Special case: evaluate R code, and it calls C++, which uses unwind
Case 1: R -> pure Rust
On Rust, a panic unwinds. It needs to be stopped before the FFI boundary.
Simply use catch_unwind()?
Case 2: R -> Rust -> C++
On C++, a C++ exception unwinds. It needs to be stopped before the FFI boundary (Rust -> C++).
But, this also happens when simple Rust -> C++ case. If the Rust crate is well-implemented, it should stop unwinding before the FFI boundary. So, we can just consider the Rust error.
Case 3: R -> Rust -> R API
On R, an R error causes longjmp.
It seems this can be handled by R_UnwindProtect(), more specifically, write a tiny C function that wraps R_UnwindProtect() and calls the C function via FFI (blog post)
So, as long as all the R APIs that possibly cause unwinding is wrapped by the C function, it should be safe. And, savvy uses very limited amount of R APIs, so it should be the case.
Case 4: R -> Rust -> R API -> R function -> C++
On C++, a C++ exception unwinds.
But, this also happens when simple R -> C++ case. So, if the R package is well-implemented, it should stop unwinding before the FFI boundary. So, we can just consider the R error.
Case 1: R -> pure Rust
catch_unwind()
?Case 2: R -> Rust -> C++
Case 3: R -> Rust -> R API
R_UnwindProtect()
, more specifically, write a tiny C function that wrapsR_UnwindProtect()
and calls the C function via FFI (blog post)Case 4: R -> Rust -> R API -> R function -> C++