From ed90d56579c84e1e8e065f9639ac2775925708f9 Mon Sep 17 00:00:00 2001
From: Hou Pu <houpu@bytedance.com>
Date: Fri, 6 Nov 2020 17:52:53 +0800
Subject: [PATCH] iser: fix segmentation fault when async message pdu is
 received

The target sometimes sends a logout request to libiscsi
in case it is going down or for some other reason.
The opcode of such a request is ISCSI_PDU_ASYNC_MSG.

On receiving these kinds of PDU, there is no related pdu on the
list of iscsi->waitpdu. Just skip finding them from iscsi->waitpdu.
Or segment fault might happen.

Also rename nop_target label to no_waitpdu to be more clear.

Signed-off-by: Hou Pu <houpu@bytedance.com>
---
 lib/iser.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/iser.c b/lib/iser.c
index a927338..6bf0ce8 100644
--- a/lib/iser.c
+++ b/lib/iser.c
@@ -1322,7 +1322,10 @@ iser_rcv_completion(struct iser_rx_desc *rx_desc,
 	uint32_t itt = scsi_get_uint32(&in.hdr[16]);
 
 	if (opcode == ISCSI_PDU_NOP_IN && itt == 0xffffffff)
-		goto nop_target;
+		goto no_waitpdu;
+
+	if (opcode == ISCSI_PDU_ASYNC_MSG)
+		goto no_waitpdu;
 
 	struct iscsi_pdu *iscsi_pdu;
 	struct iser_pdu *iser_pdu;
@@ -1355,7 +1358,7 @@ iser_rcv_completion(struct iser_rx_desc *rx_desc,
 		}
 	}
 
-nop_target:
+no_waitpdu:
 	/* decrementing conn->post_recv_buf_count only --after-- freeing the   *
 	 * task eliminates the need to worry on tasks which are completed in   *
 	 * parallel to the execution of iser_conn_term. So the code that waits *