On Mon, Mar 22, 2021 at 09:13:25AM -0700, Lv Yunlong wrote:

The device is got by isert_device_get() with refcount is 1,
and is assigned to isert_conn by isert_conn->device = device.
When isert_create_qp() failed, device will be freed with
isert_device_put().

Later, the device is used in isert_free_login_buf(isert_conn)
by the isert_conn->device->ib_device statement. This patch
free the device in the correct order.

Signed-off-by: Lv Yunlong <redacted>
Acked-by: Sagi Grimberg <sagi@grimberg.me>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Reviewed-by: Max Gurtovoy <mgurtovoy@nvidia.com>
 drivers/infiniband/ulp/isert/ib_isert.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

Applied to for-next, I added

    Fixes: ae9ea9ed38c9 ("iser-target: Split some logic in isert_connect_request to routines")

Please ensure you add fixes lines when you send bug fixes.

Thanks,
Jason