|First appeared||February 1980|
Ada 2012 TC1 / April 2015
|Typing discipline||static, strong, safe, nominative|
|Filename extensions||.adb .ads|
|AdaCore GNAT (free download: http://libre.adacore.com/download),
Green Hills Software Optimising Ada 95 compiler,
PTC, Inc. PTC ApexAda and PTC ObjectAda ,
|SPARK, Ravenscar profile|
|ALGOL 68, Pascal, C++ (Ada 95), Smalltalk (Ada 95), Modula-2 (Ada 95) Java (Ada 2005), Eiffel (Ada 2012)|
|C++, Chapel,Eiffel, Java, Nim, PL/SQL, PL/pgSQL, Ruby, Rust,Seed7, SQL/PSM, VHDL|
Ada is a structured, statically typed, imperative, wide-spectrum, and object-oriented high-level computer programming language, extended from Pascal and other languages. It has built-in language support for design-by-contract, extremely strong typing, explicit concurrency, offering tasks, synchronous message passing, protected objects, and non-determinism. Ada improves code safety and maintainability by using the compiler to find errors in favor of runtime errors. Ada is an international standard; the current version (known as Ada 2012) is defined by ISO/IEC 8652:2012.
Ada was originally designed by a team led by Jean Ichbiah of CII Honeywell Bull under contract to the United States Department of Defense (DoD) from 1977 to 1983 to supersede over 450 programming languages used by the DoD at that time. Ada was named after Ada Lovelace (1815-1852), who has been credited with being the first computer programmer.
Ada was originally targeted at embedded and real-time systems. The Ada 95 revision, designed by S. Tucker Taft of Intermetrics between 1992 and 1995, improved support for systems, numerical, financial, and object-oriented programming (OOP).
Features of Ada include: strong typing, modularity mechanisms (packages), run-time checking, parallel processing (tasks, synchronous message passing, protected objects, and nondeterministic select statements), exception handling, and generics. Ada 95 added support for object-oriented programming, including dynamic dispatch.
The syntax of Ada minimizes choices of ways to perform basic operations, and prefers English keywords (such as "or else" and "and then") to symbols (such as "||" and "&&"). Ada uses the basic arithmetical operators "+", "-", "*", and "/", but avoids using other symbols. Code blocks are delimited by words such as "declare", "begin", and "end", where the "end" (in most cases) is followed by the identifier of the block it closes (e.g., if ... end if, loop ... end loop). In the case of conditional blocks this avoids a dangling else that could pair with the wrong nested if-expression in other languages like C or Java.
Ada is designed for development of very large software systems. Ada packages can be compiled separately. Ada package specifications (the package interface) can also be compiled separately without the implementation to check for consistency. This makes it possible to detect problems early during the design phase, before implementation starts.
A large number of compile-time checks are supported to help avoid bugs that would not be detectable until run-time in some other languages or would require explicit checks to be added to the source code. For example, the syntax requires explicitly named closing of blocks to prevent errors due to mismatched end tokens. The adherence to strong typing allows detection of many common software errors (wrong parameters, range violations, invalid references, mismatched types, etc.) either during compile-time, or otherwise during run-time. As concurrency is part of the language specification, the compiler can in some cases detect potential deadlocks. Compilers also commonly check for misspelled identifiers, visibility of packages, redundant declarations, etc. and can provide warnings and useful suggestions on how to fix the error.
Ada also supports run-time checks to protect against access to unallocated memory, buffer overflow errors, range violations, off-by-one errors, array access errors, and other detectable bugs. These checks can be disabled in the interest of runtime efficiency, but can often be compiled efficiently. It also includes facilities to help program verification. For these reasons, Ada is widely used in critical systems, where any anomaly might lead to very serious consequences, e.g., accidental death, injury or severe financial loss. Examples of systems where Ada is used include avionics, ATC, railways, banking, military and space technology.
Ada's dynamic memory management is high-level and type-safe. Ada does not have generic or untyped pointers; nor does it implicitly declare any pointer type. Instead, all dynamic memory allocation and deallocation must take place through explicitly declared access types. Each access type has an associated storage pool that handles the low-level details of memory management; the programmer can either use the default storage pool or define new ones (this is particularly relevant for Non-Uniform Memory Access). It is even possible to declare several different access types that all designate the same type but use different storage pools. Also, the language provides for accessibility checks, both at compile time and at run time, that ensures that an access value cannot outlive the type of the object it points to.
Though the semantics of the language allow automatic garbage collection of inaccessible objects, most implementations do not support it by default, as it would cause unpredictable behaviour in real-time systems. Ada does support a limited form of region-based memory management; also, creative use of storage pools can provide for a limited form of automatic garbage collection, since destroying a storage pool also destroys all the objects in the pool.
Ada was designed to resemble the English language in its syntax for comments: a double-dash ("--"), resembling an em dash, denotes comment text. Comments stop at end of line, so there is no danger of unclosed comments accidentally voiding whole sections of source code. Prefixing each line (or column) with "--" will skip all that code, while being clearly denoted as a column of repeated "--" down the page. There is no limit to the nesting of comments, thereby allowing prior code, with commented-out sections, to be commented-out as even larger sections. All Unicode characters are allowed in comments, such as for symbolic formulas (E=m×c²). To the compiler, the double-dash is treated as end-of-line, allowing continued parsing of the language as a context-free grammar.
The semicolon (";") is a statement terminator, and the null or no-operation statement is
null;. A single
; without a statement to terminate is not allowed.
Unlike most ISO standards, the Ada language definition (known as the Ada Reference Manual or ARM, or sometimes the Language Reference Manual or LRM) is free content. Thus, it is a common reference for Ada programmers and not just programmers implementing Ada compilers. Apart from the reference manual, there is also an extensive rationale document which explains the language design and the use of various language constructs. This document is also widely used by programmers. When the language was revised, a new rationale document was written.
In the 1970s, the US Department of Defense (DoD) was concerned by the number of different programming languages being used for its embedded computer system projects, many of which were obsolete or hardware-dependent, and none of which supported safe modular programming. In 1975, a working group, the High Order Language Working Group (HOLWG), was formed with the intent to reduce this number by finding or creating a programming language generally suitable for the department's and the UK Ministry of Defence requirements. After many iterations beginning with an original Straw man proposal the eventual programming language was named Ada. The total number of high-level programming languages in use for such projects fell from over 450 in 1983 to 37 by 1996.
The HOLWG working group crafted the Steelman language requirements, a series of documents stating the requirements they felt a programming language should satisfy. Many existing languages were formally reviewed, but the team concluded in 1977 that no existing language met the specifications.
Requests for proposals for a new programming language were issued and four contractors were hired to develop their proposals under the names of Red (Intermetrics led by Benjamin Brosgol), Green (CII Honeywell Bull, led by Jean Ichbiah), Blue (SofTech, led by John Goodenough) and Yellow (SRI International, led by Jay Spitzen). In April 1978, after public scrutiny, the Red and Green proposals passed to the next phase. In May 1979, the Green proposal, designed by Jean Ichbiah at CII Honeywell Bull, was chosen and given the name Ada--after Augusta Ada, Countess of Lovelace. This proposal was influenced by the programming language LIS that Ichbiah and his group had developed in the 1970s. The preliminary Ada reference manual was published in ACM SIGPLAN Notices in June 1979. The Military Standard reference manual was approved on December 10, 1980 (Ada Lovelace's birthday), and given the number MIL-STD-1815 in honor of Ada Lovelace's birth year. In 1981, C. A. R. Hoare took advantage of his Turing Award speech to criticize Ada for being overly complex and hence unreliable, but subsequently seemed to recant in the foreword he wrote for an Ada textbook.
Ada attracted much attention from the programming community as a whole during its early days. Its backers and others predicted that it might become a dominant language for general purpose programming and not just defense-related work. Ichbiah publicly stated that within ten years, only two programming languages would remain, Ada and Lisp. Early Ada compilers struggled to implement the large, complex language, and both compile-time and run-time performance tended to be slow and tools primitive. Compiler vendors expended most of their efforts in passing the massive, language-conformance-testing, government-required "ACVC" validation suite that was required in another novel feature of the Ada language effort.
The first validated Ada implementation was the NYU Ada/Ed translator, certified on April 11, 1983. NYU Ada/Ed is implemented in the high-level set language SETL. A number of commercial companies began offering Ada compilers and associated development tools, including Alsys, TeleSoft, DDC-I, Advanced Computer Techniques, Tartan Laboratories, TLD Systems, Verdix, and others.
In 1991, the US Department of Defense began to require the use of Ada (the Ada mandate) for all software, though exceptions to this rule were often granted. The Department of Defense Ada mandate was effectively removed in 1997, as the DoD began to embrace COTS technology. Similar requirements existed in other NATO countries: Ada was required for NATO systems involving command and control and other functions, and Ada was the mandated or preferred language for defense-related applications in countries such as Sweden, Germany, and Canada.
By the late 1980s and early 1990s, Ada compilers had improved in performance, but there were still barriers to full exploitation of Ada's abilities, including a tasking model that was different from what most real-time programmers were used to.
Because of Ada's safety-critical support features, it is now used not only for military applications, but also in commercial projects where a software bug can have severe consequences, e.g., avionics and air traffic control, commercial rockets such as the Ariane 4 and 5, satellites and other space systems, railway transport and banking. For example, the Airplane Information Management System, the fly-by-wire system software in the Boeing 777, was written in Ada. Developed by Honeywell Air Transport Systems in collaboration with consultants from DDC-I, it became arguably the best-known of any Ada project, civilian or military. The Canadian Automated Air Traffic System was written in 1 million lines of Ada (SLOC count). It featured advanced distributed processing, a distributed Ada database, and object-oriented design. Ada is also used in other air traffic systems, e.g., the UK's next-generation Interim Future Area Control Tools Support (iFACTS) air traffic control system is designed and implemented using SPARK Ada. It is also used in the French TVM in-cab signalling system on the TGV high-speed rail system, and the metro suburban trains in Paris, London, Hong Kong and New York City.
The language became an ANSI standard in 1983 (ANSI/MIL-STD 1815A), and without any further changes became an ISO standard in 1987 (ISO-8652:1987). This version of the language is commonly known as Ada 83, from the date of its adoption by ANSI, but is sometimes referred to also as Ada 87, from the date of its adoption by ISO.
Ada 95, the joint ISO/ANSI standard (ISO-8652:1995) was published in February 1995, making Ada 95 the first ISO standard object-oriented programming language. To help with the standard revision and future acceptance, the US Air Force funded the development of the GNAT Compiler. Presently, the GNAT Compiler is part of the GNU Compiler Collection.
Work has continued on improving and updating the technical content of the Ada programming language. A Technical Corrigendum to Ada 95 was published in October 2001, and a major Amendment, ISO/IEC 8652:1995/Amd 1:2007 was published on March 9, 2007. At the Ada-Europe 2012 conference in Stockholm, the Ada Resource Association (ARA) and Ada-Europe announced the completion of the design of the latest version of the Ada programming language and the submission of the reference manual to the International Organization for Standardization (ISO) for approval. ISO/IEC 8652:2012 was published in December 2012.
Other related standards include ISO 8651-3:1988 Information processing systems--Computer graphics--Graphical Kernel System (GKS) language bindings--Part 3: Ada.
Ada is an ALGOL-like programming language featuring control structures with reserved words such as if, then, else, while, for, and so on. However, Ada also has many data structuring facilities and other abstractions which were not included in the original ALGOL 60, such as type definitions, records, pointers, enumerations. Such constructs were in part inherited from or inspired by Pascal.
with Ada.Text_IO; use Ada.Text_IO; procedure Hello is begin Put_Line ("Hello, world!"); end Hello;
This program can be compiled by using the freely available open source compiler GNAT, by executing
Ada's type system is not based on a set of predefined primitive types but allows users to declare their own types. This declaration in turn is not based on the internal representation of the type but on describing the goal which should be achieved. This allows the compiler to determine a suitable memory size for the type, and to check for violations of the type definition at compile time and run time (i.e., range violations, buffer overruns, type consistency, etc.). Ada supports numerical types defined by a range, modulo types, aggregate types (records and arrays), and enumeration types. Access types define a reference to an instance of a specified type; untyped pointers are not permitted. Special types provided by the language are task types and protected types.
For example, a date might be represented as:
type Day_type is range 1 .. 31; type Month_type is range 1 .. 12; type Year_type is range 1800 .. 2100; type Hours is mod 24; type Weekday is (Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, Sunday); type Date is record Day : Day_type; Month : Month_type; Year : Year_type; end record;
Types can be refined by declaring subtypes:
subtype Working_Hours is Hours range 0 .. 12; -- at most 12 Hours to work a day subtype Working_Day is Weekday range Monday .. Friday; -- Days to work Work_Load: constant array(Working_Day) of Working_Hours -- implicit type declaration := (Friday => 6, Monday => 4, others => 10); -- lookup table for working hours with initialization
Types can have modifiers such as limited, abstract, private etc. Private types can only be accessed and limited types can only be modified or copied within the scope of the package that defines them. Ada 95 adds additional features for object-oriented extension of types.
Ada is a structured programming language, meaning that the flow of control is structured into standard statements. All standard constructs and deep level early exit are supported so the use of the also supported 'go to' commands is seldom needed.
-- while a is not equal to b, loop. while a /= b loop Ada.Text_IO.Put_Line ("Waiting"); end loop; if a > b then Ada.Text_IO.Put_Line ("Condition met"); else Ada.Text_IO.Put_Line ("Condition not met"); end if; for i in 1 .. 10 loop Ada.Text_IO.Put ("Iteration: "); Ada.Text_IO.Put (i); Ada.Text_IO.Put_Line; end loop; loop a := a + 1; exit when a = 10; end loop; case i is when 0 => Ada.Text_IO.Put ("zero"); when 1 => Ada.Text_IO.Put ("one"); when 2 => Ada.Text_IO.Put ("two"); -- case statements have to cover all possible cases: when others => Ada.Text_IO.Put ("none of the above"); end case; for aWeekday in Weekday'Range loop -- loop over an enumeration Put_Line ( Weekday'Image(aWeekday) ); -- output string representation of an enumeration if aWeekday in Working_Day then -- check of a subtype of an enumeration Put_Line ( " to work for " & Working_Hours'Image (Work_Load(aWeekday)) ); -- access into a lookup table end if; end loop;
Among the parts of an Ada program are packages, procedures and functions.
Example: Package specification (example.ads)
package Example is type Number is range 1 .. 11; procedure Print_and_Increment (j: in out Number); end Example;
Package body (example.adb)
with Ada.Text_IO; package body Example is i : Number := Number'First; procedure Print_and_Increment (j: in out Number) is function Next (k: in Number) return Number is begin return k + 1; end Next; begin Ada.Text_IO.Put_Line ( "The total is: " & Number'Image(j) ); j := Next (j); end Print_and_Increment; -- package initialization executed when the package is elaborated begin while i < Number'Last loop Print_and_Increment (i); end loop; end Example;
This program can be compiled, e.g., by using the freely available open source compiler GNAT, by executing
gnatmake -z example.adb
Packages, procedures and functions can nest to any depth and each can also be the logical outermost block.
Each package, procedure or function can have its own declarations of constants, types, variables, and other procedures, functions and packages, which can be declared in any order.
Ada has language support for task-based concurrency. The fundamental concurrent unit in Ada is a task, which is a built-in limited type. Tasks are specified in two parts - the task declaration defines the task interface (similar to a type declaration), the task body specifies the implementation of the task. Depending on the implementation, Ada tasks are either mapped to operating system threads or processes, or are scheduled internally by the Ada runtime.
Tasks can have entries for synchronisation (a form of synchronous message passing). Task entries are declared in the task specification. Each task entry can have one or more accept statements within the task body. If the control flow of the task reaches an accept statement, the task is blocked until the corresponding entry is called by another task (similarly, a calling task is blocked until the called task reaches the corresponding accept statement). Task entries can have parameters similar to procedures, allowing tasks to synchronously exchange data. In conjunction with select statements it is possible to define guards on accept statements (similar to Dijkstra's guarded commands).
Ada also offers protected objects for mutual exclusion. Protected objects are a monitor-like construct, but use guards instead of conditional variables for signaling (similar to conditional critical regions). Protected objects combine the data encapsulation and safe mutual exclusion from monitors, and entry guards from conditional critical regions. The main advantage over classical monitors is that conditional variables are not required for signaling, avoiding potential deadlocks due to incorrect locking semantics. Like tasks, the protected object is a built-in limited type, and it also has a declaration part and a body.
A protected object consists of encapsulated private data (which can only be accessed from within the protected object), and procedures, functions and entries which are guaranteed to be mutually exclusive (with the only exception of functions, which are required to be side effect free and can therefore run concurrently with other functions). A task calling a protected object is blocked if another task is currently executing inside the same protected object, and released when this other task leaves the protected object. Blocked tasks are queued on the protected object ordered by time of arrival.
Protected object entries are similar to procedures, but additionally have guards. If a guard evaluates to false, a calling task is blocked and added to the queue of that entry; now another task can be admitted to the protected object, as no task is currently executing inside the protected object. Guards are re-evaluated whenever a task leaves the protected object, as this is the only time when the evaluation of guards can have changed.
Calls to entries can be requeued to other entries with the same signature. A task that is requeued is blocked and added to the queue of the target entry; this means that the protected object is released and allows admission of another task.
The select statement in Ada can be used to implement non-blocking entry calls and accepts, non-deterministic selection of entries (also with guards), time-outs and aborts.
The following example illustrates some concepts of concurrent programming in Ada.
with Ada.Text_IO; use Ada.Text_IO; procedure Traffic is type Airplane_ID is range 1..10; -- 10 airplanes task type Airplane (ID: Airplane_ID); -- task representing airplanes, with ID as initialisation parameter type Airplane_Access is access Airplane; -- reference type to Airplane protected type Runway is -- the shared runway (protected to allow concurrent access) entry Assign_Aircraft (ID: Airplane_ID); -- all entries are guaranteed mutually exclusive entry Cleared_Runway (ID: Airplane_ID); entry Wait_For_Clear; private Clear: Boolean := True; -- protected private data - generally more than just a flag... end Runway; type Runway_Access is access all Runway; -- the air traffic controller task takes requests for takeoff and landing task type Controller (My_Runway: Runway_Access) is -- task entries for synchronous message passing entry Request_Takeoff (ID: in Airplane_ID; Takeoff: out Runway_Access); entry Request_Approach(ID: in Airplane_ID; Approach: out Runway_Access); end Controller; -- allocation of instances Runway1 : aliased Runway; -- instantiate a runway Controller1: Controller (Runway1'Access); -- and a controller to manage it ------ the implementations of the above types ------ protected body Runway is entry Assign_Aircraft (ID: Airplane_ID) when Clear is -- the entry guard - calling tasks are blocked until the condition is true begin Clear := False; Put_Line (Airplane_ID'Image (ID) & " on runway "); end; entry Cleared_Runway (ID: Airplane_ID) when not Clear is begin Clear := True; Put_Line (Airplane_ID'Image (ID) & " cleared runway "); end; entry Wait_For_Clear when Clear is begin null; -- no need to do anything here - a task can only enter if "Clear" is true end; end Runway; task body Controller is begin loop My_Runway.Wait_For_Clear; -- wait until runway is available (blocking call) select -- wait for two types of requests (whichever is runnable first) when Request_Approach'count = 0 => -- guard statement - only accept if there are no tasks queuing on Request_Approach accept Request_Takeoff (ID: in Airplane_ID; Takeoff: out Runway_Access) do -- start of synchronized part My_Runway.Assign_Aircraft (ID); -- reserve runway (potentially blocking call if protected object busy or entry guard false) Takeoff := My_Runway; -- assign "out" parameter value to tell airplane which runway end Request_Takeoff; -- end of the synchronised part or accept Request_Approach (ID: in Airplane_ID; Approach: out Runway_Access) do My_Runway.Assign_Aircraft (ID); Approach := My_Runway; end Request_Approach; or -- terminate if no tasks left who could call terminate; end select; end loop; end; task body Airplane is Rwy : Runway_Access; begin Controller1.Request_Takeoff (ID, Rwy); -- This call blocks until Controller task accepts and completes the accept block Put_Line (Airplane_ID'Image (ID) & " taking off..."); delay 2.0; Rwy.Cleared_Runway (ID); -- call will not block as "Clear" in Rwy is now false and no other tasks should be inside protected object delay 5.0; -- fly around a bit... loop select -- try to request a runway Controller1.Request_Approach (ID, Rwy); -- this is a blocking call - will run on controller reaching accept block and return on completion exit; -- if call returned we're clear for landing - leave select block and proceed... or delay 3.0; -- timeout - if no answer in 3 seconds, do something else (everything in following block) Put_Line (Airplane_ID'Image (ID) & " in holding pattern"); -- simply print a message end select; end loop; delay 4.0; -- do landing approach... Put_Line (Airplane_ID'Image (ID) & " touched down!"); Rwy.Cleared_Runway (ID); -- notify runway that we're done here. end; New_Airplane: Airplane_Access; begin for I in Airplane_ID'Range loop -- create a few airplane tasks New_Airplane := new Airplane (I); -- will start running directly after creation delay 4.0; end loop; end Traffic;
A pragma is a compiler directive that conveys information to the compiler to allow specific manipulation of compiled output. Certain pragmas are built into the language while other are implementation-specific.
Examples of common usage of compiler pragmas would be to disable certain features, such as run-time type checking or array subscript boundary checking, or to instruct the compiler to insert object code in lieu of a function call (as C/C++ does with inline functions).
The SPARK language consists of a well-defined robust or safer subset of the Ada language that uses contracts to describe the specification of components in a form that is suitable for both static and dynamic verification.
In SPARK83/95/2005, the contracts are encoded in Ada comments (and so are ignored by any standard Ada compiler), but are processed by the SPARK "Examiner" and its associated tools.
SPARK 2014 in contrast uses Ada 2012's built-in "aspect" syntax to express contracts, bringing them into the core of the language.
The main tool for SPARK 2014 (GNATprove) is based on the GNAT/GCC infrastructure, and re-uses almost the entirety of the GNAT Ada 2012 front-end.
(These documents have been published in various forms including print.)
Manage research, learning and skills at defaultLogic. Create an account using LinkedIn or facebook to manage and organize your Digital Marketing and Technology knowledge. defaultLogic works like a shopping cart for information -- helping you to save, discuss and share.