Unsoundness: Patterns in function parameters are not checked for union access

[ChayimFriedman2]

I tried this code:

union U {
    a: &'static i32,
    b: usize,
}

fn foo(U { a }: U) {
    dbg!(*a);
}

fn main() {
    foo(U { b: 0 });
}

Playground.

I expected to see this happen: rustc rejecting this code. We are transmuting arbitrary types without unsafe, this is clearly unsound.

Instead, this happened: rustc accepted this code, and it SIGSEGVs at runtime.

[Urgau]

Seems to have regressed between 1.76 and 1.77.

In 1.76 (and below) it gave:

error[E0133]: access to union field is unsafe and requires unsafe function or block
 --> <source>:6:12
  |
6 | fn foo(U { a }: U) {
  |            ^ access to union field
  |
  = note: the field may not be properly initialized: using uninitialized data will cause undefined behavior

It's probably related to the THIR unsafeck which was stabilized in that release.

[compiler-errors]

I'll take a look at this. I think I may have found out what's going on.

@rustbot claim