Revise union field access guidelines in values.rst

rcseacord · web-flow · commit 38b1340f02eb · 2025-12-08T07:28:27.000-05:00
Clarify conditions for accessing union fields and update non-compliant examples.
diff --git a/src/coding-guidelines/values.rst b/src/coding-guidelines/values.rst
@@ -24,7 +24,7 @@ Values
 
    - All bytes of the field read have been initialized by a prior write.
    - The bytes form a valid representation for the field's type
-     (e.g., no invalid ``enum`` discriminants, no invalid pointer values, etc.).
+     (e.g., ``enum`` discriminants are valid and ``bool`` has an underlying value of 0 or 1).
 
    .. rationale::
       :id: rat_kjFRrhpS8Wu6
@@ -43,7 +43,8 @@ Values
       :status: draft
 
       This noncompliant example creates a value of type ``u32`` from uninitialized memory via 
-      `assume_init <https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#method.assume_init>`_:
+      `assume_init <https://doc.rust-lang.org/stable/std/mem/union.MaybeUninit.html#method.assume_init>`_.
+      Here, calling ``assume_init`` is equivalent to an uninitialied read.
 
       .. code-block:: rust
 
@@ -153,20 +154,6 @@ Values
          x.write(42);
          let val = unsafe { x.assume_init() }; // OK — value was fully initialized
 
-   .. non_compliant_example::
-      :id: non_compl_ex_Qb5GqYTP6db2
-      :status: draft
-
-      Creating a reference from arbitrary or uninitialized bytes is always undefined behavior.
-      References must be valid, aligned, properly dereferenceable, and non-null.
-      Uninitialized memory cannot satisfy these invariants.
-
-      .. code-block:: rust
-
-         use std::mem::MaybeUninit;
-
-         let r: &u32 = unsafe { MaybeUninit::uninit().assume_init() }; // UB — invalid reference
-
    .. non_compliant_example::
       :id: non_compl_ex_Qb5GqYTP6db5
       :status: draft
@@ -201,9 +188,8 @@ Values
       :status: draft
 
       Even though unions allow reads of any field, not all bit patterns are valid for a ``bool``.
-      Unions do not relax type validity requirements.
-      Only the read itself is allowed;
-      the resulting bytes must still be a valid bool.
+      Unions do not relax type validity requirements for individual fields.
+      The resulting bytes must still be a valid allocation of type ``bool``.
 
       .. code-block:: rust
 
