Attacking me makes you more juvenile.

I repeat, 1234567890 is not converted on 2234567890 due to errors on your hard disk, and this is not not happening all the time as kebabbert says (this was my main reply), and even on memory errors your hardware controller and your OS protects you. Yeah silent errors exits, but is not easy to see them.

You are guessing that simple errors lead to data corruption and this is not true!!

I would expect ZFS and data checksumming being actually of more use for home users, who run on cheap commodity hardware (often self-assembled) with little error correction & detection (yes, the disk drives do do error correction, even the cheap ones, but none of the other components do) and with buggy firmware.

I read an interesting article about memory errors a while back. I think it was either on the ZFS mailing lists or linked from there; from what I remember they found that there were basically two types of memory, some would give essentially no errors and the other would give lots of errors, and nothing much in between. So for a robust system the best solution was to throw out any DIMM which had memory errors until you ended up with a set that didn't.

file A is on disk.

You want to rename it to B.

You call rename(). A crash at the wrong moment and both are gone. r there is a file A or B. But it contents? Gone. That is a fucking braindead idiocy.

POSIX is crap anyway (windows NT is posix compliant too... yeah..)

In reality data is sacrosanct. Nuking it is not an option. A FS nuking data is fucking broken by fucking design.

Fsync() is evil.

I mean, really, truly, horribly, satanically evil.

Flushing data on my laptop forces the disk to spin up just to write a file that I probably don't care that much about, thereby wasting my battery power. Flushing data on an ecommerce database server, on the other hand, is probably vital to ensure that databases are kept up to date.

But that's a system configuration choice, and should not ever be something that applications randomly decide to do. If I don't care that I might lose the last five minutes of files when I crash, then Firefox shouldn't be calling fsync() every time I visit a new web page. But it does because there are so many crappy filesystems which will corrupt your files if you crash before everything has been flushed to disk.

Having every application decide whether to force a write to the disk and waste my battery power is simply braindead. Filesystems should behave in a sensible manner so that we don't need this kind of hackery to make them work the way they should have worked in the first place. If I have file A on disk and I edit it and write it out, then the filesystem should be able to ensure that when I read it back after a reboot it will either be file A or file B and not an empty file or some corrupted mixture of the two. Anything else is unacceptable in a general use filesystem (special use filesystems may well prefer speed to consistency and be able to handle corruption issues).