main_conf_mut() returns &'static mut Self::MainConf from only an &impl CoreModuleConfExt. This allows safe code to obtain multiple mutable references to the same underlying NGINX config slot (e.g., calling main_conf_mut() twice), which violates Rust aliasing rules and can lead to UB. Consider making the accessor unsafe, requiring a unique borrow (&mut impl ...), or returning a raw/NonNull pointer instead of &mut.
///
/// # Safety
/// The caller must guarantee exclusive access to this module's configuration slot for the
/// full lifetime of the returned reference. Calling this multiple times for the same
/// underlying slot, or while any shared or mutable references to that slot exist, violates
/// Rust's aliasing rules and results in undefined behavior.
unsafe fn main_conf_mut(o: &impl CoreModuleConfExt) -> Option<&'static mut Self::MainConf> {
Originally posted by @Copilot in #283 (comment)
main_conf_mut()returns&'static mut Self::MainConffrom only an&impl CoreModuleConfExt. This allows safe code to obtain multiple mutable references to the same underlying NGINX config slot (e.g., callingmain_conf_mut()twice), which violates Rust aliasing rules and can lead to UB. Consider making the accessorunsafe, requiring a unique borrow (&mut impl ...), or returning a raw/NonNullpointer instead of&mut.Originally posted by @Copilot in #283 (comment)