Re: [PATCH v2 0/2] device property: fix child iteration issues with secondary fwnodes

[Andy Shevchenko]

On Thu, Jun 04, 2026 at 06:38:50AM -0700, Bartosz Golaszewski wrote:
> On Thu, 4 Jun 2026 12:58:41 +0200, Xu Yang <xu.yang_2@xxxxxxxxxxx> said:
> > On Wed, Jun 03, 2026 at 12:43:06PM +0300, Andy Shevchenko wrote:
> >> On Wed, Jun 03, 2026 at 04:44:30PM +0800, Xu Yang wrote:
> >> > This series fixes two issues in the fwnode child iteration logic when
> >> > a secondary fwnode is present.
> >> >
> >> > The first patch addresses a refcount imbalance in
> >> > software_node_get_next_child(). When a software node is used as a
> >> > secondary fwnode, the iteration code may incorrectly decrement the
> >> > refcount of child nodes that do not belong to the software node
> >> > hierarchy. This results in refcount underflow and possible use-after-free.
> >> >
> >> > The second patch fixes an infinite loop in
> >> > fwnode_for_each_child_node(), caused by improper handling of iteration
> >> > state across primary and secondary fwnodes. When iterating over children
> >> > from both primary and secondary fwnodes, the code may incorrectly
> >> > resume iteration from the primary fwnode even when the current child
> >> > belongs to the secondary, leading to repeated traversal and a loop.
> >> >
> >> > Both issues are triggered when mixing different fwnode types through the
> >> > secondary mechanism, and stem from incorrect assumptions about ownership
> >> > and traversal context of child nodes.
> >>
> >> Please, Cc Bart who is heavily working on software nodes these days.
> 
> Should I propose myself as reviewer? We can't demand people to Cc random
> addresses otherwise.

If you are interested, I welcome this decision, although I don't know what
maintainers and other peers (current reviewers) think of it. Send a patch
and prepare for any type of responses :-) Mine will be positive for sure.

-- 
With Best Regards,
Andy Shevchenko