[Monodevelop-devel] Atomic file write API

[Michael Hutchinson]

An issue that has recently gained prominence is reliability of file
writes on Ext4:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/317781/comments/54
http://mjg59.livejournal.com/108257.html?view=1320929
After writing a changed file to disk and the system crashes before the
changes are flushed from the OS or disk buffers, files can be left in
a corrupted state.

The MonoDevelop.Projects TextFile API, in addition to (partially)
handling file encoding detection, has a file save API that attempts to
solve this problem by writing the new file contents to a temp file and
then using a POSIX call to rename the changed file over the old one.
Unfortunately, I often see code in MD that doesn't use this API.
Indeed, it's impossible to use it from MonoDevelop.Core, so I had to
replicate the functionality there some time ago.

Worse, as described in the posts linked above, this sequence of
operations isn't guaranteed to be safe on POSIX.

I think we should add an FileStream-based API to MonoDevelop.Core for
handling this, with several other features:
* Levels of reliability: fsync, renaming, unsafe
* Option to create backup files, with automatic fallbacks to backups
when loading damaged settings files
* Autosave to temp files, and prompting the user for recovery of
autosaved or damaged files after a crash

Another advantage of having this code in a centralised location is
that it would be easy to use alternatives as they become available,
e.g. transactional NTFS on Windows Vista
(http://code.msdn.microsoft.com/txfmanaged).

Thoughts?

-- 
Michael Hutchinson
http://mjhutchinson.com