Ada
Ada is a strongly typed programming language that enjoys widespread used within the embedded systems and safety-critical software industry. It was originally developed under contract to the United States Department of Defense, as part of a project to develop a single unified language meeting the safety and reliability requirements of the department's embedded systems projects.
The language was first standardized in 1983, and has since undergone multiple revisions. The latest version is Ada 2012. The language itself is defined by the ISO standard ISO/IEC 8652, and the Military standard MIL-STD-1815A. In 1991, the US Department of Defense mandated the use of Ada for all software, though exceptions to this rule were often granted. This mandate was effectively removed in 1997, as the DoD began to embrace 'commercial off the shelf' (COTS) technology. Similar requirements existed in other NATO countries for command and control systems, and Ada was the mandated or preferred language for defense-related applications in countries such as Sweden, Germany, and Canada.
Features
Ada has a number of useful features that are of particular interest for low-level programming and operating system development.
Custom types
In addition to being a strongly typed language, Ada allows for the definition of new scalar, enumerated and record types. Custom primitive types can also be constrained to a predefined range of values. The example below demonstrates the definition of a new integer type based upon Ada's native Natural type, restricted to a predefined range. The use of the subtype directive informs the compiler that other variables of the Natural type are compatible with the newly defined subtype.
VGA_COL_COUNT : constant := 80;
VGA_ROW_COUNT : constant := 24;
subtype Col is Natural range 0 .. VGA_COL_COUNT - 1;
subtype Row is Natural range 0 .. VGA_ROW_COUNT - 1;
The below example illustrates the creation of incompatible custom integer types. While their base type and range constraints are identical, Ada treats both as separate, incompatible types. An assignment of a variable of one type to the value of another is illegal, and will trigger a compile-time error.
type Integer_1 is range 1 .. 10;
type Integer_2 is range 1 .. 10;
A : Integer_1 := 8;
B : Integer_2 := A; -- illegal!
The following example demonstrates the creation of a custom enumerated type. It also demonstrates a subtype of an enumerated type with a constrained range of values.
type Day_Of_Week is (Monday, Tuesday,
Wednesday, Thursday, Friday, Saturday, Sunday);
subtype Work_Day is Day_Of_Week range Monday .. Friday;
A variable with the type of Work_Day is restricted to its constrained range. Any attempt to assign a value outside of this range to a variable of this type will raise a Constraint_Error exception at runtime.
Representation clauses
Ada allows for explicitly defining the in-memory representation of scalar and compound types. The following example demonstrates the definition of an enumerated type and a record type, as well as their associated representation in memory.
----------------------------------------------------------------------------
-- The privilege level for a particular descriptor.
-- These correspond to the 'protection ring' that this descriptor is
-- accessible from.
----------------------------------------------------------------------------
type Descriptor_Privilege_Level is (
Ring_0,
Ring_1,
Ring_2,
Ring_3
)
with Size => 2;
for Descriptor_Privilege_Level use (
Ring_0 => 0,
Ring_1 => 1,
Ring_2 => 2,
Ring_3 => 3
);
----------------------------------------------------------------------------
-- The format of the System Table Descriptor pointer used by the processor
-- to load descriptor tables like the GDT and IDT.
----------------------------------------------------------------------------
type System_Table_Descriptor is
record
Size : Unsigned_16;
Offset : System.Address;
end record
with Size => 48;
for System_Table_Descriptor use
record
Size at 0 range 0 .. 15;
Offset at 0 range 16 .. 47;
end record;
The Size aspect specifier instructs the compiler that the System_Table_Descriptor type must be 48 bits in size. The record representation clause instructs the compiler as to the required layout of this record type in memory. This example specifies that the Size member should occupy bits 0 to 15, and the Offset member should occupy bits 16 to 47. This feature is analogous to C's bit-fields.