From 935def4a0ba8f3d2086361c9971037561a60f255 Mon Sep 17 00:00:00 2001 From: Dario Nieuwenhuis Date: Sun, 26 Jun 2022 00:13:31 +0200 Subject: [PATCH] executor: mark `task_from_waker` as safe. --- embassy/src/executor/raw/waker.rs | 12 +++++++++--- embassy/src/waitqueue/waker.rs | 4 ++-- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/embassy/src/executor/raw/waker.rs b/embassy/src/executor/raw/waker.rs index ea9010ca0..605cda4ca 100644 --- a/embassy/src/executor/raw/waker.rs +++ b/embassy/src/executor/raw/waker.rs @@ -33,12 +33,18 @@ pub(crate) unsafe fn from_task(p: NonNull) -> Waker { /// # Panics /// /// Panics if the waker is not created by the Embassy executor. -pub unsafe fn task_from_waker(waker: &Waker) -> NonNull { - let hack: &WakerHack = mem::transmute(waker); +pub fn task_from_waker(waker: &Waker) -> NonNull { + // safety: OK because WakerHack has the same layout as Waker. + // This is not really guaranteed because the structs are `repr(Rust)`, it is + // indeed the case in the current implementation. + // TODO use waker_getters when stable. https://github.com/rust-lang/rust/issues/96992 + let hack: &WakerHack = unsafe { mem::transmute(waker) }; if hack.vtable != &VTABLE { panic!("Found waker not created by the embassy executor. Consider enabling the `executor-agnostic` feature on the `embassy` crate.") } - NonNull::new_unchecked(hack.data as *mut TaskHeader) + + // safety: we never create a waker with a null data pointer. + unsafe { NonNull::new_unchecked(hack.data as *mut TaskHeader) } } struct WakerHack { diff --git a/embassy/src/waitqueue/waker.rs b/embassy/src/waitqueue/waker.rs index a90154cce..d7151e300 100644 --- a/embassy/src/waitqueue/waker.rs +++ b/embassy/src/waitqueue/waker.rs @@ -22,7 +22,7 @@ impl WakerRegistration { /// Register a waker. Overwrites the previous waker, if any. pub fn register(&mut self, w: &Waker) { - let w = unsafe { task_from_waker(w) }; + let w = task_from_waker(w); match self.waker { // Optimization: If both the old and new Wakers wake the same task, do nothing. Some(w2) if w == w2 => {} @@ -80,7 +80,7 @@ impl AtomicWaker { /// Register a waker. Overwrites the previous waker, if any. pub fn register(&self, w: &Waker) { - let w = unsafe { task_from_waker(w) }; + let w = task_from_waker(w); self.waker.store(w.as_ptr(), Ordering::Relaxed); compiler_fence(Ordering::SeqCst); }