Ada Conformity Assessment Authority      Home Conformity Assessment   Test Suite ARGAda Standard
Annotated Ada Reference Manual (Ada 2022)Legal Information
Contents   Index   References   Search   Previous   Next 

A.18.19 The Generic Package Containers.Bounded_Vectors

{AI05-0001-1} The language-defined generic package Containers.Bounded_Vectors provides a private type Vector and a set of operations. It provides the same operations as the package Containers.Vectors (see A.18.2), with the difference that the maximum storage is bounded. 

Static Semantics

{AI05-0001-1} The declaration of the generic library package Containers.Bounded_Vectors has the same contents and semantics as Containers.Vectors except:
{AI12-0112-1} The aspect pragma Preelaborate is replaced with aspect pragma Pure. Aspect Global is deleted.
Ramification: {AI12-0112-1} The Global aspect for a Pure package is null (see 6.1.2), so we don't need to give it explicitly. 
The type Vector is declared with a discriminant that specifies the capacity: 
{AI12-0112-1}   type Vector (Capacity : Count_Type) is tagged private...;
{AI12-0409-1} The aspect_definition for Preelaborable_Initialization for type Vector is changed to:
  Preelaborable_Initialization =>
The type Vector needs finalization if and only if type Element_Type needs finalization.
Implementation Note: {AI05-0212-1} The type Vector cannot depend on package Ada.Finalization unless the element type depends on that package. The objects returned from the Iterator and Reference functions probably do depend on package Ada.Finalization. Restricted environments may need to avoid use of those functions and their associated types. 
{AI12-0112-1} Capacity is omitted from the Stable_Properties of type Vector.
Reason: The capacity is a discriminant here, so it can't be changed by most routines; thus including it in the stable properties adds no information. 
{AI12-0339-1} In function Empty, the postcondition is altered to:
   Post =>
      Empty'Result.Capacity = Capacity and then
      not Tampering_With_Elements_Prohibited (Empty'Result) and then
      not Tampering_With_Cursors_Prohibited (Empty'Result) and then
      Length (Empty'Result) = 0;
{AI12-0112-1} In function Copy, the postcondition is altered to: if the Capacity parameter is equal to or greater than the length of Source, the vector capacity exactly equals the value of the Capacity parameter. 
   Post => Length (Copy'Result) = Length (Source) and then
           (if Capacity > Length (Source) then
              Copy'Result.Capacity = Capacity
            else Copy'Result.Capacity >= Length (Source));
The description of Reserve_Capacity is replaced with:
{AI12-0112-1}    procedure Reserve_Capacity (Container : in out Vector;
                               Capacity  : in     Count_Type)
      with Pre => Capacity <= Container.Capacity 
                      or else raise Capacity_Error;
{AI12-0112-1} This If the specified Capacity is larger than the capacity of Container, then Reserve_Capacity propagates Capacity_Error. Otherwise, the operation has no effect, [other than checking the precondition]
{AI12-0112-1} The portion of the postcondition checking the capacity is omitted from subprograms Set_Length, Assign, Insert, Insert_Space, Prepend, Append, and Delete.
{AI12-0112-1} For procedures Insert, Insert_Space, Prepend, and Append, the part of the precondition reading:
     (<some length> <= Maximum_Length - <some other length>
        or else raise Constraint_Error)
is replaced by:
     (<some length> <= Maximum_Length - <some other length>
        or else raise Constraint_Error) and then
     (<some length> <= Container.Capacity - <some other length>
        or else raise Capacity_Error)

Bounded (Run-Time) Errors

{AI05-0160-1} {AI05-0265-1} It is a bounded error to assign from a bounded vector object while tampering with elements [or cursors] of that object is prohibited. Either Program_Error is raised by the assignment, execution proceeds with the target object prohibiting tampering with elements [or cursors], or execution proceeds normally. 
Proof: Tampering with elements includes tampering with cursors, so we only really need to talk about tampering with elements here; we mention cursors for clarity. 

Erroneous Execution

{AI05-0265-1} When a bounded vector object V is finalized, if tampering with cursors is prohibited for V other than due to an assignment from another vector, then execution is erroneous.
Reason: This is a tampering event, but since the implementation is not allowed to use Ada.Finalization, it is not possible in a pure Ada implementation to detect this error. (There is no Finalize routine that will be called that could make the check.) Since the check probably cannot be made, the bad effects that could occur (such as an iterator going into an infinite loop or accessing a nonexistent element) cannot be prevented and we have to allow anything. We do allow re-assigning an object that only prohibits tampering because it was copied from another object as that cannot cause any negative effects. 

Implementation Requirements

{AI05-0184-1} {AI05-0264-1} For each instance of Containers.Vectors and each instance of Containers.Bounded_Vectors, if the two instances meet the following conditions, then the output generated by the Vector'Output or Vector'Write subprograms of either instance shall be readable by the Vector'Input or Vector'Read of the other instance, respectively:
{AI05-0184-1} {AI05-0248-1} the Element_Type parameters of the two instances are statically matching subtypes of the same type; and
{AI05-0184-1} the output generated by Element_Type'Output or Element_Type'Write is readable by Element_Type'Input or Element_Type'Read, respectively (where Element_Type denotes the type of the two actual Element_Type parameters); and
{AI05-0184-1} the preceding two conditions also hold for the Index_Type parameters of the instances. 

Implementation Advice

{AI05-0001-1} Bounded vector objects should be implemented without implicit pointers or dynamic allocation. 
Implementation Advice: Bounded vector objects should be implemented without implicit pointers or dynamic allocation.
{AI05-0001-1} The implementation advice for procedure Move to minimize copying does not apply. 
Implementation Advice: The implementation advice for procedure Move to minimize copying does not apply to bounded vectors.

Extensions to Ada 2005

{AI05-0001-1} {AI05-0160-1} {AI05-0184-1} The generic package Containers.Bounded_Vectors is new. 

Inconsistencies With Ada 2012

{AI12-0111-1} Correction: Tampering with elements is now defined to be equivalent to tampering with cursors for bounded containers. If a program requires tampering detection to work, it might fail in Ada 2022. Needless to say, this shouldn't happen outside of test programs. See Inconsistencies With Ada 2012 in A.18.2 for more details. 

Incompatibilities With Ada 2012

{AI12-0409-1} Correction:A bounded vector now only has Preelaborable_Initialization (abbreviated PI in this note) when the actual for the Element_Type has PI. If an program used a vector whose actual Element_Type does not have PI in a context when PI is required (such as a library-level object in a preelaborated unit or as a component of a type with PI), the program would be illegal in Ada 2022 but legal in original Ada 2012. This situation is unlikely, especially as some existing Ada 2012 implementations reject the instance in this case. 

Contents   Index   References   Search   Previous   Next 
Ada-Europe Ada 2005 and 2012 Editions sponsored in part by Ada-Europe