A.18.19 The Generic Package Containers.Bounded_Vectors
The language-defined generic package Containers.Bounded_Vectors provides
a private type Vector and a set of operations. It provides the same operations
as the package Containers.Vectors (see A.18.2
with the difference that the maximum storage is bounded.
The declaration of the generic library package Containers.Bounded_Vectors
has the same contents and semantics as Containers.Vectors except:
The type Vector is
declared with a discriminant that specifies the capacity:
type Vector (Capacity : Count_Type) is tagged private;
The type Vector needs finalization if and only
if type Element_Type needs finalization.
The type Vector cannot depend on package Ada.Finalization unless the
element type depends on that package. The objects returned from the Iterator
and Reference functions probably do depend on package Ada.Finalization.
Restricted environments may need to avoid use of those functions and
their associated types.
In function Copy, if the Capacity parameter is
equal to or greater than the length of Source, the vector capacity exactly
equals the value of the Capacity parameter.
The description of
Reserve_Capacity is replaced with:
If the specified Capacity is larger than the capacity
of Container, then Reserve_Capacity propagates Capacity_Error. Otherwise,
the operation has no effect.
Bounded (Run-Time) Errors
It is a bounded error to assign from a bounded vector
object while tampering with elements [or cursors] of that object is prohibited.
Either Program_Error is raised by the assignment, execution proceeds
with the target object prohibiting tampering with elements [or cursors],
or execution proceeds normally.
Proof: Tampering with elements includes
tampering with cursors, so we only really need to talk about tampering
with elements here; we mention cursors for clarity.
When a bounded vector object V
is finalized, if tampering with
cursors is prohibited for V
other than due to an assignment from
another vector, then execution is erroneous.
Reason: This is a tampering event, but
since the implementation is not allowed to use Ada.Finalization, it is
not possible in a pure Ada implementation to detect this error. (There
is no Finalize routine that will be called that could make the check.)
Since the check probably cannot be made, the bad effects that could occur
(such as an iterator going into an infinite loop or accessing a nonexistent
element) cannot be prevented and we have to allow anything. We do allow
re-assigning an object that only prohibits tampering because it was copied
from another object as that cannot cause any negative effects.
For each instance of Containers.Vectors and each instance of Containers.Bounded_Vectors,
if the two instances meet the following conditions, then the output generated
by the Vector'Output or Vector'Write subprograms of either instance shall
be readable by the Vector'Input or Vector'Read of the other instance,
the Element_Type parameters of the two instances are statically matching
subtypes of the same type; and
the output generated by Element_Type'Output or Element_Type'Write is
readable by Element_Type'Input or Element_Type'Read, respectively (where
Element_Type denotes the type of the two actual Element_Type parameters);
the preceding two conditions also hold for the Index_Type parameters
of the instances.
Bounded vector objects should be implemented without implicit pointers
or dynamic allocation.
Implementation Advice: Bounded vector
objects should be implemented without implicit pointers or dynamic allocation.
The implementation advice for procedure Move to minimize copying does
Implementation Advice: The implementation
advice for procedure Move to minimize copying does not apply to bounded
Extensions to Ada 2005
Ada 2005 and 2012 Editions sponsored in part by Ada-Europe