On 25/10/2020 07.04, Heinrich Schuchardt wrote:
> Up to now the sandbox would shutdown upon a cold reset request. Instead it
> should be reset.
>
> In our coding we use static variables. The only safe way to return to an
> initial state is to relaunch the U-Boot binary.
>
> The reset implementation uses a longjmp() to return to the main() function
> and then relaunches U-Boot using execv().
>
That seems to be needlessly fragile.
1. getopt_long can permute the elements of the argv array
2. From reading "man longjmp", I'm not sure argc and argv are actually
guaranteed to have the values they had originally upon reaching the
setjmp() the second time
Now, 1. is probably mostly when there's a mix of options and positional
arguments, and ./u-boot doesn't take the latter. And 2. possibly also
doesn't apply because we don't currently modify argc or argv in main()
itself - but that could change with some future refactoring.
So perhaps it works, and maybe that's even guaranteed with the current
code and APIs that are used. But, is there any reason to muck with a
complex beast like setjmp/longjmp when we could just
static char **saved_argv;
os_relaunch(void) {
execve(saved_argv[0], saved_argv);
}
static int save_argv(int argc, char **argv)
{
/* essentially the prologue of your os_relaunch() */
}
main() {
save_argv(argc, argv);
...
}
(one can argue whether memcpy'ing the argv array is sufficient, or if
one should really strdup() each element, since one is allowed to modify
the strings, though again, I don't think we do that currently).
Rasmus
