Fix uninitialized Cell at unsync::Bump::new

Author: 197g

static-alloc/src/unsync/bump.rs

@@ -129,6 +129,7 @@ impl MemBump {
         let ptr = NonNull::new(unsafe { alloc::alloc::alloc(layout) })
             .unwrap_or_else(|| alloc::alloc::handle_alloc_error(layout));
         let ptr = ptr::slice_from_raw_parts_mut(ptr.as_ptr(), capacity);
+        unsafe { ptr::write(ptr as *mut Cell<usize>, Cell::new(0)) };
         unsafe { alloc::boxed::Box::from_raw(ptr as *mut MemBump) }
     }
 }
@@ -250,10 +251,7 @@ impl MemBump {
     /// This is how many *bytes* can be allocated
     /// within this node.
     pub const fn capacity(&self) -> usize {
-        // Safety: just gets the pointer metadata `len` without invalidating any provenance,
-        // accepting the pointer use itself. This may be replaced by a safe `pointer::len` as soon
-        // as stable (#71146) and const which would avoid any pointer use.
-        unsafe { (*(self.data.get() as *const [UnsafeCell<u8>])).len() }
+        self.data.get().len()
     }
 
     /// Get a raw pointer to the data.
@@ -502,7 +500,7 @@ impl MemBump {
         let requested = layout.size();
 
         // Ensure no overflows when calculating offets within.
-        assert!(expect_consumed <= length);
+        assert!(expect_consumed <= length, "{}/{}", expect_consumed, length);
 
         let available = length.checked_sub(expect_consumed).unwrap();
         let ptr_to = base_ptr.wrapping_add(expect_consumed);