From 891e852286dabdc2dfda70b00d5325546a939a62 Mon Sep 17 00:00:00 2001
From: dearblue <dearblue@users.osdn.me>
Date: Sun, 18 Apr 2021 12:47:31 +0900
Subject: Introducing the `mrb_protect_raw()` API function

The purpose is two-fold:

 1. to be able to specify a pointer directly when user data is used

    When using `mrb_protect()`, it is necessary to allocate objects by `mrb_obj_cptr()` function when using user data.

    Adding `mrb_protect_raw()` will make it simpler to reimplement `mrbgems/mruby-error`.

 2. to correctly unwind callinfo when an exception is raised from a C function defined as a method (the main topic)

    If a method call is made directly under `mrb_protect()` and a C function is called, control is returned from `mrb_protect()` if an exception occurs there.
    In this case, callinfo is not restored, so it is out of sync.
    Moreover, returning to mruby VM (`mrb_vm_exec()` function) in this state will indicate `ci->pc` of C function which is equal to `NULL`, and subsequent `JUMP` will cause `SIGSEGV`.

    Following is an example that actually causes `SIGSEGV`:

    - `crash.c`

      ```c
      #include <mruby.h>
      #include <mruby/compile.h>
      #include <mruby/error.h>

      static mrb_value
      level1_body(mrb_state *mrb, mrb_value self)
      {
        return mrb_funcall(mrb, self, "level2", 0);
      }

      static mrb_value
      level1(mrb_state *mrb, mrb_value self)
      {
        return mrb_protect(mrb, level1_body, self, NULL);
      }

      static mrb_value
      level2(mrb_state *mrb, mrb_value self)
      {
        mrb_raise(mrb, E_RUNTIME_ERROR, "error!");
        return mrb_nil_value();
      }

      int
      main(int argc, char *argv[])
      {
        mrb_state *mrb = mrb_open();
        mrb_define_method(mrb, mrb->object_class, "level1", level1, MRB_ARGS_NONE());
        mrb_define_method(mrb, mrb->object_class, "level2", level2, MRB_ARGS_NONE());
        mrb_p(mrb, mrb_load_string(mrb, "p level1"));
        mrb_close(mrb);
        return 0;
      }
      ```

    - compile & run

      ```console
      % `bin/mruby-config --cc --cflags --ldflags` crash.c `bin/mruby-config --libs`

      % ./a.out
      zsh: segmentation fault (core dumped)  ./a.out
      ```

    After applying this patch, it will print exception object and exit normally.

The `mrb_protect()`, `mrb_ensure()` and `mrb_rescue_exceptions()` in `mrbgems/mruby-error` have been rewritten using `mrb_protect_raw()`.
---
 include/mruby/error.h | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'include')

diff --git a/include/mruby/error.h b/include/mruby/error.h
index 1d550e415..0d5b93c7c 100644
--- a/include/mruby/error.h
+++ b/include/mruby/error.h
@@ -132,6 +132,14 @@ MRB_API mrb_value mrb_rescue_exceptions(mrb_state *mrb, mrb_func_t body, mrb_val
                                         mrb_func_t rescue, mrb_value r_data,
                                         mrb_int len, struct RClass **classes);
 
+typedef mrb_value mrb_protect_raw_func(mrb_state *mrb, void *userdata);
+
+/**
+ * This API function behaves like `mrb_protect()`.
+ * The advantage is that it avoids objectifying the user data.
+ */
+MRB_API mrb_value mrb_protect_raw(mrb_state *mrb, mrb_protect_raw_func *body, void *userdata, mrb_bool *error);
+
 MRB_END_DECL
 
 #endif  /* MRUBY_ERROR_H */
-- 
cgit v1.2.3