On Mon, Nov 04, 2024 at 09:12:09AM -0800, Jeff Johnson wrote:
Reviewed-by: Jeff Johnson quic_jjohnson@quicinc.com
And it is exactly this kind of issue why I'm not accepting any __counted_by() changes in ath.git without actually testing the code that is modified.
However, I was really lucky that my setup used nl80211_parse_sched_scan during normal operations and triggered bound sanitizer. After the patch was developed, I accidently wiped my device and couldn't reproduce the bug again normally, so I had to use iw tool to trigger nl80211_parse_sched_scan manually to test it properly.
I looked for some tests that cover this function and that I can run on the device, but couldn't find any. It would be nice if you know about such tests, so I can check if there are any other places where bound sanitizer may be triggered. I only know syzkaller tool that may be used to get more kernel coverage in general.
Best regards, -- Aleksei Vetrov