fix: document env mutation safety

Copilot · youknowone · web-flow · commit 3e07345df7ad · 2026-04-14T01:49:26.000Z
Agent-Logs-Url: https://github.com/RustPython/RustPython/sessions/d96f57e1-b196-4460-9983-97d5ff118835 Co-authored-by: youknowone <69878+youknowone@users.noreply.github.com>
diff --git a/crates/common/src/refcount.rs b/crates/common/src/refcount.rs
@@ -17,9 +17,10 @@ const WEAK_COUNT: usize = 1 << STRONG_WIDTH;
 #[cold]
 fn refcount_overflow() -> ! {
     #[cfg(feature = "std")]
+    // SAFETY: abort terminates the process immediately and does not return.
     unsafe {
         libc::abort()
-    }
+    };
     #[cfg(not(feature = "std"))]
     core::panic!("refcount overflow");
 }
diff --git a/crates/host_env/src/os.rs b/crates/host_env/src/os.rs
@@ -48,11 +48,17 @@ pub fn vars_os() -> env::VarsOs {
     env::vars_os()
 }
 
-pub fn set_var(key: impl AsRef<OsStr>, value: impl AsRef<OsStr>) {
+/// # Safety
+/// The caller must ensure no other threads can concurrently read or write
+/// the process environment while this mutation is performed.
+pub unsafe fn set_var(key: impl AsRef<OsStr>, value: impl AsRef<OsStr>) {
     unsafe { env::set_var(key, value) };
 }
 
-pub fn remove_var(key: impl AsRef<OsStr>) {
+/// # Safety
+/// The caller must ensure no other threads can concurrently read or write
+/// the process environment while this mutation is performed.
+pub unsafe fn remove_var(key: impl AsRef<OsStr>) {
     unsafe { env::remove_var(key) };
 }
 
diff --git a/crates/vm/src/stdlib/os.rs b/crates/vm/src/stdlib/os.rs
@@ -544,7 +544,7 @@ pub(super) mod _os {
         let key = super::bytes_as_os_str(key, vm)?;
         let value = super::bytes_as_os_str(value, vm)?;
         // SAFETY: requirements forwarded from the caller
-        crate::host_env::os::set_var(key, value);
+        unsafe { crate::host_env::os::set_var(key, value) };
         Ok(())
     }
 
@@ -596,7 +596,7 @@ pub(super) mod _os {
         }
         let key = super::bytes_as_os_str(key, vm)?;
         // SAFETY: requirements forwarded from the caller
-        crate::host_env::os::remove_var(key);
+        unsafe { crate::host_env::os::remove_var(key) };
         Ok(())
     }
 

Original file line number	Diff line number	Diff line change
`@@ -48,11 +48,17 @@ pub fn vars_os() -> env::VarsOs {`
`48`	`48`	`env::vars_os()`
`49`	`49`	`}`
`50`	`50`
`51`		`-pub fn set_var(key: impl AsRef<OsStr>, value: impl AsRef<OsStr>) {`
	`51`	`+/// # Safety`
	`52`	`+/// The caller must ensure no other threads can concurrently read or write`
	`53`	`+/// the process environment while this mutation is performed.`
	`54`	`+pub unsafe fn set_var(key: impl AsRef<OsStr>, value: impl AsRef<OsStr>) {`
`52`	`55`	`unsafe { env::set_var(key, value) };`
`53`	`56`	`}`
`54`	`57`
`55`		`-pub fn remove_var(key: impl AsRef<OsStr>) {`
	`58`	`+/// # Safety`
	`59`	`+/// The caller must ensure no other threads can concurrently read or write`
	`60`	`+/// the process environment while this mutation is performed.`
	`61`	`+pub unsafe fn remove_var(key: impl AsRef<OsStr>) {`
`56`	`62`	`unsafe { env::remove_var(key) };`
`57`	`63`	`}`
`58`	`64`
Original file line number	Diff line number	Diff line change
`@@ -544,7 +544,7 @@ pub(super) mod _os {`
`544`	`544`	`let key = super::bytes_as_os_str(key, vm)?;`
`545`	`545`	`let value = super::bytes_as_os_str(value, vm)?;`
`546`	`546`	`// SAFETY: requirements forwarded from the caller`
`547`		`- crate::host_env::os::set_var(key, value);`
	`547`	`+ unsafe { crate::host_env::os::set_var(key, value) };`
`548`	`548`	`Ok(())`
`549`	`549`	`}`
`550`	`550`
`@@ -596,7 +596,7 @@ pub(super) mod _os {`
`596`	`596`	`}`
`597`	`597`	`let key = super::bytes_as_os_str(key, vm)?;`
`598`	`598`	`// SAFETY: requirements forwarded from the caller`
`599`		`- crate::host_env::os::remove_var(key);`
	`599`	`+ unsafe { crate::host_env::os::remove_var(key) };`
`600`	`600`	`Ok(())`
`601`	`601`	`}`
`602`	`602`