Merge #768

768: rtic-sync: Fix possible UB in make_channel! r=datdenkikniet a=korken89

Closes #763

Co-authored-by: Emil Fresk <emil.fresk@gmail.com>

1 files changed, 21 insertions, 0 deletions

diff --git a/rtic-sync/src/channel.rs b/rtic-sync/src/channel.rs
index 8c9f861..06a6639 100644
--- a/rtic-sync/src/channel.rs
+++ b/rtic-sync/src/channel.rs
@@ -106,6 +106,16 @@ macro_rules! make_channel {
         static mut CHANNEL: $crate::channel::Channel<$type, $size> =
             $crate::channel::Channel::new();
 
+        static CHECK: ::core::sync::atomic::AtomicU8 = ::core::sync::atomic::AtomicU8::new(0);
+
+        critical_section::with(|_| {
+            if CHECK.load(::core::sync::atomic::Ordering::Relaxed) != 0 {
+                panic!("call to the same `make_channel` instance twice");
+            }
+
+            CHECK.store(1, ::core::sync::atomic::Ordering::Relaxed);
+        });
+
         // SAFETY: This is safe as we hide the static mut from others to access it.
         // Only this point is where the mutable access happens.
         unsafe { CHANNEL.split() }
@@ -573,4 +583,15 @@ mod tests {
             v.await.unwrap();
         }
     }
+
+    fn make() {
+        let _ = make_channel!(u32, 10);
+    }
+
+    #[test]
+    #[should_panic]
+    fn double_make_channel() {
+        make();
+        make();
+    }
 }