Rust 2024 has make &mut STATIC_mut a hard error. I'm trying to understand why the alternative (e.g. &UnsafeCell
) is safer than static mut
. And I think one key reason is that multiple mutable reference (even without data access) is UB:
Quoting from Disallow *references* to `static mut` [Edition Idea] · Issue #114447 · rust-lang/rust · GitHub
the differences are in whether you get a reference directly.
*mut
s are allowed to alias, so you can make new ones all day long and keep them around -- the only problems are when you actually read or write through them. Whereas multiple independent live&mut
s at the same time is UB even without a data race. So that's the difference in footgun-ness.
And quoting Consider deprecation of UB-happy `static mut` · Issue #53639 · rust-lang/rust · GitHub
With
unsafe impl Sync
, you only have to prove the data accesses correct, but withstatic mut
, the references themselves can conflict.
EDIT: Now if "references exist" cannot be UB, ever, then this is not a problem, but IIUC, they do.
In multiple mutable reference with data access, there will be races which causes UB.
However, how does UB happen with just multiple references themselves?