Version 1.13 of ais/ai-20302.txt

Report of the ARG Select Committee on Containers
February 3, 2004


Executive Summary

The committee selected the second proposal as a starting point for a
standard containers library, with a number of simple changes. The
changes were simple enough that we produced a version of the library with
the changes made (AI-00302-3/01).

The resulting proposal is not much larger than the Vector and Matrix
libraries already adopted for the standard. It also should be a good seed
for a more encompassing secondary standard.

Therefore, we recommend that the ARG adopt this alternative for the standard.

     By the ARG Select Committee on Containers:

           Randy Brukardt
           Bob Duff
           Tucker Taft

Full Report

Goals

A core library of containers is an important addition to Ada. Other competitive
programming languages include standard sets of containers, and these are
widely used. Users often note that a standard set of containers is a missing
piece of Ada. In addition, adding such containers to the standard is not
a large burden on implementers.

However, the resources available for work on the standard preclude adding a
large container library to the standard. If the library is too large, it will
be insufficiently reviewed, and that has the danger of providing something
useless.

Therefore, the committee settled on a limited set of goals:
   (1) To provide a number of the most useful containers to Ada users in
       a standard fashion;
   (2) To provide a framework for future work in this area (hopefully leading
       to a secondary or de-facto standard).

We considered other goals as well. Performance issues were deemed of secondary
importance. Most uses of containers (indeed, most software) do not have
critical performance requirements. To provide a library with the variety of
components needed to meet critical requirements (bounded and unbounded forms,
array and list implementations, etc.) would be beyond the resources available
to work on the standard. Moreover, the existence of many components actually
makes construction of simple applications harder: the programmer has to choose
a component based on performance considerations that are simply irrelevant for
the application.

Evaluation of existing proposals

We determined that the most important containers are the following:
    * extensible "vectors" (like an array, indexed by any discrete type);
    * (hashed) "maps" (or "hash table", with arbitrary keys);
    * (sorted) "sets" (set of arbitrary items).
The names "map", "set", and "vector" are those used in the Java containers.

We evaluated the two proposals for their support of these components.

Alternative 1 (AI-302-1/07) contains a number of low level data structure
components such as Lists, Bags, Queues, etc. These can be used to create
"vector", "map", and "set" containers, but the containers themselves are
absent. Moreover, most of these components are relatively easy to create
when needed.

Alternative 2 (AI-302-2/02) contains mainly five containers: vector, list,
map, set, and multiset. These include the abstractions mentioned above. We
also determined that the basic design was consistent and sound.

Therefore, we discarded alternative 1, and concentrated on improving and
simplifying alternative 2.

We decided the sorts of changes that we would consider. The great value to
having containers in the standard is that they are standard: everybody has
them and can use them. Perfection is not required of the standard components.
Moreover, what is one person's "improvement" is another's "mistake". In
addition, we run the risk of introducing real errors by further fiddling.

Therefore, we decided to simplify the interfaces by deleting unnecessary
capabilities, by systematic substitutions, and by introducing missing
capabilities (along with general wordsmithing). In particular, we avoided
changing existing interfaces unless there was a clear error.

The specific improvements and simplifications are detailed in the Appendix.

Performance issues

For the purposes of components in the standard, the precise performance of them
is not important. Whatever the performance is will be good enough for the vast
majority of uses - in prototyping, quick and dirty programs, and the majority
of programs that aren't performance critical. Therefore, we provide only a
single version of each component. We don't, for instance, provide both Vectors
and Lists, which are really the same abstraction with the different performance
characteristics.

However, it is important that the performance characteristics of the components
be specified. That is, if searches are expected to be no worse than O(N), we
need to say that. That's because we want programs using the components to be
portable. That wouldn't be true for programs using components with large
numbers of items if the performance characteristics vary widely between
implementations. Consider a Vector component. It could in theory be implemented
with an array or with a linked list. The cost of an arbitrary insertion is O(N)
for the array implementation and O(1) for the list implementation. If a program
using a large vector is moved from a list implementation to an array
implementation, the performance change could be so large as to make the program
non-functional. That is unacceptable, so we specify minimum performance
characteristics. But those characteristics are not intended to specify a
particular implementation, only to insure that some characteristics can be
relied upon.

Therefore, the containers library needs to suggest some performance
characteristics. We believe Implementation Advice is best for this purpose,
as we don't have to be as precise in the language defining the characteristics,
and implementations are required to document deviations from the given
advice.

Appendix

Detailed changes made to the Alternative 2 proposal

The Unchecked_Modification packages were dropped. These are just a hack to
avoid copying keys - a solely performance-based concern. Other stuff does
not logically belong in keys, and modifying the key value itself it a disaster
waiting to happen.

The Vector, List, and Multiset abstractions are essentially the same
abstraction with differences in performance and details. When performance
is not critical, only one is needed.

The package structure has many levels of empty packages for organization.
These are unnecessary when there are only a few packages. Moreover, related
packages can be given similar names (i.e. "Bounded_Set", "Protected_Vector"),
which provides all of the organization needed. The extra empty packages
were eliminated. Similarly, "Unbounded" was dropped; these are the most
general forms, and should be the ones used for general-purpose programming.
Other forms (in a secondary standard) would be more specialized.

We discussed dropping the special string maps. We eventually decided to keep
them, because string maps are common, and a Map cannot be instantiated with
"String" (the key type must be definite).

We also discussed whether Sets should be sorted. We concluded that the extra
cost of sorted insertions is fairly small, and thus there is little advantage
to using unsorted sets other than when performance is critical (which again
is not the purpose of the standard). We did, however, name the package
"Sorted_Sets" so that a basic unsorted set could be provided in a secondary
standard without contorted naming.

We added a modular Hash_Type to Ada.Containers. The choice of Integer'Base is
a horrible one on compilers that use 16-bit Integer (as allowed by the
standard), and in any case, the hashing type should be modular.

The string hash and comparison functions were moved to be part of the
Ada.Strings hierarchy. It would be a bad idea to have the hash functions
of all types gathered in one place (in the containers library).

Unbounded string hash and comparison functions were added.

We changed the type names to the more descriptive "Vector_Type", "Map_Type",
and "Set_Type". These are much better for users who use Use clauses. The
argument that having a common name makes it easier to change between containers
is mostly irrelevant: changing between the provided containers is going to be
rare. Moreover, qualifying "Container_Type" (that is, "Vector.Container_Type")
would be necessary in any unit with more than one container -- eliminating any
advantage for using the same name.

The proposal confused the meaning of "iterator", using it both for the
code that visits each element of a container (the conventional meaning) and
the "handle" or "cursor" used to access an element of a container. We decided
to use "cursor" for the second meaning to make the interfaces clearer.

We added a sort routine to Vector. For some reason, this was only present
in the (removed) List abstraction. Having a simple sort available can
simplify many programming problems.

We added legality rules that these packages must be instantiated at the
library level. The requirement that these packages do not
leak memory (like Ada.Strings.Unbounded) imply that they are implemented with
controlled types (or something like controlled types). We do not want to
implicitly require implementers to support nested controlled types without
making that support available to users. (If AI-344 or AC-50 were adopted, we
could drop these rules.)

The proposal was completely missing definitions for the string hash and
compare functions.

Performance requirements were moved from the !proposal into Implementation
Advice. As much as possible, mention of specific implementation strategies
was moved into AARM notes following that Advice. (We're not going to specify
red-black trees!).

An Assert pragma was added to the Vector package to prevent instantiation with
a type for which Index_Type'Base'First = Index_Type'First. For such a type,
the initial value of Last and the value of Front must necessarily raise
Constraint_Error. It's better to fail an assertion immediately, rather than
during some later operation.

The Map container in the proposal is far too specific to a particular
implementation. It exposes that implementation in the interface, and as a
result makes iteration operations harder. That seems like a bad choice for
a simple abstraction; it's fine to suggest an implementation, but bad to
make it part of the interface. We therefore simplified the interface and the
description. (We consulted with the author of the proposal on this and other
changes.)

****************************************************************

From: Marius Amado Alves
Sent: Wednesday, February 4, 2004  5:13 AM

>Report of the ARG Select Committee on Containers
>February 3, 2004
>...

Sorry for my poor knowledge of ARG procedure.
Does this step mean the library is secured for Ada 2005?
Thanks.

****************************************************************

From: Martin Dowie
Sent: Wednesday, February 4, 2004  5:30 AM

> Sorry for my poor knowledge of ARG procedure.
> Does this step mean the library is secured for Ada 2005?
> Thanks.

Nope - it's still a "Work Item", see:

http://www.ada-auth.org/cgi-bin/cvsweb.cgi/AIs/AI-20302.TXT?rev=1.1



Also, in the text of the AI :-

with Ada.Containers;
package Ada.Strings.Case_Insensitive is
    pragma Pure (Case_Insensitive);

    function "=" (Left, Right : String) return Boolean;
    function "/=" (Left, Right : String) return Boolean;
             ^^^^
Guess this wasn't really meant.

****************************************************************

From: Martin Dowie
Sent: Wednesday, February 4, 2004  8:11 AM

1) Couple of typos in package Ada.Containers.Maps

     generic
        with procedure Process (Cursor : in Cursor_Type) is <>;
     procedure Generic_Iteration (Map : in Map_Type);

     - description refers to 'Generic_Cursor'

     function Length (Map : Map_Type) return Natural;

     - description refers to 'Container' when it should be 'Map'

2) For routines like 'Generic_Iteration' shouldn't the 'Process'
   generic subprogram parameter not have a 'Stop : out Boolean'
   parameter? To allow early exit of the iteration, without
   having to raise exceptions?

****************************************************************

From: Martin Dowie
Sent: Wednesday, February 4, 2004  8:21 AM

Is package Ada.Containers.Maps.Strings[ACMS] really what is
intended, as Ada.Containers.Maps[ACM] is generic this means
to use ACMS a user must first instantiate ACM and then
instantiate ACMS.

Charles didn't suffer from this problem as Unbounded maps (~ACM)
and String Maps (~ACMS) were siblings not parent/child.

****************************************************************

From: Matthew Heaney
Sent: Wednesday, February 4, 2004  8:57 AM

>2) For routines like 'Generic_Iteration' shouldn't the 'Process'
>   generic subprogram parameter not have a 'Stop : out Boolean'
>   parameter? To allow early exit of the iteration, without
>   having to raise exceptions?

Just use an active iterator.

****************************************************************

From: Matthew Heaney
Sent: Wednesday, February 4, 2004  9:52 AM

Note that that's not really the correct mode anyway: it should be inout,
not just out, like this:

   generic
      with procedure Process
         (Cursor : in     Cursor_Type;
           Done   : in out Boolean) is <>;
   procedure Generic_Iteration (Map : in out Map_Type);

The problem with just out-mode is that you always have to give the
parameter a value.  But this is wrong, since you shouldn't be compelled
to say anything if you merely want to continue.  You should only have
say something when you want to stop.

If you only want to visit some of the items, then just use an active
iterator, and exit the loop when you need to:

   declare
      I : Cursor_Type := First (M);
      J : constant Cursor_Type := Back (M);
   begin
      while I /= J loop
         declare
            E : Element_Type := Element (I);
         begin
            --do something with E
            exit when Predicate (E);
         end;

          Increment (I);
      end loop;
   end;

****************************************************************

From: Martin Dowie
Sent: Wednesday, February 4, 2004  10:06 AM


[snip]
> If you only want to visit some of the items, then just use an active
> iterator, and exit the loop when you need to:
[snip]

I could but wasn't part of the purpose of the library to allow us to
do common things more easily? And I'd have to say I'd use a 'Quit'
version a _lot_ more than the current process everything,
every time one.

I'd be delighted if both versions could be included! :-)

****************************************************************

From: Matthew Heaney
Sent: Wednesday, February 4, 2004  11:16 AM

Dowie, Martin (UK) wrote:
> I could but wasn't part of the purpose of the library to allow us to
> do common things more easily? And I'd have to say I'd use a 'Quit'
> version a _lot_ more than the current process everything,
> every time one.

It would be helpful if you could be specific about what kind of
container you were using.

The vector has neither active nor passive iterators, which means that
for a vector you have to use a loop anyway.

For the hashed map, I would find it very odd if you needed to traverse
only some of its elements, since elements are stored in hash order.
What would be the nature of the predicate?

The sorted set is the borderline case.

****************************************************************

From: Peter Hermann
Sent: Wednesday, February 4, 2004  5:57 AM

> package Ada.Strings.Case_Insensitive is

indeed useful.
expected to be overloaded for fixed and (un)bounded strings.

****************************************************************

From: Matthew Heaney
Sent: Wednesday, February 4, 2004  9:02 AM

>Is package Ada.Containers.Maps.Strings[ACMS] really what is
>intended, as Ada.Containers.Maps[ACM] is generic this means
>to use ACMS a user must first instantiate ACM and then
>instantiate ACMS.

That's definitely a bug in the report.  The string-key map is not a
child of a generic.  Maybe we should do this:

package Ada.Containers.Maps
package Ada.Containers.String_Maps

****************************************************************

From: Marius Amado Alves
Sent: Wednesday, February 4, 2004  9:07 AM

Yes, please change that. There is a steady requirement that a single
instantiation must be enough to get a container.

****************************************************************

From: Pascal Obry
Sent: Wednesday, February 4, 2004 10:10 AM

> The problem with just out-mode is that you always have to give the
> parameter a value.  But this is wrong, since you shouldn't be compelled
> to say anything if you merely want to continue.  You should only have
> say something when you want to stop.

Agreed, this is the way iterators are designed in the POSIX 1003.5 standard
for example.

****************************************************************

From: Marius Amado Alves
Sent: Wednesday, February 4, 2004  9:02 AM

> 2) For routines like 'Generic_Iteration' shouldn't the 'Process'
>    generic subprogram parameter not have a 'Stop : out Boolean'
>    parameter? To allow early exit of the iteration, without
>    having to raise exceptions?

Indeed some people ban the use of exceptions for control flow. I guess they
are not a majority in the committee. Fortunately ;-)

/* However to take the exception route the exception should be defined.
(Exit/Terminate_Immediately, _Now, _Prematurely?) Or a specification be made
of what exceptions the iterator is guaranteed to propagate. Simply "all"
would do. Maybe this is already there. I'm sorry, I didn't had time to read
the AI fully yet. */

****************************************************************

From: Randy Brukardt
Sent: Wednesday, February 4, 2004  8:55 PM

Marius Amado Alves wrote:

> Sorry for my poor knowledge of ARG procedure.
> Does this step mean the library is secured for Ada 2005?

What it means is that the study committee has issued a report. No more, and
no less. I would hope that we know more after the March ARG meeting, but
there is no guarantee that we'll work on it (we never seem to get to
everything on the agenda - we didn't work on AI-351, Time Ops in San Diego,
for instance).

Primarily, we just "cleaned up" Matt Heaney's proposal. We didn't change (as
opposed to remove) functionality, with the exception of the Map container
(where we reverted to a design more like the one Charles actually uses -
with Matt's input). So the vast majority of design decisions are Matt's --
we'd prefer to avoid design-by-committee.

Martin Dowie wrote:

> Is package Ada.Containers.Maps.Strings[ACMS] really what is
> intended, as Ada.Containers.Maps[ACM] is generic this means
> to use ACMS a user must first instantiate ACM and then
> instantiate ACMS.

Nope, that's clearly a bug. String_Maps ought to be usable by itself (it
doesn't depend on the other package at all). (And this one is my fault, for
not noticing the effect of the change.)

And later, replying to Matt:

>[snip]
>> If you only want to visit some of the items, then just use an active
>> iterator, and exit the loop when you need to:
>[snip]

>I could but wasn't part of the purpose of the library to allow us to
>do common things more easily? And I'd have to say I'd use a 'Quit'
>version a _lot_ more than the current process everything,
>every time one.

My understanding of Matt's design is that you use the passive iterator when
you want to process everything (which is by far the most common), and you
use an active iterator when you want to process part of the items. You might
use an exception to terminate iteration in an error case, but not if you
intended only to process part of the items. (Of course, there is no law
requiring that, so YMMV!)

I hadn't noticed that there is no passive iterator for vectors until Matt
pointed it out last night (about 20 minutes before we released the report!).
Consistency would suggest that there should be one, but note that it is
easier to write an active iterator for a vector than it is to  write a
passive one:

    for I in First(Vect) .. Last(Vect) loop
        -- Do whatever.
    end loop;

versus

    declare
       procedure Process (I : in Index_Subtype) is
       begin
           -- Do whatever.
       end Process;
       procedure Do_It_All is new Generic_Iterator (Process);
    begin
       Do_It_All (Vect);
    end;

Besides being longer and harder to read, you have to know or look up the
index subtype for the vector in order to write this. So we reached no
conclusion about that in the 20 minutes we had to think about it.

Marius Amado Alves wrote:

> /* However to take the exception route the exception should be defined.
> (Exit/Terminate_Immediately, _Now, _Prematurely?) Or a specification be
made
> of what exceptions the iterator is guaranteed to propagate. Simply "all"
> would do. Maybe this is already there. I'm sorry, I didn't had time to
read
> the AI fully yet. */

The wording for Generic_Iteration for a Map says:

Generic_Iteration calls Process with a cursor that designates each
node in the Map. Any exceptions raised during Process are propagated.

So it's covered. This is important, because it means that the implementation
must be able to clean itself up (if any is needed) when an exception
propagates - it can't leave the Map in an unstable state.

****************************************************************

From: Jeffrey Carter
Sent: Wednesday, February 4, 2004  8:53 PM

AI-302-03 asks

> Anybody got better wording [for the quality of the String hashing
> function]? Matt was nice enough to ignore these definitions
> completely!

See

P. K. Pearson, "Fast Hashing of Variable-Length Text Strings," Comm.
ACM, 1990 Jun

It describes a "hashing function specifically tailored to
variable-length text strings." It says that "similar strings are not
likely to collide." (An implementation can be found in
PragmARC.Hash_Fast_Variable_Length.) Perhaps you might think this last
quote is "better wording".

The actual algorithm produces 8-bit hash values, which may no longer be
considered adequate, given

> Hash_Type'Modulus shall be at least as large as the smaller of
> System.Max_Binary_Modulus and 2**32.

I have some comments on the proposal:

The proposal has a structure called a "Vector" which is actually a list,
which is a sequence that allows insertions and deletions at any point.
"Vector" refers to a mathematical concept related to matrices to most
software engineers. It may be that the STL refers to lists as vectors,
but I hope we do not have to follow C++'s mistakes.

Further, the proposal requires an inefficient array implementation, and
several of the operations refer to this implementation. I think this is
a mistake. Specify an general, unbounded list and let the implementor
choose the implementation (which could be an array). As the proposal
points out, correctly implementing a general list is not trivial, so it
makes sense for a standard library to provide a list.

Maps and sets also specify a specific implementation.

If the intention is to have an extensible array structure, then I
suggest that they be called Extensible_Arrays.

Vector should have an iterator, in addition to allowing the user to
explicitly iterate over the structure.

> Open issue: This function returns a value that doesn't depend on it's
>  parameter. It possibility could be removed in favor of just saying
> Index_Type'Pred(Index_Type'First) appropriately. Committee discussion
>  with the original proposal's author was inconclusive.

I'd say that it should be a constant, not a function. The same seems to
hold for First.

Given that Back is defined as Index_Type'Succ (Last (Vector) ), and Last
(Vector) could be Index_Type'Last, there seems to be a problem. There
should be an assertion that Index_Type'Base'Last > Index_Type'Last.

All the problems with Index_Type disappear with a general list, which
would use a cursor.

I would propose that the sort algorithm be made available to users for
normal array types as well as for vectors. That would involve putting it
in its own library unit and refering to that unit in Vectors.

The Map structure is required to be implemented with a hash table. If
we're going to have such a requirement, it should at least be named
Hashed_Maps.

An important thing about maps is that they provide fast searching,
typically based on a lower-level structure such as a hash table or
balanced tree. Such structures have uses of their own in addition to
creating maps, and independent of the key/value concept of a map. For
example, an application may collect a number of values and then need to
quickly determine if a value is in that collection, and a searchable
structure with a Get_First operation can be used for a priority queue.
None of these applications use key/value pairs. Therefore, I think it's
important to provide the underlying searchable structure to users.
(Indeed, given the ease with which a user can wrap a key/value pair in a
record, define comparison operations for that record that only use the
key part, and create a map structure, given the existence of a
searchable structure, it could be argued, since the proposal states that
easily implemented structures should not be part of the library, that
the library should only supply searchable structures, and not maps.)

Do we really need Maps.[Wide_]Strings, given that an Unbounded_String
can be used for the key type, and that this library should not be used
for applications in which the use of Unbounded_Strings is not acceptable?

The Sets package is mostly incomprehensible. Sets deal with elements,
and operations must include testing if an element is in a set, creating
a set from a list of elements (set "literals"), and set union,
intersection, difference, and symmetric difference. Except for the
membership test, these are missing from the package, so I don't see what
it has to do with sets. It appears to be a searchable structure, not a
set. This is corroborated by the package Generic_Keys, which allows the
structure to be used as a map.

The discussion of the package begins by talking about nodes, which is an
undefined term. The reader has no idea what it has to do with the
package, which is not specified in terms of nodes.

"Sans" is a French word. Since the ARM is in English, we should use the
English "without" instead. "No" might also be acceptable.

I'd like to thank the select committee for their work. No library will
completely please everyone. I will welcome any standard container
library in Ada 0X.

****************************************************************

From: Tucker Taft
Sent: Wednesday, February 4, 2004  9:24 PM

The term "vector" for extensible array is used in Java
as well.  I think we should strive to use terminology
that has become widely used in the programming community.

I personally consider an extensible array (i.e. a vector) a useful and
important standard container.  I don't feel the same way about a linked
list, because it is so easy to implement what you want, and there
are so many options when it comes to how to link the objects
together that having a standard container for that hardly
seems worthwhile (IMHO).

So we settled on Vector, Map, and Set as three basic yet
important abstractions that will help lift the level of
programming above arrays and records.  In my experience
with using languages that have large container libraries,
it is these three that are used more widely than all
the others combined.

****************************************************************

From: Randy Brukardt
Sent: Wednesday, February 4, 2004  9:29 PM

I agree with one caveat: we're already adding something else called "Vector"
to the standard (see AI-296), and two might just be too confusing.

But, the container vector is more useful than the list container (because of
the calculated O(1) access to elements). And they're too similar to support
both when we're trying to support something managable.

****************************************************************

From: Randy Brukardt
Sent: Wednesday, February 4, 2004  9:39 PM

Jeffrey Carter said:
...
> Further, the proposal requires an inefficient array implementation, and
> several of the operations refer to this implementation. I think this is
> a mistake. Specify an general, unbounded list and let the implementor
> choose the implementation (which could be an array). As the proposal
> points out, correctly implementing a general list is not trivial, so it
> makes sense for a standard library to provide a list.
>
> Maps and sets also specify a specific implementation.

No, an implementation is suggested (in AARM notes), as are performance
characteristics. That was one of the larger changes to Matt's original
proposal. If we made that change incompletely somewhere, that needs to be
fixed.

That said, the most important thing is that all implementations have
consistent performance characteristics (so that porting a program from GNAT
to ObjectAda doesn't fail for performance reasons). If GNAT used an array
implementation and ObjectAda used a list implementation for a Vector, access
to elements (which would be O(N) on the imagined OA implementation) could be
too slow for the port to be viable. That needs to be avoided. OTOH,
specifying too much about the implementation would prevent using a better
one -- in that case, we might as well just specify the source code of the
entire library (including the bodies!), and we don't need all of this
wording!

> I would propose that the sort algorithm be made available to users for
> normal array types as well as for vectors. That would involve putting it
> in its own library unit and refering to that unit in Vectors.

Bad idea. To do that, you'd need provide generic formal accessor functions;
that would have a huge overhead of function calls for both Vectors and
Arrays. On a code shared implementation like Janus/Ada, it probably would
run ten times slower than the specified one.

If we want an array sort, we should declare one:

    generic
       type Index_Type is (<>);
       type Element_Type is private;
       function "<" (Left, Right : Element_Type) return Boolean is <>;
       type Array_Type is array (Index_Type) of Element_Type;
    procedure Ada.Generic_Sort (Arr : in out Array_Type);

(We'd need an unconstrained version, too.) But keep it separate from the
Vector one (or any List one, for that matter).

****************************************************************

From: Matthew Heaney
Sent: Thursday, February 5, 2004  9:31 AM

I have hosted a reference implementation at my Earthlink home page:

<http://home.earthlink.net/~matthewjheaney/charles/ai302-20040205.zip>

For now it only includes the vector.  There's a test_sort program in
there too, so you have something you can run.

I'll have the set and maps done in a few days.

****************************************************************

From: Robart A. Duff
Sent: Thursday, February 5, 2004  10:13 AM

Thanks, Matt!

****************************************************************

From: Jeffery Carter
Sent: Thursday, February 5, 2004  10:58 AM

Randy Brukardt wrote:

> No, an implementation is suggested (in AARM notes), as are performance
> characteristics. That was one of the larger changes to Matt's original
> proposal. If we made that change incompletely somewhere, that needs to be
> fixed.

The normative text for vectors says

"A vector container object manages an unconstrained internal array"

That specifies an array implementation.

> Bad idea. To do that, you'd need provide generic formal accessor functions;
> that would have a huge overhead of function calls for both Vectors and
> Arrays. On a code shared implementation like Janus/Ada, it probably would
> run ten times slower than the specified one.

Given that an array implementation is specified, there is no need for
formal accessor functions. The vector can simply call an instantiation
of the sort with the appropriate slice of its internal array. Since we
require such an algorithm to exist, and it is useful to many users, it
makes sense for it to be available outside the vector package.

> If we want an array sort, we should declare one:
>
>     generic
>        type Index_Type is (<>);
>        type Element_Type is private;
>        function "<" (Left, Right : Element_Type) return Boolean is <>;
>        type Array_Type is array (Index_Type) of Element_Type;
>     procedure Ada.Generic_Sort (Arr : in out Array_Type);
>
> (We'd need an unconstrained version, too.) But keep it separate from the
> Vector one (or any List one, for that matter).

If we only have one, I'd prefer it to be unconstrained. That allows
operations such as the vector sort discussed above, where the size of
the slice may change from call to call, without repeated instantiations.

Sort for a list is a different creature. Merge sort is a good choice
there, since a list already has the O(N) additional space that merge
sort requires for array sorting (in the links), provided you have access
to the list internals. Thus you get O(N log N) time in all cases and
O(1) space.

****************************************************************

From: Randy Brukardt
Sent: Thursday, February 5, 2004  3:23 PM

Jeff Carter wrote:

> The normative text for vectors says
>
> "A vector container object manages an unconstrained internal array"
>
> That specifies an array implementation.

Precisely my point. That is intended to say that there is a logical array in
the container, but not necessarly an actual one. Matt's descriptions were
too implementation-specific, and we moved most of that. But I'm not
surprised that some was missed.

...
> Given that an array implementation is specified, there is no need for
> formal accessor functions. The vector can simply call an instantiation
> of the sort with the appropriate slice of its internal array. Since we
> require such an algorithm to exist, and it is useful to many users, it
> makes sense for it to be available outside the vector package.

There is no intent that an array implementation is specified (it certainly
won't be implemented that way on Janus/Ada); only that the performance
characteristics are similar (or better) than that of an array
implementation.

In any case, I have no idea how an external generic would be able to mess
around with the internal array - it certainly can't see it! You'd have to
put the sort into the spec in order to do that -- and that's whats proposed
and what you're objecting to.

****************************************************************

From: Matthew Heaney
Sent: Thursday, February 5, 2004  3:40 PM

Randy Brukardt wrote:

> Precisely my point. That is intended to say that there is a logical array in
> the container, but not necessarly an actual one.

Yes, exactly.  This allows the implementor to leave the type system in
order choose the optimal implementation for the vector container.

An implementor can use any implementation that satisfies the property
that insertion at the back end is (amortized) constant time, and the
property that random access is constant time.

****************************************************************

From: Jeffrey Carter
Sent: Thursday, February 5, 2004  6:52 PM

Randy Brukardt wrote:

>>The normative text for vectors says
>>
>>"A vector container object manages an unconstrained internal array"
>>
>>That specifies an array implementation.
>
> Precisely my point. That is intended to say that there is a logical array in
> the container, but not necessarly an actual one. Matt's descriptions were
> too implementation-specific, and we moved most of that. But I'm not
> surprised that some was missed.

I read it as specifying an implementation. I suggest the wording be
revised to make it clear that the discussion is of a logical array, not
a requirement for an actual array.

> In any case, I have no idea how an external generic would be able to mess
> around with the internal array - it certainly can't see it! You'd have to
> put the sort into the spec in order to do that -- and that's whats proposed
> and what you're objecting to.

I guess I wasn't clear. You would provide the external sort, and also
specify the sort in the spec, with wording that the sort has the same
characteristics as the external sort. This is based on the assumption
that an array implementation is specified, so the sort algorithm, useful
on arrays, must exist anyway.

I'm reminded of my surprise that Ada-83 compilers had to support
inifinte-precision arithmetic, but the language did not require that it
made available to users. If the compiler writers have to implement the
functionality, why not make it available to users? Case-insensitive
string comparison is a similar thing: compilers have to recognize that
frog, Frog, and FROG are the same identifier, but are (were) not
required to make such comparisons available to users.

****************************************************************

From: Jeffrey Carter
Sent: Thursday, February 5, 2004  11:38 AM

Tucker Taft wrote:

> The term "vector" for extensible array is used in Java
> as well.  I think we should strive to use terminology
> that has become widely used in the programming community.

I disagree, even though I know that's dangerous when discussing Ada with
STT. An application that uses both extensible arrays and mathematical
vectors will be very confusing if both are called vectors. Since an
explicit design goal of Ada is to emphasize ease of reading, calling an
extensible array a vector seems inappropriate.

> I personally consider an extensible array (i.e. a vector) a useful and
> important standard container.  I don't feel the same way about a linked
> list, because it is so easy to implement what you want, and there
> are so many options when it comes to how to link the objects
> together that having a standard container for that hardly
> seems worthwhile (IMHO).

I have no objections to an extensible array, provided it's clearly
identified as such. I think it should look different from the proposal,
but that's mainly a taste issue. I'd want direct analogs to indexing,
both LHS and RHS (Put and Get?); slices, both LHS and RHS (Replace_Slice
and Slice?); and 'First, 'Last, and 'Length (though 'First is a constant
for an EA). An equivalent to 'range would be nice, but impossible. The
only difference to a normal array would be that Put and Replace_Slice
can accept indices not in First .. Last. I haven't given it a great deal
of thought, so I'm sure I'm missing some subtleties, but I don't see a
need for Front, Back, Insert, Delete, and so on.

The proposal says that containers "that are relatively easy to code,
redundant, or rarely used are omitted". It also says that lists are
difficult to implement correctly. Given a list, structures such as
deques, stacks, and especially queues are easy to implement. Since
queues are common structures and not redundant (none of the proposed
containers provides an efficient implementation of a queue), the
proposal itself seems to argue that lists should be provided, since they
are not easy to code correctly, and provide a basis for the user to
easily code queues.

> So we settled on Vector, Map, and Set as three basic yet
> important abstractions that will help lift the level of
> programming above arrays and records.  In my experience
> with using languages that have large container libraries,
> it is these three that are used more widely than all
> the others combined.

There was an article by Mills [Harlan D. Mills, Richard C. Linger: Data
Structured Programming: Program Design without Arrays and Pointers. IEEE
Trans. Software Eng. 12(2): 192-197 (1986)] that proposed that
applications only use queues, stacks, and sets (real sets, with union,
intersection, and such operations). It's an interesting concept, and I
agree with the aim of programs using appropriate abstractions and hiding
lower level implementation details, especially use of pointers.

****************************************************************

From: Alexandre E. Kopilovitch
Sent: Thursday, February 5, 2004  9:04 AM

Tucker Taft wrote:

> The term "vector" for extensible array is used in Java
> as well.  I think we should strive to use terminology
> that has become widely used in the programming community.

So call it Java_Vector - that will be at least consistent.

Do you think that Java meaning for "vector" is more significant for Ada than
mathematical meaning of this term (which never implied extensibility) ?

Why not call that thing Flexible_Array (after Algol-68, I think) - this name
will directly reflect the essense.

****************************************************************

From: Robert A. Duff
Sent: Thursday, February 5, 2004  1:37 PM

Bill Wulf and other professors at CMU circa late 1970's were using the
term "vector" to mean "array" (not necessarily extensible); that's the
first time *I* heard it.  So it's not a Java-ism.

I think this meaning of "vector" derives from the maths meaning,
even if it's not precisely the same thing.

****************************************************************

From: Stephen Leake
Sent: Thursday, February 5, 2004  2:18 PM

Jeffrey Carter <jrcarter@acm.org> writes:

> Tucker Taft wrote:
>
> > The term "vector" for extensible array is used in Java
> > as well.  I think we should strive to use terminology
> > that has become widely used in the programming community.
>
> I disagree, even though I know that's dangerous when discussing Ada
> with STT. An application that uses both extensible arrays and
> mathematical vectors will be very confusing if both are called
> vectors. Since an explicit design goal of Ada is to emphasize ease of
> reading, calling an extensible array a vector seems inappropriate.

I agree with Tucker. I have code that uses both Cartesian vectors and
extensible arrays. One is SAL.Math_Double.DOF_3.Cart_Vector_Type, the
other is SAL.Poly.Unbounded_Arrays. Obviously, I have different names
for them, as Carter wants. But if I called them
SAL.Math_Double.DOF_3.Vector and SAL.Poly.Vector, I would have no
chance of confusion. That's what package hierarchies are for.

Since both Java and C++ use the term "vector" for an extensible array,
I think Ada should also. Part of the point of the OY revision is to
make the language more attractive to current users of other languages.
This is an easy way to do that.

> (Replace_Slice and Slice?); and 'First, 'Last, and 'Length (though
> 'First is a constant for an EA).

'First is not constant for SAL.Poly.Unbounded_Arrays; I provide both
Append and Prepend operations. I don't think I've ever used Prepend,
though; it was really just an exercise in what was possible.

> .. I don't see
> a need for Front, Back, Insert, Delete, and so on.

I use Insert and Delete in real applications.

> The proposal says that containers "that are relatively easy to code,
> redundant, or rarely used are omitted". It also says that lists are
> difficult to implement correctly. Given a list, structures such as
> deques, stacks, and especially queues are easy to implement. Since
> queues are common structures and not redundant (none of the proposed
> containers provides an efficient implementation of a queue), the
> proposal itself seems to argue that lists should be provided, since
> they are not easy to code correctly, and provide a basis for the
> user to easily code queues.

I agree. A lists package would be nice.

But I also agree with Tucker, that it is difficult to come up with one
list package that really meets a wide range of needs.

Perhaps one list package, that meets a narrow range of needs, would
still be useful. It would set a style standard for other list packages.

****************************************************************

From: Matthew Heaney
Sent: Thursday, February 5, 2004  2:48 PM

Alexandre E. Kopilovitch wrote:

> So call it Java_Vector - that will be at least consistent.
>
> Do you think that Java meaning for "vector" is more significant for Ada than
> mathematical meaning of this term (which never implied extensibility) ?
>
> Why not call that thing Flexible_Array (after Algol-68, I think) - this name
> will directly reflect the essense.

Tucker T. and Bob D. are both correct: the container is a "vector."

Alexandre K. and Jeff C. are both incorrect.  The container is not a
list, not a Java_Vector, not an Extensible_Array, and not a Flexible_Array.

It is a vector.  It has the same semantics as the identically-named
container in the STL.  The one named "vector."

The container whose name is vector does not have array semantics.  There
is no slicing for example.

The container whose name is vector has the following important properties:

o inserting at the back end is amortized constant time
o supports random access of elements, in constant time

Yes, internally a vector is implemented as an array.  The Size function
returns the length of this internal array, and Resize can be used to
expand its length.

But it is not an array.  It is a container.  Whose name is "vector".
Just like the one in the STL.

****************************************************************

From: Alexandre E. Kopilovitch
Sent: Thursday, February 5, 2004  3:46 PM

No problem with all that if another term was chosen. Now, with "vector", this
is name squatting (well, participation in name squatting in Ada case), which
is fully appropriate for Java, somehow understandable for C++, but seems
(still) inappropriate for Ada, especially taking into account that the involved
term belongs to some Ada-friendly domain.

****************************************************************

From: Robert A. Duff
Sent: Thursday, February 5, 2004  3:38 PM

I wrote:

> Bill Wulf and other professors at CMU circa late 1970's were using the
> term "vector" to mean "array" (not necessarily extensible); that's the
> first time *I* heard it.  So it's not a Java-ism.

Actually, the meaning was "one-dimensional array".  But there was no
implication that they could grow.

> I think this meaning of "vector" derives from the maths meaning,
> even if it's not precisely the same thing.

I mean, what's a vector in 3-space?  Basically, a one-dimensional array
of 3 real numbers -- the X, Y, and Z coordinates.

Matt wrote:

> It is a vector.  It has the same semantics as the identically-named
> container in the STL.  The one named "vector."

This stuff comes from the C++ STL.  I think gratuitous differences from
that are unhelpful.  (But I admit that I was one of the folks pushing
for "cursor" instead of "iterator".)

> The container whose name is vector does not have array semantics.  There
> is no slicing for example.

Well, "no slicing" is hardly fundamental.  It could be added, or
programmed by the client.

> The container whose name is vector has the following important properties:
>
> o inserting at the back end is amortized constant time
> o supports random access of elements, in constant time

I think "random access" is the essence of array semantics.  After all,
anything you can do with an array you can do with a linked list, and
vice versa -- the only fundamental difference is the efficiency
properties.

****************************************************************

From: Matthew Heaney
Sent: Thursday, February 5, 2004  9:31 AM

Robert A Duff wrote:

> This stuff comes from the C++ STL.  I think gratuitous differences from
> that are unhelpful.  (But I admit that I was one of the folks pushing
> for "cursor" instead of "iterator".)

Yes.  The world has settled on the name "vector."  Let's use the terms
everyone else is using, unless we have a good reason not to.

(BTW, that's also why I used the name "Iterator_Type".  But I have no
issues with the name "Cursor_Type".)


> I think "random access" is the essence of array semantics.  After all,
> anything you can do with an array you can do with a linked list, and
> vice versa -- the only fundamental difference is the efficiency
> properties.

But that's the essence of the argument!

Yes, it's *possible* to seek to specific elements in a linked list, but
I would hardly call that "random access."

If you need fast random access to the elements in a container, and the
number of elements in the container is large, then you can effectively
rule out using a linked list as the container.

Of course you could make the argument the other way.  If you need
constant-time insertion of elements at any position, then that
effectively rules out a vector, in favor of a list.

****************************************************************

From: Alexandre E. Kopilovitch
Sent: Thursday, February 5, 2004  3:21 PM

Robert A Duff wrote:

> Bill Wulf and other professors at CMU circa late 1970's were using the
> term "vector" to mean "array" (not necessarily extensible); that's the
> first time *I* heard it.

Yes, CMU always was (as far as I know) primarily engineering educational
facility, and I know well that engineers (not software engineers, but rather
general kind of engineers) often called "vector" any column or row of numbers.
(not bothering themselves with the question how the components of that "vector"
transform with a change of coordinate system). But apparently they never used
this term for arrays of any other objects, and I almost never seen a case
(even in engineering) where "vector" was used for extensible array - except
Java and perhaps some C++ libraries.

A notable exception is APL, in which "vector" is the basic term, and that
"vector" is extensible. But in APL that "vector" is equipped with vast
nomenclature of functions, many of them associated with genuine mathematical
vectors, so the entire balance for the term was acceptable.

> So it's not a Java-ism.

Yes, not exactly - there were other precedents of sloppy usage of this term.
But nevertheless a strong impression remains that it is exactly Java, which
is a real reason, ground and reference for proposing this term for extensible
arrays *now and for Ada0Y*.

> I think this meaning of "vector" derives from the maths meaning,
> even if it's not precisely the same thing.

No, not at all - it lacks the primary mathematical meaning of it, and adds
the primary feature, which meaning is totally non-mathematical (that is, there
is no attempt to bring any mathematical meaning to it... and it will not be
simple, if attempted).

****************************************************************

From: Matthew Heaney
Sent: Thursday, February 5, 2004  5:11 PM



Jeffrey Carter wrote:

> The actual algorithm produces 8-bit hash values, which may no longer be
> considered adequate, given
>
>> Hash_Type'Modulus shall be at least as large as the smaller of
>> System.Max_Binary_Modulus and 2**32.

In Charles I copied the hash function from GNAT.  I figure if it's good
enough for Robert Dewar it's good enough for me...



> Vector should have an iterator, in addition to allowing the user to
> explicitly iterate over the structure.

No.  Vector iterators are fragile, and hence very error prone.

They are fragile because the (logical) internal array gets thrown away
during expansion, which invalidates the iterator.  It's too hard to keep
track of whether a vector iterator is still valid, and most of the time
you end up with a dangling reference.

The STL has vector iterators in order to provide the infrastructure
necessary to support generic algorithms.

In Ada they are not necessary, because you can use locally-declared
subprograms to fit within such a framework.




>> Open issue: This function returns a value that doesn't depend on it's
>>  parameter. It possibility could be removed in favor of just saying
>> Index_Type'Pred(Index_Type'First) appropriately. Committee discussion
>>  with the original proposal's author was inconclusive.
>
>
> I'd say that it should be a constant, not a function. The same seems to
> hold for First.

Front can probably go away.  First is there for consistency with other
containers.



> Given that Back is defined as Index_Type'Succ (Last (Vector) ), and Last
> (Vector) could be Index_Type'Last, there seems to be a problem. There
> should be an assertion that Index_Type'Base'Last > Index_Type'Last.

That's not really possible for generic actual index types such as
Natural or Positive.

We could get rid of the assertion, but this would impact implementors.
That's why it's still an open issue.

In my reference implementation, I don't think the generic actual type
has to have IT'Base'First < IT'First, since internally I use Integer
subtypes for everything.

http://home.earthlink.net/~matthewjheaney/charles/ai302-20040205.zip



> All the problems with Index_Type disappear with a general list, which
> would use a cursor.

The original proposal included list containers, but they were not
included in the subcommittee report, in order to keep the size of the
report more manageable.



> An important thing about maps is that they provide fast searching,
> typically based on a lower-level structure such as a hash table or
> balanced tree.

My original proposal had both sorted and hashed maps, but in order to
keep the subcommittee report small support for sorted maps was removed.


> Such structures have uses of their own in addition to
> creating maps, and independent of the key/value concept of a map. For
> example, an application may collect a number of values and then need to
> quickly determine if a value is in that collection, and a searchable
 > structure with a Get_First operation can be used for a priority queue.

That's what the sorted set is for.


> None of these applications use key/value pairs.

So use the sorted set.


> Therefore, I think it's
> important to provide the underlying searchable structure to users.

Just use the sorted set container.  If guarantees that searches only
take O (log N) even in the worst case.


> (Indeed, given the ease with which a user can wrap a key/value pair in a
> record, define comparison operations for that record that only use the
> key part, and create a map structure, given the existence of a
> searchable structure, it could be argued, since the proposal states that
> easily implemented structures should not be part of the library, that
> the library should only supply searchable structures, and not maps.)

The (hashed) map stores the key and element as separate components of
the internal node of storage.

If you have a record like that, containing a key-part component, then
use the sorted set, and instantiate the nested generic package Generic_Keys.


> Do we really need Maps.[Wide_]Strings, given that an Unbounded_String
> can be used for the key type, and that this library should not be used
> for applications in which the use of Unbounded_Strings is not acceptable?

Yes, we really need string-key maps.


> The Sets package is mostly incomprehensible. Sets deal with elements,
> and operations must include testing if an element is in a set, creating
> a set from a list of elements (set "literals"), and set union,
> intersection, difference, and symmetric difference. Except for the
> membership test, these are missing from the package, so I don't see what
> it has to do with sets. It appears to be a searchable structure, not a
> set. This is corroborated by the package Generic_Keys, which allows the
> structure to be used as a map.

A "set" is really any sorted sequence of items.  If you want set
intersection, symmetric difference, etc, then just use a generic
algorithm.  See the Charles library for such algorithms.

Of course, if you want target of a set union operation to be the set
itself, then just use Insert to insert the items.

The subcommittee report has several examples of how sets are used, and
there's at least one example showing how to use the nested generic package.

See the last two slides in my AE-2003 paper presentation for an example
of how to take the union of a set and a (sorted) list:

http://home.earthlink.net/~matthewjheaney/charles/charlesppt.htm

My original proposal has the same example at the very end:

http://home.earthlink.net/~matthewjheaney/charles/ai302.txt



> "Sans" is a French word. Since the ARM is in English, we should use the
> English "without" instead. "No" might also be acceptable.

Je crois que non.  C'est une bonne idea.

The name for Delete_Sans_Increment comes from Emacs lisp, which has the
functions file-name-sans-extension and file-name-sans-versions.

It was also in homage to Ada's French history, given that her original
designer was French, and worked for a French company.

Why do you think "rendevous" was named that way?



> I'd like to thank the select committee for their work. No library will
> completely please everyone. I will welcome any standard container
> library in Ada 0X.

If you don't immediately grok how vectors and sets and maps work, then I
suggest familiarizing yourself with the STL. There are lots of tutorials
on the WWW.

I also recommend Stanley Lippman's little book Essential C++.  That was
my introduction to the STL, and what originally convinced me that
Stepanov's approach was the correct one.

You might also like Accelerated C++ by Andrew Koenig and Barbara Moo,
which uses the STL as a basis for teaching C++.

****************************************************************

From: Randy Brukardt
Sent: Thursday, February 5, 2004  5:49 PM

Matt's too modest. The tutorial that makes up the !example section is
actually quite good. I learned a lot about how the packages work (and how to
use them) from reading it carefully, and I recommend that everyone do that
to better understand Matt's work.

****************************************************************

From: Randy Brukardt
Sent: Thursday, February 5, 2004  3:48 PM

Jeffrey Carter wrote:

...
> > I personally consider an extensible array (i.e. a vector) a useful and
> > important standard container.  I don't feel the same way about a linked
> > list, because it is so easy to implement what you want, and there
> > are so many options when it comes to how to link the objects
> > together that having a standard container for that hardly
> > seems worthwhile (IMHO).
>
> I have no objections to an extensible array, provided it's clearly
> identified as such. I think it should look different from the proposal,
> but that's mainly a taste issue. I'd want direct analogs to indexing,
> both LHS and RHS (Put and Get?); slices, both LHS and RHS (Replace_Slice
> and Slice?); and 'First, 'Last, and 'Length (though 'First is a constant
> for an EA). An equivalent to 'range would be nice, but impossible. The
> only difference to a normal array would be that Put and Replace_Slice
> can accept indices not in First .. Last. I haven't given it a great deal
> of thought, so I'm sure I'm missing some subtleties, but I don't see a
> need for Front, Back, Insert, Delete, and so on.

Let's see:
- direct analogs to indexing, both LHS and RHS (Element, Replace_Element);
- slices (nope);
- 'First (First), 'Last (Last), 'Length (Length);

Looks like pretty much everything is in there. And slicing will be expensive
if the implementation is not a straight array, so it's somewhat dubious.
Insert and Delete provide easier ways of adding or removing items than
slices - and how often do you use a slice of a non-string type for something
other than inserting or deleting elements anyway??

Ada doesn't (and isn't) going to support user-defined indexing or
user-defined attributes, so this is about the best you can do. So what's the
complaint (other than the name)??

> The proposal says that containers "that are relatively easy to code,
> redundant, or rarely used are omitted". It also says that lists are
> difficult to implement correctly.

I think that's a mistake; only very rare operations are difficult to code.
We didn't update every piece of the original text, and that one is
misleading.

> Given a list, structures such as
> deques, stacks, and especially queues are easy to implement. Since
> queues are common structures and not redundant (none of the proposed
> containers provides an efficient implementation of a queue), the
> proposal itself seems to argue that lists should be provided, since they
> are not easy to code correctly, and provide a basis for the user to
> easily code queues.

The user can easily code a queue in terms of a Vector (that's one of the
uses of Insert!). We dropped the list component because it had an identical
interface to the Vector component, but was less flexible (no computed O(1)
access).

In any case efficiency is not a goal of the standard containers. It would be
incorrect for the standard to specify performance to the point that only a
single implementation would be possible. Moreover, we anticipate a secondary
standard that *does* try to provide more control over performance (by adding
lists, bounded forms, etc.)

In my view, it is a mistake for projects to depend on standard containers
where there are critical performance requirements (not just time, but also
space as well). In that case, you really have to have control of the
implementation -- you really need *all* of the source code. You can't trust
something provided by the standard (or your compiler vendor) in those cases.

In any case, the purpose of these containers is to provide a seed and a
standard direction. I would hope that they would reduce the tower of babel
that Ada containers are nowdays - by providing a style for other containers
to follow. No one is suggesting that these are sufficient to solve all
programming problems - just 80% of them, especially in prototypes and in Q&D
programs.

****************************************************************

From: Martin Dowie
Sent: Thursday, February 5, 2004  5:50 PM

> Dowie, Martin (UK) wrote:
> > I could but wasn't part of the purpose of the library to allow us to
> > do common things more easily? And I'd have to say I'd use a 'Quit'
> > version a _lot_ more than the current process everything,
> > every time one.
>
> It would be helpful if you could be specific about what kind of
> container you were using.

I was thinking, primarily, of a project that used single (bounded) lists to
hold commands (a basic, domain-specific, scripting language I guess),
one of which was 'stop this sequence of commands'.

This pattern has since shown itself to be quite common in embedded
systems - for either domain-specific scripting languages or graphics.

There is the other idiom where one is processing an iteration of items
and an external event occurs that stops the processing - e.g. the 'stop'
button is pushed on a GUI-search window, but it could equally be a
50Hz message over a 1553.

****************************************************************

From: Randy Brukardt
Sent: Thursday, February 5, 2004  6:14 PM

> I was thinking, primarily, of a project that used single (bounded) lists to
> hold commands (a basic, domain-specific, scripting language I guess),
> one of which was 'stop this sequence of commands'.

My understanding of the model is that passive iterators are only for cases
where you want to iterate over the entire container. Thus, this is clearly a
use for an active iterator. Indeed, given the iteration model of packages,
there's hardly any reason to use a passive iterator. They're harder to write
(a subprogram and instantiation are required), and (especially if a Quit
parameter is provided), harder to understand.

We dropped the passive iterator from the Ada.Directories package precisely
because even ARG members were confused about how it worked. Even though it
was a classic passive iterator with a Quit parameter. Perhaps the confusion
really was the Quit parameter (I thought it was the whole idea), but in any
case, you've got to keep them simple.

> This pattern has since shown itself to be quite common in embedded
> systems - for either domain-specific scripting languages or graphics.
>
> There is the other idiom where one is processing an iteration of items
> and an external event occurs that stops the processing - e.g. the 'stop'
> button is pushed on a GUI-search window, but it could equally be a
> 50Hz message over a 1553.

It seems to me that an abort situation is best handled by propagating an
exception. Otherwise, you end up distributing termination code/flags
everywhere in the application. But YMMV.

****************************************************************

From: Jeffery Carter
Sent: Thursday, February 5, 2004  6:39 PM

Matthew Heaney wrote:

> Alexandre K. and Jeff C. are both incorrect.  The container is not a
>  list, not a Java_Vector, not an Extensible_Array, and not a
> Flexible_Array.

Matthew H. is incorrect. The data structure is not a vector.

I am at least as qualified as Matthew H. to make such pronouncements.

****************************************************************

From: Jeffery Carter
Sent: Friday, February 6, 2004  1:05 PM

A comment on type names.

Ada 83, with the unfortunate* exception of File_Type, did not use
"_Type" on the end of predefined type names. We have Address and Count,
not Address_Type and Count_Type. Ada 95 adhered to this principle, so we
have Storage_Element and Unbounded_String, not Storage_Element_Type and
Unbounded_String_Type.

For consistency, I think the Ada-0X process should also adhere to this
principle. The use of "_Type" on type names in the proposal should be
eliminated. This takes some time and thought to do well; I am willing to
volunteer for the effort if the Committee cannot spare the time and
cannot find anyone preferable.

This is a matter of consistently. While it is not my style, and not
recommended by the Quality and Style Guide, I have used libraries that
use the "_Type" convention without problem. I am concerned that the ARM
be consistent far more than I am about what convention the ARM uses.

*"Unfortunate" because it is inconsistent.

****************************************************************

From: Matthew Heaney
Sent: Friday, February 6, 2004  9:33 AM

I have updated the reference implementation, which now has the sorted
set container, too.

There's also a test_sets.adb, so you have something to run.  You can
pass a seed on the command line.

<http://home.earthlink.net/~matthewjheaney/charles/ai302-20040206.zip>

I'll take care of the hashed map containers this weekend, and post Mon AM.

****************************************************************

From: Matthew Heaney
Sent: Friday, February 6, 2004  3:36 PM

Martin Dowie wrote:

> I was thinking, primarily, of a project that used single (bounded) lists to
> hold commands (a basic, domain-specific, scripting language I guess),
> one of which was 'stop this sequence of commands'.

It sounds like you have a sequence container, that you traverse from
front to back.

The only sequence container in the proposal is a vector, which doesn't
have a passive iterator.  Again, I recommend just using a loop:

    for Index in First (V) .. Last (V) loop
       declare
          Command : Command_Type := Element (V, Index);
       begin
          exit when Is_Stop (Command);
          -- process command
       end;
    end loop;


If these are commands that have an order (say, each command has a
timestamp, and commands are executed in timestamp order), then you can
use the sorted set.  Again, an explicit loop is appropriate:

declare
    I : Cursor_Type := First (S);
    J : constant Cursor_Type := Back (S);
begin
    while I /= J loop
       declare
          Command : Command_Type := Element (I);
       begin
          exit when Is_Stop (Command);
          -- process command
       end;

       Increment (I);
    end loop;
end;

****************************************************************

From: Alexandre E. Kopilovitch
Sent: Friday, February 6, 2004  4:24 PM

> The only sequence container in the proposal is a vector,

Ah, yes, it's Sequence - quite right name for that container (and not Vector).

****************************************************************

From: Jeffrey Carter
Sent: Friday, February 6, 2004  7:17 PM

Randy Brukardt wrote:

> Let's see:
> - direct analogs to indexing, both LHS and RHS (Element, Replace_Element);
> - slices (nope);
> - 'First (First), 'Last (Last), 'Length (Length);
>
> Looks like pretty much everything is in there. And slicing will be expensive
> if the implementation is not a straight array, so it's somewhat dubious.
> Insert and Delete provide easier ways of adding or removing items than
> slices - and how often do you use a slice of a non-string type for something
> other than inserting or deleting elements anyway??

Slicing isn't included because C++ doesn't have slices, so it's a
foreign concept to its library and users. If we want to attract users of
inferior languages to Ada, it should be because Ada is better. Ada's
slices are a way that Ada is better; Ada's standard extensible array
component should be better than its competition by also offering them. I
do not see mimicking C++'s shortcomings as advisable.

Insertion and deletion are basic operations of lists, but not of arrays.
That's why the list and vector components had the same set of
operations: they both specify lists with different implementations.

Since String is an array, and [Un]Bounded_String is an extensible array,
and we're now told the correct name is Vector, shouldn't these be
renamed to something like Character_Vector?

> Ada doesn't (and isn't) going to support user-defined indexing or
> user-defined attributes, so this is about the best you can do. So what's the
> complaint (other than the name)??

I don't expect user-defined indexing, slices, or attributes, which is
why I talked about "analogs" to them. Missing slices is one complaint.
And, yes, the name is unarguably wrong.

In the C family of languages, users are accustomed to having to look at
implementations in order to understand how to use something. Subprogram
"prototypes" (yet another misused term to add to the collection) are
generally insufficient, and appropriate comments are often lacking. So
it comes as no surprise to me that C++ expects newcomers to its library,
looking for an extensible array, and not finding anothing with an
appropriate name, to have to look at the operations of the components to
find that the inappropriately named "vector" is really an extensible array.

However, this is not the Ada way, and I think it completely
inappropriate to mimick this mistake. Looking at other languages'
library to select useful components is fine; insisting that an Ada
version must be identical to that of another language, including
mistakes, is not.

> The user can easily code a queue in terms of a Vector (that's one of the
> uses of Insert!). We dropped the list component because it had an identical
> interface to the Vector component, but was less flexible (no computed O(1)
> access).

The perfomance of a queue based on an extensible array is likely to be
just as objectionable as extracting an element from an extensible array
based on a list. That the vector and list components both had the same
interface is further evidence that mimicking the STL is a bad idea.
Insert and delete are as foreign to an extensible array as indexing and
slicing should be to a list.

> In my view, it is a mistake for projects to depend on standard containers
> where there are critical performance requirements (not just time, but also
> space as well). In that case, you really have to have control of the
> implementation -- you really need *all* of the source code. You can't trust
> something provided by the standard (or your compiler vendor) in those cases.

I agree. That doesn't mean that the standard shouldn't provide a basis
for queues with performance characteristics suitable for performance
non-critical applications, which an extensible array does not provide.

****************************************************************

From: Randy Brukardt
Sent: Friday, February 6, 2004  8:24 PM

Jeff Carter wrote:

...
> I agree. That doesn't mean that the standard shouldn't provide a basis
> for queues with performance characteristics suitable for performance
> non-critical applications, which an extensible array does not provide.

Huh? You've said, in effect, that the performance isn't good enough for
applications where the performance doesn't matter. That's a pretty goofy
statement!

My opinion has not changed: if you care about performance *at all*, you
*cannot* depend on *any* standard containers. But usually the performance
does not matter at all (or so little as to be equivalent to not at all): the
number of elements in the container is small (which would be true for
virtually all queues), and/or it is used infrequently, and/or the
application is a throw-away.

Otherwise, if you are writing portable code, you shouldn't use a predefined
container library at all -- the performance is likely to vary much more
across implementations than code you write yourself. For instance, on
Janus/Ada, any generic list container is going run 2-5 times slower than the
same list created yourself -- that's just the effect of the extra call
overhead and the shared body (which means the elements will be dynamically
allocated - separately - in any case - at least doubling the allocation
overhead). I'd expeect that effect to be much less on GNAT, for example,
because they don't share generic bodies and thus don't have the double
allocation overhead.

If your application doesn't care about the component being 5 times slower,
then it is highly unlikely that it is going to care about whether the
Vector/Sequence/List component is implemented as an array, as a list, as a
tree, as a hash table, or as something else.

My preference with these components would be to say absolutely nothing about
performance or implementation (because anything said is as meaningless as
real-time metrics are). But others believe that that would cause real
portability problems, and I'm willing to go along with that.

The problem I see is a lot of people are looking far too closely at tiny
pieces of abstractions.  You might have a queue or a list as part of a large
abstraction, but they're pretty much useless by themselves. And given that
creating a queue or stack (both of which have only two operations, both
trivial!) would take 3 minutes max, it makes no sense to use a complex (and
necessarily slow) container library for just that -- indeed, it probably
would be more work to use a container than the 3 minutes.

I much prefer the vision of this containers library, where the only
containers included are those that are large, complex, multi-purpose, and
have a clear abstraction.

****************************************************************

From: Jeffrey Carter
Sent: Friday, February 6, 2004  7:39 PM

Matthew Heaney wrote:

> No.  Vector iterators are fragile, and hence very error prone.

Modifying a structure from an iterator should be a bounded error.

> They are fragile because the (logical) internal array gets thrown away
> during expansion, which invalidates the iterator.  It's too hard to keep
> track of whether a vector iterator is still valid, and most of the time
> you end up with a dangling reference.

You can only talk about what happens internally during an operation if a
specific implementation is required, which Randy assures us is not the case.

> A "set" is really any sorted sequence of items.  If you want set
> intersection, symmetric difference, etc, then just use a generic
> algorithm.  See the Charles library for such algorithms.

I've used sets for decades, in discrete math, in specification languages
such as Z, and in programming. A set is an unordered collection of
elements from a universe that provides operations such as membership,
union, intersection, and the like, represented by mathematical symbols
that I can't reliably represent in an e-mail.

An implementation of a set may be sorted to speed up operations, but
that's a feature of the implementation, not of the concept implemented.
That's a distinction that many users of C-family languages seem unable
to make, but that I expect from those who embrace Ada.

> The name for Delete_Sans_Increment comes from Emacs lisp, which has the
> functions file-name-sans-extension and file-name-sans-versions.

Yet another case of mimicking others' errors.

> It was also in homage to Ada's French history, given that her original
> designer was French, and worked for a French company.
>
> Why do you think "rendevous" was named that way?

"Rendezvous" is not a predefined indentifier in the ARM. It was chosen
because no English word has the precise meaning intended, and Ada's
designers understood the importance of precise terminology.

> If you don't immediately grok how vectors and sets and maps work, then I
> suggest familiarizing yourself with the STL. There are lots of tutorials
> on the WWW.

I've been using arrays, including extensible arrays, sets, and maps for
decades. I've also been using vectors for decades, having done a lot of
scientific programming that required matrix math. I doubt that a study
of C++ mistakes would have any effect besides raising my blood pressure.

****************************************************************

From: Jeffrey Carter
Sent: Friday, February 6, 2004  7:22 PM

Randy Brukardt wrote:

> Precisely my point. That is intended to say that there is a logical array in
> the container, but not necessarly an actual one. Matt's descriptions were
> too implementation-specific, and we moved most of that. But I'm not
> surprised that some was missed.

On closer inspection, the Size and Resize operations certainly imply an
array implementation; they are meaningless otherwise.

****************************************************************

From: Randy Brukardt
Sent: Friday, February 6, 2004  9:09 PM

Huh? Resize tells the container a reasonable size to use; what the container
does with that information is up to it. Size simply returns that
information.

That's no different than many of the attributes in Ada, which (if set),
always return the values that they were set to. But what the compiler does
with those values is (almost) completely implementation-defined.

The only real requirement here is O(1) element access (which prevents the
use of a straight linked list).

Janus/Ada will probably use an array of pointers (or possibly array of
arrays of pointers); we're going to be (implicitly) allocating the elements
anyway, we might as well do it explicitly and take advantage of that to make
Insert/Delete/Sort (and any expansions) much cheaper (presuming the elements
are bigger than scalar types). An array of arrays of pointers is even
better, because insertion cost is bounded by the maximum size of an array
chunk -- but there is more overhead and complexity, so I'd like to see some
real uses before deciding on an implementation.

Note that a pure list component has no real opportunity for "better"
implementations, and indeed, any implementation on Janus/Ada would suffer
from "double" allocation.

****************************************************************

From: Martin Dowie
Sent: Saturday, February 7, 2004  4:02 AM

> We dropped the passive iterator from the Ada.Directories package precisely
> because even ARG members were confused about how it worked. Even though it
> was a classic passive iterator with a Quit parameter. Perhaps the confusion
> really was the Quit parameter (I thought it was the whole idea), but in any
> case, you've got to keep them simple.

I didn't find it confusing so I provided an extra child
Ada.Directories.Iterate - and I've used it repeatedly!

> > This pattern has since shown itself to be quite common in embedded
> > systems - for either domain-specific scripting languages or graphics.
> >
> > There is the other idiom where one is processing an iteration of items
> > and an external event occurs that stops the processing - e.g. the 'stop'
> > button is pushed on a GUI-search window, but it could equally be a
> > 50Hz message over a 1553.
>
> It seems to me that an abort situation is best handled by propagating an
> exception. Otherwise, you end up distributing termination code/flags
> everywhere in the application. But YMMV.

I have tended to work in deeply enbedded systems, where exceptions (in
any language!) are at best frowned upon and quite often forbidden! :-(

****************************************************************

From: Martin Dowie
Sent: Saturday, February 7, 2004  4:25 AM

> > I was thinking, primarily, of a project that used single (bounded) lists to
> > hold commands (a basic, domain-specific, scripting language I guess),
> > one of which was 'stop this sequence of commands'.
>
> It sounds like you have a sequence container, that you traverse from
> front to back.

Pretty much, although we also read in where each 'First' is as the whole
contained many 'subroutines'.


> The only sequence container in the proposal is a vector, which doesn't
> have a passive iterator.  Again, I recommend just using a loop:

I suspect the first thing I will do is add an extra child generic subprogram
Ada.Containers.Vectors.Iterate! :-)

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  6:16 AM

> I suspect the first thing I will do is add an extra child generic
> subprogram Ada.Containers.Vectors.Iterate! :-)

Well, guess don't use GNAT. GNAT gets quite upset if you try to add something
to the Ada packages.

****************************************************************

From: Marius Amado Alves
Sent: Saturday, February 7, 2004  7:45 PM

I'd expect *any* compiler to get really upset with this ;-)

****************************************************************

From: Martin Dowie
Sent: Sunday, February 8, 2004  2:08 AM

"gcc -gnatg" or "gnatmake -a" will stop any warnings :-)

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  5:09 AM

> Jeffrey Carter wrote:

> > Given a list, structures such as
> > deques, stacks, and especially queues are easy to implement. Since
> > queues are common structures and not redundant (none of the proposed
> > containers provides an efficient implementation of a queue), the
> > proposal itself seems to argue that lists should be provided, since they
> > are not easy to code correctly, and provide a basis for the user to
> > easily code queues.

> The user can easily code a queue in terms of a Vector (that's one of the
> uses of Insert!). We dropped the list component because it had an identical
> interface to the Vector component, but was less flexible (no computed O(1)
> access).

True enough. But if you wanted a build generic queue on top of the vector the
tag should not be hidden from view. Otherwise one need to repeat all the
access methods instead of just renaming the one provided from the parent
package.

In fact the hidden tag is the one feature which I realey dislike in charles.

****************************************************************

From: Stephen Leake
Sent: Saturday, February 7, 2004  8:40 AM

"Randy Brukardt" <randy@rrsoftware.com> writes:

> Report of the ARG Select Committee on Containers
> February 3, 2004

Thanks for the committee's hard work on this.

What is the rationale for making the Map Key_Type definite, as opposed
to indefinite? Since an indefinite Key_Type is required for
Containers.Maps.Strings, why not make that capability available to the
users?

I don't see a discussion of this in AI-302-03/01.


Another point: Containers.Vectors.Size should return Index_Type'Base,
and the Size parameter in Resize should also be Index_Type'Base. It's
confusing to have different types for Size and Index.

There's also a problem if Natural'Last < Index_Type'Last; you
can't have a vector that contains every index!

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  6:03 PM

> What is the rationale for making the Map Key_Type definite, as opposed
> to indefinite?

The 'committee' primarily adopted the existing proposal submitted by Matt
Heaney. We decided not to change any of the major design decisions of that
proposal - because no package will suit everyone or every need, and we felt
it was more important to standardize something coherently designed for most
needs than to fiddle endlessly with it and risk introducing serious bugs.

Which is to say, I don't know. :-)

> Since an indefinite Key_Type is required for
> Containers.Maps.Strings, why not make that capability available to the
> users?

We definitely expect that the strings container will use a purpose-built
data structure for storing strings, not some general indefinite item
capability. Ways to compactly and efficiently store sets of varying size
strings are well known and commonly used.

Such algorithms could be extended to a general "unconstrained array of
elementary", but that hardly seems to be a worthwhile definition for keys.

...
> Another point: Containers.Vectors.Size should return Index_Type'Base,
> and the Size parameter in Resize should also be Index_Type'Base. It's
> confusing to have different types for Size and Index.
>
> There's also a problem if Natural'Last < Index_Type'Last; you
> can't have a vector that contains every index!

Yes, that's a serious problem on Janus/Ada (Integer is 16-bit). However, you
want the Size and Resize operations to take a numeric type that contains
zero -- and certainly Index_Type is not that. Index_Type could be a subtype
of an enumeration type or a subtype of a modular type (neither of which can
contain zero) or a subtype of an integer type not containing zero.

We had a short, inconclusive discussion about whether the index type ought
to be range <> rather than (<>) (because enumeration and modular types fail
the assertion and thus aren't directly usable), but that still doesn't
guarantee a zero. Moreover, if the integer type has negative numbers, then
the Length of the vector could be larger than Index_Type'Last.

So I don't see a great solution. I wondered about using "Hash_Type" here (it
has the correct properties), but that seems like a misuse of the type (and a
bad idea in a library that most Ada programmers will read - you want to show
them good style in standard libraries).

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  5:15 AM

> The perfomance of a queue based on an extensible array is likely to be
> just as objectionable as extracting an element from an extensible array
> based on a list. That the vector and list components both had the same
> interface is further evidence that mimicking the STL is a bad idea.
> Insert and delete are as foreign to an extensible array as indexing and
> slicing should be to a list.

Well, depends. Most queues are not supposed to grow indefinetly so an using a
vector with an modular type as index will give you good perfomace. Every Ada
tutorial contains a expample on how to do it.

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  6:14 AM

> The committee selected the second proposal as a starting point for a
> standard containers library, with a number of simple changes. The
> changes were simple enough that we produced a version of the library with
> the changes made (AI-00302-3/01).

Any place where I can actualy read the draft?

Anyway, looking at the reference impementation vom Matthew Heaney (thanks for
the quick responce) I have an improvements to suggest:

type Element_Type is private;

I said this bevore that is too limiting. With that signature you can't even
store strings. And more important you cant store Element'Class. In fact I
predict that with that signature 80% of all data stored will be "access to
something".

I have often heard Ada does not need garbage collection since a good container
library should take care of memory management - and now I ready to follow
that point. But taking that argument, vector is not a good container.

Since vector will need heap storrage anyway and performace is only a minor
issue I suggest:

type Element_Type (<>) is private;

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  6:05 PM

> Any place where I can actualy read the draft?

The same place that you can read any other AI: www.ada-auth.org.

****************************************************************

From: Martin Krischik
Sent: Sunday, February 8, 2004  4:58 AM

I looked there but I only found a very long discussion but not the
actual concluding decision.

****************************************************************

From: Randy Brukardt
Sent: Monday, February 9, 2004  6:03 PM

Don't know what you're looking for, but certainly the entire AI is posted
there. As with all AIs, the !wording section is what goes into the standard.

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  6:24 AM

> > The only sequence container in the proposal is a vector,
>
> Ah, yes, it's Sequence - quite right name for that container (and not
> Vector).

No, in my book elements in a Sequence have only a relative positions, or at
least the relative position is the primary position and absolut position is
only the secondary.

That is: Get_Next (V); is faster or as fast as Get (V, 5);

****************************************************************

From: Martin Krischik
Sent: Saturday, February 7, 2004  6:32 AM

> My understanding of the model is that passive iterators are only for cases
> where you want to iterate over the entire container.

Yes.

> Indeed, given the iteration model of packages,
> there's hardly any reason to use a passive iterator.

Passive Iterators should allways provide the fastes mean to iterate over the
hole container. They should do so by knowing the internals of the container.

Of course it only matters in advanced container with B-Trees or AVL-Trees as
as internal structure. But I have only seen those in IBM's Open Class Library
(which is far better the the STL).

But there are no advanced containers in AI 302.

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  6:21 PM

> Passive Iterators should allways provide the fastes mean to iterate over the
> hole container. They should do so by knowing the internals of the
> container.

That might be true in a language with a built-in iterator construct, but it
is certainly not true in Ada because of the overhead of calling the generic
formal subprogram for each element. In Janus/Ada, the overhead of calling a
formal subprogram is at least double of a normal subprogram (we have to save
and restore display information, because you could be calling into a more
nested scope than the generic body -- something that normally isn't possible
in Ada).

Other compilers may not have that overhead, but they'll certainly have call
overhead. Whereas, the explicit loop iterator for Vectors only needs to call
Element. So the call overhead is at best a wash, and at worst much worse for
the passive iterator. Moreover, the compiler is a lot more likely to be able
to in-line the call to Element (which likely has a pretty simple
implementation and thus will meet the in-lining qualifications), than the
bunch of arbitrary code in the Process formal routine.

So, a passive iterator will only be faster in complex containers (where you
have to separate the  Element and Successor functions). For a Vector (where
the language already has the needed iteration mechanism built-in), it's
going to be slower (or, if you're really lucky, the same speed) and it
certainly is a lot harder to write.

So I think having it on Vector would simply be for consistency; you'd never
actually use it if you know you're dealing with a Vector.

****************************************************************

From: Robert A. Duff
Sent: Saturday, February 7, 2004  7:22 PM

> Other compilers may not have that overhead, but they'll certainly have call
> overhead. Whereas, the explicit loop iterator for Vectors only needs to call
> Element. So the call overhead is at best a wash, and at worst much worse for
> the passive iterator. Moreover, the compiler is a lot more likely to be able
> to in-line the call to Element (which likely has a pretty simple
> implementation and thus will meet the in-lining qualifications), than the
> bunch of arbitrary code in the Process formal routine.

I don't see why the compiler shouldn't inline the Process routine,
assuming the compiler isn't doing shared generics.  They're usually
small, but anyway, the Process routine is typically called exactly
once, so it shouldn't matter how big it is.

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  7:33 PM

Most compilers have limitations on what can be inlined; Process (which
contains arbitrary code) is far more likely to violate one of those
limitations than Element (which never changes and is likely to be very
simple). In addition, many compilers only inline when you give pragma
Inline, and you can't do that on a generic formal.

****************************************************************

From: Robert A. Duff
Sent: Saturday, February 7, 2004  7:43 PM

If Process violates whatever these arbitrary restrictions are, then
sure, you can't get it inlined.  But typically Process is very simple --
often just one line of code that calls some other procedure to do the
real work, passing some additional parameters.  Process isn't a "real"
procedure, conceptually -- it's just the body of a loop.

In my current project, we make heavy use of the generic iterator
pattern, and I think that in many many cases, Process is just
a line or two of code.  (And if it's more, inlining is relatively
less important.)

>... In addition, many compilers only inline when you give pragma
> Inline, and you can't do that on a generic formal.

You give the inline on the actual.  In non-sharing implementations,
that should apply inside the instance.  And the iterator procedure
itself can be inlined, too.

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  8:04 PM

Certainly it's not real (which is one thing I dislike about passive
iterators in Ada - but we've discussed that before), but if it is very short
(or the bodies of your loops are typically very short), then you're
programming style must be very different from mine. The only loops that I
write that are very short are those that I probably shouldn't have written
in the first place (like the one finding the last '.' in a string) --
there's a routine somewhere in Ada.Strings that will do the job, but looking
it up is more work than writing the loop. (And a lot of them would be
replaced by a Vector/List/Sequence container if I had one.)

But just looking at the spam filter I'm working on at this moment: The
average loop length is about 25 lines, the mean is around 8 lines. (There
are more short loops than I would have guessed. But most of them wouldn't
exist if I had a container to use instead - most of them are insert-at-end
or delete-specific-item from a list.)

...
> You give the inline on the actual.  In non-sharing implementations,
> that should apply inside the instance.  And the iterator procedure
> itself can be inlined, too.

At which point, you *equal* the performance of the active iterator. And only
if *everything* goes right. The OP claimed that the passive iterator would
always have better performance, and that's certainly not true for the vector
container. I doubt that it would be true for the Map container, either. It
could be true for a complex container, but those aren't commonly used.

****************************************************************

From: Alexandre E. Kopilovitch
Sent: Saturday, February 7, 2004  7:55 PM

Martin Krischik wrote:

> > > The only sequence container in the proposal is a vector,
> >
> > Ah, yes, it's Sequence - quite right name for that container (and not Vector).
>
> No, in my book elements in a Sequence have only a relative positions, or at
> least the relative position is the primary position and absolut position is
> only the secondary.

I don't know in which domain your book was grown up, but I can assure you that
in mathematics (and by extension in physics and other natural sciences as they
use mathematical apparatus) elements of a sequence are commonly indexed, and
those indices are always treated as absolute position (which may be zero or
even negative). By the way, your book is also certainly not from Biology/Genetics,
where term "sequence" is used heavily, and they often speak about both absolute
and relative positions in sequences.

We have clearly different usage of terms "vector" and "sequence": substantial
part of today's software engineering (tools and books) use them one way, while
mathematics (and all natural sciences that use it heavily) always use them another
way.

So all the argument here about Vector/Sequence here is about Ada's choice of
preference: will Ada choose software engineering (effectively, Java and C++
libraries) side or mathematical/scientific side on this issue.

I suppose (or hope) that the thesis "Ada is for problem space, not for solution
space" implies the latter.

****************************************************************

From: Martin Krischik
Sent: Sunday, February 8, 2004  11:40 AM

> I don't know in which domain your book was grown up, but I can assure you

It's the english dictornary: "Aufeinanderfolge, Reihenfolge, Szene,
Zeitfolge". Ah, you don't speak german. Well let's look for "Reihenfolge" in
a rushian dictornary (and have a fight with my wives rushian keyboard):
"???????????".

Asking my wives what it means she said "one after the other, queue".

> that in mathematics (and by extension in physics and other natural sciences
> as they use mathematical apparatus) elements of a sequence are commonly
> indexed, and those indices are always treated as absolute position (which
> may be zero or even negative). By the way, your book is also certainly not
> from Biology/Genetics, where term "sequence" is used heavily, and they
> often speak about both absolute and relative positions in sequences.

I have spend 4 years in Great Britain I am shure if I ask anyone on the street
there "what is a sequence" he or she will answer somthing like "one after the
other" - and that is relativ positioning.

> We have clearly different usage of terms "vector" and "sequence":
> substantial part of today's software engineering (tools and books) use them
> one way, while mathematics (and all natural sciences that use it heavily)
> always use them another way.

Even when it comes done to software engineering: IBM's Open Class Library has
a Sequence - for relativ positioning  getFirst, getNext, insertAfter. Usualy
used to fill listboxes.

> So all the argument here about Vector/Sequence here is about Ada's choice
> of preference: will Ada choose software engineering (effectively, Java and
> C++ libraries) side or mathematical/scientific side on this issue.

I don't like the STL that much. So I am not realy defending "vector".

> I suppose (or hope) that the thesis "Ada is for problem space, not for
> solution space" implies the latter.

I agree with you on that too.

But I think we are off topic here.

****************************************************************

From: Marius Amado Alves
Sent: Saturday, February 7, 2004  8:41 PM

Randy Brukardt wrote:

>The 'committee' primarily adopted the existing proposal submitted by Matt
>Heaney. We decided not to change any of the major design decisions of that
>proposal - because no package will suit everyone or every need, and we felt
>it was more important to standardize something coherently designed for most
>needs than to fiddle endlessly with it and risk introducing serious bugs.
>
>Which is to say, I don't know. :-)

I do: there is none (except perhaps the implicit one: ease of
implementation). On the other hand, there is a rationale for indefinite
elements. This requirement has been largely felt and voiced since ever,
and I included it in my Bases document (I think stored in alternative
1), and even formulated it as an Annex (stored in alternative 2 but
applicable to any alternative). But I've always seemed to feel some
resistance from Matt and the ARG. Which resistance I find inexplicable.
I really don't see how making the element type indefinite may
"compromise coherence" or "introduce bugs". Sure it complicates the
implementation. But the increase in power for the user is a quantum
leap, as it frees him from doing tricky memory management in many
situations. In my proposed Annex I included this passage from someone
who should be dear to at least one person in that group--perhaps in the
hope of making those strange walls of resistance just shiver a bit:

<<If I ask a student whether her design is as good as Chartres, she often smiles tolerantly
at me as if to say, "Of course not, that isnt't what I am trying to do.... I could never do
that." Then, I express my disagreement, and tell her: "That standard *must* be our
standard. If you are going to be a builder, no other standard is worthwhile.">>
  -- Cristopher Alexander, Foreword to [Gabriel 1996]

****************************************************************

From: Randy Brukardt
Sent: Saturday, February 7, 2004  9:20 PM

> I do: there is none (except perhaps the implicit one: ease of
> implementation). On the other hand, there is a rationale for indefinite
> elements.

Perhaps. But that wasn't the question. The question was why aren't there
indefinite *keys*.

...
> But I've always seemed to feel some
> resistance from Matt and the ARG.

Given that the "ARG" (other than the subcommittee) has not yet looked at
these proposals, that's a pretty bizarre statement.

...
> I really don't see how making the element type indefinite may
> "compromise coherence" or "introduce bugs". Sure it complicates the
> implementation.

And, on most implementations, I would expect it to make it *many* times
slower. (It wouldn't have any effect on Janus/Ada, I don't think, because we
already have to allocate an element at a time anyway.) I would guess that it
is that efficiency concern that Matt is responding to. But I'll let him
respond himself...

****************************************************************

From: Marius Amado Alves
Sent: Sunday, February 8, 2004  6:26 AM

>... that wasn't the question. The question was why aren't there
>indefinite *keys*.
>
Oops... sorry.

Curiously enough if you have indefinite elements the requirement for
indefinite keys looses strength: you can then use elementary containers
or indefinite element positions as keys.

>...
>
>>But I've always seemed to feel some
>>resistance from Matt and the ARG.
>
>Given that the "ARG" (other than the subcommittee) has not yet looked at
>these proposals, that's a pretty bizarre statement.

Just a feeling. The proposals are there in the AI, and there was some
discussion.

>>I really don't see how making the element type indefinite may
>>"compromise coherence" or "introduce bugs". Sure it complicates the
>>implementation.
>
>And, on most implementations, I would expect it to make it *many* times
>slower....

No. The system should chose at compile time a specific body according to
the 'Definite attribute of the actual element type.

Aside. Of course there is still no standard means to do this, but it
would be a nice extension. Conditional compilation of generic bodies
based on instantiation properties. Variant units :-)
  generic
    type T is private;
    ...
  package G is
    when T'Definite =>
      ...;
    when others =>
      ...;
  end;
(On the subject of conditional compilation, see also the recent Ada
Preprocessor thread on CLA.)
In the meanwhile, there is no requirement that Ada.Containers be
implemented strictly in Ada, is there? I doubt any Ada 95 container
(arrays, files) is.
End of aside.

So no coherence problem, nor bugs, nor efficiency problem :-)

****************************************************************

[Editor's note: For continuing mail on this AI, see AI-00302-04.]

****************************************************************

Possible improvements from the original author (Matt Heaney), February 18, 2004

o The vector container declares a subtype of its generic formal index type:

   subtype Index_Subtype is Index_Type;

This turns out to be very useful when you need to keep track of what is
the range of the vector container index type.  I had a real headache
when writing an app when I switched from Positive to Natural, and it's
because I didn't use an index subtype.

We could generalize this for all the containers.  For example the map
container would look like this:

   subtype Key_Subtype is Key_Type;
   subtype Element_Subtype is Element_Type;

This turns out to be useful when you need to instantiate the
Generic_Element function, which you can do using just the subtypes:

   type Element_Access is
      access all XXX_Maps.Element_Subtype;

   function To_Access is
      new XXX_Maps.Generic_Element (Element_Access);


o There is an open issue about what value Sorted_Sets.Find should return
if Find fails to find the search item.  It could either be Null_Cursor
or it could be the value Back (Set).  (The API now says that it's the
value Null_Cursor.)

The benefit of Null_Cursor is that detecting accidental deferences of
the return value of a failed search is easy, since the internal access
object is null.  However, that breaks symmetry with searches over a
sequence, which fall off the end onto Back when the search fails.

If we were interested in trying to prevent any dereference of the Back
sentinel node of a set, one possibility would be to give the sentinel
node a special color (assuming that the set is implemented as a
red-black tree, of course), and then test that in the dereference
operations Element and Generic_Element.

But this might be too paranoid, and there are probably many wrong ways
to dereference a cursor that I can't even imagine.  And an implementor
might use some other data structure that makes the detection difficult
or impossible.

So we could just return Back and not worry about accidental
dereferences.  (I don't have any data to suggest that accidental
deferences would even be a problem.) I'm beginning to think that I was
being a too conservative when I said Find should return Null_Cursor
instead of Back, and I'm concerned now about the inconsistency.


o This also illustrates the fact that support for aggregate-style
operations in the current spec is weak, mostly supporting manipulation
of elements one-at-a-time.

If we are interesting in a vector being a component for manipulation of
unbounded arrays then there are operations in Ada.Strings.Unbounded that
might be useful, such as Replace_Slice and Overwrite.

One of the errors in Ada.Strings.Unbounded was that to insert an
aggregate of elements (characters) into the string you have to insert an
array type.  But suppose you only have another Unbounded_String?  We can
generalize insert to allow insertion of a vector or a vector slice into
another vector, like this:

   procedure Insert (Vector   : in out Vector_Type;
                     Before   : in     Index_Type'Base;
                     New_Item : in     Vector_Type);

   procedure Insert (Vector   : in out Vector_Type;
                     Before   : in     Index_Type'Base;
                     New_Item : in     Vector_Type;
                     First    : in     Index_Type'Base;
                     Last     : in     Index_Type'Base);

That's just insertion.  Slice assignment could be done using:

   procedure Replace_Elements (Vector : in Vector_Type;
                               Low    : in Index_Type'Base;
                               High   : in Index_Type'Base;
                               By     : in Element_Type);

which provides the vector analog of

   V (I .. J) := (others => E);

We have also discussed assignment operations.  A vector is non-limited
so of course you can say:

   V1 := V2;

This replaces the target with the entire range of source.  Another
possibility is to assign to the target just a slice of the source:

   V1 := V2 (I .. J);

Both of these operations would look like this:

   procedure Assign (Target : in out Vector_Type;
                     Source : in     Vector_Type);

   procedure Assign (Target : in out Vector_Type;
                     Source : in     Vector_Type;
                     Low    : in     Index_Type'Base;
                     High   : in     Index_Type'Base);

We could generalize further still.  The operation

   procedure Assign (Target : in out Vector_Type;
                     Source : in     Element_Type;
                     Count  : in     Element_Count);

is the vector analog of

   subtype Array_Subtype is Array_Type (1 .. Count);

   V1 := Array_Subtype'(others => Source);


Assign operations might also be more efficient than constructor
functions, since the target can be built in place, without any
controlled finalization and adjustment.

Assignment operations are probably more efficient but it might make
sense to have constructor functions too:

   function To_Vector (Length : Element_Count)
     return Vector_Type;

   function To_Vector (Source : Vector_Type;
                       Low    : Index_Type'Base;
                       High   : Index_Type'Base)
     return Vector_Type;

   function To_Vector (Source : Element_Type;
                       Count : Element_Count)
     return Vector_Type;

Another possibility is to provide concatenation operators, too.


o The aggregate Delete operation looks like this:

  procedure Delete (Vector  : in out Vector_Type;
                    First   : in     Index_Type'Base;
                    Count   : in     Natural);

But this also feels wrong, since it specifies the first index and a
count.  Count should probably be reserved for aggregate-style
insertions.  The analog in Ada.Strings.Unbounded is declared like this:

   procedure Delete (Vector  : in out Vector_Type;
                     From    : in     Index_Type'Base;
                     Through : in     Index_Type'Base);

This seems better since it specifies the range using a more traditional
Ada closed-range style.


o The Resize operation is the analog of the reserve() operation in the
STL std::vector class.  However, there is no real analog of the resize()
operation in std::vector, a member function which expands the internal
array as necessary, and sets the number of elements to the specified
value.

You can do this using other operations but its awkward.  It might be
better to provide an operation like:

   procedure Set_Length
     (Vector : in out Vector_Type;
      Length : in     Element_Count);

which sets the length directly.

Randy asked whether this would leave "holes" in the vector.  But there
are no real wholes, since it's just a contiguous array under the hood
and so the normal initialization rules for array components apply.


o There has been interest in passive iterators for the vector.  We
should probably include them.  Here's what they look like:

   generic
      with procedure Process
         (Element : in Element_Type) is <>;
   procedure Generic_Constant_Iteration
      (Vector : in Vector_Type);

   generic
      with procedure Process
         (Element : in out Element_Type) is <>;
   procedure Generic_Iteration
     (Vector : in Vector_Type);

   generic
      with procedure Process
         (Element : in Element_Type) is <>;
   procedure Generic_Constant_Reverse_Iteration
     (Vector : in Vector_Type);

   generic
      with procedure Process
          (Element : in out Element_Type) is <>;
   procedure Generic_Reverse_Iteration
     (Vector : in Vector_Type);


o I discussed aggregate-style operations for vectors above.  Another
possibility is to declare an array type, and provide operations that
operation that have an array parameter.  Something like:

   type Vector_Elements is
      array (Index_Type range <>) of aliased Element_Type;

[Editor's note: This only works for definite elements, of course.]

and then provide operations like:

   function To_Vector (Source : Vector_Elements)
      return Vector_Type;

   function To_Array (Source : Vector_Type)
      return Vector_Elements;

   function Slice (Vector : Vector_Type;
                   Low    : Index_Type'Base;
                   High   : Index_Type'Base)
     return Array_Type;

   procedure Assign (Target : in out Vector_Type;
                     Source : in     Array_Type);

   procedure Copy (Source : in     Vector_Type;
                   Target :    out Array_Type;
                   Last   :    out Index_Type'Base);

etc.

Yet another possibility is to declare a nested generic that declares a
generic formal array type, so the user can specify his own array type:

   generic

      type Array_Type is
         array (Index_Type range <>) of Element_Type;

   package Generic_Arrays is

      function To_Vector (Source : Array_Type)
         return Vector_Type;

      function To_Array (Source : Vector_Type)
         return Array_Type;
      ...
   end Generic_Arrays;


o There is still some debate about the exact nature and purpose of the
vector container.  My model (and I think Bob Duff's model) is that a
vector is implemented internally using an unconstrained array.  A vector
allows insertion at any position, but it is specifically optimized for
insertion at the back end.

One of the benefits of the STL std::vector is that you can do this:

   vector<HANDLE> v;

   v.push_back(h1);
   v.push_back(h2);

   const HANDLE* const ph = &v[0];
   const DWORD n = v.size();

   WaitForMultipleObjects(n, ph, INFINITE);

In other words under the hood a vector is just a normal C-style array.
You're allowed to take the address of a vector element and the language
guarantees that the elements are in contiguous memory, as if they had
been declared as elements of a plain array.

The Ada vector container should follow the same model.  It doesn't make
any sense to try to improve (say) insertions in the middle of a vector,
since there are other perfectly-good containers for that (like a list).


o There was some discussion about providing a stable sort, too.  We
could even provide a partial sort.


o There seems to be interest in being able to sort arrays, too.  A
generic operation for sorting an array would look like:

generic

   type Index_Type is (<>);

   type Element_Type is private;

   type Array_Type is array (Index_Type range <>) of Element_Type;

   with function "<" (Left, Right : Element_Type)
      return Boolean is <>;

procedure Ada.Containers.Generic_Sort_Unconstrained_Array
  (Source : in out Array_Type);

pragma Pure (Ada.Containers.Generic_Sort_Unconstrained_Array);


There would be an analogous operation for sorting a constrained array.
You could generalize further still, and provide an operation for sorting
any container having a cursor with the requisite properties (such as a
difference operator, etc).


o We could generalize the vector sort by allowing the user to pass in a
Swap operation for vector elements. The generic operation could have a
named default (that does swapping using normal assignment):

   procedure Swap
     (Vector : in Vector_Type;
      I, J   : in Index_Type'Base);

   generic

      with function "<" (Left, Right : Element_Type)
         return Boolean is <>;

      with procedure Swap
        (Vector : in Vector_Type;
         I, J   : in Index_Type'Base) is Vectors.Swap;

   procedure Generic_Sort (Vector : in Vector_Type);

This would be useful for elements that are expensive to copy, say that
are implemented as a controlled type that contains a value by
reference.  The swap for that element could then just swap the pointers,
instead of finalizing and then adjusting controlled objects.

****************************************************************

Comments on parameter names, Randy Brukardt, April 16, 2004.

Most of the parameter names in the containers libraries are "Container".

We considered using more functional names. We started with Insert:

   procedure Insert (Container : in out Vector;
                     Before    : in     Cursor;
                     New_Item  : in     Element_Type;
                     Count     : in     Size_Type := 1);

One possibility would be to use what Ada.Strings.Unbounded uses. The parameter
there is named "Source". That appears to be for compatibility with the
function version of the routine, but it is clearly inappropriate for a
procedure. So no help there.

Another possibility would be to use "Into":

   procedure Insert (Into     : in out Vector;
                     Before   : in     Cursor;
                     New_Item : in     Element_Type;
                     Count    : in     Size_Type := 1);

which makes nice named calls:

   Insert (Into => My_Vector, Before => Blob, New_Item => An_Item);

Similarly, Append and Prepend could use "To":

   procedure Append (To       : in out Vector;
                     Before   : in     Cursor;
                     New_Item : in     Element_Type;
                     Count    : in     Size_Type := 1);

And Delete could use "From":

   procedure Delete (From     : in out Vector;
                     Position : in     Cursor;
                     Count    : in     Size_Type := 1);

but then "Position" should really be "At" -- except that it's reserved in Ada.

And Replace_Element and Find should use "In", but that is clearly not going
to work. We could use "Inside", but that's a stretch.

Then, we'd have to find something to use for the various functions. The
existing:
    function Last (Container : Vector) return Cursor;
makes as much sense as anything I can come up with.

I don't think that the above buy enough to change Matt's choices (except for
a couple obvious mistakes, already fixed).

****************************************************************

From: Randy Brukardt
Sent: Friday, September 3, 2004  7:43 PM

This document lists significant changes between AI-302-3/05 (which for the
most part reflects the Palma meetings conclusions) and AI-302-3/06 (which
reflects more recent e-mail discussions and experience). Simple typos aren't
listed. I've numbered the changes for easy reference. Most of these require
no discussion. A few questions about issues that require some discussion are
at the end.

 1) !summary: Changed (vectors) => (vectors and lists) to reflect both kinds
of sequence containers.

 2) !proposal: The summary of the semantics of hashed containers is
simplified to be less precise (it was too specific to a particular
implementation).

 3) The name of the Count parameter of To_Vector was changed to Length,
given that that is what it signifies.

 4) The name of the Count parameter of Set_Capacity for Vectors was changed
to Capacity, given that that is what it signifies. (Note that the Map one
already called it Capacity in the spec., so there also was a consistency
issue.)

 5) The container to Generic_Sort has been made class-wide. Generic units
are not primitive operations, and it is usually a mistake to use specific
tagged types in non-primitive operations. By making it class-wide,
instantiations are directly usable by any extensions. Note that
implementations should take care not to dispatch to primitive operations of
Vectors and Lists in the implementations of these routines; the routines are
defined in terms of semantics, not primitive routines, and thus any
overridings could have the wrong semantics.

 6) For vectors, the two Find operations could be ambiguous if the default
parameters are used. For instance:
    Op (Find (V, E));  --  index-based or cursor-based Find?
Therefore, the index-returning Find was renamed to Find_Index. This is
similar to the way the ambiguity was handled for First and Last. A similar
change was made for Reverse_Find. (Note: We change the index version, so
that the cursor-based version has the same name and profile for all of the
containers.)

 7) function Is_In (Item      : Element_Type;
                    Container : Vector) return Boolean;
was replaced by
    function Contains (Container : Vector; Item : Element_Type) return
Boolean;
This new profile allows users to use prefix notation on calls:
   if Obj.Contains (Element) then ...
This was discussed on Ada-Comment; the only advantage of the first profile
is that it is similar to that used in Ada.Strings. But most people thought
"Contains" sounds more natural, and they want to be able to use prefix
notation.

 8) The names Iteration and Reverse_Iteration were changed to Iterate and
Reverse_Iterate; they should be a verb. The process routines should have a
parameter of Cursor. The latter was purely a cut-and-paste error (repeated
everywhere). Similarly, the text about Elements following Iteration for maps
should be after Update_Element for maps.

 9) Added text to insure that inserting a null vector into a vector never
raises an exception. This is needed to insure that all of the inserts are
consistent on this point. (The base Insert already has this wording.)
Otherwise, the shorter Inserts
would raise an exception for an index out of range, and the basic one would
not. This behavior is needed so that inserting a empty vector into another
empty vector does not fail (we don't want to have to require testing for
non-empty before doing an Insert).

10) The description of Delete_Last for Vector was simplified to use Clear
instead of Delete when everything will be deleted.

11) The AARM note after Delete for Vector was corrected to use Last_Index
rather than length; the note as written presumed that First_Index = 1 (the
classic incorrect Ada assumption about arrays).

12) Added wording to say that Last_Index returns Index_Type'First - 1 if the
container is empty. That makes it clear what the result is, as the position
of the last element isn't defined in that case (since there are no elements
in the container).

13) Insert for lists had a wording correction to plural so that it is
obvious that multiple elements can be inserted (the wording originally was
copied from the single element version, which was dropped in favor of a
default parameter of 1 for the Count).

14) Corrected AARM notes for Insert, Delete, Find for Hash to say "should
only compare keys" instead of "should only compare elements", as it is the
keys that are compared, not the elements.

15) function Key (Position : Cursor) return Key_Type was added to the
specification
of Generic_Keys inside of Ordered_Sets. This operation matches one declared
in Hashed_Maps, and we want these containers to be as similar as possible.
The operation was originally omitted because there was no key read function
in the generic spec; now that one has been added, there is no reason to omit
this function.

16) Added wording so that if something outside of the package Hashed_Maps
changes a
key value, the behavior of the package is unspecified. If a key includes an
access-to-variable component, and the designated object of the access
component takes part in hashing or equality, then it is impossible to
guarantee the behavior of the package. The key could be changed even without
any call into the package at all (if a copy of the access is saved
somewhere).

This really is a user error, similar to passing in a hash function that
doesn't provide the same results when called with the same key. Moreover,
implementations can't protect against it even if they wanted to, since it
can happen without any access to the Hashed_Maps package.

Similar wording was added to Ordered_Sets, as elements could have similar
problems.

17) Changed the name of the parameters of Is_Disjoint to Left and Right.
This operation is communative, and might was well have parameter names
similar to Union and Intersection. OTOH, Is_Subset is neither communative
nor "common knowledge". Thus, its parameters were named "Subset" and
"Of_Set", so it is clear which is the subset that is being tested. This is
clearly preferable in named prefix calls:
    Obj.Is_Subset (Of_Set => Obj2);
which is crystal-clear which is being tested to be a subset of which set.
(This operation is not common enough for readers of code to "know" which
operand is which.)

18) Pragma Pure was added to the array sort subprograms.

19) Matt made a number of improvements to the !examples section, adding and
reordering examples.

20) The following was added to all of the containers:
   procedure Query_Element
     (Position : in Cursor;
      Process  : not null access procedure (Element : in Element_Type));
This is valuable for reading large elements without copying them. For Sets,
this also avoids the need to check if the key was modified (meaning it can
be used even without defining a key). Since the key check could be
expensive, this is a significant savings. The routine was added to all of
the containers for consistency.

21) Nick Roberts points out that now that Index_Type is an integer type, it
is a lot simpler and clearer to say Index_Type'First-1 rather than
Index_Type'Pred(Index_Type'First). I've made this change generally.

22) Nick also pointed out that "any exceptions raised ... are propagated"
should be singular, as only one exception can be raised by a routine.
(Unless, of course, there are multiple operations in the "...").

23) Nick asked for an AARM note to clarify the purpose of the pragma Assert
in the
Vectors package. This was added.

24) Nick asked for the introductory description of length and capacity for
vectors to
be clarified (as it used "length" in the description of capacity, among
other sins).

25) Nick asked that the list of containers in Language Design Principles be
put in the order that they're defined in the text. He also asked that the
statement about
separate definite and indefinite versions be stated more clearly.

26) Update_Element for Sets has been renamed Checked_Update_Element, as it
is different from the other Update_Elements both in profile (the Set is
included in the
call) and in semantics. This is necessary because the routine may be forced
to delete the element and raise Constraint_Error if it is modified to match
an existing key. In that case, the set itself will need to be modified;
potentially including pointers in the implementation such as First or Last.
Thus the profile must be different.

27) At Palma, we decided that Swap should always swap elements, not nodes.
(Thus, the cursors would point at the changed elements afterwards). However,
this suffers from two major problems: First, it isn't necessarily possible
for indefinite types. It is not possible to copy the elements between nodes
(because they are potentially different shapes or even types), and it is
possible (although one would have to leave Ada to do it) to put the elements
directly in the nodes. Second, the purpose of the swap operations is to
provide better performance than the user can get from manually copying the
elements. But, that clearly requires swapping the nodes for a list. Only a
novice programmer would write a list swap that *copied* the designated
objects.

Similarly, if there is inherent indirectness in a container implementation,
we want to allow Swap to take advantage of it.

Therefore, we didn't change the semantics of Swap for lists. Rather, because
the vector operation is different, we renamed it to Swap_Elements. This will
prevent problems if a container is switched from a vector to a list or vice
versa.

I added some AARM notes to explain the difference and the reasons.

Matt pointed out that the Container parameter to Swap_Elements for cursors
is unnecessary; it violates our meta-rule that Container parameters are only
included on  cursor operations if the cardinality of the Container may
change. It was removed, since there is no longer a need to be the same as
the list Swap.

28) The Success parameter of Insert for Maps and Sets was changed to
Inserted. Success is a boolean parameter, and Success = False implies some
sort of failure or error. But it is not an error (necessarily) for Insert to
return this value; it just means that the item was previously in the Map or
Set. The caller of Insert must decide if Inserted = False is an error
(failure) or if it is intended behavior. Thus we select a name that doesn't
have a strong connotation.

29) The Replace operation of Maps was renamed Insert_Or_Replace. This
operation has insertion semantics (if the key is not in the map) or
replacement semantics otherwise. Thus the name change; it's confusing
without it. (The suggestion of renaming it to Insert has the same problem,
in the other direction). It's a useful shorthand, especially as it does not
have the Out parameters of regular Insert. If all you need to do is stick
something into the map, and only care that it ends up there, this is the
operation to use.

A similar operation was defined for Sets. This operation is named Insert,
because it has no replacement function (the element is unchanged if it is
already in the map). Again, it is useful if you want to add an element to a
Set, and have no need to worry about whether it is already there or where it
ended up. (This operation was requested by users on Ada-Comment, noting that
defining 'dead' objects to receive return values that they don't care about
is ugly and possibly dangerous.) For more on this subject, see Question Q5.


Questions:

Q1) Find_Index returns Last_Index (Container) + 1 if the element is not
found. This seems consistent to me (it's past the end of the container in a
forward search), but Matt worries that First_Index (Container) - 1 might be
thought of as better. The trouble with First_Index (Container - 1 is that
you can't put it into an object:

    declare
        I : Index_Type := Index_Type'First;
    begin
        I := Find_Index (Vect, Item, I);
        while I <= Last_Index (Vect) loop
            -- Do something to the element I.
            I := Find_Index (Vect, Item, I+1);
        end loop;
    end;

If Find_Index returned Index_Type'First - 1, saving the result of Find_Index
would raise Constraint_Error if the item is not found. That's not what we
want, I think.

Q2) The parameters to Generic_Merge have not been made class-wide (even
though the comments about non-primitive operations with specific tagged
parameters mentioned for Generic_Sort hold here, too). That's because both
parameters need to be the same type. An alternative would be to make them
class-wide, and then have a runtime check (of the actual tags) that they
actually are the same type. But that is not very O-O. A third possibility
would be to repeat the type in the generic spec:
   generic
       type List_Type is new List with private;
       with function "<" (Left, Right : Element_Type)
          return Boolean is <>;
    procedure Generic_Merge (Target : in out List_Type;
                             Source : in out List_Type);

But that is not very consistent with the rest of the specification. Some
guidance would be helpful here.


Q3) The generic formal part for maps has:
   with function "=" (Left, Right : Key_Type)
      return Boolean is <>;
   with function Is_Equal_Key (Left, Right : Key_Type)
      return Boolean is "=";
Matt wonders why both operations are needed; his reference implementation
never uses "=". This came from the Palma meeting; it's mentioned explicitly
in the meeting minutes. The intent is that Map equality use "=" rather than
Is_Equal_Key. The idea is that Maps that compare equal have no visible
differences. Consider a map with keys that are strings representing numbers.
Is_Equal_Key probably would compare the 'Values of the keys (so "0046" and
"46" would be the same), but "=" would just compare the strings.

The other reason is that Is_Equal_Key often will not be native equality (as
in the example above). But it will be often enough that we want to be able
to provide "=" as a result.

However, Map equality is not an important operation; it exists simply
because the type is non-limited and thus we have to define it. Arguably, the
extra operation doesn't buy much. It doesn't cost much, either, as it will
never need to be specified in an instantiation as long as named notation is
used.

Matt points out that the reason this operation is called "Is_Equal_Key" is
that otherwise there would be two "=" operators in the formal part, and that
would prevent using named notation for either. Moreover, it is not
unreasonable (see above) for the user to override the key equality. So, if
one is dropped, it would have to be the "=" operation.

I did add some text specifying the required relationship between "=" and
Is_Equal_Key: if "=" returns True for some operands, then Is_Equal_Key also
returns True for those operands. I also added some text about the design
need to give key equality a different name than "=" in order to allow named
notation in instantiations.


Q4) Set_Capacity is defined to raise Constraint_Error if Length (Container)
> Count. Matt would prefer that this case is not separately handled. He
would like
    Set_Capacity (M, 0)
to be a shorthand for setting the Map or Vector to the smallest reasonable
size. (I find this a bit odd, as Matt never wanted this routine to even
allow smaller values. But whatever.) Note that just dropping the check would
not be enough; we'd have to redo the description of the operation to say
that the capacity is set to at least Count_Type'Max (Count, Length
(Container)) -- because we don't want this operation to drop elements. I'm
unsure that the benefit is worth the change, and it seems like a bug to me
to try to set the capacity of a container to be smaller than the number of
elements it holds.


Q5) There is a lot of confusion about the meaning of the Insert operations
for maps and sets. The changes outlined in (29) above should help.

However, the semantics of the Insert that does not return an Inserted value
remain controversial. Five possible behaviors were identified for Maps:
   1) Insert raises an exception when the key is already in the map;
   2) Insert does nothing when the key is already in the map;
   3) Insert replaces the existing element when the key is already in the
map;
   4) Replace raises an exception when the key is not already in the map;
   5) Replace does nothing when the key is not already in the map.
(One could imagine a Replace that inserts when not found, but that is just
choice 3.)

Convincing examples were shown for virtually all of these semantics. Note
that replacement semantics (choices 3 through 5) make less sense for Sets,
as you would be replacing an equivalent element. However, since it certainly
possible for an element to have components that do not participate in the
equivalence test, it is easy to imagine examples where such replacements
make sense.

It was suggested to provide all of these operations with different names,
but that requires coming up with five sets of names, with the resultant
clutter and confusion. (And this is on top of the Insert that returns a
Position and Inserted result.) Moreover, all of these routines can be
written using other primitives. We therefore decided to provide (3) for Maps
and (2) for Sets.

Another suggestion was to use an enumeration similar to the ones in
Ada.Strings. Then we'd have:

type Exists_Action is (Error, Ignore, Replace);

procedure Insert (Container : in out Map;
                  Key       : in     Key_Type;
                  New_Item  : in     Element_Type;
                  If_Exists : in     Exists_Action := Error);

type Nonexistent_Action is (Error, Ignore, Insert);

procedure Replace (Container : in out Map;
                   Key       : in     Key_Type;
                   New_Item  : in     Element_Type;
                   If_Nonexistent : in     Nonexistent_Action := Error);

The objections to this idea boiled down to two: this is control-coupling,
and that some people hate the design of Ada.Strings; they find it hard to
find or remember the names of the parameters.

Several people suggested that control-coupling was preferable to a forest of
routines, or one routine with non-intutive semantics. Moreover,
control-coupling is mainly a problem for the implementer of a routine; it is
not bad for the user of a routine, and make in fact increase the options
available to them.

I personally am in favor of this sort of solution, because (1) it allows
using simple names for the routines, without surprise semantics; (2) it
allows dodgy cases to be errors by default, while allowing the specification
of other behaviors when needed (which is makes using the library safer, by
cutting surprise behavior); (3) it doesn't force users into using the
Position-returning Insert when they don't need the Position for a later
operation.

However, it does slightly complicate the specifications of the packages, and
it only got lukewarm support, so the decision has been left to the ARG.


Q6) Tucker has mentioned that he often has components in the key of a map
beyond the actual key participating ones. (This is similar to the behavior
of a set; if we had a Hashed_Set this probably would be less of an issue.)
For that to be effective, it would be necessary to change a key that is
already in a map. Currently, neither Replace_Element nor Insert_or_Replace
change the value of a key that is in the map; only the element is changed.

In order to get the sort of semantics that Tucker seems to be suggesting,
we'd need a way to change the value of a key. But such an operation would
potentially change the location of the element, so it could be fairly
expensive. Moreover, it would likely require allocation even if the hash
didn't change for the indefinite form of the container.

Finally, whether or not the key is replaced would seem to be another
(orthogonal) option for the Insert routine "6) Insert replaces the key and
the element when the key is already in the map; 7) Insert replaces the key,
leaving the element unchanged when the key is already in the map".

This complication doesn't seem worth it to me, but as it came up very late,
the entire ARG needs to discuss the issue.

****************************************************************

From: Randy Brukardt
Sent: Monday, October  3, 2004  xx:xx PM

Here is a listing of the AI-302 updates that I made beyond those discussed at
the meeting. These mostly have come up in more recent e-mail discussions.

1) Moved the AARM noted describing the now removed Assert to a (user) "Note".
   The fact that instantiating Ada.Containers.Vectors with a type for which
   Index_Type'Base'First = Index_Type'First will raise Constraint_Error is
   obvious from reading the spec. carefully -- but it seems to me few users
   will read that carefully. The note reads:

  If Index_Type'Base'First = Index_Type'First an instantiation of
  Ada.Containers.Vectors will raise Constraint_Error. A value below
  Index_Type'First is required so that an empty vector has a meaningful
  value of Last_Index.

2) Matt pointed out that Insert expects to be passed Index_Type'Last + 1 in
   some circumstances. In particular, inserting nothing into a full vector is
   not expected to  raise an exception (to be similar to similar array
   operations). We want to include that value in Extended_Index as long as it
   actually exists. (Unlike the lower bound, we don't want to insist that this
   value exists, because if we did, we wouldn't be able to instantiate this
   generic with Positive or Natural.) So, we changed the declaration of
   Extended_Index to:

   subtype Extended_Index is
      Index_Type'Base range Index_Type'First-1 .. Index_Type'Last +
          Boolean'Pos (Index_Type'Base'Last > Index_Type'Last);

   This declaration allows both special values (if they exist) and no others.


3) Replace and Exclude operations matching the ones in the Ordered_Sets were
   added to the Generic_Keys generic, as it is odd that Delete was in there and
   not the others. (The intent is that this package closely match Hashed_Maps
   [and Ordered_Maps, if it ever is defined] - as many operations on keys in
   Hashed_Maps should be represented here as possible.) Insert and Include were
   omitted, as there could be no guarentee that the Key passed in matches the
   one in the Element passed in. (We could check, of course, but that seems
   like going too far; moreover, it's hard to imagine how these could be used.)
   Replace simply doesn't worry about it; it is defined in terms of Replace
   (see below), replacing the element referred to by the Key. Thus it works
   similarly to Checked_Update_Element.

   Replace_Element (Container, Cursor, New_Item) also has been added to the
   Set itself, as there is not a Replace_Element for a set. This tries to
   replace in place, but will do an insert/delete if necessary. [Should this
   have a different name? The profile and semantics are a bit different than
   the normal Replace_Element?]


4) The definition of *cursor* was buried in the introductory AARM text. I moved
   that into the introductory paragraphs of A.18, so that it appears in the
   normative text. Readers of the standard should be presented the basic model
   of the containers.

5) The index forms of Element, Replace_Element, Query_Element, and
   Update_Element took Index_Type'Base for some reason, but passing No_Index
   raises Constraint_Error. So I changed these to Index_Type, so that the
   specification doesn't allow No_Index to be passed.

6) Added an erroneous case for abuse of the Process procedure of Query_Element
   and Update_Element. This usually looks like:

  Execution also is erroneous if the called Process procedure of a call to
  Query_Element or Update_Element executes an operation that causes the
  Position cursor of Query_Element or Update_Element to become invalid.

For lists, maps, and sets, the only problem occurs if the element is deleted
directly, or if the container is finalized (via Unchecked_Deallocation).
Insertions and other Deletions don't matter, as the nodes are logically
separate.

For vectors, the rule also includes ambiguous cursors. An insert or delete to
the left of the cursor will move the elements; if the element is passed by
reference, that will clobber the element being operated on with unknown
effects. We don't want to require that optimization is off in Process
subprograms! The vector version also requires wording to cover the index
version of the routines.

I'd like to suggest that we consider adding a check that the element being
processed is not deleted by the Process procedure. This check requires only a
bit per node (or a short list of elements in process), and covers all of the
new dangerous cases for most of the containers. (Bad use of
Unchecked_Deallocation is hardly new to the containers, and Move will not
actually cause problems in practice, as the nodes are not changed, just the
container that they belong to.) Deleting yourself requires contortions (the
Process routine does not have a cursor to use for this operation), and, since
it damages the element parameter, the effects could be widespread. The check
also would prevent calling Update_Element on the same element again, which
would have different results depending on the parameter passing mode (and which
makes the check cheaper). The overhead of the check would only apply to the
various Deletes and Update_Element; no other routines would need to check. The
text would be:

   If the Process procedure deletes the element designated by Cursor, or calls
   Update_Element on Cursor, Program_Error is raised.

   AARM Note: This check has to be done in the code for Delete and Update_Element,
   of course.

Making vector Update_Element safe would also require checking for any
operations that would make the cursor ambigious. (That's a bounded error in
other cases.)

7) Matt had previously made a number of suggestions about improving/correcting
   the examples. These have been integrated.

8) Delete for cursors does nothing if the cursor is No_Element for Lists, Maps,
   and Sets. (Matt says this was intended to model the effect of
   Unchecked_Deallocation.) Delete for cursors in Vectors, on the other hand,
   raised Constraint_Error in this case. I changed the wording for Delete for
   cursors in Vectors to be consistent with the other three.

(Note, however, that Delete for Keys is now defined to raise an exception if
the key is not found; the routine Exclude is defined not to raise an exception.
Thus, this is a bit inconsistent. It would be more consistent if Delete for
cursors for all containers raised an exception when given No_Element. This
doesn't seem particularly important to change, but it should be considered.)

9) Nick pointed out that Insert for Vectors was leaving the Out parameter
    Position undefined if the length of the insertion was 0. I fixed that
    wording to make it equal to Before.

10) Added an AARM note to the effect that when we say "unspecified" in this
clause (A.18), we don't mean "erroneous". If we meant "erroneous", we said
that. And included some ramifications of that (checking must not be suppressed;
don't create dangling pointers by assuming behavior of generic formals).

This intent should be written down somewhere, even if it is too complex and
error-prone to try to do so normatively.

11) Removed some implementation details from the !proposal section, which
    should be a high-level description. (Thanks to Matt for picking those up.)

12) Ada.Strings.Unbounded.Hash needs to be Preelaborated, not Pure, as its
    parent is only Preelaborated (not Pure).

13) Changed Set_Length's wording to:
  If Length is larger than the capacity of Container, calls
  Reserve_Capacity (Container, Length), then sets the length of the
  Container to Length. If Length is greater than the original length of
  Container, the added elements are empty elements.
so that this operation doesn't shrink the capacity of a vector. (It wasn't
right in the previous version, either, as it would have raised Constraint_Error
in that case.)

14) Changed the name of Ensure_Capacity to Reserve_Capacity, as "Reserve" is
    the name the STL uses, and it seems more descriptive. (See e-mail.)

15) Wording was added to Iterate for each container to say that Program_Error
is raised if the Process routine calls an operation that will modify or reorder
the container. Each container needs slightly different wording for various
reasons (nodes can be reordered in Lists; rehashing in a Map would change the
order).

This decision grew out of a discussion between Matt and me as to what exactly
the passive iterator should allow.

We both agreed that trying to implement a passive iterator that could stand
insertions and deletions of elements was hard. Morevoer, if the user needs to
do that, they can use an active iterator (that is, a loop with explicit
cursors) to do so. So, we agreed that inserting or deleting elements from
within a passive iterator was bad, and there is no need or intent support it.

The main undecided issue is what to do if the user does indeed make a mistake
and insert or delete an element from the container during a passive iterator.
There seem to be 4 possibilities:

1) Specified results (it works in some specified way);
2) Unspecified results (it works, but what it does isn't specified);
3) Erroneous (anything goes);
4) Check for bad cases and raise an exception.

(1) is clearly too burdensome on the implementation, and besides, we don't
    want it.
(2) would insure that the program wouldn't crash, but otherwise the results
    wouldn't be portable.
(3) would allow anything, implementers could ignore the possibility.
(4) would be the most portable, but there are concerns about overhead.

I originally wrote (2) using the wording: "Which cursors are presented to
Process is unspecified if..." But that seems to be a burden on implementations
for little benefit.

I object to (3), because users *will* make this mistake, and likely
implementations of the iterators would have very bad effects. If the node that
the iterator was holding onto was deleted, it probably would be
Unchecked_Deallocated, the memory might be reused, and when the pointers are
walked, just about anything could happen.

(4) seemed to have too much overhead, but once we stopped trying to support any
insertion or deletion into the container, the cost became quite reasonable. All
the implementation of the check would need is a counter (8 bits probably is
enough) in each container. When an Iterate starts, the counter is incremented;
when it completes, the counter is decremented. Each of the operations on the
list of problem operations check that the counter is zero, raising
Program_Error if the counter is nonzero.

(We don't have to worry about tasking issues, as the container object is inside
of the Iterate call the entire time. If some other task makes a call during
that time, we have bad use of shared variables, and we don't care what happens.
In fact, what will happen is that Program_Error would be raised, which is
probably a good thing.)

That has very little overhead, because virtually all of the operations in
question allocate or deallocate memory, and thus are expensive anyway, an
additional compare and branch will have no visible impact on performance.
(Sorting and Merging are also expensive; Swap_Links and Splice are the only
exceptions.) Operations that don't modify the container don't need to make any
check.

This has the advantage of making passive iterators completely safe against
problems caused by what container operations are invoked in Process. (Yes,
calling Unchecked_Deallocation on the container could still cause problems, but
that is covered by other rules of the language -- and even it would raise
Program_Error.) It also means that uses of passive iterators are safely
portable (whereas active iterators could have problems if a dangling cursor was
used) -- which gives them a clear advantage.

This check is another one that could be dropped in an "unchecked" container.

Thus, I've worded this check into all of the passive iterators.

The wording enumerates the reasons that a check is needed:
"if Process attempts to insert or delete elements into Container; or"

"modifies Container" would be too broad, as it could include replacing the
value of an element.

We need also to talk about finalization and about calling Move, as the current
wording only talks about cursors being passed to operations, not something that
happens *during* an operation. Moreover, once we decide to have a check,
including that check in the body of Finalize and Move is not difficult.

****************************************************************