Teaching new tricks to an old dog (C++ -->Ada)

[Larry Kilgallen]

What specific features are you missing in C++. Before moving
to Ada consider this:

- It will be hard to find developers for Ada

To hire developers who are incapable of learning a second language
is really scraping the bottom of the barrel. If that were the case,
I would hope the product is not one on which I will ever depend.

- You might end up making more mistakes with Ada because of
inexperience with Ada.

But if you do, they will typically be caught at compile-time.

 

[Larry Kilgallen]

Out of curiosiy, could you give some few examples where Ada catches faults
not found by a C++ compiler. I assume - of course - code written in modern
C++: no casts, functions instead of macroes, a limited use of pointers and
so on.

Which C++ compilers prevent those practices deprecated in your second
sentence ?

 

[Mark Lorenzen]

[snip]

On the other hand I do not know ADAs ideals (for example I do not
think it supports the generic programming paradigm - templates), but I
suspect they are to be an easy (restricted to easy parts), safe (not
letting you do low level operations), application development
language, which is OK for usual application development.

First of all, the language is called Ada. It is not an acronym, but a
woman's name.

Ada supports generic ("template") programming very well. It
furthermore lets you do all the low-level operations you can think of:
Reading from a memory location, converting bit sequences into
integers, performing pointer arithmetic etc. You can f.x. convert an
octet into an array of Booleans and thus refer to each "bit" as a
Boolean value.

Give it a try - it never hurts to gain experience with new/other
programming languages. The people at comp.lang.ada are always willing
to help and answer questions.

Regards,
- Mark Lorenzen

 

[Larry Kilgallen]

"Ludovic Brenta" <[email protected]> skrev i en meddelelse

This is inherited from Pascal if I remember correctly. Of course, good C++
style is to declare your variable in the loop.

That is also good style in macro assemblers, and presumably in paper-only
languages used to write machine code where you toggle in the binary. But
the purpose of a compiler is to help you avoid errors, whether you think
of such things at the time or not.

This seems ridiculous. I would expect a programmer to know the precedence
rules or at least insert parentheses if they are in doubt.

Expectations are one thing, but having the compiler help you is better.

I like that idea. It is possible using templates, of course. Is it general
enough? If you replace "apples" with "weight" and "oranges" with "length",
is it then permissible to multiply a length with a weight but not add the
two together?

It is possible, with enough work, to do such things.

It is preferable to mandate that such project-specific needs be
programmed only by senior programming staff. Thus the junior
members of the staff just say this_box_length * this_box_weight.

Any responsibility for the meaningfulness of that result is on the
shoulders of senior staff.

My conclusion is that there are some nice ideas out there, but that they
mainly protect against the "sloppy" programmer.

My conclusion after 35 years with computers is that there are "sloppy"
programmers out there. So I look for mechanisms to guard against such
things. Formal inspection is great, but it is a waste of resources if
used to catch small errors that can be avoided with proper choice of
tools.

 

[Ludovic Brenta]

In general, we cannot compare the two languages because they have
different design ideals.


C++ supports 4 paradigms. Each paradigm is supported well with
maximum run-time/space *efficiency*. At the same time it leaves no
room for a lower level language except of assembly.

Ada's efficiency is on par with C++'s, thank you very much. In fact,
the most widely used Ada compiler is none other than GCC.

On the other hand I do not know ADAs ideals (for example I do not
think it supports the generic programming paradigm - templates),

Ada can teach C++ how to do templates properly. In Ada they are
called "generics". The reason why Ada's generics are better (IMHO)
than C++'s templates is that Ada alows you to express constraints
between generic parameters. There is also a rich set of possible
generic parameters. A generic parameter can be a type, an object, a
subprogram, or a package (in which case the actual package must be an
instance of some designated generic package!). For example, in Ada,
you can say that a generic takes a type parameter which must be a
subclass of some designated class. You can then go on to say that a
second parameter must be an instance of that particular subclass.

Ada supports procedural programming, object-oriented programming,
genericity, and exceptions, just like C++.

And, Ada supports multitasking. How's that for a multiparadigm
language?

The one thing that C++ supports that Ada doesn't is multiple
inheritance. This feature was left out as unsafe. Interface
inheritance à la Java is being added in Ada 2005.

but I suspect they are to be an easy (restricted to easy parts),
safe (not letting you do low level operations), application
development language, which is OK for usual application development.

Ada also has low-level facilities for systems programming. These
facilities allow doing bit-level programming *cleanly* and
*explicitly*. An entire chapter of the Ada reference manual is
devoted to this - chapter 13, "representation issues".

This means that, uness you see a representation clause or uses of
Unchecked_Conversion or Unchecked_Deallocation, you can pretty much
assume that an Ada program uses only safe features. In Ada, unsafe
programming is possible but must be explicit.

There is also a gem of a language feature: pragma Restrictions. This
pragma allows you to restrict usage of some language features, *and
the compiler enforces the restrictions*. But the possible
restrictions are implementation-defined.

 

[Ioannis Vranos]

Well that's easy:

unsigned int X = -1;

char Y [10];
Y [10] = "X";

Or bit more subtle:

unsigned int X Day_Of_Month = 32;

Day_Of_Month does not compile. You can make the Day_Of_Month an enum:


enum Day_Of_Month { Mon=1, Sun=7};


int main()
{
Day_Of_Month X= 32;
}


C:\c>g++ temp.cpp -o temp.exe
temp.cpp: In function `int main()':
temp.cpp:6: error: invalid conversion from `int' to `Day_Of_Month'

C:\c>



The char Y thing does not compile, but try this:

#include <vector>

int main()
{
using namespace std;

vector<char> Y (10);

Y.at(10) = 'X';
}


The most important thing that you may be missing, is that in C++ you can
choose the level of abstraction and safety you want by using some
third-party library or framework that fits your needs.


For example consider this:


// Using .NET facilities
int main()
{
using namespace System;

array<int> ^IntArray= {1,2,3,4,5,6,7,8,9,0};

IntArray[10]= 10;
}


C:\c>temp

Unhandled Exception: System.IndexOutOfRangeException: Index was outside
the boun
ds of the array.
at main()

C:\c>



#include <iostream>
#include <ostream>

int main()
{
using namespace System;
using namespace std;

int x= 71;

char c= x.ToString()[0];

cout<<c<<endl;

cout<<x.ToString()->Length<<endl;
}

C:\c>temp
7
2

C:\c>


The above make use of the .NET 2 framework facilities, which provide
additional safety and the high level things you are mentioning.


Bottom line is in C++ you can be as safe and as high level you like.
Just pick the suitable libraries or frameworks.

 

[Ioannis Vranos]

You can do everything in Ada that you can in C and C++.

I suppose you mean in the application-programming domain. But I do not
think this is true in the systems programming domain, that is efficiency
under *severe* run-time and space constraints.


Also I am not sure if ADA is suitable for library writing, or you will
have to switch to another language to do that.

I do not say this is bad, since the design ideals of ADA are different
from C++. In effect, we are comparing different things here.

 

[Ludovic Brenta]

Bottom line is in C++ you can be as safe and as high level you
like. Just pick the suitable libraries or frameworks.

No, you cannot be as safe as you like. For this, you would need the
ability to restrict usage of unsafe features. Just because you also
have safe features at your disposal does not force you to use them.

Your sentence should read: in C++, despite all the high-level
features, you can be as unsafe as you like because the compiler will
let you.

 

[Mark Lorenzen]

I suppose you mean in the application-programming domain. But I do not
think this is true in the systems programming domain, that is
efficiency under *severe* run-time and space constraints.

Why? I see no reason that an executable programmed in Ada should be a
slow or big?

Also I am not sure if ADA is suitable for library writing, or you will
have to switch to another language to do that.

Why?

Regards,
- Mark Lorenzen

 

[xpyttl]

But if you do, they will typically be caught at compile-time.

I would argue that this isn't strictly true. Of course, the bonehead errors
will be caught by the compiler, but the same is true for C++.

I found that, while I could write servicible code pretty quickly in Ada, it
took a long time, coming from C (and Pascal before that), to really
understand how to exploit the language.

By way of example, someone in this thread posted an example using a
Day_of_Month type. It would never occur to a C programmer that the day of
the month was anything other than an integer. At the other extreme, once
discovering all this wonderful capability, it is very easy to get carried
away and take it to extremes. It takes quite some experience to understand
the correct balance for just this one useful feature of the language.

I also feel that Ada programs are more difficult -for experienced
programmers- to read. Sure, any Joe off the street can probably get more
from an Ada program than a C++ program, but C and C++ have a lot of idioms
that express fairly large concepts in immediately recognizable ways. With
Ada, not only is there less of this, but the language is so wordy that even
simple functions seem to go on and on.

Still, if I was back doing safety critical code, I don't think I could
honestly argue that C++ was a viable choice.

...

 

[Ioannis Vranos]

It is true that, in ISO C++, loop variables declared in the for
statement are not visible outside the loop. However, the library I
was working on did make use of the loop variable after the loop, and
none of our 4 or 5 different C++ compilers complained about it.

Which brings me to the general question: is there any
standard-compliant C++ compiler in existence? Or are compilers only
"mostly compliant" or "close enough" or some other ill-defined term?

int main()
{
for(int i=0; i<10; ++i)
;

i=7;
}

C:\c>g++ temp.cpp -o temp.exe
temp.cpp: In function `int main()':
temp.cpp:6: error: name lookup of `i' changed for new ISO `for' scoping
temp.cpp:3: error: using obsolete binding at `i'

C:\c>



C:\c>cl temp.cpp
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.41013 for 80x86
Copyright (C) Microsoft Corporation. All rights reserved.

temp.cpp
temp.cpp(6) : error C2065: 'i' : undeclared identifier

C:\c>

 

[Ludovic Brenta]

I suppose you mean in the application-programming domain. But I do
not think this is true in the systems programming domain, that is
efficiency under *severe* run-time and space constraints.

Then why is it that almost all spacecraft, satellites, airplanes,
trains, nuclear power stations, submarines are programmed in Ada? Is
that not real-time enough for you? Remember the Mars rover? Ada.
The Cassini-Huygens mission? Ada. Europe's air traffic control
network? Ada. The US air traffic control network? Ada.

I myself am involved in writing system-level avionics software. There
is no operating system. We do address and data manipulations at the
bit level. We write to processor registers. There are hard real-time
constraints, as well as safety constraints. We write all of this in
Ada, with a few machine code insertions ("inline assembler") in a
couple places.

I have a feeling that you just don't know what you are talking about.

Also I am not sure if ADA is suitable for library writing, or you
will have to switch to another language to do that.

I will repeat what Mark Lorenzen just said above:

You can do everything in Ada that you can in C and C++.

I do not say this is bad, since the design ideals of ADA are different
from C++. In effect, we are comparing different things here.

Yes, we are comparing a hacker's language with an engineer's language.

 

[Ioannis Vranos]

Ada can teach C++ how to do templates properly. In Ada they are
called "generics". The reason why Ada's generics are better (IMHO)
than C++'s templates is that Ada alows you to express constraints
between generic parameters.

You can also express constraints in templates. An important thing is
this. Are Ada's generics run-time or compile time?

As I said in another message of mine, in C++ you can "plug in" whatever
you want by using third-party libraries and frameworks.


For example in .NET 2, C++ will have both its compile-time templates and
..NET's 2 run-time generics (with the keyword generic).

There is also a rich set of possible
generic parameters. A generic parameter can be a type, an object, a
subprogram, or a package (in which case the actual package must be an
instance of some designated generic package!).

It looks like they are run-time, and in C++ you can do all the above.
Actually Ada's compilers are probably written in C++.

For example, in Ada,
you can say that a generic takes a type parameter which must be a
subclass of some designated class. You can then go on to say that a
second parameter must be an instance of that particular subclass.

Ada supports procedural programming, object-oriented programming,
genericity, and exceptions, just like C++.

And, Ada supports multitasking. How's that for a multiparadigm
language?

I suppose you mean multithreading. You can do that in C++ in many
different ways, by "plugging in" the necessary facilities:


By using the OpenMP standard (http://www.openmp.org)

#include <vector>

int main()
{
using namespace std;

vector<int> somearray(10);

#pragma omp for
for(vector<int>::size_type i=0; i<somearray.size(); ++i)
somearray=i;
}


The above pragma tells the compiler that each operation on vector's
elements is independent from the others, and thus the compiler instantly
creates a thread for each assignment, taking advantage of any
multiprocessor/multicore CPUs that exist.

Unknown #pragmas are ignored by compilers, so a compiler not supporting
OpenMP still compiles the code.


In .NET you can also use its multithreading facilities, in addition to
OpenMP:


// .NET multithreading thread-lock model
__gc class SomeClass
{
int index;

//...

public:

// ...


void DoSomething()
{
Monitor::Enter(this);

// Modify index

Monitor::Exit();
}

void DoSomethingElse()
{
Monitor::Enter(this);

// Modify index

Monitor::Exit();
}

// ...
};


SomeClass *ps= __gc new SomeClass;

// ...

Thread *pthread1= __gc new Thread ( __gc new ThreadStart(ps,
&SomeClass:oSomething) );



Thread *pthread2= __gc new Thread ( __gc new ThreadStart(ps,
&SomeClass:oSomethingElse) );


//Start execution of ps->DoSomething()
pthread1->Start();

//Start execution of ps->DoSomethingElse()
pthread2->Start();

// ...


The are innumerable ways that you can do things in C++, you just 'plug
in" the additional facilities that you want.

The one thing that C++ supports that Ada doesn't is multiple
inheritance. This feature was left out as unsafe. Interface
inheritance à la Java is being added in Ada 2005.




Ada also has low-level facilities for systems programming. These
facilities allow doing bit-level programming *cleanly* and
*explicitly*. An entire chapter of the Ada reference manual is
devoted to this - chapter 13, "representation issues".

Do you know std::bitset?

This means that, uness you see a representation clause or uses of
Unchecked_Conversion or Unchecked_Deallocation, you can pretty much
assume that an Ada program uses only safe features. In Ada, unsafe
programming is possible but must be explicit.

In C++ you can be as safe, restricted and convenient as you want.

 

[Ioannis Vranos]

In C++ you can be as safe, restricted and convenient as you want.

Including garbage collection.

 

[Simon Wright]

* accessibility rules are rather complex, but they are designed to
minimise the chance of mistakes. Basically, the scope of a pointer
type must be included in the scope of the pointed-to type. This
makes many mistakes impossible, such as returning a pointer to an
object which no longer exists.

It is extremely easy to make dangling pointers.

Ada makes it hard to have pointers to objects whose _type_ has gone
out of scope, but that's fairly unusual!

 

[Adrien Plisson]

The one thing that C++ supports that Ada doesn't is multiple
inheritance. This feature was left out as unsafe. Interface
inheritance à la Java is being added in Ada 2005.

there is also one other thing i can think of: template specialization.

this is an interresting construct, used a lot in C++, which gives the
ability to write "traits". there may be a way to do it in Ada but i'm
not aware of it (if there is, please tell me).

 

[Pascal Obry]

It looks like they are run-time, and in C++ you can do all the
above. Actually Ada's compilers are probably written in C++.

At least GNAT (GNU/Ada) is written in Ada and DEC Ada was written in Ada IIRC.

Pascal.

--

--|------------------------------------------------------
--| Pascal Obry Team-Ada Member
--| 45, rue Gabriel Peri - 78114 Magny Les Hameaux FRANCE
--|------------------------------------------------------
--| http://www.obry.org
--| "The best way to travel is by means of imagination"
--|
--| gpg --keyserver wwwkeys.pgp.net --recv-key C1082595

 

[Paul E. Bennett]

Then why is it that almost all spacecraft, satellites, airplanes,
trains, nuclear power stations, submarines are programmed in Ada? Is
that not real-time enough for you? Remember the Mars rover? Ada.
The Cassini-Huygens mission? Ada. Europe's air traffic control
network? Ada. The US air traffic control network? Ada.

You wrote that like Ada was 100% of the software content of those missions.
Far from it. Cassini also used some Forth on board (see list at:-
<http://forth.gsfc.nasa.gov/>). I am sure that wasn't the only alternative
language used either.

[%X]

Yes, we are comparing a hacker's language with an engineer's language.

I am sure that hackers can work in many languages, even Ada. Engineering is
a process thing not T&E.

--
********************************************************************
Paul E. Bennett ....................<email://[email protected]>
Forth based HIDECS Consultancy .....<http://www.amleth.demon.co.uk/>
Mob: +44 (0)7811-639972
Tel: +44 (0)1235-811095
Going Forth Safely ....EBA. http://www.electric-boat-association.org.uk/
********************************************************************

 

[Pascal Obry]

int main()
{
for(int i=0; i<10; ++i)
;

i=7;
}

And what about:

int main()
{
int i;
for(i=0; i<10; ++i)
;

i=7;
}

What is important for safety is not what a language permits but what
it forbids. As long as you have traps in a language you know that some
programmers will fall into it at some point.

Pascal.

--

--|------------------------------------------------------
--| Pascal Obry Team-Ada Member
--| 45, rue Gabriel Peri - 78114 Magny Les Hameaux FRANCE
--|------------------------------------------------------
--| http://www.obry.org
--| "The best way to travel is by means of imagination"
--|
--| gpg --keyserver wwwkeys.pgp.net --recv-key C1082595

 

[Martin Krischik]

With Ada aside (I find no reason why one should not learn it), C++ is a
powerful and systems programming language, and power implies painful low
level details.

But Ada is used for system programming language as well. Only it is not
painfull. Most C/C++ programmers think that a language suitable for system
programming must be painfull - but this is not true.

Well, there is a drawback: you have to type more. But then: once you typed
it in it's easer to read - and most programms are read more then written.

However it also provides all major high level facilities,
and if you stick in high level programming it is very safe, while it
maintains the maximum space and run-time efficiency principle.

The real difference is that Ada puts emphasis on "save" while C++ puts
emphasis on "fast". C++ only becomes save by use of the STL.

And with the speed of the computers today "save" is better. I remember well
the time when Blaster/32 infected my computer faster then I could download
the fix (download the fix with Linux in the end - but that's another
story).

In general, we cannot compare the two languages because they have
different design ideals.

That is indeed true. But the differences are not system vs application -
both languages draw even here. Its save vs. fast, readabiltiy vs.
writeablity and explicid vs implicid.

Of corse, having stessed the save vs. fast point: Most Ada compiler allow
you to switch off the savety net with a compiler option.

C++ supports 4 paradigms. Each paradigm is supported well with maximum
run-time/space *efficiency*.

Ada supports the same 4 paradigms and concurrent programming on top.

At the same time it leaves no room for a
lower level language except of assembly.

True. But C/C++ havn't got a monopoly/patent on that feature.

On the other hand I do not know ADAs ideals (for example I do not think
it supports the generic programming paradigm - templates), but I suspect

Actualy Ada has templates since it's 1983 release. I don't think C++ had
templates at the time.

they are to be an easy (restricted to easy parts),

True Ada is easy - but not restricted. You think one excludes the other -
but that isn't true.

safe (not letting you
do low level operations),

Ada can do more low level stuff then C++ - or have you ever seen 24 bit
integer types in C++.

application development language, which is OK
for usual application development.

As I said, here you as mistaken. While Ada is indeed well suited for high
level application development is is mostly used for low level embedded
programming. Usualy in planes, railways, spacecraft and weapons.

I usualy read - at least - the wiki article before I say anything about a
programming language:

http://en.wikipedia.org/wiki/Ada_programming_language

With Regards

Martin