Hello Pablo Neira Ayuso,
The patch 12e4ecfa244b: "netfilter: nf_tables: add register tracking
infrastructure" from Jan 9, 2022, leads to the following Smatch
static checker warning:
net/netfilter/nf_tables_api.c:8303 nf_tables_commit_chain_prepare()
error: uninitialized symbol 'last'.
net/netfilter/nf_tables_api.c
8259 static int nf_tables_commit_chain_prepare(struct net *net, struct nft_chain *chain)
8260 {
8261 const struct nft_expr *expr, *last;
^^^^
8262 struct nft_regs_track track = {};
8263 unsigned int size, data_size;
8264 void *data, *data_boundary;
8265 struct nft_rule_dp *prule;
8266 struct nft_rule *rule;
8267 int i;
8268
8269 /* already handled or inactive chain? */
8270 if (chain->blob_next || !nft_is_active_next(net, chain))
8271 return 0;
8272
8273 rule = list_entry(&chain->rules, struct nft_rule, list);
8274 i = 0;
8275
8276 list_for_each_entry_continue(rule, &chain->rules, list) {
8277 if (nft_is_active_next(net, rule)) {
8278 data_size += sizeof(*prule) + rule->dlen;
8279 if (data_size > INT_MAX)
8280 return -ENOMEM;
8281 }
8282 }
8283 data_size += offsetof(struct nft_rule_dp, data); /* last rule */
8284
8285 chain->blob_next = nf_tables_chain_alloc_rules(data_size);
8286 if (!chain->blob_next)
8287 return -ENOMEM;
8288
8289 data = (void *)chain->blob_next->data;
8290 data_boundary = data + data_size;
8291 size = 0;
8292
8293 list_for_each_entry_continue(rule, &chain->rules, list) {
8294 if (!nft_is_active_next(net, rule))
8295 continue;
8296
8297 prule = (struct nft_rule_dp *)data;
8298 data += offsetof(struct nft_rule_dp, data);
8299 if (WARN_ON_ONCE(data > data_boundary))
8300 return -ENOMEM;
8301
8302 size = 0;
--> 8303 track.last = last;
^^^^
"last" is initialized on the next line
8304 nft_rule_for_each_expr(expr, last, rule) {
^^^^
here
8305 track.cur = expr;
8306
8307 if (expr->ops->reduce &&
8308 expr->ops->reduce(&track, expr)) {
8309 expr = track.cur;
8310 continue;
8311 }
8312
8313 if (WARN_ON_ONCE(data + expr->ops->size > data_boundary))
8314 return -ENOMEM;
8315
8316 memcpy(data + size, expr, expr->ops->size);
8317 size += expr->ops->size;
8318 }
8319 if (WARN_ON_ONCE(size >= 1 << 12))
8320 return -ENOMEM;
8321
8322 prule->handle = rule->handle;
8323 prule->dlen = size;
8324 prule->is_last = 0;
8325
8326 data += size;
8327 size = 0;
8328 chain->blob_next->size += (unsigned long)(data - (void *)prule);
8329 }
8330
8331 prule = (struct nft_rule_dp *)data;
8332 data += offsetof(struct nft_rule_dp, data);
8333 if (WARN_ON_ONCE(data > data_boundary))
8334 return -ENOMEM;
8335
8336 nft_last_rule(chain->blob_next, prule);
8337
8338 return 0;
8339 }
regards,
dan carpenter
