From 18797031533c11ace18160c5917d5131709397ce Mon Sep 17 00:00:00 2001 From: Dario Nieuwenhuis Date: Wed, 3 Feb 2021 16:29:35 +0100 Subject: [PATCH] CriticalSectionMutex should require Send. --- embassy/src/util/mutex.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/embassy/src/util/mutex.rs b/embassy/src/util/mutex.rs index 11f88049..f87d7003 100644 --- a/embassy/src/util/mutex.rs +++ b/embassy/src/util/mutex.rs @@ -13,8 +13,11 @@ use crate::fmt::{assert, panic, *}; pub struct CriticalSectionMutex { inner: UnsafeCell, } -unsafe impl Sync for CriticalSectionMutex {} -unsafe impl Send for CriticalSectionMutex {} + +// NOTE: A `CriticalSectionMutex` can be used as a channel so the protected data must be `Send` +// to prevent sending non-Sendable stuff (e.g. access tokens) across different +// execution contexts (e.g. interrupts) +unsafe impl Sync for CriticalSectionMutex where T: Send {} impl CriticalSectionMutex { /// Creates a new mutex @@ -42,6 +45,10 @@ impl CriticalSectionMutex { pub struct ThreadModeMutex { inner: UnsafeCell, } + +// NOTE: ThreadModeMutex only allows borrowing from one execution context ever: thread mode. +// Therefore it cannot be used to send non-sendable stuff between execution contexts, so it can +// be Send+Sync even if T is not Send (unlike CriticalSectionMutex) unsafe impl Sync for ThreadModeMutex {} unsafe impl Send for ThreadModeMutex {}