On Sun, Jan 19, 2020 at 06:12:03PM +0000, Jeremy Sowden wrote:
> When a unary expression is inserted to implement a byte-order
> conversion, the expression being converted has already been evaluated
> and so expr_evaluate_unary doesn't need to do so. For most types of
> expression, the double evaluation doesn't matter since evaluation is
> idempotent. However, in the case of payload expressions which are
> munged during evaluation, it can cause unexpected errors:
>
> # nft add table ip t
> # nft add chain ip t c '{ type filter hook input priority filter; }'
> # nft add rule ip t c ip dscp set 'ip dscp | 0x10'
> Error: Value 252 exceeds valid range 0-63
> add rule ip t c ip dscp set ip dscp | 0x10
> ^^^^^^^
I'm still hitting this after applying this patch.
nft add rule ip t c ip dscp set ip dscp or 0x10
Error: Value 252 exceeds valid range 0-63
add rule ip t c ip dscp set ip dscp or 0x10
^^^^^^
Probably problem is somewhere else? I'm not sure why we can assume
here that the argument of the unary expression should not be
evaluated.
