It simply involves putting rename replacement undo records in the
filesystem journal, and on recovery, after rolling the journal forward,
undo-ing any rename replacements for which the data of the replacement
version did not make it to disk. See discussion in comments to Ted's
recent blog entries on the subject for more information.
This could be done with O_TRUNC too, but that would be much more complex,
and contra-Linus I don't see how anyone can rationally expect not to get a
zero length file on recovery if an application explicitly specifies that is
what it wants (before proceeding further).
Posted Apr 1, 2009 6:48 UTC (Wed)
by bojan (subscriber, #14302)
[Link]
Posted Apr 3, 2009 21:43 UTC (Fri)
by spitzak (guest, #4593)
[Link]
My opinion on this: POSIX guarantees if you write & close a file and rename it, anybody trying to open the destination name will either see the old data or the new data, not anything else (such as an empty file). POSIX says "I don't guarantee anything on a crash". But the whole point of ext4 is to "guarantee" something. I do not see any logical reason for this guarantee to be something other than what POSIX guarantees while it is running. So the current behavior of ext4 on a crash is wrong.
Reliable, fast rename replacements
Reliable, fast rename replacements
Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds