The following exchange is typical of many that cross the gcc list, and
thus, at least iconically, it represents a lot of people's time and
money.
If the project was using `arch', I think you'd have an easier time.

Since it is cheap and easy to create branches (spanning repositories),
you (per) would have the option of forking the trunk and committing
your changes there. By hand, or (better), automatically given some
infrastructure work first, as the trunk evolves, you could have the
evolving trunk re-merged nightly with your changes so that any
conflicts are noticed early, giving you some flexibility about when
you fix them (or about who fixes them). When the freeze is off,
merging the changes back to the trunk would go smoothly. (Of course
you can do similar things using any revision control system, arch
simply makes it easier than most and is designed with infrastructure
automation in mind.)

I've been thinking it makes sense to automate things as follows
(though feedback from gcc developers might change my mind):

*) developers have their own repositories

Particularly, developers working on new features rather than those
doing release integration/engineering. One advantage of this is
that each feature developer can work on a branch of the trunk, using
`star-merge' as described above, to catch conflicts as early as
desired. Another advantage is that feature developers can decide to
merge their branches with one another early, simplifying integration
into the trunk down the road -- shortening freeze periods. Another
advantage is that early adopters of features can gain access to them
earlier, more easily.


*) the gcc web site catalogs all those repositories

You can browse and review features under development, for example.
You can get email notifications as a feature evolves. You can run a
cron job that will detect (early) when two features-in-progress
touch overlapping files and are likely to conflict. These features
can be offered even to developers who do not have write access to
the primary repository.


*) favored developers get automated testing

By adding a header field to some of your log messages, you can
trigger overnight testing of your branches. This facility can be
safely extended even to developers who do not have write access to
the primary repository -- and in that way, it can reduce the
workload on those who do have write access and have the job of
merging in other people's patches.


*) trunk merges get automated vetting

By adding a header field to some of your log messages, you can
declare that a branch is ready to be merged into the trunk.
This implies, for example, that you have resolved all conflicts
on your branch -- that if the trunk remains stable, the merge will
be clean. Automatically, then, the merge can be validated and
tested before, finally, being committed to the trunk.

Of course, if two developers publish conflicting changes at the same
time, human intervention is necessary for at least one of those
change sets -- but here, too, arch can help: by helping to
automatically detect the condition, to notify the relevant
developers, and to provide them with good tools for fixing the
conflicts.


I also note that "CVS is wedged" posts occur frequently on the gcc
list. With a modest up-front investment to finish `arch 1.0' and test
the heck out it, I think it is clear (from the designs of both
systems), that arch's admin costs will be lower -- repositories will
break less often (and perhaps, essentially, never). There has been
some sentiment on this list to move to svn -- I encourage design
inspections and comparisons (contemplating admin costs and robustness)
there as well.

Finally,
Such testing is straightforward to automate with arch and a status
inquiry like this one should be answered by automatically generated
web pages.


-t

I think if one is going to try and promote a source management system,
I'm pretty sure performance alone would be enough to convince a lot of
people.

After using bitkeeper for just a week or two, I nearly stopped doing
much GCC development simply because CVS is such a dinosaur. It's like
driving a model-T on a US interstate highway or the autobahn. It's
truly that painful to use.

So if arch can provide the same kind of improvement, promote that part
of it.

DJ Delorie <***@redhat.com> writes:

[...]
Not on the central repository, no. But it might be that people
(people without write access to the main repository) could usefully
keep branches on their own repository (perhaps merging the patches in
at some stage). With CVS, that's not possible, but with a distributed
CM system it would be.
It doesn't handle renaming files or directories. There are ways to do
both, but you lose something, whatever you choose to do.

There is one situation that used to come up a lot which is CVS's
fault: a 'cvs server' process dies without removing its lock files,
wedging that directory for everyone else until it's manually removed.
I believe this has been dealt with by some patches to the server plus
a cron job that looks for stale locks; however, a version control
system that could not get into a wedged state like that would be useful.
CVS makes working on branches quite difficult. I suspect that a
system that made it easier would mean that people were a bit more
comfortable about doing development on branches for long periods of
time.
This is a strength, but with a downside -- patches can and do get
lost. We advise people to re-send patches at intervals, but some
sort of automated patch-tracker would probably be helpful. I don't
think the version control system can help much here (but see below).
I do a fair amount of by-hand work merging the trunk into the
basic-improvements-branch. Some, but not all, of that work could be
facilitated with a better version control system. See below.
I have several changes in mind which I have not done largely because
CVS lacks the ability to version renames. To be specific: move cpplib
to the top level; move gcc/intl to the top level and sync it with the
version of that directory in the src repository; move the C front end
to a language subdirectory like the others; move the Ada runtime
library to the top level.

I'm not saying that I would definitely have done all of these changes
by now if we were using a version control system that handled renames;
only that the lack of rename support is a major barrier to them.

* * *

I'm now going to list the requirements which I would place on a
replacement for CVS, in rough decreasing order of importance. I
haven't done any research to back them up -- this is just off the top
of my head (but having thought about the issue quite a bit).

0. Must be at least as reliable and at least as portable as CVS. GCC
is a very large development effort. We can't afford to lose
contributors because their preferred platform is shut out, nor can
we afford to lose work due to bugs, and we *especially* cannot risk
a system which has not been audited for security exposures. It
would be relatively easy to give much stronger data integrity
guarantees than CVS currently manages:

0a. All data stored in the repository is under an end-to-end
checksum. All data transmitted over the network is independently
checksummed (yes, redundant with TCP-layer checksums). CVS does
no checksumming at all.

0b. Anonymous repository access is done under a user ID that has only
OS-level read privileges on the repository's files. This cannot
be done with (unpatched) CVS.

0c. Remote write operations on the repository intrinsically require
the use of a protocol which makes strong cryptographic integrity
and authority guarantees. CVS can be set up like this, but it's
not built into the design.

0d. The data stored in the repository cannot be modified by
unprivileged local users except by going through the version
control system. Presently I could take 'vi' to one of the ,v
files in /cvs/gcc and break it thoroughly, or sneak something into
the file content, and leave no trace.

1. Must be at least as fast as CVS for all operations, and should be
substantially faster for all operations where CVS uses a braindead
algorithm. I would venture to guess that everyone's #1 complaint
about CVS is the amount of time we waste waiting for it to complete
this or that request. To be more specific:

1a. Efficient network protocol. Specifically, a network protocol that,
for *all* operations, transmits a volume of data proportional --
with a small constant! -- to the size of the diff involved, *not*
the total size of all the files touched by the diff involved, as
CVS does.

1b. Efficient tags and branches. It should be possible to create
either by creating *one* metadata record, rather than touching
every single file in the repository.

1c. Efficient delta storage algorithm, such that checking in a change
on the tip of a branch is not orders of magnitude slower than
checking in a change on the tip of the trunk. There are several
sane ways to do this.

1d. Efficient method for extracting a logical change after the fact,
no matter how many files it touched. (Currently the easiest way
to do this is: hunt through the gcc-cvs archive until you find the
message describing the checkin you care about, then use wget on
all of the per-file diff URLs in the list and glue them all
together. Slow, painful, doesn't always work.)

2. Should support this laundry list of features, none of which is
known to CVS. Most of them would be useful independent of the
others, though there's not much point to 2b without 2a, nor 2e
without 2d.

2a. Atomic application of a logical change that touches many files,
possibly not all in the same directory. (This is commonly known as
a "change set".) One checkin log per change set is adequate.

2b. Ability to back out an entire change set just as atomically as it
went in.

2c. Ability to rename a file, including the ability for a file to have
different names on different branches.

2d. Automatically remember that a merge occurred from branch A to
branch B; later, when a second merge occurs from A to B, don't
apply those changes again.

2e. Understand the notion of a single-delta merge, either applying
just one change from branch A to branch B, or removing just one
change formerly on branch A ("subtractive merge").

2f. Perform conflict resolution by automatic formation of
microbranches.

3. Should allow a user without commit privileges to generate a change
set, making arbitrary changes to the repository (none of this "you
can edit files and generate diffs but you can't add or delete
files" nonsense), which can be applied by a user who does have
commit privileges, and when the original author does an update
he/she doesn't get spurious conflicts.

4. The repository's on-disk data should be stored in a highly compact
format, to the maximum extent possible and consonant with being
fast. Being fast is much more important; however, GCC's CVS
repository is ~800MB in size and compresses down to ~100MB. You
can do interesting things (like keep a copy of the entire
repository on every developer's personal hard disk, as Bitkeeper
does) with a 100MB repository that are not so practical when it's
closer to a gigabyte.

5. Should have the ability to generate ChangeLog files automagically
from the checkin comments. (When merging to basic-improvements I
normally spend more time fixing up the ChangeLogs than anything
else. Except maybe waiting for 'cvs tag' and 'cvs update -j...'.)

zw

Hi,
To my knowledge, arch doesn't have any real reliability problems. Tom
didn't make a fast implementation, but it is reliable. There is a bug
database [1] with all of the bugs that I can think of, so you can
decide for yourself whether it is reliable.
Arch currently doesn't work on 64 bit machines. The problem is in the
non-shell parts. It is not an insurmountable problem, it is just that
no one has taken the time to try to fix the bugs.

Someone got it running under cygwin once, but the patches have
disappeared. It wasn't usable there. Too slow.

Otherwise, it seems to work on posix machines.
arch doesn't interact at all with root. The remote repositories are
all done with sftp, ftp, and http, which is as secure as those servers
are.
Sort of. Patches are gzipped, which have their own checksum, but
there is isn't any way to make sure that what you get is the same
thing as what you put in. That is, there is some individual
checksums, but no end-to-end checksum.
Is http access good enough?
Currently, we allow writeable ftp servers and sftp servers. If we
disallowed writeable ftp servers, would that be good enough? (Don't
tempt me. I've considered it in the past.)
There is no interaction with root, so if you own the archive, you can
always do what you want. To get anything approaching this, you have
to deal with PGP signatures, SHA hashes, and the like. OpenCM is
probably the only group (including BitKeeper) that even comes close to
doing this right.
Arch is slow, slow, slow. Don't let Tom beguile you into thinking
that it is even reasonably fast right now. It isn't. It is a subject
of great interest to the developers, but we're not there yet. Part of
this is the shell implementation. Once certain parts are rewritten in
a compiled language, it should get _much_ better.
Arch has this, although some of the implementations could do with a
little improvement (e.g. the mirroring script seems to take forever).
Don't know. I haven't looked at the actual implementation. There
isn't a fundamental reason why not, though.
Arch has this
Arch has this
Arch has this. It's why I started using it.
In theory, easy to do (just a few rm's and an mv). There are larger
policy questions, though (Do we want to allow that?). Some day, I may
just hack something together that does that.
Arch has this
Arch has this
Single delta forward merges are no problem. Reverse merges are more
difficult. This is one of those "lurking design issues" that I
mentioned earlier.
I'm not quite sure what you mean here.
Are you thinking of sending patches by email? Arch doesn't have that.
Arch stores the repository as tar.gz of the initial revision, plus
tar.gz of the patches. This will be about as compact as anything.

The problem comes when you want to get older revisions. If you're at
patch-51, getting patch-48 means starting from patch-0 and applying
all 48 patches. This can be sped up by saving entire trees along the
way, but that kills the "highly compact format".
That apparently works, although I've never used it.

By the way, I thought that your comments were quite illuminating, so I
put them up on the arch web site [2].

I also think that Tom should stop telling everyone to work on arch.
At this point, it just causes more trouble than any help I'll get.

Regards,
Walter Landry
***@ucsd.edu

[1] http://bugs.fifthvision.net:8080/
[2] http://www.fifthvision.net/open/bin/view/Arch/GccHackers

Subversion does modules a lot better than CVS, if I do say so myself. See

http://svnbook.red-bean.com/book.html#svn-ch-6-sect-3

Oh, no kidding. I totally agree that a distributed repository system
is the way to go long term, and you'll notice that easy branches was
close to the top of my requirements list.

My comment about the Linux kernel development process was intended as
a comment about the way that project operates, which I happen to have
concerns about, but I'm pretty sure that's the way it has always
operated, independent of version-control system in use.
And this is the assumption underlying the part of the kernel process
that I have concerns about. It's true that mostly only a small number
of people work on any given chunk of a large piece of software, but I
strongly disagree that they should go off by themselves and merge into
the main tree only when they're done, as the default mode of
development. The effect from everyone else's point of view is that
they pop up and inflict a huge indigestible glob of code on everyone,
which invariably has not been tested thoroughly enough and breaks
stuff. Just watching linux-kernel suggests that this happens all the
time. The USAGI patches, for instance, or Rusty's module rewrite.
We've had our share of this in GCC, too; the 'subreg_byte' changes
were maintained at enormous effort separate from the main tree for
_years_ before they accumulated enough evidence that it wouldn't break
anything.

Contrariwise, forcing people to do their work in the main tree means
that they have to do it incrementally, more eyes at least skim the
code, and it naturally gets adequate testing as other people try to do
their own work. Also, I know that every time I've had to stop and
think how to do a transition incrementally, the end result has been
better off for it. Al Viro's rewrite of the VFS layer is the obvious
example of this, or Jan Hubicka's jump optimizer overhaul.

As a user of the kernel, I am also concerned about the apparent trend
toward having many variant trees not for development, but to present
divergent sets of features and bugfixes. It strikes me as a recipe
for user confusion and vendor malfeasance.

zw

Florian> Well, you can do this using Aegis for a couple of years now, but I
Florian> don't see that Aegis is adopted by the free software crowd. Most of
Florian> its members seem to have strong reservations regarding processes which
Florian> are enforced by software. ;-)

And rightfully so. Aegis' model of "change" assignments to developers
doesn't quite fit the volunteer driven projects.

~velco