[WIP] Experiment with a safe adoption API

[lopopolo]

This PR experiments with a safe Adopt::adopt API.

The API requires that the inner T of and Rc<T> implement a new trait, Trace. Trace has a single required method: Trace::mark. Rc::<T>::adopt is only available when T impls Trace.

Trace::mark allows a T to use internal iteration to mark all of the Rc<T>s that are immediately reachable. Rc::<T>::adopt determines whether an adoption of other is safe based on whether T yields a &mut Rc<T> that points to the same allocation as the given other Rc to adopt.

By yielding a &mut Rc<T>, T proves that it owns an Rc<T> that points to the same allocation as other, which satisfies the safety invariants of Adopt::adopt_unchecked.

Practically, Ts that implement Trace must use some sort of interior mutability, since Trace::mark takes &self.

The doubly linked list integration test is updated to use this new safe adopt API and impls Trace. The orphan rule for trait impls complicates implementing Trace for Rc<RefCell<T>> and requires the introduction of a wrapper type. The doubly linked list test now has #![forbid(unsafe_code)].

r? @tummychow

[LoganDark]

Is this crate still under active development?

[lopopolo]

Is this crate still under active development?

Hi @LoganDark, cactusref has not been a priority for me since I do not intend to use it in Artichoke at this time. That may change in the future. For now, I'd consider development paused. If you'd like to help me invest here, I'd be happy to accept PRs.

The crate was published to crates.io as a PoC and its experimental status is called out in its README: https://github.com/artichoke/cactusref#maturity. If you think I can be more clear here, I'd be happy to accept a PR.