Posted Mar 17, 2009 17:50 UTC (Tue) by iabervon (subscriber, #722)
Parent article: Better than POSIX?
POSIX makes no claims that, in the event of a system crash, your filesystem will be recoverable at all, or continue to contain anything in particular. If you fsync() before rename(), that will evidently satisfy ext4, but it doesn't particularly matter to POSIX; there's no reason to think that the filesystem doesn't handle rename() by atomically changing how it responds to processes, but replaces the on-disk directory entry by a 0-length inode immediately and only writes the replacement one later (limited by when you call fsync() on the directory). All that fsync() will ensure is that your new data is on your disk somewhere. This means that you would then be able to slog through /dev/sda1 and find your file contents somewhere, not that any particular filename lookup will find it for you after a system crash.
I don't see anything in POSIX to suggest that there's anything you can do in general to avoid having a window in which the on-disk mapping of names to contents is undesirable. Using fsync() is a implementation-specific hack to do something that POSIX defines to update the data that ext4 happens to care about.