rustc_mir_transform/abort_unwinding_calls.rs
1use rustc_abi::ExternAbi;
2use rustc_ast::InlineAsmOptions;
3use rustc_middle::mir::*;
4use rustc_middle::span_bug;
5use rustc_middle::ty::{self, TyCtxt, layout};
6use rustc_span::sym;
7use rustc_target::spec::PanicStrategy;
8
9/// A pass that runs which is targeted at ensuring that codegen guarantees about
10/// unwinding are upheld for compilations of panic=abort programs.
11///
12/// When compiling with panic=abort codegen backends generally want to assume
13/// that all Rust-defined functions do not unwind, and it's UB if they actually
14/// do unwind. Foreign functions, however, can be declared as "may unwind" via
15/// their ABI (e.g. `extern "C-unwind"`). To uphold the guarantees that
16/// Rust-defined functions never unwind a well-behaved Rust program needs to
17/// catch unwinding from foreign functions and force them to abort.
18///
19/// This pass walks over all functions calls which may possibly unwind,
20/// and if any are found sets their cleanup to a block that aborts the process.
21/// This forces all unwinds, in panic=abort mode happening in foreign code, to
22/// trigger a process abort.
23#[derive(PartialEq)]
24pub(super) struct AbortUnwindingCalls;
25
26impl<'tcx> crate::MirPass<'tcx> for AbortUnwindingCalls {
27 fn run_pass(&self, tcx: TyCtxt<'tcx>, body: &mut Body<'tcx>) {
28 let def_id = body.source.def_id();
29 let kind = tcx.def_kind(def_id);
30
31 // We don't simplify the MIR of constants at this time because that
32 // namely results in a cyclic query when we call `tcx.type_of` below.
33 if !kind.is_fn_like() {
34 return;
35 }
36
37 // Represent whether this compilation target fundamentally doesn't
38 // support unwinding at all at an ABI level. If this the target has no
39 // support for unwinding then cleanup actions, for example, are all
40 // unnecessary and can be considered unreachable.
41 //
42 // Currently this is only true for wasm targets on panic=abort when the
43 // `exception-handling` target feature is disabled. In such a
44 // configuration it's illegal to emit exception-related instructions so
45 // it's not possible to unwind.
46 let target_supports_unwinding = !(tcx.sess.target.is_like_wasm
47 && tcx.sess.panic_strategy() == PanicStrategy::Abort
48 && !tcx.asm_target_features(def_id).contains(&sym::exception_handling));
49
50 // Here we test for this function itself whether its ABI allows
51 // unwinding or not.
52 let body_ty = tcx.type_of(def_id).skip_binder();
53 let body_abi = match body_ty.kind() {
54 ty::FnDef(..) => body_ty.fn_sig(tcx).abi(),
55 ty::Closure(..) => ExternAbi::RustCall,
56 ty::CoroutineClosure(..) => ExternAbi::RustCall,
57 ty::Coroutine(..) => ExternAbi::Rust,
58 ty::Error(_) => return,
59 _ => span_bug!(body.span, "unexpected body ty: {:?}", body_ty),
60 };
61 let body_can_unwind = layout::fn_can_unwind(tcx, Some(def_id), body_abi);
62
63 // Look in this function body for any basic blocks which are terminated
64 // with a function call, and whose function we're calling may unwind.
65 // This will filter to functions with `extern "C-unwind"` ABIs, for
66 // example.
67 for block in body.basic_blocks.as_mut() {
68 let Some(terminator) = &mut block.terminator else { continue };
69 let span = terminator.source_info.span;
70
71 // If we see an `UnwindResume` terminator inside a function then:
72 //
73 // * If the target doesn't support unwinding at all, then this is an
74 // unreachable block.
75 // * If the body cannot unwind, we need to replace it with
76 // `UnwindTerminate`.
77 if let TerminatorKind::UnwindResume = &terminator.kind {
78 if !target_supports_unwinding {
79 terminator.kind = TerminatorKind::Unreachable;
80 } else if !body_can_unwind {
81 terminator.kind = TerminatorKind::UnwindTerminate(UnwindTerminateReason::Abi);
82 }
83 }
84
85 if block.is_cleanup {
86 continue;
87 }
88
89 let call_can_unwind = match &terminator.kind {
90 TerminatorKind::Call { func, .. } => {
91 let ty = func.ty(&body.local_decls, tcx);
92 let sig = ty.fn_sig(tcx);
93 let fn_def_id = match ty.kind() {
94 ty::FnPtr(..) => None,
95 &ty::FnDef(def_id, _) => Some(def_id),
96 _ => span_bug!(span, "invalid callee of type {:?}", ty),
97 };
98 layout::fn_can_unwind(tcx, fn_def_id, sig.abi())
99 }
100 TerminatorKind::Drop { .. } => {
101 tcx.sess.opts.unstable_opts.panic_in_drop == PanicStrategy::Unwind
102 && layout::fn_can_unwind(tcx, None, ExternAbi::Rust)
103 }
104 TerminatorKind::Assert { .. } | TerminatorKind::FalseUnwind { .. } => {
105 layout::fn_can_unwind(tcx, None, ExternAbi::Rust)
106 }
107 TerminatorKind::InlineAsm { options, .. } => {
108 options.contains(InlineAsmOptions::MAY_UNWIND)
109 }
110 _ if terminator.unwind().is_some() => {
111 span_bug!(span, "unexpected terminator that may unwind {:?}", terminator)
112 }
113 _ => continue,
114 };
115
116 if !call_can_unwind || !target_supports_unwinding {
117 // If this function call can't unwind, or if the target doesn't
118 // support unwinding at all, then there's no need for it
119 // to have a landing pad. This means that we can remove any cleanup
120 // registered for it (and turn it into `UnwindAction::Unreachable`).
121 let cleanup = block.terminator_mut().unwind_mut().unwrap();
122 *cleanup = UnwindAction::Unreachable;
123 } else if !body_can_unwind
124 && matches!(terminator.unwind(), Some(UnwindAction::Continue))
125 {
126 // Otherwise if this function can unwind, then if the outer function
127 // can also unwind there's nothing to do. If the outer function
128 // can't unwind, however, we need to ensure that any `UnwindAction::Continue`
129 // is replaced with terminate. For those with `UnwindAction::Cleanup`,
130 // cleanup will still happen, and terminate will happen afterwards handled by
131 // the `UnwindResume` -> `UnwindTerminate` terminator replacement.
132 let cleanup = block.terminator_mut().unwind_mut().unwrap();
133 *cleanup = UnwindAction::Terminate(UnwindTerminateReason::Abi);
134 }
135 }
136
137 // We may have invalidated some `cleanup` blocks so clean those up now.
138 super::simplify::remove_dead_blocks(body);
139 }
140
141 fn is_required(&self) -> bool {
142 true
143 }
144}