Florian Weimer wrote:
Yes, Ada has some nice features. At least there are real arrays, but they are somewhat cumbersome to work with, compared to Java, Python or, well, C pointers. There are two aspects: preservation of array bounds in slices (so that you have to write Table (Table'First + Offset) to access the element Offset of Table, Offset ranging from 0 to Table'Length - 1)
That array bounds must be preserved becomes obvious when you consider arrays where the index type has a meaning beyond just position in the array. If you have an array Week with a range of Monday..Sunday, and you take the slice Week(Saturday..Sunday) and call it Weekend, then you really don't want Weekend to suddenly have the indexes Monday and Tuesday.
The GNAT run-time is compiled without language-defined checks, and it used to have at least one buffer overflow in the Ada part. Many Ada libraries used to follow GNAT's example and disabled the checks as well, but this has changed during the last few years, it appears. Manual overflow checks are hampered by the fact that -gnato still isn't the default.
Those are things that we can control in Fedora. I don't see why we couldn't compile Libgnat with checks enabled if we wanted to – except for the code that performs the checking i guess.
The RPM macros Gnatmake_optflags and GPRbuild_optflags contain mandatory compiler flags that try to prevent suppression of important checks. Unfortunately they can't override pragmas, but tools to check for dangerous pragmas could be developed. I will add -gnato to the mandatory compiler flags if the FPC decides so.
Controlled types have a fixed overhead which is quite visible with small objects.
Of course there is always some overhead. Do you mean that they have a significantly larger overhead than garbage collectors have?
Björn Persson