Document the need to handle the underlying error source explicitly

[edmorley]

Hi! Thank you for this crate.

I recently tried migrating one of my projects from fs to fs-err.

Given the README says:

fs-err is a drop-in replacement for std::fs that provides more helpful messages on errors. Extra information includes which operations was attempted and any involved paths.

...and then gives examples like:

failed to open file `does not exist.txt`
    caused by: The system cannot find the file specified. (os error 2)

...I was expecting the error messages to include additional information out of the box, and for their display representation to look like the above.

However, I found that it actually made our project's user-facing error messages worse in many cases (for an example, see heroku/buildpacks-python#270), since the underlying cause is no longer printed, and now only the operation and filename was. Printing the debug representation showed the underlying error existed, but under source.

Searching for the caused by line shown in the README examples, I found it didn't originate in the display representation in fs-err, but instead is a feature of e.g. anyhow:
https://github.com/dtolnay/anyhow/blob/afe93e7b167d069ac79f2c7f363b919d3793e6ce/src/fmt.rs#L30

This was surprising, since anyhow isn't mentioned in the README.

I was going to file a bug/feature request about including source in the top-level error's display representation, however, found #51 which suggests not including it is by design.

I get the reasoning in that issue (so I'm not necessarily suggesting the fs-err behaviour should be changed), however, this means fs-err isn't quite the drop-in replacement it says it is, and at the very least, I think the README should mention that consumers need to adjust their error logging to print the error source too, if they are not using a library that does it for them (like anyhow).

[schneems]

I was bit by this behavior recently as well. I had it on my backlog to file an issue about it, but I see Ed already has. Thanks Ed. I'll add my experiences:

I've been advocating for migrating more projects over to fs_err and didn't actually realize it was eating the original error message. I.e. this code will panic:

let temp = tempfile::tempdir().unwrap();
let path = temp.path().join("doesnotexist.txt");

let result = std::fs::read(&path);
let error_string = match result {
    Ok(_) => panic!("Expected an error"),
    Err(e) => format!("{e}"),
};

let result = fs_err::read(&path);
let fs_error_string = match result {
    Ok(_) => panic!("Expected an error"),
    Err(e) => format!("{e}"),
};

assert!(
    fs_error_string.contains(&error_string),
    "Expected FS error '{fs_error_string}' to contain '{error_string}' but it did not"
);

with

Expected FS error 'failed to open file `/var/folders/yr/yytf3z3n3q336f1tj2b2j0gw0000gn/T/.tmpkzhKG9/doesnotexist.txt`' to contain 'No such file or directory (os error 2)' but it did not

The main motivation for switching to fs_err (for me) is to reduce time spent debugging so we don't have to hunt for which file failed to do what operation. However without the original error text we now have to do additional debugging to determine if it's because that file doesn't exist or if permissions don't allow it etc.

Moving forwards

Adding docs to spell out the behavior and explicit recommendations could be good. We could also introduce some behavior changes behind feature flags.

If we wanted to preserve the existing default the feature could be include_source and adding that flag would add back in the original error message. If we're open to a change in defaults then I would suggest printing it by default and then letting anyhow users discover there's a hide_source feature they could toggle on to not get duplicate information.

I'm biased in that this is my main use case (not using anyhow), I also think if you consider the two failure modes it's better to have duplicate information that someone can look up docs for how to disable than it is to have insufficient information and not realize they're missing anything. I am therefore advocating for:

• Changing the default behavior to show the source
• Adding a hide_source feature flag
• Document the new flag and behavior
• Rev a major version (if we want to be really safe, anyhow users would be more likely to look at the changelog and use the new flag if they desire)

What do you think @andrewhickman? Would you be willing to review a PR for something like that?

[andrewhickman]

Sorry for the late reply, I've been struggling to decide what the correct behaviour is here. I think I'm convinced that the flag in #60 is the correct behaviour, I'll probably release it with a major version bump since it is technically a breaking change.

I'm still pondering on the feature flag name - anyhow feels unintuitive since its not adding a dependency on the anyhow crate. Perhaps something that emphasizes that it causes the Error::source method to start returning something (since features are supposed to be additive), like include_error_source?

[schneems]

Short: I agree "anyhow" isn't great. Something implementation hinting like include_error_source only makes sense in half the internals. I like a "behavior" focused feature name. I'm leaning towards custom_caused_by to hint that the thing it enables is giving control of "caused by" output to the caller to customize it however they like.

Long:
While implementing this, one semantic sticking point seems to be the feature's name versus the two different toggles (returning Some from source() versus displaying the error on Display).

What I mean by that is include_error_source could be interpreted as either "include error source in the display" or "include error source in Error::source()`. But because the feature enables one and disables the other, it will always seem "off" when we view one piece of code in isolation, for example:

        #[cfg(not(feature = "include_error_source"))]
        write!(formatter, "    caused by: {}", self.source)?;

It seems slightly odd that we emit the error source only when include_error_source is not enabled.

I reached for "anyhow" as it conveyed less implementation detail, and more user intent, but I also agree that if no one uses "anyhow" in 5 years, it would become an anachronism (or a Skeuomorph like the using a floppy as the save icon).

For naming problems (a historically difficult thing in computer science), I like to come up with as many possible combinations as possible. In brainstorming, quantity has a quality all of its own.

Behavior:

• caller_source_display
• wrapper_source_display
• error_source_control
• manual_cause_by
• cause_by_control
• control_cause_by
• manage_caused_by
• bespoke_caused_by
• custom_caused_by
• something else

Literal implications:

• some_source_skip_display
• include_error_source
• some_error_source
• something else

Esoteric:

• error_sauce
• anyhow
• something else

I'm open to other ideas. A thesaurus can help inspire variations as well. I'm still leaning towards the "behavior" category as it gives us a little room to adjust implementation decisions if needed in the future. I like "caused by" as that's how the end user will experience a difference (and pulling from language used in the current readme).

I'm trying to talk through my thought process, ultimately you're the maintainer and I'll go with whatever you decide.

Edit: Had a moment of Semantic satiation and accidentally swapped "caused" with "called" in my original post. I just fixed it.

[schneems]

I marked #60 as ready for review

[andrewhickman]

#60 is released in version 3.0.0 🥳