Ada (programming language)
Ada is a structured, statically typed, imperative, and object-oriented high-level programming language, extended from Pascal and other languages. It has built-in language support for design by contract, extremely strong typing, explicit concurrency, tasks, synchronous message passing, protected objects, and non-determinism. Ada improves code safety and maintainability by using the compiler to find errors in favor of runtime errors. Ada is an international technical standard, jointly defined by the International Organization for Standardization, and the International Electrotechnical Commission., the standard, called Ada 2012 informally, is ISO/IEC 8652:2012.
Ada was originally designed by a team led by French computer scientist Jean Ichbiah of CII Honeywell Bull under contract to the United States Department of Defense from 1977 to 1983 to supersede over 450 programming languages used by the DoD at that time. Ada was named after Ada Lovelace, who has been credited as the first computer programmer.
Features
Ada was originally designed for embedded and real-time systems. The Ada 95 revision, designed by S. Tucker Taft of Intermetrics between 1992 and 1995, improved support for systems, numerical, financial, and object-oriented programming.Features of Ada include: strong typing, modular programming mechanisms, run-time checking, parallel processing, exception handling, and generics. Ada 95 added support for object-oriented programming, including dynamic dispatch.
The syntax of Ada minimizes choices of ways to perform basic operations, and prefers English keywords to symbols. Ada uses the basic arithmetical operators "+", "-", "*", and "/", but avoids using other symbols. Code blocks are delimited by words such as "declare", "begin", and "end", where the "end" is followed by the identifier of the block it closes. In the case of conditional blocks this avoids a dangling else that could pair with the wrong nested if-expression in other languages like C or Java.
Ada is designed for developing very large software systems. Ada packages can be compiled separately. Ada package specifications can also be compiled separately without the implementation to check for consistency. This makes it possible to detect problems early during the design phase, before implementation starts.
A large number of compile-time checks are supported to help avoid bugs that would not be detectable until run-time in some other languages or would require explicit checks to be added to the source code. For example, the syntax requires explicitly named closing of blocks to prevent errors due to mismatched end tokens. The adherence to strong typing allows detecting many common software errors either during compile-time, or otherwise during run-time. As concurrency is part of the language specification, the compiler can in some cases detect potential deadlocks. Compilers also commonly check for misspelled identifiers, visibility of packages, redundant declarations, etc. and can provide warnings and useful suggestions on how to fix the error.
Ada also supports run-time checks to protect against access to unallocated memory, buffer overflow errors, range violations, off-by-one errors, array access errors, and other detectable bugs. These checks can be disabled in the interest of runtime efficiency, but can often be compiled efficiently. It also includes facilities to help program verification. For these reasons, Ada is widely used in critical systems, where any anomaly might lead to very serious consequences, e.g., accidental death, injury or severe financial loss. Examples of systems where Ada is used include avionics, air traffic control, railways, banking, military and space technology.
Ada's dynamic memory management is high-level and type-safe. Ada has no generic or untyped pointers; nor does it implicitly declare any pointer type. Instead, all dynamic memory allocation and deallocation must occur via explicitly declared access types. Each access type has an associated storage pool that handles the low-level details of memory management; the programmer can either use the default storage pool or define new ones. It is even possible to declare several different access types that all designate the same type but use different storage pools. Also, the language provides for accessibility checks, both at compile time and at run time, that ensures that an access value cannot outlive the type of the object it points to.
Though the semantics of the language allow automatic garbage collection of inaccessible objects, most implementations do not support it by default, as it would cause unpredictable behaviour in real-time systems. Ada does support a limited form of region-based memory management; also, creative use of storage pools can provide for a limited form of automatic garbage collection, since destroying a storage pool also destroys all the objects in the pool.
A double-dash, resembling an em dash, denotes comment text. Comments stop at end of line, to prevent unclosed comments from accidentally voiding whole sections of source code. Disabling a whole block of code now requires the prefixing of each line individually with "--". While clearly denoting disabled code with a column of repeated "--" down the page this renders the experimental dis/re-enablement of large blocks a more drawn out process.
The semicolon is a statement terminator, and the null or no-operation statement is
null;
. A single ;
without a statement to terminate is not allowed.Unlike most ISO standards, the Ada language definition is free content. Thus, it is a common reference for Ada programmers, not only programmers implementing Ada compilers. Apart from the reference manual, there is also an extensive rationale document which explains the language design and the use of various language constructs. This document is also widely used by programmers. When the language was revised, a new rationale document was written.
One notable free software tool that is used by many Ada programmers to aid them in writing Ada source code is the GNAT Programming Studio.
History
In the 1970s the US Department of Defense became concerned by the number of different programming languages being used for its embedded computer system projects, many of which were obsolete or hardware-dependent, and none of which supported safe modular programming. In 1975, a working group, the High Order Language Working Group, was formed with the intent to reduce this number by finding or creating a programming language generally suitable for the department's and the UK Ministry of Defence requirements. After many iterations beginning with an original the eventual programming language was named Ada. The total number of high-level programming languages in use for such projects fell from over 450 in 1983 to 37 by 1996.The HOLWG working group crafted the Steelman language requirements, a series of documents stating the requirements they felt a programming language should satisfy. Many existing languages were formally reviewed, but the team concluded in 1977 that no existing language met the specifications.
Requests for proposals for a new programming language were issued and four contractors were hired to develop their proposals under the names of Red, Green, Blue and Yellow. In April 1978, after public scrutiny, the Red and Green proposals passed to the next phase. In May 1979, the Green proposal, designed by Jean Ichbiah at CII Honeywell Bull, was chosen and given the name Ada—after Augusta Ada, Countess of Lovelace. This proposal was influenced by the language LIS that Ichbiah and his group had developed in the 1970s. The preliminary Ada reference manual was published in ACM SIGPLAN Notices in June 1979. The Military Standard reference manual was approved on December 10, 1980, and given the number MIL-STD-1815 in honor of Ada Lovelace's birth year. In 1981, C. A. R. Hoare took advantage of his Turing Award speech to criticize Ada for being overly complex and hence unreliable, but subsequently seemed to recant in the foreword he wrote for an Ada textbook.
Ada attracted much attention from the programming community as a whole during its early days. Its backers and others predicted that it might become a dominant language for general purpose programming and not only defense-related work. Ichbiah publicly stated that within ten years, only two programming languages would remain: Ada and Lisp. Early Ada compilers struggled to implement the large, complex language, and both compile-time and run-time performance tended to be slow and tools primitive. Compiler vendors expended most of their efforts in passing the massive, language-conformance-testing, government-required "ACVC" validation suite that was required in another novel feature of the Ada language effort. The Jargon File, a dictionary of computer hacker slang originating in 1975–1983, notes in an that "it is precisely what one might expect given that kind of endorsement by fiat; designed by committee...difficult to use, and overall a disastrous, multi-billion-dollar boondoggle...Ada Lovelace...would almost certainly blanch at the use her name has been latterly put to; the kindest thing that has been said about it is that there is probably a good small language screaming to get out from inside its vast, bulk."
The first validated Ada implementation was the NYU Ada/Ed translator, certified on April 11, 1983. NYU Ada/Ed is implemented in the high-level set language SETL. Several commercial companies began offering Ada compilers and associated development tools, including Alsys, TeleSoft, DDC-I, Advanced Computer Techniques, Tartan Laboratories, TLD Systems, Verdix, and others.
In 1991, the US Department of Defense began to require the use of Ada for all software, though exceptions to this rule were often granted. The Department of Defense Ada mandate was effectively removed in 1997, as the DoD began to embrace COTS technology. Similar requirements existed in other NATO countries: Ada was required for NATO systems involving command and control and other functions, and Ada was the mandated or preferred language for defense-related applications in countries such as Sweden, Germany, and Canada.
By the late 1980s and early 1990s, Ada compilers had improved in performance, but there were still barriers to fully exploiting Ada's abilities, including a tasking model that was different from what most real-time programmers were used to.
Because of Ada's safety-critical support features, it is now used not only for military applications, but also in commercial projects where a software bug can have severe consequences, e.g., avionics and air traffic control, commercial rockets such as the Ariane 4 and 5, satellites and other space systems, railway transport and banking.
For example, the Airplane Information Management System, the fly-by-wire system software in the Boeing 777, was written in Ada. Developed by Honeywell Air Transport Systems in collaboration with consultants from DDC-I, it became arguably the best-known of any Ada project, civilian or military. The Canadian Automated Air Traffic System was written in 1 million lines of Ada. It featured advanced distributed processing, a distributed Ada database, and object-oriented design. Ada is also used in other air traffic systems, e.g., the UK's next-generation Interim Future Area Control Tools Support air traffic control system is designed and implemented using SPARK Ada.
It is also used in the French TVM in-cab signalling system on the TGV high-speed rail system, and the metro suburban trains in Paris, London, Hong Kong and New York City.
Standardization
The language became an ANSI standard in 1983, and after translation in French and without any further changes in English becamean ISO standard in 1987. This version of the language is commonly known as Ada 83, from the date of its adoption by ANSI, but is sometimes referred to also as Ada 87, from the date of its adoption by ISO.
Ada 95, the joint ISO/ANSI standard was published in February 1995, making Ada 95 the first ISO standard object-oriented programming language. To help with the standard revision and future acceptance, the US Air Force funded the development of the GNAT Compiler. Presently, the GNAT Compiler is part of the GNU Compiler Collection.
Work has continued on improving and updating the technical content of the Ada language. A Technical Corrigendum to Ada 95 was published in October 2001, and a major Amendment, was published on March 9, 2007. At the Ada-Europe 2012 conference in Stockholm, the Ada Resource Association and Ada-Europe announced the completion of the design of the latest version of the Ada language and the submission of the reference manual to the International Organization for Standardization for approval. ISO/IEC 8652:2012 was published in December 2012.
Other related standards include ISO 8651-3:1988 Information processing systems—Computer graphics—Graphical Kernel System language bindings—Part 3: Ada.
Language constructs
Ada is an ALGOL-like programming language featuring control structures with reserved words such as if, then, else, while, for, and so on. However, Ada also has many data structuring facilities and other abstractions which were not included in the original ALGOL 60, such as type definitions, records, pointers, enumerations. Such constructs were in part inherited from or inspired by Pascal."Hello, world!" in Ada
A common example of a language's syntax is the Hello world program:with Ada.Text_IO; use Ada.Text_IO;
procedure Hello is
begin
Put_Line ;
end Hello;
This program can be compiled by using the freely available open source compiler GNAT, by executing
Data types
Ada's type system is not based on a set of predefined primitive types but allows users to declare their own types. This declaration in turn is not based on the internal representation of the type but on describing the goal which should be achieved. This allows the compiler to determine a suitable memory size for the type, and to check for violations of the type definition at compile time and run time. Ada supports numerical types defined by a range, modulo types, aggregate types, and enumeration types. Access types define a reference to an instance of a specified type; untyped pointers are not permitted.Special types provided by the language are task types and protected types.
For example, a date might be represented as:
type Day_type is range 1.. 31;
type Month_type is range 1.. 12;
type Year_type is range 1800.. 2100;
type Hours is mod 24;
type Weekday is ;
type Date is
record
Day : Day_type;
Month : Month_type;
Year : Year_type;
end record;
Types can be refined by declaring subtypes:
subtype Working_Hours is Hours range 0.. 12; -- at most 12 Hours to work a day
subtype Working_Day is Weekday range Monday.. Friday; -- Days to work
Work_Load: constant array of Working_Hours -- implicit type declaration
:= ; -- lookup table for working hours with initialization
Types can have modifiers such as limited, abstract, private etc. Private types can only be accessed and limited types can only be modified or copied within the scope of the package that defines them. Ada 95 adds further features for object-oriented extension of types.
Control structures
Ada is a structured programming language, meaning that the flow of control is structured into standard statements. All standard constructs and deep-level early exit are supported, so the use of the also supported "go to" commands is seldom needed.-- while a is not equal to b, loop.
while a /= b loop
Ada.Text_IO.Put_Line ;
end loop;
if a > b then
Ada.Text_IO.Put_Line ;
else
Ada.Text_IO.Put_Line ;
end if;
for i in 1.. 10 loop
Ada.Text_IO.Put ;
Ada.Text_IO.Put ;
Ada.Text_IO.Put_Line;
end loop;
loop
a := a + 1;
exit when a = 10;
end loop;
case i is
when 0 => Ada.Text_IO.Put ;
when 1 => Ada.Text_IO.Put ;
when 2 => Ada.Text_IO.Put ;
-- case statements have to cover all possible cases:
when others => Ada.Text_IO.Put ;
end case;
for aWeekday in Weekday'Range loop -- loop over an enumeration
Put_Line ; -- output string representation of an enumeration
if aWeekday in Working_Day then -- check of a subtype of an enumeration
Put_Line ; -- access into a lookup table
end if;
end loop;
Packages, procedures and functions
Among the parts of an Ada program are packages, procedures and functions.Example:
Package specification
package Example is
type Number is range 1.. 11;
procedure Print_and_Increment ;
end Example;
Package body
with Ada.Text_IO;
package body Example is
i : Number := Number'First;
procedure Print_and_Increment is
function Next return Number is
begin
return k + 1;
end Next;
begin
Ada.Text_IO.Put_Line ;
j := Next ;
end Print_and_Increment;
-- package initialization executed when the package is elaborated
begin
while i < Number'Last loop
Print_and_Increment ;
end loop;
end Example;
This program can be compiled, e.g., by using the freely available open-source compiler GNAT, by executing
Packages, procedures and functions can nest to any depth, and each can also be the logical outermost block.
Each package, procedure or function can have its own declarations of constants, types, variables, and other procedures, functions and packages, which can be declared in any order.
Concurrency
Ada has language support for task-based concurrency. The fundamental concurrent unit in Ada is a task, which is a built-in limited type. Tasks are specified in two parts – the task declaration defines the task interface, the task body specifies the implementation of the task. Depending on the implementation, Ada tasks are either mapped to operating system threads or processes, or are scheduled internally by the Ada runtime.Tasks can have entries for synchronisation. Task entries are declared in the task specification. Each task entry can have one or more accept statements within the task body. If the control flow of the task reaches an accept statement, the task is blocked until the corresponding entry is called by another task. Task entries can have parameters similar to procedures, allowing tasks to synchronously exchange data. In conjunction with select statements it is possible to define guards on accept statements.
Ada also offers protected objects for mutual exclusion. Protected objects are a monitor-like construct, but use guards instead of conditional variables for signaling. Protected objects combine the data encapsulation and safe mutual exclusion from monitors, and entry guards from conditional critical regions. The main advantage over classical monitors is that conditional variables are not required for signaling, avoiding potential deadlocks due to incorrect locking semantics. Like tasks, the protected object is a built-in limited type, and it also has a declaration part and a body.
A protected object consists of encapsulated private data, and procedures, functions and entries which are guaranteed to be mutually exclusive. A task calling a protected object is blocked if another task is currently executing inside the same protected object, and released when this other task leaves the protected object. Blocked tasks are queued on the protected object ordered by time of arrival.
Protected object entries are similar to procedures, but additionally have guards. If a guard evaluates to false, a calling task is blocked and added to the queue of that entry; now another task can be admitted to the protected object, as no task is currently executing inside the protected object. Guards are re-evaluated whenever a task leaves the protected object, as this is the only time when the evaluation of guards can have changed.
Calls to entries can be requeued to other entries with the same signature. A task that is requeued is blocked and added to the queue of the target entry; this means that the protected object is released and allows admission of another task.
The select statement in Ada can be used to implement non-blocking entry calls and accepts, non-deterministic selection of entries, time-outs and aborts.
The following example illustrates some concepts of concurrent programming in Ada.
with Ada.Text_IO; use Ada.Text_IO;
procedure Traffic is
type Airplane_ID is range 1..10; -- 10 airplanes
task type Airplane ; -- task representing airplanes, with ID as initialisation parameter
type Airplane_Access is access Airplane; -- reference type to Airplane
protected type Runway is -- the shared runway
entry Assign_Aircraft ; -- all entries are guaranteed mutually exclusive
entry Cleared_Runway ;
entry Wait_For_Clear;
private
Clear: Boolean := True; -- protected private data - generally more than only a flag...
end Runway;
type Runway_Access is access all Runway;
-- the air traffic controller task takes requests for takeoff and landing
task type Controller is
-- task entries for synchronous message passing
entry Request_Takeoff ;
entry Request_Approach;
end Controller;
-- allocation of instances
Runway1 : aliased Runway; -- instantiate a runway
Controller1: Controller ; -- and a controller to manage it
------ the implementations of the above types ------
protected body Runway is
entry Assign_Aircraft
when Clear is -- the entry guard - calling tasks are blocked until the condition is true
begin
Clear := False;
Put_Line ;
end;
entry Cleared_Runway
when not Clear is
begin
Clear := True;
Put_Line ;
end;
entry Wait_For_Clear
when Clear is
begin
null; -- no need to do anything here - a task can only enter if "Clear" is true
end;
end Runway;
task body Controller is
begin
loop
My_Runway.Wait_For_Clear; -- wait until runway is available
select -- wait for two types of requests
when Request_Approach'count = 0 => -- guard statement - only accept if there are no tasks queuing on Request_Approach
accept Request_Takeoff
do -- start of synchronized part
My_Runway.Assign_Aircraft ; -- reserve runway
Takeoff := My_Runway; -- assign "out" parameter value to tell airplane which runway
end Request_Takeoff; -- end of the synchronised part
or
accept Request_Approach do
My_Runway.Assign_Aircraft ;
Approach := My_Runway;
end Request_Approach;
or -- terminate if no tasks left who could call
terminate;
end select;
end loop;
end;
task body Airplane is
Rwy : Runway_Access;
begin
Controller1.Request_Takeoff ; -- This call blocks until Controller task accepts and completes the accept block
Put_Line ;
delay 2.0;
Rwy.Cleared_Runway ; -- call will not block as "Clear" in Rwy is now false and no other tasks should be inside protected object
delay 5.0; -- fly around a bit...
loop
select -- try to request a runway
Controller1.Request_Approach ; -- this is a blocking call - will run on controller reaching accept block and return on completion
exit; -- if call returned we're clear for landing - leave select block and proceed...
or
delay 3.0; -- timeout - if no answer in 3 seconds, do something else
Put_Line ; -- simply print a message
end select;
end loop;
delay 4.0; -- do landing approach...
Put_Line ;
Rwy.Cleared_Runway ; -- notify runway that we're done here.
end;
New_Airplane: Airplane_Access;
begin
for I in Airplane_ID'Range loop -- create a few airplane tasks
New_Airplane := new Airplane ; -- will start running directly after creation
delay 4.0;
end loop;
end Traffic;
Pragmas
A pragma is a compiler directive that conveys information to the compiler to allow specific manipulating of compiled output. Certain pragmas are built into the language, while others are implementation-specific.Examples of common usage of compiler pragmas would be to disable certain features, such as run-time type checking or array subscript boundary checking, or to instruct the compiler to insert object code instead of a function call.
International standards
- ISO/IEC 8652: Information technology—Programming languages—Ada
- ISO/IEC 15291: Information technology—Programming languages—Ada Semantic Interface Specification
- ISO/IEC 18009: Information technology—Programming languages—Ada: Conformity assessment of a language processor
- IEEE Standard 1003.5b-1996, the POSIX Ada binding
- , the CORBA interface description language to Ada mapping
Rationale
Books
- 795 pages.
Archives
- . Charles Babbage Institute, University of Minnesota. Includes literature on software products designed for the Ada language; U.S. government publications, including Ada 9X project reports, technical reports, working papers, newsletters; and user group information.