rtic-sync: Fix possible UB in make_channel!

author: Emil Fresk <emil.fresk@gmail.com> 2023-06-14 20:07:21 +0200
committer: Emil Fresk <emil.fresk@gmail.com> 2023-06-14 20:16:06 +0200
commit: db18c00c00deb146478de1b0f94f8181300c47ce (patch)
tree: 5e2c22f4aae76eb9ecf296cb51624d44150e407c /rtic-sync/src
parent: 599793829377a64603e93a1136360f17d3bade93 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/rtic-sync/src/channel.rs b/rtic-sync/src/channel.rs
index 8c9f861..06a6639 100644
--- a/rtic-sync/src/channel.rs
+++ b/rtic-sync/src/channel.rs
@@ -106,6 +106,16 @@ macro_rules! make_channel {
         static mut CHANNEL: $crate::channel::Channel<$type, $size> =
             $crate::channel::Channel::new();
 
+        static CHECK: ::core::sync::atomic::AtomicU8 = ::core::sync::atomic::AtomicU8::new(0);
+
+        critical_section::with(|_| {
+            if CHECK.load(::core::sync::atomic::Ordering::Relaxed) != 0 {
+                panic!("call to the same `make_channel` instance twice");
+            }
+
+            CHECK.store(1, ::core::sync::atomic::Ordering::Relaxed);
+        });
+
         // SAFETY: This is safe as we hide the static mut from others to access it.
         // Only this point is where the mutable access happens.
         unsafe { CHANNEL.split() }
@@ -573,4 +583,15 @@ mod tests {
             v.await.unwrap();
         }
     }
+
+    fn make() {
+        let _ = make_channel!(u32, 10);
+    }
+
+    #[test]
+    #[should_panic]
+    fn double_make_channel() {
+        make();
+        make();
+    }
 }
author	Emil Fresk <emil.fresk@gmail.com>	2023-06-14 20:07:21 +0200
committer	Emil Fresk <emil.fresk@gmail.com>	2023-06-14 20:16:06 +0200
commit	db18c00c00deb146478de1b0f94f8181300c47ce (patch)
tree	5e2c22f4aae76eb9ecf296cb51624d44150e407c /rtic-sync/src
parent	599793829377a64603e93a1136360f17d3bade93 (diff)