Ubuntu
linux package

Bug #1942215
Comment #8

Comment 8 for bug 1942215

Revision history for this message

Andrey Melnikov (temnota-am) wrote on 2021-09-06:

Not sufficient.
There is another BUG() hidden at line 398:

status = acpi_ex_resolve_operands(walk_state->opcode, &(walk_state->operands[walk_state->num_operands - 1]), walk_state);

in `walk_state->operands[]` array referencing.

After adding same guard for walk_state->operands[]
if (walk_state->num_operands - 1 >= ARRAY_SIZE(walk_state->operands)) {
   ACPI_ERROR((AE_INFO, "Too many operands 0x%X for op_type 0x%X", walk_state->num_operands - 1, op_type));
   status = AE_AML_BAD_OPCODE;
   goto cleanup;
}

got in dmesg:

-- cut--

[ 1.121664] acpi ABCD0000:00: ACPI dock station (docks/bays count: 1)
[ 1.125182] ACPI: PM: Power Resource [PX06]
[ 1.125182] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[ 1.125182] No Local Variables are initialized for Method [RREG]
[ 1.125311] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125450] Arg0: 000000002d6b3afd <Obj> Integer 00000000FE028000
[ 1.125588] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125591] Arg2: 000000000bca9f52 <Obj> Integer 0000000000000000
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.125591] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[ 1.125591] No Local Variables are initialized for Method [RREG]
[ 1.125591] Initialized Arguments for Method [RREG]: (3 arguments defined for method invocation)
[ 1.125591] Arg0: 000000006c708c99 <Obj> Integer 00000000FE028000
[ 1.125703] Arg1: 0000000078d25d8c <Obj> Integer 0000000000000001
[ 1.125838] Arg2: 00000000d8c7f611 <Obj> Integer 0000000000000000
[ 1.126062] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126213] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126366] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[ 1.126517] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)

-- cut--

have classical underflow here.

Not sufficient. 
There is another BUG() hidden at line 398:

status = acpi_ex_resolve_operands(walk_state->opcode,  &(walk_state->operands[walk_state->num_operands - 1]), walk_state);

in `walk_state->operands[]` array referencing.

got in dmesg:

-- cut--

[    1.121664] acpi ABCD0000:00: ACPI dock station (docks/bays count: 1)
[    1.125182] ACPI: PM: Power Resource [PX06]
[    1.125182] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[    1.125182] No Local Variables are initialized for Method [RREG]
[    1.125311] Initialized Arguments for Method [RREG]:  (3 arguments defined for method invocation)
[    1.125450]   Arg0:   000000002d6b3afd <Obj>           Integer 00000000FE028000
[    1.125588]   Arg1:   0000000078d25d8c <Obj>           Integer 0000000000000001
[    1.125591]   Arg2:   000000000bca9f52 <Obj>           Integer 0000000000000000
[    1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.125591] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.125591] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.125591] ACPI Error: Too many operands 0xFFFFFFFF for op_type 0x0 (20210604/dswexec-397)
[    1.125591] No Local Variables are initialized for Method [RREG]
[    1.125591] Initialized Arguments for Method [RREG]:  (3 arguments defined for method invocation)
[    1.125591]   Arg0:   000000006c708c99 <Obj>           Integer 00000000FE028000
[    1.125703]   Arg1:   0000000078d25d8c <Obj>           Integer 0000000000000001
[    1.125838]   Arg2:   00000000d8c7f611 <Obj>           Integer 0000000000000000
[    1.126062] ACPI Error: Aborting method \_SB.PCI0.GEXP.RREG due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.126213] ACPI Error: Aborting method \_SB.PCI0.GEXP.CSER due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.126366] ACPI Error: Aborting method \_SB.PCI0.GEXP.GEPS due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)
[    1.126517] ACPI Error: Aborting method \_SB.PCI0.XHC.RHUB.HS06.PX06._STA due to previous error (AE_AML_BAD_OPCODE) (20210604/psparse-529)

-- cut--

have classical underflow here.

Ubuntulinux package

Comment 8 for bug 1942215

Ubuntu
linux package