Add ALTREP guard to prevent unsafe R calls from ALTREP methods

[Copilot]

rapi_error_with_context() jumps into R, which is unsafe from ALTREP method callbacks and can cause stack overflows.

Changes

• AltrepGuard class (src/include/rapi.hpp): Thread-local RAII guard with depth counter to track ALTREP method execution context
• rapi_error_with_context() modification (src/utils.cpp): When guard is active, throws std::runtime_error instead of calling into R. The BEGIN_CPP11/END_CPP11 macros catch this and convert to R error safely.
• Guard activation (src/reltoaltrep.cpp): Added AltrepGuard guard; to all 11 ALTREP method callbacks

Example

// In ALTREP method callback
R_xlen_t RelToAltrep::VectorLength(SEXP x) {
    BEGIN_CPP11
    AltrepGuard guard;  // Activates guard for this scope
    return AltrepVectorWrapper::Get(x)->rel->GetQueryResult()->RowCount();
    // If GetQueryResult() calls rapi_error_with_context(), 
    // it now throws instead of calling R
    END_CPP11_EX(0)
}

Error messages change from multi-line format to Context: Message but retain same information.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• cloud.r-project.org
  • Triggering command: /opt/R/4.5.2/lib/R/bin/exec/R /opt/R/4.5.2/lib/R/bin/exec/R -q -e options(repos~+~=~+~c(CRAN~+~=~+~'REDACTED'));~+~install.packages(c('DBI',~+~'testthat',~+~'cpp11',~+~'rlang'),~+~type='source') (dns block)
• cran.r-project.org
  • Triggering command: /opt/R/4.5.2/lib/R/bin/exec/R /opt/R/4.5.2/lib/R/bin/exec/R -q -e install.packages(c('DBI',~+~'testthat',~+~'cpp11',~+~'rlang'),~+~repos='REDACTED') (dns block)
  • Triggering command: /usr/bin/curl curl -sI REDACTED (dns block)
• p3m.dev
  • Triggering command: /opt/R/4.5.2/lib/R/bin/exec/R /opt/R/4.5.2/lib/R/bin/exec/R -q -e options(repos~+~=~+~c(CRAN~+~=~+~'REDACTED'));~+~install.packages(c('DBI',~+~'testthat',~+~'cpp11',~+~'rlang')) (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Calling rapi_error_with_context() is unsafe from ALTREP methods</issue_title>
<issue_description>rapi_error_with_context() jumps into R, this appears to be unsafe or unsupported for ALTREP methods. I have seen stack overflows occur from this.

Define a guard that is activated whenever an ALTREP method is entered. Query this guard in rapi_error_with_context() and fall back to throwing an exception instead of calling into R via rapi_error() .</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Calling rapi_error_with_context() is unsafe from ALTREP methods #1796

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.