From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: f849b,b8d52151b7b306d2 X-Google-Attributes: gidf849b,public X-Google-Thread: 103376,a00006d3c4735d70 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-12-27 11:54:28 PST Path: archiver1.google.com!news2.google.com!newsfeed2.dallas1.level3.net!news.level3.com!news-out.visi.com!petbe.visi.com!in.100proofnews.com!in.100proofnews.com!border2.nntp.ash.giganews.com!border1.nntp.ash.giganews.com!firehose2!nntp4!intern1.nntp.aus1.giganews.com!nntp.giganews.com!nntp.comcast.com!news.comcast.com.POSTED!not-for-mail NNTP-Posting-Date: Sat, 27 Dec 2003 13:54:27 -0600 Date: Sat, 27 Dec 2003 14:54:26 -0500 From: "Robert I. Eachus" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada,comp.arch.embedded Subject: Re: Certified C compilers for safety-critical embedded systems References: <3fe00b82.90228601@News.CIS.DFN.DE> <3FE026A8.3CD6A3A@yahoo.com> <$km9afA3DB7$EAYO@phaedsys.demon.co.uk> <3feda44e_3@mk-nntp-1.news.uk.worldonline.com> <3fedbc41_3@mk-nntp-1.news.uk.worldonline.com> In-Reply-To: <3fedbc41_3@mk-nntp-1.news.uk.worldonline.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: NNTP-Posting-Host: 24.34.214.193 X-Trace: sv3-U6w8yOwj8wpIbhn0S2eB06Y5wE5YClJbDnlq1jP3V65rSqQOQxGB6396pjqvigU7TA/DCeGJb0+vIDb!EZKmD5VNy/IVfgXB4mja/DvLonHUx6YJp+kzVyUECFOsurgDhbmlAphmM9wB7Q== X-Complaints-To: abuse@comcast.net X-DMCA-Complaints-To: dmca@comcast.net X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly X-Postfilter: 1.1 Xref: archiver1.google.com comp.lang.ada:3858 comp.arch.embedded:6185 Date: 2003-12-27T14:54:26-05:00 List-Id: Ian Bell wrote: > Ah, so Ada is no better than C in that respect? No, Ada is much better than C in that respect. The concept that Ada supports but C doesn't is best expressed described by example: function Identity(N: Positive) return Matrix is Result: Matrix(1..N, 1..N) := (others => (others => 0.0)); begin for I in Matrix(1)'Range loop Result(I,I) := 1.0; end loop; return Result; end Identity; The size of the matrix returned will often be determined at run-time, but both the compiler and any static checking tools can verify that there are no potential out-of-range assignments here. This sort of "statically matching" constraints, where the constraints are dynamic but can be statically determined to be identical is formalized in RM 4.9.1. There are certain cases in Ada where statically matching subtypes are required, but in general Ada programmers tend to use statically matching subtypes even where they are not required. It not only makes for more efficient code, since the compiler can remove constraint checks, but it means that if the code is changed elsewhere, the change does not need to be propagated. This makes code maintenance much easier. -- Robert I. Eachus "The war on terror is a different kind of war, waged capture by capture, cell by cell, and victory by victory. Our security is assured by our perseverance and by our sure belief in the success of liberty." -- George W. Bush