From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760355AbcJ1X22 (ORCPT ); Fri, 28 Oct 2016 19:28:28 -0400 Received: from Chamillionaire.breakpoint.cc ([146.0.238.67]:38334 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755243AbcJ1X20 (ORCPT ); Fri, 28 Oct 2016 19:28:26 -0400 Date: Sat, 29 Oct 2016 01:26:12 +0200 From: Florian Westphal To: Arnd Bergmann Cc: Pablo Neira Ayuso , Patrick McHardy , Jozsef Kadlecsik , "David S. Miller" , Alexey Kuznetsov , James Morris , Hideaki YOSHIFUJI , Florian Westphal , netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] [v2 netfilter-next] netfilter: nf_tables: fib warnings Message-ID: <20161028232612.GA30488@breakpoint.cc> References: <20161028201810.1076559-1-arnd@arndb.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20161028201810.1076559-1-arnd@arndb.de> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Arnd Bergmann wrote: > The newly added nft fib code produces two warnings: > > net/ipv4/netfilter/nft_fib_ipv4.c: In function 'nft_fib4_eval': > net/ipv4/netfilter/nft_fib_ipv4.c:80:6: error: unused variable 'i' [-Werror=unused-variable] > net/ipv4/netfilter/nft_fib_ipv4.c: In function ‘nft_fib4_eval’: > net/ipv4/netfilter/nft_fib_ipv4.c:137:6: error: ‘oif’ may be used uninitialized in this function [-Werror=maybe-uninitialized] > > The first one is obvious as the only user of that variable is > inside of an #ifdef > > The second one is a bit trickier. It's clear that oif is in fact > uninitialized when it gets used when neither NFTA_FIB_F_IIF nor > NFTA_FIB_F_OIF are set, and just setting it to NULL won't work > as it may later get dereferenced. > > However, there is no need to search the result list if it is > NULL, as Florian pointed out. This integrates his (untested) > change to do so. I have confirmed that the combined patch > solves both warnings, but as I don't fully understand Florian's > change, I can't tell if it's correct. > > Suggested-by: Florian Westphal > Fixes: 84f5eedb983e ("netfilter: nf_tables: add fib expression") > Signed-off-by: Arnd Bergmann chain pre { type filter hook prerouting priority 0; policy accept; fib saddr oif "eth0" } eth0: default route, 192.168.7.10/16 eth1: 10.0.0.2/8 ping from 192.168.7.1 from peer on eth0: result eth0, ok ping from 10.0.0.2 from peer on eth0: no result, ok ping from 10.0.0.3 from peer on eth0: result eth1, ok chain pre { type filter hook prerouting priority 0; policy accept; fib saddr . iif oif "eth0" } ping from 192.168.7.1 from peer on eth0: result eth0, ok ping from 10.0.0.2 from peer on eth0: no result, ok ping from 10.0.0.3 from peer on eth0: no result, ok so: Tested-by: Florian Westphal