Accessing union field inside unsafe function requires extra unsafe block

[gnzlbg]

Playground

Is this by design?

pub unsafe fn foo() -> u8 {
    union U {
        v: u8,
        c: u8,
    }
    // const C: u8 = unsafe { U { v: 0 }.c }; // OK
    const C: u8 = U { v: 0 }.c; // ERROR
    C
}

it produces:

error[E0133]: access to union field is unsafe and requires unsafe function or block
 --> src/main.rs:9:19
  |
9 |     const C: u8 = U { v: 0 }.c;
  |                   ^^^^^^^^^^^^ access to union field
  |
  = note: the field may not be properly initialized: using uninitialized data will cause undefined behavior

Wrapping the access in an unsafe block compiles, but since the function is already unsafe, that feels a bit redundant.

In non-unsafe functions one doesn't need to open two unsafe blocks to perform union field access unsafe { unsafe { ...union access... } } :D Is this doubly-unsafe ? :D

cc @oli-obk @RalfJung @eddyb

[oli-obk]

huh... has it been this way since unions were introduced or is this a regression?

[gnzlbg]

No idea. I use unions a lot and this is the first time I see this. I did not managed to find an open issue about it.

[oli-obk]

Ah! I overlooked the constant. Yea, the body of the constant is its own scope and does require its own unsafe blocks.

This is working as intended to the best of my knowledge

[oli-obk]

if you declare a safe function inside an unsafe block you don't expect to be able to use unsafe things inside that safe function either.

http://play.rust-lang.org/?gist=364ef241902e1916d7dc1919d38ad19d&version=stable&mode=debug&edition=2015

pub unsafe fn foo() -> fn(*const u8) -> u8 {
    fn helper(ptr: *const u8) -> u8 {
        *ptr
    }
    helper
}

[petrochenkov]

Fun fact: this worked before Rust 1.6.0 (not for unions, of course) - #47864 (comment).

[oli-obk]

duplicate of #35716

[gnzlbg]

Thank you for the clarification @oli-obk - maybe that note ("the body of the constant is its own scope and requires its own unsafe block, just like safe functions inside unsafe functions") could be added to the error message in this case ?