[derive] Allow TryFromBytes on non-Immutable unions

Makes progress on #5
Closes #1831
Closes #1832

gherrit-pr-id: G27dd847426e3572e87b20bd64642c9fcb0e51ec8

Author: joshlf

zerocopy-derive/src/derive/from_bytes.rs

@@ -159,10 +159,7 @@ fn derive_from_zeros_enum(ctx: &Ctx, enm: &DataEnum) -> Result<TokenStream, Erro
         .build())
 }
 fn derive_from_zeros_union(ctx: &Ctx, unn: &DataUnion) -> TokenStream {
-    // FIXME(#5): Remove the `Immutable` bound. It's only necessary for
-    // compatibility with `derive(TryFromBytes)` on unions; not for soundness.
-    let field_type_trait_bounds =
-        FieldBounds::All(&[TraitBound::Slf, TraitBound::Other(Trait::Immutable)]);
+    let field_type_trait_bounds = FieldBounds::All(&[TraitBound::Slf]);
     ImplBlockBuilder::new(ctx, unn, Trait::FromZeros, field_type_trait_bounds).build()
 }
 fn derive_from_bytes_struct(ctx: &Ctx, strct: &DataStruct) -> TokenStream {
@@ -186,9 +183,6 @@ fn derive_from_bytes_enum(ctx: &Ctx, enm: &DataEnum) -> Result<TokenStream, Erro
     Ok(ImplBlockBuilder::new(ctx, enm, Trait::FromBytes, FieldBounds::ALL_SELF).build())
 }
 fn derive_from_bytes_union(ctx: &Ctx, unn: &DataUnion) -> TokenStream {
-    // FIXME(#5): Remove the `Immutable` bound. It's only necessary for
-    // compatibility with `derive(TryFromBytes)` on unions; not for soundness.
-    let field_type_trait_bounds =
-        FieldBounds::All(&[TraitBound::Slf, TraitBound::Other(Trait::Immutable)]);
+    let field_type_trait_bounds = FieldBounds::All(&[TraitBound::Slf]);
     ImplBlockBuilder::new(ctx, unn, Trait::FromBytes, field_type_trait_bounds).build()
 }

zerocopy-derive/src/derive/try_from_bytes.rs

@@ -584,9 +584,7 @@ fn derive_try_from_bytes_struct(
         .build())
 }
 fn derive_try_from_bytes_union(ctx: &Ctx, unn: &DataUnion, top_level: Trait) -> TokenStream {
-    // FIXME(#5): Remove the `Immutable` bound.
-    let field_type_trait_bounds =
-        FieldBounds::All(&[TraitBound::Slf, TraitBound::Other(Trait::Immutable)]);
+    let field_type_trait_bounds = FieldBounds::All(&[TraitBound::Slf]);
 
     let zerocopy_crate = &ctx.zerocopy_crate;
     let variant_id: Box<Expr> = {
@@ -615,10 +613,9 @@ fn derive_try_from_bytes_union(ctx: &Ctx, unn: &DataUnion, top_level: Trait) ->
             ) -> #core::primitive::bool {
                 false #(|| {
                     // SAFETY:
-                    // - Since `Self: Immutable` is enforced by
-                    //   `self_type_trait_bounds`, neither `*slf` nor the
-                    //   returned pointer's referent permit interior
-                    //   mutation.
+                    // - Since `ReadOnly<Self>: Immutable` unconditionally,
+                    //   neither `*slf` nor the returned pointer's referent
+                    //   permit interior mutation.
                     // - Both source and destination validity are
                     //   `Initialized`, which is always a sound
                     //   transmutation.

zerocopy-derive/src/output_tests/expected/from_bytes_union.expected.rs

@@ -13,7 +13,7 @@
 const _: () = {
     unsafe impl ::zerocopy::TryFromBytes for Foo
     where
-        u8: ::zerocopy::TryFromBytes + ::zerocopy::Immutable,
+        u8: ::zerocopy::TryFromBytes,
     {
         fn only_derive_is_allowed_to_implement_this_trait() {}
         fn is_bit_valid(
@@ -100,7 +100,7 @@ const _: () = {
 const _: () = {
     unsafe impl ::zerocopy::FromZeros for Foo
     where
-        u8: ::zerocopy::FromZeros + ::zerocopy::Immutable,
+        u8: ::zerocopy::FromZeros,
     {
         fn only_derive_is_allowed_to_implement_this_trait() {}
     }
@@ -120,7 +120,7 @@ const _: () = {
 const _: () = {
     unsafe impl ::zerocopy::FromBytes for Foo
     where
-        u8: ::zerocopy::FromBytes + ::zerocopy::Immutable,
+        u8: ::zerocopy::FromBytes,
     {
         fn only_derive_is_allowed_to_implement_this_trait() {}
     }

zerocopy-derive/tests/union_from_bytes.rs

@@ -77,3 +77,13 @@ where
 
 util_assert_impl_all!(WithParams<'static, 'static, u8, 42>: imp::FromBytes);
 test_trivial_is_bit_valid!(WithParams<'static, 'static, u8, 42> => test_with_params_trivial_is_bit_valid);
+
+#[derive(imp::FromBytes)]
+#[zerocopy(crate = "zerocopy_renamed")]
+#[repr(C)]
+union UnsafeCellUnion {
+    a: imp::ManuallyDrop<imp::UnsafeCell<u8>>,
+}
+
+util_assert_impl_all!(UnsafeCellUnion: imp::FromBytes);
+test_trivial_is_bit_valid!(UnsafeCellUnion => test_unsafe_cell_union_trivial_is_bit_valid);

zerocopy-derive/tests/union_from_zeros.rs

@@ -72,3 +72,12 @@ where
 }
 
 util_assert_impl_all!(WithParams<'static, 'static, u8, 42>: imp::FromZeros);
+
+#[derive(imp::FromZeros)]
+#[zerocopy(crate = "zerocopy_renamed")]
+#[repr(C)]
+union UnsafeCellUnion {
+    a: imp::ManuallyDrop<imp::UnsafeCell<u8>>,
+}
+
+util_assert_impl_all!(UnsafeCellUnion: imp::FromZeros);

zerocopy-derive/tests/union_try_from_bytes.rs

@@ -122,3 +122,19 @@ struct A;
 union B {
     a: A,
 }
+
+#[derive(imp::TryFromBytes)]
+#[zerocopy(crate = "zerocopy_renamed")]
+#[repr(C)]
+union UnsafeCellUnion {
+    a: imp::ManuallyDrop<imp::UnsafeCell<bool>>,
+}
+
+util_assert_impl_all!(UnsafeCellUnion: imp::TryFromBytes);
+
+#[test]
+fn unsafe_cell_union() {
+    crate::util::test_is_bit_valid::<UnsafeCellUnion, _>([0u8], true);
+    crate::util::test_is_bit_valid::<UnsafeCellUnion, _>([1u8], true);
+    crate::util::test_is_bit_valid::<UnsafeCellUnion, _>([2u8], false);
+}