Unwind

[yutannihilation]

• Call Rust function from R session
  • The Rust function is pure Rust
  • The Rust function calls C++, which uses unwind
  • The Rust function calls R API, which uses longjmp
    • Special case: evaluate R code, and it calls C++, which uses unwind

---

Case 1: R -> pure Rust

• On Rust, a panic unwinds. It needs to be stopped before the FFI boundary.
• Simply use catch_unwind()?

Case 2: R -> Rust -> C++

• On C++, a C++ exception unwinds. It needs to be stopped before the FFI boundary (Rust -> C++).
• But, this also happens when simple Rust -> C++ case. If the Rust crate is well-implemented, it should stop unwinding before the FFI boundary. So, we can just consider the Rust error.

Case 3: R -> Rust -> R API

• On R, an R error causes longjmp.
• It seems this can be handled by R_UnwindProtect(), more specifically, write a tiny C function that wraps R_UnwindProtect() and calls the C function via FFI (blog post)
• So, as long as all the R APIs that possibly cause unwinding is wrapped by the C function, it should be safe. And, savvy uses very limited amount of R APIs, so it should be the case.

Case 4: R -> Rust -> R API -> R function -> C++

• On C++, a C++ exception unwinds.
• But, this also happens when simple R -> C++ case. So, if the R package is well-implemented, it should stop unwinding before the FFI boundary. So, we can just consider the R error.

[yutannihilation]

So, in summary, if I ignore case 2 and 4 (because it's not my responsibility), there's no unwind over any FFI boundary...?