From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=unavailable autolearn_force=no version=3.4.4 X-Received: by 2002:a24:6ed2:: with SMTP id w201-v6mr7900459itc.4.1525460713907; Fri, 04 May 2018 12:05:13 -0700 (PDT) X-Received: by 2002:a9d:703:: with SMTP id 3-v6mr1955238ote.11.1525460713776; Fri, 04 May 2018 12:05:13 -0700 (PDT) Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!feeder.eternal-september.org!goblin3!goblin.stu.neva.ru!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!u74-v6no581279itb.0!news-out.google.com!15-v6ni1886itg.0!nntp.google.com!u74-v6no581276itb.0!postnews.google.com!glegroupsg2000goo.googlegroups.com!not-for-mail Newsgroups: comp.lang.ada Date: Fri, 4 May 2018 12:05:13 -0700 (PDT) In-Reply-To: Complaints-To: groups-abuse@google.com Injection-Info: glegroupsg2000goo.googlegroups.com; posting-host=96.247.198.106; posting-account=QF6XPQoAAABce2NyPxxDAaKdAkN6RgAf NNTP-Posting-Host: 96.247.198.106 References: <1c73f159-eae4-4ae7-a348-03964b007197@googlegroups.com> User-Agent: G2/1.0 MIME-Version: 1.0 Message-ID: <661b1ce8-f4e4-4a4b-9a07-ebe36d75f010@googlegroups.com> Subject: =?UTF-8?B?UmU6IEhvdyB0byBnZXQgQWRhIHRvIOKAnGNyb3NzIHRoZSBjaGFzbeKAnT8=?= From: Jere Injection-Date: Fri, 04 May 2018 19:05:13 +0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Xref: reader02.eternal-september.org comp.lang.ada:51984 Date: 2018-05-04T12:05:13-07:00 List-Id: On Friday, May 4, 2018 at 12:13:09 PM UTC-4, guyclaud wrote: > Since this topic has somewhat turn into a Ada vs Rust/Haskell/whatever, c= ould some experts show a piece of Ada code where the "borrower-checker" wou= ld more check/security ? Or are the paradigms too different to show a snipp= et close enough to (or IN ) Ada so that I can understand ? They are very different languages. I am going to try and show a couple of situations caught by Rust at compile time. They won't be perfect compariso= ns though. Keep in mind that Ada can pass objects by reference internally=20 while in Rust it has to be explicitly requested. =20 1. Dangling references: Keeping a reference to an object past its lifetim= e Ada: *********************************************** with Ada.Text_IO; use Ada.Text_IO; procedure jdoodle is type Integer_Access is access all Integer; =20 function Inner(Value : aliased in out Integer) return Integer_Access is begin return Value'Access; end Inner; =20 function Outer return Integer_Access is Value : aliased Integer :=3D 0; begin return Inner(Value); end Outer; =20 Ptr : Integer_Access :=3D Outer; -- !!! Dangling reference begin Put_Line("Hello World"); end jdoodle; *********************************************** Hello World gcc -c jdoodle.adb gnatbind -x jdoodle.ali gnatlink jdoodle.ali -o jdoodle A attempt to the equivalent in Rust: *********************************************** pub fn Inner(value : & mut i32) -> & mut i32 { return value; } pub fn Outer() -> &mut i32 { let mut x =3D 0 as i32; return Inner(&x); } pub fn main() { let ptr : &mut i32 =3D Outer; println!("Hello World") } *********************************************** Compiling playground v0.0.1 (file:///playground) error[E0106]: missing lifetime specifier --> src/main.rs:5:19 | 5 | pub fn Outer() -> &mut i32 { | ^ expected lifetime parameter | =3D help: this function's return type contains a borrowed value, but ther= e is no value for it to be borrowed from =3D help: consider giving it a 'static lifetime You have to make it use a static lifetime to work (which removes the dangling reference) while Ada does accept it as is. 2. Concurrent Erroneous Access Ada: ****************************************** with Ada.Text_IO; use Ada.Text_IO; with Ada.Containers.Vectors; procedure jdoodle is package Vectors is new Ada.Containers.Vectors(Positive,Integer); type Some_Type is limited record Data : Vectors.Vector; end record; =20 Some_Object : aliased Some_Type; =20 task Some_Task is entry Start; end Some_Task; =20 task body Some_Task is begin accept Start; for Index in 1 .. 100 loop Some_Object.Data.Append(Index); end loop; end Some_Task; =20 begin Put_Line("Hello World"); Some_Task.Start; for Index in 1 .. 100 loop Some_Object.Data.Append(Index); -- !!! Possible Erroneous Memory A= ccess end loop; end jdoodle; ****************************************** Hello World gcc -c jdoodle.adb gnatbind -x jdoodle.ali gnatlink jdoodle.ali -o jdoodle Attempt at a similar setup in Rust: ****************************************** use std::vec; use std::thread; pub struct SomeType { pub data : vec::Vec } pub fn main() { let mut some_object =3D SomeType{ data : vec::Vec::new() }; =20 println!("Hello World"); =20 let handler =3D thread::spawn(move || { for index in 1 .. 11 { some_object.data.push(index as i32); } }); =20 for index in 1 .. 11 { some_object.data.push(index as i32); } handler.join().unwrap(); } ****************************************** Compiling playground v0.0.1 (file:///playground) error[E0382]: use of moved value: `some_object.data` --> src/main.rs:22:9 | 15 | let handler =3D thread::spawn(move || { | ------- value moved (into closure) her= e ... 22 | some_object.data.push(index as i32); | ^^^^^^^^^^^^^^^^ value used here after move | =3D note: move occurs because `some_object` has type `SomeType`, which d= oes not implement the `Copy` trait If you try and remove the move specifier it then gives the error that you need to put the move specifier to pass data into the thread. Basically, in Rust it forces you to use synchronization primitives on any variable being used in a thread (task equiv), which would be similar to if Ada required all variables in a thread to be protected types or fulfilled some other task safe context. Again, the languages are quite different so it is really hard to=20 put together an actual comparison. Ada has many strengths over Rust though. It is always easy to find some area where language x is better than langauge y in a particular area. What matters most is the whole package vs the whole package and how they affect software development and design.