| |||||||||||||
Better than POSIX?Better than POSIX?Posted Mar 17, 2009 17:50 UTC (Tue) by iabervon (subscriber, #722)Parent article: Better than POSIX?
POSIX makes no claims that, in the event of a system crash, your filesystem will be recoverable at all, or continue to contain anything in particular. If you fsync() before rename(), that will evidently satisfy ext4, but it doesn't particularly matter to POSIX; there's no reason to think that the filesystem doesn't handle rename() by atomically changing how it responds to processes, but replaces the on-disk directory entry by a 0-length inode immediately and only writes the replacement one later (limited by when you call fsync() on the directory). All that fsync() will ensure is that your new data is on your disk somewhere. This means that you would then be able to slog through /dev/sda1 and find your file contents somewhere, not that any particular filename lookup will find it for you after a system crash.
I don't see anything in POSIX to suggest that there's anything you can do in general to avoid having a window in which the on-disk mapping of names to contents is undesirable. Using fsync() is a implementation-specific hack to do something that POSIX defines to update the data that ext4 happens to care about.
(Log in to post comments)
Better than POSIX? Posted Mar 17, 2009 18:33 UTC (Tue) by ssam (subscriber, #46587) [Link]
so a perfectly good POSIX filesystem could zero the whole disk after a system crash.
but that would be bad. hence there is a journal, and tools like fsck to make sure that a system crash usually does not harm most of your data.
the journal is meant to mean that after a crash the filesystem can be recovered to a valid state, without having to sync after each write.
so ext3 is POSIX plus stuff to make a filesystem safe and useful.
|
|||||||||||||