Skip to content

Use fatalError instead of precondition for missing permissions on .create#307

Open
adityasingh2400 wants to merge 1 commit into
apple:mainfrom
adityasingh2400:fix-issue-78
Open

Use fatalError instead of precondition for missing permissions on .create#307
adityasingh2400 wants to merge 1 commit into
apple:mainfrom
adityasingh2400:fix-issue-78

Conversation

@adityasingh2400
Copy link
Copy Markdown

@adityasingh2400 adityasingh2400 commented May 29, 2026

Problem

FileDescriptor.open(_:_:options:permissions:retryOnInterrupt:) traps when
options contains .create but permissions is nil. As reported in #78,
this trap was raised with precondition, whose failure message can be elided
in optimized builds. When that happens the program aborts without any
indication of why, forcing users to dig through the source to discover that
.create requires a non-nil permissions value.

The reporter concluded this is a programmer error (so throws is not
appropriate), but that the crash should still carry a clear message in the
crash dump.

Change

  • Replace the precondition(!options.contains(.create), ...) check in the
    internal _open implementation with an explicit
    if options.contains(.create) { fatalError(...) }. Unlike precondition,
    fatalError always fires and always prints its message regardless of
    optimization level, so the diagnostic is guaranteed to appear in the crash
    dump.
  • Use a descriptive message:
    "FileDescriptor.open: 'permissions' must not be nil when 'options' contains '.create'".
  • Document the trapping behavior in the permissions: parameter docs of the
    three public open overloads, so the requirement is discoverable from the
    API reference.

The change is confined to the existing trapping code path; no public API,
signatures, or non-trapping behavior change.

Verification

  • swift build succeeds (forced recompile of FileOperations.swift).
  • swift test --filter FileOperationsTest passes: 8/8 tests.
  • Full suite passes except TemporaryPathTest.testNotInSlashTmp, which is an
    environmental failure unrelated to this change (it asserts the temp dir is
    not under /tmp, and fails identically on an unmodified checkout when the
    test process runs from /tmp).

Fixes #78

@adityasingh2400
Replace precondition with fatalError for missing permissions on .create
9589c2d 
FileDescriptor.open traps when options contains .create but permissions
is nil. The previous precondition could elide its message in optimized
builds, leaving users to hunt through source to diagnose the crash.
Use fatalError with a descriptive message so the reason is always
present in the crash dump, and document the trapping behavior.

Fixes apple#78
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glessard glessard Awaiting requested review from glessard glessard is a code owner

@lorentey lorentey Awaiting requested review from lorentey lorentey is a code owner

@milseman milseman Awaiting requested review from milseman milseman is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

FileDescriptor.open(_:_:options:permissions:retryOnInterrupt:) should print an error message when trapping on unspecified permissions

1 participant

@adityasingh2400