From 0c136c7b050ded4bf660ea7a50381698ab9d5f09 Mon Sep 17 00:00:00 2001 From: Dario Nieuwenhuis Date: Tue, 8 Jul 2025 22:39:53 +0200 Subject: [PATCH] executor: mark Spawner::for_current_executor() as unsafe. It's unsound with manually-created Contexts, see https://github.com/embassy-rs/embassy/issues/4379 --- embassy-executor/src/spawner.rs | 18 +++++++++++++++++- .../src/bin/self_spawn_current_executor.rs | 3 ++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/embassy-executor/src/spawner.rs b/embassy-executor/src/spawner.rs index 522d97db3..2909d19a0 100644 --- a/embassy-executor/src/spawner.rs +++ b/embassy-executor/src/spawner.rs @@ -122,10 +122,26 @@ impl Spawner { /// This function is `async` just to get access to the current async /// context. It returns instantly, it does not block/yield. /// + /// Using this method is discouraged due to it being unsafe. Consider the following + /// alternatives instead: + /// + /// - Pass the initial `Spawner` as an argument to tasks. Note that it's `Copy`, so you can + /// make as many copies of it as you want. + /// - Use `SendSpawner::for_current_executor()` instead, which is safe but can only be used + /// if task arguments are `Send`. + /// + /// The only case where using this method is absolutely required is obtaining the `Spawner` + /// for an `InterruptExecutor`. + /// + /// # Safety + /// + /// You must only execute this with an async `Context` created by the Embassy executor. + /// You must not execute it with manually-created `Context`s. + /// /// # Panics /// /// Panics if the current executor is not an Embassy executor. - pub fn for_current_executor() -> impl Future { + pub unsafe fn for_current_executor() -> impl Future { poll_fn(|cx| { let task = raw::task_from_waker(cx.waker()); let executor = unsafe { diff --git a/examples/nrf52840/src/bin/self_spawn_current_executor.rs b/examples/nrf52840/src/bin/self_spawn_current_executor.rs index ec9569a64..ddb40dc53 100644 --- a/examples/nrf52840/src/bin/self_spawn_current_executor.rs +++ b/examples/nrf52840/src/bin/self_spawn_current_executor.rs @@ -10,7 +10,8 @@ use {defmt_rtt as _, panic_probe as _}; async fn my_task(n: u32) { Timer::after_secs(1).await; info!("Spawning self! {}", n); - unwrap!(Spawner::for_current_executor().await.spawn(my_task(n + 1))); + let spawner = unsafe { Spawner::for_current_executor().await }; + unwrap!(spawner.spawn(my_task(n + 1))); } #[embassy_executor::main]