e8/0x8fb:
vudc_probe at drivers/usb/usbip/vudc_dev.c:616
[ 38.605034] platform_drv_probe+0xa8/0x15e:
platform_drv_probe at drivers/base/platform.c:578
[ 38.605034] really_probe+0x5b7/0xc52:
really_probe at drivers/base/dd.c:428
[ 38.605034] driver_probe_device+0x20b/0x295:
pm_request_idle at include/linux/pm_runtime.h:205
(inlined by) driver_probe_device at drivers/base/dd.c:567
[ 38.605034] __device_attach_driver+0x2e8/0x301:
__device_attach_driver at drivers/base/dd.c:662
[ 38.605034] bus_for_each_drv+0x125/0x1f0:
bus_for_each_drv at drivers/base/bus.c:463
[ 38.605034] __device_attach+0x1cc/0x339:
__device_attach at drivers/base/dd.c:719
[ 38.605034] device_initial_probe+0x1f/0x28:
device_initial_probe at drivers/base/dd.c:766
[ 38.605034] bus_probe_device+0xd0/0x260:
bus_probe_device at drivers/base/bus.c:523
[ 38.605034] device_add+0xd68/0x1264:
device_add at drivers/base/core.c:1835
[ 38.605034] platform_device_add+0x5a9/0x72e:
platform_device_add at drivers/base/platform.c:418
[ 38.605034] init+0xfa/0x412:
init at drivers/usb/usbip/vudc_main.c:56
[ 38.605034] do_one_initcall+0x143/0x2d3:
do_one_initcall at init/main.c:826
[ 38.605034] kernel_init_freeable+0x31f/0x469:
do_initcall_level at init/main.c:892
(inlined by) do_initcalls at init/main.c:900
(inlined by) do_basic_setup at init/main.c:918
(inlined by) kernel_init_freeable at init/main.c:1066
[ 38.605034] kernel_init+0x13/0x1fe:
kernel_init at init/main.c:993
[ 38.605034] ret_from_fork+0x24/0x30:
ret_from_fork at arch/x86/entry/entry_64.S:447
[ 38.605034]
[ 38.605034] The buggy address belongs to the object at ffff880014627700
[ 38.605034] which belongs to the cache kmalloc-2048 of size 2048
[ 38.605034] The buggy address is located 0 bytes inside of
[ 38.605034] 2048-byte region [ffff880014627700, ffff880014627f00)
Attached the full dmesg, kconfig and reproduce scripts.
Thanks,
Fengguang
On Sun, 17 Dec 2017, Fengguang Wu wrote:
> Hello,
>
> FYI this happens in mainline kernel 4.15.0-rc3.
> It looks like a new regression.
>
> It occurs in 23 out of 36 boots.
>
> [ 38.592360] LUN: removable file: (no medium)
> [ 38.593442] no file given for LUN0
> [ 38.594589] g_mass_storage usbip-vudc.0: failed to start g_mass_storage: -22
> [ 38.600881] udc usbip-vudc.0: releasing 'usbip-vudc.0'
> [ 38.604397] ==================================================================
> [ 38.605034] BUG: KASAN: double-free or invalid-free in (null)
> [ 38.605034]
> [ 38.605034] CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.0-rc3 #468
> [ 38.605034] Call Trace:
> [ 38.605034] dump_stack+0x2f/0x3e:
> __dump_stack at lib/dump_stack.c:17
> (inlined by) dump_stack at lib/dump_stack.c:63
> [ 38.605034] print_address_description+0xc2/0x3b7:
> print_address_description at mm/kasan/report.c:253
> [ 38.605034] kasan_report_double_free+0x50/0x8c:
> kasan_report_double_free at mm/kasan/report.c:334
> [ 38.605034] kasan_slab_free+0x60/0x1ef:
> kasan_slab_free at mm/kasan/kasan.c:514
> [ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
> ftrace_likely_update at kernel/trace/trace_branch.c:223
> [ 38.605034] ? kobj_kset_leave+0x193/0x1dc:
> kobj_kset_leave at lib/kobject.c:184
> [ 38.605034] ? lock_acquired+0x8d2/0x8d2:
> lock_release at kernel/locking/lockdep.c:4013
> [ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
> ftrace_likely_update at kernel/trace/trace_branch.c:223
> [ 38.605034] ? trace_preempt_on+0x489/0x4d7:
> trace_preempt_enable_rcuidle at include/trace/events/preemptirq.h:50
> (inlined by) trace_preempt_on at kernel/trace/trace_irqsoff.c:855
> [ 38.605034] ? static_obj+0x40/0x40:
> match_held_lock at kernel/locking/lockdep.c:3567
> [ 38.605034] ? kobject_put+0xf5/0x642:
> refcount_dec_and_test at arch/x86/include/asm/refcount.h:75
> (inlined by) kref_put at include/linux/kref.h:69
> (inlined by) kobject_put at lib/kobject.c:694
> [ 38.605034] ? trace_hardirqs_off+0x17/0x1f:
> trace_hardirqs_off at kernel/locking/lockdep.c:2984
> [ 38.605034] ? kfree+0x419/0x5e7:
> slab_free_hook at mm/slub.c:1380
> (inlined by) slab_free_freelist_hook at mm/slub.c:1412
> (inlined by) slab_free at mm/slub.c:2968
> (inlined by) kfree at mm/slub.c:3899
> [ 38.605034] kfree+0x43c/0x5e7:
> slab_free at mm/slub.c:2973
> (inlined by) kfree at mm/slub.c:3899
> [ 38.605034] usb_add_gadget_udc_release+0x693/0x6ca:
> usb_add_gadget_udc_release at drivers/usb/gadget/udc/core.c:1199
Boy, the error handling in that routine is a mess. The patch below
should straighten it out.
Alan Stern
Index: usb-4.x/drivers/usb/gadget/udc/core.c
===================================================================
--- usb-4.x.orig/drivers/usb/gadget/udc/core.c
+++ usb-4.x/drivers/usb/gadget/udc/core.c
@@ -1147,11 +1147,7 @@ int usb_add_gadget_udc_release(struct de
udc = kzalloc(sizeof(*udc), GFP_KERNEL);
if (!udc)
- goto err1;
-
- ret = device_add(&gadget->dev);
- if (ret)
- goto err2;
+ goto err_put_gadget;
device_initialize(&udc->dev);
udc->dev.release = usb_udc_release;
@@ -1160,7 +1156,11 @@ int usb_add_gadget_udc_release(struct de
udc->dev.parent = parent;
ret = dev_set_name(&udc->dev, "%s", kobject_name(&parent->kobj));
if (ret)
- goto err3;
+ goto err_put_udc;
+
+ ret = device_add(&gadget->dev);
+ if (ret)
+ goto err_put_udc;
udc->gadget = gadget;
gadget->udc = udc;
@@ -1170,7 +1170,7 @@ int usb_add_gadget_udc_release(struct de
ret = device_add(&udc->dev);
if (ret)
- goto err4;
+ goto err_unlist_udc;
usb_gadget_set_state(gadget, USB_STATE_NOTATTACHED);
udc->vbus = true;
@@ -1178,27 +1178,25 @@ int usb_add_gadget_udc_release(struct de
/* pick up one of pending gadget drivers */
ret = check_pending_gadget_drivers(udc);
if (ret)
- goto err5;
+ goto err_del_udc;
mutex_unlock(&udc_lock);
return 0;
-err5:
+ err_del_udc:
device_del(&udc->dev);
-err4:
+ err_unlist_udc:
list_del(&udc->list);
mutex_unlock(&udc_lock);
-err3:
- put_device(&udc->dev);
device_del(&gadget->dev);
-err2:
- kfree(udc);
+ err_put_udc:
+ put_device(&udc->dev);
-err1:
+ err_put_gadget:
put_device(&gadget->dev);
return ret;
}
Hi,
Alan Stern <[email protected]> writes:
> On Sun, 17 Dec 2017, Fengguang Wu wrote:
>
>> Hello,
>>
>> FYI this happens in mainline kernel 4.15.0-rc3.
>> It looks like a new regression.
>>
>> It occurs in 23 out of 36 boots.
>>
>> [ 38.592360] LUN: removable file: (no medium)
>> [ 38.593442] no file given for LUN0
>> [ 38.594589] g_mass_storage usbip-vudc.0: failed to start g_mass_storage: -22
>> [ 38.600881] udc usbip-vudc.0: releasing 'usbip-vudc.0'
>> [ 38.604397] ==================================================================
>> [ 38.605034] BUG: KASAN: double-free or invalid-free in (null)
>> [ 38.605034]
>> [ 38.605034] CPU: 0 PID: 1 Comm: swapper Not tainted 4.15.0-rc3 #468
>> [ 38.605034] Call Trace:
>> [ 38.605034] dump_stack+0x2f/0x3e:
>> __dump_stack at lib/dump_stack.c:17
>> (inlined by) dump_stack at lib/dump_stack.c:63
>> [ 38.605034] print_address_description+0xc2/0x3b7:
>> print_address_description at mm/kasan/report.c:253
>> [ 38.605034] kasan_report_double_free+0x50/0x8c:
>> kasan_report_double_free at mm/kasan/report.c:334
>> [ 38.605034] kasan_slab_free+0x60/0x1ef:
>> kasan_slab_free at mm/kasan/kasan.c:514
>> [ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
>> ftrace_likely_update at kernel/trace/trace_branch.c:223
>> [ 38.605034] ? kobj_kset_leave+0x193/0x1dc:
>> kobj_kset_leave at lib/kobject.c:184
>> [ 38.605034] ? lock_acquired+0x8d2/0x8d2:
>> lock_release at kernel/locking/lockdep.c:4013
>> [ 38.605034] ? ftrace_likely_update+0x5c/0xc4:
>> ftrace_likely_update at kernel/trace/trace_branch.c:223
>> [ 38.605034] ? trace_preempt_on+0x489/0x4d7:
>> trace_preempt_enable_rcuidle at include/trace/events/preemptirq.h:50
>> (inlined by) trace_preempt_on at kernel/trace/trace_irqsoff.c:855
>> [ 38.605034] ? static_obj+0x40/0x40:
>> match_held_lock at kernel/locking/lockdep.c:3567
>> [ 38.605034] ? kobject_put+0xf5/0x642:
>> refcount_dec_and_test at arch/x86/include/asm/refcount.h:75
>> (inlined by) kref_put at include/linux/kref.h:69
>> (inlined by) kobject_put at lib/kobject.c:694
>> [ 38.605034] ? trace_hardirqs_off+0x17/0x1f:
>> trace_hardirqs_off at kernel/locking/lockdep.c:2984
>> [ 38.605034] ? kfree+0x419/0x5e7:
>> slab_free_hook at mm/slub.c:1380
>> (inlined by) slab_free_freelist_hook at mm/slub.c:1412
>> (inlined by) slab_free at mm/slub.c:2968
>> (inlined by) kfree at mm/slub.c:3899
>> [ 38.605034] kfree+0x43c/0x5e7:
>> slab_free at mm/slub.c:2973
>> (inlined by) kfree at mm/slub.c:3899
>> [ 38.605034] usb_add_gadget_udc_release+0x693/0x6ca:
>> usb_add_gadget_udc_release at drivers/usb/gadget/udc/core.c:1199
>
> Boy, the error handling in that routine is a mess. The patch below
> should straighten it out.
looks good:
Acked-by: Felipe Balbi <[email protected]>
> Alan Stern
>
>
>
> Index: usb-4.x/drivers/usb/gadget/udc/core.c
> ===================================================================
> --- usb-4.x.orig/drivers/usb/gadget/udc/core.c
> +++ usb-4.x/drivers/usb/gadget/udc/core.c
> @@ -1147,11 +1147,7 @@ int usb_add_gadget_udc_release(struct de
>
> udc = kzalloc(sizeof(*udc), GFP_KERNEL);
> if (!udc)
> - goto err1;
> -
> - ret = device_add(&gadget->dev);
> - if (ret)
> - goto err2;
> + goto err_put_gadget;
>
> device_initialize(&udc->dev);
> udc->dev.release = usb_udc_release;
> @@ -1160,7 +1156,11 @@ int usb_add_gadget_udc_release(struct de
> udc->dev.parent = parent;
> ret = dev_set_name(&udc->dev, "%s", kobject_name(&parent->kobj));
> if (ret)
> - goto err3;
> + goto err_put_udc;
> +
> + ret = device_add(&gadget->dev);
> + if (ret)
> + goto err_put_udc;
>
> udc->gadget = gadget;
> gadget->udc = udc;
> @@ -1170,7 +1170,7 @@ int usb_add_gadget_udc_release(struct de
>
> ret = device_add(&udc->dev);
> if (ret)
> - goto err4;
> + goto err_unlist_udc;
>
> usb_gadget_set_state(gadget, USB_STATE_NOTATTACHED);
> udc->vbus = true;
> @@ -1178,27 +1178,25 @@ int usb_add_gadget_udc_release(struct de
> /* pick up one of pending gadget drivers */
> ret = check_pending_gadget_drivers(udc);
> if (ret)
> - goto err5;
> + goto err_del_udc;
>
> mutex_unlock(&udc_lock);
>
> return 0;
>
> -err5:
> + err_del_udc:
> device_del(&udc->dev);
>
> -err4:
> + err_unlist_udc:
> list_del(&udc->list);
> mutex_unlock(&udc_lock);
>
> -err3:
> - put_device(&udc->dev);
> device_del(&gadget->dev);
>
> -err2:
> - kfree(udc);
> + err_put_udc:
> + put_device(&udc->dev);
>
> -err1:
> + err_put_gadget:
> put_device(&gadget->dev);
> return ret;
> }
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-usb" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
balbi