International Standard ISO/IEC 8652:1995

Information technology -- Programming languages -- Ada
AMENDMENT 1 (Draft 7)

Technologies de l'information -- Langages de programmation -- Ada
AMENDEMENT 1

Amendment 1 to International Standard ISO/IEC 8652:1995 was prepared by AXE Consultants.

This document may be copied, in whole or in part, in any form or by any means, as is, or with alterations, provided that (1) alterations are clearly marked as alterations and (2) this copyright notice is included unmodified in any copy. Compiled copies of standard library units and examples need not contain this copyright notice so long as the notice is included in all copies of the source code and documentation. Any other use or distribution of this document is prohibited without the prior express permission of AXE.

Introduction

International Standard ISO/IEC 8652:1995 defines the Ada programming language.

This amendment modifies Ada by making changes and additions that improve:

The safety of applications written in Ada;
The portability of applications written in Ada;
Interoperability with other languages and systems; and
Accessibility and ease of transition from idioms in other programming and modeling languages.

This amendment incorporates the following major additions to the International Standard:

The Ravenscar profile to provide a simplified tasking system for high-integrity systems (see clause D.13);
A non-preemptive task dispatching policy (see clause D.2.4);
Aggregates, constructor functions, and constants for limited types (see clauses 4.3.1, 6.5, and 7.5);
Control of overriding to eliminate errors (see clause 8.3);
Improvements for access types, such as null excluding subtypes (see clause 3.10), additional uses for anonymous access types (see clauses 3.6 and 8.5.1), and anonymous access-to-subprogram subtypes to support 'downward closures' (see clauses 3.10 and 3.10.2);
Additional context clause capabilities: limited views to allow mutually dependent types (see clauses 3.10.1 and 10.1.2) and private context clauses that apply only in the private part of a package (see clause 10.1.2);
Added standard packages, including time management (see 9.6), file directory and name management (see clause A.16), execution-time clocks (see clause D.14), timing events (see clause D.15), and array and vector operations (see clause G.3);
Interfaces, to provide a limited form of multiple inheritance of operations (see clause 3.9.4); and
A mechanism for writing C unions to make interfaces with C systems easier (see clause B.3.3).

This Amendment is organized by sections corresponding to those in the International Standard. These sections include wording changes and additions to the International Standard. Clause and subclause headings are given for each clause that contains a wording change. Clauses and subclauses that do not contain any change or addition are omitted.

For each change, an anchor paragraph from the International Standard (as corrected by Technical Corrigendum 1) is given. New or revised text and instructions are given with each change. The anchor paragraph can be replaced or deleted, or text can be inserted before or after it. When a heading immediately precedes the anchor paragraph, any text inserted before the paragraph is intended to appear under the heading.

Typographical conventions:

Instructions about the text changes are in this font. The actual text changes are in the same fonts as the International Standard - this font for text, this font for syntax, and this font for Ada source code. Note that this document is designed to be viewed with the default font as some Roman font, similar to the Ada 95 standard. This may require some adjustments to your browser.

Disclaimer:

This document is a draft of a possible amendment to Ada 95 (International Standard ISO/IEC 8652:1995). This draft contains only proposals substantially approved by the ISO/IEC JTC 1/SC 22/WG 9 Ada Rapporteur Group (ARG). Many other important proposals are under consideration by the ARG. Neither the ARG nor any other group has determined which, if any, of these proposals will be included in the amendment. Any proposal may be substantially changed or withdrawn before this document begins standardization, and other proposals may be added. This document is not an official publication or work product of the ARG.

Section 1: General

1.1.2 Structure

Replace paragraph 13: [AI95-00347-01]

Annex H, ``Safety and Security''

by:

Annex H, ``High Integrity Systems''

Section 2: Lexical Elements

2.9 Reserved Words

Replace paragraph 3: [AI95-00218-03; AI95-00251-01; AI95-00345-01]

NOTES
6 The reserved words appear in lower case boldface in this International Standard, except when used in the designator of an attribute (see 4.1.4). Lower case boldface is also used for a reserved word in a string_literal used as an operator_symbol. This is merely a convention -- programs may be written in whatever typeface is desired and available.

by:

interface

overriding

synchronized

Section 3: Declarations and Types

3.1 Declarations

Replace paragraph 3: [AI95-00348-01]

basic_declaration ::=
     type_declaration | subtype_declaration
   | object_declaration | number_declaration
   | subprogram_declaration | abstract_subprogram_declaration
   | package_declaration | renaming_declaration
   | exception_declaration | generic_declaration
   | generic_instantiation

by:

basic_declaration ::=
     type_declaration | subtype_declaration
   | object_declaration | number_declaration
   | subprogram_declaration | abstract_subprogram_declaration
   | null_procedure_declaration | package_declaration
   | renaming_declaration | exception_declaration
   | generic_declaration | generic_instantiation

3.2 Types and Subtypes

Replace paragraph 4: [AI95-00326-01]

record

record extensions

array

task

protected

private

private extension

by:

record

record extensions

array

task

protected

incomplete

private

private extension

Replace paragraph 5: [AI95-00326-01]

discriminants

by:

discriminants

3.2.1 Type Declarations

Replace paragraph 4: [AI95-00251-01]

type_definition ::=
     enumeration_type_definition | integer_type_definition
   | real_type_definition | array_type_definition
   | record_type_definition | access_type_definition
   | derived_type_definition

by:

type_definition ::=
     enumeration_type_definition | integer_type_definition
   | real_type_definition | array_type_definition
   | record_type_definition | access_type_definition
   | derived_type_definition | interface_type_definition

Replace paragraph 8: [AI95-00326-01]

full_type_declaration

full type

type_definition

task_definition

protected_definition

access_definition

full type definition

type_declaration

by:

full_type_declaration

full type

full view

type_definition

task_definition

protected_definition

access_definition

full type definition

type_declaration

3.2.2 Subtype Declarations

Replace paragraph 3: [AI95-00231-01]

subtype_indication ::=  subtype_mark [constraint]

by:

subtype_indication ::=
   [null_exclusion] subtype_mark [scalar_constraint | composite_constraint]

Delete paragraph 5: [AI95-00231-01]

constraint ::= scalar_constraint | composite_constraint

3.2.3 Classification of Operations

Insert after paragraph 6: [AI95-00335-01]

For a specific type declared immediately within a package_specification, any subprograms (in addition to the enumeration literals) that are explicitly declared immediately within the same package_specification and that operate on the type;

the new paragraph:

For a specific type, the stream-oriented attributes of the type that are available (see 13.13.2) at the end of the list of declarative_items where the type is declared;

Replace paragraph 7: [AI95-00200-01]

Any subprograms not covered above that are explicitly declared immediately within the same declarative region as the type and that override (see 8.3) other implicitly declared primitive subprograms of the type.

by:

In the case of a nonformal type, any subprograms not covered above that are explicitly declared immediately within the same declarative region as the type and that override (see 8.3) other implicitly declared primitive subprograms of the type.

3.3.1 Object Declarations

Replace paragraph 5: [AI95-00287-01]

object_declaration

constant

subtype_indication

array_type_definition

by:

object_declaration

constant

subtype_indication

array_type_definition

Replace paragraph 9: [AI95-00363-01]

object_declaration

constrained by its initial value

constrained object

by:

object_declaration

constrained by its initial value

constrained object

3.4 Derived Types and Classes

Replace paragraph 2: [AI95-00251-01]

derived_type_definition ::= [abstract] new parent_subtype_indication [record_extension_part]

by:

interface_list ::= interface_subtype_mark {and interface_subtype_mark}

derived_type_definition ::=
    [abstract] new parent_subtype_indication [[and interface_list] record_extension_part]

Replace paragraph 3: [AI95-00251-01]

parent_

subtype_indication

by:

parent_

subtype_indication

Replace paragraph 8: [AI95-00251-01]

Each class of types that includes the parent type also includes the derived type.

by:

Each class of types that includes the parent type or an interface ancestor type also includes the derived type.

Insert after paragraph 23: [AI95-00251-01]

derived_type_definition

the new paragraph:

interface_list

Insert after paragraph 35: [AI95-00251-01]

17 If the reserved word abstract is given in the declaration of a type, the type is abstract (see 3.9.3).

the new paragraph:

18 An interface type which has an interface ancestor "is derived from" that type, and therefore is a derived type. A derived_type_definition, however, never defines an interface type.

3.4.1 Derivation Classes

Replace paragraph 2: [AI95-00251-01]

derived from

directly

indirectly

rooted

root type

by:

derived from

directly

indirectly

rooted

root type

Replace paragraph 6: [AI95-00230-01]

Universal types: Universal types are defined for (and belong to) the integer, real, and fixed point classes, and are referred to in this standard as respectively, universal_integer, universal_real, and universal_fixed. These are analogous to class-wide types for these language-defined numeric classes. As with class-wide types, if a formal parameter is of a universal type, then an actual parameter of any type in the corresponding class is acceptable. In addition, a value of a universal type (including an integer or real numeric_literal) is ``universal'' in that it is acceptable where some particular type in the class is expected (see 8.6).

by:

Universal types: Universal types are defined for (and belong to) the integer, real, fixed point, and access classes, and are referred to in this standard as respectively, universal_integer, universal_real, universal_fixed, and universal_access. These are analogous to class-wide types for these language-defined classes. As with class-wide types, if a formal parameter is of a universal type, then an actual parameter of any type in the corresponding class is acceptable. In addition, a value of a universal type (including an integer or real numeric_literal) is ``universal'' in that it is acceptable where some particular type in the class is expected (see 8.6).

Replace paragraph 10: [AI95-00251-01]

descendant

ancestor

ultimate ancestor

by:

descendant

ancestor

ultimate ancestor

3.5.4 Integer Types

Replace paragraph 16: [AI95-00340-01]

For every modular subtype S, the following attribute is defined:

by:

For every modular subtype S, the following attributes are defined:

S'Mod

S'Mod denotes a function with the following specification:

        function S'Mod (Arg : universal_integer)
             return S'Base

Arg

mod

3.5.9 Fixed Point Types

Replace paragraph 8: [AI95-00100-01]

small

ordinary_fixed_point_definition

ordinary

small

attribute_definition_clause

delta

small

delta

by:

small

machine numbers

ordinary_fixed_point_definition

ordinary

small

attribute_definition_clause

delta

small

delta

3.6 Array Types

Replace paragraph 7: [AI95-00230-01]

component_definition ::= [aliased] subtype_indication

by:

component_definition ::= [aliased] subtype_indication | access_definition

Delete paragraph 11: [AI95-00363-01]

component_definition

aliased

Replace paragraph 22: [AI95-00230-01]

discrete_subtype_definition

subtype_indication

range

discrete_subtype_definition

component_definition

array_type_definition

subtype_indication

discrete_subtype_definition

component_definition

by:

discrete_subtype_definition

subtype_indication

range

discrete_subtype_definition

component_definition

array_type_definition

subtype_indication

access_definition

discrete_subtype_definition

component_definition

3.6.2 Operations of Array Types

Replace paragraph 16: [AI95-00287-01]

48 A component of an array can be named with an indexed_component. A value of an array type can be specified with an array_aggregate, unless the array type is limited. For a one-dimensional array type, a slice of the array can be named; also, string literals are defined if the component type is a character type.

by:

48 A component of an array can be named with an indexed_component. A value of an array type can be specified with an array_aggregate. For a one-dimensional array type, a slice of the array can be named; also, string literals are defined if the component type is a character type.

3.7 Discriminants

Replace paragraph 1: [AI95-00326-01]

known_discriminant_part

unknown_discriminant_part

by:

known_discriminant_part

unknown_discriminant_part

Replace paragraph 5: [AI95-00231-01]

discriminant_specification ::=
    defining_identifier_list : subtype_mark [:= default_expression]
  | defining_identifier_list : access_definition [:= default_expression]

by:

discriminant_specification ::=
    defining_identifier_list : [null_exclusion] subtype_mark [:= default_expression]
  | defining_identifier_list : access_definition [:= default_expression]

Replace paragraph 9: [AI95-00231-01; AI95-00254-01]

subtype_mark

access_definition

subtype_mark

access_definition

access discriminant

subtype_mark

access_definition

by:

null_exclusion

subtype_mark

access_definition

access discriminant

Delete paragraph 10: [AI95-00230-01]

discriminant_specification

limited

3.7.1 Discriminant Constraints

Replace paragraph 7: [AI95-00363-01]

discriminant_constraint

subtype_indication

subtype_mark

discriminant_constraint

by:

discriminant_constraint

subtype_indication

subtype_mark

discriminant_constraint

3.8 Record Types

Delete paragraph 8: [AI95-00287-01]

default_expression

Replace paragraph 18: [AI95-00230-01]

component_definition

discrete_subtype_definition

name

attribute_reference

prefix

name

per-object expression

constraint

range

per-object constraint

component_definition

component_declaration

discrete_subtype_definition

entry_declaration

constraint

range

subtype_indication

discrete_subtype_definition

subtype_indication

discrete_subtype_definition

constraint

range

by:

component_definition

discrete_subtype_definition

name

attribute_reference

prefix

name

per-object expression

constraint

range

per-object constraint

component_definition

component_declaration

discrete_subtype_definition

entry_declaration

access_definition

constraint

range

subtype_indication

discrete_subtype_definition

access_definition

subtype_indication

discrete_subtype_definition

constraint

range

Replace paragraph 25: [AI95-00287-01]

61 A component of a record can be named with a selected_component. A value of a record can be specified with a record_aggregate, unless the record type is limited.

by:

61 A component of a record can be named with a selected_component. A value of a record can be specified with a record_aggregate.

3.9 Tagged Types and Type Extensions

Replace paragraph 4: [AI95-00344-01]

full_type_declaration

generic_package_declaration

by:

full_type_declaration

generic_package_declaration

Replace paragraph 6: [AI95-00362-01]

package Ada.Tags is
    type Tag is private;

by:

package Ada.Tags is
    pragma Preelaborate(Tags);
    type Tag is private;

Insert after paragraph 7: [AI95-00344-01]

    function Expanded_Name(T : Tag) return String;
    function External_Tag(T : Tag) return String;
    function Internal_Tag(External : String) return Tag;

the new paragraphs:

    function Descendant_Tag(External : String; Ancestor : Tag) return Tag;
    function Is_Descendant_At_Same_Level(Descendant, Ancestor : Tag)
        return Boolean;

Replace paragraph 12: [AI95-00344-01]

The function Internal_Tag returns the tag that corresponds to the given external tag, or raises Tag_Error if the given string is not the external tag for any specific type of the partition.

by:

The function Internal_Tag returns a tag that corresponds to the given external tag, or raises Tag_Error if the given string is not the external tag for any specific type of the partition.

The function Descendant_Tag returns the (internal) tag for the type that corresponds to the given external tag and is both a descendant of the type identified by the Ancestor tag and has the same accessibility level as the identified ancestor. Tag_Error is raised if External is not the external tag for such a type.

The function Is_Descendant_At_Same_Level returns True if Descendant tag identifies a type that is both a descendant of the type identified by Ancestor and at the same accessibility level. If not, it returns False.

3.9.1 Type Extensions

Replace paragraph 3: [AI95-00344-01; AI95-00345-01]

record_extension_part

by:

record_extension_part

Replace paragraph 4: [AI95-00344-01]

A type extension shall not be declared in a generic body if the parent type is declared outside that body.

by:

Within the body of a generic unit, or the body of any of its descendant library units, a tagged type shall not be declared as a descendant of a formal type of the generic unit.

3.9.2 Dispatching Operations of Tagged Types

Replace paragraph 17: [AI95-00196-01]

If all of the controlling operands are tag-indeterminate, then:

by:

If all of the controlling operands (if any) are tag-indeterminate, then:

Replace paragraph 18: [AI95-00196-01; AI95-00239-01]

If the call has a controlling result and is itself a (possibly parenthesized or qualified) controlling operand of an enclosing call on a dispatching operation of type T, then its controlling tag value is determined by the controlling tag value of this enclosing call;

by:

If the call has a controlling result and is itself a (possibly parenthesized or qualified) controlling operand of an enclosing call on a dispatching operation of a descendant of type T, then its controlling tag value is determined by the controlling tag value of this enclosing call;

If the call has a controlling result and is the (possibly parenthesized or qualified) expression of an assignment statement whose target is of a class-wide type, then its controlling tag value is determined by the target;

3.9.3 Abstract Types and Subprograms

Replace paragraph 1: [AI95-00345-01]

abstract type

abstract subprogram

by:

abstract type

abstract subprogram

Static Semantics

abstract

Replace paragraph 2: [AI95-00345-01]

An abstract type is a specific type that has the reserved word abstract in its declaration. Only a tagged type is allowed to be declared abstract.

by:

abstract

Replace paragraph 4: [AI95-00251-01]

For a derived type, if the parent or ancestor type has an abstract primitive subprogram, or a primitive function with a controlling result, then:

by:

If a type inherits a subprogram corresponding to an abstract subprogram or to a function with a controlling result, then

Replace paragraph 5: [AI95-00251-01]

If the derived type is abstract or untagged, the inherited subprogram is abstract.

by:

If the inheriting type is abstract or untagged, the inherited subprogram is abstract.

3.9.4 Interface Types

Insert new clause: [AI95-00251-01; AI95-00345-01]

An interface type is an abstract tagged type which provides a restricted form of multiple inheritance. A tagged, task, or protected type may be derived from one or more interface types.

Syntax

interface_type_definition ::=
    [limited | task | protected | synchronized] interface [and interface_list]

Static Semantics

interface_type_definition

limited

task

protected

synchronized

limited interface

task interface

protected interface

synchronized interface

synchronized

An interface type has no components.

Legality Rules

All user-defined primitive subprograms of an interface type shall be abstract subprograms or null procedures.

interface_list

A descendant of a nonlimited interface shall be nonlimited. A descendant of a task interface shall be a task type or a task interface. A descendant of a protected interface shall be a protected type or a protected interface. A descendant of a synchronized interface shall be a task type, a protected type, or a synchronized interface.

A full view shall be a descendant of an interface type if and only if the corresponding partial view (if any) is also a descendant of the interface type.

For an interface type declared in a visible part, a primitive subprogram shall not be declared in the private part.

In addition to the places where Legality Rules normally apply (see 12.3), these rules apply also in the private part of an instance of a generic unit.

3.10 Access Types

Replace paragraph 2: [AI95-00231-01]

access_type_definition ::=
    access_to_object_definition
  | access_to_subprogram_definition

by:

access_type_definition ::=
    [null_exclusion] access_to_object_definition
  | [null_exclusion] access_to_subprogram_definition

Replace paragraph 6: [AI95-00231-01; AI95-00254-01]

access_definition ::= access subtype_mark

by:

null_exclusion ::= not null
access_definition ::=
   [null_exclusion] access [general_access_modifier] subtype_mark |
   [null_exclusion] access [protected] procedure parameter_profile |
   [null_exclusion] access [protected] function parameter_and_result_profile

Replace paragraph 9: [AI95-00225-01; AI95-00363-01]

aliased

object_declaration

component_definition

aliased

object_declaration

allocator

by:

aliased

object_declaration

component_definition

aliased

limited

Replace paragraph 12: [AI95-00230-01; AI95-00231-01; AI95-00254-01]

access_definition

subtype_mark

designated subtype

access_definition

by:

access_definition

subtype_mark

designated subtype

constant

parameter_profile

parameter_and_result_profile

null_exclusion

access_definition

Replace paragraph 13: [AI95-00230-01; AI95-00231-01]

null

attribute_reference

allocator

by:

attribute_reference

allocator

Replace paragraph 14: [AI95-00231-01]

access_definition

access_to_object_definition

by:

access_definition

access_to_object_definition

access_type_definition

null_exclusion

Legality Rules

null_exclusion

subtype_indication

subtype_mark

Replace paragraph 15: [AI95-00231-01]

composite_constraint

compatible

satisfies

composite_constraint

by:

composite_constraint

compatible

null_exclusion

satisfies

composite_constraint

null_exclusion

Replace paragraph 17: [AI95-00230-01]

access_definition

by:

access_definition

3.10.1 Incomplete Type Declarations

Replace paragraph 2: [AI95-00326-01]

incomplete_type_declaration ::= type defining_identifier [discriminant_part];

by:

incomplete_type_declaration ::= type defining_identifier [discriminant_part] [is tagged];

Replace paragraph 4: [AI95-00326-01]

incomplete_type_declaration

known_discriminant_part

full_type_declaration

known_discriminant_part

incomplete_type_declaration

discriminant_part

unknown_discriminant_part

full_type_declaration

by:

incomplete_type_declaration

tagged

full_type_declaration

incomplete_type_declaration

known_discriminant_part

full_type_declaration

known_discriminant_part

incomplete_type_declaration

discriminant_part

unknown_discriminant_part

full_type_declaration

Replace paragraph 5: [AI95-00326-01]

name

incomplete_type_declaration

by:

name

Delete paragraph 7: [AI95-00326-01]

as the subtype_mark defining the subtype of a parameter or result of an access_to_subprogram_definition;

Replace paragraph 8: [AI95-00326-01]

as the subtype_mark in an access_definition;

by:

as the subtype_mark in an access_definition.

name

as the subtype_mark defining the subtype of a parameter in a formal_part;

Replace paragraph 9: [AI95-00326-01]

as the prefix of an attribute_reference whose attribute_designator is Class; such an attribute_reference is similarly restricted to the uses allowed here; when used in this way, the corresponding full_type_declaration shall declare a tagged type, and the attribute_reference shall occur in the same library unit as the incomplete_type_declaration.

by:

as the prefix of an attribute_reference whose attribute_designator is Class; such an attribute_reference is restricted to the uses allowed here; it denotes a tagged incomplete view.

name

as the subtype_mark defining the subtype of a parameter or result of an access_to_subprogram_definition.

If any of the above uses occurs as part of the declaration of a primitive subprogram of the incomplete view, and the declaration occurs immediately within the private part of a package, then the completion of the incomplete view shall also occur immediately within the private part; it may not be deferred to the package body.

Replace paragraph 10: [AI95-00217-06; AI95-00326-01]

A dereference (whether implicit or explicit -- see 4.1) shall not be of an incomplete type.

by:

prefix

Replace paragraph 11: [AI95-00326-01]

incomplete_type_declaration

known_discriminant_part

by:

incomplete_type_declaration

incomplete view

known_discriminant_part

incomplete_type_declaration

tagged

tagged incomplete view

Given an access type A whose designated type T is an incomplete view, a dereference of a value of type A also has this incomplete view except when:

it occurs in the immediate scope of the completion of T, or

it occurs in the scope of a nonlimited_with_clause that mentions a library package in whose visible part the completion of T is declared.

In these cases, the dereference has the full view of T.

3.10.2 Operations of Access Types

Replace paragraph 2: [AI95-00235-01]

attribute_reference

attribute_designator

prefix

attribute_reference

implicit_dereference

prefix

by:

attribute_reference

attribute_designator

A is an access-to-object type with designated type D and the type of the prefix is D'Class or is covered by D, or

A is an access-to-subprogram type whose designated profile is type conformant with that of the prefix.

prefix

attribute_reference

implicit_dereference

function_call

attribute_reference

prefix

Replace paragraph 12: [AI95-00230-01]

The accessibility level of the anonymous access type of an access discriminant is the same as that of the containing object or associated constrained subtype.

by:

The accessibility level of the anonymous access type defined by an access_definition of an object_renaming_declaration is the same as that of the renamed object (view).

The accessibility level of the anonymous access type of an access discriminant specified for a limited type is the same as the containing object or associated constrained subtype. For other components having an anonymous access type, the accessibility level of the access type is the same as the level of the containing composite type.

Replace paragraph 13: [AI95-00254-01; AI95-00318-02]

The accessibility level of the anonymous access type of an access parameter is the same as that of the view designated by the actual. If the actual is an allocator, this is the accessibility level of the execution of the called subprogram.

by:

The accessibility level of the anonymous access type of an access parameter specifying an access-to-object type is the same as that of the view designated by the actual. If the actual is an allocator, this is the accessibility level of the execution of the called subprogram.

The accessibility level of the anonymous access type of an access parameter specifying an access-to-subprogram type is infinite.

The accessibility level of the anonymous access type of an access result type (see 6.5) is the same as that of the associated function or access-to-subprogram type.

Replace paragraph 26: [AI95-00363-01]

The view shall not be a subcomponent that depends on discriminants of a variable whose nominal subtype is unconstrained, unless this subtype is indefinite, or the variable is aliased.

by:

The view shall not be a subcomponent that depends on discriminants of a variable whose nominal subtype is unconstrained, unless this subtype is indefinite, or the variable is constrained by its initial value.

Replace paragraph 27: [AI95-00363-01]

If A is a named access type and D is a tagged type, then the type of the view shall be covered by D; if A is anonymous and D is tagged, then the type of the view shall be either D'Class or a type covered by D; if D is untagged, then the type of the view shall be D, and A's designated subtype shall either statically match the nominal subtype of the view or be discriminated and unconstrained;

by:

If A is a named access type and D is a tagged type, then the type of the view shall be covered by D; if A is anonymous and D is tagged, then the type of the view shall be either D'Class or a type covered by D; if D is untagged, then the type of the view shall be D, and either:

A's designated subtype shall statically match the nominal subtype of the view; or

D shall be discriminated in its full view and unconstrained in any partial view, and A's designated subtype shall be unconstrained.

Replace paragraph 32: [AI95-00229-01]

by:

Section 4: Names and Expressions

4.1.3 Selected Components

Insert after paragraph 9: [AI95-00252-01]

The prefix shall resolve to denote an object or value of some task or protected type (after any implicit dereference). The selector_name shall resolve to denote an entry_declaration or subprogram_declaration occurring (implicitly or explicitly) within the visible part of that type. The selected_component denotes the corresponding entry, entry family, or protected subprogram.

the new paragraph:

A view of a subprogram whose first formal parameter is of a tagged or is an access parameter whose designated type is tagged. The prefix (after any implicit dereference) shall resolve to denote an object or value of a specific tagged type T or class-wide type T'Class. The selector_name shall resolve to denote a view of a subprogram declared immediately within the region in which an ancestor of the type T is declared. The first formal parameter of the subprogram shall be of type T, or a class-wide type that covers T, or an access parameter designating one of these types. The designator of the subprogram shall not be the same as that of a component of the tagged type visible at the point of the selected_component. The selected_component denotes a view of this subprogram that omits the first formal parameter.

Insert after paragraph 15: [AI95-00252-01]

selected_component

variant

prefix

the new paragraph:

selected_component

prefix

selector_name

selected_component

prefix

actual_parameter_part

4.2 Literals

Delete paragraph 2: [AI95-00230-01]

null

Delete paragraph 7: [AI95-00230-01; AI95-00231-01]

null

Replace paragraph 8: [AI95-00230-01]

universal_integer

universal_real

by:

universal_integer

universal_real

null

universal_access

4.3 Aggregates

Replace paragraph 3: [AI95-00287-01]

aggregate

by:

aggregate

4.3.1 Record Aggregates

Replace paragraph 4: [AI95-00287-01]

record_component_association ::=
   [ component_choice_list => ] expression

by:

record_component_association ::=
     [ component_choice_list => ] expression
   |   component_choice_list => <>

Replace paragraph 8: [AI95-00287-01]

record_aggregate

by:

record_aggregate

Replace paragraph 16: [AI95-00287-01]

record_component_association

by:

record_component_association

Insert after paragraph 17: [AI95-00287-01]

variant_part

the new paragraph:

record_component_association

default_expression

expression

Insert before paragraph 20: [AI95-00287-01]

record_component_association

the new paragraph:

record_component_association

expression

record_component_association

component_declaration

default_expression

4.3.2 Extension Aggregates

Replace paragraph 4: [AI95-00287-01]

extension_aggregate

ancestor_part

expression

by:

extension_aggregate

ancestor_part

expression

Replace paragraph 5: [AI95-00306-01]

ancestor_part

subtype_mark

extension_aggregate

ancestor_part

by:

ancestor_part

subtype_mark

ancestor_part

expression

extension_aggregate

ancestor_part

4.3.3 Array Aggregates

Replace paragraph 3: [AI95-00287-01]

positional_array_aggregate ::=
    (expression, expression {, expression})
  | (expression {, expression}, others => expression)

by:

positional_array_aggregate ::=
    (expression, expression {, expression})
  | (expression {, expression}, others => expression)
  | (expression {, expression}, others => <>)

Replace paragraph 5: [AI95-00287-01]

array_component_association ::=
    discrete_choice_list => expression

by:

array_component_association ::=
    discrete_choice_list => expression
  | discrete_choice_list => <>

Replace paragraph 7: [AI95-00287-01]

array_aggregate

by:

array_aggregate

Insert before paragraph 24: [AI95-00287-01]

array_aggregate

the new paragraph:

Each array component expression defines the value for the associated component(s). For a component given by <>, the associated component(s) are initialized by default (see 3.3.1).

4.5.2 Relational Operators and Membership Tests

Replace paragraph 3: [AI95-00251-01]

tested type

range

subtype_mark

simple_expression

by:

tested type

range

subtype_mark

simple_expression

Insert after paragraph 7: [AI95-00230-01]

function "=" (Left, Right : T) return Boolean
function "/="(Left, Right : T) return Boolean

the new paragraphs:

universal_access

function "=" (Left, Right : universal_access) return Boolean
function "/="(Left, Right : universal_access) return Boolean

Insert after paragraph 9: [AI95-00230-01]

function "<" (Left, Right : T) return Boolean
function "<="(Left, Right : T) return Boolean
function ">" (Left, Right : T) return Boolean
function ">="(Left, Right : T) return Boolean

the new paragraphs:

Name Resolution Rules

universal_access

Legality Rules

universal_access

4.5.5 Multiplying Operators

Replace paragraph 20: [AI95-00364-01]

Legality Rules

universal_fixed

by:

Name Resolution Rules

universal_fixed

4.6 Type Conversions

Replace paragraph 8: [AI95-00251-01]

If the target type is a numeric type, then the operand type shall be a numeric type.

by:

In a view conversion for an untagged type, the target type shall be convertible (back) to the operand type.

If there is a type that is an ancestor of both the target type and the operand type, then

The target type shall be untagged; or

The operand type shall be covered by or descended from the target type; or

The operand type shall be a class-wide type that covers the target type; or

The operand and target types shall both be class-wide types and the specific type associated with at least one of them shall be an interface type.

If there is no type that is an ancestor of both the target type and the operand type, then

If the target type is a numeric type, then the operand type shall be a numeric type.

Replace paragraph 9: [AI95-00246-01; AI95-00251-01]

If the target type is an array type, then the operand type shall be an array type. Further:

by:

If the target type is an array type, then the operand type shall be an array type. Further:

Replace paragraph 10: [AI95-00251-01]

The types shall have the same dimensionality;

by:

The types shall have the same dimensionality;

Replace paragraph 11: [AI95-00251-01]

Corresponding index types shall be convertible;

by:

Corresponding index types shall be convertible;

Replace paragraph 12: [AI95-00246-01; AI95-00251-01]

The component subtypes shall statically match; and

by:

The component subtypes shall statically match;

Replace paragraph 12.1: [AI95-00246-01; AI95-00251-01; AI95-00363-01]

In a view conversion, the target type and the operand type shall both or neither have aliased components.

by:

Neither the target type nor the operand type shall be limited; and

In a view conversion: if the target type has aliased components, then so shall the operand type; and the operand type shall not have a tagged, private, or volatile subcomponent.

Replace paragraph 13: [AI95-00230-01; AI95-00251-01]

If the target type is a general access type, then the operand type shall be an access-to-object type. Further:

by:

If the target type is universal_access, then the operand type shall be an access type.

If the target type is a general access-to-object type, then the operand type shall be universal_access or an access-to-object type. Further, if not universal_access:

Delete paragraph 14: [AI95-00251-01; AI95-00363-01]

If the target type is an access-to-variable type, then the operand type shall be an access-to-variable type;

Replace paragraph 15: [AI95-00251-01]

If the target designated type is tagged, then the operand designated type shall be convertible to the target designated type;

by:

If the target designated type is tagged, then the operand designated type shall be convertible to the target designated type;

Replace paragraph 16: [AI95-00251-01; AI95-00363-01]

If the target designated type is not tagged, then the designated types shall be the same, and either the designated subtypes shall statically match or the target designated subtype shall be discriminated and unconstrained; and

by:

If the target designated type is not tagged, then the designated types shall be the same, and either:

the designated subtypes shall statically match; or

the designated type shall be discriminated in its full view and unconstrained in any partial view, and the target designated subtype shall be unconstrained;

If the target type is an access-to-variable type, then the operand type shall be an access-to-variable type; and

Replace paragraph 17: [AI95-00251-01]

The accessibility level of the operand type shall not be statically deeper than that of the target type. In addition to the places where Legality Rules normally apply (see 12.3), this rule applies also in the private part of an instance of a generic unit.

by:

The accessibility level of the operand type shall not be statically deeper than that of the target type. In addition to the places where Legality Rules normally apply (see 12.3), this rule applies also in the private part of an instance of a generic unit.

Replace paragraph 18: [AI95-00230-01; AI95-00251-01]

If the target type is an access-to-subprogram type, then the operand type shall be an access-to-subprogram type. Further:

by:

If the target type is an access-to-subprogram type, then the operand type shall be universal_access or an access-to-subprogram type. Further, if not universal_access:

Replace paragraph 19: [AI95-00251-01]

The designated profiles shall be subtype-conformant.

by:

The designated profiles shall be subtype-conformant.

Replace paragraph 20: [AI95-00251-01]

The accessibility level of the operand type shall not be statically deeper than that of the target type. In addition to the places where Legality Rules normally apply (see 12.3), this rule applies also in the private part of an instance of a generic unit. If the operand type is declared within a generic body, the target type shall be declared within the generic body.

by:

The accessibility level of the operand type shall not be statically deeper than that of the target type. In addition to the places where Legality Rules normally apply (see 12.3), this rule applies also in the private part of an instance of a generic unit. If the operand type is declared within a generic body, the target type shall be declared within the generic body.

Delete paragraph 21: [AI95-00251-01]

If the target type is not included in any of the above four cases, there shall be a type that is an ancestor of both the target type and the operand type. Further, if the target type is tagged, then either:

Delete paragraph 22: [AI95-00251-01]

The operand type shall be covered by or descended from the target type; or

Delete paragraph 23: [AI95-00251-01]

The operand type shall be a class-wide type that covers the target type.

Delete paragraph 24: [AI95-00251-01]

In a view conversion for an untagged type, the target type shall be convertible (back) to the operand type.

Replace paragraph 49: [AI95-00230-01; AI95-00231-01]

If the target type is an anonymous access type, a check is made that the value of the operand is not null; if the target is not an anonymous access type, then the result is null if the operand value is null.

by:

If the operand value is null, the result of the conversion is the null value of the target type.

Replace paragraph 51: [AI95-00231-01]

After conversion of the value to the target type, if the target subtype is constrained, a check is performed that the value satisfies this constraint.

by:

After conversion of the value to the target type, if the target subtype is constrained, a check is performed that the value satisfies this constraint. If the target subtype excludes the null value, then a check is made that the value is not null.

4.8 Allocators

Replace paragraph 5: [AI95-00287-01; AI95-00344-01]

allocator

by:

allocator

subtype_indication

qualified_expression

allocator

Replace paragraph 6: [AI95-00363-01]

allocator

by:

allocator

Replace paragraph 7: [AI95-00344-01]

allocator

subtype_indication

qualified_expression

by:

allocator

subtype_indication

qualified_expression

allocator

qualified_expression

Replace paragraph 11: [AI95-00280-01]

If the created object contains any tasks, they are activated (see 9.2). Finally, an access value that designates the created object is returned.

by:

allocator

If the created object contains any tasks, they are activated (see 9.2). Finally, an access value that designates the created object is returned.

allocator

Bounded (Run-Time) Errors

allocator

4.9 Static Expressions and Static Subtypes

Replace paragraph 26: [AI95-00263-01]

static subtype

static scalar subtype

static string subtype

in out

by:

static subtype

static scalar subtype

static string subtype

in out

Replace paragraph 38: [AI95-00268-01]

For a real static expression that is not part of a larger static expression, and whose expected type is not a descendant of a formal scalar type, the implementation shall round or truncate the value (according to the Machine_Rounds attribute of the expected type) to the nearest machine number of the expected type; if the value is exactly half-way between two machine numbers, any rounding shall be performed away from zero. If the expected type is a descendant of a formal scalar type, no special rounding or truncating is required - normal accuracy rules apply (see Annex G).

by:

For a real static expression that is not part of a larger static expression, and whose expected type is not a descendant of a formal scalar type, the implementation shall round or truncate the value (according to the Machine_Rounds attribute of the expected type) to the nearest machine number of the expected type; if the value is exactly half-way between two machine numbers, the rounding performed is implementation-defined. If the expected type is a descendant of a formal scalar type, no special rounding or truncating is required - normal accuracy rules apply (see Annex G).

Implementation Advice

For a real static expression that is not part of a larger static expression, and whose expected type is not a descendant of a formal scalar type, the rounding should be the same as the default rounding for the target system.

4.9.1 Statically Matching Constraints and Subtypes

Replace paragraph 2: [AI95-00231-01; AI95-00254-01]

statically matches

by:

statically matches

Section 5: Statements

5.2 Assignment Statements

Replace paragraph 4: [AI95-00287-01]

variable

_name

assignment_statement

expression

by:

variable

_name

assignment_statement

expression

Replace paragraph 5: [AI95-00287-01]

variable

_name

by:

variable

_name

Section 6: Subprograms

6.1 Subprogram Declarations

Replace paragraph 2: [AI95-00218-03]

subprogram_declaration ::= subprogram_specification ;

by:

overriding_indicator ::= [not] overriding
subprogram_declaration ::=
    [overriding_indicator]
    subprogram_specification ;

Replace paragraph 3: [AI95-00218-03]

abstract_subprogram_declaration ::= subprogram_specification is abstract;

by:

abstract_subprogram_declaration ::=
    [overriding_indicator]
    subprogram_specification is abstract;

Replace paragraph 4: [AI95-00348-01]

subprogram_specification ::=
     procedure defining_program_unit_name parameter_profile
   | function defining_designator parameter_and_result_profile

by:

procedure_specification ::= procedure defining_program_unit_name parameter_profile

function_specification ::= function defining_designator parameter_and_result_profile

subprogram_specification ::=
     procedure_specification
   | function_specification

Replace paragraph 13: [AI95-00318-02]

parameter_and_result_profile ::= [formal_part] return subtype_mark

by:

parameter_and_result_profile ::=
    [formal_part] return subtype_mark
  | [formal_part] return access_definition

Replace paragraph 15: [AI95-00231-01]

parameter_specification ::=
    defining_identifier_list : mode subtype_mark [:= default_expression]
  | defining_identifier_list : access_definition [:= default_expression]

by:

parameter_specification ::=
    defining_identifier_list : mode [null_exclusion] subtype_mark [:= default_expression]
  | defining_identifier_list : access_definition [:= default_expression]

Replace paragraph 23: [AI95-00231-01]

subtype_mark

access_definition

parameter_specification

by:

null_exclusion

subtype_mark

access_definition

parameter_specification

Replace paragraph 24: [AI95-00231-01; AI95-00254-01]

access parameter

access_definition

by:

access parameter

access_definition

Replace paragraph 27: [AI95-00254-01]

For any access parameters, the designated subtype of the parameter type.

by:

For any access parameters of an access-to-object type, the designated subtype of the parameter type.

For any access parameters of an access-to-subprogram type, the subtypes of the profile of the parameter type.

6.3 Subprogram Bodies

Replace paragraph 2: [AI95-00218-03]

subprogram_body ::=
   subprogram_specification is
     declarative_part
   begin
      handled_sequence_of_statements
   end [designator];

by:

subprogram_body ::=
   [overriding_indicator]
   subprogram_specification is
     declarative_part
   begin
      handled_sequence_of_statements
   end [designator];

6.3.1 Conformance Rules

Replace paragraph 10: [AI95-00252-01]

a subprogram declared immediately within a protected_body.

by:

a subprogram declared immediately within a protected_body;

the view of a subprogram denoted by a selected_component whose prefix denotes an object or value of a tagged type, and whose selector_name denotes a subprogram operating on the type (see 4.1.3).

Insert after paragraph 13: [AI95-00254-01]

The default calling convention is entry for an entry.

the new paragraph:

The calling convention for an access parameter of an access-to-subprogram type is protected if the reserved word protected appears in its definition and otherwise is the convention of the subprogram that contains the parameter.

Replace paragraph 16: [AI95-00318-02]

mode conformant

by:

mode conformant

Insert after paragraph 24: [AI95-00345-01]

discrete_subtype_definition

fully conformant

subtype_indication

range

subtype_mark

simple_expression

the new paragraph:

type conformant

mode conformant

subtype conformant

fully conformant

6.4 Subprogram Calls

Replace paragraph 8: [AI95-00310-01]

name

prefix

procedure_call_statement

name

prefix

function_call

actual_parameter_part

implicit_dereference

by:

name

prefix

procedure_call_statement

name

prefix

function_call

name

prefix

actual_parameter_part

implicit_dereference

6.5 Return Statements

Replace paragraph 2: [AI95-00318-02]

return_statement ::= return [expression];

by:

return_statement ::= simple_return_statement | extended_return_statement

simple_return_statement ::= return [expression];

extended_return_statement ::=
    return identifier : [aliased] return_subtype_indication [:= expression] [do
        handled_sequence_of_statements
    end return];

return_subtype_indication ::= subtype_indication | access_definition

Replace paragraph 3: [AI95-00318-02]

expression

return_statement

return expression

result subtype

subtype_mark

return

by:

result subtype

subtype_mark

access_definition

return

expression

return_statement

return expression

Replace paragraph 4: [AI95-00318-02]

return_statement

applies to

return_statement

by:

If the result subtype of a function is limited at the point where the function is frozen (see 13.14), the result subtype shall be constrained.

return_statement

extended_return_statement

return_statement

Replace paragraph 5: [AI95-00318-02]

return_statement

code_statement

return_statement

by:

return_statement

code_statement

simple_return_statement

extended_return_statement

subtype_mark

return_subtype_indication

extended_return_statement

subtype_indication

access_definition

return_subtype_indication

access_definition

qualified_expression

Static Semantics

extended_return_statement

return object

return

_subtype_indication

Replace paragraph 6: [AI95-00318-02]

return_statement

expression

by:

extended_return_statement

subtype_indication

expression

simple_return_statement

return object

Delete paragraph 7: [AI95-00318-02]

expression

Replace paragraph 8: [AI95-00318-02]

If the result type is a specific tagged type:

by:

If the result type of a function is a specific tagged type, the tag of the return object is that of the result type.

Delete paragraph 9: [AI95-00318-02]

If it is limited, then a check is made that the tag of the value of the return expression identifies the result type. Constraint_Error is raised if this check fails.

Delete paragraph 10: [AI95-00318-02]

If it is nonlimited, then the tag of the result is that of the result type.

Delete paragraph 11: [AI95-00318-02]

return-by-reference

Delete paragraph 12: [AI95-00318-02]

a tagged limited type;

Delete paragraph 13: [AI95-00318-02]

a task or protected type;

Delete paragraph 14: [AI95-00318-02]

a nonprivate type with the reserved word limited in its declaration;

Delete paragraph 15: [AI95-00318-02]

a composite type with a subcomponent of a return-by-reference type;

Delete paragraph 16: [AI95-00318-02]

a private type whose full type is a return-by-reference type.

Delete paragraph 17: [AI95-00318-02]

If the result type is a return-by-reference type, then a check is made that the return expression is one of the following:

Delete paragraph 19: [AI95-00318-02]

a parenthesized expression or qualified_expression whose operand is one of these kinds of expressions.

Replace paragraph 20: [AI95-00318-02; AI95-00344-01]

The exception Program_Error is raised if this check fails.

by:

If the result type is class-wide, a check is made that the accessibility level of the type identified by the tag of the result is not deeper than that of the master that elaborated the function body. If this check fails, Program_Error is raised.

Delete paragraph 21: [AI95-00318-02]

return_statement

Replace paragraph 22: [AI95-00318-02]

return_statement

by:

return_statement

function_call

Replace paragraph 24: [AI95-00318-02]

return;                         -- in a procedure body, entry_body, or accept_statement
return Key_Value(Last_Index);   -- in a function body

by:

return;                         -- in a procedure body, entry_body,
                                -- accept_statement, or extended_return_statement

return Key_Value(Last_Index);   -- in a function body

return Node : Cell do           -- in a function body, see 3.10.1 for Cell
   Node.Value := Result;
   Node.Succ := Next_Mode;
end return;

6.5.1 Pragma No_Return

Insert new clause: [AI95-00329-01]

A pragma No_Return indicates that a procedure can return only by propagating an exception.

Syntax

The form of a pragma No_Return, which is a program unit pragma (see 10.1.5), is as follows:

pragma

local_

name

local_

name

Legality Rules

The pragma shall apply to one or more procedures or generic procedures.

return_statement

Static Semantics

If a pragma No_Return applies to a generic procedure, pragma No_Return applies to all instances of that generic procedure.

Dynamic Semantics

If a pragma No_Return applies to a procedure, then the exception Program_Error is raised at the point of the call of the procedure if the procedure body completes normally.

6.7 Null Procedures

Insert new clause: [AI95-00348-01]

null_procedure_declaration

Syntax

null_procedure_declaration ::= procedure_specification is null;

Static Semantics

null_procedure_declaration

null procedure

null_procedure_declaration

Dynamic Semantics

subprogram_body

Section 7: Packages

7.3 Private Types and Private Extensions

Replace paragraph 2: [AI95-00251-01]

private_extension_declaration ::=
   type defining_identifier [discriminant_part] is
     [abstract] new ancestor_subtype_indication with private;

by:

private_extension_declaration ::=
   type defining_identifier [discriminant_part] is
     [abstract] new ancestor_subtype_indication [and interface_list] with private;

7.4 Deferred Constants

Replace paragraph 9: [AI95-00256-01]

The completion of a deferred constant declaration shall occur before the constant is frozen (see 7.4).

by:

The completion of a deferred constant declaration shall occur before the constant is frozen (see 13.14).

7.5 Limited Types

Replace paragraph 1: [AI95-00287-01]

A limited type is (a view of) a type for which the assignment operation is not allowed. A nonlimited type is a (view of a) type for which the assignment operation is allowed.

by:

A limited type is (a view of) a type for which copying (such as for an assignment_statement) is not allowed. A nonlimited type is a (view of a) type for which copying is allowed.

Insert before paragraph 2: [AI95-00287-01; AI95-00318-02]

limited

record_type_definition

the new paragraph:

expression

aggregate

function_call

expression

qualified_expression

the initialization expression of an object_declaration (see 3.3.1)

the default_expression of a component_declaration (see 3.8)

the expression of a record_component_association (see 4.3.1)

the expression for an ancestor_part of an extension_aggregate (see 4.3.2)

an expression of a positional_array_aggregate or the expression of an array_component_association (see 4.3.3)

the qualified_expression of an initialized allocator (see 4.8)

the expression of a return_statement (see 6.5)

the default_expression or actual parameter for a formal object of mode in (see 12.4)

Insert after paragraph 8: [AI95-00287-01; AI95-00318-02]

There are no predefined equality operators for a limited type.

the new paragraph:

Implementation Requirements

aggregate

function_call

aggregate

function_call

Replace paragraph 9: [AI95-00287-01; AI95-00318-02]

13 The following are consequences of the rules for limited types:

by:

13 While it is allowed to write initializations of limited objects, such initializations never copy a limited object. The source of such an assignment operation must be an aggregate or function_call, and such aggregates and function_calls must be built directly in the target object.

Delete paragraph 10: [AI95-00287-01]

An initialization expression is not allowed in an object_declaration if the type of the object is limited.

Delete paragraph 11: [AI95-00287-01]

A default expression is not allowed in a component_declaration if the type of the record component is limited.

Delete paragraph 12: [AI95-00287-01]

An initialized allocator is not allowed if the designated type is limited.

Delete paragraph 13: [AI95-00287-01]

A generic formal parameter of mode in must not be of a limited type.

Delete paragraph 14: [AI95-00287-01]

14 Aggregates are not available for a limited composite type. Concatenation is not available for a limited array type.

Delete paragraph 15: [AI95-00287-01]

15 The rules do not exclude a default_expression for a formal parameter of a limited type; they do not exclude a deferred constant of a limited type if the full declaration of the constant is of a nonlimited type.

7.6 User-Defined Assignment and Finalization

Replace paragraph 5: [AI95-00161-01]

    type Controlled is abstract tagged private;

by:

    type Controlled is abstract tagged private;
    pragma Preelaborable_Initialization(Controlled);

Replace paragraph 6: [AI95-00348-01]

    procedure Initialize (Object : in out Controlled);
    procedure Adjust   (Object : in out Controlled);
    procedure Finalize (Object : in out Controlled);

by:

    procedure Initialize (Object : in out Controlled) is null;
    procedure Adjust     (Object : in out Controlled) is null;
    procedure Finalize   (Object : in out Controlled) is null;

Replace paragraph 7: [AI95-00161-01]

    type Limited_Controlled is abstract tagged limited private;

by:

    type Limited_Controlled is abstract tagged limited private;
    pragma Preelaborable_Initialization(Limited_Controlled);

Replace paragraph 8: [AI95-00348-01]

    procedure Initialize (Object : in out Limited_Controlled);
    procedure Finalize (Object : in out Limited_Controlled);
private
    ... -- not specified by the language
end Ada.Finalization;

by:

    procedure Initialize (Object : in out Limited_Controlled) is null;
    procedure Finalize   (Object : in out Limited_Controlled) is null;
private
    ... -- not specified by the language
end Ada.Finalization;

Replace paragraph 9: [AI95-00348-01; AI95-00360-01]

A controlled type is a descendant of Controlled or Limited_Controlled. The (default) implementations of Initialize, Adjust, and Finalize have no effect. The predefined "=" operator of type Controlled always returns True, since this operator is incorporated into the implementation of the predefined equality operator of types derived from Controlled, as explained in 4.5.2. The type Limited_Controlled is like Controlled, except that it is limited and it lacks the primitive subprogram Adjust.

by:

A controlled type is a descendant of Controlled or Limited_Controlled. The predefined "=" operator of type Controlled always returns True, since this operator is incorporated into the implementation of the predefined equality operator of types derived from Controlled, as explained in 4.5.2. The type Limited_Controlled is like Controlled, except that it is limited and it lacks the primitive subprogram Adjust.

need finalization

it is a controlled type, a task type or a protected type; or

it has a component that needs finalization; or

it is a limited type that has an access discriminant whose designated type needs finalization; or

it is one of a number of language-defined types that are explicitly defined to need finalization.

Replace paragraph 21: [AI95-00147-01]

For an aggregate or function call whose value is assigned into a target object, the implementation need not create a separate anonymous object if it can safely create the value of the aggregate or function call directly in the target object. Similarly, for an assignment_statement, the implementation need not create an anonymous object if the value being assigned is the result of evaluating a name denoting an object (the source object) whose storage cannot overlap with the target. If the source object might overlap with the target object, then the implementation can avoid the need for an intermediary anonymous object by exercising one of the above permissions and perform the assignment one component at a time (for an overlapping array assignment), or not at all (for an assignment where the target and the source of the assignment are the same object). Even if an anonymous object is created, the implementation may move its value to the target object as part of the assignment without re-adjusting so long as the anonymous object has no aliased subcomponents.

by:

For an aggregate or function call whose value is assigned into a target object, the implementation need not create a separate anonymous object if it can safely create the value of the aggregate or function call directly in the target object. Similarly, for an assignment_statement, the implementation need not create an anonymous object if the value being assigned is the result of evaluating a name denoting an object (the source object) whose storage cannot overlap with the target. If the source object might overlap with the target object, then the implementation can avoid the need for an intermediary anonymous object by exercising one of the above permissions and perform the assignment one component at a time (for an overlapping array assignment), or not at all (for an assignment where the target and the source of the assignment are the same object).

Furthermore, an implementation is permitted to omit implicit Initialize, Adjust, and Finalize calls and associated assignment operations on an object of nonlimited controlled type provided that:

any omitted Initialize call is not a call on a user-defined Initialize procedure, and

any usage of the value of the object after the implicit Initialize or Adjust call and before any subsequent Finalize call on the object does not change the external effect of the program, and

after the omission of such calls and operations, any execution of the program that executes an Initialize or Adjust call on an object or initializes an object by an aggregate will also later execute a Finalize call on the object and will always do so prior to assigning a new value to the object, and

the assignment operations associated with omitted Adjust calls are also omitted.

This permission applies to Adjust and Finalize calls even if the implicit calls have additional external effects.

7.6.1 Completion and Finalization

Replace paragraph 11: [AI95-00280-01]

allocator

by:

allocator

finalization of the collection

Replace paragraph 16: [AI95-00256-01]

For an Adjust invoked as part of the initialization of a controlled object, other adjustments due to be performed might or might not be performed, and then Program_Error is raised. During its propagation, finalization might or might not be applied to objects whose Adjust failed. For an Adjust invoked as part of an assignment statement, any other adjustments due to be performed are performed, and then Program_Error is raised.

by:

For an Adjust invoked as part of assignment operations other than those invoked as part of an assignment statement, other adjustments due to be performed might or might not be performed, and then Program_Error is raised. During its propagation, finalization might or might not be applied to objects whose Adjust failed. For an Adjust invoked as part of an assignment statement, any other adjustments due to be performed are performed, and then Program_Error is raised.

Section 8: Visibility Rules

8.1 Declarative Region

Insert after paragraph 4: [AI95-00318-02]

a loop_statement;

the new paragraph:

an extended_return_statement;

8.3 Visibility

Insert after paragraph 12: [AI95-00251-01]

An implicit declaration of an inherited subprogram overrides a previous implicit declaration of an inherited subprogram.

the new paragraphs:

If two or more homographs are implicitly declared at the same place:

If one is a non-null non-abstract subprogram, then it overrides all which are null or abstract subprograms.

If all are null procedures or abstract subprograms, then any null procedure overrides all abstract subprograms; if more than one homograph remains that is not thus overridden, then one is chosen arbitrarily to override the others.

Replace paragraph 20: [AI95-00217-06]

The declaration of a library unit (including a library_unit_renaming_declaration) is hidden from all visibility except at places that are within its declarative region or within the scope of a with_clause that mentions it. For each declaration or renaming of a generic unit as a child of some parent generic package, there is a corresponding declaration nested immediately within each instance of the parent. Such a nested declaration is hidden from all visibility except at places that are within the scope of a with_clause that mentions the child.

by:

The declaration of a library unit (including a library_unit_renaming_declaration) is hidden from all visibility except at places that are within its declarative region or within the scope of a nonlimited_with_clause that mentions it. The limited view of a library package is hidden from all visibility except at places that are within the scope of a limited_with_clause that mentions it but not within the scope of a nonlimited_with_clause that mentions it. For each declaration or renaming of a generic unit as a child of some parent generic package, there is a corresponding declaration nested immediately within each instance of the parent. Such a nested declaration is hidden from all visibility except at places that are within the scope of a with_clause that mentions the child.

Insert after paragraph 23: [AI95-00195-01]

A declaration is also hidden from direct visibility where hidden from all visibility.

the new paragraph:

attribute_definition_clause

visible

attribute_definition_clause

Replace paragraph 26: [AI95-00218-01; AI95-00251-01]

context_clause

subunit

with_clause

by:

context_clause

subunit

with_clause

If two or more homographs are implicitly declared at the same place (and not overridden by a non-overridable declaration) then at most one shall be a non-null non-abstract subprogram. If all are null or abstract, then all of the null subprograms shall be fully conformant with one another. If all are abstract, then all of the subprograms shall be fully conformant with one another.

All of these rules also apply to dispatching operations declared in the visible part of an instance of a generic unit. However, they do not apply to other overloadable declarations in an instance; such declarations may have type conformant profiles in the instance, so long as the corresponding declarations in the generic were not type conformant.

subprogram_declaration

abstract_subprogram_declaration

subprogram_body

subprogram_body_stub

subprogram_renaming_declaration

generic_instantiation

overriding_indicator

the operation shall be a primitive operation for some type;

if the overriding_indicator is overriding, then the operation shall override a homograph at the point of the declaration or body;

if the overriding_indicator is not overriding, then the operation shall not override any homograph (at any point).

In addition to the places where Legality Rules normally apply, these rules also apply in the private part of an instance of a generic unit.

8.4 Use Clauses

Replace paragraph 5: [AI95-00217-06]

package_

name

use_package_clause

by:

package_

name

use_package_clause

Insert after paragraph 7: [AI95-00217-06]

use_clause

the new paragraph:

named

use_package_clause

package_

name

named

use_type_clause

subtype_mark

Replace paragraph 8: [AI95-00217-06]

package_

name

use_package_clause

potentially use-visible

subtype_mark

use_type_clause

potentially use-visible

by:

use_package_clause

potentially use-visible

use_type_clause

potentially use-visible

8.5.1 Object Renaming Declarations

Replace paragraph 2: [AI95-00230-01]

object_renaming_declaration ::=
    defining_identifier : subtype_mark renames object_name;

by:

object_renaming_declaration ::=
    defining_identifier : subtype_mark renames object_name;
  | defining_identifier : access_definition renames object_name;

Replace paragraph 3: [AI95-00231-01; AI95-00254-01]

object_name

subtype_mark

by:

object_name

subtype_mark

access_definition

Replace paragraph 4: [AI95-00231-01; AI95-00254-01]

The renamed entity shall be an object.

by:

access_definition

Replace paragraph 5: [AI95-00363-01]

slice

by:

slice

Replace paragraph 6: [AI95-00230-01]

object_renaming_declaration

renaming_declaration

subtype_mark

object_renaming_declaration

by:

object_renaming_declaration

renaming_declaration

subtype_mark

access_definition

object_renaming_declaration

8.5.3 Package Renaming Declarations

Replace paragraph 3: [AI95-00217-06]

The renamed entity shall be a package.

by:

The renamed entity shall be a nonlimited view of a package.

8.5.4 Subprogram Renaming Declarations

Replace paragraph 2: [AI95-00218-03]

subprogram_renaming_declaration ::= subprogram_specification renames callable_entity_name;

by:

subprogram_renaming_declaration ::=
    [overriding_indicator]
    subprogram_specification renames callable_entity_name;

Insert after paragraph 5: [AI95-00228-01]

The profile of a renaming-as-body shall be subtype-conformant with that of the renamed callable entity, and shall conform fully to that of the declaration it completes. If the renaming-as-body completes that declaration before the subprogram it declares is frozen, the profile shall be mode-conformant with that of the renamed callable entity and the subprogram it declares takes its convention from the renamed subprogram; otherwise, the profile shall be subtype-conformant with that of the renamed callable entity and the convention of the renamed subprogram shall not be Intrinsic. A renaming-as-body is illegal if the declaration occurs before the subprogram whose declaration it completes is frozen, and the renaming renames the subprogram itself, through one or more subprogram renaming declarations, none of whose subprograms has been frozen.

the new paragraph:

callable_entity_name

8.6 The Context of Overload Resolution

Replace paragraph 25: [AI95-00230-01; AI95-00231-01; AI95-00254-01]

when T is an anonymous access type (see 3.10) with designated type D, to an access-to-variable type whose designated type is D'Class or is covered by D.

by:

when T is a specific anonymous access-to-object type (see 3.10) with designated type D, to an access-to-object type whose designated type is D'Class or is covered by D, and that is access-to-constant only if T is access-to-constant; or

when T is an anonymous access-to-subprogram type (see 3.10), to an access-to-subprogram type whose designated profile is subtype-conformant with that of T.

Section 9: Tasks and Synchronization

9.1 Task Units and Task Objects

Replace paragraph 2: [AI95-00345-01]

task_type_declaration ::=
   task type defining_identifier [known_discriminant_part] [is task_definition];

by:

task_type_declaration ::=
   task type defining_identifier [known_discriminant_part] [is
      [new interface_list with]
      task_definition];

Insert after paragraph 8: [AI95-00345-01]

task_body

the new paragraphs:

interface_subtype_mark

interface_list

task_type_declaration

interface_list

the inherited subprogram shall be overridden with a primitive subprogram of the task type, in which case the overriding subprogram shall be subtype conformant with the inherited subprogram and not abstract; or

the first parameter of the inherited subprogram shall be of the task type or an access parameter designating the task type, and there shall be an entry_declaration for a single entry with the same identifier and a profile that is type conformant with that of the inherited subprogram after omitting this first parameter, in which case the inherited subprogram is said to be implemented by the conforming entry, and its profile after omitting the first parameter shall be subtype conformant with that of the entry.

If neither applies, the inherited subprogram shall be a null procedure.

Insert after paragraph 9.1: [AI95-00345-01]

task_definition

task_item

the new paragraph:

task_type_declaration

interface_list

Replace paragraph 21: [AI95-00287-01]

4 A task type is a limited type (see 7.5), and hence has neither an assignment operation nor predefined equality operators. If an application needs to store and exchange task identities, it can do so by defining an access type designating the corresponding task objects and by using access values for identification purposes. Assignment is available for such an access type as for any access type. Alternatively, if the implementation supports the Systems Programming Annex, the Identity attribute can be used for task identification (see C.7).

by:

4 A task type is a limited type (see 7.5), and hence has neither assignment nor predefined equality operators. If an application needs to store and exchange task identities, it can do so by defining an access type designating the corresponding task objects and by using access values for identification purposes. Assignment is available for such an access type as for any access type. Alternatively, if the implementation supports the Systems Programming Annex, the Identity attribute can be used for task identification (see C.7).

9.4 Protected Units and Protected Objects

Replace paragraph 2: [AI95-00345-01]

protected_type_declaration ::=
   protected type defining_identifier [known_discriminant_part] [is protected_definition];

by:

protected_type_declaration ::=
   protected type defining_identifier [known_discriminant_part] [is
      [new interface_list with]
      protected_definition];

Insert after paragraph 10: [AI95-00345-01]

protected_body

the new paragraphs:

interface_subtype_mark

interface_list

protected_type_declaration

interface_list

the inherited subprogram shall be overridden with a primitive subprogram of the protected type; in this case the overriding subprogram shall be subtype conformant with the inherited subprogram and not abstract; or

the first parameter of the inherited subprogram shall be of the protected type or an access parameter designating the protected type, and there shall be a protected_operation_declaration for a protected subprogram or single entry with the same identifier within the protected_type_declaration, having a profile that is type conformant with that of the inherited subprogram after omitting this first parameter; in this case the inherited subprogram is said to be implemented by the conforming protected subprogram or entry, and its profile after omitting the first parameter shall be subtype conformant with that of the protected subprogram or entry.

If neither applies, the inherited subprogram shall be a null procedure.

out

in out

Replace paragraph 11: [AI95-00345-01]

protected_definition

protected_operation_declaration

protected_definition

known_discriminant_part

protected_element_declaration

private

by:

protected_definition

protected_operation_declaration

protected_definition

known_discriminant_part

protected_element_declaration

private

protected_type_declaration

interface_list

Insert after paragraph 20: [AI95-00280-01]

finalization

entry_call_statement

the new paragraph:

Bounded (Run-Time) Errors

Replace paragraph 23: [AI95-00287-01]

15 A protected type is a limited type (see 7.5), and hence has neither an assignment operation nor predefined equality operators.

by:

15 A protected type is a limited type (see 7.5), and hence has neither assignment nor predefined equality operators.

9.6 Delay Statements, Duration, and Time

Replace paragraph 10: [AI95-00161-01]

package Ada.Calendar is
    type Time is private;

by:

package Ada.Calendar is
    type Time is private;
    pragma Preelaborable_Initialization(Time);

Replace paragraph 11: [AI95-00351-01]

  subtype Year_Number  is Integer range 1901 .. 2099;
  subtype Month_Number is Integer range 1 .. 12;
  subtype Day_Number   is Integer range 1 .. 31;
  subtype Day_Duration is Duration range 0.0 .. 86_400.0;

by:

  subtype Year_Number  is Integer range 1901 .. 2399;
  subtype Month_Number is Integer range 1 .. 12;
  subtype Day_Number   is Integer range 1 .. 31;
  subtype Day_Duration is Duration range 0.0 .. 86_400.0;

Replace paragraph 24: [AI95-00351-01]

The functions Year, Month, Day, and Seconds return the corresponding values for a given value of the type Time, as appropriate to an implementation-defined timezone; the procedure Split returns all four corresponding values. Conversely, the function Time_Of combines a year number, a month number, a day number, and a duration, into a value of type Time. The operators "+" and "-" for addition and subtraction of times and durations, and the relational operators for times, have the conventional meaning.

by:

The functions Year, Month, Day, and Seconds return the corresponding values for a given value of the type Time, as appropriate to an implementation-defined time zone; the procedure Split returns all four corresponding values. Conversely, the function Time_Of combines a year number, a month number, a day number, and a duration, into a value of type Time. The operators "+" and "-" for addition and subtraction of times and durations, and the relational operators for times, have the conventional meaning.

9.6.1 Formatting, Time Zones, and other operations for Time

Insert new clause: [AI95-00351-01]

Static Semantics

The following language-defined library packages exist:

package Ada.Calendar.Time_Zones is

    -- Time zone manipulation:

    type Time_Offset is range -1440 .. 1440;

    Unknown_Zone_Error : exception;

    function UTC_Time_Offset (Date : Time := Clock) return Time_Offset;

end Ada.Calendar.Time_Zones;


package Ada.Calendar.Arithmetic is

    -- Arithmetic on days:

    type Day_Count is range
      -366*(1+Year_Number'Last - Year_Number'First)
      ..
      366*(1+Year_Number'Last - Year_Number'First);

    subtype Leap_Seconds_Count is Integer range -999 .. 999;

    procedure Difference (Left, Right : in Time;
                          Days : out Day_Count;
                          Seconds : out Duration;
                          Leap_Seconds : out Leap_Seconds_Count);

    function "+" (Left : Time; Right : Day_Count) return Time;

    function "+" (Left : Day_Count; Right : Time) return Time;

    function "-" (Left : Time; Right : Day_Count) return Time;

    function "-" (Left, Right : Time) return Day_Count;

end Ada.Calendar.Arithmetic;

with Ada.Calendar.Time_Zones;
package Ada.Calendar.Formatting is

    -- Day of the week:

    type Day_Name is (Monday, Tuesday, Wednesday, Thursday,
        Friday, Saturday, Sunday);

    function Day_of_Week (Date : Time) return Day_Name;

    -- Hours:Minutes:Seconds access:

    subtype Hour_Number         is Natural range 0 .. 23;
    subtype Minute_Number       is Natural range 0 .. 59;
    subtype Second_Number       is Natural range 0 .. 59;
    subtype Second_Duration     is Day_Duration range 0.0 .. 1.0;

    function Hour       (Date : Time;
                         Time_Zone  : Time_Zones.Time_Offset := 0)
                            return Hour_Number;

    function Minute     (Date : Time;
                         Time_Zone  : Time_Zones.Time_Offset := 0)
                            return Minute_Number;

    function Second     (Date : Time;
                         Time_Zone  : Time_Zones.Time_Offset := 0)
                            return Second_Number;

    function Sub_Second (Date : Time;
                         Time_Zone  : Time_Zones.Time_Offset := 0)
                            return Second_Duration;

    function Seconds_Of (Hour   :  Hour_Number;
                         Minute : Minute_Number;
                         Second : Second_Number := 0;
                         Sub_Second : Second_Duration := 0.0)
        return Day_Duration;

    procedure Split (Seconds    : in Day_Duration;
                     Hour       : out Hour_Number;
                     Minute     : out Minute_Number;
                     Second     : out Second_Number;
                     Sub_Second : out Second_Duration);

    procedure Split (Date       : in Time;
                     Time_Zone  : in Time_Zones.Time_Offset := 0;
                     Year       : out Year_Number;
                     Month      : out Month_Number;
                     Day        : out Day_Number;
                     Hour       : out Hour_Number;
                     Minute     : out Minute_Number;
                     Second     : out Second_Number;
                     Sub_Second : out Second_Duration);

    function Time_Of (Year       : Year_Number;
                      Month      : Month_Number;
                      Day        : Day_Number;
                      Hour       : Hour_Number;
                      Minute     : Minute_Number;
                      Second     : Second_Number;
                      Sub_Second : Second_Duration := 0.0;
                      Leap_Second: Boolean := False;
                      Time_Zone  : Time_Zones.Time_Offset := 0)
                              return Time;

    function Time_Of (Year       : Year_Number;
                      Month      : Month_Number;
                      Day        : Day_Number;
                      Seconds    : Day_Duration;
                      Leap_Second: Boolean := False;
                      Time_Zone  : Time_Zones.Time_Offset := 0)
                              return Time;

    procedure Split (Date       : in Time;
                     Time_Zone  : in Time_Zones.Time_Offset := 0;
                     Year       : out Year_Number;
                     Month      : out Month_Number;
                     Day        : out Day_Number;
                     Hour       : out Hour_Number;
                     Minute     : out Minute_Number;
                     Second     : out Second_Number;
                     Sub_Second : out Second_Duration;
                     Leap_Second: out Boolean);

    procedure Split (Date       : in Time;
                     Time_Zone  : in Time_Zones.Time_Offset := 0;
                     Year       : out Year_Number;
                     Month      : out Month_Number;
                     Day        : out Day_Number;
                     Seconds    : out Day_Duration;
                     Leap_Second: out Boolean);

    -- Simple image and value:
    function Image (Date : Time;
                    Include_Time_Fraction : Boolean := False;
                    Time_Zone  : Time_Zones.Time_Offset := 0) return String;

    function Value (Date : String;
                    Time_Zone  : Time_Zones.Time_Offset := 0) return Time;

    function Image (Elapsed_Time : Duration;
                    Include_Time_Fraction : Boolean := False) return String;

    function Value (Elapsed_Time : String) return Duration;

end Ada.Calendar.Formatting;

Type Time_Offset represents the number of minutes difference between the implementation-defined time zone used by Ada.Calendar and another time zone.

function UTC_Time_Offset (Date : Time := Clock) return Time_Offset;

Returns, as a number of minutes, the difference between the implementation-defined time zone of Calendar, and UTC time, at the time Date. If the time zone of the Calendar implementation is unknown, then Unknown_Zone_Error is raised.

procedure Difference (Left, Right : in Time;
                      Days : out Day_Count;
                      Seconds : out Duration;
                      Leap_Seconds : out Leap_Seconds_Count);

Returns the difference between Left and Right. Days is the number of days of difference, Seconds is the remainder seconds of difference, and Leap_Seconds is the number of leap seconds. If Left < Right, then Seconds <= 0.0, Days <= 0, and Leap_Seconds <= 0. Otherwise, all values are non-negative. For the returned values, if Days = 0, then Seconds + Duration(Leap_Seconds) = Calendar."-" (Left, Right).

function "+" (Left : Time; Right : Day_Count) return Time;
function "+" (Left : Day_Count; Right : Time) return Time;

Adds a number of days to a time value. Time_Error is raised if the result is not representable as a value of type Time.

function "-" (Left : Time; Right : Day_Count) return Time;

Subtracts a number of days from a time value. Time_Error is raised if the result is not representable as a value of type Time.

function "-" (Left, Right : Time) return Day_Count;

Subtracts two time values, and returns the number of days between them. This is the same value that Difference would return in Days.

function Day_of_Week (Date : Time) return Day_Name;

Returns the day of the week for Time. This is based on the Year, Month, and Day values of Time.

function Hour       (Date : Time;
                     Time_Zone  : Time_Zones.Time_Offset := 0)
                        return Hour_Number;

Returns the hour for Date, as appropriate for the specified time zone offset.

function Minute     (Date : Time;
                     Time_Zone  : Time_Zones.Time_Offset := 0)
                        return Minute_Number;

Returns the minute within the hour for Date, as appropriate for the specified time zone offset.

function Second     (Date : Time;
                     Time_Zone  : Time_Zones.Time_Offset := 0)
                        return Second_Number;

Returns the second within the hour and minute for Date, as appropriate for the specified time zone offset.

function Sub_Second (Date : Time;
                     Time_Zone  : Time_Zones.Time_Offset := 0)
                        return Second_Duration;

Returns the fraction of second for Date (this has the same accuracy as Day_Duration), as appropriate for the specified time zone offset.

function Seconds_Of (Hour   : Hour_Number;
                     Minute : Minute_Number;
                     Second : Second_Number := 0;
                     Sub_Second : Second_Duration := 0.0)
    return Day_Duration;

Returns a Day_Duration value for the Hour:Minute:Second.Sub_Second. This value can be used in Calendar.Time_Of as well as the argument to Calendar."+" and Calendar."-".

procedure Split (Seconds : in Day_Duration;
                 Hour : out Hour_Number;
                 Minute : out Minute_Number;
                 Second : out Second_Number;
                 Sub_Second : out Second_Duration);

Splits Seconds into Hour:Minute:Second.Sub_Second.

procedure Split (Date       : in Time;
                 Time_Zone  : in Time_Zones.Time_Offset := 0;
                 Year       : out Year_Number;
                 Month      : out Month_Number;
                 Day        : out Day_Number;
                 Hour       : out Hour_Number;
                 Minute     : out Minute_Number;
                 Second     : out Second_Number;
                 Sub_Second : out Second_Duration);

Splits Date into its constituent parts (Year, Month, Day, Hour, Minute, Second, Sub_Second), relative to the specified time zone offset.

function Time_Of (Year       : Year_Number;
                  Month      : Month_Number;
                  Day        : Day_Number;
                  Hour       : Hour_Number;
                  Minute     : Minute_Number;
                  Second     : Second_Number;
                  Sub_Second : Second_Duration := 0.0;
                  Leap_Second: Boolean := False;
                  Time_Zone  : Time_Zones.Time_Offset := 0)
                          return Time;

Returns a Time built from the date and time values, relative to the specified time zone offset. Time_Error is raised if Leap_Second is True, and Hour, Minute, and Second are not appropriate for a Leap_Second.

function Time_Of (Year       : Year_Number;
                  Month      : Month_Number;
                  Day        : Day_Number;
                  Seconds    : Day_Duration;
                  Leap_Second: Boolean := False;
                  Time_Zone  : Time_Zones.Time_Offset := 0)
                          return Time;

Returns a Time built from the date and time values, relative to the specified time zone offset. Time_Error is raised if Leap_Second is True, and Seconds is not appropriate for a Leap_Second.

procedure Split (Date       : in Time;
                 Time_Zone  : in Time_Zones.Time_Offset := 0;
                 Year       : out Year_Number;
                 Month      : out Month_Number;
                 Day        : out Day_Number;
                 Hour       : out Hour_Number;
                 Minute     : out Minute_Number;
                 Second     : out Second_Number;
                 Sub_Second : out Second_Duration;
                 Leap_Second: out Boolean);

Split Date into its constituent parts (Year, Month, Day, Hour, Minute, Second, Sub_Second), relative to the specified time zone offset. Leap_Second is true if Date identifies a leap second.

procedure Split (Date       : in Time;
                 Time_Zone  : in Time_Zones.Time_Offset := 0;
                 Year       : out Year_Number;
                 Month      : out Month_Number;
                 Day        : out Day_Number;
                 Seconds    : out Day_Duration;
                 Leap_Second: out Boolean);

Split Date into its constituent parts (Year, Month, Day, Seconds), relative to the specified time zone offset. Leap_Second is true if Date identifies a leap second.

function Image (Date : Time;
                Include_Time_Fraction : Boolean := False;
	        Time_Zone  : Time_Zones.Time_Offset := 0) return String;

Returns a string form of the Date relative to the given Time_Zone. The format is "Year-Month-Day Hour:Minute:Second", where each value other than Year is a 2-digit form of the value of the functions defined in Calendar and Calendar.Formatting, including a leading '0', if needed. Year is a 4-digit value. If Include_Time_Fraction is True, Sub_Seconds*100 is suffixed to the string as a 2-digit value following a '.'.

function Value (Date : String)
	        Time_Zone  : Time_Zones.Time_Offset := 0) return Time;

Returns a Time value for the image given as Date, relative to the given time zone. Constraint_Error is raised if the string is not formatted as described for Image, or the function cannot interpret the given string as a Time value.

function Image (Elapsed_Time : Duration;
                Include_Time_Fraction : Boolean := False) return String;

abs

function Value (Elapsed_Time : String) return Duration;

Returns a Duration value for the image given as Elapsed_Time. Constraint_Error is raised if the string is not formatted as described for Image, or the function cannot interpret the given string as a Duration value.

Implementation Advice

An implementation should support leap seconds if the target system supports them. If leap seconds are not supported, Difference should return zero for Leap_Seconds, Split should return False for Leap_Second, and Time_Of should raise Time_Error if Leap_Second is True.

NOTES
36 The time in the time zone known as Greenwich Mean Time (GMT) is generally equivalent to UTC time.

37 The implementation-defined time zone used for type Time may be, but need not be, the local time zone. UTC_Time_Offset always returns the difference relative to the implementation-defined time zone of package Calendar. If UTC_Time_Offset does not raise Unknown_Zone_Error, UTC time can be safely calculated (within the accuracy of the underlying time-base).

38 Calling Split on the results of subtracting Duration(UTC_Time_Offset*60) from Clock provides the components (hours, minutes, and so on) of the UTC time. In the United States, for example, UTC_Time_Offset will generally be negative.

9.7.2 Timed Entry Calls

Replace paragraph 1: [AI95-00345-01]

timed_entry_call

by:

timed_entry_call

Replace paragraph 3: [AI95-00345-01]

entry_call_alternative ::=
   entry_call_statement [sequence_of_statements]

by:

entry_call_alternative ::=
   procedure_or_entry_call_statement [sequence_of_statements]

procedure_or_entry_call ::=
   procedure_call_statement | entry_call_statement

Legality Rules

procedure_call_statement

procedure_or_entry_call

procedure_

name

procedure_

prefix

procedure_call_statement

Static Semantics

procedure_call_statement

procedure_or_entry_call

procedure_

name

procedure_

prefix

procedure_call_statement

Replace paragraph 4: [AI95-00345-01]

timed_entry_call

entry_

name

delay_

expression

delay_alternative

by:

timed_entry_call

entry_

name

procedure_

name

procedure_

prefix

delay_

expression

delay_alternative

9.7.4 Asynchronous Transfer of Control

Replace paragraph 4: [AI95-00345-01]

triggering_statement ::= entry_call_statement | delay_statement

by:

triggering_statement ::= procedure_or_entry_call_statement | delay_statement

Replace paragraph 6: [AI95-00345-01]

asynchronous_select

triggering_statement

entry_call_statement

entry_

name

abortable_part

by:

asynchronous_select

triggering_statement

procedure_or_entry_call_statement

entry_

name

procedure_

name

procedure_

prefix

abortable_part

sequence_of_statements

triggering_alternative

abortable_part

9.8 Abort of a Task - Abort of a Sequence of Statements

Replace paragraph 3: [AI95-00345-01]

task_

name

by:

task_

name

9.9 Task and Entry Attributes

Replace paragraph 1: [AI95-00345-01]

prefix

by:

prefix

Section 10: Program Structure and Compilation Issues

10.1.1 Compilation Units - Library Units

Insert after paragraph 12: [AI95-00217-06; AI95-00326-01]

library_unit_declaration

library_unit_renaming_declaration

private

private

public

public descendants

private descendants

the new paragraphs:

package_declaration

limited view

For each nested package_declaration, a declaration of the limited view of that package, with the same defining_program_unit_name.

For each type_declaration in the visible part, an incomplete view of the type is declared. If the type_declaration is tagged, then the view is a tagged incomplete view.

package_declaration

private

not

library_item

package_declaration

The elaboration of the limited view of a package has no effect.

Replace paragraph 26: [AI95-00217-06]

library_item

library_unit_body

library_unit_declaration

library_item

with_clause

attribute_reference

by:

library_item

library_unit_body

library_unit_declaration

library_item

with_clause

attribute_reference

10.1.2 Context Clauses - With Clauses

Replace paragraph 4: [AI95-00217-06; AI95-00326-01]

with_clause ::= with library_unit_name {, library_unit_name};

by:

with_clause ::= limited_with_clause | nonlimited_with_clause
limited_with_clause ::= limited [private] with library_unit_name {, library_unit_name};
nonlimited_with_clause ::= [private] with library_unit_name {, library_unit_name};

Replace paragraph 6: [AI95-00217-06]

library_item

mentioned

with_clause

library_unit_

name

prefix

with_clause

by:

library_item

named

with_clause

library_unit_

name

with_clause

library_item

mentioned

with_clause

prefix

with_clause

Replace paragraph 8: [AI95-00217-06; AI95-00220-01; AI95-00262-01]

with_clause

compilation_unit

by:

with_clause

compilation_unit

the declaration, body, or subunit of a private descendant of that library unit;

the body or subunit of a public descendant of that library unit, but not a subprogram body acting as a subprogram declaration (see 10.1.4); or

the declaration of a public descendant of that library unit, and the with_clause shall include the keyword private.

name

with_clause

private

a private part,

a body, but not within the subprogram_specification of a library subprogram body,

a private descendant of the unit on which one of these with_clauses appear, or

a pragma within a context clause.

library_item

limited_with_clause

package_declaration

subprogram_declaration

generic_declaration

generic_instantiation

package_renaming_declaration

limited_with_clause

library_unit_body

subunit

limited_with_clause

library_item

in the same context_clause as a nonlimited_with_clause which mentions the same library_item; or

in the same context_clause as a use_clause which names an entity declared within the declarative region of the library_item; or

in the scope of a nonlimited_with_clause which mentions the same library_item; or

in the scope of a use_clause which names an entity declared within the declarative region of the library_item.

10.1.3 Subunits of Compilation Units

Replace paragraph 3: [AI95-00218-03]

subprogram_body_stub ::= subprogram_specification is separate;

by:

subprogram_body_stub ::=
    [overriding_indicator]
    subprogram_specification is separate;

Replace paragraph 8: [AI95-00243-01]

parent body

parent_unit_name

subunit

subunit

proper_body

subunit

by:

parent body

parent_unit_name

subunit

subunit

proper_body

subunit

subunit of a program unit

10.1.4 The Compilation Process

Replace paragraph 3: [AI95-00217-06]

The mechanisms for creating an environment and for adding and replacing compilation units within an environment are implementation defined.

by:

limited_with_clause

Replace paragraph 6: [AI95-00217-06]

The implementation may require that a compilation unit be legal before inserting it into the environment.

by:

limited_with_clause

Replace paragraph 7: [AI95-00214-01]

library_item

defining_program_unit_name

pragma

by:

library_item

subunit

body_stub

library_item

subunit

body_stub

pragma

10.1.5 Pragmas and Program Units

Replace paragraph 9: [AI95-00212-01]

library_item

by:

library_item

10.2 Program Execution

Replace paragraph 6: [AI95-00217-06]

If a compilation unit with stubs is needed, then so are any corresponding subunits.

by:

If a compilation unit with stubs is needed, then so are any corresponding subunits;

If the limited view of a unit is needed, then the full view of the unit is needed.

Replace paragraph 9: [AI95-00256-01]

elaboration dependences

library_item

by:

elaboration dependences

library_item

10.2.1 Elaboration Control

Insert after paragraph 4: [AI95-00161-01]

pragma

the new paragraphs:

pragma

pragma

direct_name

Replace paragraph 9: [AI95-00161-01]

The creation of a default-initialized object (including a component) of a descendant of a private type, private extension, controlled type, task type, or protected type with entry_declarations; similarly the evaluation of an extension_aggregate with an ancestor subtype_mark denoting a subtype of such a type.

by:

The creation of an object (including a component) of a type which does not have preelaborable initialization. Similarly the evaluation of an extension_aggregate with an ancestor subtype_mark denoting a subtype of such a type.

Insert after paragraph 11: [AI95-00161-01]

pragma

preelaborated

library_item

the new paragraphs:

The following rules specify which entities have preelaborable initialization:

The partial view of a private type or private extension, a protected type without entry_declarations, a generic formal private type, or a generic formal derived type, have preelaborable initialization if and only if the pragma Preelaborable_Initialization has been applied to them.

A component (including a discriminant) of a record or protected type has preelaborable initialization if its declaration includes a default_expression whose execution does not perform any actions prohibited in preelaborable constructs as described above, or if its declaration does not include a default expression and its type has preelaborable initialization.

A derived type has preelaborable initialization if its parent type has preelaborable initialization and (in the case of a derived record or protected type) if the non-inherited components all have preelaborable initialization. Moreover, a user-defined controlled type with an overridding Initialize procedure does not have preelaborable initialization.

A view of a type has preelaborable initialization if it is an elementary type, an array type whose component type has preelaborable initialization, or a record type whose components all have preelaborable initialization.

pragma

package_specification

direct_name

entry_declaration

pragma

generic_formal_part

direct_name

generic_formal_part

pragma

generic_instantiation

Section 11: Exceptions

11.3 Raise Statements

Replace paragraph 2: [AI95-00361-01]

raise_statement ::= raise [exception_name];

by:

raise_statement ::= raise; |
       raise exception_name [with string_expression];

Insert after paragraph 3: [AI95-00361-01]

raise_statement

exception_

name

re-raise statement

the new paragraph:

Name Resolution Rules

expression

raise_statement

Replace paragraph 4: [AI95-00361-01]

raise an exception

raise_statement

exception_

name

by:

raise an exception

raise_statement

exception_

name

string_

expression

11.4.1 The Package Exceptions

Replace paragraph 2: [AI95-00362-01]

package Ada.Exceptions is
    type Exception_Id is private;
    Null_Id : constant Exception_Id;
    function Exception_Name(Id : Exception_Id) return String;

by:

package Ada.Exceptions is
    pragma Preelaborate(Exceptions);
    type Exception_Id is private;
    pragma Preelaborable_Initialization (Exception_Id);
    Null_Id : constant Exception_Id;
    function Exception_Name(Id : Exception_Id) return String;

Replace paragraph 3: [AI95-00362-01]

    type Exception_Occurrence is limited private;
    type Exception_Occurrence_Access is access all Exception_Occurrence;
    Null_Occurrence : constant Exception_Occurrence;

by:

    type Exception_Occurrence is limited private;
    pragma Preelaborable_Initialization (Exception_Occurrence);
    type Exception_Occurrence_Access is access all Exception_Occurrence;
    Null_Occurrence : constant Exception_Occurrence;

Replace paragraph 4: [AI95-00329-01]

    procedure Raise_Exception(E : in Exception_Id;
                              Message : in String := "");
    function Exception_Message(X : Exception_Occurrence) return String;
    procedure Reraise_Occurrence(X : in Exception_Occurrence);

by:

    procedure Raise_Exception(E : in Exception_Id;
                              Message : in String := "");
        pragma No_Return(Raise_Exception);
    function Exception_Message(X : Exception_Occurrence) return String;
    procedure Reraise_Occurrence(X : in Exception_Occurrence);

Replace paragraph 10: [AI95-00361-01; AI95-00378-01]

raise_statement

exception_

name

by:

raise_statement

exception_

name

string_

expression

raise_statement

exception_

name

string_

expression

Replace paragraph 12: [AI95-00378-01]

defining_identifier

block_statement

by:

defining_identifier

block_statement

Replace paragraph 13: [AI95-00378-01]

Exception_Information returns implementation-defined information about the exception occurrence.

by:

Exception_Information returns implementation-defined information about the exception occurrence. The returned string has lower bound 1.

Replace paragraph 14: [AI95-00241-01; AI95-00329-01]

Raise_Exception and Reraise_Occurrence have no effect in the case of Null_Id or Null_Occurrence. Exception_Message, Exception_Identity, Exception_Name, and Exception_Information raise Constraint_Error for a Null_Id or Null_Occurrence.

by:

Reraise_Occurrence has no effect in the case of Null_Occurrence. Raise_Exception and Exception_Name raise Constraint_Error for a Null_Id. Exception_Message, Exception_Name, and Exception_Information raise Constraint_Error for a Null_Occurrence. Exception_Identity applied to Null_Occurrence returns Null_Id.

11.4.2 Pragmas Assert and Assertion_Policy

Insert new clause: [AI95-00286-01]

Pragma Assert is used to assert the truth of a boolean expression at any point within a sequence of declarations or statements. Pragma Assertion_Policy is used to control whether such assertions are to be ignored by the implementation, checked at run-time, or handled in some implementation-defined manner.

Syntax

The form of a pragma Assert is as follows:

pragma

Boolean_

expression

string_

expression

declarative_item

statement

The form of a pragma Assertion_Policy is as follows:

pragma

policy_

identifier

A pragma Assertion_Policy is a configuration pragma.

Legality Rules

policy_

identifier

Static Semantics

A pragma Assertion_Policy is a configuration pragma that specifies the assertion policy in effect for the compilation units to which it applies. Different policies may apply to different compilation units within the same partition. The default assertion policy is implementation-defined.

The following language-defined library package exists:

package Ada.Assertions is
    pragma Pure(Ada.Assertions);

    Assertion_Error : exception;

    procedure Assert(Check : in Boolean);
    procedure Assert(Check : in Boolean; Message : in String);

end Ada.Assertions;

A compilation unit containing a pragma Assert has a semantic dependence on the Ada.Assertions library unit.

The assertion policy that applies within an instance is the policy that applies within the generic unit.

Dynamic Semantics

An assertion policy specifies how a pragma Assert is interpreted by the implementation. If the assertion policy is Ignore at the point of a pragma Assert, the pragma is ignored. If the assertion policy is Check at the point of a pragma Assert, the elaboration of the pragma consists of evaluating the boolean expression, and if it evaluates to False, evaluating the Message string, if any, and raising the exception Ada.Assertions.Assertion_Error, with a message if the Message argument is provided.

Calling the procedure Ada.Assertions.Assert without a Message parameter is equivalent to:

if Check = False then
   raise Ada.Assertions.Assertion_Error;
end if;

Calling the procedure Ada.Assertions.Assert with a Message parameter is equivalent to:

if Check = False then
   raise Ada.Assertions.Assertion_Error with Message;
end if;

The procedures Assertions.Assert have these effects independent of the assertion policy in effect.

Implementation Permissions

Assertion_Error may be declared by renaming an implementation-defined exception from another package.

Implementations may define their own assertion policies.

NOTES
Normally, the boolean expression in an Assert pragma should not call functions that have significant side-effects when the result of the expression is True, so that the particular assertion policy in effect will not affect normal operation of the program.

11.5 Suppressing Checks

Replace paragraph 1: [AI95-00224-01]

pragma

by:

Checking pragmas

pragma

Replace paragraph 3: [AI95-00224-01]

pragma

by:

The forms of checking pragmas are as follows:

Replace paragraph 4: [AI95-00224-01]

pragma

identifier

name

by:

pragma

identifier

pragma

identifier

Replace paragraph 5: [AI95-00224-01]

pragma

declarative_part

package_specification

by:

declarative_part

package_specification

Replace paragraph 6: [AI95-00224-01]

identifier

name

by:

identifier

Delete paragraph 7: [AI95-00224-01]

pragma

package_specification

name

package_specification

Replace paragraph 8: [AI95-00224-01]

pragma

package_specification

name

pragma

name

suppressed

by:

declarative_part

package_specification

pragma

suppressed

pragma

Replace paragraph 27: [AI95-00224-01]

pragma

by:

pragma

Insert after paragraph 29: [AI95-00224-01]

pragma

the new paragraph:

pragma

declarative_part

pragma

Section 12: Generic Units

12.3 Generic Instantiation

Replace paragraph 2: [AI95-00218-03]

generic_instantiation ::=
     package defining_program_unit_name is
        new generic_package_name [generic_actual_part];
   | procedure defining_program_unit_name is
        new generic_procedure_name [generic_actual_part];
   | function defining_designator is
        new generic_function_name [generic_actual_part];

by:

generic_instantiation ::=
     package defining_program_unit_name is
        new generic_package_name [generic_actual_part];
   | [overriding_indicator]
     procedure defining_program_unit_name is
        new generic_procedure_name [generic_actual_part];
   | [overriding_indicator]
     function defining_designator is
        new generic_function_name [generic_actual_part];

12.4 Formal Objects

Delete paragraph 8: [AI95-00287-01]

Replace paragraph 9: [AI95-00255-01]

formal_object_declaration

subtype_mark

in out

subtype_mark

by:

formal_object_declaration

subtype_mark

in out

subtype_mark

12.5 Formal Types

Replace paragraph 3: [AI95-00251-01]

formal_type_definition ::=
      formal_private_type_definition
    | formal_derived_type_definition
    | formal_discrete_type_definition
    | formal_signed_integer_type_definition
    | formal_modular_type_definition
    | formal_floating_point_definition
    | formal_ordinary_fixed_point_definition
    | formal_decimal_fixed_point_definition
    | formal_array_type_definition
    | formal_access_type_definition

by:

formal_type_definition ::=
      formal_private_type_definition
    | formal_derived_type_definition
    | formal_discrete_type_definition
    | formal_signed_integer_type_definition
    | formal_modular_type_definition
    | formal_floating_point_definition
    | formal_ordinary_fixed_point_definition
    | formal_decimal_fixed_point_definition
    | formal_array_type_definition
    | formal_access_type_definition
    | formal_interface_type_definition

Replace paragraph 8: [AI95-00233-01]

The formal type also belongs to each class that contains the determined class. The primitive subprograms of the type are as for any type in the determined class. For a formal type other than a formal derived type, these are the predefined operators of the type. For an elementary formal type, the predefined operators are implicitly declared immediately after the declaration of the formal type. For a composite formal type, the predefined operators are implicitly declared either immediately after the declaration of the formal type, or later in its immediate scope according to the rules of 7.3.1. In an instance, the copy of such an implicit declaration declares a view of the predefined operator of the actual type, even if this operator has been overridden for the actual type. The rules specific to formal derived types are given in 12.5.1.

by:

The formal type also belongs to each class that contains the determined class. The primitive subprograms of the type are as for any type in the determined class. For a formal type other than a formal derived type, these are the predefined operators of the type. For an elementary formal type, the predefined operators are implicitly declared immediately after the declaration of the formal type. For a composite formal type, the predefined operators are implicitly declared either immediately after the declaration of the formal type, or later immediately within the declarative region in which the type is declared according to the rules of 7.3.1. In an instance, the copy of such an implicit declaration declares a view of the predefined operator of the actual type, even if this operator has been overridden for the actual type. The rules specific to formal derived types are given in 12.5.1.

12.5.1 Formal Private and Derived Types

Replace paragraph 3: [AI95-00251-01]

formal_derived_type_definition ::= [abstract] new subtype_mark [with private]

by:

formal_derived_type_definition ::=
     [abstract] new subtype_mark [[and interface_list] with private]

Insert after paragraph 10: [AI95-00231-01]

If the ancestor subtype is an unconstrained discriminated subtype, then the actual shall have the same number of discriminants, and each discriminant of the actual shall correspond to a discriminant of the ancestor, in the sense of 3.7.

the new paragraph:

If the ancestor subtype is an access subtype, the actual subtype shall exclude null if and only if the ancestor subtype excludes null.

Insert after paragraph 15: [AI95-00251-01]

unknown_discriminant_part

the new paragraph:

The actual type shall be a descendant of every ancestor of the formal type.

Replace paragraph 20: [AI95-00233-01]

discriminant_part

derived_type_definition

by:

discriminant_part

derived_type_definition

Replace paragraph 21: [AI95-00233-01]

For a formal derived type, the predefined operators and inherited user-defined subprograms are determined by the ancestor type, and are implicitly declared at the earliest place, if any, within the immediate scope of the formal type, where the corresponding primitive subprogram of the ancestor is visible (see 7.3.1). In an instance, the copy of such an implicit declaration declares a view of the corresponding primitive subprogram of the ancestor of the formal derived type, even if this primitive has been overridden for the actual type. When the ancestor of the formal derived type is itself a formal type, the copy of the implicit declaration declares a view of the corresponding copied operation of the ancestor. In the case of a formal private extension, however, the tag of the formal type is that of the actual type, so if the tag in a call is statically determined to be that of the formal type, the body executed will be that corresponding to the actual type.

by:

For a formal derived type, the predefined operators and inherited user-defined subprograms are determined by the ancestor type, and are implicitly declared at the earliest place, if any, immediately within the declarative region in which the formal type is declared, where the corresponding primitive subprogram of the ancestor is visible (see 7.3.1). In an instance, the copy of such an implicit declaration declares a view of the corresponding primitive subprogram of the ancestor of the formal derived type, even if this primitive has been overridden for the actual type. When the ancestor of the formal derived type is itself a formal type, the copy of the implicit declaration declares a view of the corresponding copied operation of the ancestor. In the case of a formal private extension, however, the tag of the formal type is that of the actual type, so if the tag in a call is statically determined to be that of the formal type, the body executed will be that corresponding to the actual type.

12.5.4 Formal Access Types

Replace paragraph 4: [AI95-00231-01]

general_access_modifier

constant

general_access_modifier

all

by:

general_access_modifier

constant

general_access_modifier

all

12.5.5 Formal Interface Types

Insert new clause: [AI95-00251-01; AI95-00345-01]

The class determined for a formal interface type is the class of all interface types.

Syntax

formal_interface_type_definition ::= interface_type_definition

Legality Rules

The actual type shall be an interface type.

The actual type shall be a descendant of every ancestor of the formal type.

The actual type shall be a limited, task, protected, or synchronized interface if and only if the formal type is also, respectively, a limited, task, protected, or synchronized interface.

12.6 Formal Subprograms

Replace paragraph 3: [AI95-00348-01]

subprogram_default ::= default_name | <>

by:

subprogram_default ::= default_name | <> | null

Insert after paragraph 4: [AI95-00348-01]

default_name ::= name

the new paragraph:

subprogram_default

null

Replace paragraph 9: [AI95-00345-01]

formal_subprogram_declaration

subtype_mark

formal_subprogram_declaration

subtype_mark

formal_subprogram_declaration

name

default_expression

formal_subprogram_declaration

by:

formal_subprogram_declaration

subtype_mark

formal_subprogram_declaration

subtype_mark

formal_subprogram_declaration

name

default_expression

formal_subprogram_declaration

Insert after paragraph 10: [AI95-00348-01]

subprogram_default

the new paragraph:

subprogram_default

null

formal_subprogram_declaration

Insert after paragraph 16: [AI95-00348-01]

18 The actual subprogram cannot be abstract (see 3.9.3).

the new paragraph:

19 A null procedure as a subprogram default has convention Intrinsic (see 6.3.1).

12.7 Formal Packages

Replace paragraph 3: [AI95-00317-01]

formal_package_actual_part ::=
    (<>) | [generic_actual_part]

by:

formal_package_actual_part ::=
    (<>)
  | [generic_actual_part]
  | ([generic_association {, generic_association},] others => <>)

generic_association

Replace paragraph 5: [AI95-00317-01]

formal_package_actual_part

by:

formal_package_actual_part

others

If the formal_package_actual_part includes generic_associations as well as "others => <>", then only the actual parameters specified explicitly in these generic_associations are required to match;

Otherwise, all actual parameters shall match, whether the actual parameter is given explicitly or by default.

The rules for matching of actual parameters between the actual instance and the formal package are as follows:

Replace paragraph 10: [AI95-00317-01]

basic_declarative_items

package_specification

formal_package_actual_part

generic_formal_part

by:

basic_declarative_items

package_specification

formal_package_actual_part

Section 13: Representation Issues

13.1 Representation Items

Replace paragraph 11: [AI95-00326-01]

Operational and representation aspects of a generic formal parameter are the same as those of the actual. Operational and representation aspects of a partial view are the same as those of the full view. A type-related representation item is not allowed for a descendant of a generic formal untagged type.

by:

Operational and representation aspects of a generic formal parameter are the same as those of the actual. Operational and representation aspects are the same for all views of a type. A type-related representation item is not allowed for a descendant of a generic formal untagged type.

13.3 Representation Attributes

Delete paragraph 26: [AI95-00247-01]

If an Alignment is specified for a composite subtype or object, this Alignment shall be equal to the least common multiple of any specified Alignments of the subcomponent subtypes, or an integer multiple thereof.

13.7 The Package System

Replace paragraph 3: [AI95-00362-01]

package System is
   pragma Preelaborate(System);

by:

package System is
   pragma Pure(System);

Replace paragraph 12: [AI95-00161-01]

    type Address is implementation-defined;
    Null_Address : constant Address;

by:

    type Address is implementation-defined;
    pragma Preelaborable_Initialization(Address);
    Null_Address : constant Address;

In paragraph 15 replace: [AI95-00221-01]

   Default_Bit_Order : constant Bit_Order;

by:

   Default_Bit_Order : constant Bit_Order := implementation-defined;

Replace paragraph 35: [AI95-00221-01]

See 13.5.3 for an explanation of Bit_Order and Default_Bit_Order.

by:

See 13.5.3 for an explanation of Bit_Order and Default_Bit_Order. Default_Bit_Order shall be a static constant.

Replace paragraph 36: [AI95-00362-01]

An implementation may add additional implementation-defined declarations to package System and its children. However, it is usually better for the implementation to provide additional functionality via implementation-defined children of System. Package System may be declared pure.

by:

13.7.1 The Package System.Storage_Elements

Replace paragraph 3: [AI95-00362-01]

package System.Storage_Elements is
   pragma Preelaborate(System.Storage_Elements);

by:

package System.Storage_Elements is
   pragma Pure(System.Storage_Elements);

Delete paragraph 15: [AI95-00362-01]

Package System.Storage_Elements may be declared pure.

13.9.1 Data Validity

Replace paragraph 12: [AI95-00167-01]

A call to an imported function or an instance of Unchecked_Conversion is erroneous if the result is scalar, and the result object has an invalid representation.

by:

expression

assignment_statement

object_declaration

13.11 Storage Management

Replace paragraph 6: [AI95-00161-01]

    type Root_Storage_Pool is
        abstract new Ada.Controlled.Limited_Controlled with private;

by:

    type Root_Storage_Pool is
        abstract new Ada.Controlled.Limited_Controlled with private;
    pragma Preelaborable_Initialization(Root_Storage_Pool);

Replace paragraph 25: [AI95-00230-01]

A storage pool for an anonymous access type should be created at the point of an allocator for the type, and be reclaimed when the designated object becomes inaccessible.

by:

allocator

If the allocator is initializing an access discriminant of an object of a limited type, and the discriminant is itself a subcomponent of an object being created by an outer allocator, then the storage pool used for the outer allocator should also be used for the allocator initializing the access discriminant;

Otherwise, the storage pool should be created at the point of the allocator, and be reclaimed when the allocated object becomes inaccessible.

13.11.1 The Max_Size_In_Storage_Elements Attribute

Replace paragraph 3: [AI95-00256-01]

universal_integer

by:

universal_integer

13.12 Pragma Restrictions

Replace paragraph 4: [AI95-00381-01]

restriction ::= restriction_identifier
    | restriction_parameter_identifier => expression

by:

restriction ::= restriction_identifier
    | restriction_parameter_identifier => restriction_parameter_argument

restriction_parameter_argument ::= name | expression

Insert after paragraph 7: [AI95-00257-01; AI95-00368-01]

restrictions

the new paragraphs:

restriction

identifier

No_Implementation_Attributes: There are no implementation-defined attributes. This restriction applies only to the current compilation or environment, not the entire partition.

No_Implementation_Pragmas: There are no implementation-defined pragmas or pragma arguments. This restriction applies only to the current compilation or environment, not the entire partition.

No_Obsolescent_Features: There is no use of language features defined in Annex J. It is implementation-defined if uses of the renamings of J.1 are detected by this restriction. This restriction applies only to the current compilation or environment, not the entire partition.

13.12.1 Restriction No_Dependence

Insert new clause: [AI95-00381-01]

Static Semantics

restriction_parameter

_identifier

No_Dependence: Specifies a language-defined library unit on which there are no semantic dependences.

Name Resolution Rules

restriction_parameter_argument

Post-Compilation Rules

name

13.13.1 The Package Streams

Replace paragraph 3: [AI95-00161-01]

    type Root_Stream_Type is abstract tagged limited private;

by:

    type Root_Stream_Type is abstract tagged limited private;
    pragma Preelaborable_Initialization(Root_Stream_Type);

Replace paragraph 8: [AI95-00227-01]

The Read operation transfers Item'Length stream elements from the specified stream to fill the array Item. The index of the last stream element transferred is returned in Last. Last is less than Item'Last only if the end of the stream is reached.

by:

The Read operation transfers stream elements from the specified stream to fill the array Item. Elements are transferred until Item'Length elements have been transferred, or until the end of the stream is reached. If any elements are transferred, the index of the last stream element transferred is returned in Last. Otherwise, Item'First - 1 is returned in Last. Last is less than Item'Last only if the end of the stream is reached.

Insert after paragraph 10: [AI95-00227-01]

See A.12.1, ``The Package Streams.Stream_IO'' for an example of extending type Root_Stream_Type.

the new paragraph:

If the end of stream has been reached, and Item'First is Stream_Element_Offset'First, Read will raise Constraint_Error.

13.13.2 Stream-Oriented Attributes

Insert before paragraph 2: [AI95-00270-01]

the new paragraphs:

For every subtype S of an elementary type T, the following operational attribute is defined:

S'Stream_Size: Denotes the number of bits occupied in a stream by items of subtype S. Hence, the number of stream elements required per item of elementary type T is:

        T'Stream_Size / Ada.Streams.Stream_Element'Size

The value of this attribute is of type universal_integer and is a multiple of Stream_Element'Size.

Stream_Size may be specified for first subtypes via an attribute_definition_clause; the expression of such a clause shall be static, non-negative, and a multiple of Stream_Element'Size.

Implementation Advice

The recommended level of support for the Stream_Size attribute is: A Stream_Size clause should be supported for an elementary type T if the specified Stream_Size is a multiple of Stream_Element'Size and is no less than the size of the first subtype of T, and no greater than the size of the largest type of the same elementary class (signed integer, modular integer, floating point, ordinary fixed point, decimal fixed point, or access).

Replace paragraph 9: [AI95-00195-01; AI95-00270-01]

by:

Constraint_Error is raised by the predefined Write attribute if the value of the elementary item is outside the range of values representable using Stream_Size bits. For a signed integer type, an enumeration type, or a fixed-point type, the range is unsigned only if the integer code for the first subtype low bound is non-negative, and a (symmetric) signed range that covers all values of the first subtype would require more than Stream_Size bits; otherwise the range is signed.

Replace paragraph 17: [AI95-00270-01]

If a stream element is the same size as a storage element, then the normal in-memory representation should be used by Read and Write for scalar objects. Otherwise, Read and Write should use the smallest number of stream elements needed to represent all values in the base range of the scalar type.

by:

By default, the predefined stream-oriented attributes for an elementary type should only read or write the minimum number of stream elements required by the first subtype of the type, rounded up to the nearest factor or multiple of the word size that is also a multiple of the stream element size.

Replace paragraph 27: [AI95-00195-01]

S'Output then calls S'Write to write the value of Item to the stream. S'Input then creates an object (with the bounds or discriminants, if any, taken from the stream), initializes it with S'Read, and returns the value of the object.

by:

S'Output then calls S'Write to write the value of Item to the stream. S'Input then creates an object (with the bounds or discriminants, if any, taken from the stream), passes it to S'Read, and returns the value of the object. Normal default initialization and finalization take place for this object (see 3.3.1, 7.6, 7.6.1).

Insert after paragraph 28: [AI95-00260-01; AI95-00344-01]

the new paragraphs:

S'Class'Tag_Write

S'Class'Tag_Write denotes a procedure with the following specification:

        procedure S'Class'Tag_Write (
            Stream : access Streams.Root_Stream_Type'Class;
            Tag : Ada.Tags.Tag);

S'Class'Tag_Write writes the value of Tag to Stream.

S'Class'Tag_Read

S'Class'Tag_Read denotes a function with the following specification:

        function S'Class'Tag_Write (
             Stream : access Streams.Root_Stream_Type'Class;
             Ancestor : Ada.Tags.Tag)
             return Ada.Tags.Tag;

S'Class'Tag_Read reads a tag from Stream, and returns its value.

The default implementations of the Tag_Write and Tag_Read operate as follows:

If T is a derived type with parent type P, the default implementation of Tag_Write calls P'Class'Tag_Write, and the default implementation of Tag_Read calls P'Class'Tag_Read;

Otherwise, the default implementation of Tag_Write calls String'Output(Stream, Tags.External_Tag(Tag)) -- see 3.9. The default implementation of Tag_Read returns the value of Tags.Descendant_Tag(String'Input(Stream), Ancestor).

Replace paragraph 31: [AI95-00260-01; AI95-00344-01]

Item

Stream

Item

by:

Item

Stream

Item

Replace paragraph 34: [AI95-00260-01; AI95-00344-01]

Stream

by:

Stream

Replace paragraph 35: [AI95-00195-01]

component_declaration

default_expression

by:

component_declaration

default_expression

It is unspecified at which point and in which order these checks are performed. In particular, if Constraint_Error is raised due to the failure of one of these checks, it is unspecified how many stream elements have been read from the stream.

Replace paragraph 36: [AI95-00195-01]

attribute_definition_clause

attribute_reference

attribute_definition_clause

by:

attribute_definition_clause

available

The attribute_designator is Read, Write or Output, and T is nonlimited.

The attribute_designator is Input, and T is nonlimited and not abstract.

The attribute_designator is Read (resp. Write) and T is a limited record extension, and the attribute Read (resp. Write) is available for the parent type of T and for the types of all of the extension components.

The attribute_designator is Input (resp. Output), and T is a limited type, and the attribute Read (resp. Write) is available for T.

The attribute has been specified via an attribute_definition_clause, and the attribute_definition_clause is visible.

A stream-oriented attribute for a subtype of a class-wide type T'Class is available at places where one of the following conditions is true:

T is nonlimited; or

The attribute has been specified via an attribute_definition_clause, and the attribute_definition_clause is visible; or

where the corresponding attribute of T is available, provided that if T has a partial view, the corresponding attribute is available at the end of the visible part where T is declared.

attribute_reference

parameter_and_result_profile

attribute_definition_clause

Insert after paragraph 36.1: [AI95-00195-01]

the new paragraphs:

If Constraint_Error is raised during a call to Read because of failure of one the above checks, the implementation must ensure that the discriminants of the actual parameter of Read are not modified.

Implementation Permissions

The number of calls performed by the predefined implementation of the stream- oriented attributes on the Read and Write operations of the stream type is unspecified. An implementation may take advantage of this permission to perform internal buffering. However, all the calls on the Read and Write operations of the stream type needed to implement an explicit invocation of a stream-oriented attribute must take place before this invocation returns. An explicit invocation is one appearing explicitly in the program text, possibly through a generic instantiation (see 12.3).

Insert after paragraph 38: [AI95-00260-01]

User-specified attributes of S'Class are not inherited by other class-wide types descended from S.

the new paragraph:

User-specified Tag_Read and Tag_Write attributes should raise an exception if presented with a tag value not in S'Class.

13.14 Freezing Rules

Insert after paragraph 7: [AI95-00251-01]

The declaration of a record extension causes freezing of the parent subtype.

the new paragraph:

The declaration of a specific descendant of an interface type freezes the interface type.

Insert after paragraph 15: [AI95-00341-01]

At the place where a subtype is frozen, its type is frozen. At the place where a type is frozen, any expressions or names within the full type definition cause freezing; the first subtype, and any component subtypes, index subtypes, and parent subtype of the type are frozen as well. For a specific tagged type, the corresponding class-wide type is frozen as well. For a class-wide type, the corresponding specific type is frozen as well.

the new paragraph:

At the place where a specific tagged type is frozen, the primitive subprograms of the type are frozen.

Annex A: Predefined Language Environment

A.3.2 The Package Characters.Handling

Replace paragraph 2: [AI95-00362-01]

package Ada.Characters.Handling is
   pragma Preelaborate(Handling);

by:

package Ada.Characters.Handling is
   pragma Pure(Handling);

A.4.2 The Package Strings.Maps

Replace paragraph 3: [AI95-00362-01]

package Ada.Strings.Maps is
   pragma Preelaborate(Maps);

by:

package Ada.Strings.Maps is
   pragma Pure(Maps);

Replace paragraph 4: [AI95-00161-01]

    -- Representation for a set of character values:
    type Character_Set is private;

by:

    -- Representation for a set of character values:
    type Character_Set is private;
    pragma Preelaborable_Initialization(Character_Set);

Replace paragraph 20: [AI95-00161-01]

    -- Representation for a character to character mapping:
    type Character_Mapping is private;

by:

    -- Representation for a character to character mapping:
    type Character_Mapping is private;
    pragma Preelaborable_Initialization(Character_Mapping);

A.4.3 Fixed-Length String Handling

Insert after paragraph 8: [AI95-00301-01]

-- Search subprograms

the new paragraphs:

   function Index (Source  : in String;
                   Pattern : in String;
                   From    : in Positive;
                   Going   : in Direction := Forward;
                   Mapping : in Maps.Character_Mapping := Maps.Identity)
      return Natural;

   function Index (Source  : in String;
                   Pattern : in String;
                   From    : in Positive;
                   Going   : in Direction := Forward;
                   Mapping : in Maps.Character_Mapping_Function)
      return Natural;

   function Index (Source  : in String;
                   Set     : in Maps.Character_Set;
                   From    : in Positive;
                   Test    : in Membership := Inside;
                   Going   : in Direction := Forward)
      return Natural;

   function Index_Non_Blank (Source : in String;
                             From   : in Positive;
                             Going  : in Direction := Forward)
      return Natural;

Insert after paragraph 56: [AI95-00301-01]

Otherwise, Length_Error is propagated.

the new paragraphs:

function Index (Source  : in String;
                Pattern : in String;
                From    : in Positive;
                Going   : in Direction := Forward;
                Mapping : in Maps.Character_Mapping := Maps.Identity)
   return Natural;

function Index (Source  : in String;
                Pattern : in String;
                From    : in Positive;
                Going   : in Direction := Forward;
                Mapping : in Maps.Character_Mapping_Function)
   return Natural;

Each Index function searches, starting from From, for a slice of Source, with length Pattern'Length, that matches Pattern with respect to Mapping; the parameter Going indicates the direction of the lookup. If Going = Forward, then Index returns the smallest index I which is greater than or equal to From such that the slice of Source starting at I matches Pattern. If Going = Backward, then Index returns the largest index I such that the slice of Source starting at I matches Pattern and has an upper bound less than or equal to From. If there is no such slice, then 0 is returned. If Pattern is the null string then Pattern_Error is propagated.

Replace paragraph 58: [AI95-00301-01]

Each Index function searches for a slice of Source, with length Pattern'Length, that matches Pattern with respect to Mapping; the parameter Going indicates the direction of the lookup. If Going = Forward, then Index returns the smallest index I such that the slice of Source starting at I matches Pattern. If Going = Backward, then Index returns the largest index I such that the slice of Source starting at I matches Pattern. If there is no such slice, then 0 is returned. If Pattern is the null string then Pattern_Error is propagated.

by:

If Going = Forward, returns

      Index (Source, Pattern, Source'First, Forward, Mapping);

otherwise returns

      Index (Source, Pattern, Source'Last, Backward, Mapping);

function Index (Source  : in String;
                Set     : in Maps.Character_Set;
                From    : in Positive;
                Test    : in Membership := Inside;
                Going   : in Direction := Forward)
   return Natural;

Index searches for the first or last occurrence of any of a set of characters (when Test=Inside), or any of the complement of a set of characters (when Test=Outside). It returns the smallest index I >= From (if Going=Forward) or the largest index I <= From (if Going=Backward) such that Source(I) satisfies the Test condition with respect to Set; it returns 0 if there is no such Character in Source.

Replace paragraph 60: [AI95-00301-01]

Index searches for the first or last occurrence of any of a set of characters (when Test=Inside), or any of the complement of a set of characters (when Test=Outside). It returns the smallest index I (if Going=Forward) or the largest index I (if Going=Backward) such that Source(I) satisfies the Test condition with respect to Set; it returns 0 if there is no such Character in Source.

by:

If Going = Forward, returns

      Index (Source, Set, Source'First, Test, Forward);

otherwise returns

   Index (Source, Set, Source'Last, Test, Backward);

function Index_Non_Blank (Source : in String;
                          From   : in Positive;
                          Going  : in Direction := Forward)
   return Natural;

Returns Index (Source, Maps.To_Set(Space), From, Outside, Going);

A.4.4 Bounded-Length String Handling

Insert after paragraph 12: [AI95-00301-01]

function To_String (Source : in Bounded_String) return String;

the new paragraphs:

      procedure Set_Bounded_String
         (Target :    out Bounded_String;
          Source : in     String;
          Drop   : in     Truncation := Error);

Insert after paragraph 28: [AI95-00301-01]

      function Slice (Source : in Bounded_String;
                      Low    : in Positive;
                      High   : in Natural)
         return String;

the new paragraphs:

      function Bounded_Slice
         (Source : in Bounded_String;
          Low    : in Positive;
          High   : in Natural;
          Drop   : in Truncation := Error)
             return Bounded_String;

      procedure Bounded_Slice
         (Source : in     Bounded_String;
          Target :    out Bounded_String;
          Low    : in     Positive;
          High   : in     Natural;
          Drop   : in     Truncation := Error);

Replace paragraph 43: [AI95-00301-01]

   -- Search functions

by:

   -- Search subprograms

      function Index (Source  : in Bounded_String;
                      Pattern : in String;
                      From    : in Positive;
                      Going   : in Direction := Forward;
                      Mapping : in Maps.Character_Mapping := Maps.Identity)
         return Natural;

      function Index (Source  : in Bounded_String;
                      Pattern : in String;
                      From    : in Positive;
                      Going   : in Direction := Forward;
                      Mapping : in Maps.Character_Mapping_Function)
         return Natural;

      function Index (Source  : in Bounded_String;
                      Set     : in Maps.Character_Set;
                      From    : in Positive;
                      Test    : in Membership := Inside;
                      Going   : in Direction := Forward)
         return Natural;

      function Index_Non_Blank (Source : in Bounded_String;
                                From   : in Positive;
                                Going  : in Direction := Forward)
         return Natural;

Insert after paragraph 92: [AI95-00301-01]

To_String returns the String value with lower bound 1 represented by Source. If B is a Bounded_String, then B = To_Bounded_String(To_String(B)).

the new paragraphs:

procedure Set_Bounded_String
   (Target :    out Bounded_String;
    Source : in     String);
    Drop   : in     Truncation := Error);

Equivalent to Target := To_Bounded_String (Source, Drop);

Replace paragraph 101: [AI95-00238-01; AI95-00301-01]

Returns the slice at positions Low through High in the string represented by Source; propagates Index_Error if Low > Length(Source)+1 or High > Length(Source).

by:

Returns the slice at positions Low through High in the string represented by Source; propagates Index_Error if Low > Length(Source)+1 or High > Length(Source). The bounds of the returned string are Low and High.

function Bounded_Slice
   (Source : in Bounded_String;
    Low    : in Positive;
    High   : in Natural;
    Drop   : in Truncation := Error)
       return Bounded_String;

Returns the slice at positions Low through High in the string represented by Source as a bounded string; propagates Index_Error if Low > Length(Source)+1 or High > Length(Source).

procedure Bounded_Slice
   (Source : in     Bounded_String;
    Target :    out Bounded_String;
    Low    : in     Positive;
    High   : in     Natural;
    Drop   : in     Truncation := Error);

Equivalent to Target := Bounded_Slice (Soruce, Low, High, Drop);

A.4.5 Unbounded-Length String Handling

Replace paragraph 4: [AI95-00161-01]

    type Unbounded_String is private;

by:

    type Unbounded_String is private;
    pragma Preelaborable_Initialization(Unbounded_String);

Insert after paragraph 11: [AI95-00301-01]

   function To_String (Source : in Unbounded_String) return String;

the new paragraphs:

   procedure Set_Unbounded_String
      (Target :    out Unbounded_String;
       Source : in     String;
       Drop   : in     Truncation := Error);

Insert after paragraph 22: [AI95-00301-01]

   function Slice (Source : in Unbounded_String;
                   Low    : in Positive;
                   High   : in Natural)
      return String;

the new paragraphs:

   function Unbounded_Slice
       (Source : in Unbounded_String;
        Low    : in Positive;
        High   : in Natural;
        Drop   : in Truncation := Error)
           return Unbounded_String;

    procedure Unbounded_Slice
       (Source : in     Unbounded_String;
        Target :    out Unbounded_String;
        Low    : in     Positive;
        High   : in     Natural;
        Drop   : in     Truncation := Error);

Insert after paragraph 38: [AI95-00301-01]

-- Search subprograms

the new paragraphs:

   function Index (Source  : in Unbounded_String;
                   Pattern : in String;
                   From    : in Positive;
                   Going   : in Direction := Forward;
                   Mapping : in Maps.Character_Mapping := Maps.Identity)
      return Natural;

   function Index (Source  : in Unbounded_String;
                   Pattern : in String;
                   From    : in Positive;
                   Going   : in Direction := Forward;
                   Mapping : in Maps.Character_Mapping_Function)
      return Natural;

   function Index (Source  : in Unbounded_String;
                   Set     : in Maps.Character_Set;
                   From    : in Positive;
                   Test    : in Membership := Inside;
                   Going    : in Direction := Forward)
      return Natural;

   function Index_Non_Blank (Source : in Unbounded_String;
                             From   : in Positive;
                             Going  : in Direction := Forward)
      return Natural;

Insert after paragraph 72: [AI95-00360-01]

private
   ... -- not specified by the language
end Ada.Strings.Unbounded;

the new paragraph:

The type Unbounded_String needs finalization (see 7.6).

Insert after paragraph 79: [AI95-00301-01]

If U is an Unbounded_String, then To_Unbounded_String(To_String(U)) = U.

the new paragraph:

The procedure Set_Unbounded_String sets Target to an Unbounded_String that represents Source.

Insert after paragraph 82: [AI95-00301-01]

The Element, Replace_Element, and Slice subprograms have the same effect as the corresponding bounded-length string subprograms.

the new paragraph:

The function Unbounded_Slice returns the slice at positions Low through High in the string represented by Source as an Unbounded_String. The procedure Unbounded_Slice sets Target to the Unbounded_String representing the slice at positions Low through High in the string represented by Source. Both routines propagate Index_Error if Low > Length(Source)+1 or High > Length(Source).

A.4.6 String-Handling Sets and Mappings

Replace paragraph 3: [AI95-00362-01]

package Ada.Strings.Maps.Constants is
   pragma Preelaborate(Constants);

by:

package Ada.Strings.Maps.Constants is
   pragma Pure(Constants);

A.4.7 Wide_String Handling

Replace paragraph 4: [AI95-00161-01]

    -- Representation for a set of Wide_Character values:
    type Wide_Character_Set is private;

by:

    -- Representation for a set of Wide_Character values:
    type Wide_Character_Set is private;
    pragma Preelaborable_Initialization(Wide_Character_Set);

Replace paragraph 20: [AI95-00161-01]

    -- Representation for a Wide_Character to Wide_Character mapping:
    type Wide_Character_Mapping is private;

by:

    -- Representation for a Wide_Character to Wide_Character mapping:
    type Wide_Character_Mapping is private;
    pragma Preelaborable_Initialization(Wide_Character_Mapping);

A.5.2 Random Number Generation

Insert after paragraph 15: [AI95-00360-01]

private
   ... -- not specified by the language
end Ada.Numerics.Float_Random;

the new paragraph:

The type Generator needs finalization (see 7.6).

Insert after paragraph 27: [AI95-00360-01]

private
   ... -- not specified by the language
end Ada.Numerics.Discrete_Random;

the new paragraph:

The type Generator needs finalization (see 7.6) in every instantiation of Discrete_Random.

A.5.3 Attributes of Floating Point Types

Insert after paragraph 41: [AI95-00267-01]

the new paragraphs:

S'Machine_Rounding: S'Machine_Rounding denotes a function with the following specification:

            function S'Machine_Rounding (X : T)
                return T

A.8 Sequential and Direct Files

Replace paragraph 1: [AI95-00283-01]

sequential access

direct access

sequential file

direct file

by:

sequential access

direct access

sequential file

direct file

stream file

A.8.1 The Generic Package Sequential_IO

Insert after paragraph 16: [AI95-00360-01]

private
   ... -- not specified by the language
end Ada.Sequential_IO;

the new paragraph:

The type File_Type needs finalization (see 7.6) in every instantiation of Sequential_IO.

A.8.2 File Management

Replace paragraph 3: [AI95-00283-01]

Establishes a new external file, with the given name and form, and associates this external file with the given file. The given file is left open. The current mode of the given file is set to the given access mode. The default access mode is the mode Out_File for sequential and text input-output; it is the mode Inout_File for direct input-output. For direct access, the size of the created file is implementation defined.

by:

Establishes a new external file, with the given name and form, and associates this external file with the given file. The given file is left open. The current mode of the given file is set to the given access mode. The default access mode is the mode Out_File for sequential, stream, and text input-output; it is the mode Inout_File for direct input-output. For direct access, the size of the created file is implementation defined.

Replace paragraph 22: [AI95-00248-01]

Returns a string which uniquely identifies the external file currently associated with the given file (and may thus be used in an Open operation). If an external environment allows alternative specifications of the name (for example, abbreviations), the string returned by the function should correspond to a full specification of the name.

by:

Returns a string which uniquely identifies the external file currently associated with the given file (and may thus be used in an Open operation).

A.8.4 The Generic Package Direct_IO

Insert after paragraph 19: [AI95-00360-01]

private
   ... -- not specified by the language
end Ada.Direct_IO;

the new paragraph:

The type File_Type needs finalization (see 7.6) in every instantiation of Direct_IO.

A.10.1 The Package Text_IO

Insert after paragraph 48: [AI95-00301-01]

   procedure Put(File : in  File_Type; Item : in String);
   procedure Put(Item : in  String);

the new paragraphs:

   function Get_Line(File : in  File_Type) return String;
   function Get_Line return String;

Insert after paragraph 85: [AI95-00360-01]


   Status_Error : exception renames IO_Exceptions.Status_Error;
   Mode_Error   : exception renames IO_Exceptions.Mode_Error;
   Name_Error   : exception renames IO_Exceptions.Name_Error;
   Use_Error    : exception renames IO_Exceptions.Use_Error;
   Device_Error : exception renames IO_Exceptions.Device_Error;
   End_Error    : exception renames IO_Exceptions.End_Error;
   Data_Error   : exception renames IO_Exceptions.Data_Error;
   Layout_Error : exception renames IO_Exceptions.Layout_Error;
private
   ... -- not specified by the language
end Ada.Text_IO;

the new paragraph:

The type File_Type needs finalization (see 7.6).

A.10.6 Get and Put Procedures

In paragraph 5 replace: [AI95-00223-01]

blank

by:

blank

A.10.7 Input-Output of Characters and Strings

Replace paragraph 13: [AI95-00301-01]

For an item of type String, the following procedures are provided:

by:

For an item of type String, the following subprograms are provided:

Insert after paragraph 17: [AI95-00301-01]

Determines the length of the given string and attempts that number of Put operations for successive characters of the string (in particular, no operation is performed if the string is null).

the new paragraphs:

function Get_Line(File : in  File_Type) return String;
function Get_Line return String;

Returns a result string constructed by reading successive characters from the specified input file, and assigning them to successive characters of the result string. The result string has a lower bound of 1 and an upper bound of the number of characters read. Reading stops when the end of the line is met; Skip_Line is then (in effect) called with a spacing of 1.

The exception End_Error is propagated if an attempt is made to skip a file terminator.

A.10.11 Input-Output for Unbounded Strings

Insert new clause: [AI95-00301-01]

The package Text_IO.Unbounded_IO provides input-output in human-readable form for Unbounded_Strings.

Static Semantics

The library package Text_IO.Unbounded_IO has the following declaration:

with Ada.Strings.Unbounded;
package Ada.Text_IO.Unbounded_IO is

   procedure Put
      (File : in File_Type;
       Item : in Strings.Unbounded.Unbounded_String);

   procedure Put
      (Item : in Strings.Unbounded.Unbounded_String);

   procedure Put_Line
      (File : in Text_IO.File_Type;
       Item : in Strings.Unbounded.Unbounded_String);

   procedure Put_Line
      (Item : in Strings.Unbounded.Unbounded_String);

   function Get_Line
      (File : in File_Type)
      return Strings.Unbounded.Unbounded_String;

   function Get_Line
      return Strings.Unbounded.Unbounded_String;

   procedure Get_Line
      (File : in File_Type; Item : out Strings.Unbounded.Unbounded_String);

   procedure Get_Line
      (Item : out Strings.Unbounded.Unbounded_String);

end Ada.Text_IO.Unbounded_IO;

For an item of type Unbounded_String, the following subprograms are provided:

procedure Put
   (File : in File_Type;
    Item : in Strings.Unbounded.Unbounded_String);

Equivalent to Text_IO.Put (File, Strings.Unbounded.To_String(Item));

procedure Put
   (Item : in Strings.Unbounded.Unbounded_String);

Equivalent to Text_IO.Put (Strings.Unbounded.To_String(Item));

procedure Put_Line
   (File : in Text_IO.File_Type;
    Item : in Strings.Unbounded.Unbounded_String);

Equivalent to Text_IO.Put_Line (File, Strings.Unbounded.To_String(Item));

procedure Put_Line
   (Item : in Strings.Unbounded.Unbounded_String);

Equivalent to Text_IO.Put_Line (Strings.Unbounded.To_String(Item));

function Get_Line
   (File : in File_Type)
   return Strings.Unbounded.Unbounded_String;

Returns Strings.Unbounded.To_Unbounded_String(Text_IO.Get_Line(File));

function Get_Line
   return Strings.Unbounded.Unbounded_String;

Returns Strings.Unbounded.To_Unbounded_String(Text_IO.Get_Line);

procedure Get_Line
   (File : in File_Type; Item : out Strings.Unbounded.Unbounded_String);

Equivalent to Item := Get_Line (File);

procedure Get_Line
   (Item : out Strings.Unbounded.Unbounded_String);

Equivalent to Item := Get_Line;

A.11 Wide Text Input-Output

Insert after paragraph 3: [AI95-00301-01]

Nongeneric equivalents of Wide_Text_IO.Integer_IO and Wide_Text_IO.Float_IO are provided (as for Text_IO) for each predefined numeric type, with names such as Ada.Integer_Wide_Text_IO, Ada.Long_Integer_Wide_Text_IO, Ada.Float_Wide_Text_IO, Ada.Long_Float_Wide_Text_IO.

the new paragraph:

The specification of package Wide_Text_IO.Wide_Unbounded_IO is the same as that for Text_IO.Unbounded_IO, except that any occurrence of Unbounded_String is replaced by Wide_Unbounded_String, and any occurrence of package Unbounded is replaced by Wide_Unbounded.

A.12.1 The Package Streams.Stream_IO

Insert after paragraph 27: [AI95-00360-01]

private

not specified by the language

end

the new paragraph:

The type File_Type needs finalization (see 7.6).

Replace paragraph 28: [AI95-00283-01]

The subprograms Create, Open, Close, Delete, Reset, Mode, Name, Form, Is_Open, and End_of_File have the same effect as the corresponding subprograms in Sequential_IO (see A.8.2).

by:

The subprograms given in subclause A.8.2 for the control of external files (Create, Open, Close, Delete, Reset, Mode, Name, Form, and Is_Open) are available for stream files.

The End_of_File function:

Propagates Mode_Error if the mode of the file is not In_File;

If positioning is supported for the given external file, the function returns True if the current index exceeds the size of the external file; otherwise it returns False;

If positioning is not supported for the given external file, the function returns True if no more elements can be read from the given file; otherwise it returns False.

Replace paragraph 28.1: [AI95-00085-01]

The Set_Mode procedure changes the mode of the file. If the new mode is Append_File, the file is positioned to its end; otherwise, the position in the file is unchanged.

by:

The Set_Mode procedure sets the mode of the file. If the new mode is Append_File, the file is positioned to its end; otherwise, the position in the file is unchanged.

Replace paragraph 30: [AI95-00256-01]

by:

The procedures Read and Write are equivalent to the corresponding operations in the package Streams. Read propagates Mode_Error if the mode of File is not In_File. Write propagates Mode_Error if the mode of File is not Out_File or Append_File. The Read procedure with a Positive_Count parameter starts reading at the specified index. The Write procedure with a Positive_Count parameter starts writing at the specified index. For a file that supports positioning, Read without a Positive_Count parameter starts reading at the current index, and Write without a Positive_Count parameter starts writing at the current index.

A.16 The Package Directories

Insert new clause: [AI95-00248-01]

The package Ada.Directories provides operations for manipulating files and directories, and their names.

Static Semantics

The library package Ada.Directories has the following declaration:

with Ada.IO_Exceptions;
with Ada.Calendar;
package Ada.Directories is

    -- Directory and file operations:

    function Current_Directory return String;
    procedure Set_Directory (Directory : in String);

    procedure Create_Directory (New_Directory : in String;
                                Form : in String := "");

    procedure Delete_Directory (Directory : in String);

    procedure Create_Path (New_Directory : in String;
                           Form : in String := "");

    procedure Delete_Tree (Directory : in String);

    procedure Delete_File (Name : in String);

    procedure Rename (Old_Name, New_Name : in String);

    procedure Copy_File (Source_Name, Target_Name : in String;
                         Form : in String := "");

    -- File and directory name operations:

    function Full_Name (Name : in String) return String;

    function Simple_Name (Name : in String) return String;

    function Containing_Directory (Name : in String) return String;

    function Extension (Name : in String) return String;

    function Base_Name (Name : in String) return String;

    function Compose (Containing_Directory : in String := "";
                      Name : in String;
                      Extension : in String := "") return String;

    -- File and directory queries:

    type File_Kind is (Directory, Ordinary_File, Special_File);

    type File_Size is range 0 .. implementation-defined;

    function Exists (Name : in String) return Boolean;

    function Kind (Name : in String) return File_Kind;

    function Size (Name : in String) return File_Size;

    function Modification_Time (Name : in String) return Ada.Calendar.Time;

    -- Directory searching:

    type Directory_Entry_Type is limited private;

    type Filter_Type is array (File_Kind) of Boolean;

    type Search_Type is limited private;

    procedure Start_Search (Search : in out Search_Type;
                            Directory : in String;
                            Pattern : in String;
                            Filter : in Filter_Type := (others => True));

    procedure End_Search (Search : in out Search_Type);

    function More_Entries (Search : in Search_Type) return Boolean;

    procedure Get_Next_Entry (Search : in out Search_Type;
                              Directory_Entry : out Directory_Entry_Type);

    -- Operations on Directory Entries:

    function Simple_Name (Directory_Entry : in Directory_Entry_Type)
        return String;

    function Full_Name (Directory_Entry : in Directory_Entry_Type)
        return String;

    function Kind (Directory_Entry : in Directory_Entry_Type)
        return File_Kind;

    function Size (Directory_Entry : in Directory_Entry_Type)
        return File_Size;

    function Modification_Time (Directory_Entry : in Directory_Entry_Type)
        return Ada.Calendar.Time;

    Status_Error : exception renames Ada.IO_Exceptions.Status_Error;
    Name_Error : exception renames Ada.IO_Exceptions.Name_Error;
    Use_Error : exception renames Ada.IO_Exceptions.Use_Error;
    Device_Error : exception renames Ada.IO_Exceptions.Device_Error;

private
    -- Not specified by the language.
end Ada.Directories;

directory

special file

ordinary files

file name

directory name

full name

simple name

default directory

directory entry

For each function that returns a string, the lower bound of the returned value is 1.

The following file and directory operations are provided:

function Current_Directory return String;

Returns the full directory name for the current default directory. The name returned shall be suitable for a future call to Set_Directory. The exception Use_Error is propagated if a default directory is not supported by the external environment.

procedure Set_Directory (Directory : in String);

Sets the current default directory. The exception Name_Error is propagated if the string given as Directory does not identify an existing directory. The exception Use_Error is propagated if the external environment does not support making Directory (in the absence of Name_Error) a default directory.

procedure Create_Directory (New_Directory : in String;
                            Form : in String := "");

Creates a directory with name New_Directory. The Form parameter can be used to give system-dependent characteristics of the directory; the interpretation of the Form parameter is implementation-defined. A null string for Form specifies the use of the default options of the implementation of the new directory. The exception Name_Error is propagated if the string given as New_Directory does not allow the identification of a directory. The exception Use_Error is propagated if the external environment does not support the creation of a directory with the given name (in the absence of Name_Error) and form.

procedure Delete_Directory (Directory : in String);

Deletes an existing empty directory with name Directory. The exception Name_Error is propagated if the string given as Directory does not identify an existing directory. The exception Use_Error is propagated if the external environment does not support the deletion of the directory (or some portion of its contents) with the given name (in the absence of Name_Error).

procedure Create_Path (New_Directory : in String;
                       Form : in String := "");

Creates zero or more directories with name New_Directory. Each non-existent directory named by New_Directory is created. For example, on a typical Unix system, Create_Path ("/usr/me/my"); would create directory "me" in directory "usr", then create directory "my" in directory "me". The Form can be used to give system-dependent characteristics of the directory; the interpretation of the Form parameter is implementation-defined. A null string for Form specifies the use of the default options of the implementation of the new directory. The exception Name_Error is propagated if the string given as New_Directory does not allow the identification of any directory. The exception Use_Error is propagated if the external environment does not support the creation of any directories with the given name (in the absence of Name_Error) and form.

procedure Delete_Tree (Directory : in String);

Deletes an existing directory with name Directory. The directory and all of its contents (possibly including other directories) are deleted. The exception Name_Error is propagated if the string given as Directory does not identify an existing directory. The exception Use_Error is propagated if the external environment does not support the deletion of the directory or some portion of its contents with the given name (in the absence of Name_Error). If Use_Error is propagated, it is unspecified if a portion of the contents of the directory are deleted.

procedure Delete_File (Name : in String);

Deletes an existing ordinary or special file with Name. The exception Name_Error is propagated if the string given as Name does not identify an existing ordinary or special external file. The exception Use_Error is propagated if the external environment does not support the deletion of the file with the given name (in the absence of Name_Error).

procedure Rename (Old_Name, New_Name : in String);

Renames an existing external file (including directories) with Old_Name to New_Name. The exception Name_Error is propagated if the string given as Old_Name does not identify an existing external file. The exception Use_Error is propagated if the external environment does not support the renaming of the file with the given name (in the absence of Name_Error). In particular, Use_Error is propagated if a file or directory already exists with New_Name.

procedure Copy_File (Source_Name, Target_Name : in String;
                     Form : in String);

Copies the contents of the existing external file with Source_Name to Target_Name. The resulting external file is a duplicate of the source external file. The Form can be used to give system-dependent characteristics of the resulting external file; the interpretation of the Form parameter is implementation-defined. Exception Name_Error is propagated if the string given as Source_Name does not identify an existing external ordinary or special file or if the string given as Target_Name does not allow the identification of an external file. The exception Use_Error is propagated if the external environment does not support the creating of the file with the name given by Target_Name and form given by Form, or copying of the file with the name given by Source_Name (in the absence of Name_Error).

The following file and directory name operations are provided:

function Full_Name (Name : in String) return String;

Returns the full name corresponding to the file name specified by Name. The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file (including directories and special files).

function Simple_Name (Name : in String) return String;

Returns the simple name portion of the file name specified by Name. The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file (including directories and special files).

function Containing_Directory (Name : in String) return String;

Returns the name of the containing directory of the external file (including directories) identified by Name. (If more than one directory can contain Name, the directory name returned is implementation-defined.) The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file. The exception Use_Error is propagated if the external file does not have a containing directory.

function Extension (Name : in String) return String;

Returns the extension name corresponding to Name. The extension name is a portion of a simple name (not including any separator characters), typically used to identify the file class. If the external environment does not have extension names, then the null string is returned. The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file.

function Base_Name (Name : in String) return String;

Returns the base name corresponding to Name. The base name is the remainder of a simple name after removing any extension and extension separators. The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file (including directories and special files).

function Compose (Containing_Directory : in String := "";
                  Name : in String;
                  Extension : in String := "") return String;

Returns the name of the external file with the specified Containing_Directory, Name, and Extension. If Extension is the null string, then Name is interpreted as a simple name; otherwise Name is interpreted as a base name. The exception Name_Error is propagated if the string given as Containing_Directory is not null and does not allow the identification of a directory, or if the string given as Extension is not null and is not a possible extension, or if the string given as Name is not a possible simple name (if Extension is null) or base name (if Extension is non-null).

The following file and directory queries and types are provided:

type File_Kind is (Directory, Ordinary_File, Special_File);

The type File_Kind represents the kind of file represented by an external file or directory.

type File_Size is range 0 .. implementation-defined;

The type File_Size represents the size of an external file.

function Exists (Name : in String) return Boolean;

Returns True if external file represented by Name exists, and False otherwise. The exception Name_Error is propagated if the string given as Name does not allow the identification of an external file (including directories and special files).

function Kind (Name : in String) return File_Kind;

Returns the kind of external file represented by Name. The exception Name_Error is propagated if the string given as Name does not allow the identification of an existing external file.

function Size (Name : in String) return File_Size;

Returns the size of the external file represented by Name. The size of an external file is the number of stream elements contained in the file. If the external file is discontiguous (not all elements exist), the result is implementation-defined. If the external file is not an ordinary file, the result is implementation-defined. The exception Name_Error is propagated if the string given as Name does not allow the identification of an existing external file. The exception Constraint_Error is propagated if the file size is not a value of type File_Size.

function Modification_Time (Name : in String) return Ada.Calendar.Time;

Returns the time that the external file represented by Name was most recently modified. If the external file is not an ordinary file, the result is implementation-defined. The exception Name_Error is propagated if the string given as Name does not allow the identification of an existing external file. The exception Use_Error is propagated if the external environment does not support the reading the modification time of the file with the name given by Name (in the absence of Name_Error).

The following directory searching operations and types are provided:

type Directory_Entry_Type is limited private;

The type Directory_Entry_Type represents a single item in a directory. These items can only be created by the Get_Next_Entry procedure in this package. Information about the item can be obtained from the functions declared in this package. A default initialized object of this type is invalid; objects returned from Get_Next_Entry are valid.

type Filter_Type is array (File_Kind) of Boolean;

The type Filter_Type specifies which directory entries are provided from a search operation. If the Directory component is True, directory entries representing directories are provided. If the Ordinary_File component is True, directory entries representing ordinary files are provided. If the Special_File component is True, directory entries representing special files are provided.

type Search_Type is limited private;

The type Search_Type contains the state of a directory search. A default-initialized Search_Type object has no entries available (More_Entries returns False).

procedure Start_Search (Search : in out Search_Type;
                        Directory : in String;
                        Pattern : in String;
                        Filter : in Filter_Type := (others => True));

Starts a search in the directory entry in the directory named by Directory for entries matching Pattern. Pattern represents a file name matching pattern. If Pattern is null, all items in the directory are matched; otherwise, the interpretation of Pattern is implementation-defined. Only items which match Filter will be returned. After a successful call on Start_Search, the object Search may have entries available, but it may have no entries available if no files or directories match Pattern and Filter. The exception Name_Error is propagated if the string given by Directory does not identify an existing directory, or if Pattern does not allow the identification of any possible external file or directory. The exception Use_Error is propagated if the external environment does not support the searching of the directory with the given name (in the absence of Name_Error).

procedure End_Search (Search : in out Search_Type);

Ends the search represented by Search. After a successful call on End_Search, the object Search will have no entries available.

function More_Entries (Search : in Search_Type) return Boolean;

Returns True if more entries are available to be returned by a call to Get_Next_Entry for the specified search object, and False otherwise.

procedure Get_Next_Entry (Search : in out Search_Type;
                          Directory_Entry : out Directory_Entry_Type);

Returns the next Directory_Entry for the search described by Search that matches the pattern and filter. If no further matches are available, Status_Error is raised. It is implementation-defined as to whether the results returned by this routine are altered if the contents of the directory are altered while the Search object is valid (for example, by another program). The exception Use_Error is propagated if the external environment does not support continued searching of the directory represented by Search.

function Simple_Name (Directory_Entry : in Directory_Entry_Type)
     return String;

Returns the simple external name of the external file (including directories) represented by Directory_Entry. The format of the name returned is implementation-defined. The exception Status_Error is propagated if Directory_Entry is invalid.

function Full_Name (Directory_Entry : in Directory_Entry_Type) return String;

Returns the full external name of the external file (including directories) represented by Directory_Entry. The format of the name returned is implementation-defined. The exception Status_Error is propagated if Directory_Entry is invalid.

function Kind (Directory_Entry : in Directory_Entry_Type) return File_Kind;

Returns the kind of external file represented by Directory_Entry. The exception Status_Error is propagated if Directory_Entry is invalid.

function Size (Directory_Entry : in Directory_Entry_Type) return File_Size;

Returns the size of the external file represented by Directory_Entry. The size of an external file is the number of stream elements contained in the file. If the external file is discontiguous (not all elements exist), the result is implementation-defined. If the external file represented by Directory_Entry is not an ordinary file, the result is implementation-defined. The exception Status_Error is propagated if Directory_Entry is invalid. The exception Constraint_Error is propagated if the file size is not a value of type File_Size.

function Modification_Time (Directory_Entry : in Directory_Entry_Type)
     return Ada.Calendar.Time;

Returns the time that the external file represented by Directory_Entry was most recently modified. If the external file represented by Directory_Entry is not an ordinary file, the result is implementation-defined. The exception Status_Error is propagated if Directory_Entry is invalid. The exception Use_Error is propagated if the external environment does not support the reading the modification time of the file represented by Directory_Entry.

Implementation Requirements

For Copy_File, if Source_Name identifies an existing external ordinary file created by a predefined Ada Input-Output package, and Target_Name and Form can be used in the Create operation of that Input-Output package with mode Out_File without raising an exception, then Copy_File shall not propagate Use_Error.

Implementation Advice

If other information about a file is available (such as the owner or creation date) in a directory entry, the implementation should provide functions in a child package Ada.Directories.Information to retrieve it.

Start_Search should raise Use_Error if Pattern is malformed, but not if it could represent a file in the directory but does not actually do so.

For Rename, if both New_Name and Old_Name are simple names, then Rename should not propagate Use_Error.

NOTES
37 The file name operations Containing_Directory, Full_Name, Simple_Name, Base_Name, Extension, and Compose operate on file names, not external files. The files identified by these operations do not need to exist. Name_Error is raised only if the file name is malformed and cannot possibly identify a file.
38 Using access types, values of Search_Type and Directory_Entry_Type can be saved and queried later. However, another task or application can modify or delete the file represented by a Directory_Entry_Type value or the directory represented by a Search_Type value; such a value can only give the information valid at the time it is created. Therefore, long-term storage of these values is not recommended.
39 If the target system does not support directories inside of directories, Is_Directory will always return False, and Containing_Directory will always raise Use_Error.
40 If the target system does not support creation or deletion of directories, Create_Directory, Create_Path, Delete_Directory, and Delete_Tree will always propagate Use_Error.

Annex B: Interface to Other Languages

B.1 Interfacing Pragmas

Insert after paragraph 38: [AI95-00320-01]

local_name

pragma

the new paragraph:

Erroneous Execution

It is the programmer's responsibility to ensure that the use of interfacing pragmas does not violate Ada semantics; otherwise, program execution is erroneous.

B.2 The Package Interfaces

Insert after paragraph 10: [AI95-00204-01]

Floating point types corresponding to each floating point format fully supported by the hardware.

the new paragraph:

Support for interfacing to any foreign language is optional. However, an implementation shall not provide any attribute, library unit, or pragma having the same name as an attribute, library unit, or pragma (respectively) specified in the following clauses of this Annex unless the provided construct is either as specified in those clauses or is more limited in capability than that required by those clauses. A program that attempts to use an unsupported capability of this Annex shall either be identified by the implementation before run time or shall raise an exception at run time.

Insert after paragraph 11: [AI95-00204-01]

An implementation may provide implementation-defined library units that are children of Interfaces, and may add declarations to the visible part of Interfaces in addition to the ones defined above.

the new paragraph:

A child package of package Interfaces with the name of a convention may be provided independently of whether the convention is supported by the pragma Convention and vice versa. Such a child package should contain any declarations that would be useful for interfacing to the language (implementation) represented by the convention. Any declarations useful for interfacing to any language on the given hardware architecture should be provided directly in Interfaces.

Delete paragraph 12: [AI95-00204-01]

For each implementation-defined convention identifier, there should be a child package of package Interfaces with the corresponding name. This package should contain any declarations that would be useful for interfacing to the language (implementation) represented by the convention. Any declarations useful for interfacing to any language on the given hardware architecture should be provided directly in Interfaces.

B.3 Interfacing with C and C++

Replace the title: [AI95-00376-01]

Interfacing with C

by:

Interfacing with C and C++

Replace paragraph 1: [AI95-00376-01]

convention

identifier

convention

identifier

by:

convention

identifier

convention

identifier

Replace paragraph 2: [AI95-00376-01]

The package Interfaces.C contains the basic types, constants and subprograms that allow an Ada program to pass scalars and strings to C functions.

by:

The package Interfaces.C contains the basic types, constants and subprograms that allow an Ada program to pass scalars and strings to C and C++ functions.

Replace paragraph 50: [AI95-00258-01]

The result of To_C is a char_array value of length Item'Length (if Append_Nul is False) or Item'Length+1 (if Append_Nul is True). The lower bound is 0. For each component Item(I), the corresponding component in the result is To_C applied to Item(I). The value nul is appended if Append_Nul is True.

by:

Replace paragraph 60.2: [AI95-00216-01]

The eligibility rules in B.1 do not apply to convention C_Pass_By_Copy. Instead, a type T is eligible for convention C_Pass_By_Copy if T is a record type that has no discriminants and that only has components with statically constrained subtypes, and each component is C-compatible.

by:

The eligibility rules in B.1 do not apply to convention C_Pass_By_Copy. Instead, a type T is eligible for convention C_Pass_By_Copy if T is an unchecked union type or if T is a record type that has no discriminants and that only has components with statically constrained subtypes, and each component is C-compatible.

B.3.1 The Package Interfaces.C.Strings

Replace paragraph 5: [AI95-00161-01]

    type Chars_Ptr is private;

by:

    type Chars_Ptr is private;
    pragma Preelaborable_Initialization(Chars_Ptr);

Replace paragraph 6: [AI95-00276-01]

type chars_ptr_array is array (size_t range <>) of chars_ptr;

by:

type chars_ptr_array is array (size_t range <>) of aliased chars_ptr;

Replace paragraph 50: [AI95-00242-01]

Equivalent to Update(Item, Offset, To_C(Str), Check).

by:

Equivalent to Update(Item, Offset, To_C(Str, Append_Nul => False), Check).

B.3.3 Pragma Unchecked_Union

Insert new clause: [AI95-00216-01]

A pragma Unchecked_Union specifies an interface correspondence between a given discriminated type and some C union. The pragma specifies that the associated type shall be given a representation that leaves no space for its discriminant(s).

Syntax

The form of a pragma Unchecked_Union is as follows:

pragma

first_subtype_

local_name

Legality Rules

Unchecked_Union is a representation pragma, specifying the unchecked union aspect of representation.

first_subtype_local_

name

pragma

variant_part

unchecked union type

unchecked union subtype

unchecked union object

All component subtypes of an unchecked union type shall be C-compatible.

If a component subtype of an unchecked union type is subject to a per-object constraint, then the component subtype shall be an unchecked union subtype.

Any name that denotes a discriminant of an object of an unchecked union type shall occur within the declarative region of the type.

variant_part

known_discriminant_part

Static Semantics

An unchecked union type is eligible for convention C.

Discriminant_Check is suppressed for an unchecked union type.

All objects of an unchecked union type have the same size.

Discriminants of objects of an unchecked union type are of size zero.

Dynamic Semantics

inferable discriminants

subtype_mark

Program_Error is raised in the following cases:

Evaluation of the predefined equality operator for an unchecked union type if either of the operands lacks inferable discriminants.

Evaluation of the predefined equality operator for a type which has a subcomponent of an unchecked union type whose nominal subtype is unconstrained.

Evaluation of a membership test if the subtype_mark denotes a constrained unchecked union subtype and the expression lacks inferable discriminants.

Conversion from a derived unchecked union type to an unconstrained non-unchecked-union type if the operand of the conversion lacks inferable discriminants.

Execution of the default implementation of the Write or Read attribute of an unchecked union type.

Execution of the default implementation of the Output or Input attribute of an unchecked union type if the type lacks default discriminant values.

Implementation Permissions

pragma

NOTES
15 The use of an unchecked union to obtain the effect of an unchecked conversion results in erroneous execution (see 11.5). Execution of the following example is erroneous even if Float'Size = Integer'Size:

    type T (Flag : Boolean := False) is
       record
           case Flag is
               when False =>
                   F1 : Float := 0.0;
               when True =>
                   F2 : Integer := 0;
           end case;
        end record;
    pragma Unchecked_Union (T);

    X : T;
    Y : Integer := X.F2; -- erroneous

Annex C: Systems Programming

C.3.1 Protected Procedure Handlers

Replace paragraph 8: [AI95-00253-01]

protected_definition

protected_type_declaration

object_declaration

by:

protected_definition

protected_type_declaration

single_protected_declaration

object_declaration

C.4 Preelaboration Requirements

Insert after paragraph 4: [AI95-00161-01]

Any subtype_mark denotes a statically constrained subtype, with statically constrained subcomponents, if any;

the new paragraph:

No subtype_mark denotes a controlled type, a private type, a private extension, a generic formal private type, a generic formal derived type, or a descendant of such a type;

C.6 Shared Variable Control

Replace paragraph 7: [AI95-00272-01]

atomic

by:

atomic

Insert after paragraph 21: [AI95-00259-01]

If a pragma Pack applies to a type any of whose subcomponents are atomic, the implementation shall not pack the atomic subcomponents more tightly than that for which it can support indivisible reads and updates.

the new paragraphs:

Implementation Advice

A load or store of a volatile object whose size is a multiple of System.Storage_Unit and whose alignment is nonzero, should be implemented by accessing exactly the bits of the object and no others.

A load or store of an atomic object should, where possible, be implemented by a single load or store instruction.

C.7.1 The Package Task_Identification

Replace paragraph 2: [AI95-00362-01]

package Ada.Task_Identification is
   type Task_ID is private;
   Null_Task_ID : constant Task_ID;
   function  "=" (Left, Right : Task_ID) return Boolean;

by:

package Ada.Task_Identification is
   pragma Preelaborate(Task_Identification);
   type Task_ID is private;
   pragma Preelaborable_Initialization (Task_Id);
   Null_Task_ID : constant Task_ID;
   function  "=" (Left, Right : Task_ID) return Boolean;

C.7.3 Task Termination Procedures

Insert new clause: [AI95-00266-02]

This clause specifies a package for associating protected procedures with a task. One such procedure is invoked when the task is about to terminate.

Static Semantics

The following language-defined library package exists:

with System;
with Ada.Task_Identification;
with Ada.Exceptions;
package Ada.Task_Termination is
  type Cause_Of_Termination is (Normal, Abnormal, Unhandled_Exception);

  type Handler is access protected procedure(
      Cause : in Cause_Of_Termination;
      T     : in Ada.Task_Identification.Task_Id;
      X     : in Ada.Exceptions.Exception_Occurrence);

  procedure Set_Dependents_Fallback_Handler(New_Handler: in Handler);
  function Current_Task_Fallback_Handler return Handler;

  procedure Set_Specific_Handler(
      T           : in Ada.Task_Identification.Task_Id;
      New_Handler : in Handler);
  function Specific_Handler(T : Ada.Task_Identification.Task_Id)
      return Handler;
end Ada.Task_Termination;

Dynamic Semantics

A call of Set_Dependents_Fallback_Handler sets the fall-back handler for all dependent tasks. If a fall-back handler had previously been set it is replaced. A call with a null access parameter is equivalent to removing the fall-back handler. A call of Current_Task_Fallback_Handler returns the fall-back handler that is currently in effect for the calling task. If no fall-back handler has been set it returns null.

A call of Set_Specific_Handler sets a specific handler for the task identified by T. If a specific handler had previously been set it is replaced. A call with a null access parameter is equivalent to removing the specific handler. A call of Specific_Handler returns the specific handler if one has been set, otherwise the handler returned is null.

As part of the finalization of a task_body, after performing the actions specified in 7.6 for finalization of a master, the task specific handler, if not null, is called. If there is no such specific handler, a fall-back handler is determined by recursively searching for a non null fall-back handler in the tasks upon which it depends. If such a fall-back handler is determined it is executed; otherwise no handler is executed.

If the task completed due to completing the last statement of the task body, or as a result of waiting on a terminate alternative then Cause is set to Normal and X is set to Null_Occurrence. If completion is due to abort then Cause is set to Abnormal and X is set to Null_Occurrence. If completion is due to an unhandled exception then Cause is set to Unhandled_Exception and the associated exception occurrence is passed.

For all the operations defined in this package, Tasking_Error is raised if the task identified by T has already terminated. Program_Error is raised if the value of T is Null_Task_ID.

An exception propagated from a handler that is invoked as part of a task's termination has no effect.

Annex D: Real-Time Systems

D.2 Priority Scheduling

Replace paragraph 1: [AI95-00321-01]

This clause describes the rules that determine which task is selected for execution when more than one task is ready (see 9.2). The rules have two parts: the task dispatching model (see D.2.1), and a specific task dispatching policy (see D.2.2).]

by:

This clause describes the rules that determine which task is selected for execution when more than one task is ready (see 9).

D.2.1 The Task Dispatching Model

Replace paragraph 1: [AI95-00321-01]

The task dispatching model specifies preemptive scheduling, based on conceptual priority-ordered ready queues.

by:

The task dispatching model specifies task scheduling, based on conceptual priority-ordered ready queues.

Replace paragraph 2: [AI95-00321-01]

running task

by:

running task

Replace paragraph 4: [AI95-00321-01]

Task dispatching

task dispatching points

accept_statement

by:

Task dispatching

task dispatching points

Replace paragraph 5: [AI95-00321-01]

Task dispatching policies

ready queues

head of the queue

tail of the queue

ready

by:

Task dispatching policies

ready queues

head of the queue

tail of the queue

ready

Replace paragraph 6: [AI95-00321-01]

running task

by:

running task

Delete paragraph 7: [AI95-00321-01]

preempted

Delete paragraph 8: [AI95-00321-01]

A new running task is also selected whenever there is a nonempty ready queue with a higher priority than the priority of the running task, or when the task dispatching policy requires a running task to go back to a ready queue. These are also task dispatching points.

Replace paragraph 9: [AI95-00321-01]

An implementation is allowed to define additional resources as execution resources, and to define the corresponding allocation policies for them. Such resources may have an implementation defined effect on task dispatching (see D.2.2).

by:

Insert after paragraph 10: [AI95-00321-01]

An implementation may place implementation-defined restrictions on tasks whose active priority is in the Interrupt_Priority range.

the new paragraph:

delay_statement

Insert after paragraph 16: [AI95-00321-01]

12 The priority of a task is determined by rules specified in this subclause, and under D.1, ``Task Priorities'', D.3, `` Priority Ceiling Locking'', and D.5, ``Dynamic Priorities''.

the new paragraph:

13 The setting of a task's base priority as a result of a call to Set_Priority does not always take effect immediately when Set_Priority is called. The effect of setting the task's base priority is deferred while the affected task performs a protected action.

D.2.2 Pragma Task_Dispatching_Policy

Replace the title: [AI95-00321-01]

The Standard Task Dispatching Policy

by:

Pragma Task_Dispatching_Policy

Replace paragraph 3: [AI95-00321-01]

policy

identifier

by:

policy

identifier

Delete paragraph 5: [AI95-00321-01]

If the FIFO_Within_Priorities policy is specified for a partition, then the Ceiling_Locking policy (see D.3) shall also be specified for the partition.

Delete paragraph 7: [AI95-00321-01]

The language defines only one task dispatching policy, FIFO_Within_Priorities; when this policy is in effect, modifications to the ready queues occur only as follows:

Delete paragraph 8: [AI95-00321-01]

When a blocked task becomes ready, it is added at the tail of the ready queue for its active priority.

Delete paragraph 9: [AI95-00321-01]

When the active priority of a ready task that is not running changes, or the setting of its base priority takes effect, the task is removed from the ready queue for its old active priority and is added at the tail of the ready queue for its new active priority, except in the case where the active priority is lowered due to the loss of inherited priority, in which case the task is added at the head of the ready queue for its new active priority.

Delete paragraph 10: [AI95-00321-01]

When the setting of the base priority of a running task takes effect, the task is added to the tail of the ready queue for its active priority.

Delete paragraph 11: [AI95-00321-01]

When a task executes a delay_statement that does not result in blocking, it is added to the tail of the ready queue for its active priority.

Delete paragraph 12: [AI95-00321-01]

Each of the events specified above is a task dispatching point (see D.2.1).

Delete paragraph 13: [AI95-00321-01]

In addition, when a task is preempted, it is added at the head of the ready queue for its active priority.

Delete paragraph 14: [AI95-00321-01]

Priority inversion

Delete paragraph 15: [AI95-00321-01]

The maximum priority inversion a user task can experience due to activity of the implementation (on behalf of lower priority tasks), and

Delete paragraph 16: [AI95-00321-01]

whether execution of a task can be preempted by the implementation processing of delay expirations for lower priority tasks, and if so, for how long.

Replace paragraph 17: [AI95-00256-01; AI95-00321-01]

Implementations are allowed to define other task dispatching policies, but need not support more than one such policy per partition.

by:

Implementations are allowed to define other task dispatching policies, but need not support more than one task dispatching policy per partition.

Delete paragraph 18: [AI95-00321-01]

delay_statement

Delete paragraph 19: [AI95-00321-01]

13 If the active priority of a running task is lowered due to loss of inherited priority (as it is on completion of a protected operation) and there is a ready task of the same active priority that is not running, the running task continues to run (provided that there is no higher priority task).

Delete paragraph 20: [AI95-00321-01]

14 The setting of a task's base priority as a result of a call to Set_Priority does not always take effect immediately when Set_Priority is called. The effect of setting the task's base priority is deferred while the affected task performs a protected action.

Delete paragraph 21: [AI95-00321-01]

15 Setting the base priority of a ready task causes the task to move to the end of the queue for its active priority, regardless of whether the active priority of the task actually changes.

D.2.3 Preemptive Dispatching

Insert new clause: [AI95-00321-01]

This clause defines the policy_identifier, FIFO_Within_Priorities.

Post-Compilation Rules

If the FIFO_Within_Priorities policy is specified for a partition, then the Ceiling_Locking policy (see D.3) shall also be specified for the partition.

Dynamic Semantics

When FIFO_Within_Priorities is in effect, modifications to the ready queues occur only as follows:

When a blocked task becomes ready, it is added at the tail of the ready queue for its active priority.

When the active priority of a ready task that is not running changes, or the setting of its base priority takes effect, the task is removed from the ready queue for its old active priority and is added at the tail of the ready queue for its new active priority, except in the case where the active priority is lowered due to the loss of inherited priority, in which case the task is added at the head of the ready queue for its new active priority.

When the setting of the base priority of a running task takes effect, the task is added to the tail of the ready queue for its active priority.

When a task executes a delay_statement that does not result in blocking, it is added to the tail of the ready queue for its active priority.

Each of the events specified above is a task dispatching point (see D.2.1).

A task dispatching point occurs for the currently running task of a processor whenever there is a nonempty ready queue for that processor with a higher priority than the priority of the running task. The currently running task is said to be preempted and it is added at the head of the ready queue for its active priority.

Documentation Requirements

Priority inversion

The maximum priority inversion a user task can experience due to activity of the implementation (on behalf of lower priority tasks), and

whether execution of a task can be preempted by the implementation processing of delay expirations for lower priority tasks, and if so, for how long.

NOTES
14 If the active priority of a running task is lowered due to loss of inherited priority (as it is on completion of a protected operation) and there is a ready task of the same active priority that is not running, the running task continues to run (provided that there is no higher priority task).

15 Setting the base priority of a ready task causes the task to move to the tail of the queue for its active priority, regardless of whether the active priority of the task actually changes.

D.2.4 Non-Preemptive Dispatching

Insert new clause: [AI95-00298-01]

policy_

identifier

Legality Rules

policy_

identifier

Post-Compilation Rules

If Non_Preemptive_FIFO_Within_Priorities is specified for a partition then Ceiling_Locking (see D.3) shall also be specified for that partition.

Dynamic Semantics

When Non_Preemptive_FIFO_Within_Priorities is in effect, modifications to the ready queues occur only as follows:

When a blocked task becomes ready, it is added at the tail of the ready queue for its active priority.

When the active priority of a ready task that is not running changes, or the setting of its base priority takes effect, the task is removed from the ready queue for its old active priority and is added at the tail of the ready queue for its new active priority.

When a task executes a delay_statement that does not result in blocking, it is added to the tail of the ready queue for its active priority. This is a task dispatching point (see D.2.1).

Implementation Permissions

Since implementations are allowed to round all ceiling priorities in subrange System.Priority to System.Priority'Last (see D.3), an implementation may allow a task to execute within a protected object without raising its active priority provided the protected object does not contain pragma Interrupt_Priority, Interrupt_Handler or Attach_Handler.

D.3 Priority Ceiling Locking

Insert after paragraph 13: [AI95-00327-01]

When a task calls a protected operation, a check is made that its active priority is not higher than the ceiling of the corresponding protected object; Program_Error is raised if this check fails.

the new paragraphs:

Bounded (Run-Time) Errors

Following any change of priority, it is a bounded error for the active priority of any task with a call queued on an entry of a protected object to be higher than the ceiling priority of the protected object. In this case one of the following applies:

at any time prior to executing the entry body Program_Error is raised in the calling task;

when the entry is open the entry body is executed at the ceiling priority of the protected object;

when the entry is open the entry body is executed at the ceiling priority of the protected object and then Program_Error is raised in the calling task; or

when the entry is open the entry body is executed at the ceiling priority of the protected object that was in effect when the entry call was queued.

Replace paragraph 15: [AI95-00256-01]

Implementations are allowed to define other locking policies, but need not support more than one such policy per partition.

by:

Implementations are allowed to define other locking policies, but need not support more than one locking policy per partition.

D.4 Entry Queuing Policies

Replace paragraph 15: [AI95-00256-01]

Implementations are allowed to define other queuing policies, but need not support more than one such policy per partition.

by:

Implementations are allowed to define other queuing policies, but need not support more than one queuing policy per partition.

D.5 Dynamic Priorities

Insert before paragraph 1: [AI95-00327-01]

This clause specifies how the base priority of a task can be modified or queried at run time.

the new paragraphs:

This clause describes how the priority of an entity can be queried or modified at run time.

D.5.1 Dynamic Priorities for Tasks

[This changes the subclause of all of the existing text.]

Replace paragraph 3: [AI95-00362-01]

with System;
with Ada.Task_Identification; -- See C.7.1
package Ada.Dynamic_Priorities is

by:

with System;
with Ada.Task_Identification; -- See C.7.1
package Ada.Dynamic_Priorities is
  pragma Preelaborate(Dynamic_Priorities);

Delete paragraph 11: [AI95-00327-01]

If a task is blocked on a protected entry call, and the call is queued, it is a bounded error to raise its base priority above the ceiling priority of the corresponding protected object. When an entry call is cancelled, it is a bounded error if the priority of the calling task is higher than the ceiling priority of the corresponding protected object. In either of these cases, either Program_Error is raised in the task that called the entry, or its priority is temporarily lowered, or both, or neither.

D.5.2 Dynamic Priorities for Protected Objects

Insert new clause: [AI95-00327-01]

This clause specifies how the priority of a protected object can be modified or queried at run time.

Static Semantics

The following attribute of a protected object is defined:

P'Priority

Denotes a non-aliased component of the enclosing protected object P. This component is of type System.Any_Priority and its value is the priority of P. Reference to this attribute shall appear only inside the body of P.>

The initial value of this attribute is set by pragmas Priority or Interrupt_Priority, and can be changed by an assignment.

Dynamic Semantics

If the Locking_Policy Ceiling_Locking is in effect then the ceiling priority of a protected object P is set to the value of P'Priority at the end of each protected action of P.

Metrics

The implementation shall document the following metric:

The difference in execution time of calls to the following procedures in protected object P,

   protected P is
      procedure Do_Not_Set_Ceiling (Pr : System.Any_Priority);
      procedure Set_Ceiling (Pr : System.Any_Priority);
   private
      null;
   end P;

   protected body P is
      procedure Do_Not_Set_Ceiling (Pr : System.Any_Priority) is
      begin
         null;
      end;
      procedure Set_Ceiling (Pr : System.Any_Priority) is
      begin
         P'Priority := Pr;
      end;
   end P;

NOTES
38 The value of P'Priority following an assignment to the attribute immediately reflects the new value even though its impact on the ceiling priority of P is postponed until completion of the protected action in which it is executed.

D.7 Tasking Restrictions

Replace paragraph 4: [AI95-00360-01]

No_Nested_Finalization: Objects with controlled, protected, or task parts and access types that designate such objects, shall be declared only at library level.

by:

No_Nested_Finalization: Objects of a type that needs finalization (see 7.6) and access types that designate a type that needs finalization (see 7.6) shall be declared only at library level.

Replace paragraph 9: [AI95-00327-01]

No_Dynamic_Priorities: There are no semantic dependences on the package Dynamic_Priorities.

by:

No_Dynamic_Priorities: There are no semantic dependences on the package Dynamic_Priorities, and no occurrences of attribute 'Priority.

Insert after paragraph 10: [AI95-00305-01; AI95-00353-01]

No_Asynchronous_Control: There are no semantic dependences on the package Asynchronous_Task_Control.

the new paragraphs:

No_Calendar: There are no semantic dependencies on package Ada.Calendar.

No_Dynamic_Attachment: There is no call to any of the operations defined in package Ada.Interrupts (Is_Reserved, Is_Attached, Current_Handler, Attach_Handler, Exchange_Handler, Detach_Handler, and Reference).

No_Local_Protected_Objects: Protected objects shall be declared only at library level.

No_Protected_Type_Allocators: There are no allocators for protected types or types containing protected type components.

No_Relative_Delay: There are no delay_relative_statements.

No_Requeue_Statements: There are no requeue_statements.

No_Select_Statements: There are no select_statements.

No_Synchronous_Control: There are no semantic dependences on the package Synchronous_Task_Control.

No_Task_Attributes_Package: There are no semantic dependencies on package Ada.Task_Attributes.

Simple_Barriers: The Boolean expression in an entry barrier shall be either a static Boolean expression or a Boolean component of the enclosing protected object.

Replace paragraph 15: [AI95-00305-01]

This paragraph was deleted

by:

No_Task_Termination: All tasks are non-terminating. It is implementation-defined what happens if a task attempts to terminate.

Insert after paragraph 19: [AI95-00305-01]

Max_Tasks: Specifies the maximum number of task creations that may be executed over the lifetime of a partition, not counting the creation of the environment task. A value of zero prevents any task creation and, if a program contains a task creation, it is illegal. If an implementation chooses to detect a violation of this restriction, Storage_Error should be raised; otherwise, the behavior is implementation defined.

the new paragraph:

Max_Entry_Queue_Length: Max_Entry_Queue_Length defines the maximum number of calls that are queued on an entry. Violation of this restriction results in the raising of Program_Error at the point of the call.

D.10 Synchronous Task Control

Replace paragraph 3: [AI95-00362-01]

package Ada.Synchronous_Task_Control is

by:

package Ada.Synchronous_Task_Control is
   pragma Preelaborate(Synchronous_Task_Control);

D.11 Asynchronous Task Control

Replace paragraph 3: [AI95-00362-01]

with Ada.Task_Identification;
package Ada.Asynchronous_Task_Control is
   procedure Hold(T : in Ada.Task_Identification.Task_ID);
   procedure Continue(T : in Ada.Task_Identification.Task_ID);
   function Is_Held(T : Ada.Task_Identification.Task_ID)
      return Boolean;
end Ada.Asynchronous_Task_Control;

by:

with Ada.Task_Identification;
package Ada.Asynchronous_Task_Control is
   pragma Preelaborate(Asynchronous_Task_Control);
   procedure Hold(T : in Ada.Task_Identification.Task_ID);
   procedure Continue(T : in Ada.Task_Identification.Task_ID);
   function Is_Held(T : Ada.Task_Identification.Task_ID)
      return Boolean;
end Ada.Asynchronous_Task_Control;

D.13 Run-time Profiles and the Ravenscar Profile

Insert new clause: [AI95-00249-01; AI95-00297-01]

This clause specifies a mechanism for defining run-time profiles. It also defines one such profile, Ravenscar.

Syntax

pragma Profile (profile_identifier [profile_argument_associations]);

profile_argument_associations ::= pragma_argument_association, {pragma_argument_association}

Legality Rules

profile_identifier

profile_argument_associations

profile_identifier

profile_argument_associations

Static Semantics

profile_identifier

pragma Task_Dispatching_Policy (FIFO_Within_Priorities);
pragma Locking_Policy (Ceiling_Locking);
pragma Detect_Blocking;
pragma Restrictions (
                Max_Entry_Queue_Length => 1,
                Max_Protected_Entries => 1,
                Max_Task_Entries => 0,
                No_Abort_Statements,
                No_Asynchronous_Control,
                No_Calendar,
                No_Dynamic_Attachment,
                No_Dynamic_Priorities,
                No_Implicit_Heap_Allocations,
                No_Local_Timing_Events,
                No_Local_Protected_Objects,
                No_Protected_Type_Allocators,
                No_Relative_Delay,
                No_Requeue_Statements,
                No_Select_Statements,
                No_Task_Allocators,
                No_Task_Attributes_Package,
                No_Task_Hierarchy,
                No_Task_Termination,
                Simple_Barriers);

Post-Compilation Rules

A pragma Profile is a configuration pragma. There may be more than one pragma Profile for a partition.

NOTES
37 The effect of the Max_Entry_Queue_Length => 1 restriction applies only to protected entry queues due to the accompanying restriction of Max_Task_Entries => 0.

D.14 Execution Time

Insert new clause: [AI95-00307-01]

This clause specifies an execution-time clock package.

Static Semantics

The following language-defined library package exists:

with Ada.Task_Identification;
with Ada.Real_Time; use Ada.Real_Time;
package Ada.Execution_Time is

   type CPU_Time is private;
   CPU_Time_First : constant CPU_Time;
   CPU_Time_Last  : constant CPU_Time;
   CPU_Time_Unit  : constant := implementation-defined-real-number;
   CPU_Tick : constant Time_Span;

   function Clock
     (T : Ada.Task_Identification.Task_ID
          := Ada.Task_Identification.Current_Task)
     return CPU_Time;

   function "+"  (Left : CPU_Time; Right : Time_Span) return CPU_Time;
   function "+"  (Left : Time_Span; Right : CPU_Time) return CPU_Time;
   function "-"  (Left : CPU_Time; Right : Time_Span) return CPU_Time;
   function "-"  (Left : CPU_Time; Right : CPU_Time)  return Time_Span;

   function "<"  (Left, Right : CPU_Time) return Boolean;
   function "<=" (Left, Right : CPU_Time) return Boolean;
   function ">"  (Left, Right : CPU_Time) return Boolean;
   function ">=" (Left, Right : CPU_Time) return Boolean;

   procedure Split
      (T : CPU_Time; SC : out Seconds_Count; TS : out Time_Span);

   function Time_Of (SC : Seconds_Count; TS : Time_Span) return CPU_Time;

private
   ... --  not specified by the language
end Ada.Execution_Time;

Execution time or CPU time of a given task is defined as the time spent by the system executing that task, including the time spent executing run-time or system services on behalf of it. The mechanism used to measure execution time is implementation defined. It is implementation defined which task, if any, is charged the execution time that is consumed by interrupt handlers and run-time services on behalf of the system.

The type CPU_Time represents the execution time of a task. The set of values of the type CPU_Time corresponds one-to-one with an implementation-defined range of mathematical integers.

The CPU_Time value I represents the half-open execution-time interval that starts with I*CPU_Time_Unit and is limited by (I+1)*CPU_Time_Unit, where CPU_Time_Unit is an implementation-defined real number. For each task, the execution time value is set to zero at some unspecified point between the task creation and the start of the task's activation.

CPU_Time_First and CPU_Time_Last are the smallest and largest values of the Time type, respectively.

Dynamic Semantics

CPU_Time_Unit is the smallest amount of execution time representable by the CPU_Time type; it is expressed in seconds. A CPU clock tick is an execution time interval during which the clock value (as observed by calling the Clock function) remains constant. CPU_Tick is the average length of such intervals.

The effects of the operators on CPU_Time and Time_Span are as for the operators defined for integer types.

The function Clock returns the amount of execution time of the task associated with the execution-time clock of the task represented by T.

The effects of the Split and Time_Of operations are defined as follows, treating values of type CPU_Time, Time_Span, and Seconds_Count as mathematical integers. The effect of Split (T, SC, TS) is to set SC and TS to values such that T*CPU_Time_Unit = SC*1.0 + TS*CPU_Time_Unit, and 0.0 <= TS*CPU_Time_Unit < 1.0. The value returned by Time_Of(SC,TS) is the execution-time value T such that T*CPU_Time_Unit=SC*1.0 + TS*CPU_Time_Unit.

For all the operations and types defined in this package, Tasking_Error is raised if the task identified by T has terminated. Program_Error is raised if the value of T is Null_Task_ID.

Erroneous Execution

If a value of Task_ID is passed as a parameter to any of the subprograms of this package or used to define an object declared by a type provided by this package (or any language-defined child package of this package) and the corresponding task object no longer exists, the execution of the program is erroneous.

Implementation Requirements

The range of CPU_Time values shall be sufficient to uniquely represent the range of execution times from the task start-up to 50 years of execution time later. CPU_Tick shall be no greater than 1 millisecond.

Documentation Requirements

The implementation shall document the values of CPU_Time_First, CPU_Time_Last, CPU_Time_Unit, and CPU_Tick.

The implementation shall document the properties of the underlying mechanism used to measure execution times, such as the range of values supported and any relevant aspects of the underlying hardware or operating system facilities used.

Metrics

The implementation shall document the following metrics:

An upper bound on the execution-time duration of a clock tick. This is a value D such that if t1 and t2 are any execution times of a given task such that t1<t2 and Clock[t1]=Clock[t2] then t2-t1 <= D.

An upper bound on the size of a clock jump. A clock jump is the difference between two successive distinct values of an execution -time clock (as observed by calling the Clock function with the same Task_Id).

An upper bound on the execution time of a call to the Clock function, in processor clock cycles.

Upper bounds on the execution times of the operators of the type CPU_Time, in processor clock cycles.

Implementation Permissions

Implementations targeted to machines with word size smaller than 32 bits need not support the full range and granularity of the CPU_Time type.

Implementation Advice

When appropriate, implementations should provide configuration mechanisms to change the value of CPU_Tick.

D.14.1 Execution Time Timers

Insert new clause: [AI95-00307-01]

This clause specifies a child of Execution_Time that provides a facility for calling a handler when a task has used a defined quantity of CPU time.

Static Semantics

The following language-defined library package exists:

with Ada.Task_Identification;
with System;
with Ada.Real_Time; use Ada.Real_Time;
package Ada.Execution_Time.Timers is

   type Timer (T : access Ada.Task_Identification.Task_ID) is
      limited private;

   type Handler is not null access protected procedure (TM : in out Timer);

   Min_Handler_Ceiling : constant System.Any_Priority :=
    implementation-defined;

   procedure Arm (TM: in out Timer; Interval : Time_Span; H : Handler);
   procedure Arm (TM: in out Timer; Abs_Time : CPU_Time;  H : Handler);
   procedure Disarm(TM : in out Timer);

   function Timer_Has_Expired(TM : Timer) return Boolean;
   function Time_Remaining(TM : Timer) return Time_Span;

   Timer_Error : exception;
   Timer_Resource_Error : exception;

private
   ... --  not specified by the language
end Ada.Execution_Time.Timers;

The type Timer needs finalization (see 7.6).

Dynamic Semantics

Type Timer represents a software object that is capable of detecting execution time overruns. Each timer is attached to a specific execution time clock, which is the clock of the task specified by the access discriminant T. This type has operations for the application tasks to arm or disarm a timer, and to determine whether a timer has expired or not (Timer_Has_Expired). In addition, when arming the timer, an access to a protected procedure (type Handler) is passed. This procedure will be called by the implementation when the timer expires.

The constant Min_Handler_Ceiling is the priority value that will insure that no ceiling violation will occur when a handler is executed.

When a Timer object is created, or upon the first call to one of its Arm procedures, the resources required to operate a CPU-time timer based on the associated execution-time clock will be allocated and initialized. The timer is initialized in the disarmed state. If this operation would exceed the limit of the maximum number of timers in the system, the Timer_Resource_Error exception is raised.

The Arm procedure that takes a Time_Span parameter loads the associated timer with the relative value specified by Interval and sets it to the armed state. In this state the timer counts execution time and, when the CPU clock associated with the timer measures the passage of Interval, it is said to have expired. If the timer was already armed, it is rearmed.

The Arm procedure that takes a CPU_Time parameter loads the associated timer with the absolute value specified by Abs_Time and sets it to the armed state. In this state the timer monitors execution time and, when the CPU clock associated with the timer reaches the value Abs_Time, it is said to have expired. If the value of Abs_Time had already been reached by the clock at the time of the call, the timer is set to the armed state and is said to have expired. If the timer was already armed, it is rearmed.

When a Timer expires, the protected procedure Handler is invoked by the system with a parameter equal to the Timer.

The Disarm procedure sets the timer to the disarmed state. In this state the timer will not expire.

The Time_Has_Expired function returns True if the timer is in the armed state and has expired, and returns False if the timer is in the armed state but has not yet expired. If the timer is in the disarmed state, the Timer_Error exception is raised.

The Time_Remaining function returns, when the timer is in the armed state, the CPU time interval that remains until the timer will expire, or a value representing zero if the timer has expired. If the timer is in the disarmed state, the Timer_Error exception is raised.

The Timer_Error exception is raised by Timer_Has_Expired, or Time_Remaining if an attempt is made to use a timer that is in the disarmed state.

For all the operations and types defined in this package, Tasking_Error is raised if the task identified by T has terminated. Program_Error is raised if the value of T is Null_Task_ID.

Implementation Requirements

For a given Timer object, the implementation shall perform the operations declared in this package atomically with respect to any of these operations on the same Timer object.

When an object of type Timer is finalized, the system resources used by the timer shall be deallocated.

Implementation Permissions

Implementations may limit the number of timers that can be defined for each task. If this limit is exceeded the Timer_Resource_Error exception is raised.

D.14.2 Group Execution Time Budgets

Insert new clause: [AI95-00354-01]

This clause specifies a group execution time control package.

Static Semantics

The following language-defined library package exists:

with System;
with Ada.Task_Identification;
package Ada.Execution_Time.Group_Budgets is
  type Group_Budget is limited private;

  type Handler is not null access
       protected procedure(GB : in out Group_Budget);

  type Task_Array is array(Positive range <>) of
                                  Ada.Task_Identification.Task_ID;

  Min_Handler_Ceiling : constant System.Any_Priority :=
    implementation-defined;

  procedure Add_Task(GB: in out Group_Budget;
                       T : Ada.Task_Identification.Task_ID);
  procedure Remove_Task(GB: in out Group_Budget;
                       T : Ada.Task_Identification.Task_ID);
  function Is_Member(GB: Group_Budget;
             T : Ada.Task_Identification.Task_ID) return Boolean;
  function Is_A_Group_Member(
             T : Ada.Task_Identification.Task_ID) return Boolean;
  function Members(GB: Group_Budget) return Task_Array;

  procedure Replenish (GB: in out Group_Budget; To : Time_Span);
  procedure Add(GB: in out Group_Budget; Interval : Time_Span);
  function Budget_Has_Expired(GB: Group_Budget) return Boolean;
  function Budget_Remaining(GB: Group_Budget) return Time_Span;

  procedure Set_Handler(GB: in out Group_Budget; H : Handler);
  function Current_Handler(GB: Group_Budget) return Handler;
  procedure Cancel_Handler(GB: in out Group_Budget;
               Cancelled : out Boolean);

  Group_Budget_Error : exception;
private
    --  not specified by the language
end Ada.Execution_Time.Group_Budgets;

The type Group_Budget represents a CPU budget to be used by a group of tasks. This type needs finalization (see 7.6).

An object of type Group_Budget is said to be set if it has a registered Handler. An object is said to be cleared if it has no Handler. All Group_Budget objects are initially cleared.

Dynamic Semantics

Tasks of any priority are added to a group by calling Add_Task. Tasks are members of at most one group. Group_Budget_Error is raised by a call to Add_Task if the task is already a member of any group.

Tasks are removed from a group by calling Remove_Task. An attempt to remove a task that has not been added to the group will cause Group_Budget_Error to be raised.

The Is_Member function will return True if the task parameter is a member of the specified group. The Is_A_Group_Member function returns True if the task is a member of any group. Both return False otherwise.

The Members function returns the task IDs of the members of the group.

When a call to Replenish is made, the Group_Budget is loaded with the Time_Span value passed as a parameter. Any execution of the group of tasks results in the Group_Budget counting down. When the budget is exhausted (goes to Time_Span_Zero) the handler, if set, is called; the tasks continue to execute. A Group_Budget is initially loaded with zero budget.

A call to Budget_Remaining returns the remaining budget. If the budget is exhausted it will return Time_Span_Zero. This is the minimum value for the budget. A call to Budget_Has_Expired will return True if the budget is exhausted (equal to Time_Span_Zero), otherwise it returns False.

A Group_Budget can have its budget increased by calling Add. A negative value for the parameter will reduce the budget, but never below Time_Span_Zero.

A call of Replenish with a non positive value of To will causes exception Group_Budget_Error to be raised. A call to Add that results in the value of the budget going to Time_Span_Zero will cause the handler, if set, to be executed.

A call to Set_Handler registers the Handler and returns when GB is set. A call to Set_Handler for a Group_Budget that is already set, initially clears the Group_Budget then registers the new Handler.

A call to Current_Handler returns with the current Handler. If the Group_Budget denoted by GB is not set, exception Group_Budget_Error is raised.

A call to Cancel_Handler returns after the Group_Budget denoted by GB is cleared. Cancelled is assigned True if GB was set prior to it being cleared; otherwise the parameter is assigned False.

The constant Min_Handler_Ceiling is the priority value that will insure that no ceiling violation will occur when a handler is executed.

The precision of the accounting of task execution time to a Group_Budget is the same as that defined for execution-time clocks from the parent package.

As part of the finalization of an object of type Group_Budget all member tasks are removed from the group identified by the object.

If a task is a member of a Group_Budget when it terminates then as part of the finalization of the task it is removed from the group.

For all the operations and types defined in this package, Tasking_Error is raised if the task identified by T has terminated. Program_Error is raised if the value of T is Null_Task_ID.

Implementation Requirements

For a given Group_Budget object, the implementation shall perform the operations declared in this package atomically with respect to any of these operations on the same Group_Budget object.

D.15 Timing Events

Insert new clause: [AI95-00297-01]

This clause introduces a language-defined child package of Ada.Real_Time to allow user-defined protected procedures to be executed at a specified time without the need to use a task or a delay statement.

Static Semantics

The following language-defined package exists:

package Ada.Real_Time.Timing_Events is
  type Timing_Event is limited private;
  type Timing_Event_Handler
       is access protected procedure(Event : in out Timing_Event);
  procedure Set_Handler(Event : in out Timing_Event;
            At_Time : in Time; Handler: in Timing_Event_Handler);
  procedure Set_Handler(Event : in out Timing_Event;
            In_Time: in Time_Span; Handler: in Timing_Event_Handler);
  function Is_Handler_Set(Event : Timing_Event) return Boolean;
  function Current_Handler(Event : Timing_Event)
           return Timing_Event_Handler;
  procedure Cancel_Handler(Event : in out Timing_Event;
            Cancelled : out Boolean);
  function Time_Of_Event(Event : Timing_Event) return Time;
private
  ... -- not specified by the language
end Ada.Real_Time.Timing_Events;

The type Timing_Event needs finalization (see 7.6).

set

cleared

Dynamic Semantics

A call to a Set_Handler procedure returns after the Timing_Event_Handler denoted by Handler is registered. The first Set_Handler procedure registers the Timing_Event_Handler for execution at time At_Time. The second Set_Handler procedure registers the Timing_Event_Handler for execution at time Ada.Real_Time.Clock + In_Time;

A call of either Set_Handler procedure is not a potentially blocking operation.

As soon as possible after the time registered for the event, the Timing_Event_Handler procedure is executed. The Timing_Event_Handler is only executed if the timing event is set at the time of execution. As the initial action of the execution of the Timing_Event_Handler the Timing_Event denoted by Event is cleared.

If the Ceiling_Locking policy (see D.3) is in effect when a Set_Handler procedure is called, a check is made that the ceiling priority of Timing_Event_Handler is Interrupt_Priority'last. If the check fails, Program_Error is raised.

If a Set_Handler procedure is called with zero or negative In_Time or with At_Time indicating a time in the past then Timing_Event_Handler is executed immediately by the task executing the Set_Handler call. The Timing_Event denoted by Event is cleared and the handler is not registered.

An exception propagated from a Timing_Event_Handler invoked by a timing event has no effect.

A call to Is_Handler_Set returns True if Event is set; otherwise it returns False.

A call to Current_Handler returns with the current Timing_Event_Handler. If the Timing_Event denoted by Event is not set, Current_Handler returns null.

A call to Cancel_Handler returns after the Timing_Event denoted by Event is cleared. Cancelled is assigned True if Event was set prior to it being cleared; otherwise the parameter is assigned False.

A call to Time_Of_Event returns with the time of Event. If Event is not set, Time_Of_Event returns Ada.Real_Time.Time_First.

As the final step of finalization of an object of type Timing_Event, the Timing_Event is cleared.

If several timing events are registered for the same time, they are executed in FIFO order of registration.

Metrics

The Implementation shall document the following metric:

An upper bound on the lateness of the execution of a registered handler. That is, the maximum time between when a handler is actually executed and the time specified in the registration of that handler.

Implementation Advice

The protected handler procedure should be executed directly by the real-time clock interrupt mechanism.

Annex E: Distributed Systems

E.2.2 Remote Types Library Units

Replace paragraph 8: [AI95-00240-01]

if the full view of a type declared in the visible part of the library unit has a part that is of a non-remote access type, then that access type, or the type of some part that includes the access type subcomponent, shall have user-specified Read and Write attributes.

by:

if the full view of a type declared in the visible part of the library unit has a part that is of a non-remote access type, then that access type, or the type of some part that includes the access type subcomponent, shall have Read and Write attributes specified by a visible attribute_definition_clause.

Replace paragraph 14: [AI95-00240-01]

The primitive subprograms of the corresponding specific limited private type shall only have access parameters if they are controlling formal parameters; each non-controlling formal parameter shall have either a nonlimited type or a type with Read and Write attributes specified via an attribute_definition_clause;

by:

The primitive subprograms of the corresponding specific limited private type shall only have access parameters if they are controlling formal parameters; each non-controlling formal parameter shall have either a nonlimited type or a type with available Read and Write attributes (see 13.13.2);

E.2.3 Remote Call Interface Library Units

Replace paragraph 14: [AI95-00240-01]

it shall not be, nor shall its visible part contain, a subprogram (or access-to-subprogram) declaration whose profile has an access parameter, or a formal parameter of a limited type unless that limited type has user-specified Read and Write attributes;

by:

it shall not be, nor shall its visible part contain, a subprogram (or access-to-subprogram) declaration whose profile has an access parameter, or a formal parameter of a limited type unless that limited type has available Read and Write attributes (see 13.13.2);

E.5 Partition Communication Subsystem

Replace paragraph 1: [AI95-00273-01]

Partition Communication Subsystem

by:

Partition Communication Subsystem

Insert after paragraph 27: [AI95-00273-01]

A body for the package System.RPC need not be supplied by the implementation.

the new paragraph:

An alternative declaration is allowed for package System.RPC as long as it provides a set of operations that is substantially equivalent to the specification defined in this clause.

Annex F: Information Systems

No changes in this section.

Annex G: Numerics

G.1.1 Complex Types

Replace paragraph 4: [AI95-00161-01]

    type Imaginary is private;

by:

    type Imaginary is private;
    pragma Preelaborable_Initialization(Imaginary);

G.1.2 Complex Elementary Functions

Replace paragraph 15: [AI95-00185-01]

The real (resp., imaginary) component of the result of the Arcsin and Arccos (resp., Arctanh) functions is discontinuous as the parameter X crosses the real axis to the left of -1.0 or the right of 1.0.

by:

The imaginary component of the result of the Arcsin, Arccos, and Arctanh functions is discontinuous as the parameter X crosses the real axis to the left of -1.0 or the right of 1.0.

Replace paragraph 16: [AI95-00185-01]

by:

Replace paragraph 17: [AI95-00185-01]

by:

Replace paragraph 20: [AI95-00185-01]

The computed results of the mathematically multivalued functions are rendered single-valued by the following conventions, which are meant to imply the principal branch:

by:

The computed results of the mathematically multivalued functions are rendered single-valued by the following conventions, which are meant to imply that the principal branch is an analytic continuation of the corresponding real-valued function in Ada.Numerics.Generic_Elementary_Functions. (For Arctan and Arccot, the single-argument function in question is that obtained from the two-argument version by fixing the second argument to be its default value.)

G.1.3 Complex Input-Output

Insert before paragraph 10: [AI95-00328-01]

The semantics of the Get and Put procedures are as follows:

the new paragraph:

The library package Complex_Text_IO defines the same subprograms as Text_IO.Complex_IO, except that the predefined type Float is systematically substituted for Real, and the type Numerics.Complex_Types.Complex is systematically substituted for Complex throughout. Non-generic equivalents of Text_IO.Complex_IO corresponding to each of the other predefined floating point types are defined similarly, with the names Short_Complex_Text_IO, Long_Complex_Text_IO, etc.

G.2.2 Model-Oriented Attributes of Floating Point Types

Replace paragraph 3: [AI95-00256-01]

Ceiling

universal_integer

by:

ceiling

universal_integer

G.3 Vector and Matrix Manipulation

Insert new clause: [AI95-00296-01]

Types and operations for the manipulation of real vectors and matrices are provided in Generic_Real_Arrays, which is defined in G.3.1. Types and operations for the manipulation of complex vectors and matrices are provided in Generic_Complex_Arrays, which is defined in G.3.2. Both of these library units are generic children of the predefined package Numerics (see A.5). Nongeneric equivalents of these packages for each of the predefined floating point types are also provided as children of Numerics.

G.3.1 Real Vectors and Matrices

Insert new clause: [AI95-00296-01]

Static Semantics

The generic library package Numerics.Generic_Real_Arrays has the following declaration:

generic
   type Real is digits <>;
package Ada.Numerics.Generic_Real_Arrays is
   pragma Pure(Generic_Real_Arrays);

   -- Types

   type Real_Vector is array (Integer range <>) of Real'Base;
   type Real_Matrix is array (Integer range <>, Integer range <>) of Real'Base;

   -- Subprograms for Real_Vector types

   -- Real_Vector arithmetic operations

   function "+"   (Right : Real_Vector)       return Real_Vector;
   function "-"   (Right : Real_Vector)       return Real_Vector;
   function "abs" (Right : Real_Vector)       return Real_Vector;

   function "+"  (Left, Right : Real_Vector) return Real_Vector;
   function "-"  (Left, Right : Real_Vector) return Real_Vector;

   function "*" (Left, Right : Real_Vector) return Real'Base;

   -- Real_Vector scaling operations

   function "*" (Left : Real'Base;   Right : Real_Vector) return Real_Vector;
   function "*" (Left : Real_Vector; Right : Real'Base)   return Real_Vector;
   function "/" (Left : Real_Vector; Right : Real'Base)   return Real_Vector;

   -- Other Real_Vector operations

   function Unit_Vector (Index : Integer;
                         Order : Positive;
                         First : Integer := 1) return Real_Vector;

   -- Subprograms for Real_Matrix types

   -- Real_Matrix arithmetic operations

   function "+"       (Right : Real_Matrix) return Real_Matrix;
   function "-"       (Right : Real_Matrix) return Real_Matrix;
   function "abs"     (Right : Real_Matrix) return Real_Matrix;
   function Transpose (X     : Real_Matrix) return Real_Matrix;

   function "+" (Left, Right : Real_Matrix) return Real_Matrix;
   function "-" (Left, Right : Real_Matrix) return Real_Matrix;
   function "*" (Left, Right : Real_Matrix) return Real_Matrix;

   function "*" (Left, Right : Real_Vector) return Real_Matrix;

   function "*" (Left : Real_Vector; Right : Real_Matrix) return Real_Vector;
   function "*" (Left : Real_Matrix; Right : Real_Vector) return Real_Vector;

   -- Real_Matrix scaling operations

   function "*" (Left : Real'Base;   Right : Real_Matrix) return Real_Matrix;
   function "*" (Left : Real_Matrix; Right : Real'Base)   return Real_Matrix;
   function "/" (Left : Real_Matrix; Right : Real'Base)   return Real_Matrix;

   -- Real_Matrix inversion and related operations

   function Solve (A : Real_Matrix; X: Real_Vector) return Real_Vector;
   function Solve (A, X : Real_Matrix) return Real_Matrix;
   function Inverse (A : Real_Matrix) return Real_Matrix;
   function Determinant (A : Real_Matrix) return Real'Base;

   -- Eigenvalues and vectors of a real symmetric matrix

   function Eigenvalues(A : Real_Matrix) return Real_Vector;

   procedure Eigensystem(A       : in  Real_Matrix;
                         Values  : out Real_Vector;
                         Vectors : out Real_Matrix);

   -- Other Real_Matrix operations

   function Unit_Matrix (Order            : Positive;
                         First_1, First_2 : Integer := 1)
                                            return Real_Matrix;

end Ada.Numerics.Generic_Real_Arrays;

The library package Numerics.Real_Arrays is declared pure and defines the same types and subprograms as Numerics.Generic_Real_Arrays, except that the predefined type Float is systematically substituted for Real'Base throughout. Nongeneric equivalents for each of the other predefined floating point types are defined similarly, with the names Numerics.Short_Real_Arrays, Numerics.Long_Real_Arrays, etc.

Two types are defined and exported by Ada.Numerics.Generic_Real_Arrays. The composite type Real_Vector is provided to represent a vector with components of type Real; it is defined as an unconstrained, one-dimensional array with an index of type Integer. The composite type Real_Matrix is provided to represent a matrix with components of type Real; it is defined as an unconstrained, two-dimensional array with indices of type Integer.

The effect of the various functions is as described below. In most cases the functions are described in terms of corresponding scalar operations of the type Real; any exception raised by those operations is propagated by the array operation. Moreover, the accuracy of the result for each individual component is as defined for the scalar operation unless stated otherwise.

In the case of those operations which are defined to involve an inner product, Constraint_Error may be raised if an intermediate result is outside the range of Real'Base even though the mathematical final result would not be.

function "+"   (Right : Real_Vector) return Real_Vector;
function "-"   (Right : Real_Vector) return Real_Vector;
function "abs" (Right : Real_Vector) return Real_Vector;

Each operation returns the result of applying the corresponding operation of the type Real to each component of Right. The index range of the result is Right'Range.

function "+" (Left, Right : Real_Vector) return Real_Vector;
function "-" (Left, Right : Real_Vector) return Real_Vector;

Each operation returns the result of applying the corresponding operation of the type Real to each component of Left and the matching component of Right. The index range of the result is Left'Range. Constraint_Error is raised if Left'Length is not equal to Right'Length.

function "*" (Left, Right : Real_Vector) return Real'Base;

This operation returns the inner product of Left and Right. Constraint_Error is raised if Left'Length is not equal to Right'Length. This operation involves an inner product.

function "*" (Left : Real'Base; Right : Real_Vector) return Real_Vector;

This operation returns the result of multiplying each component of Right by the scalar Left using the "*" operation of the type Real. The index range of the result is Right'Range.

function "*" (Left : Real_Vector; Right : Real'Base) return Real_Vector;
function "/" (Left : Real_Vector; Right : Real'Base) return Real_Vector;

Each operation returns the result of applying the corresponding operation of the type Real to each component of Left and to the scalar Right. The index range of the result is Left'Range.

function Unit_Vector (Index : Integer;
                      Order : Positive;
                      First : Integer := 1) return Real_Vector;

This function returns a "unit vector" with Order components and a lower bound of First. All components are set to 0.0 except for the Index component which is set to 1.0. Constraint_Error is raised if Index < First, Index > First + Orde

International Standard ISO/IEC 8652:1995

Information technology -- Programming languages -- Ada AMENDMENT 1 (Draft 7)

Technologies de l'information -- Langages de programmation -- Ada AMENDEMENT 1

Introduction

Section 1: General

1.1.2 Structure

Section 2: Lexical Elements

2.9 Reserved Words

Section 3: Declarations and Types

3.1 Declarations

3.2 Types and Subtypes

3.2.1 Type Declarations

3.2.2 Subtype Declarations

3.2.3 Classification of Operations

3.3.1 Object Declarations

3.4 Derived Types and Classes

3.4.1 Derivation Classes

3.5.4 Integer Types

3.5.9 Fixed Point Types

3.6 Array Types

3.6.2 Operations of Array Types

3.7 Discriminants

3.7.1 Discriminant Constraints

3.8 Record Types

3.9 Tagged Types and Type Extensions

3.9.1 Type Extensions

3.9.2 Dispatching Operations of Tagged Types

3.9.3 Abstract Types and Subprograms

3.9.4 Interface Types

3.10 Access Types

3.10.1 Incomplete Type Declarations

3.10.2 Operations of Access Types

Section 4: Names and Expressions

4.1.3 Selected Components

4.2 Literals

4.3 Aggregates

4.3.1 Record Aggregates

4.3.2 Extension Aggregates

4.3.3 Array Aggregates

4.5.2 Relational Operators and Membership Tests

4.5.5 Multiplying Operators

4.6 Type Conversions

4.8 Allocators

4.9 Static Expressions and Static Subtypes

4.9.1 Statically Matching Constraints and Subtypes

Section 5: Statements

5.2 Assignment Statements

Section 6: Subprograms

6.1 Subprogram Declarations

6.3 Subprogram Bodies

6.3.1 Conformance Rules

6.4 Subprogram Calls

6.5 Return Statements

6.5.1 Pragma No_Return

6.7 Null Procedures

Section 7: Packages

7.3 Private Types and Private Extensions

7.4 Deferred Constants

7.5 Limited Types

7.6 User-Defined Assignment and Finalization

7.6.1 Completion and Finalization

Section 8: Visibility Rules

8.1 Declarative Region

8.3 Visibility

8.4 Use Clauses

8.5.1 Object Renaming Declarations

8.5.3 Package Renaming Declarations

8.5.4 Subprogram Renaming Declarations

8.6 The Context of Overload Resolution

Section 9: Tasks and Synchronization

9.1 Task Units and Task Objects

9.4 Protected Units and Protected Objects

9.6 Delay Statements, Duration, and Time

9.6.1 Formatting, Time Zones, and other operations for Time

9.7.2 Timed Entry Calls

9.7.4 Asynchronous Transfer of Control

9.8 Abort of a Task - Abort of a Sequence of Statements

9.9 Task and Entry Attributes

Section 10: Program Structure and Compilation Issues

10.1.1 Compilation Units - Library Units

Information technology -- Programming languages -- Ada
AMENDMENT 1 (Draft 7)

Technologies de l'information -- Langages de programmation -- Ada
AMENDEMENT 1