Version 1.22r16c of December 7th, 2021
AdaControl is a free (GMGPL) tool that detects the use of various kinds of constructs in Ada programs. Its first goal is to control proper usage of style or programming rules, but it can also be used as a powerful tool to search for use (or non-use) of various forms of programming styles or design patterns. Searched elements range from very simple, like the occurrence of certaine entities, declarations, or statements, to very sophisticated, like verifying that certain programming patterns are being obeyed.
Which elements or constructs are searched is defined by a set of rules; the following table gives a short summary of the 73 rules currently checked by AdaControl. The number in parentheses after the rule name gives the number of subrules, if any. Considering all possible rules and subrules, this makes 591 tests that can be performed currently by AdaControl!
For professional use, we recommend our support and maintenance contract
| Abnormal_Function_Return | Controls a design pattern that ensures that a function always returns a result . |
| Actual_Parameters (x4) | Controls properties of actual parameters of calls and instantiations, like use (or not) of the default value or of certain entities. |
| Allocators | Controls ocurrences of allocators, either all of them, or those targeting specified types. |
| Array_Declarations (x6) | Controls several metrics in array declarations and types
used as indices |
| Aspects (x3) | Controls aspect specifications (Ada 2012) |
| Assignments (x6) | Controls issues related to assignments, like array sliding, access values duplication, multiple assignments to a same variable, assignments to components of a structured variable that could be replaced by aggregate assignment, or possible usage of the "@" target name. |
| Barrier_Expressions | Controls elements allowed in the expression of protected entries barriers |
| Case_Statement (x5) | Controls several metrics in case statements. |
| Characters (x4) | Controls occurrences of control characters (like tabs) in the source. |
| Comments (x5) | Controls the content or placement of certain comments. |
| Declarations (x167) | Controls occurrences of certain Ada declarations. |
| Dependencies (x7) | Controls dependencies of units, either according to a set of allowed units, or by count. |
| Derivations (x4) | Controls properties of declarations and primitive operations of derived types: type and number of ancestors, presence of overriding indicators. |
| Directly_Accessed_Globals | Controls a design pattern that ensures that all global variables are accessed only through dedicated subprograms. |
| Duplicate_Initialization_Calls | Controls design patterns that prevent double initialization of packages or variables. |
| Entities | Controls occurrences of any Ada entity. |
| Entity_Inside_Exception | Controls occurrences of entities inside exception handlers. |
| Exception_Propagation (x5) | Controls that certain subprograms (or tasks) cannot propagate exceptions, that no elaboration can propagate exceptions, or that an exception cannot propagate outside its scope of declaration. |
| Expressions (x60) | Controls usage of certain forms of expressions |
| Generic_Aliasing (x5) |
Controls instantiations
where the same element corresponds to several formal
parameters |
| Global_References (x5) |
Controls unsynchronized accesses to global variables. |
| Header_Comments (x2) | Controls the presence of comments at the start of each module. |
| Improper_Initialization (x3) | Controls a design pattern that ensures that any variable is initialized before being used, and is not uselesly initialized. |
| Instantiations | Controls generic instantiations, either all of them, or those that use specified entities. |
| Insufficient_Parameters | Controls the use of positional parameters in calls where the value dœs not provide sufficient information. |
| Local_Access (x6) |
Controls the use of access
values that designate non global entities. |
| Known_Exceptions (x6) | Controls dereferences, indexings, and component accesses that are statically known to raise an exception. |
| Local_Hiding (x2) | Controls occurrences of local identifiers that hide an identical outer one. |
| Max_Blank_Lines | Controls the occurrence of more than a specified number of consecutive empty lines. |
| Max_Call_Depth | Controls the maximum depth of subprogram calls. |
| Max_Expression_Items | Controls the maximum complexity of expressions. |
| Max_Line_Length | Controls maximal length of source lines. |
| Max_Nesting (x4) | Controls scopes nested more deeply than a given limit. |
| Max_Primitives (x2) | Controls the number of primitive operations of (tagged or untagged) types. |
| Max_Size (x20) | Controls maximum length of composite statements and compilation units. |
| Max_Statement_Nesting (x5) | Controls composite statements nested more deeply than a given limit. |
| Movable_Accept_Statements | Controls statements that could be moved outside an accept statement. |
| Naming_Convention | Controls the form of allowed (or forbidden) names in declarations. |
| No_Operator_Usage | Controls integer types where no operator, or only logical operators, are used. |
| Non_Static (x6) | Controls non static expressions in index or discriminant constraints, or in instantiations. |
| Not_Elaboration_Calls | Controls subprogram calls performed from places outside package elaboration code. |
| Not_Selected_Name | Controls that certain entities are always named using selected notation. |
| Object_Declarations (x5) | Controls various parameters of object declarations (constants and variables). |
| Parameter_Aliasing | Controls subprograms and entry calls where a variable is provided to more than one [in] out parameter. |
| Parameter_Declarations (x9) | Controls characteristics of parameters in callable entities (procedures, functions and entries) |
| Positional_Associations
(x4) |
Controls positional associations (as opposed to named associations). |
| Potentially_Blocking_Operations | Controls the use of potentially blocking operations from within protected operations. |
| Pragmas | Controls the use of specific pragmas. |
| Record_Declarations | Controls various aspects of the components of a record type. |
| Reduceable_Scope (x11) | Controls declarations that could be move to more deeply nested scopes. |
| Renaming_Declarations (x7) | Controls occurrences of renaming declarations. |
| Representation_Clauses (x12) | Controls occurrences of representation clauses. |
| Return_Statements (x3) | Controls various metrics related to the use of return statements, like number of statements or nesting depth. |
| Return_Type (x9) | Controls the use of certain kinds of types as return types of functions. |
| Side_Effect_Parameters | Controls subprogram calls and generic instantiations that call functions with side effect, thus creating a dependance to the order of evaluation. |
| Silent_Exceptions | Controls exception handlers that do not reraise exceptions nor call indicated subprograms. |
| Simplifiable_Expressions (x10) | Controls occurrences of various forms of expressions that could be simplified. |
| Simplifiable_Statements (x16) | Controls occurrences of various forms of statements that could be simplified. |
| Statements (x80) | Controls occurrences of Ada statements. |
| Style (x17) | Controls various forms of constructs generally recommended in style rules. |
| Terminating_Tasks | Controls a design pattern that ensures that tasks never terminate. |
| Type_Initial_Values | Controls that every declared type features an associated initialization constant. |
| Type_Usage (x2) |
Controls use of types or type categories at various places. |
| Uncheckable (x3) | Controls constructs that are not statically checkable by other rules |
| Unit_Pattern (x4) |
Controls usage patterns of program units and elements declared in them. |
| Units (x2) | Controls that all required units are analyzed, and only those. |
| Unnecessary_Use_Clause (x6) | Controls use clauses on packages, where no element of the package is referred to within the scope of the use clause. |
| Unsafe_Elaboration | Controsl packages that may be subject to incorrect elaboration order dependencies. |
| Unsafe_Paired_Calls | Controls a design pattern that ensures that certain calls are allways paired (like P/V procedures). |
| Unsafe_Unchecked_Conversion | Controls instantiations of Unchecked_Conversion between types of different or unspecified sizes. |
| Usage (x14) | Controls usage of objects under certain conditions (in package specifications, read, written modified...). |
| Use_Clauses (x9) | Controls occurrences of use clauses, except for indicated packages. |
| With_Clauses (x7) | Controls proper usage of with clauses. |
For more details on these rules, or on the use of AdaControl in general, please refer to the user's guide.
AdaControl is a command line tool, but it has been fully integrated into AdaCore's GPS environment. From GPS, you can run AdaControl, fix the violations, or edit the rules file with just a few clicks.
NEW!
AdaControl can now help you fix violations: under GPS, just click on the little wrench icon, just like with compiler messages.
You can also fix all violations at once from a menu command. And a new command line utility is provided to fix all fixable violations automatically!
But AdaControl is more than a set of coding rules: it is a complete environment, designed to be easily extended. If your favorite rule is not provided, you can add it yourself! And of course, we will continue to extend the number of rules in the future. If you want to look into how this is possible, please refer to the AdaControl programmer guide.
Initial development of AdaControl was sponsored by Eurocontrol. Some rules were sponsored by BelgoControl, Alstom-Transport, Hitachi rail STS (prev. Ansaldo), and SAGEM-DS. It is a mature tool, routinely used to check Ada codes at Eurocontrol (Brussels, more than 2_000_000 SLOC, Maastricht), BelgoControl, Alstom, Ansaldo-STS, Faiveley, SAGEM-DS (level DO178B/A)... It has also been run against all executable tests from the ACATS.
AdaControl is a free tool under GMGPL license. Nonetheless, it is a commercial product from Adalog, for which we offer a support and maintenance contract. We offer also services for the development of rules for your specific needs, or more generally assistance for the definition and usage of programming rules. For information, please contact info@adalog.fr.
Download
Read this even if you are upgrading from a previous version of AdaControl!
AdaControl is an ASIS application. AdaCore does not provide ASIS support using the regular gcc compiler any more; instead, ASIS applications must use a "tree-generator" (actually a special version of the compiler), "asis-gcc", which is part of the "ASIS Tools" package. This package is distributed by AdaCore to "Pro" users only, thus depriving the community of a very useful and established standard, in an attempt to force users to use AdaCore's own in-house technology.
Previously, the only requirement before installing AdaControl was to have the corresponding version of Gnat installed. Now, here is what you have to do:
- If you are a "Pro" user:
Download and install the "ASIS tools" package from AdaCore. Note that this package is well hidden; to get it, go to AdaCore's "Download" page and click on the "Download archives (all versions)" link at the bottom of the page, then select the appropriate version of "ASIS tools" for your system.
Download and install the "ASIS tools" version of AdaControl for your system. Please read the "Installation" section in AdaControl's User's Guide.
- If you are a "Community" user, you have several options:
- Get the "ASIS tools" package from a "Pro" user of your friends. This package is free software, and permission to redistribute is a fundamental right granted by the GPL license. You can then proceed as above.
- Debian users have no issue, ASIS is supported by
the Debian version of Gnat, and there is an up-to-date
package for AdaControl.
We are working on making AdaControl available with other versions of Gnat-FSF, stay tuned...
- Use the latest version of GnatCE that supports ASIS,
namely GnatCE2019, as the tree-generator for
AdaControl. Note that you can still use a more recent
version of Gnat for your developments; the path to the
installation directory of GnatCE2019 needs not be in
the PATH variable of your system, in order to avoid
confusion.
Download and install the "GnatCE2019" version of AdaControl. Please read the "Installation" section in AdaControl's User's Guide.
- AdaControl can also be downloaded as source, and recompiled with either GnatPRO21.2 or GnatCE2019.
We are very sorry for the burden caused by this unfortunate decision of AdaCore. At Adalog, we have always played fair with free software, and we never abandon our users, even those who are not paying customers. If you encounter any difficulty with running AdaControl, please write to support@adacontrol.fr, and we will be happy to help you.
You are also welcome to write to AdaCore and request that the "ASIS tools" package be distributed to the community.
The ZIP versions allow you to install AdaControl as you please; under Windows, the installers install everything automatically - provided the <GNAT>\bin directory is on your execution path.
| Downloads | |||
|
Windows executable |
Gnat Tools | ||
| Gnat CE 2019 | |||
|
Linux executable |
Gnat Tools | ||
| Gnat CE 2019 | |||
Debian
|
Install with "apt-get install adacontrol"
|
||
|
Please download
from this
link Since this distribution is supported by volunteers, it might not be the latest version. |
||
|
MacOS executable |
Since this distribution is supported by volunteers, it might not be the latest version. | ||
|
Source distribution |
|||
GnatHub integration
Below is a downloadable ZIP file that contains plug-ins for using AdaControl as a measuring tool under GnatHub (AdaCore) and allowing results analysis with GnatDashboard/SONARQube.
Installation and usage directives are part of AdaControl's User Guide.
| GnatHub Integration | ZIP file (1.56Mo) |
Development version
The current development version (unstable) is available (under GIT) from SourceForge and GitHub. You can also find there intermediate versions between official releases that may be appropriate to certain versions of Gnat and even provide your own rating of AdaControl.
You can submit bug reports, suggest improvements, etc. by clicking on "Ticket" on the SourceForge page or by clicking on this direct link.
Support and maintenance contract
Adalog provides commercial support for AdaControl. Support includes the following services:
- Help with installation procedures.
- Explanations regarding the use of the tool, and help for translating coding standards into AdaControl rules.
- Priority handling of tickets reported through our BT system.
- Correction of problems encountered in the use of AdaControl. Pre-releases versions of AdaControl are provided for each corrected problem.
- Access to beta-versions before they are released.
- Keeping in sync customer's own custom rules with the latest version of AdaControl.
- Reduced rate for on-demand development of custom rules.
- Priority consideration of enhancement requests. Satisfying enhancement requests is not part of the support contract; however, Adalog is constantly improving AdaControl, and suggestions originating from supported customers are given a high priority in our todo list.
Adalog cannot correct problems whose origin is due to compiler bugs or defects in the implementation of ASIS (contact your compiler provider for support on these problems). However, Adalog will do its best effort to help reporting such problems to the compiler vendor, and to find workarounds until the problem is fixed.
For pricing information or any question about AdaControl, please write to: info@adalog.fr
Customization of AdaControl
AdaControl can be customized with special rules according to clients needs. For example:
- Business rules
- Rules to enforce coding practices required by hardware
- Special rules due to certification constraints
- ...
Adalog has developped custom versions of AdaControl for various clients. If you have any special need related to controlling your software, please get in touch with us by writing to info@adalog.fr.
Publications about AdaControl
A number of papers have been published about AdaControl or its usage for various verification tasks:
- Jean-Pierre Rosen: "On the benefits for industrials of sponsoring free software development", Ada User Journal, Volume 26, number 4, december 2005
- Jean-Pierre Rosen: "A Comparison of Industrial Coding Rules", Ada User Journal, Volume 29, number 4, december 2008
- Jean-Pierre Rosen: "A Methodology for Avoiding Known Compiler Problems Using Static Analysis", proceedings of the ACM SIGAda Annual International Conference (SIGAda 2010)
- Jean-Pierre Rosen and Jean-Christophe Van-Den-Hende: "Using Ada's Visibility Rules and Static Analysis to Enforce Segregation of Safety Critical Components", Ada User Journal Volume 37, n˚ 3, September 2016
- Jacob Sparre Andersen: "Introducing static analysis to a mature project", Proceedings of the 22nd Ada-Europe International Conference on Reliable Software Technologies - Ada-Europe 2017, Vienna, Austria, 12-16 June 2017.