aboutsummaryrefslogtreecommitdiffstats
path: root/gcc-4.9/gcc/ada/a-coinve.adb
diff options
context:
space:
mode:
Diffstat (limited to 'gcc-4.9/gcc/ada/a-coinve.adb')
-rw-r--r--gcc-4.9/gcc/ada/a-coinve.adb4305
1 files changed, 4305 insertions, 0 deletions
diff --git a/gcc-4.9/gcc/ada/a-coinve.adb b/gcc-4.9/gcc/ada/a-coinve.adb
new file mode 100644
index 000000000..3234f5ec8
--- /dev/null
+++ b/gcc-4.9/gcc/ada/a-coinve.adb
@@ -0,0 +1,4305 @@
+------------------------------------------------------------------------------
+-- --
+-- GNAT LIBRARY COMPONENTS --
+-- --
+-- A D A . C O N T A I N E R S . I N D E F I N I T E _ V E C T O R S --
+-- --
+-- B o d y --
+-- --
+-- Copyright (C) 2004-2013, Free Software Foundation, Inc. --
+-- --
+-- GNAT is free software; you can redistribute it and/or modify it under --
+-- terms of the GNU General Public License as published by the Free Soft- --
+-- ware Foundation; either version 3, or (at your option) any later ver- --
+-- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
+-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
+-- or FITNESS FOR A PARTICULAR PURPOSE. --
+-- --
+-- As a special exception under Section 7 of GPL version 3, you are granted --
+-- additional permissions described in the GCC Runtime Library Exception, --
+-- version 3.1, as published by the Free Software Foundation. --
+-- --
+-- You should have received a copy of the GNU General Public License and --
+-- a copy of the GCC Runtime Library Exception along with this program; --
+-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see --
+-- <http://www.gnu.org/licenses/>. --
+-- --
+-- This unit was originally developed by Matthew J Heaney. --
+------------------------------------------------------------------------------
+
+with Ada.Containers.Generic_Array_Sort;
+with Ada.Unchecked_Deallocation;
+
+with System; use type System.Address;
+
+package body Ada.Containers.Indefinite_Vectors is
+
+ procedure Free is
+ new Ada.Unchecked_Deallocation (Elements_Type, Elements_Access);
+
+ procedure Free is
+ new Ada.Unchecked_Deallocation (Element_Type, Element_Access);
+
+ ---------
+ -- "&" --
+ ---------
+
+ function "&" (Left, Right : Vector) return Vector is
+ LN : constant Count_Type := Length (Left);
+ RN : constant Count_Type := Length (Right);
+ N : Count_Type'Base; -- length of result
+ J : Count_Type'Base; -- for computing intermediate values
+ Last : Index_Type'Base; -- Last index of result
+
+ begin
+ -- We decide that the capacity of the result is the sum of the lengths
+ -- of the vector parameters. We could decide to make it larger, but we
+ -- have no basis for knowing how much larger, so we just allocate the
+ -- minimum amount of storage.
+
+ -- Here we handle the easy cases first, when one of the vector
+ -- parameters is empty. (We say "easy" because there's nothing to
+ -- compute, that can potentially overflow.)
+
+ if LN = 0 then
+ if RN = 0 then
+ return Empty_Vector;
+ end if;
+
+ declare
+ RE : Elements_Array renames
+ Right.Elements.EA (Index_Type'First .. Right.Last);
+
+ Elements : Elements_Access := new Elements_Type (Right.Last);
+
+ begin
+ -- Elements of an indefinite vector are allocated, so we cannot
+ -- use simple slice assignment to give a value to our result.
+ -- Hence we must walk the array of the Right vector, and copy
+ -- each source element individually.
+
+ for I in Elements.EA'Range loop
+ begin
+ if RE (I) /= null then
+ Elements.EA (I) := new Element_Type'(RE (I).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ return (Controlled with Elements, Right.Last, 0, 0);
+ end;
+ end if;
+
+ if RN = 0 then
+ declare
+ LE : Elements_Array renames
+ Left.Elements.EA (Index_Type'First .. Left.Last);
+
+ Elements : Elements_Access := new Elements_Type (Left.Last);
+
+ begin
+ -- Elements of an indefinite vector are allocated, so we cannot
+ -- use simple slice assignment to give a value to our result.
+ -- Hence we must walk the array of the Left vector, and copy
+ -- each source element individually.
+
+ for I in Elements.EA'Range loop
+ begin
+ if LE (I) /= null then
+ Elements.EA (I) := new Element_Type'(LE (I).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ return (Controlled with Elements, Left.Last, 0, 0);
+ end;
+ end if;
+
+ -- Neither of the vector parameters is empty, so we must compute the
+ -- length of the result vector and its last index. (This is the harder
+ -- case, because our computations must avoid overflow.)
+
+ -- There are two constraints we need to satisfy. The first constraint is
+ -- that a container cannot have more than Count_Type'Last elements, so
+ -- we must check the sum of the combined lengths. Note that we cannot
+ -- simply add the lengths, because of the possibility of overflow.
+
+ if LN > Count_Type'Last - RN then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ -- It is now safe compute the length of the new vector.
+
+ N := LN + RN;
+
+ -- The second constraint is that the new Last index value cannot
+ -- exceed Index_Type'Last. We use the wider of Index_Type'Base and
+ -- Count_Type'Base as the type for intermediate values.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+
+ -- We perform a two-part test. First we determine whether the
+ -- computed Last value lies in the base range of the type, and then
+ -- determine whether it lies in the range of the index (sub)type.
+
+ -- Last must satisfy this relation:
+ -- First + Length - 1 <= Last
+ -- We regroup terms:
+ -- First - 1 <= Last - Length
+ -- Which can rewrite as:
+ -- No_Index <= Last - Length
+
+ if Index_Type'Base'Last - Index_Type'Base (N) < No_Index then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ -- We now know that the computed value of Last is within the base
+ -- range of the type, so it is safe to compute its value:
+
+ Last := No_Index + Index_Type'Base (N);
+
+ -- Finally we test whether the value is within the range of the
+ -- generic actual index subtype:
+
+ if Last > Index_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- Here we can compute Last directly, in the normal way. We know that
+ -- No_Index is less than 0, so there is no danger of overflow when
+ -- adding the (positive) value of length.
+
+ J := Count_Type'Base (No_Index) + N; -- Last
+
+ if J > Count_Type'Base (Index_Type'Last) then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ -- We know that the computed value (having type Count_Type) of Last
+ -- is within the range of the generic actual index subtype, so it is
+ -- safe to convert to Index_Type:
+
+ Last := Index_Type'Base (J);
+
+ else
+ -- Here Index_Type'First (and Index_Type'Last) is positive, so we
+ -- must test the length indirectly (by working backwards from the
+ -- largest possible value of Last), in order to prevent overflow.
+
+ J := Count_Type'Base (Index_Type'Last) - N; -- No_Index
+
+ if J < Count_Type'Base (No_Index) then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ -- We have determined that the result length would not create a Last
+ -- index value outside of the range of Index_Type, so we can now
+ -- safely compute its value.
+
+ Last := Index_Type'Base (Count_Type'Base (No_Index) + N);
+ end if;
+
+ declare
+ LE : Elements_Array renames
+ Left.Elements.EA (Index_Type'First .. Left.Last);
+ RE : Elements_Array renames
+ Right.Elements.EA (Index_Type'First .. Right.Last);
+
+ Elements : Elements_Access := new Elements_Type (Last);
+
+ I : Index_Type'Base := No_Index;
+
+ begin
+ -- Elements of an indefinite vector are allocated, so we cannot use
+ -- simple slice assignment to give a value to our result. Hence we
+ -- must walk the array of each vector parameter, and copy each source
+ -- element individually.
+
+ for LI in LE'Range loop
+ I := I + 1;
+
+ begin
+ if LE (LI) /= null then
+ Elements.EA (I) := new Element_Type'(LE (LI).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ for RI in RE'Range loop
+ I := I + 1;
+
+ begin
+ if RE (RI) /= null then
+ Elements.EA (I) := new Element_Type'(RE (RI).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ return (Controlled with Elements, Last, 0, 0);
+ end;
+ end "&";
+
+ function "&" (Left : Vector; Right : Element_Type) return Vector is
+ begin
+ -- We decide that the capacity of the result is the sum of the lengths
+ -- of the parameters. We could decide to make it larger, but we have no
+ -- basis for knowing how much larger, so we just allocate the minimum
+ -- amount of storage.
+
+ -- Here we handle the easy case first, when the vector parameter (Left)
+ -- is empty.
+
+ if Left.Is_Empty then
+ declare
+ Elements : Elements_Access := new Elements_Type (Index_Type'First);
+
+ begin
+ begin
+ Elements.EA (Index_Type'First) := new Element_Type'(Right);
+ exception
+ when others =>
+ Free (Elements);
+ raise;
+ end;
+
+ return (Controlled with Elements, Index_Type'First, 0, 0);
+ end;
+ end if;
+
+ -- The vector parameter is not empty, so we must compute the length of
+ -- the result vector and its last index, but in such a way that overflow
+ -- is avoided. We must satisfy two constraints: the new length cannot
+ -- exceed Count_Type'Last, and the new Last index cannot exceed
+ -- Index_Type'Last.
+
+ if Left.Length = Count_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ if Left.Last >= Index_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ declare
+ Last : constant Index_Type := Left.Last + 1;
+
+ LE : Elements_Array renames
+ Left.Elements.EA (Index_Type'First .. Left.Last);
+
+ Elements : Elements_Access := new Elements_Type (Last);
+
+ begin
+ for I in LE'Range loop
+ begin
+ if LE (I) /= null then
+ Elements.EA (I) := new Element_Type'(LE (I).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ begin
+ Elements.EA (Last) := new Element_Type'(Right);
+
+ exception
+ when others =>
+ for J in Index_Type'First .. Last - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+
+ return (Controlled with Elements, Last, 0, 0);
+ end;
+ end "&";
+
+ function "&" (Left : Element_Type; Right : Vector) return Vector is
+ begin
+ -- We decide that the capacity of the result is the sum of the lengths
+ -- of the parameters. We could decide to make it larger, but we have no
+ -- basis for knowing how much larger, so we just allocate the minimum
+ -- amount of storage.
+
+ -- Here we handle the easy case first, when the vector parameter (Right)
+ -- is empty.
+
+ if Right.Is_Empty then
+ declare
+ Elements : Elements_Access := new Elements_Type (Index_Type'First);
+
+ begin
+ begin
+ Elements.EA (Index_Type'First) := new Element_Type'(Left);
+ exception
+ when others =>
+ Free (Elements);
+ raise;
+ end;
+
+ return (Controlled with Elements, Index_Type'First, 0, 0);
+ end;
+ end if;
+
+ -- The vector parameter is not empty, so we must compute the length of
+ -- the result vector and its last index, but in such a way that overflow
+ -- is avoided. We must satisfy two constraints: the new length cannot
+ -- exceed Count_Type'Last, and the new Last index cannot exceed
+ -- Index_Type'Last.
+
+ if Right.Length = Count_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ if Right.Last >= Index_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ declare
+ Last : constant Index_Type := Right.Last + 1;
+
+ RE : Elements_Array renames
+ Right.Elements.EA (Index_Type'First .. Right.Last);
+
+ Elements : Elements_Access := new Elements_Type (Last);
+
+ I : Index_Type'Base := Index_Type'First;
+
+ begin
+ begin
+ Elements.EA (I) := new Element_Type'(Left);
+ exception
+ when others =>
+ Free (Elements);
+ raise;
+ end;
+
+ for RI in RE'Range loop
+ I := I + 1;
+
+ begin
+ if RE (RI) /= null then
+ Elements.EA (I) := new Element_Type'(RE (RI).all);
+ end if;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. I - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+ end loop;
+
+ return (Controlled with Elements, Last, 0, 0);
+ end;
+ end "&";
+
+ function "&" (Left, Right : Element_Type) return Vector is
+ begin
+ -- We decide that the capacity of the result is the sum of the lengths
+ -- of the parameters. We could decide to make it larger, but we have no
+ -- basis for knowing how much larger, so we just allocate the minimum
+ -- amount of storage.
+
+ -- We must compute the length of the result vector and its last index,
+ -- but in such a way that overflow is avoided. We must satisfy two
+ -- constraints: the new length cannot exceed Count_Type'Last (here, we
+ -- know that that condition is satisfied), and the new Last index cannot
+ -- exceed Index_Type'Last.
+
+ if Index_Type'First >= Index_Type'Last then
+ raise Constraint_Error with "new length is out of range";
+ end if;
+
+ declare
+ Last : constant Index_Type := Index_Type'First + 1;
+ Elements : Elements_Access := new Elements_Type (Last);
+
+ begin
+ begin
+ Elements.EA (Index_Type'First) := new Element_Type'(Left);
+ exception
+ when others =>
+ Free (Elements);
+ raise;
+ end;
+
+ begin
+ Elements.EA (Last) := new Element_Type'(Right);
+ exception
+ when others =>
+ Free (Elements.EA (Index_Type'First));
+ Free (Elements);
+ raise;
+ end;
+
+ return (Controlled with Elements, Last, 0, 0);
+ end;
+ end "&";
+
+ ---------
+ -- "=" --
+ ---------
+
+ overriding function "=" (Left, Right : Vector) return Boolean is
+ BL : Natural renames Left'Unrestricted_Access.Busy;
+ LL : Natural renames Left'Unrestricted_Access.Lock;
+
+ BR : Natural renames Right'Unrestricted_Access.Busy;
+ LR : Natural renames Right'Unrestricted_Access.Lock;
+
+ Result : Boolean;
+
+ begin
+ if Left'Address = Right'Address then
+ return True;
+ end if;
+
+ if Left.Last /= Right.Last then
+ return False;
+ end if;
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ BL := BL + 1;
+ LL := LL + 1;
+
+ BR := BR + 1;
+ LR := LR + 1;
+
+ Result := True;
+ for J in Index_Type'First .. Left.Last loop
+ if Left.Elements.EA (J) = null then
+ if Right.Elements.EA (J) /= null then
+ Result := False;
+ exit;
+ end if;
+
+ elsif Right.Elements.EA (J) = null then
+ Result := False;
+ exit;
+
+ elsif Left.Elements.EA (J).all /= Right.Elements.EA (J).all then
+ Result := False;
+ exit;
+ end if;
+ end loop;
+
+ BL := BL - 1;
+ LL := LL - 1;
+
+ BR := BR - 1;
+ LR := LR - 1;
+
+ return Result;
+
+ exception
+ when others =>
+ BL := BL - 1;
+ LL := LL - 1;
+
+ BR := BR - 1;
+ LR := LR - 1;
+
+ raise;
+ end "=";
+
+ ------------
+ -- Adjust --
+ ------------
+
+ procedure Adjust (Container : in out Vector) is
+ begin
+ if Container.Last = No_Index then
+ Container.Elements := null;
+ return;
+ end if;
+
+ declare
+ L : constant Index_Type := Container.Last;
+ E : Elements_Array renames
+ Container.Elements.EA (Index_Type'First .. L);
+
+ begin
+ Container.Elements := null;
+ Container.Last := No_Index;
+ Container.Busy := 0;
+ Container.Lock := 0;
+
+ Container.Elements := new Elements_Type (L);
+
+ for J in E'Range loop
+ if E (J) /= null then
+ Container.Elements.EA (J) := new Element_Type'(E (J).all);
+ end if;
+
+ Container.Last := J;
+ end loop;
+ end;
+ end Adjust;
+
+ procedure Adjust (Control : in out Reference_Control_Type) is
+ begin
+ if Control.Container /= null then
+ declare
+ C : Vector renames Control.Container.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ B := B + 1;
+ L := L + 1;
+ end;
+ end if;
+ end Adjust;
+
+ ------------
+ -- Append --
+ ------------
+
+ procedure Append (Container : in out Vector; New_Item : Vector) is
+ begin
+ if Is_Empty (New_Item) then
+ return;
+ elsif Container.Last = Index_Type'Last then
+ raise Constraint_Error with "vector is already at its maximum length";
+ else
+ Insert (Container, Container.Last + 1, New_Item);
+ end if;
+ end Append;
+
+ procedure Append
+ (Container : in out Vector;
+ New_Item : Element_Type;
+ Count : Count_Type := 1)
+ is
+ begin
+ if Count = 0 then
+ return;
+ elsif Container.Last = Index_Type'Last then
+ raise Constraint_Error with "vector is already at its maximum length";
+ else
+ Insert (Container, Container.Last + 1, New_Item, Count);
+ end if;
+ end Append;
+
+ ------------
+ -- Assign --
+ ------------
+
+ procedure Assign (Target : in out Vector; Source : Vector) is
+ begin
+ if Target'Address = Source'Address then
+ return;
+ else
+ Target.Clear;
+ Target.Append (Source);
+ end if;
+ end Assign;
+
+ --------------
+ -- Capacity --
+ --------------
+
+ function Capacity (Container : Vector) return Count_Type is
+ begin
+ if Container.Elements = null then
+ return 0;
+ else
+ return Container.Elements.EA'Length;
+ end if;
+ end Capacity;
+
+ -----------
+ -- Clear --
+ -----------
+
+ procedure Clear (Container : in out Vector) is
+ begin
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+
+ else
+ while Container.Last >= Index_Type'First loop
+ declare
+ X : Element_Access := Container.Elements.EA (Container.Last);
+ begin
+ Container.Elements.EA (Container.Last) := null;
+ Container.Last := Container.Last - 1;
+ Free (X);
+ end;
+ end loop;
+ end if;
+ end Clear;
+
+ ------------------------
+ -- Constant_Reference --
+ ------------------------
+
+ function Constant_Reference
+ (Container : aliased Vector;
+ Position : Cursor) return Constant_Reference_Type
+ is
+ E : Element_Access;
+
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+ end if;
+
+ if Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+ end if;
+
+ if Position.Index > Position.Container.Last then
+ raise Constraint_Error with "Position cursor is out of range";
+ end if;
+
+ E := Container.Elements.EA (Position.Index);
+
+ if E = null then
+ raise Constraint_Error with "element at Position is empty";
+ end if;
+
+ declare
+ C : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ return R : constant Constant_Reference_Type :=
+ (Element => E.all'Access,
+ Control => (Controlled with Container'Unrestricted_Access))
+ do
+ B := B + 1;
+ L := L + 1;
+ end return;
+ end;
+ end Constant_Reference;
+
+ function Constant_Reference
+ (Container : aliased Vector;
+ Index : Index_Type) return Constant_Reference_Type
+ is
+ E : Element_Access;
+
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ E := Container.Elements.EA (Index);
+
+ if E = null then
+ raise Constraint_Error with "element at Index is empty";
+ end if;
+
+ declare
+ C : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ return R : constant Constant_Reference_Type :=
+ (Element => E.all'Access,
+ Control => (Controlled with Container'Unrestricted_Access))
+ do
+ B := B + 1;
+ L := L + 1;
+ end return;
+ end;
+ end Constant_Reference;
+
+ --------------
+ -- Contains --
+ --------------
+
+ function Contains
+ (Container : Vector;
+ Item : Element_Type) return Boolean
+ is
+ begin
+ return Find_Index (Container, Item) /= No_Index;
+ end Contains;
+
+ ----------
+ -- Copy --
+ ----------
+
+ function Copy
+ (Source : Vector;
+ Capacity : Count_Type := 0) return Vector
+ is
+ C : Count_Type;
+
+ begin
+ if Capacity = 0 then
+ C := Source.Length;
+
+ elsif Capacity >= Source.Length then
+ C := Capacity;
+
+ else
+ raise Capacity_Error
+ with "Requested capacity is less than Source length";
+ end if;
+
+ return Target : Vector do
+ Target.Reserve_Capacity (C);
+ Target.Assign (Source);
+ end return;
+ end Copy;
+
+ ------------
+ -- Delete --
+ ------------
+
+ procedure Delete
+ (Container : in out Vector;
+ Index : Extended_Index;
+ Count : Count_Type := 1)
+ is
+ Old_Last : constant Index_Type'Base := Container.Last;
+ New_Last : Index_Type'Base;
+ Count2 : Count_Type'Base; -- count of items from Index to Old_Last
+ J : Index_Type'Base; -- first index of items that slide down
+
+ begin
+ -- Delete removes items from the vector, the number of which is the
+ -- minimum of the specified Count and the items (if any) that exist from
+ -- Index to Container.Last. There are no constraints on the specified
+ -- value of Count (it can be larger than what's available at this
+ -- position in the vector, for example), but there are constraints on
+ -- the allowed values of the Index.
+
+ -- As a precondition on the generic actual Index_Type, the base type
+ -- must include Index_Type'Pred (Index_Type'First); this is the value
+ -- that Container.Last assumes when the vector is empty. However, we do
+ -- not allow that as the value for Index when specifying which items
+ -- should be deleted, so we must manually check. (That the user is
+ -- allowed to specify the value at all here is a consequence of the
+ -- declaration of the Extended_Index subtype, which includes the values
+ -- in the base range that immediately precede and immediately follow the
+ -- values in the Index_Type.)
+
+ if Index < Index_Type'First then
+ raise Constraint_Error with "Index is out of range (too small)";
+ end if;
+
+ -- We do allow a value greater than Container.Last to be specified as
+ -- the Index, but only if it's immediately greater. This allows the
+ -- corner case of deleting no items from the back end of the vector to
+ -- be treated as a no-op. (It is assumed that specifying an index value
+ -- greater than Last + 1 indicates some deeper flaw in the caller's
+ -- algorithm, so that case is treated as a proper error.)
+
+ if Index > Old_Last then
+ if Index > Old_Last + 1 then
+ raise Constraint_Error with "Index is out of range (too large)";
+ else
+ return;
+ end if;
+ end if;
+
+ -- Here and elsewhere we treat deleting 0 items from the container as a
+ -- no-op, even when the container is busy, so we simply return.
+
+ if Count = 0 then
+ return;
+ end if;
+
+ -- The internal elements array isn't guaranteed to exist unless we have
+ -- elements, so we handle that case here in order to avoid having to
+ -- check it later. (Note that an empty vector can never be busy, so
+ -- there's no semantic harm in returning early.)
+
+ if Container.Is_Empty then
+ return;
+ end if;
+
+ -- The tampering bits exist to prevent an item from being deleted (or
+ -- otherwise harmfully manipulated) while it is being visited. Query,
+ -- Update, and Iterate increment the busy count on entry, and decrement
+ -- the count on exit. Delete checks the count to determine whether it is
+ -- being called while the associated callback procedure is executing.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ -- We first calculate what's available for deletion starting at
+ -- Index. Here and elsewhere we use the wider of Index_Type'Base and
+ -- Count_Type'Base as the type for intermediate values. (See function
+ -- Length for more information.)
+
+ if Count_Type'Base'Last >= Index_Type'Pos (Index_Type'Base'Last) then
+ Count2 := Count_Type'Base (Old_Last) - Count_Type'Base (Index) + 1;
+
+ else
+ Count2 := Count_Type'Base (Old_Last - Index + 1);
+ end if;
+
+ -- If the number of elements requested (Count) for deletion is equal to
+ -- (or greater than) the number of elements available (Count2) for
+ -- deletion beginning at Index, then everything from Index to
+ -- Container.Last is deleted (this is equivalent to Delete_Last).
+
+ if Count >= Count2 then
+ -- Elements in an indefinite vector are allocated, so we must iterate
+ -- over the loop and deallocate elements one-at-a-time. We work from
+ -- back to front, deleting the last element during each pass, in
+ -- order to gracefully handle deallocation failures.
+
+ declare
+ EA : Elements_Array renames Container.Elements.EA;
+
+ begin
+ while Container.Last >= Index loop
+ declare
+ K : constant Index_Type := Container.Last;
+ X : Element_Access := EA (K);
+
+ begin
+ -- We first isolate the element we're deleting, removing it
+ -- from the vector before we attempt to deallocate it, in
+ -- case the deallocation fails.
+
+ EA (K) := null;
+ Container.Last := K - 1;
+
+ -- Container invariants have been restored, so it is now
+ -- safe to attempt to deallocate the element.
+
+ Free (X);
+ end;
+ end loop;
+ end;
+
+ return;
+ end if;
+
+ -- There are some elements that aren't being deleted (the requested
+ -- count was less than the available count), so we must slide them down
+ -- to Index. We first calculate the index values of the respective array
+ -- slices, using the wider of Index_Type'Base and Count_Type'Base as the
+ -- type for intermediate calculations. For the elements that slide down,
+ -- index value New_Last is the last index value of their new home, and
+ -- index value J is the first index of their old home.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ New_Last := Old_Last - Index_Type'Base (Count);
+ J := Index + Index_Type'Base (Count);
+ else
+ New_Last := Index_Type'Base (Count_Type'Base (Old_Last) - Count);
+ J := Index_Type'Base (Count_Type'Base (Index) + Count);
+ end if;
+
+ -- The internal elements array isn't guaranteed to exist unless we have
+ -- elements, but we have that guarantee here because we know we have
+ -- elements to slide. The array index values for each slice have
+ -- already been determined, so what remains to be done is to first
+ -- deallocate the elements that are being deleted, and then slide down
+ -- to Index the elements that aren't being deleted.
+
+ declare
+ EA : Elements_Array renames Container.Elements.EA;
+
+ begin
+ -- Before we can slide down the elements that aren't being deleted,
+ -- we need to deallocate the elements that are being deleted.
+
+ for K in Index .. J - 1 loop
+ declare
+ X : Element_Access := EA (K);
+
+ begin
+ -- First we remove the element we're about to deallocate from
+ -- the vector, in case the deallocation fails, in order to
+ -- preserve representation invariants.
+
+ EA (K) := null;
+
+ -- The element has been removed from the vector, so it is now
+ -- safe to attempt to deallocate it.
+
+ Free (X);
+ end;
+ end loop;
+
+ EA (Index .. New_Last) := EA (J .. Old_Last);
+ Container.Last := New_Last;
+ end;
+ end Delete;
+
+ procedure Delete
+ (Container : in out Vector;
+ Position : in out Cursor;
+ Count : Count_Type := 1)
+ is
+ pragma Warnings (Off, Position);
+
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+
+ elsif Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+
+ elsif Position.Index > Container.Last then
+ raise Program_Error with "Position index is out of range";
+
+ else
+ Delete (Container, Position.Index, Count);
+ Position := No_Element;
+ end if;
+ end Delete;
+
+ ------------------
+ -- Delete_First --
+ ------------------
+
+ procedure Delete_First
+ (Container : in out Vector;
+ Count : Count_Type := 1)
+ is
+ begin
+ if Count = 0 then
+ return;
+
+ elsif Count >= Length (Container) then
+ Clear (Container);
+ return;
+
+ else
+ Delete (Container, Index_Type'First, Count);
+ end if;
+ end Delete_First;
+
+ -----------------
+ -- Delete_Last --
+ -----------------
+
+ procedure Delete_Last
+ (Container : in out Vector;
+ Count : Count_Type := 1)
+ is
+ begin
+ -- It is not permitted to delete items while the container is busy (for
+ -- example, we're in the middle of a passive iteration). However, we
+ -- always treat deleting 0 items as a no-op, even when we're busy, so we
+ -- simply return without checking.
+
+ if Count = 0 then
+ return;
+ end if;
+
+ -- We cannot simply subsume the empty case into the loop below (the loop
+ -- would iterate 0 times), because we rename the internal array object
+ -- (which is allocated), but an empty vector isn't guaranteed to have
+ -- actually allocated an array. (Note that an empty vector can never be
+ -- busy, so there's no semantic harm in returning early here.)
+
+ if Container.Is_Empty then
+ return;
+ end if;
+
+ -- The tampering bits exist to prevent an item from being deleted (or
+ -- otherwise harmfully manipulated) while it is being visited. Query,
+ -- Update, and Iterate increment the busy count on entry, and decrement
+ -- the count on exit. Delete_Last checks the count to determine whether
+ -- it is being called while the associated callback procedure is
+ -- executing.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ -- Elements in an indefinite vector are allocated, so we must iterate
+ -- over the loop and deallocate elements one-at-a-time. We work from
+ -- back to front, deleting the last element during each pass, in order
+ -- to gracefully handle deallocation failures.
+
+ declare
+ E : Elements_Array renames Container.Elements.EA;
+
+ begin
+ for Indx in 1 .. Count_Type'Min (Count, Container.Length) loop
+ declare
+ J : constant Index_Type := Container.Last;
+ X : Element_Access := E (J);
+
+ begin
+ -- Note that we first isolate the element we're deleting,
+ -- removing it from the vector, before we actually deallocate
+ -- it, in order to preserve representation invariants even if
+ -- the deallocation fails.
+
+ E (J) := null;
+ Container.Last := J - 1;
+
+ -- Container invariants have been restored, so it is now safe
+ -- to deallocate the element.
+
+ Free (X);
+ end;
+ end loop;
+ end;
+ end Delete_Last;
+
+ -------------
+ -- Element --
+ -------------
+
+ function Element
+ (Container : Vector;
+ Index : Index_Type) return Element_Type
+ is
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ declare
+ EA : constant Element_Access := Container.Elements.EA (Index);
+ begin
+ if EA = null then
+ raise Constraint_Error with "element is empty";
+ else
+ return EA.all;
+ end if;
+ end;
+ end Element;
+
+ function Element (Position : Cursor) return Element_Type is
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+ end if;
+
+ if Position.Index > Position.Container.Last then
+ raise Constraint_Error with "Position cursor is out of range";
+ end if;
+
+ declare
+ EA : constant Element_Access :=
+ Position.Container.Elements.EA (Position.Index);
+ begin
+ if EA = null then
+ raise Constraint_Error with "element is empty";
+ else
+ return EA.all;
+ end if;
+ end;
+ end Element;
+
+ --------------
+ -- Finalize --
+ --------------
+
+ procedure Finalize (Container : in out Vector) is
+ begin
+ Clear (Container); -- Checks busy-bit
+
+ declare
+ X : Elements_Access := Container.Elements;
+ begin
+ Container.Elements := null;
+ Free (X);
+ end;
+ end Finalize;
+
+ procedure Finalize (Object : in out Iterator) is
+ B : Natural renames Object.Container.Busy;
+ begin
+ B := B - 1;
+ end Finalize;
+
+ procedure Finalize (Control : in out Reference_Control_Type) is
+ begin
+ if Control.Container /= null then
+ declare
+ C : Vector renames Control.Container.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ B := B - 1;
+ L := L - 1;
+ end;
+
+ Control.Container := null;
+ end if;
+ end Finalize;
+
+ ----------
+ -- Find --
+ ----------
+
+ function Find
+ (Container : Vector;
+ Item : Element_Type;
+ Position : Cursor := No_Element) return Cursor
+ is
+ begin
+ if Position.Container /= null then
+ if Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+ end if;
+
+ if Position.Index > Container.Last then
+ raise Program_Error with "Position index is out of range";
+ end if;
+ end if;
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ declare
+ B : Natural renames Container'Unrestricted_Access.Busy;
+ L : Natural renames Container'Unrestricted_Access.Lock;
+
+ Result : Index_Type'Base;
+
+ begin
+ B := B + 1;
+ L := L + 1;
+
+ Result := No_Index;
+ for J in Position.Index .. Container.Last loop
+ if Container.Elements.EA (J) /= null
+ and then Container.Elements.EA (J).all = Item
+ then
+ Result := J;
+ exit;
+ end if;
+ end loop;
+
+ B := B - 1;
+ L := L - 1;
+
+ if Result = No_Index then
+ return No_Element;
+ else
+ return Cursor'(Container'Unrestricted_Access, Result);
+ end if;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+ raise;
+ end;
+ end Find;
+
+ ----------------
+ -- Find_Index --
+ ----------------
+
+ function Find_Index
+ (Container : Vector;
+ Item : Element_Type;
+ Index : Index_Type := Index_Type'First) return Extended_Index
+ is
+ B : Natural renames Container'Unrestricted_Access.Busy;
+ L : Natural renames Container'Unrestricted_Access.Lock;
+
+ Result : Index_Type'Base;
+
+ begin
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ B := B + 1;
+ L := L + 1;
+
+ Result := No_Index;
+ for Indx in Index .. Container.Last loop
+ if Container.Elements.EA (Indx) /= null
+ and then Container.Elements.EA (Indx).all = Item
+ then
+ Result := Indx;
+ exit;
+ end if;
+ end loop;
+
+ B := B - 1;
+ L := L - 1;
+
+ return Result;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+
+ raise;
+ end Find_Index;
+
+ -----------
+ -- First --
+ -----------
+
+ function First (Container : Vector) return Cursor is
+ begin
+ if Is_Empty (Container) then
+ return No_Element;
+ end if;
+
+ return (Container'Unrestricted_Access, Index_Type'First);
+ end First;
+
+ function First (Object : Iterator) return Cursor is
+ begin
+ -- The value of the iterator object's Index component influences the
+ -- behavior of the First (and Last) selector function.
+
+ -- When the Index component is No_Index, this means the iterator
+ -- object was constructed without a start expression, in which case the
+ -- (forward) iteration starts from the (logical) beginning of the entire
+ -- sequence of items (corresponding to Container.First, for a forward
+ -- iterator).
+
+ -- Otherwise, this is iteration over a partial sequence of items.
+ -- When the Index component isn't No_Index, the iterator object was
+ -- constructed with a start expression, that specifies the position
+ -- from which the (forward) partial iteration begins.
+
+ if Object.Index = No_Index then
+ return First (Object.Container.all);
+ else
+ return Cursor'(Object.Container, Object.Index);
+ end if;
+ end First;
+
+ -------------------
+ -- First_Element --
+ -------------------
+
+ function First_Element (Container : Vector) return Element_Type is
+ begin
+ if Container.Last = No_Index then
+ raise Constraint_Error with "Container is empty";
+ end if;
+
+ declare
+ EA : constant Element_Access :=
+ Container.Elements.EA (Index_Type'First);
+ begin
+ if EA = null then
+ raise Constraint_Error with "first element is empty";
+ else
+ return EA.all;
+ end if;
+ end;
+ end First_Element;
+
+ -----------------
+ -- First_Index --
+ -----------------
+
+ function First_Index (Container : Vector) return Index_Type is
+ pragma Unreferenced (Container);
+ begin
+ return Index_Type'First;
+ end First_Index;
+
+ ---------------------
+ -- Generic_Sorting --
+ ---------------------
+
+ package body Generic_Sorting is
+
+ -----------------------
+ -- Local Subprograms --
+ -----------------------
+
+ function Is_Less (L, R : Element_Access) return Boolean;
+ pragma Inline (Is_Less);
+
+ -------------
+ -- Is_Less --
+ -------------
+
+ function Is_Less (L, R : Element_Access) return Boolean is
+ begin
+ if L = null then
+ return R /= null;
+ elsif R = null then
+ return False;
+ else
+ return L.all < R.all;
+ end if;
+ end Is_Less;
+
+ ---------------
+ -- Is_Sorted --
+ ---------------
+
+ function Is_Sorted (Container : Vector) return Boolean is
+ begin
+ if Container.Last <= Index_Type'First then
+ return True;
+ end if;
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ declare
+ E : Elements_Array renames Container.Elements.EA;
+
+ B : Natural renames Container'Unrestricted_Access.Busy;
+ L : Natural renames Container'Unrestricted_Access.Lock;
+
+ Result : Boolean;
+
+ begin
+ B := B + 1;
+ L := L + 1;
+
+ Result := True;
+ for I in Index_Type'First .. Container.Last - 1 loop
+ if Is_Less (E (I + 1), E (I)) then
+ Result := False;
+ exit;
+ end if;
+ end loop;
+
+ B := B - 1;
+ L := L - 1;
+
+ return Result;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+
+ raise;
+ end;
+ end Is_Sorted;
+
+ -----------
+ -- Merge --
+ -----------
+
+ procedure Merge (Target, Source : in out Vector) is
+ I, J : Index_Type'Base;
+
+ begin
+ -- The semantics of Merge changed slightly per AI05-0021. It was
+ -- originally the case that if Target and Source denoted the same
+ -- container object, then the GNAT implementation of Merge did
+ -- nothing. However, it was argued that RM05 did not precisely
+ -- specify the semantics for this corner case. The decision of the
+ -- ARG was that if Target and Source denote the same non-empty
+ -- container object, then Program_Error is raised.
+
+ if Source.Last < Index_Type'First then -- Source is empty
+ return;
+ end if;
+
+ if Target'Address = Source'Address then
+ raise Program_Error with
+ "Target and Source denote same non-empty container";
+ end if;
+
+ if Target.Last < Index_Type'First then -- Target is empty
+ Move (Target => Target, Source => Source);
+ return;
+ end if;
+
+ if Source.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ I := Target.Last; -- original value (before Set_Length)
+ Target.Set_Length (Length (Target) + Length (Source));
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ declare
+ TA : Elements_Array renames Target.Elements.EA;
+ SA : Elements_Array renames Source.Elements.EA;
+
+ TB : Natural renames Target.Busy;
+ TL : Natural renames Target.Lock;
+
+ SB : Natural renames Source.Busy;
+ SL : Natural renames Source.Lock;
+
+ begin
+ TB := TB + 1;
+ TL := TL + 1;
+
+ SB := SB + 1;
+ SL := SL + 1;
+
+ J := Target.Last; -- new value (after Set_Length)
+ while Source.Last >= Index_Type'First loop
+ pragma Assert
+ (Source.Last <= Index_Type'First
+ or else not (Is_Less (SA (Source.Last),
+ SA (Source.Last - 1))));
+
+ if I < Index_Type'First then
+ declare
+ Src : Elements_Array renames
+ SA (Index_Type'First .. Source.Last);
+ begin
+ TA (Index_Type'First .. J) := Src;
+ Src := (others => null);
+ end;
+
+ Source.Last := No_Index;
+ exit;
+ end if;
+
+ pragma Assert
+ (I <= Index_Type'First
+ or else not (Is_Less (TA (I), TA (I - 1))));
+
+ declare
+ Src : Element_Access renames SA (Source.Last);
+ Tgt : Element_Access renames TA (I);
+
+ begin
+ if Is_Less (Src, Tgt) then
+ Target.Elements.EA (J) := Tgt;
+ Tgt := null;
+ I := I - 1;
+
+ else
+ Target.Elements.EA (J) := Src;
+ Src := null;
+ Source.Last := Source.Last - 1;
+ end if;
+ end;
+
+ J := J - 1;
+ end loop;
+
+ TB := TB - 1;
+ TL := TL - 1;
+
+ SB := SB - 1;
+ SL := SL - 1;
+
+ exception
+ when others =>
+ TB := TB - 1;
+ TL := TL - 1;
+
+ SB := SB - 1;
+ SL := SL - 1;
+
+ raise;
+ end;
+ end Merge;
+
+ ----------
+ -- Sort --
+ ----------
+
+ procedure Sort (Container : in out Vector) is
+ procedure Sort is new Generic_Array_Sort
+ (Index_Type => Index_Type,
+ Element_Type => Element_Access,
+ Array_Type => Elements_Array,
+ "<" => Is_Less);
+
+ -- Start of processing for Sort
+
+ begin
+ if Container.Last <= Index_Type'First then
+ return;
+ end if;
+
+ -- The exception behavior for the vector container must match that
+ -- for the list container, so we check for cursor tampering here
+ -- (which will catch more things) instead of for element tampering
+ -- (which will catch fewer things). It's true that the elements of
+ -- this vector container could be safely moved around while (say) an
+ -- iteration is taking place (iteration only increments the busy
+ -- counter), and so technically all we would need here is a test for
+ -- element tampering (indicated by the lock counter), that's simply
+ -- an artifact of our array-based implementation. Logically Sort
+ -- requires a check for cursor tampering.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ declare
+ B : Natural renames Container.Busy;
+ L : Natural renames Container.Lock;
+
+ begin
+ B := B + 1;
+ L := L + 1;
+
+ Sort (Container.Elements.EA (Index_Type'First .. Container.Last));
+
+ B := B - 1;
+ L := L - 1;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+
+ raise;
+ end;
+ end Sort;
+
+ end Generic_Sorting;
+
+ -----------------
+ -- Has_Element --
+ -----------------
+
+ function Has_Element (Position : Cursor) return Boolean is
+ begin
+ if Position.Container = null then
+ return False;
+ else
+ return Position.Index <= Position.Container.Last;
+ end if;
+ end Has_Element;
+
+ ------------
+ -- Insert --
+ ------------
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Extended_Index;
+ New_Item : Element_Type;
+ Count : Count_Type := 1)
+ is
+ Old_Length : constant Count_Type := Container.Length;
+
+ Max_Length : Count_Type'Base; -- determined from range of Index_Type
+ New_Length : Count_Type'Base; -- sum of current length and Count
+ New_Last : Index_Type'Base; -- last index of vector after insertion
+
+ Index : Index_Type'Base; -- scratch for intermediate values
+ J : Count_Type'Base; -- scratch
+
+ New_Capacity : Count_Type'Base; -- length of new, expanded array
+ Dst_Last : Index_Type'Base; -- last index of new, expanded array
+ Dst : Elements_Access; -- new, expanded internal array
+
+ begin
+ -- As a precondition on the generic actual Index_Type, the base type
+ -- must include Index_Type'Pred (Index_Type'First); this is the value
+ -- that Container.Last assumes when the vector is empty. However, we do
+ -- not allow that as the value for Index when specifying where the new
+ -- items should be inserted, so we must manually check. (That the user
+ -- is allowed to specify the value at all here is a consequence of the
+ -- declaration of the Extended_Index subtype, which includes the values
+ -- in the base range that immediately precede and immediately follow the
+ -- values in the Index_Type.)
+
+ if Before < Index_Type'First then
+ raise Constraint_Error with
+ "Before index is out of range (too small)";
+ end if;
+
+ -- We do allow a value greater than Container.Last to be specified as
+ -- the Index, but only if it's immediately greater. This allows for the
+ -- case of appending items to the back end of the vector. (It is assumed
+ -- that specifying an index value greater than Last + 1 indicates some
+ -- deeper flaw in the caller's algorithm, so that case is treated as a
+ -- proper error.)
+
+ if Before > Container.Last
+ and then Before > Container.Last + 1
+ then
+ raise Constraint_Error with
+ "Before index is out of range (too large)";
+ end if;
+
+ -- We treat inserting 0 items into the container as a no-op, even when
+ -- the container is busy, so we simply return.
+
+ if Count = 0 then
+ return;
+ end if;
+
+ -- There are two constraints we need to satisfy. The first constraint is
+ -- that a container cannot have more than Count_Type'Last elements, so
+ -- we must check the sum of the current length and the insertion count.
+ -- Note that we cannot simply add these values, because of the
+ -- possibility of overflow.
+
+ if Old_Length > Count_Type'Last - Count then
+ raise Constraint_Error with "Count is out of range";
+ end if;
+
+ -- It is now safe compute the length of the new vector, without fear of
+ -- overflow.
+
+ New_Length := Old_Length + Count;
+
+ -- The second constraint is that the new Last index value cannot exceed
+ -- Index_Type'Last. In each branch below, we calculate the maximum
+ -- length (computed from the range of values in Index_Type), and then
+ -- compare the new length to the maximum length. If the new length is
+ -- acceptable, then we compute the new last index from that.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+
+ -- We have to handle the case when there might be more values in the
+ -- range of Index_Type than in the range of Count_Type.
+
+ if Index_Type'First <= 0 then
+
+ -- We know that No_Index (the same as Index_Type'First - 1) is
+ -- less than 0, so it is safe to compute the following sum without
+ -- fear of overflow.
+
+ Index := No_Index + Index_Type'Base (Count_Type'Last);
+
+ if Index <= Index_Type'Last then
+
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the
+ -- maximum number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than in Count_Type,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
+ end if;
+
+ else
+ -- No_Index is equal or greater than 0, so we can safely compute
+ -- the difference without fear of overflow (which we would have to
+ -- worry about if No_Index were less than 0, but that case is
+ -- handled above).
+
+ if Index_Type'Last - No_Index >=
+ Count_Type'Pos (Count_Type'Last)
+ then
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the
+ -- maximum number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than in Count_Type,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
+ end if;
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- We know that No_Index (the same as Index_Type'First - 1) is less
+ -- than 0, so it is safe to compute the following sum without fear of
+ -- overflow.
+
+ J := Count_Type'Base (No_Index) + Count_Type'Last;
+
+ if J <= Count_Type'Base (Index_Type'Last) then
+
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the maximum
+ -- number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than Count_Type does,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length :=
+ Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
+ end if;
+
+ else
+ -- No_Index is equal or greater than 0, so we can safely compute the
+ -- difference without fear of overflow (which we would have to worry
+ -- about if No_Index were less than 0, but that case is handled
+ -- above).
+
+ Max_Length :=
+ Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
+ end if;
+
+ -- We have just computed the maximum length (number of items). We must
+ -- now compare the requested length to the maximum length, as we do not
+ -- allow a vector expand beyond the maximum (because that would create
+ -- an internal array with a last index value greater than
+ -- Index_Type'Last, with no way to index those elements).
+
+ if New_Length > Max_Length then
+ raise Constraint_Error with "Count is out of range";
+ end if;
+
+ -- New_Last is the last index value of the items in the container after
+ -- insertion. Use the wider of Index_Type'Base and Count_Type'Base to
+ -- compute its value from the New_Length.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ New_Last := No_Index + Index_Type'Base (New_Length);
+ else
+ New_Last := Index_Type'Base (Count_Type'Base (No_Index) + New_Length);
+ end if;
+
+ if Container.Elements = null then
+ pragma Assert (Container.Last = No_Index);
+
+ -- This is the simplest case, with which we must always begin: we're
+ -- inserting items into an empty vector that hasn't allocated an
+ -- internal array yet. Note that we don't need to check the busy bit
+ -- here, because an empty container cannot be busy.
+
+ -- In an indefinite vector, elements are allocated individually, and
+ -- stored as access values on the internal array (the length of which
+ -- represents the vector "capacity"), which is separately allocated.
+
+ Container.Elements := new Elements_Type (New_Last);
+
+ -- The element backbone has been successfully allocated, so now we
+ -- allocate the elements.
+
+ for Idx in Container.Elements.EA'Range loop
+
+ -- In order to preserve container invariants, we always attempt
+ -- the element allocation first, before setting the Last index
+ -- value, in case the allocation fails (either because there is no
+ -- storage available, or because element initialization fails).
+
+ declare
+ -- The element allocator may need an accessibility check in the
+ -- case actual type is class-wide or has access discriminants
+ -- (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ Container.Elements.EA (Idx) := new Element_Type'(New_Item);
+ end;
+
+ -- The allocation of the element succeeded, so it is now safe to
+ -- update the Last index, restoring container invariants.
+
+ Container.Last := Idx;
+ end loop;
+
+ return;
+ end if;
+
+ -- The tampering bits exist to prevent an item from being harmfully
+ -- manipulated while it is being visited. Query, Update, and Iterate
+ -- increment the busy count on entry, and decrement the count on
+ -- exit. Insert checks the count to determine whether it is being called
+ -- while the associated callback procedure is executing.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ if New_Length <= Container.Elements.EA'Length then
+
+ -- In this case, we're inserting elements into a vector that has
+ -- already allocated an internal array, and the existing array has
+ -- enough unused storage for the new items.
+
+ declare
+ E : Elements_Array renames Container.Elements.EA;
+ K : Index_Type'Base;
+
+ begin
+ if Before > Container.Last then
+
+ -- The new items are being appended to the vector, so no
+ -- sliding of existing elements is required.
+
+ for Idx in Before .. New_Last loop
+
+ -- In order to preserve container invariants, we always
+ -- attempt the element allocation first, before setting the
+ -- Last index value, in case the allocation fails (either
+ -- because there is no storage available, or because element
+ -- initialization fails).
+
+ declare
+ -- The element allocator may need an accessibility check
+ -- in case the actual type is class-wide or has access
+ -- discriminants (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ E (Idx) := new Element_Type'(New_Item);
+ end;
+
+ -- The allocation of the element succeeded, so it is now
+ -- safe to update the Last index, restoring container
+ -- invariants.
+
+ Container.Last := Idx;
+ end loop;
+
+ else
+ -- The new items are being inserted before some existing
+ -- elements, so we must slide the existing elements up to their
+ -- new home. We use the wider of Index_Type'Base and
+ -- Count_Type'Base as the type for intermediate index values.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Index := Before + Index_Type'Base (Count);
+ else
+ Index := Index_Type'Base (Count_Type'Base (Before) + Count);
+ end if;
+
+ -- The new items are being inserted in the middle of the array,
+ -- in the range [Before, Index). Copy the existing elements to
+ -- the end of the array, to make room for the new items.
+
+ E (Index .. New_Last) := E (Before .. Container.Last);
+ Container.Last := New_Last;
+
+ -- We have copied the existing items up to the end of the
+ -- array, to make room for the new items in the middle of
+ -- the array. Now we actually allocate the new items.
+
+ -- Note: initialize K outside loop to make it clear that
+ -- K always has a value if the exception handler triggers.
+
+ K := Before;
+
+ declare
+ -- The element allocator may need an accessibility check in
+ -- the case the actual type is class-wide or has access
+ -- discriminants (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ while K < Index loop
+ E (K) := new Element_Type'(New_Item);
+ K := K + 1;
+ end loop;
+
+ exception
+ when others =>
+
+ -- Values in the range [Before, K) were successfully
+ -- allocated, but values in the range [K, Index) are
+ -- stale (these array positions contain copies of the
+ -- old items, that did not get assigned a new item,
+ -- because the allocation failed). We must finish what
+ -- we started by clearing out all of the stale values,
+ -- leaving a "hole" in the middle of the array.
+
+ E (K .. Index - 1) := (others => null);
+ raise;
+ end;
+ end if;
+ end;
+
+ return;
+ end if;
+
+ -- In this case, we're inserting elements into a vector that has already
+ -- allocated an internal array, but the existing array does not have
+ -- enough storage, so we must allocate a new, longer array. In order to
+ -- guarantee that the amortized insertion cost is O(1), we always
+ -- allocate an array whose length is some power-of-two factor of the
+ -- current array length. (The new array cannot have a length less than
+ -- the New_Length of the container, but its last index value cannot be
+ -- greater than Index_Type'Last.)
+
+ New_Capacity := Count_Type'Max (1, Container.Elements.EA'Length);
+ while New_Capacity < New_Length loop
+ if New_Capacity > Count_Type'Last / 2 then
+ New_Capacity := Count_Type'Last;
+ exit;
+ end if;
+
+ New_Capacity := 2 * New_Capacity;
+ end loop;
+
+ if New_Capacity > Max_Length then
+
+ -- We have reached the limit of capacity, so no further expansion
+ -- will occur. (This is not a problem, as there is never a need to
+ -- have more capacity than the maximum container length.)
+
+ New_Capacity := Max_Length;
+ end if;
+
+ -- We have computed the length of the new internal array (and this is
+ -- what "vector capacity" means), so use that to compute its last index.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Dst_Last := No_Index + Index_Type'Base (New_Capacity);
+ else
+ Dst_Last :=
+ Index_Type'Base (Count_Type'Base (No_Index) + New_Capacity);
+ end if;
+
+ -- Now we allocate the new, longer internal array. If the allocation
+ -- fails, we have not changed any container state, so no side-effect
+ -- will occur as a result of propagating the exception.
+
+ Dst := new Elements_Type (Dst_Last);
+
+ -- We have our new internal array. All that needs to be done now is to
+ -- copy the existing items (if any) from the old array (the "source"
+ -- array) to the new array (the "destination" array), and then
+ -- deallocate the old array.
+
+ declare
+ Src : Elements_Access := Container.Elements;
+
+ begin
+ Dst.EA (Index_Type'First .. Before - 1) :=
+ Src.EA (Index_Type'First .. Before - 1);
+
+ if Before > Container.Last then
+
+ -- The new items are being appended to the vector, so no
+ -- sliding of existing elements is required.
+
+ -- We have copied the elements from to the old source array to the
+ -- new destination array, so we can now deallocate the old array.
+
+ Container.Elements := Dst;
+ Free (Src);
+
+ -- Now we append the new items.
+
+ for Idx in Before .. New_Last loop
+
+ -- In order to preserve container invariants, we always attempt
+ -- the element allocation first, before setting the Last index
+ -- value, in case the allocation fails (either because there
+ -- is no storage available, or because element initialization
+ -- fails).
+
+ declare
+ -- The element allocator may need an accessibility check in
+ -- the case the actual type is class-wide or has access
+ -- discriminants (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ Dst.EA (Idx) := new Element_Type'(New_Item);
+ end;
+
+ -- The allocation of the element succeeded, so it is now safe
+ -- to update the Last index, restoring container invariants.
+
+ Container.Last := Idx;
+ end loop;
+
+ else
+ -- The new items are being inserted before some existing elements,
+ -- so we must slide the existing elements up to their new home.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Index := Before + Index_Type'Base (Count);
+ else
+ Index := Index_Type'Base (Count_Type'Base (Before) + Count);
+ end if;
+
+ Dst.EA (Index .. New_Last) := Src.EA (Before .. Container.Last);
+
+ -- We have copied the elements from to the old source array to the
+ -- new destination array, so we can now deallocate the old array.
+
+ Container.Elements := Dst;
+ Container.Last := New_Last;
+ Free (Src);
+
+ -- The new array has a range in the middle containing null access
+ -- values. Fill in that partition of the array with the new items.
+
+ for Idx in Before .. Index - 1 loop
+
+ -- Note that container invariants have already been satisfied
+ -- (in particular, the Last index value of the vector has
+ -- already been updated), so if this allocation fails we simply
+ -- let it propagate.
+
+ declare
+ -- The element allocator may need an accessibility check in
+ -- the case the actual type is class-wide or has access
+ -- discriminants (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ Dst.EA (Idx) := new Element_Type'(New_Item);
+ end;
+ end loop;
+ end if;
+ end;
+ end Insert;
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Extended_Index;
+ New_Item : Vector)
+ is
+ N : constant Count_Type := Length (New_Item);
+ J : Index_Type'Base;
+
+ begin
+ -- Use Insert_Space to create the "hole" (the destination slice) into
+ -- which we copy the source items.
+
+ Insert_Space (Container, Before, Count => N);
+
+ if N = 0 then
+
+ -- There's nothing else to do here (vetting of parameters was
+ -- performed already in Insert_Space), so we simply return.
+
+ return;
+ end if;
+
+ if Container'Address /= New_Item'Address then
+
+ -- This is the simple case. New_Item denotes an object different
+ -- from Container, so there's nothing special we need to do to copy
+ -- the source items to their destination, because all of the source
+ -- items are contiguous.
+
+ declare
+ subtype Src_Index_Subtype is Index_Type'Base range
+ Index_Type'First .. New_Item.Last;
+
+ Src : Elements_Array renames
+ New_Item.Elements.EA (Src_Index_Subtype);
+
+ Dst : Elements_Array renames Container.Elements.EA;
+
+ Dst_Index : Index_Type'Base;
+
+ begin
+ Dst_Index := Before - 1;
+ for Src_Index in Src'Range loop
+ Dst_Index := Dst_Index + 1;
+
+ if Src (Src_Index) /= null then
+ Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
+ end if;
+ end loop;
+ end;
+
+ return;
+ end if;
+
+ -- New_Item denotes the same object as Container, so an insertion has
+ -- potentially split the source items. The first source slice is
+ -- [Index_Type'First, Before), and the second source slice is
+ -- [J, Container.Last], where index value J is the first index of the
+ -- second slice. (J gets computed below, but only after we have
+ -- determined that the second source slice is non-empty.) The
+ -- destination slice is always the range [Before, J). We perform the
+ -- copy in two steps, using each of the two slices of the source items.
+
+ declare
+ L : constant Index_Type'Base := Before - 1;
+
+ subtype Src_Index_Subtype is Index_Type'Base range
+ Index_Type'First .. L;
+
+ Src : Elements_Array renames
+ Container.Elements.EA (Src_Index_Subtype);
+
+ Dst : Elements_Array renames Container.Elements.EA;
+
+ Dst_Index : Index_Type'Base;
+
+ begin
+ -- We first copy the source items that precede the space we
+ -- inserted. (If Before equals Index_Type'First, then this first
+ -- source slice will be empty, which is harmless.)
+
+ Dst_Index := Before - 1;
+ for Src_Index in Src'Range loop
+ Dst_Index := Dst_Index + 1;
+
+ if Src (Src_Index) /= null then
+ Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
+ end if;
+ end loop;
+
+ if Src'Length = N then
+
+ -- The new items were effectively appended to the container, so we
+ -- have already copied all of the items that need to be copied.
+ -- We return early here, even though the source slice below is
+ -- empty (so the assignment would be harmless), because we want to
+ -- avoid computing J, which will overflow if J is greater than
+ -- Index_Type'Base'Last.
+
+ return;
+ end if;
+ end;
+
+ -- Index value J is the first index of the second source slice. (It is
+ -- also 1 greater than the last index of the destination slice.) Note:
+ -- avoid computing J if J is greater than Index_Type'Base'Last, in order
+ -- to avoid overflow. Prevent that by returning early above, immediately
+ -- after copying the first slice of the source, and determining that
+ -- this second slice of the source is empty.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ J := Before + Index_Type'Base (N);
+ else
+ J := Index_Type'Base (Count_Type'Base (Before) + N);
+ end if;
+
+ declare
+ subtype Src_Index_Subtype is Index_Type'Base range
+ J .. Container.Last;
+
+ Src : Elements_Array renames
+ Container.Elements.EA (Src_Index_Subtype);
+
+ Dst : Elements_Array renames Container.Elements.EA;
+
+ Dst_Index : Index_Type'Base;
+
+ begin
+ -- We next copy the source items that follow the space we inserted.
+ -- Index value Dst_Index is the first index of that portion of the
+ -- destination that receives this slice of the source. (For the
+ -- reasons given above, this slice is guaranteed to be non-empty.)
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Dst_Index := J - Index_Type'Base (Src'Length);
+ else
+ Dst_Index := Index_Type'Base (Count_Type'Base (J) - Src'Length);
+ end if;
+
+ for Src_Index in Src'Range loop
+ if Src (Src_Index) /= null then
+ Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
+ end if;
+
+ Dst_Index := Dst_Index + 1;
+ end loop;
+ end;
+ end Insert;
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Cursor;
+ New_Item : Vector)
+ is
+ Index : Index_Type'Base;
+
+ begin
+ if Before.Container /= null
+ and then Before.Container /= Container'Unrestricted_Access
+ then
+ raise Program_Error with "Before cursor denotes wrong container";
+ end if;
+
+ if Is_Empty (New_Item) then
+ return;
+ end if;
+
+ if Before.Container = null or else Before.Index > Container.Last then
+ if Container.Last = Index_Type'Last then
+ raise Constraint_Error with
+ "vector is already at its maximum length";
+ end if;
+
+ Index := Container.Last + 1;
+
+ else
+ Index := Before.Index;
+ end if;
+
+ Insert (Container, Index, New_Item);
+ end Insert;
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Cursor;
+ New_Item : Vector;
+ Position : out Cursor)
+ is
+ Index : Index_Type'Base;
+
+ begin
+ if Before.Container /= null
+ and then Before.Container /=
+ Vector_Access'(Container'Unrestricted_Access)
+ then
+ raise Program_Error with "Before cursor denotes wrong container";
+ end if;
+
+ if Is_Empty (New_Item) then
+ if Before.Container = null or else Before.Index > Container.Last then
+ Position := No_Element;
+ else
+ Position := (Container'Unrestricted_Access, Before.Index);
+ end if;
+
+ return;
+ end if;
+
+ if Before.Container = null or else Before.Index > Container.Last then
+ if Container.Last = Index_Type'Last then
+ raise Constraint_Error with
+ "vector is already at its maximum length";
+ end if;
+
+ Index := Container.Last + 1;
+
+ else
+ Index := Before.Index;
+ end if;
+
+ Insert (Container, Index, New_Item);
+
+ Position := Cursor'(Container'Unrestricted_Access, Index);
+ end Insert;
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Cursor;
+ New_Item : Element_Type;
+ Count : Count_Type := 1)
+ is
+ Index : Index_Type'Base;
+
+ begin
+ if Before.Container /= null
+ and then Before.Container /= Container'Unrestricted_Access
+ then
+ raise Program_Error with "Before cursor denotes wrong container";
+ end if;
+
+ if Count = 0 then
+ return;
+ end if;
+
+ if Before.Container = null or else Before.Index > Container.Last then
+ if Container.Last = Index_Type'Last then
+ raise Constraint_Error with
+ "vector is already at its maximum length";
+ end if;
+
+ Index := Container.Last + 1;
+
+ else
+ Index := Before.Index;
+ end if;
+
+ Insert (Container, Index, New_Item, Count);
+ end Insert;
+
+ procedure Insert
+ (Container : in out Vector;
+ Before : Cursor;
+ New_Item : Element_Type;
+ Position : out Cursor;
+ Count : Count_Type := 1)
+ is
+ Index : Index_Type'Base;
+
+ begin
+ if Before.Container /= null
+ and then Before.Container /= Container'Unrestricted_Access
+ then
+ raise Program_Error with "Before cursor denotes wrong container";
+ end if;
+
+ if Count = 0 then
+ if Before.Container = null
+ or else Before.Index > Container.Last
+ then
+ Position := No_Element;
+ else
+ Position := (Container'Unrestricted_Access, Before.Index);
+ end if;
+
+ return;
+ end if;
+
+ if Before.Container = null or else Before.Index > Container.Last then
+ if Container.Last = Index_Type'Last then
+ raise Constraint_Error with
+ "vector is already at its maximum length";
+ end if;
+
+ Index := Container.Last + 1;
+
+ else
+ Index := Before.Index;
+ end if;
+
+ Insert (Container, Index, New_Item, Count);
+
+ Position := (Container'Unrestricted_Access, Index);
+ end Insert;
+
+ ------------------
+ -- Insert_Space --
+ ------------------
+
+ procedure Insert_Space
+ (Container : in out Vector;
+ Before : Extended_Index;
+ Count : Count_Type := 1)
+ is
+ Old_Length : constant Count_Type := Container.Length;
+
+ Max_Length : Count_Type'Base; -- determined from range of Index_Type
+ New_Length : Count_Type'Base; -- sum of current length and Count
+ New_Last : Index_Type'Base; -- last index of vector after insertion
+
+ Index : Index_Type'Base; -- scratch for intermediate values
+ J : Count_Type'Base; -- scratch
+
+ New_Capacity : Count_Type'Base; -- length of new, expanded array
+ Dst_Last : Index_Type'Base; -- last index of new, expanded array
+ Dst : Elements_Access; -- new, expanded internal array
+
+ begin
+ -- As a precondition on the generic actual Index_Type, the base type
+ -- must include Index_Type'Pred (Index_Type'First); this is the value
+ -- that Container.Last assumes when the vector is empty. However, we do
+ -- not allow that as the value for Index when specifying where the new
+ -- items should be inserted, so we must manually check. (That the user
+ -- is allowed to specify the value at all here is a consequence of the
+ -- declaration of the Extended_Index subtype, which includes the values
+ -- in the base range that immediately precede and immediately follow the
+ -- values in the Index_Type.)
+
+ if Before < Index_Type'First then
+ raise Constraint_Error with
+ "Before index is out of range (too small)";
+ end if;
+
+ -- We do allow a value greater than Container.Last to be specified as
+ -- the Index, but only if it's immediately greater. This allows for the
+ -- case of appending items to the back end of the vector. (It is assumed
+ -- that specifying an index value greater than Last + 1 indicates some
+ -- deeper flaw in the caller's algorithm, so that case is treated as a
+ -- proper error.)
+
+ if Before > Container.Last and then Before > Container.Last + 1 then
+ raise Constraint_Error with
+ "Before index is out of range (too large)";
+ end if;
+
+ -- We treat inserting 0 items into the container as a no-op, even when
+ -- the container is busy, so we simply return.
+
+ if Count = 0 then
+ return;
+ end if;
+
+ -- There are two constraints we need to satisfy. The first constraint is
+ -- that a container cannot have more than Count_Type'Last elements, so
+ -- we must check the sum of the current length and the insertion
+ -- count. Note that we cannot simply add these values, because of the
+ -- possibility of overflow.
+
+ if Old_Length > Count_Type'Last - Count then
+ raise Constraint_Error with "Count is out of range";
+ end if;
+
+ -- It is now safe compute the length of the new vector, without fear of
+ -- overflow.
+
+ New_Length := Old_Length + Count;
+
+ -- The second constraint is that the new Last index value cannot exceed
+ -- Index_Type'Last. In each branch below, we calculate the maximum
+ -- length (computed from the range of values in Index_Type), and then
+ -- compare the new length to the maximum length. If the new length is
+ -- acceptable, then we compute the new last index from that.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ -- We have to handle the case when there might be more values in the
+ -- range of Index_Type than in the range of Count_Type.
+
+ if Index_Type'First <= 0 then
+
+ -- We know that No_Index (the same as Index_Type'First - 1) is
+ -- less than 0, so it is safe to compute the following sum without
+ -- fear of overflow.
+
+ Index := No_Index + Index_Type'Base (Count_Type'Last);
+
+ if Index <= Index_Type'Last then
+
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the
+ -- maximum number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than in Count_Type,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
+ end if;
+
+ else
+ -- No_Index is equal or greater than 0, so we can safely compute
+ -- the difference without fear of overflow (which we would have to
+ -- worry about if No_Index were less than 0, but that case is
+ -- handled above).
+
+ if Index_Type'Last - No_Index >=
+ Count_Type'Pos (Count_Type'Last)
+ then
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the
+ -- maximum number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than in Count_Type,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
+ end if;
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- We know that No_Index (the same as Index_Type'First - 1) is less
+ -- than 0, so it is safe to compute the following sum without fear of
+ -- overflow.
+
+ J := Count_Type'Base (No_Index) + Count_Type'Last;
+
+ if J <= Count_Type'Base (Index_Type'Last) then
+
+ -- We have determined that range of Index_Type has at least as
+ -- many values as in Count_Type, so Count_Type'Last is the maximum
+ -- number of items that are allowed.
+
+ Max_Length := Count_Type'Last;
+
+ else
+ -- The range of Index_Type has fewer values than Count_Type does,
+ -- so the maximum number of items is computed from the range of
+ -- the Index_Type.
+
+ Max_Length :=
+ Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
+ end if;
+
+ else
+ -- No_Index is equal or greater than 0, so we can safely compute the
+ -- difference without fear of overflow (which we would have to worry
+ -- about if No_Index were less than 0, but that case is handled
+ -- above).
+
+ Max_Length :=
+ Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
+ end if;
+
+ -- We have just computed the maximum length (number of items). We must
+ -- now compare the requested length to the maximum length, as we do not
+ -- allow a vector expand beyond the maximum (because that would create
+ -- an internal array with a last index value greater than
+ -- Index_Type'Last, with no way to index those elements).
+
+ if New_Length > Max_Length then
+ raise Constraint_Error with "Count is out of range";
+ end if;
+
+ -- New_Last is the last index value of the items in the container after
+ -- insertion. Use the wider of Index_Type'Base and Count_Type'Base to
+ -- compute its value from the New_Length.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ New_Last := No_Index + Index_Type'Base (New_Length);
+ else
+ New_Last := Index_Type'Base (Count_Type'Base (No_Index) + New_Length);
+ end if;
+
+ if Container.Elements = null then
+ pragma Assert (Container.Last = No_Index);
+
+ -- This is the simplest case, with which we must always begin: we're
+ -- inserting items into an empty vector that hasn't allocated an
+ -- internal array yet. Note that we don't need to check the busy bit
+ -- here, because an empty container cannot be busy.
+
+ -- In an indefinite vector, elements are allocated individually, and
+ -- stored as access values on the internal array (the length of which
+ -- represents the vector "capacity"), which is separately allocated.
+ -- We have no elements here (because we're inserting "space"), so all
+ -- we need to do is allocate the backbone.
+
+ Container.Elements := new Elements_Type (New_Last);
+ Container.Last := New_Last;
+
+ return;
+ end if;
+
+ -- The tampering bits exist to prevent an item from being harmfully
+ -- manipulated while it is being visited. Query, Update, and Iterate
+ -- increment the busy count on entry, and decrement the count on exit.
+ -- Insert checks the count to determine whether it is being called while
+ -- the associated callback procedure is executing.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ if New_Length <= Container.Elements.EA'Length then
+
+ -- In this case, we are inserting elements into a vector that has
+ -- already allocated an internal array, and the existing array has
+ -- enough unused storage for the new items.
+
+ declare
+ E : Elements_Array renames Container.Elements.EA;
+
+ begin
+ if Before <= Container.Last then
+
+ -- The new space is being inserted before some existing
+ -- elements, so we must slide the existing elements up to
+ -- their new home. We use the wider of Index_Type'Base and
+ -- Count_Type'Base as the type for intermediate index values.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Index := Before + Index_Type'Base (Count);
+ else
+ Index := Index_Type'Base (Count_Type'Base (Before) + Count);
+ end if;
+
+ E (Index .. New_Last) := E (Before .. Container.Last);
+ E (Before .. Index - 1) := (others => null);
+ end if;
+ end;
+
+ Container.Last := New_Last;
+ return;
+ end if;
+
+ -- In this case, we're inserting elements into a vector that has already
+ -- allocated an internal array, but the existing array does not have
+ -- enough storage, so we must allocate a new, longer array. In order to
+ -- guarantee that the amortized insertion cost is O(1), we always
+ -- allocate an array whose length is some power-of-two factor of the
+ -- current array length. (The new array cannot have a length less than
+ -- the New_Length of the container, but its last index value cannot be
+ -- greater than Index_Type'Last.)
+
+ New_Capacity := Count_Type'Max (1, Container.Elements.EA'Length);
+ while New_Capacity < New_Length loop
+ if New_Capacity > Count_Type'Last / 2 then
+ New_Capacity := Count_Type'Last;
+ exit;
+ end if;
+
+ New_Capacity := 2 * New_Capacity;
+ end loop;
+
+ if New_Capacity > Max_Length then
+
+ -- We have reached the limit of capacity, so no further expansion
+ -- will occur. (This is not a problem, as there is never a need to
+ -- have more capacity than the maximum container length.)
+
+ New_Capacity := Max_Length;
+ end if;
+
+ -- We have computed the length of the new internal array (and this is
+ -- what "vector capacity" means), so use that to compute its last index.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Dst_Last := No_Index + Index_Type'Base (New_Capacity);
+ else
+ Dst_Last :=
+ Index_Type'Base (Count_Type'Base (No_Index) + New_Capacity);
+ end if;
+
+ -- Now we allocate the new, longer internal array. If the allocation
+ -- fails, we have not changed any container state, so no side-effect
+ -- will occur as a result of propagating the exception.
+
+ Dst := new Elements_Type (Dst_Last);
+
+ -- We have our new internal array. All that needs to be done now is to
+ -- copy the existing items (if any) from the old array (the "source"
+ -- array) to the new array (the "destination" array), and then
+ -- deallocate the old array.
+
+ declare
+ Src : Elements_Access := Container.Elements;
+
+ begin
+ Dst.EA (Index_Type'First .. Before - 1) :=
+ Src.EA (Index_Type'First .. Before - 1);
+
+ if Before <= Container.Last then
+
+ -- The new items are being inserted before some existing elements,
+ -- so we must slide the existing elements up to their new home.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+ Index := Before + Index_Type'Base (Count);
+ else
+ Index := Index_Type'Base (Count_Type'Base (Before) + Count);
+ end if;
+
+ Dst.EA (Index .. New_Last) := Src.EA (Before .. Container.Last);
+ end if;
+
+ -- We have copied the elements from to the old, source array to the
+ -- new, destination array, so we can now restore invariants, and
+ -- deallocate the old array.
+
+ Container.Elements := Dst;
+ Container.Last := New_Last;
+ Free (Src);
+ end;
+ end Insert_Space;
+
+ procedure Insert_Space
+ (Container : in out Vector;
+ Before : Cursor;
+ Position : out Cursor;
+ Count : Count_Type := 1)
+ is
+ Index : Index_Type'Base;
+
+ begin
+ if Before.Container /= null
+ and then Before.Container /= Container'Unrestricted_Access
+ then
+ raise Program_Error with "Before cursor denotes wrong container";
+ end if;
+
+ if Count = 0 then
+ if Before.Container = null or else Before.Index > Container.Last then
+ Position := No_Element;
+ else
+ Position := (Container'Unrestricted_Access, Before.Index);
+ end if;
+
+ return;
+ end if;
+
+ if Before.Container = null
+ or else Before.Index > Container.Last
+ then
+ if Container.Last = Index_Type'Last then
+ raise Constraint_Error with
+ "vector is already at its maximum length";
+ end if;
+
+ Index := Container.Last + 1;
+
+ else
+ Index := Before.Index;
+ end if;
+
+ Insert_Space (Container, Index, Count);
+
+ Position := Cursor'(Container'Unrestricted_Access, Index);
+ end Insert_Space;
+
+ --------------
+ -- Is_Empty --
+ --------------
+
+ function Is_Empty (Container : Vector) return Boolean is
+ begin
+ return Container.Last < Index_Type'First;
+ end Is_Empty;
+
+ -------------
+ -- Iterate --
+ -------------
+
+ procedure Iterate
+ (Container : Vector;
+ Process : not null access procedure (Position : Cursor))
+ is
+ B : Natural renames Container'Unrestricted_Access.all.Busy;
+
+ begin
+ B := B + 1;
+
+ begin
+ for Indx in Index_Type'First .. Container.Last loop
+ Process (Cursor'(Container'Unrestricted_Access, Indx));
+ end loop;
+ exception
+ when others =>
+ B := B - 1;
+ raise;
+ end;
+
+ B := B - 1;
+ end Iterate;
+
+ function Iterate (Container : Vector)
+ return Vector_Iterator_Interfaces.Reversible_Iterator'Class
+ is
+ V : constant Vector_Access := Container'Unrestricted_Access;
+ B : Natural renames V.Busy;
+
+ begin
+ -- The value of its Index component influences the behavior of the First
+ -- and Last selector functions of the iterator object. When the Index
+ -- component is No_Index (as is the case here), this means the iterator
+ -- object was constructed without a start expression. This is a complete
+ -- iterator, meaning that the iteration starts from the (logical)
+ -- beginning of the sequence of items.
+
+ -- Note: For a forward iterator, Container.First is the beginning, and
+ -- for a reverse iterator, Container.Last is the beginning.
+
+ return It : constant Iterator :=
+ (Limited_Controlled with
+ Container => V,
+ Index => No_Index)
+ do
+ B := B + 1;
+ end return;
+ end Iterate;
+
+ function Iterate
+ (Container : Vector;
+ Start : Cursor)
+ return Vector_Iterator_Interfaces.Reversible_Iterator'Class
+ is
+ V : constant Vector_Access := Container'Unrestricted_Access;
+ B : Natural renames V.Busy;
+
+ begin
+ -- It was formerly the case that when Start = No_Element, the partial
+ -- iterator was defined to behave the same as for a complete iterator,
+ -- and iterate over the entire sequence of items. However, those
+ -- semantics were unintuitive and arguably error-prone (it is too easy
+ -- to accidentally create an endless loop), and so they were changed,
+ -- per the ARG meeting in Denver on 2011/11. However, there was no
+ -- consensus about what positive meaning this corner case should have,
+ -- and so it was decided to simply raise an exception. This does imply,
+ -- however, that it is not possible to use a partial iterator to specify
+ -- an empty sequence of items.
+
+ if Start.Container = null then
+ raise Constraint_Error with
+ "Start position for iterator equals No_Element";
+ end if;
+
+ if Start.Container /= V then
+ raise Program_Error with
+ "Start cursor of Iterate designates wrong vector";
+ end if;
+
+ if Start.Index > V.Last then
+ raise Constraint_Error with
+ "Start position for iterator equals No_Element";
+ end if;
+
+ -- The value of its Index component influences the behavior of the First
+ -- and Last selector functions of the iterator object. When the Index
+ -- component is not No_Index (as is the case here), it means that this
+ -- is a partial iteration, over a subset of the complete sequence of
+ -- items. The iterator object was constructed with a start expression,
+ -- indicating the position from which the iteration begins. Note that
+ -- the start position has the same value irrespective of whether this
+ -- is a forward or reverse iteration.
+
+ return It : constant Iterator :=
+ (Limited_Controlled with
+ Container => V,
+ Index => Start.Index)
+ do
+ B := B + 1;
+ end return;
+ end Iterate;
+
+ ----------
+ -- Last --
+ ----------
+
+ function Last (Container : Vector) return Cursor is
+ begin
+ if Is_Empty (Container) then
+ return No_Element;
+ end if;
+
+ return (Container'Unrestricted_Access, Container.Last);
+ end Last;
+
+ function Last (Object : Iterator) return Cursor is
+ begin
+ -- The value of the iterator object's Index component influences the
+ -- behavior of the Last (and First) selector function.
+
+ -- When the Index component is No_Index, this means the iterator
+ -- object was constructed without a start expression, in which case the
+ -- (reverse) iteration starts from the (logical) beginning of the entire
+ -- sequence (corresponding to Container.Last, for a reverse iterator).
+
+ -- Otherwise, this is iteration over a partial sequence of items.
+ -- When the Index component is not No_Index, the iterator object was
+ -- constructed with a start expression, that specifies the position
+ -- from which the (reverse) partial iteration begins.
+
+ if Object.Index = No_Index then
+ return Last (Object.Container.all);
+ else
+ return Cursor'(Object.Container, Object.Index);
+ end if;
+ end Last;
+
+ -----------------
+ -- Last_Element --
+ ------------------
+
+ function Last_Element (Container : Vector) return Element_Type is
+ begin
+ if Container.Last = No_Index then
+ raise Constraint_Error with "Container is empty";
+ end if;
+
+ declare
+ EA : constant Element_Access :=
+ Container.Elements.EA (Container.Last);
+ begin
+ if EA = null then
+ raise Constraint_Error with "last element is empty";
+ else
+ return EA.all;
+ end if;
+ end;
+ end Last_Element;
+
+ ----------------
+ -- Last_Index --
+ ----------------
+
+ function Last_Index (Container : Vector) return Extended_Index is
+ begin
+ return Container.Last;
+ end Last_Index;
+
+ ------------
+ -- Length --
+ ------------
+
+ function Length (Container : Vector) return Count_Type is
+ L : constant Index_Type'Base := Container.Last;
+ F : constant Index_Type := Index_Type'First;
+
+ begin
+ -- The base range of the index type (Index_Type'Base) might not include
+ -- all values for length (Count_Type). Contrariwise, the index type
+ -- might include values outside the range of length. Hence we use
+ -- whatever type is wider for intermediate values when calculating
+ -- length. Note that no matter what the index type is, the maximum
+ -- length to which a vector is allowed to grow is always the minimum
+ -- of Count_Type'Last and (IT'Last - IT'First + 1).
+
+ -- For example, an Index_Type with range -127 .. 127 is only guaranteed
+ -- to have a base range of -128 .. 127, but the corresponding vector
+ -- would have lengths in the range 0 .. 255. In this case we would need
+ -- to use Count_Type'Base for intermediate values.
+
+ -- Another case would be the index range -2**63 + 1 .. -2**63 + 10. The
+ -- vector would have a maximum length of 10, but the index values lie
+ -- outside the range of Count_Type (which is only 32 bits). In this
+ -- case we would need to use Index_Type'Base for intermediate values.
+
+ if Count_Type'Base'Last >= Index_Type'Pos (Index_Type'Base'Last) then
+ return Count_Type'Base (L) - Count_Type'Base (F) + 1;
+ else
+ return Count_Type (L - F + 1);
+ end if;
+ end Length;
+
+ ----------
+ -- Move --
+ ----------
+
+ procedure Move
+ (Target : in out Vector;
+ Source : in out Vector)
+ is
+ begin
+ if Target'Address = Source'Address then
+ return;
+ end if;
+
+ if Source.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (Source is busy)";
+ end if;
+
+ Clear (Target); -- Checks busy-bit
+
+ declare
+ Target_Elements : constant Elements_Access := Target.Elements;
+ begin
+ Target.Elements := Source.Elements;
+ Source.Elements := Target_Elements;
+ end;
+
+ Target.Last := Source.Last;
+ Source.Last := No_Index;
+ end Move;
+
+ ----------
+ -- Next --
+ ----------
+
+ function Next (Position : Cursor) return Cursor is
+ begin
+ if Position.Container = null then
+ return No_Element;
+ elsif Position.Index < Position.Container.Last then
+ return (Position.Container, Position.Index + 1);
+ else
+ return No_Element;
+ end if;
+ end Next;
+
+ function Next (Object : Iterator; Position : Cursor) return Cursor is
+ begin
+ if Position.Container = null then
+ return No_Element;
+ elsif Position.Container /= Object.Container then
+ raise Program_Error with
+ "Position cursor of Next designates wrong vector";
+ else
+ return Next (Position);
+ end if;
+ end Next;
+
+ procedure Next (Position : in out Cursor) is
+ begin
+ if Position.Container = null then
+ return;
+ elsif Position.Index < Position.Container.Last then
+ Position.Index := Position.Index + 1;
+ else
+ Position := No_Element;
+ end if;
+ end Next;
+
+ -------------
+ -- Prepend --
+ -------------
+
+ procedure Prepend (Container : in out Vector; New_Item : Vector) is
+ begin
+ Insert (Container, Index_Type'First, New_Item);
+ end Prepend;
+
+ procedure Prepend
+ (Container : in out Vector;
+ New_Item : Element_Type;
+ Count : Count_Type := 1)
+ is
+ begin
+ Insert (Container, Index_Type'First, New_Item, Count);
+ end Prepend;
+
+ --------------
+ -- Previous --
+ --------------
+
+ procedure Previous (Position : in out Cursor) is
+ begin
+ if Position.Container = null then
+ return;
+ elsif Position.Index > Index_Type'First then
+ Position.Index := Position.Index - 1;
+ else
+ Position := No_Element;
+ end if;
+ end Previous;
+
+ function Previous (Position : Cursor) return Cursor is
+ begin
+ if Position.Container = null then
+ return No_Element;
+ elsif Position.Index > Index_Type'First then
+ return (Position.Container, Position.Index - 1);
+ else
+ return No_Element;
+ end if;
+ end Previous;
+
+ function Previous (Object : Iterator; Position : Cursor) return Cursor is
+ begin
+ if Position.Container = null then
+ return No_Element;
+ elsif Position.Container /= Object.Container then
+ raise Program_Error with
+ "Position cursor of Previous designates wrong vector";
+ else
+ return Previous (Position);
+ end if;
+ end Previous;
+
+ -------------------
+ -- Query_Element --
+ -------------------
+
+ procedure Query_Element
+ (Container : Vector;
+ Index : Index_Type;
+ Process : not null access procedure (Element : Element_Type))
+ is
+ V : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames V.Busy;
+ L : Natural renames V.Lock;
+
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ if V.Elements.EA (Index) = null then
+ raise Constraint_Error with "element is null";
+ end if;
+
+ B := B + 1;
+ L := L + 1;
+
+ begin
+ Process (V.Elements.EA (Index).all);
+ exception
+ when others =>
+ L := L - 1;
+ B := B - 1;
+ raise;
+ end;
+
+ L := L - 1;
+ B := B - 1;
+ end Query_Element;
+
+ procedure Query_Element
+ (Position : Cursor;
+ Process : not null access procedure (Element : Element_Type))
+ is
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+ else
+ Query_Element (Position.Container.all, Position.Index, Process);
+ end if;
+ end Query_Element;
+
+ ----------
+ -- Read --
+ ----------
+
+ procedure Read
+ (Stream : not null access Root_Stream_Type'Class;
+ Container : out Vector)
+ is
+ Length : Count_Type'Base;
+ Last : Index_Type'Base := Index_Type'Pred (Index_Type'First);
+ B : Boolean;
+
+ begin
+ Clear (Container);
+
+ Count_Type'Base'Read (Stream, Length);
+
+ if Length > Capacity (Container) then
+ Reserve_Capacity (Container, Capacity => Length);
+ end if;
+
+ for J in Count_Type range 1 .. Length loop
+ Last := Last + 1;
+
+ Boolean'Read (Stream, B);
+
+ if B then
+ Container.Elements.EA (Last) :=
+ new Element_Type'(Element_Type'Input (Stream));
+ end if;
+
+ Container.Last := Last;
+ end loop;
+ end Read;
+
+ procedure Read
+ (Stream : not null access Root_Stream_Type'Class;
+ Position : out Cursor)
+ is
+ begin
+ raise Program_Error with "attempt to stream vector cursor";
+ end Read;
+
+ procedure Read
+ (Stream : not null access Root_Stream_Type'Class;
+ Item : out Reference_Type)
+ is
+ begin
+ raise Program_Error with "attempt to stream reference";
+ end Read;
+
+ procedure Read
+ (Stream : not null access Root_Stream_Type'Class;
+ Item : out Constant_Reference_Type)
+ is
+ begin
+ raise Program_Error with "attempt to stream reference";
+ end Read;
+
+ ---------------
+ -- Reference --
+ ---------------
+
+ function Reference
+ (Container : aliased in out Vector;
+ Position : Cursor) return Reference_Type
+ is
+ E : Element_Access;
+
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+ end if;
+
+ if Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+ end if;
+
+ if Position.Index > Position.Container.Last then
+ raise Constraint_Error with "Position cursor is out of range";
+ end if;
+
+ E := Container.Elements.EA (Position.Index);
+
+ if E = null then
+ raise Constraint_Error with "element at Position is empty";
+ end if;
+
+ declare
+ C : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ return R : constant Reference_Type :=
+ (Element => E.all'Access,
+ Control => (Controlled with Position.Container))
+ do
+ B := B + 1;
+ L := L + 1;
+ end return;
+ end;
+ end Reference;
+
+ function Reference
+ (Container : aliased in out Vector;
+ Index : Index_Type) return Reference_Type
+ is
+ E : Element_Access;
+
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ E := Container.Elements.EA (Index);
+
+ if E = null then
+ raise Constraint_Error with "element at Index is empty";
+ end if;
+
+ declare
+ C : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames C.Busy;
+ L : Natural renames C.Lock;
+ begin
+ return R : constant Reference_Type :=
+ (Element => E.all'Access,
+ Control => (Controlled with Container'Unrestricted_Access))
+ do
+ B := B + 1;
+ L := L + 1;
+ end return;
+ end;
+ end Reference;
+
+ ---------------------
+ -- Replace_Element --
+ ---------------------
+
+ procedure Replace_Element
+ (Container : in out Vector;
+ Index : Index_Type;
+ New_Item : Element_Type)
+ is
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ if Container.Lock > 0 then
+ raise Program_Error with
+ "attempt to tamper with elements (vector is locked)";
+ end if;
+
+ declare
+ X : Element_Access := Container.Elements.EA (Index);
+
+ -- The element allocator may need an accessibility check in the case
+ -- where the actual type is class-wide or has access discriminants
+ -- (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ Container.Elements.EA (Index) := new Element_Type'(New_Item);
+ Free (X);
+ end;
+ end Replace_Element;
+
+ procedure Replace_Element
+ (Container : in out Vector;
+ Position : Cursor;
+ New_Item : Element_Type)
+ is
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+ end if;
+
+ if Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+ end if;
+
+ if Position.Index > Container.Last then
+ raise Constraint_Error with "Position cursor is out of range";
+ end if;
+
+ if Container.Lock > 0 then
+ raise Program_Error with
+ "attempt to tamper with elements (vector is locked)";
+ end if;
+
+ declare
+ X : Element_Access := Container.Elements.EA (Position.Index);
+
+ -- The element allocator may need an accessibility check in the case
+ -- where the actual type is class-wide or has access discriminants
+ -- (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ Container.Elements.EA (Position.Index) := new Element_Type'(New_Item);
+ Free (X);
+ end;
+ end Replace_Element;
+
+ ----------------------
+ -- Reserve_Capacity --
+ ----------------------
+
+ procedure Reserve_Capacity
+ (Container : in out Vector;
+ Capacity : Count_Type)
+ is
+ N : constant Count_Type := Length (Container);
+
+ Index : Count_Type'Base;
+ Last : Index_Type'Base;
+
+ begin
+ -- Reserve_Capacity can be used to either expand the storage available
+ -- for elements (this would be its typical use, in anticipation of
+ -- future insertion), or to trim back storage. In the latter case,
+ -- storage can only be trimmed back to the limit of the container
+ -- length. Note that Reserve_Capacity neither deletes (active) elements
+ -- nor inserts elements; it only affects container capacity, never
+ -- container length.
+
+ if Capacity = 0 then
+
+ -- This is a request to trim back storage, to the minimum amount
+ -- possible given the current state of the container.
+
+ if N = 0 then
+
+ -- The container is empty, so in this unique case we can
+ -- deallocate the entire internal array. Note that an empty
+ -- container can never be busy, so there's no need to check the
+ -- tampering bits.
+
+ declare
+ X : Elements_Access := Container.Elements;
+
+ begin
+ -- First we remove the internal array from the container, to
+ -- handle the case when the deallocation raises an exception
+ -- (although that's unlikely, since this is simply an array of
+ -- access values, all of which are null).
+
+ Container.Elements := null;
+
+ -- Container invariants have been restored, so it is now safe
+ -- to attempt to deallocate the internal array.
+
+ Free (X);
+ end;
+
+ elsif N < Container.Elements.EA'Length then
+
+ -- The container is not empty, and the current length is less than
+ -- the current capacity, so there's storage available to trim. In
+ -- this case, we allocate a new internal array having a length
+ -- that exactly matches the number of items in the
+ -- container. (Reserve_Capacity does not delete active elements,
+ -- so this is the best we can do with respect to minimizing
+ -- storage).
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ declare
+ subtype Array_Index_Subtype is Index_Type'Base range
+ Index_Type'First .. Container.Last;
+
+ Src : Elements_Array renames
+ Container.Elements.EA (Array_Index_Subtype);
+
+ X : Elements_Access := Container.Elements;
+
+ begin
+ -- Although we have isolated the old internal array that we're
+ -- going to deallocate, we don't deallocate it until we have
+ -- successfully allocated a new one. If there is an exception
+ -- during allocation (because there is not enough storage), we
+ -- let it propagate without causing any side-effect.
+
+ Container.Elements := new Elements_Type'(Container.Last, Src);
+
+ -- We have successfully allocated a new internal array (with a
+ -- smaller length than the old one, and containing a copy of
+ -- just the active elements in the container), so we can
+ -- deallocate the old array.
+
+ Free (X);
+ end;
+ end if;
+
+ return;
+ end if;
+
+ -- Reserve_Capacity can be used to expand the storage available for
+ -- elements, but we do not let the capacity grow beyond the number of
+ -- values in Index_Type'Range. (Were it otherwise, there would be no way
+ -- to refer to the elements with index values greater than
+ -- Index_Type'Last, so that storage would be wasted.) Here we compute
+ -- the Last index value of the new internal array, in a way that avoids
+ -- any possibility of overflow.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+
+ -- We perform a two-part test. First we determine whether the
+ -- computed Last value lies in the base range of the type, and then
+ -- determine whether it lies in the range of the index (sub)type.
+
+ -- Last must satisfy this relation:
+ -- First + Length - 1 <= Last
+ -- We regroup terms:
+ -- First - 1 <= Last - Length
+ -- Which can rewrite as:
+ -- No_Index <= Last - Length
+
+ if Index_Type'Base'Last - Index_Type'Base (Capacity) < No_Index then
+ raise Constraint_Error with "Capacity is out of range";
+ end if;
+
+ -- We now know that the computed value of Last is within the base
+ -- range of the type, so it is safe to compute its value:
+
+ Last := No_Index + Index_Type'Base (Capacity);
+
+ -- Finally we test whether the value is within the range of the
+ -- generic actual index subtype:
+
+ if Last > Index_Type'Last then
+ raise Constraint_Error with "Capacity is out of range";
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- Here we can compute Last directly, in the normal way. We know that
+ -- No_Index is less than 0, so there is no danger of overflow when
+ -- adding the (positive) value of Capacity.
+
+ Index := Count_Type'Base (No_Index) + Capacity; -- Last
+
+ if Index > Count_Type'Base (Index_Type'Last) then
+ raise Constraint_Error with "Capacity is out of range";
+ end if;
+
+ -- We know that the computed value (having type Count_Type) of Last
+ -- is within the range of the generic actual index subtype, so it is
+ -- safe to convert to Index_Type:
+
+ Last := Index_Type'Base (Index);
+
+ else
+ -- Here Index_Type'First (and Index_Type'Last) is positive, so we
+ -- must test the length indirectly (by working backwards from the
+ -- largest possible value of Last), in order to prevent overflow.
+
+ Index := Count_Type'Base (Index_Type'Last) - Capacity; -- No_Index
+
+ if Index < Count_Type'Base (No_Index) then
+ raise Constraint_Error with "Capacity is out of range";
+ end if;
+
+ -- We have determined that the value of Capacity would not create a
+ -- Last index value outside of the range of Index_Type, so we can now
+ -- safely compute its value.
+
+ Last := Index_Type'Base (Count_Type'Base (No_Index) + Capacity);
+ end if;
+
+ -- The requested capacity is non-zero, but we don't know yet whether
+ -- this is a request for expansion or contraction of storage.
+
+ if Container.Elements = null then
+
+ -- The container is empty (it doesn't even have an internal array),
+ -- so this represents a request to allocate storage having the given
+ -- capacity.
+
+ Container.Elements := new Elements_Type (Last);
+ return;
+ end if;
+
+ if Capacity <= N then
+
+ -- This is a request to trim back storage, but only to the limit of
+ -- what's already in the container. (Reserve_Capacity never deletes
+ -- active elements, it only reclaims excess storage.)
+
+ if N < Container.Elements.EA'Length then
+
+ -- The container is not empty (because the requested capacity is
+ -- positive, and less than or equal to the container length), and
+ -- the current length is less than the current capacity, so there
+ -- is storage available to trim. In this case, we allocate a new
+ -- internal array having a length that exactly matches the number
+ -- of items in the container.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ declare
+ subtype Array_Index_Subtype is Index_Type'Base range
+ Index_Type'First .. Container.Last;
+
+ Src : Elements_Array renames
+ Container.Elements.EA (Array_Index_Subtype);
+
+ X : Elements_Access := Container.Elements;
+
+ begin
+ -- Although we have isolated the old internal array that we're
+ -- going to deallocate, we don't deallocate it until we have
+ -- successfully allocated a new one. If there is an exception
+ -- during allocation (because there is not enough storage), we
+ -- let it propagate without causing any side-effect.
+
+ Container.Elements := new Elements_Type'(Container.Last, Src);
+
+ -- We have successfully allocated a new internal array (with a
+ -- smaller length than the old one, and containing a copy of
+ -- just the active elements in the container), so it is now
+ -- safe to deallocate the old array.
+
+ Free (X);
+ end;
+ end if;
+
+ return;
+ end if;
+
+ -- The requested capacity is larger than the container length (the
+ -- number of active elements). Whether this represents a request for
+ -- expansion or contraction of the current capacity depends on what the
+ -- current capacity is.
+
+ if Capacity = Container.Elements.EA'Length then
+
+ -- The requested capacity matches the existing capacity, so there's
+ -- nothing to do here. We treat this case as a no-op, and simply
+ -- return without checking the busy bit.
+
+ return;
+ end if;
+
+ -- There is a change in the capacity of a non-empty container, so a new
+ -- internal array will be allocated. (The length of the new internal
+ -- array could be less or greater than the old internal array. We know
+ -- only that the length of the new internal array is greater than the
+ -- number of active elements in the container.) We must check whether
+ -- the container is busy before doing anything else.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ -- We now allocate a new internal array, having a length different from
+ -- its current value.
+
+ declare
+ X : Elements_Access := Container.Elements;
+
+ subtype Index_Subtype is Index_Type'Base range
+ Index_Type'First .. Container.Last;
+
+ begin
+ -- We now allocate a new internal array, having a length different
+ -- from its current value.
+
+ Container.Elements := new Elements_Type (Last);
+
+ -- We have successfully allocated the new internal array, so now we
+ -- move the existing elements from the existing the old internal
+ -- array onto the new one. Note that we're just copying access
+ -- values, to this should not raise any exceptions.
+
+ Container.Elements.EA (Index_Subtype) := X.EA (Index_Subtype);
+
+ -- We have moved the elements from the old internal array, so now we
+ -- can deallocate it.
+
+ Free (X);
+ end;
+ end Reserve_Capacity;
+
+ ----------------------
+ -- Reverse_Elements --
+ ----------------------
+
+ procedure Reverse_Elements (Container : in out Vector) is
+ begin
+ if Container.Length <= 1 then
+ return;
+ end if;
+
+ -- The exception behavior for the vector container must match that for
+ -- the list container, so we check for cursor tampering here (which will
+ -- catch more things) instead of for element tampering (which will catch
+ -- fewer things). It's true that the elements of this vector container
+ -- could be safely moved around while (say) an iteration is taking place
+ -- (iteration only increments the busy counter), and so technically all
+ -- we would need here is a test for element tampering (indicated by the
+ -- lock counter), that's simply an artifact of our array-based
+ -- implementation. Logically Reverse_Elements requires a check for
+ -- cursor tampering.
+
+ if Container.Busy > 0 then
+ raise Program_Error with
+ "attempt to tamper with cursors (vector is busy)";
+ end if;
+
+ declare
+ I : Index_Type;
+ J : Index_Type;
+ E : Elements_Array renames Container.Elements.EA;
+
+ begin
+ I := Index_Type'First;
+ J := Container.Last;
+ while I < J loop
+ declare
+ EI : constant Element_Access := E (I);
+
+ begin
+ E (I) := E (J);
+ E (J) := EI;
+ end;
+
+ I := I + 1;
+ J := J - 1;
+ end loop;
+ end;
+ end Reverse_Elements;
+
+ ------------------
+ -- Reverse_Find --
+ ------------------
+
+ function Reverse_Find
+ (Container : Vector;
+ Item : Element_Type;
+ Position : Cursor := No_Element) return Cursor
+ is
+ Last : Index_Type'Base;
+
+ begin
+ if Position.Container /= null
+ and then Position.Container /= Container'Unrestricted_Access
+ then
+ raise Program_Error with "Position cursor denotes wrong container";
+ end if;
+
+ if Position.Container = null or else Position.Index > Container.Last then
+ Last := Container.Last;
+ else
+ Last := Position.Index;
+ end if;
+
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ declare
+ B : Natural renames Container'Unrestricted_Access.Busy;
+ L : Natural renames Container'Unrestricted_Access.Lock;
+
+ Result : Index_Type'Base;
+
+ begin
+ B := B + 1;
+ L := L + 1;
+
+ Result := No_Index;
+ for Indx in reverse Index_Type'First .. Last loop
+ if Container.Elements.EA (Indx) /= null
+ and then Container.Elements.EA (Indx).all = Item
+ then
+ Result := Indx;
+ exit;
+ end if;
+ end loop;
+
+ B := B - 1;
+ L := L - 1;
+
+ if Result = No_Index then
+ return No_Element;
+ else
+ return Cursor'(Container'Unrestricted_Access, Result);
+ end if;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+ raise;
+ end;
+ end Reverse_Find;
+
+ ------------------------
+ -- Reverse_Find_Index --
+ ------------------------
+
+ function Reverse_Find_Index
+ (Container : Vector;
+ Item : Element_Type;
+ Index : Index_Type := Index_Type'Last) return Extended_Index
+ is
+ B : Natural renames Container'Unrestricted_Access.Busy;
+ L : Natural renames Container'Unrestricted_Access.Lock;
+
+ Last : constant Index_Type'Base :=
+ (if Index > Container.Last then Container.Last else Index);
+
+ Result : Index_Type'Base;
+
+ begin
+ -- Per AI05-0022, the container implementation is required to detect
+ -- element tampering by a generic actual subprogram.
+
+ B := B + 1;
+ L := L + 1;
+
+ Result := No_Index;
+ for Indx in reverse Index_Type'First .. Last loop
+ if Container.Elements.EA (Indx) /= null
+ and then Container.Elements.EA (Indx).all = Item
+ then
+ Result := Indx;
+ exit;
+ end if;
+ end loop;
+
+ B := B - 1;
+ L := L - 1;
+
+ return Result;
+
+ exception
+ when others =>
+ B := B - 1;
+ L := L - 1;
+ raise;
+ end Reverse_Find_Index;
+
+ ---------------------
+ -- Reverse_Iterate --
+ ---------------------
+
+ procedure Reverse_Iterate
+ (Container : Vector;
+ Process : not null access procedure (Position : Cursor))
+ is
+ V : Vector renames Container'Unrestricted_Access.all;
+ B : Natural renames V.Busy;
+
+ begin
+ B := B + 1;
+
+ begin
+ for Indx in reverse Index_Type'First .. Container.Last loop
+ Process (Cursor'(Container'Unrestricted_Access, Indx));
+ end loop;
+ exception
+ when others =>
+ B := B - 1;
+ raise;
+ end;
+
+ B := B - 1;
+ end Reverse_Iterate;
+
+ ----------------
+ -- Set_Length --
+ ----------------
+
+ procedure Set_Length
+ (Container : in out Vector;
+ Length : Count_Type)
+ is
+ Count : constant Count_Type'Base := Container.Length - Length;
+
+ begin
+ -- Set_Length allows the user to set the length explicitly, instead of
+ -- implicitly as a side-effect of deletion or insertion. If the
+ -- requested length is less than the current length, this is equivalent
+ -- to deleting items from the back end of the vector. If the requested
+ -- length is greater than the current length, then this is equivalent to
+ -- inserting "space" (nonce items) at the end.
+
+ if Count >= 0 then
+ Container.Delete_Last (Count);
+
+ elsif Container.Last >= Index_Type'Last then
+ raise Constraint_Error with "vector is already at its maximum length";
+
+ else
+ Container.Insert_Space (Container.Last + 1, -Count);
+ end if;
+ end Set_Length;
+
+ ----------
+ -- Swap --
+ ----------
+
+ procedure Swap
+ (Container : in out Vector;
+ I, J : Index_Type)
+ is
+ begin
+ if I > Container.Last then
+ raise Constraint_Error with "I index is out of range";
+ end if;
+
+ if J > Container.Last then
+ raise Constraint_Error with "J index is out of range";
+ end if;
+
+ if I = J then
+ return;
+ end if;
+
+ if Container.Lock > 0 then
+ raise Program_Error with
+ "attempt to tamper with elements (vector is locked)";
+ end if;
+
+ declare
+ EI : Element_Access renames Container.Elements.EA (I);
+ EJ : Element_Access renames Container.Elements.EA (J);
+
+ EI_Copy : constant Element_Access := EI;
+
+ begin
+ EI := EJ;
+ EJ := EI_Copy;
+ end;
+ end Swap;
+
+ procedure Swap
+ (Container : in out Vector;
+ I, J : Cursor)
+ is
+ begin
+ if I.Container = null then
+ raise Constraint_Error with "I cursor has no element";
+ end if;
+
+ if J.Container = null then
+ raise Constraint_Error with "J cursor has no element";
+ end if;
+
+ if I.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "I cursor denotes wrong container";
+ end if;
+
+ if J.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "J cursor denotes wrong container";
+ end if;
+
+ Swap (Container, I.Index, J.Index);
+ end Swap;
+
+ ---------------
+ -- To_Cursor --
+ ---------------
+
+ function To_Cursor
+ (Container : Vector;
+ Index : Extended_Index) return Cursor
+ is
+ begin
+ if Index not in Index_Type'First .. Container.Last then
+ return No_Element;
+ end if;
+
+ return Cursor'(Container'Unrestricted_Access, Index);
+ end To_Cursor;
+
+ --------------
+ -- To_Index --
+ --------------
+
+ function To_Index (Position : Cursor) return Extended_Index is
+ begin
+ if Position.Container = null then
+ return No_Index;
+ elsif Position.Index <= Position.Container.Last then
+ return Position.Index;
+ else
+ return No_Index;
+ end if;
+ end To_Index;
+
+ ---------------
+ -- To_Vector --
+ ---------------
+
+ function To_Vector (Length : Count_Type) return Vector is
+ Index : Count_Type'Base;
+ Last : Index_Type'Base;
+ Elements : Elements_Access;
+
+ begin
+ if Length = 0 then
+ return Empty_Vector;
+ end if;
+
+ -- We create a vector object with a capacity that matches the specified
+ -- Length, but we do not allow the vector capacity (the length of the
+ -- internal array) to exceed the number of values in Index_Type'Range
+ -- (otherwise, there would be no way to refer to those components via an
+ -- index). We must therefore check whether the specified Length would
+ -- create a Last index value greater than Index_Type'Last.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+
+ -- We perform a two-part test. First we determine whether the
+ -- computed Last value lies in the base range of the type, and then
+ -- determine whether it lies in the range of the index (sub)type.
+
+ -- Last must satisfy this relation:
+ -- First + Length - 1 <= Last
+ -- We regroup terms:
+ -- First - 1 <= Last - Length
+ -- Which can rewrite as:
+ -- No_Index <= Last - Length
+
+ if Index_Type'Base'Last - Index_Type'Base (Length) < No_Index then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We now know that the computed value of Last is within the base
+ -- range of the type, so it is safe to compute its value:
+
+ Last := No_Index + Index_Type'Base (Length);
+
+ -- Finally we test whether the value is within the range of the
+ -- generic actual index subtype:
+
+ if Last > Index_Type'Last then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- Here we can compute Last directly, in the normal way. We know that
+ -- No_Index is less than 0, so there is no danger of overflow when
+ -- adding the (positive) value of Length.
+
+ Index := Count_Type'Base (No_Index) + Length; -- Last
+
+ if Index > Count_Type'Base (Index_Type'Last) then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We know that the computed value (having type Count_Type) of Last
+ -- is within the range of the generic actual index subtype, so it is
+ -- safe to convert to Index_Type:
+
+ Last := Index_Type'Base (Index);
+
+ else
+ -- Here Index_Type'First (and Index_Type'Last) is positive, so we
+ -- must test the length indirectly (by working backwards from the
+ -- largest possible value of Last), in order to prevent overflow.
+
+ Index := Count_Type'Base (Index_Type'Last) - Length; -- No_Index
+
+ if Index < Count_Type'Base (No_Index) then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We have determined that the value of Length would not create a
+ -- Last index value outside of the range of Index_Type, so we can now
+ -- safely compute its value.
+
+ Last := Index_Type'Base (Count_Type'Base (No_Index) + Length);
+ end if;
+
+ Elements := new Elements_Type (Last);
+
+ return Vector'(Controlled with Elements, Last, 0, 0);
+ end To_Vector;
+
+ function To_Vector
+ (New_Item : Element_Type;
+ Length : Count_Type) return Vector
+ is
+ Index : Count_Type'Base;
+ Last : Index_Type'Base;
+ Elements : Elements_Access;
+
+ begin
+ if Length = 0 then
+ return Empty_Vector;
+ end if;
+
+ -- We create a vector object with a capacity that matches the specified
+ -- Length, but we do not allow the vector capacity (the length of the
+ -- internal array) to exceed the number of values in Index_Type'Range
+ -- (otherwise, there would be no way to refer to those components via an
+ -- index). We must therefore check whether the specified Length would
+ -- create a Last index value greater than Index_Type'Last.
+
+ if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
+
+ -- We perform a two-part test. First we determine whether the
+ -- computed Last value lies in the base range of the type, and then
+ -- determine whether it lies in the range of the index (sub)type.
+
+ -- Last must satisfy this relation:
+ -- First + Length - 1 <= Last
+ -- We regroup terms:
+ -- First - 1 <= Last - Length
+ -- Which can rewrite as:
+ -- No_Index <= Last - Length
+
+ if Index_Type'Base'Last - Index_Type'Base (Length) < No_Index then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We now know that the computed value of Last is within the base
+ -- range of the type, so it is safe to compute its value:
+
+ Last := No_Index + Index_Type'Base (Length);
+
+ -- Finally we test whether the value is within the range of the
+ -- generic actual index subtype:
+
+ if Last > Index_Type'Last then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ elsif Index_Type'First <= 0 then
+
+ -- Here we can compute Last directly, in the normal way. We know that
+ -- No_Index is less than 0, so there is no danger of overflow when
+ -- adding the (positive) value of Length.
+
+ Index := Count_Type'Base (No_Index) + Length; -- Last
+
+ if Index > Count_Type'Base (Index_Type'Last) then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We know that the computed value (having type Count_Type) of Last
+ -- is within the range of the generic actual index subtype, so it is
+ -- safe to convert to Index_Type:
+
+ Last := Index_Type'Base (Index);
+
+ else
+ -- Here Index_Type'First (and Index_Type'Last) is positive, so we
+ -- must test the length indirectly (by working backwards from the
+ -- largest possible value of Last), in order to prevent overflow.
+
+ Index := Count_Type'Base (Index_Type'Last) - Length; -- No_Index
+
+ if Index < Count_Type'Base (No_Index) then
+ raise Constraint_Error with "Length is out of range";
+ end if;
+
+ -- We have determined that the value of Length would not create a
+ -- Last index value outside of the range of Index_Type, so we can now
+ -- safely compute its value.
+
+ Last := Index_Type'Base (Count_Type'Base (No_Index) + Length);
+ end if;
+
+ Elements := new Elements_Type (Last);
+
+ -- We use Last as the index of the loop used to populate the internal
+ -- array with items. In general, we prefer to initialize the loop index
+ -- immediately prior to entering the loop. However, Last is also used in
+ -- the exception handler (to reclaim elements that have been allocated,
+ -- before propagating the exception), and the initialization of Last
+ -- after entering the block containing the handler confuses some static
+ -- analysis tools, with respect to whether Last has been properly
+ -- initialized when the handler executes. So here we initialize our loop
+ -- variable earlier than we prefer, before entering the block, so there
+ -- is no ambiguity.
+
+ Last := Index_Type'First;
+
+ declare
+ -- The element allocator may need an accessibility check in the case
+ -- where the actual type is class-wide or has access discriminants
+ -- (see RM 4.8(10.1) and AI12-0035).
+
+ pragma Unsuppress (Accessibility_Check);
+
+ begin
+ loop
+ Elements.EA (Last) := new Element_Type'(New_Item);
+ exit when Last = Elements.Last;
+ Last := Last + 1;
+ end loop;
+
+ exception
+ when others =>
+ for J in Index_Type'First .. Last - 1 loop
+ Free (Elements.EA (J));
+ end loop;
+
+ Free (Elements);
+ raise;
+ end;
+
+ return (Controlled with Elements, Last, 0, 0);
+ end To_Vector;
+
+ --------------------
+ -- Update_Element --
+ --------------------
+
+ procedure Update_Element
+ (Container : in out Vector;
+ Index : Index_Type;
+ Process : not null access procedure (Element : in out Element_Type))
+ is
+ B : Natural renames Container.Busy;
+ L : Natural renames Container.Lock;
+
+ begin
+ if Index > Container.Last then
+ raise Constraint_Error with "Index is out of range";
+ end if;
+
+ if Container.Elements.EA (Index) = null then
+ raise Constraint_Error with "element is null";
+ end if;
+
+ B := B + 1;
+ L := L + 1;
+
+ begin
+ Process (Container.Elements.EA (Index).all);
+ exception
+ when others =>
+ L := L - 1;
+ B := B - 1;
+ raise;
+ end;
+
+ L := L - 1;
+ B := B - 1;
+ end Update_Element;
+
+ procedure Update_Element
+ (Container : in out Vector;
+ Position : Cursor;
+ Process : not null access procedure (Element : in out Element_Type))
+ is
+ begin
+ if Position.Container = null then
+ raise Constraint_Error with "Position cursor has no element";
+
+ elsif Position.Container /= Container'Unrestricted_Access then
+ raise Program_Error with "Position cursor denotes wrong container";
+
+ else
+ Update_Element (Container, Position.Index, Process);
+ end if;
+ end Update_Element;
+
+ -----------
+ -- Write --
+ -----------
+
+ procedure Write
+ (Stream : not null access Root_Stream_Type'Class;
+ Container : Vector)
+ is
+ N : constant Count_Type := Length (Container);
+
+ begin
+ Count_Type'Base'Write (Stream, N);
+
+ if N = 0 then
+ return;
+ end if;
+
+ declare
+ E : Elements_Array renames Container.Elements.EA;
+
+ begin
+ for Indx in Index_Type'First .. Container.Last loop
+ if E (Indx) = null then
+ Boolean'Write (Stream, False);
+ else
+ Boolean'Write (Stream, True);
+ Element_Type'Output (Stream, E (Indx).all);
+ end if;
+ end loop;
+ end;
+ end Write;
+
+ procedure Write
+ (Stream : not null access Root_Stream_Type'Class;
+ Position : Cursor)
+ is
+ begin
+ raise Program_Error with "attempt to stream vector cursor";
+ end Write;
+
+ procedure Write
+ (Stream : not null access Root_Stream_Type'Class;
+ Item : Reference_Type)
+ is
+ begin
+ raise Program_Error with "attempt to stream reference";
+ end Write;
+
+ procedure Write
+ (Stream : not null access Root_Stream_Type'Class;
+ Item : Constant_Reference_Type)
+ is
+ begin
+ raise Program_Error with "attempt to stream reference";
+ end Write;
+
+end Ada.Containers.Indefinite_Vectors;