Merge #768

768: rtic-sync: Fix possible UB in make_channel! r=datdenkikniet a=korken89

Closes #763

Co-authored-by: Emil Fresk <[email protected]>

Author: bors[bot]

rtic-sync/CHANGELOG.md

@@ -13,4 +13,10 @@ For each category, *Added*, *Changed*, *Fixed* add new entries at the top!
 
 ### Fixed
 
+## [v1.0.1]
+
+### Fixed
+
+- `make_channel` could be UB
+
 ## [v1.0.0] - 2023-xx-xx

rtic-sync/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rtic-sync"
-version = "1.0.0"
+version = "1.0.1"
 
 edition = "2021"
 authors = [

rtic-sync/src/channel.rs

@@ -106,6 +106,16 @@ macro_rules! make_channel {
         static mut CHANNEL: $crate::channel::Channel<$type, $size> =
             $crate::channel::Channel::new();
 
+        static CHECK: ::core::sync::atomic::AtomicU8 = ::core::sync::atomic::AtomicU8::new(0);
+
+        critical_section::with(|_| {
+            if CHECK.load(::core::sync::atomic::Ordering::Relaxed) != 0 {
+                panic!("call to the same `make_channel` instance twice");
+            }
+
+            CHECK.store(1, ::core::sync::atomic::Ordering::Relaxed);
+        });
+
         // SAFETY: This is safe as we hide the static mut from others to access it.
         // Only this point is where the mutable access happens.
         unsafe { CHANNEL.split() }
@@ -573,4 +583,15 @@ mod tests {
             v.await.unwrap();
         }
     }
+
+    fn make() {
+        let _ = make_channel!(u32, 10);
+    }
+
+    #[test]
+    #[should_panic]
+    fn double_make_channel() {
+        make();
+        make();
+    }
 }