Bug 11822

Summary: ACPI Warning (nspredef-0858): \_SB_.PCI0.LPC_.EC__.BAT0._BIF: Return Package type mismatch at index 9 - found Buffer, expected String [20080926]
Product: ACPI Reporter: Len Brown (lenb)
Component: ACPICA-CoreAssignee: Lin Ming (ming.m.lin)
Status: CLOSED PATCH_ALREADY_AVAILABLE    
Severity: normal CC: acpi-bugzilla, arvidjaar, ming.m.lin, rjw
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.28-rc1 Subsystem:
Regression: Yes Bisected commit-id:
Bug Depends on:    
Bug Blocks: 11808    
Attachments: dmesg-2.6.28-rc1
acpidump Lenovo T61
patch vs. 2.6.28-rc4
patch#8 added to 2.6.28-rc5
patch refreshed
before&afterpatchrefreshed
workaround patch vs 2.6.28-rc5 from Lin-Ming

Description Len Brown 2008-10-25 01:26:31 UTC
Latest working kernel version: 2.6.27
Earliest failing kernel version: 2.6.28-rc1
Comment 1 Len Brown 2008-10-25 01:28:44 UTC
Created attachment 18432 [details]
dmesg-2.6.28-rc1
Comment 2 Len Brown 2008-10-25 01:29:13 UTC
Created attachment 18433 [details]
acpidump Lenovo T61
Comment 3 Robert Hancock 2008-10-25 10:05:46 UTC
Looks like it's complaining about the Control Method Battery information query (_BIF) response, field 9 which is the battery model number (see section 10.2.2.1 of the ACPI 3.0 spec). It is indeed supposed to be a string, not a buffer, as are the following fields (serial number, battery type and OEM information). I haven't looked at the dump to see if those are strings or not.
Comment 4 Robert Moore 2008-10-29 13:13:30 UTC
From examining the acpidump, here is what is what is happening:

The battery strings are extracted from an EC operation region. When reading an operation region field, the result is either an integer or a buffer (if too large for an integer).

Prior to ACPI 2.0, there was no easy way to extract the EC field read as a string object, so most battery implementations returned the data as buffer objects. The ToString operator was introduced in ACPI 2.0 to perform this type of conversion.

However, we don't know when ToString was actually implemented in a Windows release -- and it appears that many _BIF implementations continue to simply return the data as a buffer.

This does have the possibility of causing some problems in the host OS, since the buffer is not guaranteed to be null-terminated. If the host treats the buffer and string objects the same (as strings), garbage output can be produced.

This kind of issue can be easily fixed in the ACPICA code that examines the return values from the predefined methods (like _BIF) by performing a proper buffer to string conversion before the host even sees the return value.

This is the plan, and the change will be released in a few days.

Bob
Comment 5 Robert Moore 2008-11-07 14:50:29 UTC
Fixed in ACPICA 20081031
Comment 6 Rafael J. Wysocki 2008-11-09 09:31:25 UTC
Handled-By : Robert Moore <Robert.Moore@intel.com>
Comment 7 Rafael J. Wysocki 2008-11-09 09:32:43 UTC
(In reply to comment #5)
> Fixed in ACPICA 20081031

This is a regression, so please provide a pointer to the minimal fix to apply to 2.6.28.
Comment 8 Len Brown 2008-11-12 00:10:51 UTC
Created attachment 18815 [details]
patch vs. 2.6.28-rc4

this patch is included in the acpi tree

From ffc0e4209c39af2925a78504a5869d467b569775 Mon Sep 17 00:00:00 2001
From: Bob Moore <robert.moore@intel.com>
Subject: [PATCH] ACPICA: Add Buffer->String conversion for predefined methods
Comment 9 Len Brown 2008-11-12 01:43:58 UTC
patch in comment #8 failed
Comment 10 Justin P. Mattock 2008-11-17 17:56:47 UTC
Created attachment 18901 [details]
patch#8 added to 2.6.28-rc5

applied the patch from #8, not seeing a warning message anymore. : )
attached are the results.
let me know if I need add anymore info.
Comment 11 Lin Ming 2008-11-19 17:21:23 UTC
Created attachment 18949 [details]
patch refreshed

it fixes the fault.

Justin, would you please help to test this updated patch?
Comment 12 Justin P. Mattock 2008-11-22 11:41:36 UTC
Created attachment 18971 [details]
before&afterpatchrefreshed

O.K. appologize for the delay;
tied up: applied the patch manually
not sure how patch -p1 < * 
is. kernel compiled fine now warnings,
attached is dmesg of before and after.

regards;
Comment 13 Rafael J. Wysocki 2008-11-22 13:15:44 UTC
Handled-By : Lin Ming <ming.m.lin@intel.com>
Patch : http://bugzilla.kernel.org/attachment.cgi?id=18949&action=view
Comment 14 Len Brown 2008-11-26 23:23:16 UTC
Created attachment 19045 [details]
workaround patch vs 2.6.28-rc5 from Lin-Ming

here is the 1-liner that we'll ship in 2.6.28
Comment 15 Len Brown 2008-11-30 19:31:23 UTC
shipped in linux 2.6.28-rc6-git2

closed.