fc_remote_port_create() calls device_initialize() for the embedded rport
device before calling device_add(). Once initialized, the object must be
released through the device core.

The device_add() failure path currently calls put_device(dev->parent) and
kfree(rport) directly. This bypasses put_device(dev), the registered
.release callback, and the kobject/device cleanup associated with the
initial reference taken by device_initialize().

Use put_device(dev) instead. fc_rport_dev_release() will release the parent
reference and free the rport container.

This issue was found by a static analysis tool I am developing.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Guangshuo Li <lgs201920130244@gmail.com>
---
 drivers/scsi/scsi_transport_fc.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/scsi/scsi_transport_fc.c b/drivers/scsi/scsi_transport_fc.c
index dce95e361daf..4a757cbc7139 100644
--- a/drivers/scsi/scsi_transport_fc.c
+++ b/drivers/scsi/scsi_transport_fc.c
@@ -3180,8 +3180,7 @@ fc_remote_port_create(struct Scsi_Host *shost, int channel,
 	list_del(&rport->peers);
 	scsi_host_put(shost);			/* for fc_host->rport list */
 	spin_unlock_irqrestore(shost->host_lock, flags);
-	put_device(dev->parent);
-	kfree(rport);
+	put_device(dev);
 	return NULL;
 }
 
-- 
2.43.0