bpf: Initialize used but uninit variable in propagate_liveness()

With input changed == NULL, a local variable is used for "changed".
Initialize tmp properly, so that it can be used in the following:
   *changed |= err > 0;

Otherwise, UBSAN will complain:

UBSAN: invalid-load in kernel/bpf/verifier.c:18924:4
load of value <some random value> is not a valid value for type '_Bool'

Fixes: dfb2d4c64b82 ("bpf: set 'changed' status if propagate_liveness() did any updates")
Signed-off-by: Song Liu <song@kernel.org>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/20250612221100.2153401-1-song@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 14dd836acb132cd42f845df02331f3eb331686bb..c378074516cfde39a2bb6f61aff834b230888d11 100644 (file)
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -18900,7 +18900,7 @@ static int propagate_liveness(struct bpf_verifier_env *env,
        struct bpf_reg_state *state_reg, *parent_reg;
        struct bpf_func_state *state, *parent;
        int i, frame, err = 0;
-       bool tmp;
+       bool tmp = false;
 
        changed = changed ?: &tmp;
        if (vparent->curframe != vstate->curframe) {