blob: bb7b2837c501cf6b2a28621896b1b287f20bc1ae [file] [log] [blame]
------------------------------------------------------------------------------
-- --
-- GNAT LIBRARY COMPONENTS --
-- --
-- A D A . C O N T A I N E R S . I N D E F I N I T E _ V E C T O R S --
-- --
-- B o d y --
-- --
-- Copyright (C) 2004-2014, Free Software Foundation, Inc. --
-- --
-- GNAT is free software; you can redistribute it and/or modify it under --
-- terms of the GNU General Public License as published by the Free Soft- --
-- ware Foundation; either version 3, or (at your option) any later ver- --
-- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
-- or FITNESS FOR A PARTICULAR PURPOSE. --
-- --
-- As a special exception under Section 7 of GPL version 3, you are granted --
-- additional permissions described in the GCC Runtime Library Exception, --
-- version 3.1, as published by the Free Software Foundation. --
-- --
-- You should have received a copy of the GNU General Public License and --
-- a copy of the GCC Runtime Library Exception along with this program; --
-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see --
-- <http://www.gnu.org/licenses/>. --
-- --
-- This unit was originally developed by Matthew J Heaney. --
------------------------------------------------------------------------------
with Ada.Containers.Generic_Array_Sort;
with Ada.Unchecked_Deallocation;
with System; use type System.Address;
package body Ada.Containers.Indefinite_Vectors is
pragma Annotate (CodePeer, Skip_Analysis);
procedure Free is
new Ada.Unchecked_Deallocation (Elements_Type, Elements_Access);
procedure Free is
new Ada.Unchecked_Deallocation (Element_Type, Element_Access);
---------
-- "&" --
---------
function "&" (Left, Right : Vector) return Vector is
LN : constant Count_Type := Length (Left);
RN : constant Count_Type := Length (Right);
N : Count_Type'Base; -- length of result
J : Count_Type'Base; -- for computing intermediate values
Last : Index_Type'Base; -- Last index of result
begin
-- We decide that the capacity of the result is the sum of the lengths
-- of the vector parameters. We could decide to make it larger, but we
-- have no basis for knowing how much larger, so we just allocate the
-- minimum amount of storage.
-- Here we handle the easy cases first, when one of the vector
-- parameters is empty. (We say "easy" because there's nothing to
-- compute, that can potentially overflow.)
if LN = 0 then
if RN = 0 then
return Empty_Vector;
end if;
declare
RE : Elements_Array renames
Right.Elements.EA (Index_Type'First .. Right.Last);
Elements : Elements_Access := new Elements_Type (Right.Last);
begin
-- Elements of an indefinite vector are allocated, so we cannot
-- use simple slice assignment to give a value to our result.
-- Hence we must walk the array of the Right vector, and copy
-- each source element individually.
for I in Elements.EA'Range loop
begin
if RE (I) /= null then
Elements.EA (I) := new Element_Type'(RE (I).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
return (Controlled with Elements, Right.Last, 0, 0);
end;
end if;
if RN = 0 then
declare
LE : Elements_Array renames
Left.Elements.EA (Index_Type'First .. Left.Last);
Elements : Elements_Access := new Elements_Type (Left.Last);
begin
-- Elements of an indefinite vector are allocated, so we cannot
-- use simple slice assignment to give a value to our result.
-- Hence we must walk the array of the Left vector, and copy
-- each source element individually.
for I in Elements.EA'Range loop
begin
if LE (I) /= null then
Elements.EA (I) := new Element_Type'(LE (I).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
return (Controlled with Elements, Left.Last, 0, 0);
end;
end if;
-- Neither of the vector parameters is empty, so we must compute the
-- length of the result vector and its last index. (This is the harder
-- case, because our computations must avoid overflow.)
-- There are two constraints we need to satisfy. The first constraint is
-- that a container cannot have more than Count_Type'Last elements, so
-- we must check the sum of the combined lengths. Note that we cannot
-- simply add the lengths, because of the possibility of overflow.
if LN > Count_Type'Last - RN then
raise Constraint_Error with "new length is out of range";
end if;
-- It is now safe compute the length of the new vector.
N := LN + RN;
-- The second constraint is that the new Last index value cannot
-- exceed Index_Type'Last. We use the wider of Index_Type'Base and
-- Count_Type'Base as the type for intermediate values.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We perform a two-part test. First we determine whether the
-- computed Last value lies in the base range of the type, and then
-- determine whether it lies in the range of the index (sub)type.
-- Last must satisfy this relation:
-- First + Length - 1 <= Last
-- We regroup terms:
-- First - 1 <= Last - Length
-- Which can rewrite as:
-- No_Index <= Last - Length
if Index_Type'Base'Last - Index_Type'Base (N) < No_Index then
raise Constraint_Error with "new length is out of range";
end if;
-- We now know that the computed value of Last is within the base
-- range of the type, so it is safe to compute its value:
Last := No_Index + Index_Type'Base (N);
-- Finally we test whether the value is within the range of the
-- generic actual index subtype:
if Last > Index_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
elsif Index_Type'First <= 0 then
-- Here we can compute Last directly, in the normal way. We know that
-- No_Index is less than 0, so there is no danger of overflow when
-- adding the (positive) value of length.
J := Count_Type'Base (No_Index) + N; -- Last
if J > Count_Type'Base (Index_Type'Last) then
raise Constraint_Error with "new length is out of range";
end if;
-- We know that the computed value (having type Count_Type) of Last
-- is within the range of the generic actual index subtype, so it is
-- safe to convert to Index_Type:
Last := Index_Type'Base (J);
else
-- Here Index_Type'First (and Index_Type'Last) is positive, so we
-- must test the length indirectly (by working backwards from the
-- largest possible value of Last), in order to prevent overflow.
J := Count_Type'Base (Index_Type'Last) - N; -- No_Index
if J < Count_Type'Base (No_Index) then
raise Constraint_Error with "new length is out of range";
end if;
-- We have determined that the result length would not create a Last
-- index value outside of the range of Index_Type, so we can now
-- safely compute its value.
Last := Index_Type'Base (Count_Type'Base (No_Index) + N);
end if;
declare
LE : Elements_Array renames
Left.Elements.EA (Index_Type'First .. Left.Last);
RE : Elements_Array renames
Right.Elements.EA (Index_Type'First .. Right.Last);
Elements : Elements_Access := new Elements_Type (Last);
I : Index_Type'Base := No_Index;
begin
-- Elements of an indefinite vector are allocated, so we cannot use
-- simple slice assignment to give a value to our result. Hence we
-- must walk the array of each vector parameter, and copy each source
-- element individually.
for LI in LE'Range loop
I := I + 1;
begin
if LE (LI) /= null then
Elements.EA (I) := new Element_Type'(LE (LI).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
for RI in RE'Range loop
I := I + 1;
begin
if RE (RI) /= null then
Elements.EA (I) := new Element_Type'(RE (RI).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
return (Controlled with Elements, Last, 0, 0);
end;
end "&";
function "&" (Left : Vector; Right : Element_Type) return Vector is
begin
-- We decide that the capacity of the result is the sum of the lengths
-- of the parameters. We could decide to make it larger, but we have no
-- basis for knowing how much larger, so we just allocate the minimum
-- amount of storage.
-- Here we handle the easy case first, when the vector parameter (Left)
-- is empty.
if Left.Is_Empty then
declare
Elements : Elements_Access := new Elements_Type (Index_Type'First);
begin
begin
Elements.EA (Index_Type'First) := new Element_Type'(Right);
exception
when others =>
Free (Elements);
raise;
end;
return (Controlled with Elements, Index_Type'First, 0, 0);
end;
end if;
-- The vector parameter is not empty, so we must compute the length of
-- the result vector and its last index, but in such a way that overflow
-- is avoided. We must satisfy two constraints: the new length cannot
-- exceed Count_Type'Last, and the new Last index cannot exceed
-- Index_Type'Last.
if Left.Length = Count_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
if Left.Last >= Index_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
declare
Last : constant Index_Type := Left.Last + 1;
LE : Elements_Array renames
Left.Elements.EA (Index_Type'First .. Left.Last);
Elements : Elements_Access := new Elements_Type (Last);
begin
for I in LE'Range loop
begin
if LE (I) /= null then
Elements.EA (I) := new Element_Type'(LE (I).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
begin
Elements.EA (Last) := new Element_Type'(Right);
exception
when others =>
for J in Index_Type'First .. Last - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
return (Controlled with Elements, Last, 0, 0);
end;
end "&";
function "&" (Left : Element_Type; Right : Vector) return Vector is
begin
-- We decide that the capacity of the result is the sum of the lengths
-- of the parameters. We could decide to make it larger, but we have no
-- basis for knowing how much larger, so we just allocate the minimum
-- amount of storage.
-- Here we handle the easy case first, when the vector parameter (Right)
-- is empty.
if Right.Is_Empty then
declare
Elements : Elements_Access := new Elements_Type (Index_Type'First);
begin
begin
Elements.EA (Index_Type'First) := new Element_Type'(Left);
exception
when others =>
Free (Elements);
raise;
end;
return (Controlled with Elements, Index_Type'First, 0, 0);
end;
end if;
-- The vector parameter is not empty, so we must compute the length of
-- the result vector and its last index, but in such a way that overflow
-- is avoided. We must satisfy two constraints: the new length cannot
-- exceed Count_Type'Last, and the new Last index cannot exceed
-- Index_Type'Last.
if Right.Length = Count_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
if Right.Last >= Index_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
declare
Last : constant Index_Type := Right.Last + 1;
RE : Elements_Array renames
Right.Elements.EA (Index_Type'First .. Right.Last);
Elements : Elements_Access := new Elements_Type (Last);
I : Index_Type'Base := Index_Type'First;
begin
begin
Elements.EA (I) := new Element_Type'(Left);
exception
when others =>
Free (Elements);
raise;
end;
for RI in RE'Range loop
I := I + 1;
begin
if RE (RI) /= null then
Elements.EA (I) := new Element_Type'(RE (RI).all);
end if;
exception
when others =>
for J in Index_Type'First .. I - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
end loop;
return (Controlled with Elements, Last, 0, 0);
end;
end "&";
function "&" (Left, Right : Element_Type) return Vector is
begin
-- We decide that the capacity of the result is the sum of the lengths
-- of the parameters. We could decide to make it larger, but we have no
-- basis for knowing how much larger, so we just allocate the minimum
-- amount of storage.
-- We must compute the length of the result vector and its last index,
-- but in such a way that overflow is avoided. We must satisfy two
-- constraints: the new length cannot exceed Count_Type'Last (here, we
-- know that that condition is satisfied), and the new Last index cannot
-- exceed Index_Type'Last.
if Index_Type'First >= Index_Type'Last then
raise Constraint_Error with "new length is out of range";
end if;
declare
Last : constant Index_Type := Index_Type'First + 1;
Elements : Elements_Access := new Elements_Type (Last);
begin
begin
Elements.EA (Index_Type'First) := new Element_Type'(Left);
exception
when others =>
Free (Elements);
raise;
end;
begin
Elements.EA (Last) := new Element_Type'(Right);
exception
when others =>
Free (Elements.EA (Index_Type'First));
Free (Elements);
raise;
end;
return (Controlled with Elements, Last, 0, 0);
end;
end "&";
---------
-- "=" --
---------
overriding function "=" (Left, Right : Vector) return Boolean is
BL : Natural renames Left'Unrestricted_Access.Busy;
LL : Natural renames Left'Unrestricted_Access.Lock;
BR : Natural renames Right'Unrestricted_Access.Busy;
LR : Natural renames Right'Unrestricted_Access.Lock;
Result : Boolean;
begin
if Left'Address = Right'Address then
return True;
end if;
if Left.Last /= Right.Last then
return False;
end if;
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
BL := BL + 1;
LL := LL + 1;
BR := BR + 1;
LR := LR + 1;
Result := True;
for J in Index_Type'First .. Left.Last loop
if Left.Elements.EA (J) = null then
if Right.Elements.EA (J) /= null then
Result := False;
exit;
end if;
elsif Right.Elements.EA (J) = null then
Result := False;
exit;
elsif Left.Elements.EA (J).all /= Right.Elements.EA (J).all then
Result := False;
exit;
end if;
end loop;
BL := BL - 1;
LL := LL - 1;
BR := BR - 1;
LR := LR - 1;
return Result;
exception
when others =>
BL := BL - 1;
LL := LL - 1;
BR := BR - 1;
LR := LR - 1;
raise;
end "=";
------------
-- Adjust --
------------
procedure Adjust (Container : in out Vector) is
begin
if Container.Last = No_Index then
Container.Elements := null;
return;
end if;
declare
L : constant Index_Type := Container.Last;
E : Elements_Array renames
Container.Elements.EA (Index_Type'First .. L);
begin
Container.Elements := null;
Container.Last := No_Index;
Container.Busy := 0;
Container.Lock := 0;
Container.Elements := new Elements_Type (L);
for J in E'Range loop
if E (J) /= null then
Container.Elements.EA (J) := new Element_Type'(E (J).all);
end if;
Container.Last := J;
end loop;
end;
end Adjust;
procedure Adjust (Control : in out Reference_Control_Type) is
begin
if Control.Container /= null then
declare
C : Vector renames Control.Container.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
B := B + 1;
L := L + 1;
end;
end if;
end Adjust;
------------
-- Append --
------------
procedure Append (Container : in out Vector; New_Item : Vector) is
begin
if Is_Empty (New_Item) then
return;
elsif Container.Last = Index_Type'Last then
raise Constraint_Error with "vector is already at its maximum length";
else
Insert (Container, Container.Last + 1, New_Item);
end if;
end Append;
procedure Append
(Container : in out Vector;
New_Item : Element_Type;
Count : Count_Type := 1)
is
begin
if Count = 0 then
return;
elsif Container.Last = Index_Type'Last then
raise Constraint_Error with "vector is already at its maximum length";
else
Insert (Container, Container.Last + 1, New_Item, Count);
end if;
end Append;
------------
-- Assign --
------------
procedure Assign (Target : in out Vector; Source : Vector) is
begin
if Target'Address = Source'Address then
return;
else
Target.Clear;
Target.Append (Source);
end if;
end Assign;
--------------
-- Capacity --
--------------
function Capacity (Container : Vector) return Count_Type is
begin
if Container.Elements = null then
return 0;
else
return Container.Elements.EA'Length;
end if;
end Capacity;
-----------
-- Clear --
-----------
procedure Clear (Container : in out Vector) is
begin
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
else
while Container.Last >= Index_Type'First loop
declare
X : Element_Access := Container.Elements.EA (Container.Last);
begin
Container.Elements.EA (Container.Last) := null;
Container.Last := Container.Last - 1;
Free (X);
end;
end loop;
end if;
end Clear;
------------------------
-- Constant_Reference --
------------------------
function Constant_Reference
(Container : aliased Vector;
Position : Cursor) return Constant_Reference_Type
is
E : Element_Access;
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
end if;
if Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
end if;
if Position.Index > Position.Container.Last then
raise Constraint_Error with "Position cursor is out of range";
end if;
E := Container.Elements.EA (Position.Index);
if E = null then
raise Constraint_Error with "element at Position is empty";
end if;
declare
C : Vector renames Container'Unrestricted_Access.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
return R : constant Constant_Reference_Type :=
(Element => E.all'Access,
Control => (Controlled with Container'Unrestricted_Access))
do
B := B + 1;
L := L + 1;
end return;
end;
end Constant_Reference;
function Constant_Reference
(Container : aliased Vector;
Index : Index_Type) return Constant_Reference_Type
is
E : Element_Access;
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
E := Container.Elements.EA (Index);
if E = null then
raise Constraint_Error with "element at Index is empty";
end if;
declare
C : Vector renames Container'Unrestricted_Access.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
return R : constant Constant_Reference_Type :=
(Element => E.all'Access,
Control => (Controlled with Container'Unrestricted_Access))
do
B := B + 1;
L := L + 1;
end return;
end;
end Constant_Reference;
--------------
-- Contains --
--------------
function Contains
(Container : Vector;
Item : Element_Type) return Boolean
is
begin
return Find_Index (Container, Item) /= No_Index;
end Contains;
----------
-- Copy --
----------
function Copy
(Source : Vector;
Capacity : Count_Type := 0) return Vector
is
C : Count_Type;
begin
if Capacity = 0 then
C := Source.Length;
elsif Capacity >= Source.Length then
C := Capacity;
else
raise Capacity_Error
with "Requested capacity is less than Source length";
end if;
return Target : Vector do
Target.Reserve_Capacity (C);
Target.Assign (Source);
end return;
end Copy;
------------
-- Delete --
------------
procedure Delete
(Container : in out Vector;
Index : Extended_Index;
Count : Count_Type := 1)
is
Old_Last : constant Index_Type'Base := Container.Last;
New_Last : Index_Type'Base;
Count2 : Count_Type'Base; -- count of items from Index to Old_Last
J : Index_Type'Base; -- first index of items that slide down
begin
-- Delete removes items from the vector, the number of which is the
-- minimum of the specified Count and the items (if any) that exist from
-- Index to Container.Last. There are no constraints on the specified
-- value of Count (it can be larger than what's available at this
-- position in the vector, for example), but there are constraints on
-- the allowed values of the Index.
-- As a precondition on the generic actual Index_Type, the base type
-- must include Index_Type'Pred (Index_Type'First); this is the value
-- that Container.Last assumes when the vector is empty. However, we do
-- not allow that as the value for Index when specifying which items
-- should be deleted, so we must manually check. (That the user is
-- allowed to specify the value at all here is a consequence of the
-- declaration of the Extended_Index subtype, which includes the values
-- in the base range that immediately precede and immediately follow the
-- values in the Index_Type.)
if Index < Index_Type'First then
raise Constraint_Error with "Index is out of range (too small)";
end if;
-- We do allow a value greater than Container.Last to be specified as
-- the Index, but only if it's immediately greater. This allows the
-- corner case of deleting no items from the back end of the vector to
-- be treated as a no-op. (It is assumed that specifying an index value
-- greater than Last + 1 indicates some deeper flaw in the caller's
-- algorithm, so that case is treated as a proper error.)
if Index > Old_Last then
if Index > Old_Last + 1 then
raise Constraint_Error with "Index is out of range (too large)";
else
return;
end if;
end if;
-- Here and elsewhere we treat deleting 0 items from the container as a
-- no-op, even when the container is busy, so we simply return.
if Count = 0 then
return;
end if;
-- The internal elements array isn't guaranteed to exist unless we have
-- elements, so we handle that case here in order to avoid having to
-- check it later. (Note that an empty vector can never be busy, so
-- there's no semantic harm in returning early.)
if Container.Is_Empty then
return;
end if;
-- The tampering bits exist to prevent an item from being deleted (or
-- otherwise harmfully manipulated) while it is being visited. Query,
-- Update, and Iterate increment the busy count on entry, and decrement
-- the count on exit. Delete checks the count to determine whether it is
-- being called while the associated callback procedure is executing.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
-- We first calculate what's available for deletion starting at
-- Index. Here and elsewhere we use the wider of Index_Type'Base and
-- Count_Type'Base as the type for intermediate values. (See function
-- Length for more information.)
if Count_Type'Base'Last >= Index_Type'Pos (Index_Type'Base'Last) then
Count2 := Count_Type'Base (Old_Last) - Count_Type'Base (Index) + 1;
else
Count2 := Count_Type'Base (Old_Last - Index + 1);
end if;
-- If the number of elements requested (Count) for deletion is equal to
-- (or greater than) the number of elements available (Count2) for
-- deletion beginning at Index, then everything from Index to
-- Container.Last is deleted (this is equivalent to Delete_Last).
if Count >= Count2 then
-- Elements in an indefinite vector are allocated, so we must iterate
-- over the loop and deallocate elements one-at-a-time. We work from
-- back to front, deleting the last element during each pass, in
-- order to gracefully handle deallocation failures.
declare
EA : Elements_Array renames Container.Elements.EA;
begin
while Container.Last >= Index loop
declare
K : constant Index_Type := Container.Last;
X : Element_Access := EA (K);
begin
-- We first isolate the element we're deleting, removing it
-- from the vector before we attempt to deallocate it, in
-- case the deallocation fails.
EA (K) := null;
Container.Last := K - 1;
-- Container invariants have been restored, so it is now
-- safe to attempt to deallocate the element.
Free (X);
end;
end loop;
end;
return;
end if;
-- There are some elements that aren't being deleted (the requested
-- count was less than the available count), so we must slide them down
-- to Index. We first calculate the index values of the respective array
-- slices, using the wider of Index_Type'Base and Count_Type'Base as the
-- type for intermediate calculations. For the elements that slide down,
-- index value New_Last is the last index value of their new home, and
-- index value J is the first index of their old home.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
New_Last := Old_Last - Index_Type'Base (Count);
J := Index + Index_Type'Base (Count);
else
New_Last := Index_Type'Base (Count_Type'Base (Old_Last) - Count);
J := Index_Type'Base (Count_Type'Base (Index) + Count);
end if;
-- The internal elements array isn't guaranteed to exist unless we have
-- elements, but we have that guarantee here because we know we have
-- elements to slide. The array index values for each slice have
-- already been determined, so what remains to be done is to first
-- deallocate the elements that are being deleted, and then slide down
-- to Index the elements that aren't being deleted.
declare
EA : Elements_Array renames Container.Elements.EA;
begin
-- Before we can slide down the elements that aren't being deleted,
-- we need to deallocate the elements that are being deleted.
for K in Index .. J - 1 loop
declare
X : Element_Access := EA (K);
begin
-- First we remove the element we're about to deallocate from
-- the vector, in case the deallocation fails, in order to
-- preserve representation invariants.
EA (K) := null;
-- The element has been removed from the vector, so it is now
-- safe to attempt to deallocate it.
Free (X);
end;
end loop;
EA (Index .. New_Last) := EA (J .. Old_Last);
Container.Last := New_Last;
end;
end Delete;
procedure Delete
(Container : in out Vector;
Position : in out Cursor;
Count : Count_Type := 1)
is
pragma Warnings (Off, Position);
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
elsif Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
elsif Position.Index > Container.Last then
raise Program_Error with "Position index is out of range";
else
Delete (Container, Position.Index, Count);
Position := No_Element;
end if;
end Delete;
------------------
-- Delete_First --
------------------
procedure Delete_First
(Container : in out Vector;
Count : Count_Type := 1)
is
begin
if Count = 0 then
return;
elsif Count >= Length (Container) then
Clear (Container);
return;
else
Delete (Container, Index_Type'First, Count);
end if;
end Delete_First;
-----------------
-- Delete_Last --
-----------------
procedure Delete_Last
(Container : in out Vector;
Count : Count_Type := 1)
is
begin
-- It is not permitted to delete items while the container is busy (for
-- example, we're in the middle of a passive iteration). However, we
-- always treat deleting 0 items as a no-op, even when we're busy, so we
-- simply return without checking.
if Count = 0 then
return;
end if;
-- We cannot simply subsume the empty case into the loop below (the loop
-- would iterate 0 times), because we rename the internal array object
-- (which is allocated), but an empty vector isn't guaranteed to have
-- actually allocated an array. (Note that an empty vector can never be
-- busy, so there's no semantic harm in returning early here.)
if Container.Is_Empty then
return;
end if;
-- The tampering bits exist to prevent an item from being deleted (or
-- otherwise harmfully manipulated) while it is being visited. Query,
-- Update, and Iterate increment the busy count on entry, and decrement
-- the count on exit. Delete_Last checks the count to determine whether
-- it is being called while the associated callback procedure is
-- executing.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
-- Elements in an indefinite vector are allocated, so we must iterate
-- over the loop and deallocate elements one-at-a-time. We work from
-- back to front, deleting the last element during each pass, in order
-- to gracefully handle deallocation failures.
declare
E : Elements_Array renames Container.Elements.EA;
begin
for Indx in 1 .. Count_Type'Min (Count, Container.Length) loop
declare
J : constant Index_Type := Container.Last;
X : Element_Access := E (J);
begin
-- Note that we first isolate the element we're deleting,
-- removing it from the vector, before we actually deallocate
-- it, in order to preserve representation invariants even if
-- the deallocation fails.
E (J) := null;
Container.Last := J - 1;
-- Container invariants have been restored, so it is now safe
-- to deallocate the element.
Free (X);
end;
end loop;
end;
end Delete_Last;
-------------
-- Element --
-------------
function Element
(Container : Vector;
Index : Index_Type) return Element_Type
is
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
declare
EA : constant Element_Access := Container.Elements.EA (Index);
begin
if EA = null then
raise Constraint_Error with "element is empty";
else
return EA.all;
end if;
end;
end Element;
function Element (Position : Cursor) return Element_Type is
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
end if;
if Position.Index > Position.Container.Last then
raise Constraint_Error with "Position cursor is out of range";
end if;
declare
EA : constant Element_Access :=
Position.Container.Elements.EA (Position.Index);
begin
if EA = null then
raise Constraint_Error with "element is empty";
else
return EA.all;
end if;
end;
end Element;
--------------
-- Finalize --
--------------
procedure Finalize (Container : in out Vector) is
begin
Clear (Container); -- Checks busy-bit
declare
X : Elements_Access := Container.Elements;
begin
Container.Elements := null;
Free (X);
end;
end Finalize;
procedure Finalize (Object : in out Iterator) is
B : Natural renames Object.Container.Busy;
begin
B := B - 1;
end Finalize;
procedure Finalize (Control : in out Reference_Control_Type) is
begin
if Control.Container /= null then
declare
C : Vector renames Control.Container.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
B := B - 1;
L := L - 1;
end;
Control.Container := null;
end if;
end Finalize;
----------
-- Find --
----------
function Find
(Container : Vector;
Item : Element_Type;
Position : Cursor := No_Element) return Cursor
is
begin
if Position.Container /= null then
if Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
end if;
if Position.Index > Container.Last then
raise Program_Error with "Position index is out of range";
end if;
end if;
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
declare
B : Natural renames Container'Unrestricted_Access.Busy;
L : Natural renames Container'Unrestricted_Access.Lock;
Result : Index_Type'Base;
begin
B := B + 1;
L := L + 1;
Result := No_Index;
for J in Position.Index .. Container.Last loop
if Container.Elements.EA (J) /= null
and then Container.Elements.EA (J).all = Item
then
Result := J;
exit;
end if;
end loop;
B := B - 1;
L := L - 1;
if Result = No_Index then
return No_Element;
else
return Cursor'(Container'Unrestricted_Access, Result);
end if;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end;
end Find;
----------------
-- Find_Index --
----------------
function Find_Index
(Container : Vector;
Item : Element_Type;
Index : Index_Type := Index_Type'First) return Extended_Index
is
B : Natural renames Container'Unrestricted_Access.Busy;
L : Natural renames Container'Unrestricted_Access.Lock;
Result : Index_Type'Base;
begin
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
B := B + 1;
L := L + 1;
Result := No_Index;
for Indx in Index .. Container.Last loop
if Container.Elements.EA (Indx) /= null
and then Container.Elements.EA (Indx).all = Item
then
Result := Indx;
exit;
end if;
end loop;
B := B - 1;
L := L - 1;
return Result;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end Find_Index;
-----------
-- First --
-----------
function First (Container : Vector) return Cursor is
begin
if Is_Empty (Container) then
return No_Element;
end if;
return (Container'Unrestricted_Access, Index_Type'First);
end First;
function First (Object : Iterator) return Cursor is
begin
-- The value of the iterator object's Index component influences the
-- behavior of the First (and Last) selector function.
-- When the Index component is No_Index, this means the iterator
-- object was constructed without a start expression, in which case the
-- (forward) iteration starts from the (logical) beginning of the entire
-- sequence of items (corresponding to Container.First, for a forward
-- iterator).
-- Otherwise, this is iteration over a partial sequence of items.
-- When the Index component isn't No_Index, the iterator object was
-- constructed with a start expression, that specifies the position
-- from which the (forward) partial iteration begins.
if Object.Index = No_Index then
return First (Object.Container.all);
else
return Cursor'(Object.Container, Object.Index);
end if;
end First;
-------------------
-- First_Element --
-------------------
function First_Element (Container : Vector) return Element_Type is
begin
if Container.Last = No_Index then
raise Constraint_Error with "Container is empty";
end if;
declare
EA : constant Element_Access :=
Container.Elements.EA (Index_Type'First);
begin
if EA = null then
raise Constraint_Error with "first element is empty";
else
return EA.all;
end if;
end;
end First_Element;
-----------------
-- First_Index --
-----------------
function First_Index (Container : Vector) return Index_Type is
pragma Unreferenced (Container);
begin
return Index_Type'First;
end First_Index;
---------------------
-- Generic_Sorting --
---------------------
package body Generic_Sorting is
-----------------------
-- Local Subprograms --
-----------------------
function Is_Less (L, R : Element_Access) return Boolean;
pragma Inline (Is_Less);
-------------
-- Is_Less --
-------------
function Is_Less (L, R : Element_Access) return Boolean is
begin
if L = null then
return R /= null;
elsif R = null then
return False;
else
return L.all < R.all;
end if;
end Is_Less;
---------------
-- Is_Sorted --
---------------
function Is_Sorted (Container : Vector) return Boolean is
begin
if Container.Last <= Index_Type'First then
return True;
end if;
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
declare
E : Elements_Array renames Container.Elements.EA;
B : Natural renames Container'Unrestricted_Access.Busy;
L : Natural renames Container'Unrestricted_Access.Lock;
Result : Boolean;
begin
B := B + 1;
L := L + 1;
Result := True;
for I in Index_Type'First .. Container.Last - 1 loop
if Is_Less (E (I + 1), E (I)) then
Result := False;
exit;
end if;
end loop;
B := B - 1;
L := L - 1;
return Result;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end;
end Is_Sorted;
-----------
-- Merge --
-----------
procedure Merge (Target, Source : in out Vector) is
I, J : Index_Type'Base;
begin
-- The semantics of Merge changed slightly per AI05-0021. It was
-- originally the case that if Target and Source denoted the same
-- container object, then the GNAT implementation of Merge did
-- nothing. However, it was argued that RM05 did not precisely
-- specify the semantics for this corner case. The decision of the
-- ARG was that if Target and Source denote the same non-empty
-- container object, then Program_Error is raised.
if Source.Last < Index_Type'First then -- Source is empty
return;
end if;
if Target'Address = Source'Address then
raise Program_Error with
"Target and Source denote same non-empty container";
end if;
if Target.Last < Index_Type'First then -- Target is empty
Move (Target => Target, Source => Source);
return;
end if;
if Source.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
I := Target.Last; -- original value (before Set_Length)
Target.Set_Length (Length (Target) + Length (Source));
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
declare
TA : Elements_Array renames Target.Elements.EA;
SA : Elements_Array renames Source.Elements.EA;
TB : Natural renames Target.Busy;
TL : Natural renames Target.Lock;
SB : Natural renames Source.Busy;
SL : Natural renames Source.Lock;
begin
TB := TB + 1;
TL := TL + 1;
SB := SB + 1;
SL := SL + 1;
J := Target.Last; -- new value (after Set_Length)
while Source.Last >= Index_Type'First loop
pragma Assert
(Source.Last <= Index_Type'First
or else not (Is_Less (SA (Source.Last),
SA (Source.Last - 1))));
if I < Index_Type'First then
declare
Src : Elements_Array renames
SA (Index_Type'First .. Source.Last);
begin
TA (Index_Type'First .. J) := Src;
Src := (others => null);
end;
Source.Last := No_Index;
exit;
end if;
pragma Assert
(I <= Index_Type'First
or else not (Is_Less (TA (I), TA (I - 1))));
declare
Src : Element_Access renames SA (Source.Last);
Tgt : Element_Access renames TA (I);
begin
if Is_Less (Src, Tgt) then
Target.Elements.EA (J) := Tgt;
Tgt := null;
I := I - 1;
else
Target.Elements.EA (J) := Src;
Src := null;
Source.Last := Source.Last - 1;
end if;
end;
J := J - 1;
end loop;
TB := TB - 1;
TL := TL - 1;
SB := SB - 1;
SL := SL - 1;
exception
when others =>
TB := TB - 1;
TL := TL - 1;
SB := SB - 1;
SL := SL - 1;
raise;
end;
end Merge;
----------
-- Sort --
----------
procedure Sort (Container : in out Vector) is
procedure Sort is new Generic_Array_Sort
(Index_Type => Index_Type,
Element_Type => Element_Access,
Array_Type => Elements_Array,
"<" => Is_Less);
-- Start of processing for Sort
begin
if Container.Last <= Index_Type'First then
return;
end if;
-- The exception behavior for the vector container must match that
-- for the list container, so we check for cursor tampering here
-- (which will catch more things) instead of for element tampering
-- (which will catch fewer things). It's true that the elements of
-- this vector container could be safely moved around while (say) an
-- iteration is taking place (iteration only increments the busy
-- counter), and so technically all we would need here is a test for
-- element tampering (indicated by the lock counter), that's simply
-- an artifact of our array-based implementation. Logically Sort
-- requires a check for cursor tampering.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
declare
B : Natural renames Container.Busy;
L : Natural renames Container.Lock;
begin
B := B + 1;
L := L + 1;
Sort (Container.Elements.EA (Index_Type'First .. Container.Last));
B := B - 1;
L := L - 1;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end;
end Sort;
end Generic_Sorting;
-----------------
-- Has_Element --
-----------------
function Has_Element (Position : Cursor) return Boolean is
begin
if Position.Container = null then
return False;
else
return Position.Index <= Position.Container.Last;
end if;
end Has_Element;
------------
-- Insert --
------------
procedure Insert
(Container : in out Vector;
Before : Extended_Index;
New_Item : Element_Type;
Count : Count_Type := 1)
is
Old_Length : constant Count_Type := Container.Length;
Max_Length : Count_Type'Base; -- determined from range of Index_Type
New_Length : Count_Type'Base; -- sum of current length and Count
New_Last : Index_Type'Base; -- last index of vector after insertion
Index : Index_Type'Base; -- scratch for intermediate values
J : Count_Type'Base; -- scratch
New_Capacity : Count_Type'Base; -- length of new, expanded array
Dst_Last : Index_Type'Base; -- last index of new, expanded array
Dst : Elements_Access; -- new, expanded internal array
begin
-- As a precondition on the generic actual Index_Type, the base type
-- must include Index_Type'Pred (Index_Type'First); this is the value
-- that Container.Last assumes when the vector is empty. However, we do
-- not allow that as the value for Index when specifying where the new
-- items should be inserted, so we must manually check. (That the user
-- is allowed to specify the value at all here is a consequence of the
-- declaration of the Extended_Index subtype, which includes the values
-- in the base range that immediately precede and immediately follow the
-- values in the Index_Type.)
if Before < Index_Type'First then
raise Constraint_Error with
"Before index is out of range (too small)";
end if;
-- We do allow a value greater than Container.Last to be specified as
-- the Index, but only if it's immediately greater. This allows for the
-- case of appending items to the back end of the vector. (It is assumed
-- that specifying an index value greater than Last + 1 indicates some
-- deeper flaw in the caller's algorithm, so that case is treated as a
-- proper error.)
if Before > Container.Last
and then Before > Container.Last + 1
then
raise Constraint_Error with
"Before index is out of range (too large)";
end if;
-- We treat inserting 0 items into the container as a no-op, even when
-- the container is busy, so we simply return.
if Count = 0 then
return;
end if;
-- There are two constraints we need to satisfy. The first constraint is
-- that a container cannot have more than Count_Type'Last elements, so
-- we must check the sum of the current length and the insertion count.
-- Note that we cannot simply add these values, because of the
-- possibility of overflow.
if Old_Length > Count_Type'Last - Count then
raise Constraint_Error with "Count is out of range";
end if;
-- It is now safe compute the length of the new vector, without fear of
-- overflow.
New_Length := Old_Length + Count;
-- The second constraint is that the new Last index value cannot exceed
-- Index_Type'Last. In each branch below, we calculate the maximum
-- length (computed from the range of values in Index_Type), and then
-- compare the new length to the maximum length. If the new length is
-- acceptable, then we compute the new last index from that.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We have to handle the case when there might be more values in the
-- range of Index_Type than in the range of Count_Type.
if Index_Type'First <= 0 then
-- We know that No_Index (the same as Index_Type'First - 1) is
-- less than 0, so it is safe to compute the following sum without
-- fear of overflow.
Index := No_Index + Index_Type'Base (Count_Type'Last);
if Index <= Index_Type'Last then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the
-- maximum number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than in Count_Type,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
end if;
else
-- No_Index is equal or greater than 0, so we can safely compute
-- the difference without fear of overflow (which we would have to
-- worry about if No_Index were less than 0, but that case is
-- handled above).
if Index_Type'Last - No_Index >=
Count_Type'Pos (Count_Type'Last)
then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the
-- maximum number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than in Count_Type,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
end if;
end if;
elsif Index_Type'First <= 0 then
-- We know that No_Index (the same as Index_Type'First - 1) is less
-- than 0, so it is safe to compute the following sum without fear of
-- overflow.
J := Count_Type'Base (No_Index) + Count_Type'Last;
if J <= Count_Type'Base (Index_Type'Last) then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the maximum
-- number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than Count_Type does,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length :=
Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
end if;
else
-- No_Index is equal or greater than 0, so we can safely compute the
-- difference without fear of overflow (which we would have to worry
-- about if No_Index were less than 0, but that case is handled
-- above).
Max_Length :=
Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
end if;
-- We have just computed the maximum length (number of items). We must
-- now compare the requested length to the maximum length, as we do not
-- allow a vector expand beyond the maximum (because that would create
-- an internal array with a last index value greater than
-- Index_Type'Last, with no way to index those elements).
if New_Length > Max_Length then
raise Constraint_Error with "Count is out of range";
end if;
-- New_Last is the last index value of the items in the container after
-- insertion. Use the wider of Index_Type'Base and Count_Type'Base to
-- compute its value from the New_Length.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
New_Last := No_Index + Index_Type'Base (New_Length);
else
New_Last := Index_Type'Base (Count_Type'Base (No_Index) + New_Length);
end if;
if Container.Elements = null then
pragma Assert (Container.Last = No_Index);
-- This is the simplest case, with which we must always begin: we're
-- inserting items into an empty vector that hasn't allocated an
-- internal array yet. Note that we don't need to check the busy bit
-- here, because an empty container cannot be busy.
-- In an indefinite vector, elements are allocated individually, and
-- stored as access values on the internal array (the length of which
-- represents the vector "capacity"), which is separately allocated.
Container.Elements := new Elements_Type (New_Last);
-- The element backbone has been successfully allocated, so now we
-- allocate the elements.
for Idx in Container.Elements.EA'Range loop
-- In order to preserve container invariants, we always attempt
-- the element allocation first, before setting the Last index
-- value, in case the allocation fails (either because there is no
-- storage available, or because element initialization fails).
declare
-- The element allocator may need an accessibility check in the
-- case actual type is class-wide or has access discriminants
-- (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
Container.Elements.EA (Idx) := new Element_Type'(New_Item);
end;
-- The allocation of the element succeeded, so it is now safe to
-- update the Last index, restoring container invariants.
Container.Last := Idx;
end loop;
return;
end if;
-- The tampering bits exist to prevent an item from being harmfully
-- manipulated while it is being visited. Query, Update, and Iterate
-- increment the busy count on entry, and decrement the count on
-- exit. Insert checks the count to determine whether it is being called
-- while the associated callback procedure is executing.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
if New_Length <= Container.Elements.EA'Length then
-- In this case, we're inserting elements into a vector that has
-- already allocated an internal array, and the existing array has
-- enough unused storage for the new items.
declare
E : Elements_Array renames Container.Elements.EA;
K : Index_Type'Base;
begin
if Before > Container.Last then
-- The new items are being appended to the vector, so no
-- sliding of existing elements is required.
for Idx in Before .. New_Last loop
-- In order to preserve container invariants, we always
-- attempt the element allocation first, before setting the
-- Last index value, in case the allocation fails (either
-- because there is no storage available, or because element
-- initialization fails).
declare
-- The element allocator may need an accessibility check
-- in case the actual type is class-wide or has access
-- discriminants (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
E (Idx) := new Element_Type'(New_Item);
end;
-- The allocation of the element succeeded, so it is now
-- safe to update the Last index, restoring container
-- invariants.
Container.Last := Idx;
end loop;
else
-- The new items are being inserted before some existing
-- elements, so we must slide the existing elements up to their
-- new home. We use the wider of Index_Type'Base and
-- Count_Type'Base as the type for intermediate index values.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Index := Before + Index_Type'Base (Count);
else
Index := Index_Type'Base (Count_Type'Base (Before) + Count);
end if;
-- The new items are being inserted in the middle of the array,
-- in the range [Before, Index). Copy the existing elements to
-- the end of the array, to make room for the new items.
E (Index .. New_Last) := E (Before .. Container.Last);
Container.Last := New_Last;
-- We have copied the existing items up to the end of the
-- array, to make room for the new items in the middle of
-- the array. Now we actually allocate the new items.
-- Note: initialize K outside loop to make it clear that
-- K always has a value if the exception handler triggers.
K := Before;
declare
-- The element allocator may need an accessibility check in
-- the case the actual type is class-wide or has access
-- discriminants (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
while K < Index loop
E (K) := new Element_Type'(New_Item);
K := K + 1;
end loop;
exception
when others =>
-- Values in the range [Before, K) were successfully
-- allocated, but values in the range [K, Index) are
-- stale (these array positions contain copies of the
-- old items, that did not get assigned a new item,
-- because the allocation failed). We must finish what
-- we started by clearing out all of the stale values,
-- leaving a "hole" in the middle of the array.
E (K .. Index - 1) := (others => null);
raise;
end;
end if;
end;
return;
end if;
-- In this case, we're inserting elements into a vector that has already
-- allocated an internal array, but the existing array does not have
-- enough storage, so we must allocate a new, longer array. In order to
-- guarantee that the amortized insertion cost is O(1), we always
-- allocate an array whose length is some power-of-two factor of the
-- current array length. (The new array cannot have a length less than
-- the New_Length of the container, but its last index value cannot be
-- greater than Index_Type'Last.)
New_Capacity := Count_Type'Max (1, Container.Elements.EA'Length);
while New_Capacity < New_Length loop
if New_Capacity > Count_Type'Last / 2 then
New_Capacity := Count_Type'Last;
exit;
end if;
New_Capacity := 2 * New_Capacity;
end loop;
if New_Capacity > Max_Length then
-- We have reached the limit of capacity, so no further expansion
-- will occur. (This is not a problem, as there is never a need to
-- have more capacity than the maximum container length.)
New_Capacity := Max_Length;
end if;
-- We have computed the length of the new internal array (and this is
-- what "vector capacity" means), so use that to compute its last index.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Dst_Last := No_Index + Index_Type'Base (New_Capacity);
else
Dst_Last :=
Index_Type'Base (Count_Type'Base (No_Index) + New_Capacity);
end if;
-- Now we allocate the new, longer internal array. If the allocation
-- fails, we have not changed any container state, so no side-effect
-- will occur as a result of propagating the exception.
Dst := new Elements_Type (Dst_Last);
-- We have our new internal array. All that needs to be done now is to
-- copy the existing items (if any) from the old array (the "source"
-- array) to the new array (the "destination" array), and then
-- deallocate the old array.
declare
Src : Elements_Access := Container.Elements;
begin
Dst.EA (Index_Type'First .. Before - 1) :=
Src.EA (Index_Type'First .. Before - 1);
if Before > Container.Last then
-- The new items are being appended to the vector, so no
-- sliding of existing elements is required.
-- We have copied the elements from to the old source array to the
-- new destination array, so we can now deallocate the old array.
Container.Elements := Dst;
Free (Src);
-- Now we append the new items.
for Idx in Before .. New_Last loop
-- In order to preserve container invariants, we always attempt
-- the element allocation first, before setting the Last index
-- value, in case the allocation fails (either because there
-- is no storage available, or because element initialization
-- fails).
declare
-- The element allocator may need an accessibility check in
-- the case the actual type is class-wide or has access
-- discriminants (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
Dst.EA (Idx) := new Element_Type'(New_Item);
end;
-- The allocation of the element succeeded, so it is now safe
-- to update the Last index, restoring container invariants.
Container.Last := Idx;
end loop;
else
-- The new items are being inserted before some existing elements,
-- so we must slide the existing elements up to their new home.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Index := Before + Index_Type'Base (Count);
else
Index := Index_Type'Base (Count_Type'Base (Before) + Count);
end if;
Dst.EA (Index .. New_Last) := Src.EA (Before .. Container.Last);
-- We have copied the elements from to the old source array to the
-- new destination array, so we can now deallocate the old array.
Container.Elements := Dst;
Container.Last := New_Last;
Free (Src);
-- The new array has a range in the middle containing null access
-- values. Fill in that partition of the array with the new items.
for Idx in Before .. Index - 1 loop
-- Note that container invariants have already been satisfied
-- (in particular, the Last index value of the vector has
-- already been updated), so if this allocation fails we simply
-- let it propagate.
declare
-- The element allocator may need an accessibility check in
-- the case the actual type is class-wide or has access
-- discriminants (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
Dst.EA (Idx) := new Element_Type'(New_Item);
end;
end loop;
end if;
end;
end Insert;
procedure Insert
(Container : in out Vector;
Before : Extended_Index;
New_Item : Vector)
is
N : constant Count_Type := Length (New_Item);
J : Index_Type'Base;
begin
-- Use Insert_Space to create the "hole" (the destination slice) into
-- which we copy the source items.
Insert_Space (Container, Before, Count => N);
if N = 0 then
-- There's nothing else to do here (vetting of parameters was
-- performed already in Insert_Space), so we simply return.
return;
end if;
if Container'Address /= New_Item'Address then
-- This is the simple case. New_Item denotes an object different
-- from Container, so there's nothing special we need to do to copy
-- the source items to their destination, because all of the source
-- items are contiguous.
declare
subtype Src_Index_Subtype is Index_Type'Base range
Index_Type'First .. New_Item.Last;
Src : Elements_Array renames
New_Item.Elements.EA (Src_Index_Subtype);
Dst : Elements_Array renames Container.Elements.EA;
Dst_Index : Index_Type'Base;
begin
Dst_Index := Before - 1;
for Src_Index in Src'Range loop
Dst_Index := Dst_Index + 1;
if Src (Src_Index) /= null then
Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
end if;
end loop;
end;
return;
end if;
-- New_Item denotes the same object as Container, so an insertion has
-- potentially split the source items. The first source slice is
-- [Index_Type'First, Before), and the second source slice is
-- [J, Container.Last], where index value J is the first index of the
-- second slice. (J gets computed below, but only after we have
-- determined that the second source slice is non-empty.) The
-- destination slice is always the range [Before, J). We perform the
-- copy in two steps, using each of the two slices of the source items.
declare
L : constant Index_Type'Base := Before - 1;
subtype Src_Index_Subtype is Index_Type'Base range
Index_Type'First .. L;
Src : Elements_Array renames
Container.Elements.EA (Src_Index_Subtype);
Dst : Elements_Array renames Container.Elements.EA;
Dst_Index : Index_Type'Base;
begin
-- We first copy the source items that precede the space we
-- inserted. (If Before equals Index_Type'First, then this first
-- source slice will be empty, which is harmless.)
Dst_Index := Before - 1;
for Src_Index in Src'Range loop
Dst_Index := Dst_Index + 1;
if Src (Src_Index) /= null then
Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
end if;
end loop;
if Src'Length = N then
-- The new items were effectively appended to the container, so we
-- have already copied all of the items that need to be copied.
-- We return early here, even though the source slice below is
-- empty (so the assignment would be harmless), because we want to
-- avoid computing J, which will overflow if J is greater than
-- Index_Type'Base'Last.
return;
end if;
end;
-- Index value J is the first index of the second source slice. (It is
-- also 1 greater than the last index of the destination slice.) Note:
-- avoid computing J if J is greater than Index_Type'Base'Last, in order
-- to avoid overflow. Prevent that by returning early above, immediately
-- after copying the first slice of the source, and determining that
-- this second slice of the source is empty.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
J := Before + Index_Type'Base (N);
else
J := Index_Type'Base (Count_Type'Base (Before) + N);
end if;
declare
subtype Src_Index_Subtype is Index_Type'Base range
J .. Container.Last;
Src : Elements_Array renames
Container.Elements.EA (Src_Index_Subtype);
Dst : Elements_Array renames Container.Elements.EA;
Dst_Index : Index_Type'Base;
begin
-- We next copy the source items that follow the space we inserted.
-- Index value Dst_Index is the first index of that portion of the
-- destination that receives this slice of the source. (For the
-- reasons given above, this slice is guaranteed to be non-empty.)
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Dst_Index := J - Index_Type'Base (Src'Length);
else
Dst_Index := Index_Type'Base (Count_Type'Base (J) - Src'Length);
end if;
for Src_Index in Src'Range loop
if Src (Src_Index) /= null then
Dst (Dst_Index) := new Element_Type'(Src (Src_Index).all);
end if;
Dst_Index := Dst_Index + 1;
end loop;
end;
end Insert;
procedure Insert
(Container : in out Vector;
Before : Cursor;
New_Item : Vector)
is
Index : Index_Type'Base;
begin
if Before.Container /= null
and then Before.Container /= Container'Unrestricted_Access
then
raise Program_Error with "Before cursor denotes wrong container";
end if;
if Is_Empty (New_Item) then
return;
end if;
if Before.Container = null or else Before.Index > Container.Last then
if Container.Last = Index_Type'Last then
raise Constraint_Error with
"vector is already at its maximum length";
end if;
Index := Container.Last + 1;
else
Index := Before.Index;
end if;
Insert (Container, Index, New_Item);
end Insert;
procedure Insert
(Container : in out Vector;
Before : Cursor;
New_Item : Vector;
Position : out Cursor)
is
Index : Index_Type'Base;
begin
if Before.Container /= null
and then Before.Container /=
Vector_Access'(Container'Unrestricted_Access)
then
raise Program_Error with "Before cursor denotes wrong container";
end if;
if Is_Empty (New_Item) then
if Before.Container = null or else Before.Index > Container.Last then
Position := No_Element;
else
Position := (Container'Unrestricted_Access, Before.Index);
end if;
return;
end if;
if Before.Container = null or else Before.Index > Container.Last then
if Container.Last = Index_Type'Last then
raise Constraint_Error with
"vector is already at its maximum length";
end if;
Index := Container.Last + 1;
else
Index := Before.Index;
end if;
Insert (Container, Index, New_Item);
Position := Cursor'(Container'Unrestricted_Access, Index);
end Insert;
procedure Insert
(Container : in out Vector;
Before : Cursor;
New_Item : Element_Type;
Count : Count_Type := 1)
is
Index : Index_Type'Base;
begin
if Before.Container /= null
and then Before.Container /= Container'Unrestricted_Access
then
raise Program_Error with "Before cursor denotes wrong container";
end if;
if Count = 0 then
return;
end if;
if Before.Container = null or else Before.Index > Container.Last then
if Container.Last = Index_Type'Last then
raise Constraint_Error with
"vector is already at its maximum length";
end if;
Index := Container.Last + 1;
else
Index := Before.Index;
end if;
Insert (Container, Index, New_Item, Count);
end Insert;
procedure Insert
(Container : in out Vector;
Before : Cursor;
New_Item : Element_Type;
Position : out Cursor;
Count : Count_Type := 1)
is
Index : Index_Type'Base;
begin
if Before.Container /= null
and then Before.Container /= Container'Unrestricted_Access
then
raise Program_Error with "Before cursor denotes wrong container";
end if;
if Count = 0 then
if Before.Container = null
or else Before.Index > Container.Last
then
Position := No_Element;
else
Position := (Container'Unrestricted_Access, Before.Index);
end if;
return;
end if;
if Before.Container = null or else Before.Index > Container.Last then
if Container.Last = Index_Type'Last then
raise Constraint_Error with
"vector is already at its maximum length";
end if;
Index := Container.Last + 1;
else
Index := Before.Index;
end if;
Insert (Container, Index, New_Item, Count);
Position := (Container'Unrestricted_Access, Index);
end Insert;
------------------
-- Insert_Space --
------------------
procedure Insert_Space
(Container : in out Vector;
Before : Extended_Index;
Count : Count_Type := 1)
is
Old_Length : constant Count_Type := Container.Length;
Max_Length : Count_Type'Base; -- determined from range of Index_Type
New_Length : Count_Type'Base; -- sum of current length and Count
New_Last : Index_Type'Base; -- last index of vector after insertion
Index : Index_Type'Base; -- scratch for intermediate values
J : Count_Type'Base; -- scratch
New_Capacity : Count_Type'Base; -- length of new, expanded array
Dst_Last : Index_Type'Base; -- last index of new, expanded array
Dst : Elements_Access; -- new, expanded internal array
begin
-- As a precondition on the generic actual Index_Type, the base type
-- must include Index_Type'Pred (Index_Type'First); this is the value
-- that Container.Last assumes when the vector is empty. However, we do
-- not allow that as the value for Index when specifying where the new
-- items should be inserted, so we must manually check. (That the user
-- is allowed to specify the value at all here is a consequence of the
-- declaration of the Extended_Index subtype, which includes the values
-- in the base range that immediately precede and immediately follow the
-- values in the Index_Type.)
if Before < Index_Type'First then
raise Constraint_Error with
"Before index is out of range (too small)";
end if;
-- We do allow a value greater than Container.Last to be specified as
-- the Index, but only if it's immediately greater. This allows for the
-- case of appending items to the back end of the vector. (It is assumed
-- that specifying an index value greater than Last + 1 indicates some
-- deeper flaw in the caller's algorithm, so that case is treated as a
-- proper error.)
if Before > Container.Last and then Before > Container.Last + 1 then
raise Constraint_Error with
"Before index is out of range (too large)";
end if;
-- We treat inserting 0 items into the container as a no-op, even when
-- the container is busy, so we simply return.
if Count = 0 then
return;
end if;
-- There are two constraints we need to satisfy. The first constraint is
-- that a container cannot have more than Count_Type'Last elements, so
-- we must check the sum of the current length and the insertion
-- count. Note that we cannot simply add these values, because of the
-- possibility of overflow.
if Old_Length > Count_Type'Last - Count then
raise Constraint_Error with "Count is out of range";
end if;
-- It is now safe compute the length of the new vector, without fear of
-- overflow.
New_Length := Old_Length + Count;
-- The second constraint is that the new Last index value cannot exceed
-- Index_Type'Last. In each branch below, we calculate the maximum
-- length (computed from the range of values in Index_Type), and then
-- compare the new length to the maximum length. If the new length is
-- acceptable, then we compute the new last index from that.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We have to handle the case when there might be more values in the
-- range of Index_Type than in the range of Count_Type.
if Index_Type'First <= 0 then
-- We know that No_Index (the same as Index_Type'First - 1) is
-- less than 0, so it is safe to compute the following sum without
-- fear of overflow.
Index := No_Index + Index_Type'Base (Count_Type'Last);
if Index <= Index_Type'Last then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the
-- maximum number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than in Count_Type,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
end if;
else
-- No_Index is equal or greater than 0, so we can safely compute
-- the difference without fear of overflow (which we would have to
-- worry about if No_Index were less than 0, but that case is
-- handled above).
if Index_Type'Last - No_Index >=
Count_Type'Pos (Count_Type'Last)
then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the
-- maximum number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than in Count_Type,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length := Count_Type'Base (Index_Type'Last - No_Index);
end if;
end if;
elsif Index_Type'First <= 0 then
-- We know that No_Index (the same as Index_Type'First - 1) is less
-- than 0, so it is safe to compute the following sum without fear of
-- overflow.
J := Count_Type'Base (No_Index) + Count_Type'Last;
if J <= Count_Type'Base (Index_Type'Last) then
-- We have determined that range of Index_Type has at least as
-- many values as in Count_Type, so Count_Type'Last is the maximum
-- number of items that are allowed.
Max_Length := Count_Type'Last;
else
-- The range of Index_Type has fewer values than Count_Type does,
-- so the maximum number of items is computed from the range of
-- the Index_Type.
Max_Length :=
Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
end if;
else
-- No_Index is equal or greater than 0, so we can safely compute the
-- difference without fear of overflow (which we would have to worry
-- about if No_Index were less than 0, but that case is handled
-- above).
Max_Length :=
Count_Type'Base (Index_Type'Last) - Count_Type'Base (No_Index);
end if;
-- We have just computed the maximum length (number of items). We must
-- now compare the requested length to the maximum length, as we do not
-- allow a vector expand beyond the maximum (because that would create
-- an internal array with a last index value greater than
-- Index_Type'Last, with no way to index those elements).
if New_Length > Max_Length then
raise Constraint_Error with "Count is out of range";
end if;
-- New_Last is the last index value of the items in the container after
-- insertion. Use the wider of Index_Type'Base and Count_Type'Base to
-- compute its value from the New_Length.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
New_Last := No_Index + Index_Type'Base (New_Length);
else
New_Last := Index_Type'Base (Count_Type'Base (No_Index) + New_Length);
end if;
if Container.Elements = null then
pragma Assert (Container.Last = No_Index);
-- This is the simplest case, with which we must always begin: we're
-- inserting items into an empty vector that hasn't allocated an
-- internal array yet. Note that we don't need to check the busy bit
-- here, because an empty container cannot be busy.
-- In an indefinite vector, elements are allocated individually, and
-- stored as access values on the internal array (the length of which
-- represents the vector "capacity"), which is separately allocated.
-- We have no elements here (because we're inserting "space"), so all
-- we need to do is allocate the backbone.
Container.Elements := new Elements_Type (New_Last);
Container.Last := New_Last;
return;
end if;
-- The tampering bits exist to prevent an item from being harmfully
-- manipulated while it is being visited. Query, Update, and Iterate
-- increment the busy count on entry, and decrement the count on exit.
-- Insert checks the count to determine whether it is being called while
-- the associated callback procedure is executing.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
if New_Length <= Container.Elements.EA'Length then
-- In this case, we are inserting elements into a vector that has
-- already allocated an internal array, and the existing array has
-- enough unused storage for the new items.
declare
E : Elements_Array renames Container.Elements.EA;
begin
if Before <= Container.Last then
-- The new space is being inserted before some existing
-- elements, so we must slide the existing elements up to
-- their new home. We use the wider of Index_Type'Base and
-- Count_Type'Base as the type for intermediate index values.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Index := Before + Index_Type'Base (Count);
else
Index := Index_Type'Base (Count_Type'Base (Before) + Count);
end if;
E (Index .. New_Last) := E (Before .. Container.Last);
E (Before .. Index - 1) := (others => null);
end if;
end;
Container.Last := New_Last;
return;
end if;
-- In this case, we're inserting elements into a vector that has already
-- allocated an internal array, but the existing array does not have
-- enough storage, so we must allocate a new, longer array. In order to
-- guarantee that the amortized insertion cost is O(1), we always
-- allocate an array whose length is some power-of-two factor of the
-- current array length. (The new array cannot have a length less than
-- the New_Length of the container, but its last index value cannot be
-- greater than Index_Type'Last.)
New_Capacity := Count_Type'Max (1, Container.Elements.EA'Length);
while New_Capacity < New_Length loop
if New_Capacity > Count_Type'Last / 2 then
New_Capacity := Count_Type'Last;
exit;
end if;
New_Capacity := 2 * New_Capacity;
end loop;
if New_Capacity > Max_Length then
-- We have reached the limit of capacity, so no further expansion
-- will occur. (This is not a problem, as there is never a need to
-- have more capacity than the maximum container length.)
New_Capacity := Max_Length;
end if;
-- We have computed the length of the new internal array (and this is
-- what "vector capacity" means), so use that to compute its last index.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Dst_Last := No_Index + Index_Type'Base (New_Capacity);
else
Dst_Last :=
Index_Type'Base (Count_Type'Base (No_Index) + New_Capacity);
end if;
-- Now we allocate the new, longer internal array. If the allocation
-- fails, we have not changed any container state, so no side-effect
-- will occur as a result of propagating the exception.
Dst := new Elements_Type (Dst_Last);
-- We have our new internal array. All that needs to be done now is to
-- copy the existing items (if any) from the old array (the "source"
-- array) to the new array (the "destination" array), and then
-- deallocate the old array.
declare
Src : Elements_Access := Container.Elements;
begin
Dst.EA (Index_Type'First .. Before - 1) :=
Src.EA (Index_Type'First .. Before - 1);
if Before <= Container.Last then
-- The new items are being inserted before some existing elements,
-- so we must slide the existing elements up to their new home.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
Index := Before + Index_Type'Base (Count);
else
Index := Index_Type'Base (Count_Type'Base (Before) + Count);
end if;
Dst.EA (Index .. New_Last) := Src.EA (Before .. Container.Last);
end if;
-- We have copied the elements from to the old, source array to the
-- new, destination array, so we can now restore invariants, and
-- deallocate the old array.
Container.Elements := Dst;
Container.Last := New_Last;
Free (Src);
end;
end Insert_Space;
procedure Insert_Space
(Container : in out Vector;
Before : Cursor;
Position : out Cursor;
Count : Count_Type := 1)
is
Index : Index_Type'Base;
begin
if Before.Container /= null
and then Before.Container /= Container'Unrestricted_Access
then
raise Program_Error with "Before cursor denotes wrong container";
end if;
if Count = 0 then
if Before.Container = null or else Before.Index > Container.Last then
Position := No_Element;
else
Position := (Container'Unrestricted_Access, Before.Index);
end if;
return;
end if;
if Before.Container = null
or else Before.Index > Container.Last
then
if Container.Last = Index_Type'Last then
raise Constraint_Error with
"vector is already at its maximum length";
end if;
Index := Container.Last + 1;
else
Index := Before.Index;
end if;
Insert_Space (Container, Index, Count);
Position := Cursor'(Container'Unrestricted_Access, Index);
end Insert_Space;
--------------
-- Is_Empty --
--------------
function Is_Empty (Container : Vector) return Boolean is
begin
return Container.Last < Index_Type'First;
end Is_Empty;
-------------
-- Iterate --
-------------
procedure Iterate
(Container : Vector;
Process : not null access procedure (Position : Cursor))
is
B : Natural renames Container'Unrestricted_Access.all.Busy;
begin
B := B + 1;
begin
for Indx in Index_Type'First .. Container.Last loop
Process (Cursor'(Container'Unrestricted_Access, Indx));
end loop;
exception
when others =>
B := B - 1;
raise;
end;
B := B - 1;
end Iterate;
function Iterate (Container : Vector)
return Vector_Iterator_Interfaces.Reversible_Iterator'Class
is
V : constant Vector_Access := Container'Unrestricted_Access;
B : Natural renames V.Busy;
begin
-- The value of its Index component influences the behavior of the First
-- and Last selector functions of the iterator object. When the Index
-- component is No_Index (as is the case here), this means the iterator
-- object was constructed without a start expression. This is a complete
-- iterator, meaning that the iteration starts from the (logical)
-- beginning of the sequence of items.
-- Note: For a forward iterator, Container.First is the beginning, and
-- for a reverse iterator, Container.Last is the beginning.
return It : constant Iterator :=
(Limited_Controlled with
Container => V,
Index => No_Index)
do
B := B + 1;
end return;
end Iterate;
function Iterate
(Container : Vector;
Start : Cursor)
return Vector_Iterator_Interfaces.Reversible_Iterator'Class
is
V : constant Vector_Access := Container'Unrestricted_Access;
B : Natural renames V.Busy;
begin
-- It was formerly the case that when Start = No_Element, the partial
-- iterator was defined to behave the same as for a complete iterator,
-- and iterate over the entire sequence of items. However, those
-- semantics were unintuitive and arguably error-prone (it is too easy
-- to accidentally create an endless loop), and so they were changed,
-- per the ARG meeting in Denver on 2011/11. However, there was no
-- consensus about what positive meaning this corner case should have,
-- and so it was decided to simply raise an exception. This does imply,
-- however, that it is not possible to use a partial iterator to specify
-- an empty sequence of items.
if Start.Container = null then
raise Constraint_Error with
"Start position for iterator equals No_Element";
end if;
if Start.Container /= V then
raise Program_Error with
"Start cursor of Iterate designates wrong vector";
end if;
if Start.Index > V.Last then
raise Constraint_Error with
"Start position for iterator equals No_Element";
end if;
-- The value of its Index component influences the behavior of the First
-- and Last selector functions of the iterator object. When the Index
-- component is not No_Index (as is the case here), it means that this
-- is a partial iteration, over a subset of the complete sequence of
-- items. The iterator object was constructed with a start expression,
-- indicating the position from which the iteration begins. Note that
-- the start position has the same value irrespective of whether this
-- is a forward or reverse iteration.
return It : constant Iterator :=
(Limited_Controlled with
Container => V,
Index => Start.Index)
do
B := B + 1;
end return;
end Iterate;
----------
-- Last --
----------
function Last (Container : Vector) return Cursor is
begin
if Is_Empty (Container) then
return No_Element;
end if;
return (Container'Unrestricted_Access, Container.Last);
end Last;
function Last (Object : Iterator) return Cursor is
begin
-- The value of the iterator object's Index component influences the
-- behavior of the Last (and First) selector function.
-- When the Index component is No_Index, this means the iterator
-- object was constructed without a start expression, in which case the
-- (reverse) iteration starts from the (logical) beginning of the entire
-- sequence (corresponding to Container.Last, for a reverse iterator).
-- Otherwise, this is iteration over a partial sequence of items.
-- When the Index component is not No_Index, the iterator object was
-- constructed with a start expression, that specifies the position
-- from which the (reverse) partial iteration begins.
if Object.Index = No_Index then
return Last (Object.Container.all);
else
return Cursor'(Object.Container, Object.Index);
end if;
end Last;
-----------------
-- Last_Element --
------------------
function Last_Element (Container : Vector) return Element_Type is
begin
if Container.Last = No_Index then
raise Constraint_Error with "Container is empty";
end if;
declare
EA : constant Element_Access :=
Container.Elements.EA (Container.Last);
begin
if EA = null then
raise Constraint_Error with "last element is empty";
else
return EA.all;
end if;
end;
end Last_Element;
----------------
-- Last_Index --
----------------
function Last_Index (Container : Vector) return Extended_Index is
begin
return Container.Last;
end Last_Index;
------------
-- Length --
------------
function Length (Container : Vector) return Count_Type is
L : constant Index_Type'Base := Container.Last;
F : constant Index_Type := Index_Type'First;
begin
-- The base range of the index type (Index_Type'Base) might not include
-- all values for length (Count_Type). Contrariwise, the index type
-- might include values outside the range of length. Hence we use
-- whatever type is wider for intermediate values when calculating
-- length. Note that no matter what the index type is, the maximum
-- length to which a vector is allowed to grow is always the minimum
-- of Count_Type'Last and (IT'Last - IT'First + 1).
-- For example, an Index_Type with range -127 .. 127 is only guaranteed
-- to have a base range of -128 .. 127, but the corresponding vector
-- would have lengths in the range 0 .. 255. In this case we would need
-- to use Count_Type'Base for intermediate values.
-- Another case would be the index range -2**63 + 1 .. -2**63 + 10. The
-- vector would have a maximum length of 10, but the index values lie
-- outside the range of Count_Type (which is only 32 bits). In this
-- case we would need to use Index_Type'Base for intermediate values.
if Count_Type'Base'Last >= Index_Type'Pos (Index_Type'Base'Last) then
return Count_Type'Base (L) - Count_Type'Base (F) + 1;
else
return Count_Type (L - F + 1);
end if;
end Length;
----------
-- Move --
----------
procedure Move
(Target : in out Vector;
Source : in out Vector)
is
begin
if Target'Address = Source'Address then
return;
end if;
if Source.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (Source is busy)";
end if;
Clear (Target); -- Checks busy-bit
declare
Target_Elements : constant Elements_Access := Target.Elements;
begin
Target.Elements := Source.Elements;
Source.Elements := Target_Elements;
end;
Target.Last := Source.Last;
Source.Last := No_Index;
end Move;
----------
-- Next --
----------
function Next (Position : Cursor) return Cursor is
begin
if Position.Container = null then
return No_Element;
elsif Position.Index < Position.Container.Last then
return (Position.Container, Position.Index + 1);
else
return No_Element;
end if;
end Next;
function Next (Object : Iterator; Position : Cursor) return Cursor is
begin
if Position.Container = null then
return No_Element;
elsif Position.Container /= Object.Container then
raise Program_Error with
"Position cursor of Next designates wrong vector";
else
return Next (Position);
end if;
end Next;
procedure Next (Position : in out Cursor) is
begin
if Position.Container = null then
return;
elsif Position.Index < Position.Container.Last then
Position.Index := Position.Index + 1;
else
Position := No_Element;
end if;
end Next;
-------------
-- Prepend --
-------------
procedure Prepend (Container : in out Vector; New_Item : Vector) is
begin
Insert (Container, Index_Type'First, New_Item);
end Prepend;
procedure Prepend
(Container : in out Vector;
New_Item : Element_Type;
Count : Count_Type := 1)
is
begin
Insert (Container, Index_Type'First, New_Item, Count);
end Prepend;
--------------
-- Previous --
--------------
procedure Previous (Position : in out Cursor) is
begin
if Position.Container = null then
return;
elsif Position.Index > Index_Type'First then
Position.Index := Position.Index - 1;
else
Position := No_Element;
end if;
end Previous;
function Previous (Position : Cursor) return Cursor is
begin
if Position.Container = null then
return No_Element;
elsif Position.Index > Index_Type'First then
return (Position.Container, Position.Index - 1);
else
return No_Element;
end if;
end Previous;
function Previous (Object : Iterator; Position : Cursor) return Cursor is
begin
if Position.Container = null then
return No_Element;
elsif Position.Container /= Object.Container then
raise Program_Error with
"Position cursor of Previous designates wrong vector";
else
return Previous (Position);
end if;
end Previous;
-------------------
-- Query_Element --
-------------------
procedure Query_Element
(Container : Vector;
Index : Index_Type;
Process : not null access procedure (Element : Element_Type))
is
V : Vector renames Container'Unrestricted_Access.all;
B : Natural renames V.Busy;
L : Natural renames V.Lock;
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
if V.Elements.EA (Index) = null then
raise Constraint_Error with "element is null";
end if;
B := B + 1;
L := L + 1;
begin
Process (V.Elements.EA (Index).all);
exception
when others =>
L := L - 1;
B := B - 1;
raise;
end;
L := L - 1;
B := B - 1;
end Query_Element;
procedure Query_Element
(Position : Cursor;
Process : not null access procedure (Element : Element_Type))
is
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
else
Query_Element (Position.Container.all, Position.Index, Process);
end if;
end Query_Element;
----------
-- Read --
----------
procedure Read
(Stream : not null access Root_Stream_Type'Class;
Container : out Vector)
is
Length : Count_Type'Base;
Last : Index_Type'Base := Index_Type'Pred (Index_Type'First);
B : Boolean;
begin
Clear (Container);
Count_Type'Base'Read (Stream, Length);
if Length > Capacity (Container) then
Reserve_Capacity (Container, Capacity => Length);
end if;
for J in Count_Type range 1 .. Length loop
Last := Last + 1;
Boolean'Read (Stream, B);
if B then
Container.Elements.EA (Last) :=
new Element_Type'(Element_Type'Input (Stream));
end if;
Container.Last := Last;
end loop;
end Read;
procedure Read
(Stream : not null access Root_Stream_Type'Class;
Position : out Cursor)
is
begin
raise Program_Error with "attempt to stream vector cursor";
end Read;
procedure Read
(Stream : not null access Root_Stream_Type'Class;
Item : out Reference_Type)
is
begin
raise Program_Error with "attempt to stream reference";
end Read;
procedure Read
(Stream : not null access Root_Stream_Type'Class;
Item : out Constant_Reference_Type)
is
begin
raise Program_Error with "attempt to stream reference";
end Read;
---------------
-- Reference --
---------------
function Reference
(Container : aliased in out Vector;
Position : Cursor) return Reference_Type
is
E : Element_Access;
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
end if;
if Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
end if;
if Position.Index > Position.Container.Last then
raise Constraint_Error with "Position cursor is out of range";
end if;
E := Container.Elements.EA (Position.Index);
if E = null then
raise Constraint_Error with "element at Position is empty";
end if;
declare
C : Vector renames Container'Unrestricted_Access.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
return R : constant Reference_Type :=
(Element => E.all'Access,
Control => (Controlled with Position.Container))
do
B := B + 1;
L := L + 1;
end return;
end;
end Reference;
function Reference
(Container : aliased in out Vector;
Index : Index_Type) return Reference_Type
is
E : Element_Access;
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
E := Container.Elements.EA (Index);
if E = null then
raise Constraint_Error with "element at Index is empty";
end if;
declare
C : Vector renames Container'Unrestricted_Access.all;
B : Natural renames C.Busy;
L : Natural renames C.Lock;
begin
return R : constant Reference_Type :=
(Element => E.all'Access,
Control => (Controlled with Container'Unrestricted_Access))
do
B := B + 1;
L := L + 1;
end return;
end;
end Reference;
---------------------
-- Replace_Element --
---------------------
procedure Replace_Element
(Container : in out Vector;
Index : Index_Type;
New_Item : Element_Type)
is
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
if Container.Lock > 0 then
raise Program_Error with
"attempt to tamper with elements (vector is locked)";
end if;
declare
X : Element_Access := Container.Elements.EA (Index);
-- The element allocator may need an accessibility check in the case
-- where the actual type is class-wide or has access discriminants
-- (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
Container.Elements.EA (Index) := new Element_Type'(New_Item);
Free (X);
end;
end Replace_Element;
procedure Replace_Element
(Container : in out Vector;
Position : Cursor;
New_Item : Element_Type)
is
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
end if;
if Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
end if;
if Position.Index > Container.Last then
raise Constraint_Error with "Position cursor is out of range";
end if;
if Container.Lock > 0 then
raise Program_Error with
"attempt to tamper with elements (vector is locked)";
end if;
declare
X : Element_Access := Container.Elements.EA (Position.Index);
-- The element allocator may need an accessibility check in the case
-- where the actual type is class-wide or has access discriminants
-- (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
Container.Elements.EA (Position.Index) := new Element_Type'(New_Item);
Free (X);
end;
end Replace_Element;
----------------------
-- Reserve_Capacity --
----------------------
procedure Reserve_Capacity
(Container : in out Vector;
Capacity : Count_Type)
is
N : constant Count_Type := Length (Container);
Index : Count_Type'Base;
Last : Index_Type'Base;
begin
-- Reserve_Capacity can be used to either expand the storage available
-- for elements (this would be its typical use, in anticipation of
-- future insertion), or to trim back storage. In the latter case,
-- storage can only be trimmed back to the limit of the container
-- length. Note that Reserve_Capacity neither deletes (active) elements
-- nor inserts elements; it only affects container capacity, never
-- container length.
if Capacity = 0 then
-- This is a request to trim back storage, to the minimum amount
-- possible given the current state of the container.
if N = 0 then
-- The container is empty, so in this unique case we can
-- deallocate the entire internal array. Note that an empty
-- container can never be busy, so there's no need to check the
-- tampering bits.
declare
X : Elements_Access := Container.Elements;
begin
-- First we remove the internal array from the container, to
-- handle the case when the deallocation raises an exception
-- (although that's unlikely, since this is simply an array of
-- access values, all of which are null).
Container.Elements := null;
-- Container invariants have been restored, so it is now safe
-- to attempt to deallocate the internal array.
Free (X);
end;
elsif N < Container.Elements.EA'Length then
-- The container is not empty, and the current length is less than
-- the current capacity, so there's storage available to trim. In
-- this case, we allocate a new internal array having a length
-- that exactly matches the number of items in the
-- container. (Reserve_Capacity does not delete active elements,
-- so this is the best we can do with respect to minimizing
-- storage).
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
declare
subtype Array_Index_Subtype is Index_Type'Base range
Index_Type'First .. Container.Last;
Src : Elements_Array renames
Container.Elements.EA (Array_Index_Subtype);
X : Elements_Access := Container.Elements;
begin
-- Although we have isolated the old internal array that we're
-- going to deallocate, we don't deallocate it until we have
-- successfully allocated a new one. If there is an exception
-- during allocation (because there is not enough storage), we
-- let it propagate without causing any side-effect.
Container.Elements := new Elements_Type'(Container.Last, Src);
-- We have successfully allocated a new internal array (with a
-- smaller length than the old one, and containing a copy of
-- just the active elements in the container), so we can
-- deallocate the old array.
Free (X);
end;
end if;
return;
end if;
-- Reserve_Capacity can be used to expand the storage available for
-- elements, but we do not let the capacity grow beyond the number of
-- values in Index_Type'Range. (Were it otherwise, there would be no way
-- to refer to the elements with index values greater than
-- Index_Type'Last, so that storage would be wasted.) Here we compute
-- the Last index value of the new internal array, in a way that avoids
-- any possibility of overflow.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We perform a two-part test. First we determine whether the
-- computed Last value lies in the base range of the type, and then
-- determine whether it lies in the range of the index (sub)type.
-- Last must satisfy this relation:
-- First + Length - 1 <= Last
-- We regroup terms:
-- First - 1 <= Last - Length
-- Which can rewrite as:
-- No_Index <= Last - Length
if Index_Type'Base'Last - Index_Type'Base (Capacity) < No_Index then
raise Constraint_Error with "Capacity is out of range";
end if;
-- We now know that the computed value of Last is within the base
-- range of the type, so it is safe to compute its value:
Last := No_Index + Index_Type'Base (Capacity);
-- Finally we test whether the value is within the range of the
-- generic actual index subtype:
if Last > Index_Type'Last then
raise Constraint_Error with "Capacity is out of range";
end if;
elsif Index_Type'First <= 0 then
-- Here we can compute Last directly, in the normal way. We know that
-- No_Index is less than 0, so there is no danger of overflow when
-- adding the (positive) value of Capacity.
Index := Count_Type'Base (No_Index) + Capacity; -- Last
if Index > Count_Type'Base (Index_Type'Last) then
raise Constraint_Error with "Capacity is out of range";
end if;
-- We know that the computed value (having type Count_Type) of Last
-- is within the range of the generic actual index subtype, so it is
-- safe to convert to Index_Type:
Last := Index_Type'Base (Index);
else
-- Here Index_Type'First (and Index_Type'Last) is positive, so we
-- must test the length indirectly (by working backwards from the
-- largest possible value of Last), in order to prevent overflow.
Index := Count_Type'Base (Index_Type'Last) - Capacity; -- No_Index
if Index < Count_Type'Base (No_Index) then
raise Constraint_Error with "Capacity is out of range";
end if;
-- We have determined that the value of Capacity would not create a
-- Last index value outside of the range of Index_Type, so we can now
-- safely compute its value.
Last := Index_Type'Base (Count_Type'Base (No_Index) + Capacity);
end if;
-- The requested capacity is non-zero, but we don't know yet whether
-- this is a request for expansion or contraction of storage.
if Container.Elements = null then
-- The container is empty (it doesn't even have an internal array),
-- so this represents a request to allocate storage having the given
-- capacity.
Container.Elements := new Elements_Type (Last);
return;
end if;
if Capacity <= N then
-- This is a request to trim back storage, but only to the limit of
-- what's already in the container. (Reserve_Capacity never deletes
-- active elements, it only reclaims excess storage.)
if N < Container.Elements.EA'Length then
-- The container is not empty (because the requested capacity is
-- positive, and less than or equal to the container length), and
-- the current length is less than the current capacity, so there
-- is storage available to trim. In this case, we allocate a new
-- internal array having a length that exactly matches the number
-- of items in the container.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
declare
subtype Array_Index_Subtype is Index_Type'Base range
Index_Type'First .. Container.Last;
Src : Elements_Array renames
Container.Elements.EA (Array_Index_Subtype);
X : Elements_Access := Container.Elements;
begin
-- Although we have isolated the old internal array that we're
-- going to deallocate, we don't deallocate it until we have
-- successfully allocated a new one. If there is an exception
-- during allocation (because there is not enough storage), we
-- let it propagate without causing any side-effect.
Container.Elements := new Elements_Type'(Container.Last, Src);
-- We have successfully allocated a new internal array (with a
-- smaller length than the old one, and containing a copy of
-- just the active elements in the container), so it is now
-- safe to deallocate the old array.
Free (X);
end;
end if;
return;
end if;
-- The requested capacity is larger than the container length (the
-- number of active elements). Whether this represents a request for
-- expansion or contraction of the current capacity depends on what the
-- current capacity is.
if Capacity = Container.Elements.EA'Length then
-- The requested capacity matches the existing capacity, so there's
-- nothing to do here. We treat this case as a no-op, and simply
-- return without checking the busy bit.
return;
end if;
-- There is a change in the capacity of a non-empty container, so a new
-- internal array will be allocated. (The length of the new internal
-- array could be less or greater than the old internal array. We know
-- only that the length of the new internal array is greater than the
-- number of active elements in the container.) We must check whether
-- the container is busy before doing anything else.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
-- We now allocate a new internal array, having a length different from
-- its current value.
declare
X : Elements_Access := Container.Elements;
subtype Index_Subtype is Index_Type'Base range
Index_Type'First .. Container.Last;
begin
-- We now allocate a new internal array, having a length different
-- from its current value.
Container.Elements := new Elements_Type (Last);
-- We have successfully allocated the new internal array, so now we
-- move the existing elements from the existing the old internal
-- array onto the new one. Note that we're just copying access
-- values, to this should not raise any exceptions.
Container.Elements.EA (Index_Subtype) := X.EA (Index_Subtype);
-- We have moved the elements from the old internal array, so now we
-- can deallocate it.
Free (X);
end;
end Reserve_Capacity;
----------------------
-- Reverse_Elements --
----------------------
procedure Reverse_Elements (Container : in out Vector) is
begin
if Container.Length <= 1 then
return;
end if;
-- The exception behavior for the vector container must match that for
-- the list container, so we check for cursor tampering here (which will
-- catch more things) instead of for element tampering (which will catch
-- fewer things). It's true that the elements of this vector container
-- could be safely moved around while (say) an iteration is taking place
-- (iteration only increments the busy counter), and so technically all
-- we would need here is a test for element tampering (indicated by the
-- lock counter), that's simply an artifact of our array-based
-- implementation. Logically Reverse_Elements requires a check for
-- cursor tampering.
if Container.Busy > 0 then
raise Program_Error with
"attempt to tamper with cursors (vector is busy)";
end if;
declare
I : Index_Type;
J : Index_Type;
E : Elements_Array renames Container.Elements.EA;
begin
I := Index_Type'First;
J := Container.Last;
while I < J loop
declare
EI : constant Element_Access := E (I);
begin
E (I) := E (J);
E (J) := EI;
end;
I := I + 1;
J := J - 1;
end loop;
end;
end Reverse_Elements;
------------------
-- Reverse_Find --
------------------
function Reverse_Find
(Container : Vector;
Item : Element_Type;
Position : Cursor := No_Element) return Cursor
is
Last : Index_Type'Base;
begin
if Position.Container /= null
and then Position.Container /= Container'Unrestricted_Access
then
raise Program_Error with "Position cursor denotes wrong container";
end if;
if Position.Container = null or else Position.Index > Container.Last then
Last := Container.Last;
else
Last := Position.Index;
end if;
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
declare
B : Natural renames Container'Unrestricted_Access.Busy;
L : Natural renames Container'Unrestricted_Access.Lock;
Result : Index_Type'Base;
begin
B := B + 1;
L := L + 1;
Result := No_Index;
for Indx in reverse Index_Type'First .. Last loop
if Container.Elements.EA (Indx) /= null
and then Container.Elements.EA (Indx).all = Item
then
Result := Indx;
exit;
end if;
end loop;
B := B - 1;
L := L - 1;
if Result = No_Index then
return No_Element;
else
return Cursor'(Container'Unrestricted_Access, Result);
end if;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end;
end Reverse_Find;
------------------------
-- Reverse_Find_Index --
------------------------
function Reverse_Find_Index
(Container : Vector;
Item : Element_Type;
Index : Index_Type := Index_Type'Last) return Extended_Index
is
B : Natural renames Container'Unrestricted_Access.Busy;
L : Natural renames Container'Unrestricted_Access.Lock;
Last : constant Index_Type'Base :=
(if Index > Container.Last then Container.Last else Index);
Result : Index_Type'Base;
begin
-- Per AI05-0022, the container implementation is required to detect
-- element tampering by a generic actual subprogram.
B := B + 1;
L := L + 1;
Result := No_Index;
for Indx in reverse Index_Type'First .. Last loop
if Container.Elements.EA (Indx) /= null
and then Container.Elements.EA (Indx).all = Item
then
Result := Indx;
exit;
end if;
end loop;
B := B - 1;
L := L - 1;
return Result;
exception
when others =>
B := B - 1;
L := L - 1;
raise;
end Reverse_Find_Index;
---------------------
-- Reverse_Iterate --
---------------------
procedure Reverse_Iterate
(Container : Vector;
Process : not null access procedure (Position : Cursor))
is
V : Vector renames Container'Unrestricted_Access.all;
B : Natural renames V.Busy;
begin
B := B + 1;
begin
for Indx in reverse Index_Type'First .. Container.Last loop
Process (Cursor'(Container'Unrestricted_Access, Indx));
end loop;
exception
when others =>
B := B - 1;
raise;
end;
B := B - 1;
end Reverse_Iterate;
----------------
-- Set_Length --
----------------
procedure Set_Length
(Container : in out Vector;
Length : Count_Type)
is
Count : constant Count_Type'Base := Container.Length - Length;
begin
-- Set_Length allows the user to set the length explicitly, instead of
-- implicitly as a side-effect of deletion or insertion. If the
-- requested length is less than the current length, this is equivalent
-- to deleting items from the back end of the vector. If the requested
-- length is greater than the current length, then this is equivalent to
-- inserting "space" (nonce items) at the end.
if Count >= 0 then
Container.Delete_Last (Count);
elsif Container.Last >= Index_Type'Last then
raise Constraint_Error with "vector is already at its maximum length";
else
Container.Insert_Space (Container.Last + 1, -Count);
end if;
end Set_Length;
----------
-- Swap --
----------
procedure Swap
(Container : in out Vector;
I, J : Index_Type)
is
begin
if I > Container.Last then
raise Constraint_Error with "I index is out of range";
end if;
if J > Container.Last then
raise Constraint_Error with "J index is out of range";
end if;
if I = J then
return;
end if;
if Container.Lock > 0 then
raise Program_Error with
"attempt to tamper with elements (vector is locked)";
end if;
declare
EI : Element_Access renames Container.Elements.EA (I);
EJ : Element_Access renames Container.Elements.EA (J);
EI_Copy : constant Element_Access := EI;
begin
EI := EJ;
EJ := EI_Copy;
end;
end Swap;
procedure Swap
(Container : in out Vector;
I, J : Cursor)
is
begin
if I.Container = null then
raise Constraint_Error with "I cursor has no element";
end if;
if J.Container = null then
raise Constraint_Error with "J cursor has no element";
end if;
if I.Container /= Container'Unrestricted_Access then
raise Program_Error with "I cursor denotes wrong container";
end if;
if J.Container /= Container'Unrestricted_Access then
raise Program_Error with "J cursor denotes wrong container";
end if;
Swap (Container, I.Index, J.Index);
end Swap;
---------------
-- To_Cursor --
---------------
function To_Cursor
(Container : Vector;
Index : Extended_Index) return Cursor
is
begin
if Index not in Index_Type'First .. Container.Last then
return No_Element;
end if;
return Cursor'(Container'Unrestricted_Access, Index);
end To_Cursor;
--------------
-- To_Index --
--------------
function To_Index (Position : Cursor) return Extended_Index is
begin
if Position.Container = null then
return No_Index;
elsif Position.Index <= Position.Container.Last then
return Position.Index;
else
return No_Index;
end if;
end To_Index;
---------------
-- To_Vector --
---------------
function To_Vector (Length : Count_Type) return Vector is
Index : Count_Type'Base;
Last : Index_Type'Base;
Elements : Elements_Access;
begin
if Length = 0 then
return Empty_Vector;
end if;
-- We create a vector object with a capacity that matches the specified
-- Length, but we do not allow the vector capacity (the length of the
-- internal array) to exceed the number of values in Index_Type'Range
-- (otherwise, there would be no way to refer to those components via an
-- index). We must therefore check whether the specified Length would
-- create a Last index value greater than Index_Type'Last.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We perform a two-part test. First we determine whether the
-- computed Last value lies in the base range of the type, and then
-- determine whether it lies in the range of the index (sub)type.
-- Last must satisfy this relation:
-- First + Length - 1 <= Last
-- We regroup terms:
-- First - 1 <= Last - Length
-- Which can rewrite as:
-- No_Index <= Last - Length
if Index_Type'Base'Last - Index_Type'Base (Length) < No_Index then
raise Constraint_Error with "Length is out of range";
end if;
-- We now know that the computed value of Last is within the base
-- range of the type, so it is safe to compute its value:
Last := No_Index + Index_Type'Base (Length);
-- Finally we test whether the value is within the range of the
-- generic actual index subtype:
if Last > Index_Type'Last then
raise Constraint_Error with "Length is out of range";
end if;
elsif Index_Type'First <= 0 then
-- Here we can compute Last directly, in the normal way. We know that
-- No_Index is less than 0, so there is no danger of overflow when
-- adding the (positive) value of Length.
Index := Count_Type'Base (No_Index) + Length; -- Last
if Index > Count_Type'Base (Index_Type'Last) then
raise Constraint_Error with "Length is out of range";
end if;
-- We know that the computed value (having type Count_Type) of Last
-- is within the range of the generic actual index subtype, so it is
-- safe to convert to Index_Type:
Last := Index_Type'Base (Index);
else
-- Here Index_Type'First (and Index_Type'Last) is positive, so we
-- must test the length indirectly (by working backwards from the
-- largest possible value of Last), in order to prevent overflow.
Index := Count_Type'Base (Index_Type'Last) - Length; -- No_Index
if Index < Count_Type'Base (No_Index) then
raise Constraint_Error with "Length is out of range";
end if;
-- We have determined that the value of Length would not create a
-- Last index value outside of the range of Index_Type, so we can now
-- safely compute its value.
Last := Index_Type'Base (Count_Type'Base (No_Index) + Length);
end if;
Elements := new Elements_Type (Last);
return Vector'(Controlled with Elements, Last, 0, 0);
end To_Vector;
function To_Vector
(New_Item : Element_Type;
Length : Count_Type) return Vector
is
Index : Count_Type'Base;
Last : Index_Type'Base;
Elements : Elements_Access;
begin
if Length = 0 then
return Empty_Vector;
end if;
-- We create a vector object with a capacity that matches the specified
-- Length, but we do not allow the vector capacity (the length of the
-- internal array) to exceed the number of values in Index_Type'Range
-- (otherwise, there would be no way to refer to those components via an
-- index). We must therefore check whether the specified Length would
-- create a Last index value greater than Index_Type'Last.
if Index_Type'Base'Last >= Count_Type'Pos (Count_Type'Last) then
-- We perform a two-part test. First we determine whether the
-- computed Last value lies in the base range of the type, and then
-- determine whether it lies in the range of the index (sub)type.
-- Last must satisfy this relation:
-- First + Length - 1 <= Last
-- We regroup terms:
-- First - 1 <= Last - Length
-- Which can rewrite as:
-- No_Index <= Last - Length
if Index_Type'Base'Last - Index_Type'Base (Length) < No_Index then
raise Constraint_Error with "Length is out of range";
end if;
-- We now know that the computed value of Last is within the base
-- range of the type, so it is safe to compute its value:
Last := No_Index + Index_Type'Base (Length);
-- Finally we test whether the value is within the range of the
-- generic actual index subtype:
if Last > Index_Type'Last then
raise Constraint_Error with "Length is out of range";
end if;
elsif Index_Type'First <= 0 then
-- Here we can compute Last directly, in the normal way. We know that
-- No_Index is less than 0, so there is no danger of overflow when
-- adding the (positive) value of Length.
Index := Count_Type'Base (No_Index) + Length; -- Last
if Index > Count_Type'Base (Index_Type'Last) then
raise Constraint_Error with "Length is out of range";
end if;
-- We know that the computed value (having type Count_Type) of Last
-- is within the range of the generic actual index subtype, so it is
-- safe to convert to Index_Type:
Last := Index_Type'Base (Index);
else
-- Here Index_Type'First (and Index_Type'Last) is positive, so we
-- must test the length indirectly (by working backwards from the
-- largest possible value of Last), in order to prevent overflow.
Index := Count_Type'Base (Index_Type'Last) - Length; -- No_Index
if Index < Count_Type'Base (No_Index) then
raise Constraint_Error with "Length is out of range";
end if;
-- We have determined that the value of Length would not create a
-- Last index value outside of the range of Index_Type, so we can now
-- safely compute its value.
Last := Index_Type'Base (Count_Type'Base (No_Index) + Length);
end if;
Elements := new Elements_Type (Last);
-- We use Last as the index of the loop used to populate the internal
-- array with items. In general, we prefer to initialize the loop index
-- immediately prior to entering the loop. However, Last is also used in
-- the exception handler (to reclaim elements that have been allocated,
-- before propagating the exception), and the initialization of Last
-- after entering the block containing the handler confuses some static
-- analysis tools, with respect to whether Last has been properly
-- initialized when the handler executes. So here we initialize our loop
-- variable earlier than we prefer, before entering the block, so there
-- is no ambiguity.
Last := Index_Type'First;
declare
-- The element allocator may need an accessibility check in the case
-- where the actual type is class-wide or has access discriminants
-- (see RM 4.8(10.1) and AI12-0035).
pragma Unsuppress (Accessibility_Check);
begin
loop
Elements.EA (Last) := new Element_Type'(New_Item);
exit when Last = Elements.Last;
Last := Last + 1;
end loop;
exception
when others =>
for J in Index_Type'First .. Last - 1 loop
Free (Elements.EA (J));
end loop;
Free (Elements);
raise;
end;
return (Controlled with Elements, Last, 0, 0);
end To_Vector;
--------------------
-- Update_Element --
--------------------
procedure Update_Element
(Container : in out Vector;
Index : Index_Type;
Process : not null access procedure (Element : in out Element_Type))
is
B : Natural renames Container.Busy;
L : Natural renames Container.Lock;
begin
if Index > Container.Last then
raise Constraint_Error with "Index is out of range";
end if;
if Container.Elements.EA (Index) = null then
raise Constraint_Error with "element is null";
end if;
B := B + 1;
L := L + 1;
begin
Process (Container.Elements.EA (Index).all);
exception
when others =>
L := L - 1;
B := B - 1;
raise;
end;
L := L - 1;
B := B - 1;
end Update_Element;
procedure Update_Element
(Container : in out Vector;
Position : Cursor;
Process : not null access procedure (Element : in out Element_Type))
is
begin
if Position.Container = null then
raise Constraint_Error with "Position cursor has no element";
elsif Position.Container /= Container'Unrestricted_Access then
raise Program_Error with "Position cursor denotes wrong container";
else
Update_Element (Container, Position.Index, Process);
end if;
end Update_Element;
-----------
-- Write --
-----------
procedure Write
(Stream : not null access Root_Stream_Type'Class;
Container : Vector)
is
N : constant Count_Type := Length (Container);
begin
Count_Type'Base'Write (Stream, N);
if N = 0 then
return;
end if;
declare
E : Elements_Array renames Container.Elements.EA;
begin
for Indx in Index_Type'First .. Container.Last loop
if E (Indx) = null then
Boolean'Write (Stream, False);
else
Boolean'Write (Stream, True);
Element_Type'Output (Stream, E (Indx).all);
end if;
end loop;
end;
end Write;
procedure Write
(Stream : not null access Root_Stream_Type'Class;
Position : Cursor)
is
begin
raise Program_Error with "attempt to stream vector cursor";
end Write;
procedure Write
(Stream : not null access Root_Stream_Type'Class;
Item : Reference_Type)
is
begin
raise Program_Error with "attempt to stream reference";
end Write;
procedure Write
(Stream : not null access Root_Stream_Type'Class;
Item : Constant_Reference_Type)
is
begin
raise Program_Error with "attempt to stream reference";
end Write;
end Ada.Containers.Indefinite_Vectors;