From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, T_FILL_THIS_FORM_SHORT autolearn=unavailable autolearn_force=no version=3.4.4 Path: border2.nntp.dca1.giganews.com!buffer2.nntp.dca1.giganews.com!border2.nntp.dca3.giganews.com!backlog4.nntp.dca3.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!usenet.blueworldhosting.com!feeder01.blueworldhosting.com!feeder.erje.net!eu.feeder.erje.net!xlned.com!feeder1.xlned.com!npeer.de.kpn-eurorings.net!npeer-ng0.de.kpn-eurorings.net!newsfeed.arcor.de!newsspool1.arcor-online.net!news.arcor.de.POSTED!not-for-mail Date: Fri, 06 Jun 2014 19:51:33 +0200 From: "G.B." User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: a new language, designed for safety ! References: <3bf7907b-2265-4314-a693-74792df531d1@googlegroups.com> <51e9fd4f-e676-4d2f-9e21-1c782d71092e@googlegroups.com> In-Reply-To: <51e9fd4f-e676-4d2f-9e21-1c782d71092e@googlegroups.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Message-ID: <5391ffa4$0$6611$9b4e6d93@newsspool4.arcor-online.net> Organization: Arcor NNTP-Posting-Date: 06 Jun 2014 19:51:32 CEST NNTP-Posting-Host: 4e677e37.newsspool4.arcor-online.net X-Trace: DXC=j7Lge2`13d6kUFX=Y?aLP; 4IUK; nc\616M64>:Lh>_cHTX3j=oGijCbioM70 X-Complaints-To: usenet-abuse@arcor.de X-Original-Bytes: 4275 Xref: number.nntp.dca.giganews.com comp.lang.ada:186768 Date: 2014-06-06T19:51:32+02:00 List-Id: On 06.06.14 17:13, Dan'l Miller wrote: > If a fatal runtime error due to an unimplemented method (which Ada would catch at compile-time, but Swift & Objective-C would catch only at runtime via the equivalent of an exception whose default behavior is to stop executing the entire program), then if that fatal runtime error causes any sort of dangerous mishap (e.g., near miss; crash; collision; fire) due to the software no longer performing its function, then the NTSB and/or FAA rightly would identify that fatal runtime exception and the lack of method-implementation that Ada (and C++ and a very few other languages) would have caught at compile-time as the root-causes of the dangerous mishap. Since Ada programs may well have "unimplemented methods", I think this appraisal of Ada's capabilities needs to be augmented a little in order to be valid, viz. by referring to reversed defaults in the way dispatching is part of the language, and to rule checkers. Because, with regard to dispatching, if an Ada programmer decides to use run-time dispatching, then there may well be run-time errors. These include calling an undefined primitive operation of a tagged type. This is demonstrated below. The program fails predictably, even though it does not use pointers or tricks. $ ./comptime raised CONSTRAINT_ERROR : comptime.ada:35 tag check failed $ That's a run-time error, I'd say, stopping the program. The state of P2.Op being unimplemented is announced in source, though, ("abstract") which is different from just absence as in Objective-C etc. Consequently, a set of additional rules is needed to prevent such errors in Ada , and some checking as can be performed with AdaControl, I should think. Ada alone is better if less lenience is, but won't suffice. package Pak is pragma Pure (Pak); package P1 is type A is abstract tagged private; procedure Op (X : in out A) is abstract; private type A is abstract tagged null record; end P1; package P2 is type T is new P1.A with private; overriding procedure Op (X : in out T); private type T is new P1.A with null record; end P2; package P3 is -- Drills a hole! type TA is abstract new P2.T with private; overriding procedure Op (X : in out TA) is abstract; private type TA is abstract new P2.T with null record; end P3; end Pak; with Pak; procedure Comptime is Obj : Pak.P2.T; X : Pak.P1.A'Class := Obj; begin Pak.P3.TA'Class(X).Op; -- run-time dispatching end Comptime; package body Pak is package body P2 is overriding procedure Op (X : in out T) is begin null; end Op; end P2; end Pak;