[cairo] Refreshing the error semantics

Behdad Esfahbod behdad at behdad.org
Mon Jan 26 16:20:23 PST 2009 

Chris Wilson wrote:
> Hello all,
> Jeff Muizeilaar posed a problem recently on IRC querying why the
> font-face was being put into an error condition on calling
> cairo_scaled_font_create().
> 
> The principle behind Cairo's error handling system is that when an error
> occurs we assume the worst, fear that the object has been left in an
> inconsistent state and so mark that object as inert so that we never
> reference it again. This leads to a robust library with very clean error
> semantics that are in keeping with its minimal API.
> 
> The situation that Jeff was concerned about was that the font-face was
> being left in an error simply because we failed to allocate the scaled
> font, or even because the user passed in an invalid matrix. The latter
> is quite obviously a mistake - a missing guard in the public API.
> However the former implies distinguishing between (fatal) error
> conditions that merely affect this particular call, e.g. an allocation
> failure, versus those for which we must presume the worst and shutdown
> the parent object - for example, these could include detection of a
> corrupt font file, or a locking error. In this case, Jeff identified
> that we could use the return value of the backend call to
> scaled_font_create() to identify a fatal backend error and allow the
> callee to simply create an nil-scaled-font for any error that should be
> passed back to the user without shuting down the font-face.

The way I see it, there are three kind of errors currently:

  - Memory allocation or some other unavoidable issue.  These I don't have a
problem if we propagate generously.  Typically *if* memory allocation fails,
it's going to fail for a while.  The exception being allocating huge surfaces,
but that will only propagate to the context, which is what one would expect.

  - Programmer error.  Again, the earlier the user notices this the better.
Propagation doesn't hurt.

  - Recoverable error.  Invalid matrix fits here.  These should not be errors
to begin with.  These are bugs in the cairo implementation.

If we fix the recoverable errors to not be errors, we don't have the
propagation error anymore.

The patches look good.

behdad


> I've attached the 3 patches that convert cairo-scaled-font.c and
> cairo-ft-font.c over to this more subtle semantic and I look forward to
> the discussion!
> -ickle
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> cairo mailing list
> cairo at cairographics.org
> http://lists.cairographics.org/mailman/listinfo/cairo

More information about the cairo mailing list