CVS difference for ai12s/ai12-0111-1.txt

Differences between 1.18 and version 1.19
Log of other versions for file ai12s/ai12-0111-1.txt

--- ai12s/ai12-0111-1.txt	2018/12/05 01:52:14	1.18
+++ ai12s/ai12-0111-1.txt	2018/12/07 07:01:27	1.19
@@ -1,4 +1,4 @@
-!standard A.18.2(97.1/3)                             18-11-20 AI12-0111-1/08
+!standard A.18.2(97.1/3)                             18-12-06 AI12-0111-1/09
 !class Amendment 16-06-06
 !status work item 14-05-15
 !status received 14-02-08
@@ -266,7 +266,7 @@
               with Implicit_Dereference => Element;
 
 34.2/3     type Reference_Type
-         (Element : not null access Element_Type) is private
+                 (Element : not null access Element_Type) is private
               with Implicit_Dereference => Element;
 
 34.3/3     function Constant_Reference (Container : aliased in Vector;
@@ -409,9 +409,14 @@
    initialization.
 
 Add in the Indefinite_Vectors section, after A.18.11(9/4):
-* A subprogram is said to /tamper with elements/ of an indefinite
-  vector object V if:
+  * The operations Replace_Element, Reverse_Elements, and Swap, and the
+    nested generic unit Generic_Sorting are omitted from the nested
+    package Stable.
+
 
+  * A subprogram is said to /tamper with elements/ of an indefinite
+    vector object V if:
+
     - it tampers with cursors of V; or
 
     - it replaces one or more elements of V, that is, it calls the
@@ -622,8 +627,8 @@
 
 In the section on Indefinite_Doubly_Linked_Lists, A.18.12, add after para 8/4:
 
-  * The operations Replace_Element and Swap are omitted from the Stable
-    subpackage.
+  * The operations Replace_Element and Swap are omitted from the nested
+    package Stable.
 
   * A subprogram is said to tamper with elements of an indefinite
     list object L if:
@@ -968,8 +973,8 @@
 
 In the section on Indefinite_Hashed_Maps, A.18.13, add after para 9/4:
 
-   * The operations Replace and Replace_Element are omitted from the Stable 
-     subpackage.
+   * The operations Replace and Replace_Element are omitted from the nested
+     package Stable.
 
    * A subprogram is said to tamper with elements of a map object M if:
      - it tampers with cursors of M; or
@@ -983,8 +988,8 @@
 
 In the section on Indefinite_Ordered_Maps, A.18.14, add after para 9/4:
 
-   * The operations Replace and Replace_Element are omitted from the Stable 
-     subpackage.
+   * The operations Replace and Replace_Element are omitted from the nested
+     package Stable.
 
    * A subprogram is said to tamper with elements of a map object M if:
      - it tampers with cursors of M; or
@@ -1033,8 +1038,7 @@
   Procedures Reserve_Capacity, Clear, Replace_Element, Move, Insert,
   Include, Replace, Exclude, Delete, Union, Intersection, Difference, and
   Symmetric_Difference are omitted, as is the nested generic package
-  Generic_Keys. Assign is included, but the Target parameter is a normal 
-  (not stable) Hashed_Set.
+  Generic_Keys.
 
 Insert code for Ordered_Sets.Stable after A.18.9(74/2):
 
@@ -1043,8 +1047,7 @@
   Procedures Reserve_Capacity, Clear, Replace_Element, Move,
   Insert, Include, Replace, Exclude, Delete, Delete_First, Delete_Last,
   Union, Intersection, Difference, and Symmetric_Difference are omitted,
-  as is the nested generic package Generic_Keys. Assign is included, but the 
-  Target parameter is a normal (not stable) Ordered_Set.
+  as is the nested generic package Generic_Keys.
 
 [Author's note: For a Set, there is no additional operations that tamper 
 with elements. We should move AARM A.18.7(14.a-b/2) into A.18.15 and A.18.16
@@ -1058,8 +1061,6 @@
   Procedures Clear, Move, Insert_Child, Append_Child,
   Prepend_Child, Delete_Leaf, Delete_Subtree, Delerte_Children,
   Copy_Subtree, Splice_Subtree, and Splice_Children are omitted.
-  Assign is included, but the 
-  Target parameter is a normal (not stable) Multiway_Tree.
 
 Insert at end of A.18.10:
 
@@ -4418,3 +4419,650 @@
 I'm already way behind...
 
 ***************************************************************
+
+From: Randy Brukardt
+Sent: Thursday, December 6, 2018  11:53 PM
+
+We made no decision on AI12-0111-1 in Lexington as several people thought the 
+specifications were too large for the value.
+
+I need to find out whether this AI is in or out so I can deal with inserting it 
+(or not), and dealing with the conflicts with AI12-0112-1 (container contracts), 
+all of which are likely to be very time-consuming. The sooner I have less
+
+I've spent 90 minutes crafting three alternative ways to present the stable 
+packages in the RM. Option 1 is essentially the presentation as it currently 
+is given in the draft AI. Option 2 is a primarily English definition. Option 3
+is the same as option 2, reversing the polarity of the English (listing 
+omitted subprograms rather than included ones).
+
+I note that option 3 is probably better that either option 1 or 2 for future 
+maintenance, as it only requires modifying the stable text if a new routine 
+that tampers with cursors/elements is added to the basic packages. Option 1 
+requires modifying the specification if a new routine that doesn't tamper is
+added (much more likely), while option 2 requires modifying the English in that
+case.
+
+There would be an additional possibility of simply identifying the routines 
+by function ("those that don't tamper with elements"), but that would vary 
+from the style of the rest of the containers packages (which always identify
+the subprograms by name), and I'd insist on the AARM note with the list 
+anyway, so I don't think that would really help any.
+
+Regardless of the option selected, I'd like to get a feel from the group on 
+note (2) at the bottom of each of these alternatives, which is whether the 
+cursor-only versions of routines ought to be included (or not) in the stable 
+packages. These have nasty contracts (which is why the container-cursor 
+versions are defined in AI12-0112-1), and I rather think of them as obsolete 
+(they can't be used in a parallel loop while checking is on, for instance). 
+As such, leaving them out of the stable packages seems like we wouldn't be 
+losing anything except perhaps a tiny bit of consistency. (It definitely 
+simplifies the wording; I didn't try to figure out the wording to include 
+them.)
+
+To be discussed at the meeting.
+
+===================
+
+Option 1 attachment
+
+===================
+
+The option currently in the RM for Ada.Containers.Vectors:
+
+Insert after A.18.2(79/2):
+
+[Author's note: Below, we have left in the original paragraph numbers
+from the Vector container because we thought they might be useful, and
+mostly because we are too lazy to remove them.]
+
+        ...  --  enclosing package Ada.Containers.Vectors
+
+        package Stable is
+
+8/3        type Vector (Base : not null access Vectors.Vector) is
+              tagged limited private
+              with Constant_Indexing => Constant_Reference,
+                   Variable_Indexing => Reference,
+                   Default_Iterator  => Iterate,
+                   Iterator_Element  => Element_Type;
+           pragma Preelaborable_Initialization(Vector);
+
+9/2        type Cursor is private;
+           pragma Preelaborable_Initialization(Cursor);
+
+10/2       Empty_Vector : constant Vector;
+
+11/2       No_Element : constant Cursor;
+
+11.1/3     function Has_Element (Position : Cursor) return Boolean;
+
+11.2/3     package Vector_Iterator_Interfaces is new
+               Ada.Iterator_Interfaces (Cursor, Has_Element);
+
+12/2       function "=" (Left, Right : Vector) return Boolean;
+
+13/2       function To_Vector (Length : Count_Type) return Vector;
+
+14/2       function To_Vector
+             (New_Item : Element_Type;
+              Length   : Count_Type) return Vector;
+
+15/2       function "&" (Left, Right : Vector) return Vector;
+
+16/2       function "&" (Left  : Vector;
+                         Right : Element_Type) return Vector;
+
+17/2       function "&" (Left  : Element_Type;
+                         Right : Vector) return Vector;
+
+18/2       function "&" (Left, Right  : Element_Type) return Vector;
+
+19/2       function Capacity (Container : Vector) return Count_Type;
+
+21/2       function Length (Container : Vector) return Count_Type;
+
+23/2       function Is_Empty (Container : Vector) return Boolean;
+
+25/2       function To_Cursor (Container : Vector;
+                               Index     : Extended_Index) return Cursor;
+
+26/2       function To_Index (Position  : Cursor) return Extended_Index;
+
+27/2       function Element (Container : Vector;
+                             Index     : Index_Type)
+              return Element_Type;
+
+28/2       function Element (Position : Cursor) return Element_Type;
+
+29/2       procedure Replace_Element (Container : in out Vector;
+                                      Index     : in     Index_Type;
+                                      New_Item  : in     Element_Type);
+
+30/2       procedure Replace_Element (Container : in out Vector;
+                                      Position  : in     Cursor;
+                                      New_item  : in     Element_Type);
+
+31/2       procedure Query_Element
+             (Container : in Vector;
+              Index     : in Index_Type;
+              Process   : not null access procedure
+                                            (Element : in Element_Type));
+
+32/2       procedure Query_Element
+             (Position : in Cursor;
+              Process  : not null access procedure (Element : in Element_Type));
+
+33/2       procedure Update_Element
+             (Container : in out Vector;
+              Index     : in     Index_Type;
+              Process   : not null access procedure
+                              (Element : in out Element_Type));
+
+34/2       procedure Update_Element
+             (Container : in out Vector;
+              Position  : in     Cursor;
+              Process   : not null access procedure
+                              (Element : in out Element_Type));
+
+34.1/3     type Constant_Reference_Type
+                 (Element : not null access constant Element_Type) is private
+              with Implicit_Dereference => Element;
+
+34.2/3     type Reference_Type
+                 (Element : not null access Element_Type) is private
+              with Implicit_Dereference => Element;
+
+34.3/3     function Constant_Reference (Container : aliased in Vector;
+                                        Index     : in Index_Type)
+              return Constant_Reference_Type;
+
+34.4/3     function Reference (Container : aliased in out Vector;
+                               Index     : in Index_Type)
+              return Reference_Type;
+
+34.5/3     function Constant_Reference (Container : aliased in Vector;
+                                        Position  : in Cursor)
+              return Constant_Reference_Type;
+
+34.6/3     function Reference (Container : aliased in out Vector;
+                               Position  : in Cursor)
+              return Reference_Type;
+
+34.7/3     procedure Assign (Target : in out Vectors.Vector;
+                             Source : in Vector);
+
+34.8/3     function Copy (Source : Vector)
+              return Vector;
+
+           function Copy (Source : Vectors.Vector)
+              return Vector;
+
+54/2       procedure Reverse_Elements (Container : in out Vector);
+
+55/2       procedure Swap (Container : in out Vector;
+                           I, J      : in     Index_Type);
+
+56/2       procedure Swap (Container : in out Vector;
+                           I, J      : in     Cursor);
+
+57/2       function First_Index (Container : Vector) return Index_Type;
+
+58/2       function First (Container : Vector) return Cursor;
+
+59/2       function First_Element (Container : Vector)
+              return Element_Type;
+
+60/2       function Last_Index (Container : Vector) return Extended_Index;
+
+61/2       function Last (Container : Vector) return Cursor;
+
+62/2       function Last_Element (Container : Vector)
+              return Element_Type;
+
+63/2       function Next (Position : Cursor) return Cursor;
+
+64/2       procedure Next (Position : in out Cursor);
+
+65/2       function Previous (Position : Cursor) return Cursor;
+
+66/2       procedure Previous (Position : in out Cursor);
+
+67/2       function Find_Index (Container : Vector;
+                                Item      : Element_Type;
+                                Index     : Index_Type := Index_Type'First)
+              return Extended_Index;
+
+68/2       function Find (Container : Vector;
+                          Item      : Element_Type;
+                          Position  : Cursor := No_Element)
+              return Cursor;
+
+69/2       function Reverse_Find_Index (Container : Vector;
+                                        Item      : Element_Type;
+                                        Index     : Index_Type := Index_Type'Last)
+              return Extended_Index;
+
+70/2       function Reverse_Find (Container : Vector;
+                                  Item      : Element_Type;
+                                  Position  : Cursor := No_Element)
+              return Cursor;
+
+71/2       function Contains (Container : Vector;
+                              Item      : Element_Type) return Boolean;
+
+73/2       procedure  Iterate
+             (Container : in Vector;
+              Process   : not null access procedure (Position : in Cursor));
+
+74/2       procedure Reverse_Iterate
+             (Container : in Vector;
+              Process   : not null access procedure (Position : in Cursor));
+
+74.1/3     function Iterate (Container : in Vector)
+              return Vector_Iterator_Interfaces.Reversible_Iterator'Class;
+
+74.2/3     function Iterate (Container : in Vector; Start : in Cursor)
+              return Vector_Iterator_Interfaces.Reversible_Iterator'Class;
+
+75/2       generic
+              with function "<" (Left, Right : Element_Type)
+                 return Boolean is <>;
+           package Generic_Sorting is
+
+76/2          function Is_Sorted (Container : Vector) return Boolean;
+
+77/2          procedure Sort (Container : in out Vector);
+
+79/2       end Generic_Sorting;
+
+80/2    private
+
+81/2       ... -- not specified by the language
+
+82/2    end Stable;
+
+
+Insert the following at the end of A.18.2:
+
+   The nested package Vectors.Stable
+   provides a type Stable.Vector that represents
+   a /stable/ vector, which is one that cannot grow and shrink.  Such a
+   vector can be created by calling the To_Vector or Copy functions, or
+   by establishing a /stabilized view/ of a regular Vector.
+
+   The operations of this package are equivalent to those for regular
+   Vectors, except that no tampering checks are performed on stable 
+   Vectors. If a stable
+   vector is declared with the Base discriminant designating a
+   pre-existing regular vector, the stable vector represents a
+   stabilized view of the underlying regular vector, and any operation
+   on the stable vector is reflected on the underlying regular vector.
+   While a stabilized view exists, any operation that tampers with
+   elements performed on the underlying vector is prohibited. The
+   finalization of a stable vector that provides such a view removes
+   this restriction on the underlying regular vector Redundant[(though
+   some other restriction might exist due to other concurrent iterations
+   or stabilized views)].
+
+   If a stable vector is declared without specifying Base, the object must
+   be initialized. The initializing expression of
+   the stable vector, Redundant[typically a call on To_Vector or
+   Copy], determines the Length of the vector. By default the Length
+   is zero. The Length of a stable vector never changes after
+   initialization.
+
+----- end of option.
+
+(1) If AI12-0112-1 is adopted,
+* the text ", except that no tampering checks are performed on stable 
+  Vectors" will be deleted.
+* All of the routines in this package will need contracts added; the
+  package itself might also need a contract.
+* The additional routines defined for type Vector in the base package
+  will need to be added to the stable package.
+* The preconditions of the routines defined in the stable package would be
+  modified from the version in the main package by omitting the following 
+  subexpressions:
+	(if Tampering_With_Elements_Prohibited (Container)
+                then raise Program_Error)
+and
+        (if Tampering_With_Cursors_Prohibited (Container)
+                then raise Program_Error)
+
+I'd intend to do that in AI12-0112-1, not here.
+
+(2) We ought to consider omitting the cursor-only operations from the stable 
+packages. Assuming that AI12-0112-1 is approved, they would be available in
+both (Vector, Cursor) and (Cursor) forms. The Cursor forms necessarily
+have to access global vectors as the container is not a parameter; this
+makes the contract unusable for parallel constructs. (They also can't be
+used in prefix notation.) As such, it's probably best to consider these as 
+obsolete. we could drop all of the following:
+
+   function To_Index (Position  : Cursor) return Extended_Index;
+   
+   function Element (Position : Cursor) return Element_Type;
+
+   function Next (Position : Cursor) return Cursor;
+
+   procedure Next (Position : in out Cursor);
+
+   function Previous (Position : Cursor) return Cursor;
+
+   procedure Previous (Position : in out Cursor);
+
+
+=========================
+
+Option 2 attachment
+
+=========================
+
+This option uses English to describe the routines that take and return Vectors 
+in the stable subpackage. We include the type declarations and the unique
+subprograms with normal specifications. Note that there is no similar,
+partially specified package in the Standard, so there is no model to follow.
+
+Insert after A.18.2(79/2):
+
+        ...  --  enclosing package Ada.Containers.Vectors
+
+        package Stable is
+
+           type Vector (Base : not null access Vectors.Vector) is
+              tagged limited private
+              with Constant_Indexing => Constant_Reference,
+                   Variable_Indexing => Reference,
+                   Default_Iterator  => Iterate,
+                   Iterator_Element  => Element_Type;
+           pragma Preelaborable_Initialization(Vector);
+
+           type Cursor is private;
+           pragma Preelaborable_Initialization(Cursor);
+
+           Empty_Vector : constant Vector;
+
+           No_Element : constant Cursor;
+
+           function Has_Element (Position : Cursor) return Boolean;
+
+           package Vector_Iterator_Interfaces is new
+               Ada.Iterator_Interfaces (Cursor, Has_Element);
+
+           procedure Assign (Target : in out Vectors.Vector;
+                             Source : in Vector);
+
+           function Copy (Source : Vectors.Vector) return Vector;
+
+           type Constant_Reference_Type
+                 (Element : not null access constant Element_Type) is private
+              with Implicit_Dereference => Element;
+
+           type Reference_Type
+                 (Element : not null access Element_Type) is private
+              with Implicit_Dereference => Element;
+
+           -- Additional subprograms as described in the text are declared 
+           -- here.
+
+80/2    private
+
+81/2       ... -- not specified by the language
+
+82/2    end Stable;
+
+
+Insert the following at the end of A.18.2:
+
+   The nested package Vectors.Stable
+   provides a type Stable.Vector that represents
+   a /stable/ vector, which is one that cannot grow and shrink.  Such a
+   vector can be created by calling the To_Vector or Copy functions, or
+   by establishing a /stabilized view/ of a regular Vector.
+
+   The following subprograms of package Containers.Vectors that have a
+   parameter or result of type Vector are included in the nested package
+   Stable with the same specification:
+       "=", To_Vector, "&", Capacity, Length, Is_Empty, To_Cursor,
+       To_Index, Element, Replace_Element, Query_Element, Update_Element,
+       Constant_Reference, Reference, Copy, Reverse_Elements. Swap,
+       First_Index, First, First_Element, Last_Index, Last, Last_Element,
+       Next, Previous, Find_Index, Find, Reverse_Find_Index, Reverse_Find,
+       Contains, Iterate, and Reverse_Iterate.
+   Generic package Generic_Sorting is also included with the same 
+   specification.
+
+     AARM Ramification: The names Vector and Cursor mean the types
+     declared in the nested package in these subprogram specifications.
+
+     AARM Reason: The included routines are those that do not tamper with 
+     elements. The model is that it is impossible to tamper with elements of 
+     a stable view since no such operations are included. Thus tampering 
+     checks are not needed for a stable view.
+
+   The operations of this package are equivalent to those for regular
+   Vectors, except that no tampering checks are performed on stable 
+   Vectors. If a stable
+   vector is declared with the Base discriminant designating a
+   pre-existing regular vector, the stable vector represents a
+   stabilized view of the underlying regular vector, and any operation
+   on the stable vector is reflected on the underlying regular vector.
+   While a stabilized view exists, any operation that tampers with
+   elements performed on the underlying vector is prohibited. The
+   finalization of a stable vector that provides such a view removes
+   this restriction on the underlying regular vector Redundant[(though
+   some other restriction might exist due to other concurrent iterations
+   or stabilized views)].
+
+   If a stable vector is declared without specifying Base, the object must
+   be initialized. The initializing expression of
+   the stable vector, Redundant[typically a call on To_Vector or
+   Copy], determines the Length of the vector. By default the Length
+   is zero. The Length of a stable vector never changes after
+   initialization.
+
+----- end of option.
+
+(1) If AI12-0112-1 is adopted:
+
+* All of the routines in this package will need contracts added; the
+  package itself might also need a contract.
+* The additional routines defined for type Vector in the base package
+  will need to be added to the stable package.
+* The text "The operations of this package are equivalent to those for regular
+Vectors, except that no tampering checks are performed on stable 
+Vectors." would be replaced by (assuming AI12-0112-1 is adopted):
+
+The operations of this package are equivalent to those for regular
+Vectors, except that the following subexpressions are omitted from the
+preconditions:
+	(if Tampering_With_Elements_Prohibited (Container)
+                then raise Program_Error)
+and
+        (if Tampering_With_Cursors_Prohibited (Container)
+                then raise Program_Error)
+
+I'd intend to do that in AI12-0112-1, not here.
+
+(2) I've omitted the cursor-only operations from the stable forms.
+Assuming that AI12-0112-1 is approved, they would be available in
+both (Vector, Cursor) and (Cursor) forms. The Cursor forms necessarily
+have to access global vectors as the container is not a parameter; this
+makes the contract unusable for parallel constructs. As such, it's probably
+best to consider these as obsolete. If we want them anyway, we'd need to
+add the following to the Stable package, or add some additional English
+wording to get them:
+
+   function To_Index (Position  : Cursor) return Extended_Index;
+   
+   function Element (Position : Cursor) return Element_Type;
+
+   function Next (Position : Cursor) return Cursor;
+
+   procedure Next (Position : in out Cursor);
+
+   function Previous (Position : Cursor) return Cursor;
+
+   procedure Previous (Position : in out Cursor);
+
+(3) Assign should be omitted from the stable package of all forms whether 
+or not it is considered tampering with elements. (But I think all forms 
+do tamper with elements.)
+
+=========================
+
+Option 3 attachment
+
+=========================
+
+This option uses English to describe the routines that take and return Vectors 
+in the stable subpackage. We include the type declarations and the unique
+subprograms with normal specifications. Note that there is no similar,
+partially specified package in the Standard, so there is no model to follow.
+This version describes the routines that are *not* included in the package.
+
+Insert after A.18.2(79/2):
+
+        ...  --  enclosing package Ada.Containers.Vectors
+
+        package Stable is
+
+           type Vector (Base : not null access Vectors.Vector) is
+              tagged limited private
+              with Constant_Indexing => Constant_Reference,
+                   Variable_Indexing => Reference,
+                   Default_Iterator  => Iterate,
+                   Iterator_Element  => Element_Type;
+           pragma Preelaborable_Initialization(Vector);
+
+           type Cursor is private;
+           pragma Preelaborable_Initialization(Cursor);
+
+           Empty_Vector : constant Vector;
+
+           No_Element : constant Cursor;
+
+           function Has_Element (Position : Cursor) return Boolean;
+
+           package Vector_Iterator_Interfaces is new
+               Ada.Iterator_Interfaces (Cursor, Has_Element);
+
+           procedure Assign (Target : in out Vectors.Vector;
+                             Source : in Vector);
+
+           function Copy (Source : Vectors.Vector) return Vector;
+
+           type Constant_Reference_Type
+                 (Element : not null access constant Element_Type) is private
+              with Implicit_Dereference => Element;
+
+           type Reference_Type
+                 (Element : not null access Element_Type) is private
+              with Implicit_Dereference => Element;
+
+           -- Additional subprograms as described in the text are declared 
+           -- here.
+
+80/2    private
+
+81/2       ... -- not specified by the language
+
+82/2    end Stable;
+
+
+Insert the following at the end of A.18.2:
+
+   The nested package Vectors.Stable
+   provides a type Stable.Vector that represents
+   a /stable/ vector, which is one that cannot grow and shrink.  Such a
+   vector can be created by calling the To_Vector or Copy functions, or
+   by establishing a /stabilized view/ of a regular Vector.
+
+   The subprograms of package Containers.Vectors that have a parameter 
+   or result of type Vector are included in the nested package Stable 
+   with the same specification, except for the following:
+      Assign, Move, Insert, Insert_Space, Clear, Delete, and Set_Length
+   Generic package Generic_Sorting is also included with the same 
+   specification.
+
+     AARM Ramification: The names Vector and Cursor mean the types
+     declared in the nested package in these subprogram specifications.
+
+     AARM Reason: The omitted routines are those that tamper with elements.
+     The model is that it is impossible to tamper with elements of a stable
+     view since no such operations are included. Thus tampering checks are
+     not needed for a stable view.
+
+   The operations of this package are equivalent to those for regular
+   Vectors, except that no tampering checks are performed on stable 
+   Vectors. If a stable
+   vector is declared with the Base discriminant designating a
+   pre-existing regular vector, the stable vector represents a
+   stabilized view of the underlying regular vector, and any operation
+   on the stable vector is reflected on the underlying regular vector.
+   While a stabilized view exists, any operation that tampers with
+   elements performed on the underlying vector is prohibited. The
+   finalization of a stable vector that provides such a view removes
+   this restriction on the underlying regular vector Redundant[(though
+   some other restriction might exist due to other concurrent iterations
+   or stabilized views)].
+
+   If a stable vector is declared without specifying Base, the object must
+   be initialized. The initializing expression of
+   the stable vector, Redundant[typically a call on To_Vector or
+   Copy], determines the Length of the vector. By default the Length
+   is zero. The Length of a stable vector never changes after
+   initialization.
+
+----- end of option.
+
+(1) If AI12-0112-1 is adopted:
+
+* All of the routines in this package will need contracts added; the
+  package itself might also need a contract.
+* The additional routines defined for type Vector in the base package
+  will need to be added to the stable package.
+* The text "The operations of this package are equivalent to those for regular
+Vectors, except that no tampering checks are performed on stable 
+Vectors." would be replaced by (assuming AI12-0112-1 is adopted):
+
+The operations of this package are equivalent to those for regular
+Vectors, except that the following subexpressions are omitted from the
+preconditions:
+	(if Tampering_With_Elements_Prohibited (Container)
+                then raise Program_Error)
+and
+        (if Tampering_With_Cursors_Prohibited (Container)
+                then raise Program_Error)
+
+I'd intend to do that in AI12-0112-1, not here.
+
+(2) I've omitted the cursor-only operations from the stable forms.
+Assuming that AI12-0112-1 is approved, they would be available in
+both (Vector, Cursor) and (Cursor) forms. The Cursor forms necessarily
+have to access global vectors as the container is not a parameter; this
+makes the contract unusable for parallel constructs. As such, it's probably
+best to consider these as obsolete. If we want them anyway, we'd need to
+add the following to the Stable package, or add some additional English
+wording to get them:
+
+   function To_Index (Position  : Cursor) return Extended_Index;
+   
+   function Element (Position : Cursor) return Element_Type;
+
+   function Next (Position : Cursor) return Cursor;
+
+   procedure Next (Position : in out Cursor);
+
+   function Previous (Position : Cursor) return Cursor;
+
+   procedure Previous (Position : in out Cursor);
+
+(3) Assign should be omitted from the stable package of all forms whether 
+or not it is considered tampering with elements. (But I think all forms 
+do tamper with elements.)
+
+
+***************************************************************
+

Questions? Ask the ACAA Technical Agent