https://github.com/alterapraxisptyltd/openatom/issues/1
Quote: [linux] Infinite loop in pci_get_rom_size() This is one of those issues that you find when putting supposedly stable code through unusual situations. I did expect any function in linux that is not part of radeon.ko to not be rock solid. Turns out that's not really the case. If we have a PCIR structure with a zero size length, the loop iterating through those structure does not advance. It simply does "image += readw(pds + 16) * 512;", but if that field is zero we're back analyzing the same structure on the next loop. The way to get out of this loop is to set bit 7 of the type field. That's what 'last_image' does. If that bit is not set, with the above, that's an infinite loop. Luckily, it doesn't crash the kernel, but it hangs any driver that calls the function under said circumstances. No more modprobe -r or unbinding. Reboot is needed. No idea why a firmware blob here is treated as trusted input. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1386973 Title: Ubuntu 14.10 soft lockup with ATI Radeon R7 250 X To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1386973/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
