netfilter: nf_tables: unbind non-anonymous set if rule construction fails

Otherwise a dangling reference to a rule object that is gone remains
in the set binding list.

Fixes: 26b5a57 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Author: ummakynes

net/netfilter/nf_tables_api.c

@@ -5343,6 +5343,8 @@ void nf_tables_deactivate_set(const struct nft_ctx *ctx, struct nft_set *set,
 		nft_set_trans_unbind(ctx, set);
 		if (nft_set_is_anonymous(set))
 			nft_deactivate_next(ctx->net, set);
+		else
+			list_del_rcu(&binding->list);
 
 		set->use--;
 		break;