Auto merge of rust-lang#124636 - tbu-:pr_env_unsafe, r=petrochenkov

bors · bors · commit ba98164a104d · 2024-05-30T12:17:06.000Z
Make `std::env::{set_var, remove_var}` unsafe in edition 2024 Allow calling these functions without `unsafe` blocks in editions up until 2021, but don't trigger the `unused_unsafe` lint for `unsafe` blocks containing these functions. Fixes rust-lang#27970. Fixes rust-lang#90308. CC rust-lang#124866.
diff --git a/std/src/env.rs b/std/src/env.rs
@@ -318,22 +318,25 @@ impl Error for VarError {
 ///
 /// # Safety
 ///
-/// Even though this function is currently not marked as `unsafe`, it needs to
-/// be because invoking it can cause undefined behaviour. The function will be
-/// marked `unsafe` in a future version of Rust. This is tracked in
-/// [rust#27970](https://github.com/rust-lang/rust/issues/27970).
-///
 /// This function is safe to call in a single-threaded program.
 ///
-/// In multi-threaded programs, you must ensure that are no other threads
-/// concurrently writing or *reading*(!) from the environment through functions
-/// other than the ones in this module. You are responsible for figuring out
-/// how to achieve this, but we strongly suggest not using `set_var` or
-/// `remove_var` in multi-threaded programs at all.
-///
-/// Most C libraries, including libc itself do not advertise which functions
-/// read from the environment. Even functions from the Rust standard library do
-/// that, e.g. for DNS lookups from [`std::net::ToSocketAddrs`].
+/// This function is also always safe to call on Windows, in single-threaded
+/// and multi-threaded programs.
+///
+/// In multi-threaded programs on other operating systems, we strongly suggest
+/// not using `set_var` or `remove_var` at all. The exact requirement is: you
+/// must ensure that there are no other threads concurrently writing or
+/// *reading*(!) the environment through functions or global variables other
+/// than the ones in this module. The problem is that these operating systems
+/// do not provide a thread-safe way to read the environment, and most C
+/// libraries, including libc itself, do not advertise which functions read
+/// from the environment. Even functions from the Rust standard library may
+/// read the environment without going through this module, e.g. for DNS
+/// lookups from [`std::net::ToSocketAddrs`]. No stable guarantee is made about
+/// which functions may read from the environment in future versions of a
+/// library. All this makes it not practically possible for you to guarantee
+/// that no other thread will read the environment, so the only safe option is
+/// to not use `set_var` or `remove_var` in multi-threaded programs at all.
 ///
 /// Discussion of this unsafety on Unix may be found in:
 ///
@@ -353,15 +356,26 @@ impl Error for VarError {
 /// use std::env;
 ///
 /// let key = "KEY";
-/// env::set_var(key, "VALUE");
+/// unsafe {
+///     env::set_var(key, "VALUE");
+/// }
 /// assert_eq!(env::var(key), Ok("VALUE".to_string()));
 /// ```
+#[cfg(not(bootstrap))]
+#[rustc_deprecated_safe_2024]
 #[stable(feature = "env", since = "1.0.0")]
-pub fn set_var<K: AsRef<OsStr>, V: AsRef<OsStr>>(key: K, value: V) {
+pub unsafe fn set_var<K: AsRef<OsStr>, V: AsRef<OsStr>>(key: K, value: V) {
     _set_var(key.as_ref(), value.as_ref())
 }
 
-fn _set_var(key: &OsStr, value: &OsStr) {
+#[cfg(bootstrap)]
+#[allow(missing_docs)]
+#[stable(feature = "env", since = "1.0.0")]
+pub fn set_var<K: AsRef<OsStr>, V: AsRef<OsStr>>(key: K, value: V) {
+    unsafe { _set_var(key.as_ref(), value.as_ref()) }
+}
+
+unsafe fn _set_var(key: &OsStr, value: &OsStr) {
     os_imp::setenv(key, value).unwrap_or_else(|e| {
         panic!("failed to set environment variable `{key:?}` to `{value:?}`: {e}")
     })
@@ -371,22 +385,25 @@ fn _set_var(key: &OsStr, value: &OsStr) {
 ///
 /// # Safety
 ///
-/// Even though this function is currently not marked as `unsafe`, it needs to
-/// be because invoking it can cause undefined behaviour. The function will be
-/// marked `unsafe` in a future version of Rust. This is tracked in
-/// [rust#27970](https://github.com/rust-lang/rust/issues/27970).
-///
 /// This function is safe to call in a single-threaded program.
 ///
-/// In multi-threaded programs, you must ensure that are no other threads
-/// concurrently writing or *reading*(!) from the environment through functions
-/// other than the ones in this module. You are responsible for figuring out
-/// how to achieve this, but we strongly suggest not using `set_var` or
-/// `remove_var` in multi-threaded programs at all.
-///
-/// Most C libraries, including libc itself do not advertise which functions
-/// read from the environment. Even functions from the Rust standard library do
-/// that, e.g. for DNS lookups from [`std::net::ToSocketAddrs`].
+/// This function is also always safe to call on Windows, in single-threaded
+/// and multi-threaded programs.
+///
+/// In multi-threaded programs on other operating systems, we strongly suggest
+/// not using `set_var` or `remove_var` at all. The exact requirement is: you
+/// must ensure that there are no other threads concurrently writing or
+/// *reading*(!) the environment through functions or global variables other
+/// than the ones in this module. The problem is that these operating systems
+/// do not provide a thread-safe way to read the environment, and most C
+/// libraries, including libc itself, do not advertise which functions read
+/// from the environment. Even functions from the Rust standard library may
+/// read the environment without going through this module, e.g. for DNS
+/// lookups from [`std::net::ToSocketAddrs`]. No stable guarantee is made about
+/// which functions may read from the environment in future versions of a
+/// library. All this makes it not practically possible for you to guarantee
+/// that no other thread will read the environment, so the only safe option is
+/// to not use `set_var` or `remove_var` in multi-threaded programs at all.
 ///
 /// Discussion of this unsafety on Unix may be found in:
 ///
@@ -403,22 +420,35 @@ fn _set_var(key: &OsStr, value: &OsStr) {
 ///
 /// # Examples
 ///
-/// ```
+/// ```no_run
 /// use std::env;
 ///
 /// let key = "KEY";
-/// env::set_var(key, "VALUE");
+/// unsafe {
+///     env::set_var(key, "VALUE");
+/// }
 /// assert_eq!(env::var(key), Ok("VALUE".to_string()));
 ///
-/// env::remove_var(key);
+/// unsafe {
+///     env::remove_var(key);
+/// }
 /// assert!(env::var(key).is_err());
 /// ```
+#[cfg(not(bootstrap))]
+#[rustc_deprecated_safe_2024]
 #[stable(feature = "env", since = "1.0.0")]
-pub fn remove_var<K: AsRef<OsStr>>(key: K) {
+pub unsafe fn remove_var<K: AsRef<OsStr>>(key: K) {
     _remove_var(key.as_ref())
 }
 
-fn _remove_var(key: &OsStr) {
+#[cfg(bootstrap)]
+#[allow(missing_docs)]
+#[stable(feature = "env", since = "1.0.0")]
+pub fn remove_var<K: AsRef<OsStr>>(key: K) {
+    unsafe { _remove_var(key.as_ref()) }
+}
+
+unsafe fn _remove_var(key: &OsStr) {
     os_imp::unsetenv(key)
         .unwrap_or_else(|e| panic!("failed to remove environment variable `{key:?}`: {e}"))
 }
diff --git a/std/src/sys/pal/hermit/os.rs b/std/src/sys/pal/hermit/os.rs
@@ -172,18 +172,14 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     unsafe { ENV.as_ref().unwrap().lock().unwrap().get_mut(k).cloned() }
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
-    unsafe {
-        let (k, v) = (k.to_owned(), v.to_owned());
-        ENV.as_ref().unwrap().lock().unwrap().insert(k, v);
-    }
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+    let (k, v) = (k.to_owned(), v.to_owned());
+    ENV.as_ref().unwrap().lock().unwrap().insert(k, v);
     Ok(())
 }
 
-pub fn unsetenv(k: &OsStr) -> io::Result<()> {
-    unsafe {
-        ENV.as_ref().unwrap().lock().unwrap().remove(k);
-    }
+pub unsafe fn unsetenv(k: &OsStr) -> io::Result<()> {
+    ENV.as_ref().unwrap().lock().unwrap().remove(k);
     Ok(())
 }
 
diff --git a/std/src/sys/pal/sgx/os.rs b/std/src/sys/pal/sgx/os.rs
@@ -157,13 +157,13 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     get_env_store().and_then(|s| s.lock().unwrap().get(k).cloned())
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     let (k, v) = (k.to_owned(), v.to_owned());
     create_env_store().lock().unwrap().insert(k, v);
     Ok(())
 }
 
-pub fn unsetenv(k: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(k: &OsStr) -> io::Result<()> {
     if let Some(env) = get_env_store() {
         env.lock().unwrap().remove(k);
     }
diff --git a/std/src/sys/pal/solid/os.rs b/std/src/sys/pal/solid/os.rs
@@ -191,7 +191,7 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     .flatten()
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     run_with_cstr(k.as_bytes(), &|k| {
         run_with_cstr(v.as_bytes(), &|v| {
             let _guard = ENV_LOCK.write();
@@ -200,7 +200,7 @@ pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     })
 }
 
-pub fn unsetenv(n: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(n: &OsStr) -> io::Result<()> {
     run_with_cstr(n.as_bytes(), &|nbuf| {
         let _guard = ENV_LOCK.write();
         cvt_env(unsafe { libc::unsetenv(nbuf.as_ptr()) }).map(drop)
diff --git a/std/src/sys/pal/teeos/os.rs b/std/src/sys/pal/teeos/os.rs
@@ -109,11 +109,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {
     None
 }
 
-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
     Err(io::Error::new(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))
 }
 
-pub fn unsetenv(_: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {
     Err(io::Error::new(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))
 }
 
diff --git a/std/src/sys/pal/uefi/os.rs b/std/src/sys/pal/uefi/os.rs
@@ -203,11 +203,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {
     None
 }
 
-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))
 }
 
-pub fn unsetenv(_: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))
 }
 
diff --git a/std/src/sys/pal/unix/os.rs b/std/src/sys/pal/unix/os.rs
@@ -675,19 +675,19 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     .flatten()
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     run_with_cstr(k.as_bytes(), &|k| {
         run_with_cstr(v.as_bytes(), &|v| {
             let _guard = ENV_LOCK.write();
-            cvt(unsafe { libc::setenv(k.as_ptr(), v.as_ptr(), 1) }).map(drop)
+            cvt(libc::setenv(k.as_ptr(), v.as_ptr(), 1)).map(drop)
         })
     })
 }
 
-pub fn unsetenv(n: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(n: &OsStr) -> io::Result<()> {
     run_with_cstr(n.as_bytes(), &|nbuf| {
         let _guard = ENV_LOCK.write();
-        cvt(unsafe { libc::unsetenv(nbuf.as_ptr()) }).map(drop)
+        cvt(libc::unsetenv(nbuf.as_ptr())).map(drop)
     })
 }
 
diff --git a/std/src/sys/pal/unsupported/os.rs b/std/src/sys/pal/unsupported/os.rs
@@ -96,11 +96,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {
     None
 }
 
-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))
 }
 
-pub fn unsetenv(_: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))
 }
 
diff --git a/std/src/sys/pal/wasi/os.rs b/std/src/sys/pal/wasi/os.rs
@@ -244,7 +244,7 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     .flatten()
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     run_with_cstr(k.as_bytes(), &|k| {
         run_with_cstr(v.as_bytes(), &|v| unsafe {
             let _guard = env_write_lock();
@@ -253,7 +253,7 @@ pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     })
 }
 
-pub fn unsetenv(n: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(n: &OsStr) -> io::Result<()> {
     run_with_cstr(n.as_bytes(), &|nbuf| unsafe {
         let _guard = env_write_lock();
         cvt(libc::unsetenv(nbuf.as_ptr())).map(drop)
diff --git a/std/src/sys/pal/windows/os.rs b/std/src/sys/pal/windows/os.rs
@@ -302,16 +302,16 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {
     .ok()
 }
 
-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
     let k = to_u16s(k)?;
     let v = to_u16s(v)?;
 
-    cvt(unsafe { c::SetEnvironmentVariableW(k.as_ptr(), v.as_ptr()) }).map(drop)
+    cvt(c::SetEnvironmentVariableW(k.as_ptr(), v.as_ptr())).map(drop)
 }
 
-pub fn unsetenv(n: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(n: &OsStr) -> io::Result<()> {
     let v = to_u16s(n)?;
-    cvt(unsafe { c::SetEnvironmentVariableW(v.as_ptr(), ptr::null()) }).map(drop)
+    cvt(c::SetEnvironmentVariableW(v.as_ptr(), ptr::null())).map(drop)
 }
 
 pub fn temp_dir() -> PathBuf {
diff --git a/std/src/sys/pal/xous/os.rs b/std/src/sys/pal/xous/os.rs
@@ -149,11 +149,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {
     None
 }
 
-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))
 }
 
-pub fn unsetenv(_: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))
 }
 
diff --git a/std/src/sys/pal/zkvm/os.rs b/std/src/sys/pal/zkvm/os.rs
@@ -115,11 +115,11 @@ pub fn getenv(varname: &OsStr) -> Option<OsString> {
     Some(OsString::from_inner(os_str::Buf { inner: u8s.to_vec() }))
 }
 
-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))
 }
 
-pub fn unsetenv(_: &OsStr) -> io::Result<()> {
+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {
     Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))
 }
 

Original file line number	Diff line number	Diff line change
`@@ -157,13 +157,13 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {`
`157`	`157`	`get_env_store().and_then(\|s\| s.lock().unwrap().get(k).cloned())`
`158`	`158`	`}`
`159`	`159`
`160`		`-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {`
	`160`	`+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {`
`161`	`161`	`let (k, v) = (k.to_owned(), v.to_owned());`
`162`	`162`	`create_env_store().lock().unwrap().insert(k, v);`
`163`	`163`	`Ok(())`
`164`	`164`	`}`
`165`	`165`
`166`		`-pub fn unsetenv(k: &OsStr) -> io::Result<()> {`
	`166`	`+pub unsafe fn unsetenv(k: &OsStr) -> io::Result<()> {`
`167`	`167`	`if let Some(env) = get_env_store() {`
`168`	`168`	`env.lock().unwrap().remove(k);`
`169`	`169`	`}`
Original file line number	Diff line number	Diff line change
`@@ -109,11 +109,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {`
`109`	`109`	`None`
`110`	`110`	`}`
`111`	`111`
`112`		`-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
	`112`	`+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
`113`	`113`	`Err(io::Error::new(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))`
`114`	`114`	`}`
`115`	`115`
`116`		`-pub fn unsetenv(_: &OsStr) -> io::Result<()> {`
	`116`	`+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {`
`117`	`117`	`Err(io::Error::new(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))`
`118`	`118`	`}`
`119`	`119`
Original file line number	Diff line number	Diff line change
`@@ -203,11 +203,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {`
`203`	`203`	`None`
`204`	`204`	`}`
`205`	`205`
`206`		`-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
	`206`	`+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
`207`	`207`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))`
`208`	`208`	`}`
`209`	`209`
`210`		`-pub fn unsetenv(_: &OsStr) -> io::Result<()> {`
	`210`	`+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {`
`211`	`211`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))`
`212`	`212`	`}`
`213`	`213`
Original file line number	Diff line number	Diff line change
`@@ -96,11 +96,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {`
`96`	`96`	`None`
`97`	`97`	`}`
`98`	`98`
`99`		`-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
	`99`	`+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
`100`	`100`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))`
`101`	`101`	`}`
`102`	`102`
`103`		`-pub fn unsetenv(_: &OsStr) -> io::Result<()> {`
	`103`	`+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {`
`104`	`104`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))`
`105`	`105`	`}`
`106`	`106`
Original file line number	Diff line number	Diff line change
`@@ -302,16 +302,16 @@ pub fn getenv(k: &OsStr) -> Option<OsString> {`
`302`	`302`	`.ok()`
`303`	`303`	`}`
`304`	`304`
`305`		`-pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {`
	`305`	`+pub unsafe fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {`
`306`	`306`	`let k = to_u16s(k)?;`
`307`	`307`	`let v = to_u16s(v)?;`
`308`	`308`
`309`		`- cvt(unsafe { c::SetEnvironmentVariableW(k.as_ptr(), v.as_ptr()) }).map(drop)`
	`309`	`+ cvt(c::SetEnvironmentVariableW(k.as_ptr(), v.as_ptr())).map(drop)`
`310`	`310`	`}`
`311`	`311`
`312`		`-pub fn unsetenv(n: &OsStr) -> io::Result<()> {`
	`312`	`+pub unsafe fn unsetenv(n: &OsStr) -> io::Result<()> {`
`313`	`313`	`let v = to_u16s(n)?;`
`314`		`- cvt(unsafe { c::SetEnvironmentVariableW(v.as_ptr(), ptr::null()) }).map(drop)`
	`314`	`+ cvt(c::SetEnvironmentVariableW(v.as_ptr(), ptr::null())).map(drop)`
`315`	`315`	`}`
`316`	`316`
`317`	`317`	`pub fn temp_dir() -> PathBuf {`
Original file line number	Diff line number	Diff line change
`@@ -149,11 +149,11 @@ pub fn getenv(_: &OsStr) -> Option<OsString> {`
`149`	`149`	`None`
`150`	`150`	`}`
`151`	`151`
`152`		`-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
	`152`	`+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
`153`	`153`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))`
`154`	`154`	`}`
`155`	`155`
`156`		`-pub fn unsetenv(_: &OsStr) -> io::Result<()> {`
	`156`	`+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {`
`157`	`157`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))`
`158`	`158`	`}`
`159`	`159`
Original file line number	Diff line number	Diff line change
`@@ -115,11 +115,11 @@ pub fn getenv(varname: &OsStr) -> Option<OsString> {`
`115`	`115`	`Some(OsString::from_inner(os_str::Buf { inner: u8s.to_vec() }))`
`116`	`116`	`}`
`117`	`117`
`118`		`-pub fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
	`118`	`+pub unsafe fn setenv(_: &OsStr, _: &OsStr) -> io::Result<()> {`
`119`	`119`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot set env vars on this platform"))`
`120`	`120`	`}`
`121`	`121`
`122`		`-pub fn unsetenv(_: &OsStr) -> io::Result<()> {`
	`122`	`+pub unsafe fn unsetenv(_: &OsStr) -> io::Result<()> {`
`123`	`123`	`Err(io::const_io_error!(io::ErrorKind::Unsupported, "cannot unset env vars on this platform"))`
`124`	`124`	`}`
`125`	`125`