From owner-acpi-jp@jp.freebsd.org  Wed Mar  7 23:48:16 2001
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id XAA39826;
	Wed, 7 Mar 2001 23:48:16 +0900 (JST)
	(envelope-from owner-acpi-jp@jp.FreeBSD.org)
Received: from tasogare.imasy.or.jp (daemon@tasogare.imasy.or.jp [202.227.24.5])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id XAA39820
	for <acpi-jp@jp.freebsd.org>; Wed, 7 Mar 2001 23:48:15 +0900 (JST)
	(envelope-from iwasaki@jp.FreeBSD.org)
Received: from localhost (iwasaki.imasy.or.jp [202.227.24.92])
	by tasogare.imasy.or.jp (8.11.3+3.4W/8.11.3/tasogare/smtpfeed 1.12) with ESMTP/inet id f27EmAo06146;
	Wed, 7 Mar 2001 23:48:10 +0900 (JST)
	(envelope-from iwasaki@jp.FreeBSD.org)
To: acpi-jp@jp.freebsd.org, andrea@webcom.it
In-Reply-To: <20010307100131.B1268@webcom.it>
References: <20010306141642.C421@webcom.it>
	<20010307002422X.iwasaki@jp.FreeBSD.org>
	<20010307100131.B1268@webcom.it>
X-Mailer: Mew version 1.94.1 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20010307234810K.iwasaki@jp.FreeBSD.org>
Date: Wed, 07 Mar 2001 23:48:10 +0900
From: Mitsuru IWASAKI <iwasaki@jp.freebsd.org>
X-Dispatcher: imput version 20000228(IM140)
Lines: 90
Reply-To: acpi-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: acpi-jp 1099
Subject: [acpi-jp 1099] ACPICA: new bug related with local variable (Bug in battery
 support in IBM Thinkpad?)
Errors-To: owner-acpi-jp@jp.freebsd.org
Sender: owner-acpi-jp@jp.freebsd.org
X-Originator: iwasaki@jp.freebsd.org

Intel folks: I've found a new bug in ACPICA interpreter code.  Storing
different type of value to local variable (in this case Buffer to
Integer) seems to have a problem.

> > > By the way, did you have a look at my ASL file? I'm not an expert but it
> > > _BIF and _BST entries look suspicious to me...
> > 
> > That is not so strange for me.  I wrote simple asl for the test,
> > executed it with acpicadb, and got a normal result.
> > 
> >         Name(BSTB, Package(0x4) {
> >             0x0,
> >             0xffffffff,
> >             0xffffffff,
> >             0xffffffff,
> >         })
> > 		:
> >         Method(_BIF) {
> > 		:
> >             Store("LION", Index(BIFB, 0xb, ))
> >             Return(BIFB)
> >         }
> > 
> > And we have a almost same ACPI data with yours, not TP570E but TP570.
> > http://www.jp.freebsd.org/cgi/cvsweb.cgi/ACPI/data/TP570.asl?cvsroot=freebsd-jp
> 
> Ok if it's not my machine, then there must be something wrong in how we parse
> the ASL; but if so, why wasn't it showing up on everybody else's machine?
> 
> Here we have a structure full of bogus data. I saw nothing really strange in
> our dev/acpi, so it's probably in the contrib/ code... I even tried enabiling
> DEBUG for most of the layers/levels, but the I get so much debugging that my
> serial couln't possibly handle!!

I executed your TP570E.dsdt with acpicadb, _BIF surely gave me a error.
The problem is in \_SB_.PCI_.ISA_.EC__.SMRA().  ASL is OK, but
interpreter seems to have a bug.

                Method(SMRA, 2) {
                    Acquire(SMMB, 0xffff)
                    Name(INVB, Buffer(0x21) {0xff, 0xff, ... 0xff, 0x0 })
                    Store(SMBP(0xb, Arg0, Arg1), Local0)	# Integer.
                    If(Local0) {
                        Store(INVB, Local0)	# Buffer, but still Integer.
                    }
                    Else {
                        Store(0x0, Local1)
                        While(LLess(Local1, 0x21)) {   
                            PUTB(INVB, Local1, ECRD(Add(0x54, Local1, )))
                            Increment(Local1)
                        }
                        Store(INVB, Local0)	# Buffer, but still Integer
                    }
                    Release(SMMB)
                    Return(Local0)		# Integer
                }

And caller side, error occurred and stopped at CreateDWordField().
        Method(_BIF) {
            Store(\_SB_.PCI_.ISA_.EC__.GH8A(), Local0)		# Integer
            Store(\_SB_.PCI_.ISA_.EC__.SMRA(Local0, 0x10), Local0)
					# Buffer expected, but actually Integer.
            CreateByteField(Local0, 0x0, PWUT)
            CreateDWordField(Local0, 0x4, DCAP)

The message was:

ArgObj:    0x80c7200 <Obj> [Local0]    Integer FFFFFFFF
ArgObj:    0x80c7300 <Obj>             Integer 00000004
ArgObj:    0x80c80a0 <Node>            Name DCAP Type-FieldUnit
dsopcode-0599: AmlExecCreateField: Field exceeds Buffer 64 > 32
Outstanding: 28 allocations of total size 1212 after execution
Execution of \_SB_.BAT1._BIF failed with status AE_AML_BUFFER_LIMIT

I wrote and compile a simple ASL to reproduce the problem and
confirmed the same error running with acpicadb.

Method(AAAA)
{
        Name(INVB, Buffer(10) {0, 1, 2, 3, 4, 5, 6, 7, 8, 9})
        Store(0x1f, Local0)
        Store(INVB, Local0)
        CreateByteField(Local0, 0x0, PWUT)
        CreateDWordField(Local0, 0x4, DCAP)
}

I'll look at this more if I can get enough time, but I'll be busy for
a few days...

Thanks
