Expand description
fsx — the one atomic, durable file write for db.md’s primary data.
Every store-state file that holds primary data — content records
(crate::parser::write_file), log.md and its archives (crate::log),
and in-place link rewrites — is replaced through write_atomic:
- write the bytes to a uniquely-named sibling temp file in the same
directory (
create_new, so a predictable temp name can never be clobbered — closing the temp-clobber race); fsyncthe temp file;renameit over the destination (atomic on a single filesystem, so a concurrent reader never observes a half-written file);fsyncthe parent directory so the rename survives a crash.
This is the single primitive for durable writes — never std::fs::write,
which is neither atomic nor crash-durable.
Not for the index. index.md / index.jsonl are derived, rebuildable
artifacts on the O(changed) write-through path; they use their own
atomic-but-not-fsync’d writer (crate::index’s AtomicTemp) on purpose
— a crash-lost index write is recovered by dbmd index rebuild, so paying an
fsync per catalog update on the hot loop would be cost without benefit.
Functions§
- write_
atomic - Atomically and durably replace
pathwithbytes(see the module docs for the write/fsync/rename/fsync sequence). The parent directory is created if missing. On a rename failure the temp file is cleaned up rather than leaked.