Returning to the naming quagmire -- it occurred to me just now that it might be helpful to call this style of error reporting "soft" errors rather than "safe" errors, which'd provide a nice contrast with "hard" errors thrown by longjmp'ing. That would lead to naming all the variant functions XXXSoft not XXXSafe. There would still be commentary to the effect that "soft errors must be safe, in the sense that there's no question whether it's safe to continue processing the transaction". Anybody think that'd be an improvement?
