Not sufficient.
There is another BUG() hidden at line 398:
status = acpi_ex_resolve_operands(walk_state->opcode, &(walk_state->operands[walk_state->num_operands - 1]), walk_state);
in `walk_state->operands[]` array referencing.
After adding same guard for walk_state->operands[]
if (walk_state->num_operands - 1 >= ARRAY_SIZE(walk_state->operands)) {
ACPI_ERROR((AE_INFO, "Too many operands 0x%X for op_type 0x%X", walk_state->num_operands - 1, op_type));
status = AE_AML_BAD_OPCODE;
goto cleanup;
}
got in dmesg:
-- cut--
[ 1.121664] acpi ABCD0000:00: ACPI dock station (docks/bays count: 1)
[ 1.125182] ACPI: PM: Power Resource [PX06]
[ 1.125182] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[ 1.125182] No Local Variables are initialized for Method [RREG]
[ 1.125311] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125450] Arg0: 000000002d6b3afd <Obj> Integer 00000000FE028000
[ 1.125588] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125591] Arg2: 000000000bca9f52 <Obj> Integer 0000000000000000
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[ 1.125591] No Local Variables are initialized for Method [RREG]
[ 1.125591] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125591] Arg0: 000000006c708c99 <Obj> Integer 00000000FE028000
[ 1.125703] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125838] Arg2: 00000000d8c7f611 <Obj> Integer 0000000000000000
[ 1.126062] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126213] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126366] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126517] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
Not sufficient.
There is another BUG() hidden at line 398:
status = acpi_ex_ resolve_ operands( walk_state- >opcode, &(walk_ state-> operands[ walk_state- >num_operands - 1]), walk_state);
in `walk_state- >operands[ ]` array referencing.
After adding same guard for walk_state- >operands[ ] >num_operands - 1 >= ARRAY_SIZE( walk_state- >operands) ) { ERROR(( AE_INFO, "Too many operands 0x%X for op_type 0x%X", walk_state- >num_operands - 1, op_type));
if (walk_state-
ACPI_
status = AE_AML_BAD_OPCODE;
goto cleanup;
}
got in dmesg:
-- cut--
[ 1.121664] acpi ABCD0000:00: ACPI dock station (docks/bays count: 1) dswexec- 397) psparse- 529) psparse- 529) psparse- 529) XHC.RHUB. HS06.PX06. _STA due to previous error (AE_AML_BAD_OPCODE) (20210604/ psparse- 529) dswexec- 397) psparse- 529) psparse- 529) psparse- 529) XHC.RHUB. HS06.PX06. _STA due to previous error (AE_AML_BAD_OPCODE) (20210604/ psparse- 529)
[ 1.125182] ACPI: PM: Power Resource [PX06]
[ 1.125182] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/
[ 1.125182] No Local Variables are initialized for Method [RREG]
[ 1.125311] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125450] Arg0: 000000002d6b3afd <Obj> Integer 00000000FE028000
[ 1.125588] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125591] Arg2: 000000000bca9f52 <Obj> Integer 0000000000000000
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.
[ 1.125591] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/
[ 1.125591] No Local Variables are initialized for Method [RREG]
[ 1.125591] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125591] Arg0: 000000006c708c99 <Obj> Integer 00000000FE028000
[ 1.125703] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125838] Arg2: 00000000d8c7f611 <Obj> Integer 0000000000000000
[ 1.126062] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.126213] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.126366] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/
[ 1.126517] ACPI Error: Aborting method \_SB.PCI0.
-- cut--
have classical underflow here.