Implement traits for Cell

src/impls.rs

@@ -7,7 +7,11 @@
 // This file may not be copied, modified, or distributed except according to
 // those terms.
 
-use core::{cell::UnsafeCell, mem::MaybeUninit as CoreMaybeUninit, ptr::NonNull};
+use core::{
+    cell::{Cell, UnsafeCell},
+    mem::MaybeUninit as CoreMaybeUninit,
+    ptr::NonNull,
+};
 
 use super::*;
 
@@ -862,6 +866,21 @@ safety_comment! {
 }
 assert_unaligned!(ManuallyDrop<()>, ManuallyDrop<u8>);
 
+impl_for_transmute_from!(T: ?Sized + TryFromBytes => TryFromBytes for Cell<T>[UnsafeCell<T>]);
+impl_for_transmute_from!(T: ?Sized + FromZeros => FromZeros for Cell<T>[UnsafeCell<T>]);
+impl_for_transmute_from!(T: ?Sized + FromBytes => FromBytes for Cell<T>[UnsafeCell<T>]);
+impl_for_transmute_from!(T: ?Sized + IntoBytes => IntoBytes for Cell<T>[UnsafeCell<T>]);
+safety_comment! {
+    /// SAFETY:
+    /// `Cell<T>` has the same in-memory representation as `T` [1], and thus has
+    /// the same alignment as `T`.
+    ///
+    /// [1] Per https://doc.rust-lang.org/1.81.0/core/cell/struct.Cell.html#memory-layout:
+    ///
+    ///   `Cell<T>` has the same in-memory representation as its inner type `T`.
+    unsafe_impl!(T: ?Sized + Unaligned => Unaligned for Cell<T>);
+}
+
 impl_for_transmute_from!(T: ?Sized + FromZeros => FromZeros for UnsafeCell<T>[<T>]);
 impl_for_transmute_from!(T: ?Sized + FromBytes => FromBytes for UnsafeCell<T>[<T>]);
 impl_for_transmute_from!(T: ?Sized + IntoBytes => IntoBytes for UnsafeCell<T>[<T>]);

src/lib.rs

@@ -357,7 +357,7 @@ pub use crate::r#ref::*;
 pub use crate::wrappers::*;
 
 use core::{
-    cell::UnsafeCell,
+    cell::{Cell, UnsafeCell},
     cmp::Ordering,
     fmt::{self, Debug, Display, Formatter},
     hash::Hasher,
@@ -983,29 +983,27 @@ impl_known_layout!(const N: usize, T => [T; N]);
 
 safety_comment! {
     /// SAFETY:
-    /// `str`, `ManuallyDrop<[T]>` [1], and `UnsafeCell<T>` [2] have the same
-    /// representations as `[u8]`, `[T]`, and `T` repsectively. `str` has
-    /// different bit validity than `[u8]`, but that doesn't affect the
-    /// soundness of this impl.
+    /// `str` has the same representation as `[u8]`. `ManuallyDrop<T>` [1],
+    /// `UnsafeCell<T>` [2], and `Cell<T>` [3] have the same representation as
+    /// `T`.
     ///
-    /// [1] Per https://doc.rust-lang.org/nightly/core/mem/struct.ManuallyDrop.html:
+    /// [1] Per https://doc.rust-lang.org/1.85.0/std/mem/struct.ManuallyDrop.html:
     ///
     ///   `ManuallyDrop<T>` is guaranteed to have the same layout and bit
     ///   validity as `T`
     ///
-    /// [2] Per https://doc.rust-lang.org/core/cell/struct.UnsafeCell.html#memory-layout:
+    /// [2] Per https://doc.rust-lang.org/1.85.0/core/cell/struct.UnsafeCell.html#memory-layout:
     ///
     ///   `UnsafeCell<T>` has the same in-memory representation as its inner
     ///   type `T`.
     ///
-    /// TODO(#429):
-    /// -  Add quotes from docs.
-    /// -  Once [1] (added in
-    /// https://github.com/rust-lang/rust/pull/115522) is available on stable,
-    /// quote the stable docs instead of the nightly docs.
+    /// [3] Per https://doc.rust-lang.org/1.85.0/core/cell/struct.Cell.html#memory-layout:
+    ///
+    ///   `Cell<T>` has the same in-memory representation as `T`.
     unsafe_impl_known_layout!(#[repr([u8])] str);
     unsafe_impl_known_layout!(T: ?Sized + KnownLayout => #[repr(T)] ManuallyDrop<T>);
     unsafe_impl_known_layout!(T: ?Sized + KnownLayout => #[repr(T)] UnsafeCell<T>);
+    unsafe_impl_known_layout!(T: ?Sized + KnownLayout => #[repr(T)] Cell<T>);
 }
 
 safety_comment! {

src/pointer/transmute.rs

@@ -7,7 +7,7 @@
 // those terms.
 
 use core::{
-    cell::UnsafeCell,
+    cell::{Cell, UnsafeCell},
     mem::{ManuallyDrop, MaybeUninit},
     num::Wrapping,
     ptr::NonNull,
@@ -405,20 +405,44 @@ safety_comment! {
     unsafe_impl_invariants_eq!(T => T, Wrapping<T>);
 
     /// SAFETY:
-    /// - `Unalign<T>` has the same size as `T` [1].
-    /// - Per [1], `Unalign<T>` has the same bit validity as `T`. Technically
+    /// - `UnsafeCell<T>` has the same size as `T` [1].
+    /// - Per [1], `UnsafeCell<T>` has the same bit validity as `T`. Technically
     ///   the term "representation" doesn't guarantee this, but the subsequent
     ///   sentence in the documentation makes it clear that this is the
     ///   intention.
     ///
     /// [1] Per https://doc.rust-lang.org/1.81.0/core/cell/struct.UnsafeCell.html#memory-layout:
     ///
-    ///   `UnsafeCell<T>` has the same in-memory representation as its inner type
-    ///   `T`. A consequence of this guarantee is that it is possible to convert
-    ///   between `T` and `UnsafeCell<T>`.
+    ///   `UnsafeCell<T>` has the same in-memory representation as its inner
+    ///   type `T`. A consequence of this guarantee is that it is possible to
+    ///   convert between `T` and `UnsafeCell<T>`.
     unsafe_impl_for_transparent_wrapper!(T: ?Sized => UnsafeCell<T>);
+
+    /// SAFETY:
+    /// - `Cell<T>` has the same size as `T` [1].
+    /// - Per [1], `Cell<T>` has the same bit validity as `T`. Technically the
+    ///   term "representation" doesn't guarantee this, but it does promise to
+    ///   have the "same memory layout and caveats as `UnsafeCell<T>`." The
+    ///   `UnsafeCell` docs [2] make it clear that bit validity is the intention
+    ///   even if that phrase isn't used.
+    ///
+    /// [1] Per https://doc.rust-lang.org/1.85.0/std/cell/struct.Cell.html#memory-layout:
+    ///
+    ///   `Cell<T>` has the same memory layout and caveats as `UnsafeCell<T>`.
+    ///   In particular, this means that `Cell<T>` has the same in-memory
+    ///   representation as its inner type `T`.
+    ///
+    /// [2] Per https://doc.rust-lang.org/1.81.0/core/cell/struct.UnsafeCell.html#memory-layout:
+    ///
+    ///   `UnsafeCell<T>` has the same in-memory representation as its inner
+    ///   type `T`. A consequence of this guarantee is that it is possible to
+    ///   convert between `T` and `UnsafeCell<T>`.
+    unsafe_impl_for_transparent_wrapper!(T: ?Sized => Cell<T>);
 }
 
+impl_transitive_transmute_from!(T: ?Sized => Cell<T> => T => UnsafeCell<T>);
+impl_transitive_transmute_from!(T: ?Sized => UnsafeCell<T> => T => Cell<T>);
+
 // SAFETY: `MaybeUninit<T>` has no validity requirements. Currently this is not
 // explicitly guaranteed, but it's obvious from `MaybeUninit`'s documentation
 // that this is the intention:

tests/ui-nightly/diagnostic-not-implemented-unaligned.stderr

@@ -10,10 +10,10 @@ error[E0277]: the trait bound `NotZerocopy: zerocopy::Unaligned` is not satisfie
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
 note: required by a bound in `takes_unaligned`
   --> tests/ui-nightly/diagnostic-not-implemented-unaligned.rs:21:23

tests/ui-stable/diagnostic-not-implemented-unaligned.stderr

@@ -10,10 +10,10 @@ error[E0277]: the trait bound `NotZerocopy: zerocopy::Unaligned` is not satisfie
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
 note: required by a bound in `takes_unaligned`
   --> tests/ui-stable/diagnostic-not-implemented-unaligned.rs:21:23

zerocopy-derive/tests/ui-nightly/derive_transparent.stderr

@@ -126,10 +126,10 @@ error[E0277]: the trait bound `NotZerocopy: zerocopy::Unaligned` is not satisfie
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
 note: required for `TransparentStruct<NotZerocopy>` to implement `zerocopy::Unaligned`
   --> tests/ui-nightly/derive_transparent.rs:24:32

zerocopy-derive/tests/ui-nightly/late_compile_pass.stderr

@@ -186,10 +186,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -210,10 +210,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -234,10 +234,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)

zerocopy-derive/tests/ui-nightly/struct.stderr

@@ -284,10 +284,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
               AtomicBool
               AtomicI8
               AtomicU8
+              Cell<T>
               F32<O>
               F64<O>
               I128<O>
-              I16<O>
             and $N others
     = help: see issue #48214
     = note: this error originates in the derive macro `IntoBytes` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -386,10 +386,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
               AtomicBool
               AtomicI8
               AtomicU8
+              Cell<T>
               F32<O>
               F64<O>
               I128<O>
-              I16<O>
             and $N others
 note: required for `IntoBytes11<AU16>` to implement `zerocopy::IntoBytes`
    --> tests/ui-nightly/struct.rs:150:10

zerocopy-derive/tests/ui-stable/derive_transparent.stderr

@@ -126,10 +126,10 @@ error[E0277]: the trait bound `NotZerocopy: zerocopy::Unaligned` is not satisfie
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
 note: required for `TransparentStruct<NotZerocopy>` to implement `zerocopy::Unaligned`
   --> tests/ui-stable/derive_transparent.rs:24:32

zerocopy-derive/tests/ui-stable/late_compile_pass.stderr

@@ -158,10 +158,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -178,10 +178,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -198,10 +198,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
              AtomicBool
              AtomicI8
              AtomicU8
+             Cell<T>
              F32<O>
              F64<O>
              I128<O>
-             I16<O>
            and $N others
    = help: see issue #48214
    = note: this error originates in the derive macro `Unaligned` (in Nightly builds, run with -Z macro-backtrace for more info)

zerocopy-derive/tests/ui-stable/struct.stderr

@@ -257,10 +257,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
               AtomicBool
               AtomicI8
               AtomicU8
+              Cell<T>
               F32<O>
               F64<O>
               I128<O>
-              I16<O>
             and $N others
     = help: see issue #48214
     = note: this error originates in the derive macro `IntoBytes` (in Nightly builds, run with -Z macro-backtrace for more info)
@@ -347,10 +347,10 @@ error[E0277]: the trait bound `AU16: zerocopy::Unaligned` is not satisfied
               AtomicBool
               AtomicI8
               AtomicU8
+              Cell<T>
               F32<O>
               F64<O>
               I128<O>
-              I16<O>
             and $N others
 note: required for `IntoBytes11<AU16>` to implement `zerocopy::IntoBytes`
    --> tests/ui-stable/struct.rs:150:10