Teaching new tricks to an old dog (C++ -->Ada)

[Larry Kilgallen]

Apart from these, let's talk about Pascal for example. I do not think
everything in its library can be written with the language itself.

Presuming that by "Pascal" you mean something meeting the "Extended Pascal"
standard rather than the Wirth original,

not a library, but...

When DEC implemented their A1 security kernel they did so in VAX Pascal
(to support provability) and required that the whole thing be written
in Pascal rather than using a runtime library written in some other
language.

==========

They cancelled the project during Field Test when they figured out that
those in the US government who wanted to see A1 systems were entirely
different from those in the US government who actually purchase systems.

I believe, in fact, those rooting most strongly for Multilevel Security
actually run "system high" in their own shops.

 

[Ed Falis]

But if you want to hide most of the data of some abstraction, and
there's no "natural" meaning of "<", then you have to think ahead, and
define some "<" operation just in case somebody wants to put the thing
into a container. (Or, of course, go back and add that in to an
existing data type when you find it's needed.)

Bertrand Meyer went pretty heavily into this situation with his
"open-closed" principle in Eiffel - largely why he's a big fan of multiple
inheritance. This in a sense follows your paranthetical remark.

 

[Jerry Coffin]

Randy Brukardt wrote:

[ ... ]

This statement is false. I was going to try to explain precisely what
happened, but it probably is better to just point to the articles on that
topic that were published at the time. See:
http://www.adaic.com/compilers/index.html
and in particular:
http://www.adaic.com/compilers/acaa.html

I see it, but I also see things like this:

----- quote -----
Q. What about NIST? Isn't Ada still a FIPS standard, with requirements
for NIST validation?

A. FIPS 119-1 is still valid, and section 11.4 states that
"Implementations of FIPS Ada shall be validated in accordance with the
NIST Computer Systems Laboratory (CSL) validation procedures for FIPS
Ada". However, such validation procedures no longer exist, since NIST
had delegated Ada validation authority to AJPO, and AJPO did not
re-delegate this authority.
--- end quote ---

(from: http://sw-eng.falls-church.va.us/ajpofaq.html) which seems to
agree reasonably closely with what I said. Some of it appears to be
obsolete -- FIPS pub 119-1 is NOT valid anymore; it has been withdrawn.
That has little to do with events that happened years ago though.

I'd also note that the relationship between the ACAA and the ISO seems
to be rather one-sided -- while you emphasize your relationship with
the ISO rather heavily on your web site, the ISO seems to mention you
rather a bit less -- a search for "ACAA" on the ISO web site more or
less implies that they've never even heard of you.

 

[Randy Brukardt]

Randy Brukardt wrote: ....
I see it, but I also see things like this:

(from: http://sw-eng.falls-church.va.us/ajpofaq.html) which seems to
agree reasonably closely with what I said.

Ah, yes, the imfamous "Ada is dead site". (It doesn't say that anymore, but
it once did.) That site was created by someone how posted all kinds of
misinformation; people seem to believe it because they registered the old
AJPO domain name. Of course, anyone can post anything on the net, and it can
be hard to tell what's accurate and what isn't.

I'd also note that the relationship between the ACAA and the ISO seems
to be rather one-sided -- while you emphasize your relationship with
the ISO rather heavily on your web site, the ISO seems to mention you
rather a bit less -- a search for "ACAA" on the ISO web site more or
less implies that they've never even heard of you.

Since the ACAA is defined in an ISO standard (specifically ISO/IEC 18009),
and ISO makes money by *selling* their standards, you're hardly going to
find anything there. I don't think you can find much about Ada there,
either. The ACAA I run is an instantiation of that described by that
standard.

You might be able to find out more on the WG9 web site (WG9 is the Ada
Working Group within ISO/IEC JTC1 SC22), but it is pretty sparse:
http://www.open-std.org/JTC1/SC22/WG9/

Randy.

 

[Dmitry A. Kazakov]

That's the point... there aren't any public accessor functions
for opaque data types such as non-limited generic formal parameters.

Then the data are inherently non-sortable. That was designer's decision,
and that is *the* contract. To define "<" would mean to break that
contract.

There are lot of situations where some ad-hoc generated comparison will not
work. Especially if objects are in fact handles to something that may
change asynchronously to the container.

 

[Dmitry A. Kazakov]

Which is both a benefit and a drawback. C++ templates are somewhat more
powerful that Ada generics, because of the lack of contract model, and
implicit instantiation.

I think that the reason is not contracts but inflexible contracts. Ada
formal generic parameters are not ADTs. So there is no way to define a
formal generic type Ordered. Instead of that ADTs are defined ad-hoc:

generic
type Foo is private;
function "<" (Left, Right : Foo) return Boolean is <>;
package ...

What is worse is that these ad-hoc ADTs are not named, so in fact it is a
kind of that flawed structural type equivalence reborn.

But I don't think that addresses Dr. Wrigley's complaint (which applies
to both Ada and C++).

Indirectly it does, because what he wants is to get more that is in the
contract ... -))

 

[Jean-Pierre Rosen]

Greg Comeau a écrit :

Other posts seems to disagree.

I don't see how they could disagree with the mere fact that Adalog is a
registered ACAL, but anyway...

Please clarify for us.
Also include how and why your company is the _official_ lab.
(I'm not challenging you, but seems to me a mixed message
is coming through this thread.)

The ACAA (see Randy's posts) is the official office for issuing
conformance certificates. These certificates are issued after
conformance testing has been performed by an ACAA approved laboratory,
called and ACAL. Adalog has been approved by ACAA, and this is easily
checked by going to the ACAA site!

People arguing that there is no more validation office are simply wrong,
and I hope it is misinformation and not malice.

 

[Georg Bauhaus]

I think that the reason is not contracts but inflexible contracts. Ada
formal generic parameters are not ADTs. So there is no way to define a
formal generic type Ordered.

Hm. Do you mean, a contract type cannot be _defined_ in the
generic formal part of a unit?
Otherwise, why not just write

generic
type Ordered is new Has_Less_Than with private;
package ...

where Has_Less_Than is an abstract type with a "<" operation.

(Or use multiple interfaces and Ada 2005.)

 

[Hans Malherbe]

That's the point... there aren't any public accessor
functions

It's a good point. If you design a library you not only have to decide
up front whether you want to let users put your class in ordered
containers but whether you want to allow containers at all (Generic
algorithms freely make copies of elements and assume value semantics).

I have to ask myself though: If I am denied access to information that
lets me implement a < operator, am I supposed to be able to sort it?

Groete
Hans

 

[Dmitry A. Kazakov]

Hm. Do you mean, a contract type cannot be _defined_ in the
generic formal part of a unit?
Otherwise, why not just write

generic
type Ordered is new Has_Less_Than with private;
package ...

where Has_Less_Than is an abstract type with a "<" operation.

In which case it simple does not need to be generic! Ordered here is a
normal ADT, which class is Has_Less_Than'Class. So the package should work
directly with the class and be non-generic. End of story.

What I meant was:

generic
type Ordered is Has_Less_Than; -- This is not Ada!
package ...

Here Has_Less_Than is not a type but a [generic] class of types, like
"private", "limited private", "range <>", etc. It is almost same but not
the same. This is actually why I strongly believe that generics are
superfluous and should be replaced by better ADTs (now normal ones, one
storey below). In other words there is no need to make a fuss with types
ADT (=classes of formal generic types) when we are far from being ready
with the normal ones!

 

[Dr. Adrian Wrigley]

Hm. Do you mean, a contract type cannot be _defined_ in the
generic formal part of a unit?
Otherwise, why not just write

generic
type Ordered is new Has_Less_Than with private;
package ...

where Has_Less_Than is an abstract type with a "<" operation.

(Or use multiple interfaces and Ada 2005.)

isn't this where (in Ada 95) you would use a package formal
generic parameter?

generic
type Ordered is private;
with function Hash (X : Ordered) return Hash_T;
with function "<" (X, Y : Ordered) return Boolean;
with function "=" (X, Y : Ordered) return Boolean;
-- other things go here
package OrderedHashable is
end OrderedHashable;

generic
with package Useful is new OrderedHashable (<>);
package Blob is
-- ...
end;

Does this not meet the contract flexibility needed, and is basically
a format generic ADT parameter?

I haven't looked at Ada 2005 interfaces yet, but I assume they
give more power and/or convenience than this.

When I come to "translate" this into C++, I am completely stumped!
The best I have come up with is adding lines like:

__glibcpp_class_requires(_Tp, _SGIAssignableConcept)
__glibcpp_class_requires4(_Compare, bool, _Key, _Key, _BinaryFunctionConcept)

to the template class!

Of course I am not trying to write Ada in C++(!), but it does mean
that skills developed in generics don't directly apply to template classes
and vice-versa.

 

[Jerry Coffin]

Randy Brukardt wrote:

[ ... ]

Ah, yes, the imfamous "Ada is dead site". (It doesn't say that
anymore, but it once did.) That site was created by someone
how posted all kinds of misinformation; people seem to believe
it because they registered the old AJPO domain name. Of course,
anyone can post anything on the net, and it can be hard to tell
what's accurate and what isn't.

I agree that there's a lot of misinformation around, and sometimes it's
difficult to sort out what's real and what isn't. Fortunately, the US
Gov't makes this one easy to sort out.

Since NIST is and the AJPO was run by the US gov't, an official action
such as turning the testing responsibilities over to somebody else
would have to be recorded in the US federal register. Since you're
claiming it happened, please be so kind as to tell us the volume and
page number in the federal register where it's recorded -- I did a
search at:

http://www.gpoaccess.gov/fr/index.html

and couldn't turn anything up recording the action you allege to have
taken place.

 

[Martin Krischik]

included.

No surprise there. The C++ standard covers the C++ standard library.

As Ada has an Ada standart library and indeed C has an C standard library
which are all part of the ISO standarts in question.

Personally I prefer slimmer languages and fatter libraries whenever
possible.

As lot of people do. I rather prefer explicid feature - not matter if
language or library. What *I* don't like are implicid features. Example:
Most C/C++ compiler I know of have a compiler option for "ANSI aliasing
only" - I usualy activate is since I avoid aliasing anyway but do I realy
know what it means. *NO* - about 2 meters away is it C ISO standart - I
could read it up - but I don't because all I would get is a headache if I
tried too.

With Regards

Martin

 

[kevin cline]

library.

As Ada has an Ada standart library and indeed C has an C standard library
which are all part of the ISO standarts in question.

True, but the C++ standard library is much more extensive than the Ada
standard library. There's nothing in the Ada standard that compares
with the C++ standard template library.

 

[Martin Dowie]

True, but the C++ standard library is much more extensive than the Ada
standard library. There's nothing in the Ada standard that compares
with the C++ standard template library.

Perhaps not quite as extensive (esp. in the algorithm section) but there
are, from memory, 12 new container types (inc. Vectors, Maps, Sets,
Lists) coming in Ada2005 and there are reference implementations out for
all of them right now.

The hope is to use the ISO "IWA" process to expand on this. It wouldn't
make anything an official part of the standard but it could lead to a
'de facto' supplimentary standard.

Cheers

-- Martin

 

[Randy Brukardt]

Randy Brukardt wrote:

[ ... ]

Ah, yes, the imfamous "Ada is dead site". (It doesn't say that
anymore, but it once did.) That site was created by someone
how posted all kinds of misinformation; people seem to believe
it because they registered the old AJPO domain name. Of course,
anyone can post anything on the net, and it can be hard to tell
what's accurate and what isn't.

I agree that there's a lot of misinformation around, and sometimes it's
difficult to sort out what's real and what isn't. Fortunately, the US
Gov't makes this one easy to sort out.

Since NIST is and the AJPO was run by the US gov't, an official action
such as turning the testing responsibilities over to somebody else
would have to be recorded in the US federal register. Since you're
claiming it happened, please be so kind as to tell us the volume and
page number in the federal register where it's recorded -- I did a
search at:

http://www.gpoaccess.gov/fr/index.html

and couldn't turn anything up recording the action you allege to have
taken place.

I don't know whether it was done formally or not; I wasn't involved with
that.

In any case, it is irrelevant to the existence of the ACAA, operated under
the requirements of an ISO standard, for performing conformity assessment of
Ada compilers. Or do you want to deny that I actually exist, that the ACAA
and its websites, test suites, and authorized laboratories, exists?

You can argue about the value of such testing (an argument that I'll sit
out), but that's a different subject.

Randy.

 

[Jerry Coffin]

Perhaps not quite as extensive (esp. in the algorithm section) but
there are, from memory, 12 new container types (inc. Vectors, Maps,
Sets, Lists) coming in Ada2005 and there are reference
implementations out for all of them right now.

The hope is to use the ISO "IWA" process to expand on this.
It wouldn't make anything an official part of the standard but it
could lead to a 'de facto' supplimentary standard.

The same general sort of situation applies to C++: the Library Working
Group is hard at work on TR1, a specification for extensions to the C++
library. In case anybody cares, a draft is available here:

http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2004/n1687.pdf

When finished, this will have roughly the same status -- a
semi-official addition that will most likely become official in the
next iteration of the standard.

TR1 goes well beyond this, however, to add more standardized facilities
for meta-programming as well. OTOH, since I've pasted in the link just
above, I probably shouldn't bore you with details on all of it here.

As far as reference implementations go, I believe most of this work is
being tracked pretty closely on the boost web site (in fact, much of it
originated there).

 

[Martin Krischik]

True, but the C++ standard library is much more extensive than the Ada
standard library. There's nothing in the Ada standard that compares
with the C++ standard template library.

Well it's Ada 95 and C++ 98 - the Ada standart is a 3 years older - Wait for
Ada 2005 for a standart template library.

One of the problems when comparing languages is that ISO standards a issued
every 10 years - so you always compare an older standard with a newer one.

In C/C++ this gives another interesting twist: C++98 does not understand the
new C99 features - as does C++2003 as it is only the mid-term bug fix.

Besides Ada standart library has features which C++ hasn't got. i.E. 3
string libraries (2 of which won't need heap memory) and 5 I/O Libraries
(http://en.wikibooks.org/wiki/Programming:Ada:InputOutput). Ada is more
"right tool for the task" then "one tool for all tasks." - Both approches
have advantages and disadvantages and I guess we all know them.

Martin

 

[Georg Bauhaus]

True, but the C++ standard library is much more extensive than the Ada
standard library. There's nothing in the Ada standard that compares
with the C++ standard template library.

The meanings of the word "standard library" are a bit different in the two
languages.

The C++ standard template library is right now much more extensive than the
Ada 2005 STL variation. But Ada.Containers etc. is only one part of the Ada
standard library. When you need to link third party libraries in C++, you
can stay within the language in Ada:

The current Ada standard library includes for example
distributed systems,
information systems ("money computing"),
string processing,
interfaces to other languages,
real-time facilities, and
Ada subsetting definitions.

Ada 2005 adds more features to the standard, including
linear algebra support, and
more file and network I/O.


Georg

 

[Georg Bauhaus]

In which case it simple does not need to be generic! Ordered here is a
normal ADT, which class is Has_Less_Than'Class. So the package should work
directly with the class and be non-generic. End of story.

If you want a set of pointers to Employee'class, how can do you do
it easily without templates for sets?

Have you read Bertrand Meyer's comparison? What do you think?

Georg