source: doc/refrat/refrat.tex @ d5f1cfc

aaron-thesisarm-ehcleanup-dtorsctordeferred_resndemanglerenumforall-pointer-decaygc_noraiijacob/cs343-translationjenkins-sandboxmemorynew-astnew-ast-unique-exprnew-envno_listpersistent-indexerresolv-newwith_gc
Last change on this file since d5f1cfc was e229c22, checked in by Peter A. Buhr <pabuhr@…>, 6 years ago

change gitignore with respect to latex-generated files, small updates to manuals, replace bibtex link with actual file

  • Property mode set to 100644
File size: 186.4 KB
Line 
1%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% -*- Mode: Latex -*- %%%%%%%%%%%%%%%%%%%%%%%%%%%%
2%%
3%% Cforall Version 1.0.0 Copyright (C) 2016 University of Waterloo
4%%
5%% The contents of this file are covered under the licence agreement in the
6%% file "LICENCE" distributed with Cforall.
7%%
8%% refrat.tex --
9%%
10%% Author           : Peter A. Buhr
11%% Created On       : Wed Apr  6 14:52:25 2016
12%% Last Modified By : Peter A. Buhr
13%% Last Modified On : Fri Jun  3 09:43:48 2016
14%% Update Count     : 66
15%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
16
17% requires tex packages: texlive-base texlive-latex-base tex-common texlive-humanities texlive-latex-extra texlive-fonts-recommended
18
19% inline code ©...© (copyright symbol) emacs: C-q M-)
20% red highlighting ®...® (registered trademark sumbol) emacs: C-q M-.
21% latex escape §...§ (section symbol) emacs: C-q M-'
22% keyword escape ¶...¶ (pilcrow symbol) emacs: C-q M-^
23% math escape $...$ (dollar symbol)
24
25\documentclass[openright,twoside]{report}
26%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
27
28% Latex packages used in the document.
29\usepackage[T1]{fontenc}                                % allow Latin1 (extended ASCII) characters
30\usepackage{textcomp}
31\usepackage[latin1]{inputenc}
32\usepackage{fullpage,times,comment}
33\usepackage{epic,eepic}
34\usepackage{upquote}                                                                    % switch curled `' to straight `'
35\usepackage{xspace}
36\usepackage{varioref}                                                                   % extended references
37\usepackage{listings}                                                                   % format program code
38\usepackage{footmisc}                                                                   % support label/reference in footnote
39\usepackage{latexsym}                                   % \Box glyph
40\usepackage{mathptmx}                                   % better math font with "times"
41\usepackage[pagewise]{lineno}
42\renewcommand{\linenumberfont}{\scriptsize\sffamily}
43\usepackage[dvips,plainpages=false,pdfpagelabels,pdfpagemode=UseNone,colorlinks=true,pagebackref=true,linkcolor=blue,citecolor=blue,urlcolor=blue,pagebackref=true,breaklinks=true]{hyperref}
44\usepackage{breakurl}
45\renewcommand{\UrlFont}{\small\sf}
46
47%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
48
49% Bespoke macros used in the document.
50\input{common}
51
52%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
53
54% Names used in the document.
55
56\newcommand{\Version}{1.0.0}
57
58%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
59
60\setcounter{secnumdepth}{3}                             % number subsubsections
61\setcounter{tocdepth}{3}                                % subsubsections in table of contents
62\makeindex
63
64%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
65
66\begin{document}
67\pagestyle{headings}
68\linenumbers                                            % comment out to turn off line numbering
69
70\title{\Huge
71\vspace*{1in}
72\CFA (\CFL) Reference Manual and Rationale
73}% title
74\author{\huge
75Glen Ditchfield and Peter A. Buhr
76}% author
77\date{
78DRAFT\\\today
79}% date
80
81\pagenumbering{roman}
82\pagestyle{plain}
83
84\maketitle
85
86\vspace*{\fill}
87\thispagestyle{empty}
88\noindent
89\copyright\,2015 Glen Ditchfield \\ \\
90\noindent
91This work is licensed under the Creative Commons Attribution 4.0 International License.
92To view a copy of this license, visit {\small\url{http://creativecommons.org/licenses/by/4.0}}.
93\vspace*{1in}
94
95\clearpage
96\pdfbookmark[1]{Contents}{section}
97\tableofcontents
98
99\clearpage
100\pagenumbering{arabic}
101
102
103\chapter*{Introduction}\addcontentsline{toc}{chapter}{Introduction}
104
105This document is a reference manual and rationale for \CFA, a polymorphic extension of the C programming language.
106It makes frequent reference to the {\c11} standard \cite{C11}, and occasionally compares \CFA to {\CC} \cite{C++}.
107
108The manual deliberately imitates the ordering of the {\c11} standard (although the section numbering differs).
109Unfortunately, this means the manual contains more ``forward references'' than usual, making it harder to follow if the reader does not have a copy of the {\c11} standard.
110For a simple introduction to \CFA, see the companion document ``An Overview of \CFA''
111\cite{Ditchfield96:Overview}.
112
113\begin{rationale}
114Commentary (like this) is quoted with quads.
115Commentary usually deals with subtle points, the rationale behind a rule, and design decisions.
116\end{rationale}
117
118% No ``Scope'' or ``Normative references'' chapters yet.
119
120
121\setcounter{chapter}{2}
122\chapter{Terms, definitions, and symbols}
123
124Terms from the {\c11} standard used in this document have the same meaning as in the {\c11} standard.
125
126% No ``Conformance'' or ``Environment'' chapters yet.
127
128
129\setcounter{chapter}{5}
130\chapter{Language}
131
132
133\section{Notation}
134The syntax notation used in this document is the same as in the {\c11} standard, with one exception: ellipsis in the definition of a nonterminal, as in ``\emph{declaration:} \ldots'', indicates that these rules extend a previous definition, which occurs in this document or in the {\c11} standard.
135
136
137\section{Concepts}
138
139
140\subsection{Scopes of identifiers}\index{scopes}
141
142\CFA's scope rules differ from C's in one major respect: a declaration of an identifier may overload\index{overloading} outer declarations of lexically identical identifiers in the same \Index{name space}, instead of hiding them.
143The outer declaration is hidden if the two declarations have \Index{compatible type}, or if one declares an array type and the other declares a pointer type and the element type and pointed-at type are compatible, or if one has function type and the other is a pointer to a compatible function type, or if one declaration is a ©type©\use{type} or ©typedef©\use{typedef} declaration and the other is not.
144The outer declaration becomes \Index{visible} when the scope of the inner declaration terminates.
145\begin{rationale}
146Hence, a \CFA program can declare an ©int v© and a ©float v© in the same scope;
147a {\CC} program can not.
148\end{rationale}
149
150
151\subsection{Linkage of identifiers}
152\index{linkage}
153
154\CFA's linkage rules differ from C's in only one respect: instances of a particular identifier with external or internal linkage do not necessarily denote the same object or function.
155Instead, in the set of translation units and libraries that constitutes an entire program, any two instances of a particular identifier with \Index{external linkage} denote the same object or function if they have \Index{compatible type}s, or if one declares an array type and the other declares a pointer type and the element type and pointed-at type are compatible, or if one has function type and the other is a pointer to a compatible function type.
156Within one translation unit, each instance of an identifier with \Index{internal linkage} denotes the same object or function in the same circumstances.
157Identifiers with \Index{no linkage} always denote unique entities.
158\begin{rationale}
159A \CFA program can declare an ©extern int v© and an ©extern float v©;
160a C program cannot.
161\end{rationale}
162
163
164\setcounter{subsection}{8}
165\subsection{Generic Types}
166
167
168\subsubsection{Semantics}
169
170\CFA provides a capability for generic types;
171using this capability a single "generic type generator" can be written that can represent multiple concrete type instantiations by substitution of the "type parameters" of the generic type for concrete types.
172Syntactically a generic type generator is represented by putting a forall specifier on a struct or union declaration, as defined in \VRef{forall}.
173An instantiation of the generic type is written by specifying the type parameters in parentheses after the name of the generic type generator:
174\begin{lstlisting}
175forall( otype T | sumable( T ) ) struct pair {
176        T x;
177        T y;
178};
179pair( int ) p = { 3, 14 };
180\end{lstlisting}
181
182The type parameters in an instantiation of a generic type must satisfy any constraints in the forall specifier on the type generator declaration, e.g., ©sumable©.
183The instantiation then has the semantics that would result if the type parameters were substituted into the type generator declaration by macro substitution.
184
185Polymorphic functions may have generic types as parameters, and those generic types may use type parameters of the polymorphic function as type parameters of the generic type:
186\begin{lstlisting}
187forall( otype T ) void swap( pair(T) *p ) {
188        T z = p->x;
189        p->x = p->y;
190        p->y = z;
191}
192\end{lstlisting}
193
194
195\subsubsection{Constraints}
196
197To avoid unduly constraining implementors, the generic type generator definition must be visible at any point where it is instantiated.
198Forward declarations of generic type generators are not forbidden, but the definition must be visible to instantiate the generic type.  Equivalently, instantiations of generic types are not allowed to be incomplete types.
199
200\examples
201\begin{lstlisting}
202forall( otype T ) struct A;
203
204forall( otype T ) struct B {
205        A(T) *a;                        // legal, but cannot instantiate B(T)
206};
207
208B(T) x;                                 // illegal, *x.a is of an incomplete generic type
209 
210forall( otype T ) struct A {
211        B( T ) *b;
212};
213
214B( T ) y;                               // legal, *x.a is now of a complete generic type
215
216// box.h:
217        forall( otype T ) struct box;
218        forall( otype T ) box( T ) *make_box( T );
219        forall( otype T ) void use_box( box( T ) *b );
220       
221// main.c:
222        box( int ) *b = make_box( 42 ); // illegal, definition of box not visible
223        use_box( b );           // illegal
224\end{lstlisting}
225
226
227\section{Conversions}
228\CFA defines situations where values of one type are automatically converted to another type.
229These conversions are called \define{implicit conversion}s.
230The programmer can request \define{explicit conversion}s using cast expressions.
231
232
233\subsection{Arithmetic operands}
234
235
236\setcounter{subsubsection}{8}
237\subsubsection{Safe arithmetic conversions}
238
239In C, a pattern of conversions known as the \define{usual arithmetic conversion}s is used with most binary arithmetic operators to convert the operands to a common type and determine the type of the operator's result.
240In \CFA, these conversions play a role in overload resolution, and collectively are called the \define{safe arithmetic conversion}s.
241
242Let ©int$_r$© and ©unsigned$_r$© be the signed and unsigned integer types with integer conversion rank\index{integer conversion rank}\index{rank|see{integer conversion rank}} $r$.
243Let ©unsigned$_{mr}$© be the unsigned integer type with maximal rank.
244
245The following conversions are \emph{direct} safe arithmetic conversions.
246\begin{itemize}
247\item
248The \Index{integer promotion}s.
249\item
250For every rank $r$ greater than or equal to the rank of ©int©, conversion from ©int$_r$© to ©unsigned$_r$©.
251\item
252For every rank $r$ greater than or equal to the rank of ©int©, where ©int$_{r+1}$© exists and can represent all values of ©unsigned$_r$©, conversion from ©unsigned$_r$© to ©int$_{r+1}$©.
253\item
254Conversion from ©unsigned$_{mr}$© to ©float©.
255\item
256Conversion from an enumerated type to its compatible integer type.
257\item
258Conversion from ©float© to ©double©, and from ©double© to ©long double©.
259\item
260Conversion from ©float _Complex© to ©double _Complex©, and from ©double _Complex© to ©long double _Complex©.
261\begin{sloppypar}
262\item
263Conversion from ©float _Imaginary© to ©double _Imaginary©, and from ©double _Imaginary© to ©long double _Imaginary©, if the implementation supports imaginary types.
264\end{sloppypar}
265\end{itemize}
266
267If type ©T© can be converted to type ©U© by a safe direct arithmetic conversion and type ©U© can be converted to type ©V© by a safe arithmetic conversion, then the conversion from ©T© to type ©V© is an \emph{indirect} safe arithmetic conversion.
268
269\begin{rationale}
270Note that {\c11} does not include conversion from \Index{real type}s to \Index{complex type}s in the usual arithmetic conversions, and \CFA does not include them as safe conversions.
271\end{rationale}
272
273
274\subsection{Other operands}
275
276
277\setcounter{subsubsection}{3}
278\subsubsection{Anonymous structures and unions}
279\label{anon-conv}
280
281If an expression's type is a pointer to a structure or union type that has a member that is an \Index{anonymous structure} or an \Index{anonymous union}, it can be implicitly converted\index{implicit conversion} to a pointer to the anonymous structure's or anonymous union's type.
282The result of the conversion is a pointer to the member.
283
284\examples
285\begin{lstlisting}
286struct point {
287        int x, y;
288};
289void move_by( struct point * p1, struct point * p2 ) {§\impl{move_by}§
290        p1->x += p2.x;
291        p1->y += p2.y;
292}
293struct color_point {
294        enum { RED, BLUE, GREEN } color;
295        struct point;
296} cp1, cp2;
297move_to( &cp1, &cp2 );
298\end{lstlisting}
299Thanks to implicit conversion, the two arguments that ©move_by()© receives are pointers to ©cp1©'s second member and ©cp2©'s second member.
300
301
302\subsubsection{Specialization}
303A function or value whose type is polymorphic may be implicitly converted to one whose type is \Index{less polymorphic} by binding values to one or more of its \Index{inferred parameter}.
304Any value that is legal for the inferred parameter may be used, including other inferred parameters.
305
306If, after the inferred parameter binding, an \Index{assertion parameter} has no inferred parameters in its type, then an object or function must be visible at the point of the specialization that has the same identifier as the assertion parameter and has a type that is compatible\index{compatible type} with or can be specialized to the type of the assertion parameter.
307The assertion parameter is bound to that object or function.
308
309The type of the specialization is the type of the original with the bound inferred parameters and the bound assertion parameters replaced by their bound values.
310
311\examples
312The type
313\begin{lstlisting}
314forall( otype T, otype U ) void (*)( T, U );
315\end{lstlisting}
316can be specialized to (among other things)
317\begin{lstlisting}
318forall( otype T ) void (*)( T, T );             // U bound to T
319forall( otype T ) void (*)( T, real );  // U bound to real
320forall( otype U ) void (*)( real, U );  // T bound to real
321void f( real, real );                                   // both bound to real
322\end{lstlisting}
323
324The type
325\begin{lstlisting}
326forall( otype T | T ?+?( T, T ) ) T (*)( T );
327\end{lstlisting}
328can be specialized to (among other things)
329\begin{lstlisting}
330int (*)( int );         // T bound to int, and T ?+?(T, T ) bound to int ?+?( int, int )
331\end{lstlisting}
332
333
334\subsubsection{Safe conversions}
335
336A \define{direct safe conversion} is one of the following conversions:
337\begin{itemize}
338\item
339a direct safe arithmetic conversion;
340\item
341from any object type or incomplete type to ©void©;
342\item
343from a pointer to any non-©void© type to a pointer to ©void©;
344\item
345from a pointer to any type to a pointer to a more qualified version of the type\index{qualified type};
346\item
347from a pointer to a structure or union type to a pointer to the type of a member of the structure or union that is an \Index{anonymous structure} or an \Index{anonymous union};
348\item
349within the scope of an initialized \Index{type declaration}, conversions between a type and its implementation or between a pointer to a type and a pointer to its implementation.
350\end{itemize}
351
352Conversions that are not safe conversions are \define{unsafe conversion}s.
353\begin{rationale}
354As in C, there is an implicit conversion from ©void *© to any pointer type.
355This is clearly dangerous, and {\CC} does not have this implicit conversion.
356\CFA\index{deficiencies!void * conversion} keeps it, in the interest of remaining as pure a superset of C as possible, but discourages it by making it unsafe.
357\end{rationale}
358
359
360\subsection{Conversion cost}
361
362The \define{conversion cost} of a safe\index{safe conversion} conversion\footnote{Unsafe\index{unsafe conversion} conversions do not have defined conversion costs.} is a measure of how desirable or undesirable it is.
363It is defined as follows.
364\begin{itemize}
365\item
366The cost of a conversion from any type to itself is 0.
367
368\item
369The cost of a direct safe conversion is 1.
370
371\item
372The cost of an indirect safe arithmetic conversion is the smallest number of direct conversions needed to make up the conversion.
373\end{itemize}
374
375\examples
376In the following, assume an implementation that does not provide any extended integer types.
377
378\begin{itemize}
379\item
380The cost of an implicit conversion from ©int© to ©long© is 1.
381The cost of an implicit conversion from ©long© to ©double© is 3, because it is defined in terms of conversions from ©long© to ©unsigned long©, then to ©float©, and then to ©double©.
382
383\item
384If ©int© can represent all the values of ©unsigned short©, then the cost of an implicit conversion from ©unsigned short© to ©unsigned© is 2: ©unsigned short© to ©int© to ©unsigned©.
385Otherwise, ©unsigned short© is converted directly to ©unsigned©, and the cost is 1.
386
387\item
388If ©long© can represent all the values of ©unsigned©, then the conversion cost of ©unsigned© to ©long© is 1.
389Otherwise, the conversion is an unsafe conversion, and its conversion cost is undefined.
390\end{itemize}
391
392\section{Lexical elements}
393\subsection{Keywords}
394\begin{syntax}
395\oldlhs{keyword}
396        \rhs ©forall©
397        \rhs ©lvalue©
398        \rhs ©trait©
399        \rhs ©dtype©
400        \rhs ©ftype©
401        \rhs ©otype©
402\end{syntax}
403
404
405\subsection{Identifiers}
406
407\CFA allows operator \Index{overloading} by associating operators with special function identifiers.
408Furthermore, the constants ``©0©'' and ``©1©'' have special status for many of C's data types (and for many programmer-defined data types as well), so \CFA treats them as overloadable identifiers.
409Programmers can use these identifiers to declare functions and objects that implement operators and constants for their own types.
410
411
412\setcounter{subsubsection}{2}
413\subsubsection{Constant identifiers}
414
415\begin{syntax}
416\oldlhs{identifier}
417\rhs ©0©
418\rhs ©1©
419\end{syntax}
420
421\index{constant identifiers}\index{identifiers!for constants} The tokens ``©0©''\impl{0} and ``©1©''\impl{1} are identifiers.
422No other tokens defined by the rules for integer constants are considered to be identifiers.
423\begin{rationale}
424Why ``©0©'' and ``©1©''? Those integers have special status in C.
425All scalar types can be incremented and decremented, which is defined in terms of adding or subtracting 1.
426The operations ``©&&©'', ``©||©'', and ``©!©'' can be applied to any scalar arguments, and are defined in terms of comparison against 0.
427A \nonterm{constant-expression} that evaluates to 0 is effectively compatible with every pointer type.
428
429In C, the integer constants 0 and 1 suffice because the integer promotion rules can convert them to any arithmetic type, and the rules for pointer expressions treat constant expressions evaluating to 0 as a special case.
430However, user-defined arithmetic types often need the equivalent of a 1 or 0 for their functions or operators, polymorphic functions often need 0 and 1 constants of a type matching their polymorphic parameters, and user-defined pointer-like types may need a null value.
431Defining special constants for a user-defined type is more efficient than defining a conversion to the type from ©_Bool©.
432
433Why \emph{just} ``©0©'' and ``©1©''? Why not other integers? No other integers have special status in C.
434A facility that let programmers declare specific constants---``©const Rational 12©'', for instance---would not be much of an improvement.
435Some facility for defining the creation of values of programmer-defined types from arbitrary integer tokens would be needed.
436The complexity of such a feature doesn't seem worth the gain.
437\end{rationale}
438
439
440\subsubsection{Operator identifiers}
441
442\index{operator identifiers}\index{identifiers!for operators} Table \ref{opids} lists the programmer-definable operator identifiers and the operations they are associated with.
443Functions that are declared with (or pointed at by function pointers that are declared with) these identifiers can be called by expressions that use the operator tokens and syntax, or the operator identifiers and ``function call'' syntax.
444The relationships between operators and function calls are discussed in descriptions of the operators.
445
446\begin{table}[hbt]
447\hfil
448\begin{tabular}[t]{ll}
449%identifier & operation \\ \hline
450©?[?]© & subscripting \impl{?[?]}\\
451©?()© & function call \impl{?()}\\
452©?++© & postfix increment \impl{?++}\\
453©?--© & postfix decrement \impl{?--}\\
454©++?© & prefix increment \impl{++?}\\
455©--?© & prefix decrement \impl{--?}\\
456©*?© & dereference \impl{*?}\\
457©+?© & unary plus \impl{+?}\\
458©-?© & arithmetic negation \impl{-?}\\
459©~?© & bitwise negation \impl{~?}\\
460©!?© & logical complement \impl{"!?}\\
461©?*?© & multiplication \impl{?*?}\\
462©?/?© & division \impl{?/?}\\
463\end{tabular}\hfil
464\begin{tabular}[t]{ll}
465%identifier & operation \\ \hline
466©?%?© & remainder \impl{?%?}\\
467©?+?© & addition \impl{?+?}\\
468©?-?© & subtraction \impl{?-?}\\
469©?<<?© & left shift \impl{?<<?}\\
470©?>>?© & right shift \impl{?>>?}\\
471©?<?© & less than \impl{?<?}\\
472©?<=?© & less than or equal \impl{?<=?}\\
473©?>=?© & greater than or equal \impl{?>=?}\\
474©?>?© & greater than \impl{?>?}\\
475©?==?© & equality \impl{?==?}\\
476©?!=?© & inequality \impl{?"!=?}\\
477©?&& bitwise AND \impl{?&?}\\
478\end{tabular}\hfil
479\begin{tabular}[t]{ll}
480%identifier & operation \\ \hline
481©?^& exclusive OR \impl{?^?}\\
482©?|?© & inclusive OR \impl{?"|?}\\
483©?=?© & simple assignment \impl{?=?}\\
484©?*=?© & multiplication assignment \impl{?*=?}\\
485©?/=?© & division assignment \impl{?/=?}\\
486©?%=?© & remainder assignment \impl{?%=?}\\
487©?+=?© & addition assignment \impl{?+=?}\\
488©?-=?© & subtraction assignment \impl{?-=?}\\
489©?<<=?© & left-shift assignment \impl{?<<=?}\\
490©?>>=?© & right-shift assignment \impl{?>>=?}\\
491©?&=?© & bitwise AND assignment \impl{?&=?}\\
492©?^=?© & exclusive OR assignment \impl{?^=?}\\
493©?|=?© & inclusive OR assignment \impl{?"|=?}\\
494\end{tabular}
495\hfil
496\caption{Operator Identifiers}
497\label{opids}
498\end{table}
499
500\begin{rationale}
501Operator identifiers are made up of the characters of the operator token, with question marks added to mark the positions of the arguments of operators.
502The question marks serve as mnemonic devices;
503programmers can not create new operators by arbitrarily mixing question marks and other non-alphabetic characters.
504Note that prefix and postfix versions of the increment and decrement operators are distinguished by the position of the question mark.
505\end{rationale}
506
507\begin{rationale}
508The use of ``©?©'' in identifiers means that some C programs are not \CFA programs.  For instance, the sequence of characters ``©(i < 0)?--i:i©'' is legal in a C program, but a
509\CFA compiler detects a syntax error because it treats ``©?--©'' as an identifier, not as the two tokens ``©?©'' and ``©--©''.
510\end{rationale}
511
512\begin{rationale}
513Certain operators \emph{cannot} be defined by the programmer:
514\begin{itemize}
515\item
516The logical operators ``©&&©'' and ``©||©'', and the conditional operator ``©?:©''.
517These operators do not always evaluate their operands, and hence can not be properly defined by functions unless some mechanism like call-by-name is added to the language.
518Note that the definitions of ``©&&©'' and ``©||©'' say that they work by checking that their arguments are unequal to 0, so defining ``©!=©'' and ``©0©'' for user-defined types is enough to allow them to be used in logical expressions.
519
520\item
521The comma operator\index{comma expression}.
522It is a control-flow operator like those above.
523Changing its meaning seems pointless and confusing.
524
525\item
526The ``address of'' operator.
527It would seem useful to define a unary ``©&©'' operator that returns values of some programmer-defined pointer-like type.
528The problem lies with the type of the operator.
529Consider the expression ``©p = &x©'', where ©x© is of type ©T© and ©p© has the programmer-defined type ©T_ptr©.
530The expression might be treated as a call to the unary function ``©&?©''.
531Now what is the type of the function's parameter? It can not be ©T©, because then ©x© would be passed by value, and there is no way to create a useful pointer-like result from a value.
532Hence the parameter must have type ©T *©.
533But then the expression must be rewritten as ``©p = &?( &x )©''
534---which doesn't seem like progress!
535
536The rule for address-of expressions would have to be something like ``keep applying address-of functions until you get one that takes a pointer argument, then use the built-in operator and stop''.
537It seems simpler to define a conversion function from ©T *© to ©T_ptr©.
538
539\item
540The ©sizeof© operator.
541It is already defined for every object type, and intimately tied into the language's storage allocation model.
542Redefining it seems pointless.
543
544\item
545The ``member of'' operators ``©.©'' and ``©->©''.
546These are not really infix operators, since their right ``operand'' is not a value or object.
547
548\item
549Cast operators\index{cast expression}.
550Anything that can be done with an explicit cast can be done with a function call.
551The difference in syntax is small.
552\end{itemize}
553\end{rationale}
554
555
556\section{Expressions}
557
558\CFA allows operators and identifiers to be overloaded.
559Hence, each expression can have a number of \define{interpretation}s, each of which has a different type.
560The interpretations that are potentially executable are called \define{valid interpretation}s.
561The set of interpretations depends on the kind of expression and on the interpretations of the subexpressions that it contains.
562The rules for determining the valid interpretations of an expression are discussed below for each kind of expression.
563Eventually the context of the outermost expression chooses one interpretation of that expression.
564
565An \define{ambiguous interpretation} is an interpretation which does not specify the exact object or function denoted by every identifier in the expression.
566An expression can have some interpretations that are ambiguous and others that are unambiguous.
567An expression that is chosen to be executed shall not be ambiguous.
568
569The \define{best valid interpretations} are the valid interpretations that use the fewest unsafe\index{unsafe conversion} conversions.
570Of these, the best are those where the functions and objects involved are the least polymorphic\index{less polymorphic}.
571Of these, the best have the lowest total \Index{conversion cost}, including all implicit conversions in the argument expressions.
572Of these, the best have the highest total conversion cost for the implicit conversions
573(if any) applied to the argument expressions.
574If there is no single best valid interpretation, or if the best valid interpretation is ambiguous, then the resulting interpretation is ambiguous\index{ambiguous interpretation}.
575
576\begin{rationale}
577\CFA's rules for selecting the best interpretation are designed to allow overload resolution to mimic C's operator semantics.
578In C, the ``usual arithmetic conversions'' are applied to the operands of binary operators if necessary to convert the operands to types with a common real type.
579In \CFA, those conversions are ``safe''.
580The ``fewest unsafe conversions'' rule ensures that the usual conversions are done, if possible.
581The ``lowest total expression cost'' rule chooses the proper common type.
582The odd-looking ``highest argument conversion cost'' rule ensures that, when unary expressions must be converted, conversions of function results are preferred to conversion of function arguments: ©(double)-i© will be preferred to ©-(double)i©.
583
584The ``least polymorphic'' rule reduces the number of polymorphic function calls, since such functions are presumably more expensive than monomorphic functions and since the more specific function is presumably more appropriate.
585It also gives preference to monomorphic values (such as the ©int© ©0©) over polymorphic values (such as the \Index{null pointer} ©0©\use{0}).
586However, interpretations that call polymorphic functions are preferred to interpretations that perform unsafe conversions, because those conversions potentially lose accuracy or violate strong typing.
587
588There are two notable differences between \CFA's overload resolution rules and the rules for
589{\CC} defined in \cite{C++}.
590First, the result type of a function plays a role.
591In {\CC}, a function call must be completely resolved based on the arguments to the call in most circumstances.
592In \CFA, a function call may have several interpretations, each with a different result type, and the interpretations of the containing context choose among them.
593Second, safe conversions are used to choose among interpretations of all sorts of functions;
594in {\CC}, the ``usual arithmetic conversions'' are a separate set of rules that apply only to the built-in operators.
595\end{rationale}
596
597Expressions involving certain operators\index{operator identifiers} are considered to be equivalent to function calls.
598A transformation from ``operator'' syntax to ``function call'' syntax is defined by \define{rewrite rules}.
599Each operator has a set of predefined functions that overload its identifier.
600Overload resolution determines which member of the set is executed in a given expression.
601The functions have \Index{internal linkage} and are implicitly declared with \Index{file scope}.
602The predefined functions and rewrite rules are discussed below for each of these operators.
603\begin{rationale}
604Predefined functions and constants have internal linkage because that simplifies optimization in traditional compile-and-link environments.
605For instance, ``©an_int + an_int©'' is equivalent to ``©?+?(an_int, an_int)©''.
606If integer addition has not been redefined in the current scope, a compiler can generate code to perform the addition directly.
607If predefined functions had external linkage, this optimization would be difficult.
608\end{rationale}
609
610\begin{rationale}
611Since each subsection describes the interpretations of an expression in terms of the interpretations of its subexpressions, this chapter can be taken as describing an overload resolution algorithm that uses one bottom-up pass over an expression tree.
612Such an algorithm was first described (for Ada) by Baker~\cite{Bak:overload}.
613It is extended here to handle polymorphic functions and arithmetic conversions.
614The overload resolution rules and the predefined functions have been chosen so that, in programs that do not introduce overloaded declarations, expressions will have the same meaning in C and in \CFA.
615\end{rationale}
616
617\begin{rationale}
618Expression syntax is quoted from the {\c11} standard.
619The syntax itself defines the precedence and associativity of operators.
620The sections are arranged in decreasing order of precedence, with all operators in a section having the same precedence.
621\end{rationale}
622
623
624\subsection{Primary expressions}
625
626\begin{syntax}
627\lhs{primary-expression}
628\rhs \nonterm{identifier}
629\rhs \nonterm{constant}
630\rhs \nonterm{string-literal}
631\rhs ©(© \nonterm{expression} ©)©
632\rhs \nonterm{generic-selection}
633\end{syntax}
634
635\predefined
636\begin{lstlisting}
637const int 1;§\use{1}§
638const int 0;§\use{0}§
639forall( dtype DT ) DT * const 0;
640forall( ftype FT ) FT * const 0;
641\end{lstlisting}
642
643\semantics
644The \Index{valid interpretation} of an \nonterm{identifier} are given by the visible\index{visible} declarations of the identifier.
645
646A \nonterm{constant} or \nonterm{string-literal} has one valid interpretation, which has the type and value defined by {\c11}.
647The predefined integer identifiers ``©1©'' and ``©0©'' have the integer values 1 and 0, respectively.
648The other two predefined ``©0©'' identifiers are bound to polymorphic pointer values that, when specialized\index{specialization} with a data type or function type respectively, produce a null pointer of that type.
649
650A parenthesised expression has the same interpretations as the contained \nonterm{expression}.
651
652\examples
653The expression ©(void *)0©\use{0} specializes the (polymorphic) null pointer to a null pointer to ©void©. ©(const void *)0© does the same, and also uses a safe conversion from ©void *© to ©const void *©.
654In each case, the null pointer conversion is better\index{best valid interpretations} than the unsafe conversion of the integer ©0© to a pointer.
655
656\begin{rationale}
657Note that the predefined identifiers have addresses.
658
659\CFA does not have C's concept of ``null pointer constants'', which are not typed values but special strings of tokens.
660The C token ``©0©'' is an expression of type ©int© with the value ``zero'', and it \emph{also} is a null pointer constant.
661Similarly, ``©(void *)0© is an expression of type ©(void *)© whose value is a null pointer, and it also is a null pointer constant.
662However, in C, ``©(void *)(void *)0©'' is
663\emph{not} a null pointer constant, even though it is null-valued, a pointer, and constant! The semantics of C expressions contain many special cases to deal with subexpressions that are null pointer constants.
664
665\CFA handles these cases through overload resolution.
666The declaration
667\begin{lstlisting}
668forall( dtype DT ) DT * const 0;
669\end{lstlisting} means that ©0© is a polymorphic object, and contains a value that can have \emph{any} pointer-to-object type or pointer-to-incomplete type.
670The only such value is the null pointer.
671Therefore the type \emph{alone} is enough to identify a null pointer.
672Where C defines an operator with a special case for the null pointer constant, \CFA defines predefined functions with a polymorphic object parameter.
673\end{rationale}
674
675
676\subsubsection{Generic selection}
677
678\constraints The best interpretation of the controlling expression shall be unambiguous\index{ambiguous interpretation}, and shall have type compatible with at most one of the types named in its generic association list.
679If a generic selection has no ©default© generic association, the best interpretation of its controlling expression shall have type compatible with exactly one of the types named in its generic association list.
680
681\semantics
682A generic selection has the same interpretations as its result expression.
683
684
685\subsection{Postfix operators}
686
687\begin{syntax}
688\lhs{postfix-expression}
689\rhs \nonterm{primary-expression}
690\rhs \nonterm{postfix-expression} ©[© \nonterm{expression} ©]©
691\rhs \nonterm{postfix-expression} ©(©
692         \nonterm{argument-expression-list}\opt ©)©
693\rhs \nonterm{postfix-expression} ©.© \nonterm{identifier}
694\rhs \nonterm{postfix-expression} ©->© \nonterm{identifier}
695\rhs \nonterm{postfix-expression} ©++©
696\rhs \nonterm{postfix-expression} ©--©
697\rhs ©(© \nonterm{type-name} ©)© ©{© \nonterm{initializer-list} ©}©
698\rhs ©(© \nonterm{type-name} ©)© ©{© \nonterm{initializer-list} ©,© ©}©
699\lhs{argument-expression-list}
700\rhs \nonterm{assignment-expression}
701\rhs \nonterm{argument-expression-list} ©,©
702         \nonterm{assignment-expression}
703\end{syntax}
704
705\rewriterules
706\begin{lstlisting}
707a[b] => ?[?]( b, a ) // if a has integer type§\use{?[?]}§
708a[b] => ?[?]( a, b ) // otherwise
709a( §\emph{arguments}§ ) => ?()( a, §\emph{arguments}§ )§\use{?()}§
710a++ => ?++(&( a ))§\use{?++}§
711a-- => ?--(&( a ))§\use{?--}§
712\end{lstlisting}
713
714
715\subsubsection{Array subscripting}
716
717\predefined
718\begin{lstlisting}
719forall( otype T ) lvalue T ?[?]( T *, ptrdiff_t );§\use{ptrdiff_t}§
720forall( otype T ) lvalue _Atomic T ?[?]( _Atomic T *, ptrdiff_t );
721forall( otype T ) lvalue const T ?[?]( const T *, ptrdiff_t );
722forall( otype T ) lvalue restrict T ?[?]( restrict T *, ptrdiff_t );
723forall( otype T ) lvalue volatile T ?[?]( volatile T *, ptrdiff_t );
724forall( otype T ) lvalue _Atomic const T ?[?]( _Atomic const T *, ptrdiff_t );
725forall( otype T ) lvalue _Atomic restrict T ?[?]( _Atomic restrict T *, ptrdiff_t );
726forall( otype T ) lvalue _Atomic volatile T ?[?]( _Atomic volatile T *, ptrdiff_t );
727forall( otype T ) lvalue const restrict T ?[?]( const restrict T *, ptrdiff_t );
728forall( otype T ) lvalue const volatile T ?[?]( const volatile T *, ptrdiff_t );
729forall( otype T ) lvalue restrict volatile T ?[?]( restrict volatile T *, ptrdiff_t );
730forall( otype T ) lvalue _Atomic const restrict T ?[?]( _Atomic const restrict T *, ptrdiff_t );
731forall( otype T ) lvalue _Atomic const volatile T ?[?]( _Atomic const volatile T *, ptrdiff_t );
732forall( otype T ) lvalue _Atomic restrict volatile T ?[?]( _Atomic restrict volatile T *, ptrdiff_t );
733forall( otype T ) lvalue const restrict volatile T ?[?]( const restrict volatile T *, ptrdiff_t );
734forall( otype T ) lvalue _Atomic const restrict volatile T ?[?]( _Atomic const restrict volatile T *, ptrdiff_t );
735\end{lstlisting}
736\semantics
737The interpretations of subscript expressions are the interpretations of the corresponding function call expressions.
738\begin{rationale}
739C defines subscripting as pointer arithmetic in a way that makes ©a[i]© and ©i[a]© equivalent. \CFA provides the equivalence through a rewrite rule to reduce the number of overloadings of ©?[?]©.
740
741Subscript expressions are rewritten as function calls that pass the first parameter by value.
742This is somewhat unfortunate, since array-like types tend to be large.
743The alternative is to use the rewrite rule ``©a[b] => ?[?](&(a), b)©''.
744However, C semantics forbid this approach: the ©a© in ``©a[b]©'' can be an arbitrary pointer value, which does not have an address.
745
746The repetitive form of the predefined identifiers shows up a deficiency\index{deficiencies!pointers
747 to qualified types} of \CFA's type system.
748Type qualifiers are not included in type values, so polymorphic functions that take pointers to arbitrary types often come in one flavor for each possible qualification of the pointed-at type.
749\end{rationale}
750
751
752\subsubsection{Function calls}
753
754\semantics
755A \define{function designator} is an interpretation of an expression that has function type.
756The
757\nonterm{postfix-expression} in a function call may have some interpretations that are function designators and some that are not.
758
759For those interpretations of the \nonterm{postfix-expression} that are not function designators, the expression is rewritten and becomes a call of a function named ``©?()©''.
760The valid interpretations of the rewritten expression are determined in the manner described below.
761
762Each combination of function designators and argument interpretations is considered.
763For those interpretations of the \nonterm{postfix-expression} that are \Index{monomorphic function} designators, the combination has a \Index{valid interpretation} if the function designator accepts the number of arguments given, and each argument interpretation matches the corresponding explicit parameter:
764\begin{itemize}
765\item if the argument corresponds to a parameter in the function designator's prototype, the argument interpretation must have the same type as the corresponding parameter, or be implicitly convertible to the parameter's type
766\item if the function designator's type does not include a prototype or if the argument corresponds to ``©...©'' in a prototype, a \Index{default argument promotion} is applied to it.
767\end{itemize}
768The type of the valid interpretation is the return type of the function designator.
769
770For those combinations where the interpretation of the \nonterm{postfix-expression} is a \Index{polymorphic function} designator and the function designator accepts the number of arguments given, there shall be at least one set of \define{implicit argument}s for the implicit parameters such that
771\begin{itemize}
772\item
773If the declaration of the implicit parameter uses \Index{type-class} ©type©\use{type}, the implicit argument must be an object type;
774if it uses ©dtype©, the implicit argument must be an object type or an incomplete type;
775and if it uses ©ftype©, the implicit argument must be a function type.
776
777\item if an explicit parameter's type uses any implicit parameters, then the corresponding explicit argument must have a type that is (or can be safely converted\index{safe conversion} to) the type produced by substituting the implicit arguments for the implicit parameters in the explicit parameter type.
778
779\item the remaining explicit arguments must match the remaining explicit parameters, as described for monomorphic function designators.
780
781\item for each \Index{assertion parameter} in the function designator's type, there must be an object or function with the same identifier that is visible at the call site and whose type is compatible with or can be specialized to the type of the assertion declaration.
782\end{itemize}
783There is a valid interpretation for each such set of implicit parameters.
784The type of each valid interpretation is the return type of the function designator with implicit parameter values substituted for the implicit arguments.
785
786A valid interpretation is ambiguous\index{ambiguous interpretation} if the function designator or any of the argument interpretations is ambiguous.
787
788Every valid interpretation whose return type is not compatible with any other valid interpretation's return type is an interpretation of the function call expression.
789
790Every set of valid interpretations that have mutually compatible\index{compatible type} result types also produces an interpretation of the function call expression.
791The type of the interpretation is the \Index{composite type} of the types of the valid interpretations, and the value of the interpretation is that of the \Index{best valid interpretation}.
792\begin{rationale}
793One desirable property of a polymorphic programming language is \define{generalizability}: the ability to replace an abstraction with a more general but equivalent abstraction without requiring changes in any of the uses of the original\cite{Cormack90}.
794For instance, it should be possible to replace a function ``©int f( int );©'' with ``©forall( otype T ) T f( T );©'' without affecting any calls of ©f©.
795
796\CFA\index{deficiencies!generalizability} does not fully possess this property, because \Index{unsafe conversion} are not done when arguments are passed to polymorphic parameters.
797Consider
798\begin{lstlisting}
799float g( float, float );
800int i;
801float f;
802double d;
803f = g( f, f );          // (1)
804f = g( i, f );          // (2) (safe conversion to float)
805f = g( d, f );          // (3) (unsafe conversion to float)
806\end{lstlisting}
807If ©g© was replaced by ``©forall( otype T ) T g( T, T );©'', the first and second calls would be unaffected, but the third would change: ©f© would be converted to ©double©, and the result would be a ©double©.
808
809Another example is the function ``©void h( int *);©''.
810This function can be passed a ©void *© argument, but the generalization ``©forall( otype T ) void h( T *);©'' can not.
811In this case, ©void© is not a valid value for ©T© because it is not an object type.
812If unsafe conversions were allowed, ©T© could be inferred to be \emph{any} object type, which is undesirable.
813\end{rationale}
814
815\examples
816A function called ``©?()©'' might be part of a numerical differentiation package.
817\begin{lstlisting}
818extern otype Derivative;
819extern double ?()( Derivative, double );
820extern Derivative derivative_of( double (*f)( double ) );
821extern double sin( double );
822
823Derivative sin_dx = derivative_of( sin );
824double d;
825d = sin_dx( 12.9 );
826\end{lstlisting}
827Here, the only interpretation of ©sin_dx© is as an object of type ©Derivative©.
828For that interpretation, the function call is treated as ``©?()( sin_dx, 12.9 )©''.
829\begin{lstlisting}
830int f( long );          // (1)
831int f( int, int );      // (2)
832int f( int *);          // (3)
833int i = f( 5 );         // calls (1)
834\end{lstlisting}
835Function (1) provides a valid interpretation of ``©f( 5 )©'', using an implicit ©int© to ©long© conversion.
836The other functions do not, since the second requires two arguments, and since there is no implicit conversion from ©int© to ©int *© that could be used with the third function.
837
838\begin{lstlisting}
839forall( otype T ) T h( T );
840double d = h( 1.5 );
841\end{lstlisting}
842``©1.5©'' is a ©double© constant, so ©T© is inferred to be ©double©, and the result of the function call is a ©double©.
843
844\begin{lstlisting}
845forall( otype T, otype U ) void g( T, U );      // (4)
846forall( otype T ) void g( T, T );                       // (5)
847forall( otype T ) void g( T, long );            // (6)
848void g( long, long );                                           // (7)
849double d;
850int i;
851int *p;
852g( d, d );                                                                      // calls (5)
853g( d, i );                                                                      // calls (6)
854g( i, i );                                                                      // calls (7)
855g( i, p );                                                                      // calls (4)
856\end{lstlisting}
857The first call has valid interpretations for all four versions of ©g©. (6) and (7) are discarded because they involve unsafe ©double©-to-©long© conversions. (5) is chosen because it is less polymorphic than (4).
858
859For the second call, (7) is again discarded.
860Of the remaining interpretations for (4), (5), and (6) (with ©i© converted to ©long©), (6) is chosen because it is the least polymorphic.
861
862The third call has valid interpretations for all of the functions;
863(7) is chosen since it is not polymorphic at all.
864
865The fourth call has no interpretation for (5), because its arguments must have compatible type. (4) is chosen because it does not involve unsafe conversions.
866\begin{lstlisting}
867forall( otype T ) T min( T, T );
868double max( double, double );
869trait min_max( T ) {§\impl{min_max}§
870        T min( T, T );
871        T max( T, T );
872}
873forall( otype U | min_max( U ) ) void shuffle( U, U );
874shuffle( 9, 10 );
875\end{lstlisting}
876The only possibility for ©U© is ©double©, because that is the type used in the only visible ©max© function. 9 and 10 must be converted to ©double©, and ©min© must be specialized with ©T© bound to ©double©.
877\begin{lstlisting}
878extern void q( int );                                           // (8)
879extern void q( void * );                                        // (9)
880extern void r();
881q( 0 );
882r( 0 );
883\end{lstlisting}
884The ©int 0© could be passed to (8), or the ©(void *)© \Index{specialization} of the null pointer\index{null pointer} ©0©\use{0} could be passed to (9).
885The former is chosen because the ©int© ©0© is \Index{less polymorphic}.
886For the same reason, ©int© ©0© is passed to ©r()©, even though it has \emph{no} declared parameter types.
887
888
889\subsubsection{Structure and union members}
890
891\semantics In the member selection expression ``©s©.©m©'', there shall be at least one interpretation of ©s© whose type is a structure type or union type containing a member named ©m©.
892If two or more interpretations of ©s© have members named ©m© with mutually compatible types, then the expression has an \Index{ambiguous interpretation} whose type is the composite type of the types of the members.
893If an interpretation of ©s© has a member ©m© whose type is not compatible with any other ©s©'s ©m©, then the expression has an interpretation with the member's type.
894The expression has no other interpretations.
895
896The expression ``©p->m©'' has the same interpretations as the expression ``©(*p).m©''.
897
898
899\subsubsection{Postfix increment and decrement operators}
900
901\predefined
902\begin{lstlisting}
903_Bool ?++( volatile _Bool * ), ?++( _Atomic volatile _Bool * );
904char ?++( volatile char * ), ?++( _Atomic volatile char * );
905signed char ?++( volatile signed char * ), ?++( _Atomic volatile signed char * );
906unsigned char ?++( volatile signed char * ), ?++( _Atomic volatile signed char * );
907short int ?++( volatile short int * ), ?++( _Atomic volatile short int * );
908unsigned short int ?++( volatile unsigned short int * ), ?++( _Atomic volatile unsigned short int * );
909int ?++( volatile int * ), ?++( _Atomic volatile int * );
910unsigned int ?++( volatile unsigned int * ), ?++( _Atomic volatile unsigned int * );
911long int ?++( volatile long int * ), ?++( _Atomic volatile long int * );
912long unsigned int ?++( volatile long unsigned int * ), ?++( _Atomic volatile long unsigned int * );
913long long int ?++( volatile long long int * ), ?++( _Atomic volatile long long int * );
914long long unsigned ?++( volatile long long unsigned int * ), ?++( _Atomic volatile long long unsigned int * );
915float ?++( volatile float * ), ?++( _Atomic volatile float * );
916double ?++( volatile double * ), ?++( _Atomic volatile double * );
917long double ?++( volatile long double * ), ?++( _Atomic volatile long double * );
918
919forall( otype T ) T * ?++( T * restrict volatile * ), * ?++( T * _Atomic restrict volatile * );
920forall( otype T ) _Atomic T * ?++( _Atomic T * restrict volatile * ), * ?++( _Atomic T * _Atomic restrict volatile * );
921forall( otype T ) const T * ?++( const T * restrict volatile * ), * ?++( const T * _Atomic restrict volatile * );
922forall( otype T ) volatile T * ?++( volatile T * restrict volatile * ), * ?++( volatile T * _Atomic restrict volatile * );
923forall( otype T ) restrict T * ?++( restrict T * restrict volatile * ), * ?++( restrict T * _Atomic restrict volatile * );
924forall( otype T ) _Atomic const T * ?++( _Atomic const T * restrict volatile * ),
925        * ?++( _Atomic const T * _Atomic restrict volatile * );
926forall( otype T ) _Atomic restrict T * ?++( _Atomic restrict T * restrict volatile * ),
927        * ?++( _Atomic restrict T * _Atomic restrict volatile * );
928forall( otype T ) _Atomic volatile T * ?++( _Atomic volatile T * restrict volatile * ),
929        * ?++( _Atomic volatile T * _Atomic restrict volatile * );
930forall( otype T ) const restrict T * ?++( const restrict T * restrict volatile * ),
931        * ?++( const restrict T * _Atomic restrict volatile * );
932forall( otype T ) const volatile T * ?++( const volatile T * restrict volatile * ),
933        * ?++( const volatile T * _Atomic restrict volatile * );
934forall( otype T ) restrict volatile T * ?++( restrict volatile T * restrict volatile * ),
935        * ?++( restrict volatile T * _Atomic restrict volatile * );
936forall( otype T ) _Atomic const restrict T * ?++( _Atomic const restrict T * restrict volatile * ),
937        * ?++( _Atomic const restrict T * _Atomic restrict volatile * );
938forall( otype T ) _Atomic const volatile T * ?++( _Atomic const volatile T * restrict volatile * ),
939        * ?++( _Atomic const volatile T * _Atomic restrict volatile * );
940forall( otype T ) _Atomic restrict volatile T * ?++( _Atomic restrict volatile T * restrict volatile * ),
941        * ?++( _Atomic restrict volatile T * _Atomic restrict volatile * );
942forall( otype T ) const restrict volatile T * ?++( const restrict volatile T * restrict volatile * ),
943        * ?++( const restrict volatile T * _Atomic restrict volatile * );
944forall( otype T ) _Atomic const restrict volatile T * ?++( _Atomic const restrict volatile T * restrict volatile * ),
945        * ?++( _Atomic const restrict volatile T * _Atomic restrict volatile * );
946
947_Bool ?--( volatile _Bool * ), ?--( _Atomic volatile _Bool * );
948char ?--( volatile char * ), ?--( _Atomic volatile char * );
949signed char ?--( volatile signed char * ), ?--( _Atomic volatile signed char * );
950unsigned char ?--( volatile signed char * ), ?--( _Atomic volatile signed char * );
951short int ?--( volatile short int * ), ?--( _Atomic volatile short int * );
952unsigned short int ?--( volatile unsigned short int * ), ?--( _Atomic volatile unsigned short int * );
953int ?--( volatile int * ), ?--( _Atomic volatile int * );
954unsigned int ?--( volatile unsigned int * ), ?--( _Atomic volatile unsigned int * );
955long int ?--( volatile long int * ), ?--( _Atomic volatile long int * );
956long unsigned int ?--( volatile long unsigned int * ), ?--( _Atomic volatile long unsigned int * );
957long long int ?--( volatile long long int * ), ?--( _Atomic volatile long long int * );
958long long unsigned ?--( volatile long long unsigned int * ), ?--( _Atomic volatile long long unsigned int * );
959float ?--( volatile float * ), ?--( _Atomic volatile float * );
960double ?--( volatile double * ), ?--( _Atomic volatile double * );
961long double ?--( volatile long double * ), ?--( _Atomic volatile long double * );
962
963forall( otype T ) T * ?--( T * restrict volatile * ), * ?--( T * _Atomic restrict volatile * );
964forall( otype T ) _Atomic T * ?--( _Atomic T * restrict volatile * ), * ?--( _Atomic T * _Atomic restrict volatile * );
965forall( otype T ) const T * ?--( const T * restrict volatile * ), * ?--( const T * _Atomic restrict volatile * );
966forall( otype T ) volatile T * ?--( volatile T * restrict volatile * ), * ?--( volatile T * _Atomic restrict volatile * );
967forall( otype T ) restrict T * ?--( restrict T * restrict volatile * ), * ?--( restrict T * _Atomic restrict volatile * );
968forall( otype T ) _Atomic const T * ?--( _Atomic const T * restrict volatile * ),
969        * ?--( _Atomic const T * _Atomic restrict volatile * );
970forall( otype T ) _Atomic restrict T * ?--( _Atomic restrict T * restrict volatile * ),
971        * ?--( _Atomic restrict T * _Atomic restrict volatile * );
972forall( otype T ) _Atomic volatile T * ?--( _Atomic volatile T * restrict volatile * ),
973        * ?--( _Atomic volatile T * _Atomic restrict volatile * );
974forall( otype T ) const restrict T * ?--( const restrict T * restrict volatile * ),
975        * ?--( const restrict T * _Atomic restrict volatile * );
976forall( otype T ) const volatile T * ?--( const volatile T * restrict volatile * ),
977        * ?--( const volatile T * _Atomic restrict volatile * );
978forall( otype T ) restrict volatile T * ?--( restrict volatile T * restrict volatile * ),
979        * ?--( restrict volatile T * _Atomic restrict volatile * );
980forall( otype T ) _Atomic const restrict T * ?--( _Atomic const restrict T * restrict volatile * ),
981        * ?--( _Atomic const restrict T * _Atomic restrict volatile * );
982forall( otype T ) _Atomic const volatile T * ?--( _Atomic const volatile T * restrict volatile * ),
983        * ?--( _Atomic const volatile T * _Atomic restrict volatile * );
984forall( otype T ) _Atomic restrict volatile T * ?--( _Atomic restrict volatile T * restrict volatile * ),
985        * ?--( _Atomic restrict volatile T * _Atomic restrict volatile * );
986forall( otype T ) const restrict volatile T * ?--( const restrict volatile T * restrict volatile * ),
987        * ?--( const restrict volatile T * _Atomic restrict volatile * );
988forall( otype T ) _Atomic const restrict volatile T * ?--( _Atomic const restrict volatile T * restrict volatile * ),
989        * ?--( _Atomic const restrict volatile T * _Atomic restrict volatile * );
990\end{lstlisting}
991For every extended integer type ©X© there exist
992% Don't use predefined: keep this out of prelude.cf.
993\begin{lstlisting}
994X ?++( volatile X * ), ?++( _Atomic volatile X * ),
995  ?--( volatile X * ), ?--( _Atomic volatile X * );
996\end{lstlisting}
997For every complete enumerated type ©E© there exist
998% Don't use predefined: keep this out of prelude.cf.
999\begin{lstlisting}
1000E ?++( volatile E * ), ?++( _Atomic volatile E * ),
1001  ?--( volatile E * ), ?--( _Atomic volatile E * );
1002\end{lstlisting}
1003
1004\begin{rationale}
1005Note that ``©++©'' and ``©--©'' are rewritten as function calls that are given a pointer to that operand. (This is true of all operators that modify an operand.) As Hamish Macdonald has pointed out, this forces the modified operand of such expressions to be an lvalue.
1006This partially enforces the C semantic rule that such operands must be \emph{modifiable} lvalues.
1007\end{rationale}
1008
1009\begin{rationale}
1010In C, a semantic rule requires that pointer operands of increment and decrement be pointers to object types.
1011Hence, ©void *© objects cannot be incremented.
1012In \CFA, the restriction follows from the use of a ©type© parameter in the predefined function definitions, as opposed to ©dtype©, since only object types can be inferred arguments corresponding to the type parameter ©T©.
1013\end{rationale}
1014
1015\semantics
1016First, each interpretation of the operand of an increment or decrement expression is considered separately.
1017For each interpretation that is a bit-field or is declared with the \Indexc{register}\index{storage-class specifier}, the expression has one valid interpretation, with the type of the operand, and the expression is ambiguous if the operand is.
1018
1019For the remaining interpretations, the expression is rewritten, and the interpretations of the expression are the interpretations of the corresponding function call.
1020Finally, all interpretations of the expression produced for the different interpretations of the operand are combined to produce the interpretations of the expression as a whole; where interpretations have compatible result types, the best interpretations are selected in the manner described for function call expressions.
1021
1022\examples
1023\begin{lstlisting}
1024volatile short int vs;  vs++; // rewritten as ?++( &(vs) )
1025short int s;                    s++;
1026const short int cs;             cs++;
1027_Atomic short int as;   as++;
1028\end{lstlisting}
1029\begin{sloppypar}
1030Since ©&(vs)© has type ©volatile short int *©, the best valid interpretation of ©vs++© calls the ©?++© function with the ©volatile short *© parameter.
1031©s++© does the same, applying the safe conversion from ©short int *© to ©volatile short int *©.
1032Note that there is no conversion that adds an ©_Atomic© qualifier, so the ©_Atomic volatile short int© overloading does not provide a valid interpretation.
1033\end{sloppypar}
1034
1035There is no safe conversion from ©const short int *© to ©volatile short int *©, and no ©?++© function that accepts a ©const *© parameter, so ©cs++© has no valid interpretations.
1036
1037The best valid interpretation of ©as++© calls the ©short ?++© function with the ©_Atomic volatile short int *© parameter, applying a safe conversion to add the ©volatile© qualifier.
1038\begin{lstlisting}
1039char * const restrict volatile * restrict volatile pqpc;
1040pqpc++
1041char * * restrict volatile ppc;
1042ppc++;
1043\end{lstlisting}
1044Since ©&(pqpc)© has type ©char * const restrict volatile * restrict volatile *©, the best valid interpretation of ©pqpc++© calls the polymorphic ©?++© function with the ©const restrict volatile T * restrict volatile *© parameter, inferring ©T© to be ©char *©.
1045
1046©ppc++© calls the same function, again inferring ©T© to be ©char *©, and using the safe conversions from ©T© to ©T const© ©restrict volatile©.
1047
1048\begin{rationale}
1049Increment and decrement expressions show up a deficiency of \CFA's type system.
1050There is no such thing as a pointer to a register object or bit-field\index{deficiencies!pointers to bit-fields}.
1051Therefore, there is no way to define a function that alters them, and hence no way to define increment and decrement functions for them.
1052As a result, the semantics of increment and decrement expressions must treat them specially.
1053This holds true for all of the operators that may modify such objects.
1054\end{rationale}
1055
1056\begin{rationale}
1057The polymorphic overloadings for pointer increment and decrement can be understood by considering increasingly complex types.
1058\begin{enumerate}
1059\item
1060``©char * p; p++;©''.
1061The argument to ©?++© has type ©char * *©, and the result has type ©char *©.
1062The expression would be valid if ©?++© were declared by
1063\begin{lstlisting}
1064forall( otype T ) T * ?++( T * * );
1065\end{lstlisting} with ©T© inferred to be ©char©.
1066
1067\item
1068``©char *restrict volatile qp; qp++©''.
1069The result again has type ©char *©, but the argument now has type ©char *restrict volatile *©, so it cannot be passed to the hypothetical function declared in point 1.
1070Hence the actual predefined function is
1071\begin{lstlisting}
1072forall( otype T ) T * ?++( T * restrict volatile * );
1073\end{lstlisting} which also accepts a ©char * *© argument, because of the safe conversions that add ©volatile© and ©restrict© qualifiers. (The parameter is not const-qualified, so constant pointers cannot be incremented.)
1074
1075\item
1076``©char *_Atomic ap; ap++©''.
1077The result again has type ©char *©, but no safe conversion adds an ©_Atomic© qualifier, so the function in point 2 is not applicable.
1078A separate overloading of ©?++© is required.
1079
1080\item
1081``©char const volatile * pq; pq++©''.
1082Here the result has type ©char const volatile *©, so a new overloading is needed:
1083\begin{lstlisting}
1084forall( otype T ) T const volatile * ?++( T const volatile *restrict volatile * );
1085\end{lstlisting}
1086One overloading is needed for each combination of qualifiers in the pointed-at type\index{deficiencies!pointers to qualified types}.
1087 
1088\item
1089``©float *restrict * prp; prp++©''.
1090The ©restrict© qualifier is handled just like ©const© and ©volatile© in the previous case:
1091\begin{lstlisting}
1092forall( otype T ) T restrict * ?++( T restrict *restrict volatile * );
1093\end{lstlisting} with ©T© inferred to be ©float *©.
1094This looks odd, because {\c11} contains a constraint that requires restrict-qualified types to be pointer-to-object types, and ©T© is not syntactically a pointer type. \CFA loosens the constraint.
1095\end{enumerate}
1096\end{rationale}
1097
1098
1099\subsubsection{Compound literals}
1100
1101\semantics 
1102A compound literal has one interpretation, with the type given by the \nonterm{type-name} of the compound literal.
1103
1104
1105\subsection{Unary operators}
1106
1107\begin{syntax}
1108\lhs{unary-expression}
1109\rhs \nonterm{postfix-expression}
1110\rhs ©++© \nonterm{unary-expression}
1111\rhs ©--© \nonterm{unary-expression}
1112\rhs \nonterm{unary-operator} \nonterm{cast-expression}
1113\rhs ©sizeof© \nonterm{unary-expression}
1114\rhs ©sizeof© ©(© \nonterm{type-name} ©)©
1115\lhs{unary-operator} one of \rhs ©&© ©*© ©+© ©-© ©~© ©!©
1116\end{syntax}
1117
1118\rewriterules
1119\begin{lstlisting}
1120*a      => *?( a )§\use{*?}§
1121+a      => +?( a )§\use{+?}§
1122-a      => -?( a )§\use{-?}§
1123~a      => ~?( a )§\use{~?}§
1124!a      => !?( a )§\use{"!?}§
1125++a     => ++?(&( a ))§\use{++?}§
1126--a     => --?(&( a ))§\use{--?}§
1127\end{lstlisting}
1128
1129
1130\subsubsection{Prefix increment and decrement operators}
1131
1132\predefined
1133\begin{lstlisting}
1134_Bool ++?( volatile _Bool * ), ++?( _Atomic volatile _Bool * );
1135char ++?( volatile char * ), ++?( _Atomic volatile char * );
1136signed char ++?( volatile signed char * ), ++?( _Atomic volatile signed char * );
1137unsigned char ++?( volatile signed char * ), ++?( _Atomic volatile signed char * );
1138short int ++?( volatile short int * ), ++?( _Atomic volatile short int * );
1139unsigned short int ++?( volatile unsigned short int * ), ++?( _Atomic volatile unsigned short int * );
1140int ++?( volatile int * ), ++?( _Atomic volatile int * );
1141unsigned int ++?( volatile unsigned int * ), ++?( _Atomic volatile unsigned int * );
1142long int ++?( volatile long int * ), ++?( _Atomic volatile long int * );
1143long unsigned int ++?( volatile long unsigned int * ), ++?( _Atomic volatile long unsigned int * );
1144long long int ++?( volatile long long int * ), ++?( _Atomic volatile long long int * );
1145long long unsigned ++?( volatile long long unsigned int * ), ++?( _Atomic volatile long long unsigned int * );
1146float ++?( volatile float * ), ++?( _Atomic volatile float * );
1147double ++?( volatile double * ), ++?( _Atomic volatile double * );
1148long double ++?( volatile long double * ), ++?( _Atomic volatile long double * );
1149
1150forall( otype T ) T * ++?( T * restrict volatile * ), * ++?( T * _Atomic restrict volatile * );
1151forall( otype T ) _Atomic T * ++?( _Atomic T * restrict volatile * ), * ++?( _Atomic T * _Atomic restrict volatile * );
1152forall( otype T ) const T * ++?( const T * restrict volatile * ), * ++?( const T * _Atomic restrict volatile * );
1153forall( otype T ) volatile T * ++?( volatile T * restrict volatile * ), * ++?( volatile T * _Atomic restrict volatile * );
1154forall( otype T ) restrict T * ++?( restrict T * restrict volatile * ), * ++?( restrict T * _Atomic restrict volatile * );
1155forall( otype T ) _Atomic const T * ++?( _Atomic const T * restrict volatile * ),
1156        * ++?( _Atomic const T * _Atomic restrict volatile * );
1157forall( otype T ) _Atomic volatile T * ++?( _Atomic volatile T * restrict volatile * ),
1158        * ++?( _Atomic volatile T * _Atomic restrict volatile * );
1159forall( otype T ) _Atomic restrict T * ++?( _Atomic restrict T * restrict volatile * ),
1160        * ++?( _Atomic restrict T * _Atomic restrict volatile * );
1161forall( otype T ) const volatile T * ++?( const volatile T * restrict volatile * ),
1162        * ++?( const volatile T * _Atomic restrict volatile * );
1163forall( otype T ) const restrict T * ++?( const restrict T * restrict volatile * ),
1164        * ++?( const restrict T * _Atomic restrict volatile * );
1165forall( otype T ) restrict volatile T * ++?( restrict volatile T * restrict volatile * ),
1166        * ++?( restrict volatile T * _Atomic restrict volatile * );
1167forall( otype T ) _Atomic const volatile T * ++?( _Atomic const volatile T * restrict volatile * ),
1168        * ++?( _Atomic const volatile T * _Atomic restrict volatile * );
1169forall( otype T ) _Atomic const restrict T * ++?( _Atomic const restrict T * restrict volatile * ),
1170        * ++?( _Atomic const restrict T * _Atomic restrict volatile * );
1171forall( otype T ) _Atomic restrict volatile T * ++?( _Atomic restrict volatile T * restrict volatile * ),
1172        * ++?( _Atomic restrict volatile T * _Atomic restrict volatile * );
1173forall( otype T ) const restrict volatile T * ++?( const restrict volatile T * restrict volatile * ),
1174        * ++?( const restrict volatile T * _Atomic restrict volatile * );
1175forall( otype T ) _Atomic const restrict volatile T * ++?( _Atomic const restrict volatile T * restrict volatile * ),
1176        * ++?( _Atomic const restrict volatile T * _Atomic restrict volatile * );
1177
1178_Bool --?( volatile _Bool * ), --?( _Atomic volatile _Bool * );
1179char --?( volatile char * ), --?( _Atomic volatile char * );
1180signed char --?( volatile signed char * ), --?( _Atomic volatile signed char * );
1181unsigned char --?( volatile signed char * ), --?( _Atomic volatile signed char * );
1182short int --?( volatile short int * ), --?( _Atomic volatile short int * );
1183unsigned short int --?( volatile unsigned short int * ), --?( _Atomic volatile unsigned short int * );
1184int --?( volatile int * ), --?( _Atomic volatile int * );
1185unsigned int --?( volatile unsigned int * ), --?( _Atomic volatile unsigned int * );
1186long int --?( volatile long int * ), --?( _Atomic volatile long int * );
1187long unsigned int --?( volatile long unsigned int * ), --?( _Atomic volatile long unsigned int * );
1188long long int --?( volatile long long int * ), --?( _Atomic volatile long long int * );
1189long long unsigned --?( volatile long long unsigned int * ), --?( _Atomic volatile long long unsigned int * );
1190float --?( volatile float * ), --?( _Atomic volatile float * );
1191double --?( volatile double * ), --?( _Atomic volatile double * );
1192long double --?( volatile long double * ), --?( _Atomic volatile long double * );
1193
1194forall( otype T ) T * --?( T * restrict volatile * ), * --?( T * _Atomic restrict volatile * );
1195forall( otype T ) _Atomic T * --?( _Atomic T * restrict volatile * ), * --?( _Atomic T * _Atomic restrict volatile * );
1196forall( otype T ) const T * --?( const T * restrict volatile * ), * --?( const T * _Atomic restrict volatile * );
1197forall( otype T ) volatile T * --?( volatile T * restrict volatile * ), * --?( volatile T * _Atomic restrict volatile * );
1198forall( otype T ) restrict T * --?( restrict T * restrict volatile * ), * --?( restrict T * _Atomic restrict volatile * );
1199forall( otype T ) _Atomic const T * --?( _Atomic const T * restrict volatile * ),
1200        * --?( _Atomic const T * _Atomic restrict volatile * );
1201forall( otype T ) _Atomic volatile T * --?( _Atomic volatile T * restrict volatile * ),
1202        * --?( _Atomic volatile T * _Atomic restrict volatile * );
1203forall( otype T ) _Atomic restrict T * --?( _Atomic restrict T * restrict volatile * ),
1204        * --?( _Atomic restrict T * _Atomic restrict volatile * );
1205forall( otype T ) const volatile T * --?( const volatile T * restrict volatile * ),
1206        * --?( const volatile T * _Atomic restrict volatile * );
1207forall( otype T ) const restrict T * --?( const restrict T * restrict volatile * ),
1208        * --?( const restrict T * _Atomic restrict volatile * );
1209forall( otype T ) restrict volatile T * --?( restrict volatile T * restrict volatile * ),
1210        * --?( restrict volatile T * _Atomic restrict volatile * );
1211forall( otype T ) _Atomic const volatile T * --?( _Atomic const volatile T * restrict volatile * ),
1212        * --?( _Atomic const volatile T * _Atomic restrict volatile * );
1213forall( otype T ) _Atomic const restrict T * --?( _Atomic const restrict T * restrict volatile * ),
1214        * --?( _Atomic const restrict T * _Atomic restrict volatile * );
1215forall( otype T ) _Atomic restrict volatile T * --?( _Atomic restrict volatile T * restrict volatile * ),
1216        * --?( _Atomic restrict volatile T * _Atomic restrict volatile * );
1217forall( otype T ) const restrict volatile T * --?( const restrict volatile T * restrict volatile * ),
1218        * --?( const restrict volatile T * _Atomic restrict volatile * );
1219forall( otype T ) _Atomic const restrict volatile T * --?( _Atomic const restrict volatile T * restrict volatile * ),
1220        * --?( _Atomic const restrict volatile T * _Atomic restrict volatile * );
1221\end{lstlisting}
1222For every extended integer type ©X© there exist
1223% Don't use predefined: keep this out of prelude.cf.
1224\begin{lstlisting}
1225X       ++?( volatile X * ),
1226        ++?( _Atomic volatile X * ),
1227        --?( volatile X * ),
1228        --?( _Atomic volatile X * );
1229\end{lstlisting}
1230For every complete enumerated type ©E© there exist
1231% Don't use predefined: keep this out of prelude.cf.
1232\begin{lstlisting}
1233E ++?( volatile E * ),
1234        ++?( _Atomic volatile E * ),
1235        ?--( volatile E * ),
1236        ?--( _Atomic volatile E * );
1237\end{lstlisting}
1238
1239\semantics
1240The interpretations of prefix increment and decrement expressions are determined in the same way as the interpretations of postfix increment and decrement expressions.
1241
1242
1243\subsubsection{Address and indirection operators}
1244
1245\predefined
1246\begin{lstlisting}
1247forall( otype T ) lvalue T *?( T * );
1248forall( otype T ) _Atomic lvalue T *?( _Atomic T * );
1249forall( otype T ) const lvalue T *?( const T * );
1250forall( otype T ) volatile lvalue T *?( volatile T * );
1251forall( otype T ) restrict lvalue T *?( restrict T * );
1252forall( otype T ) _Atomic const lvalue T *?( _Atomic const T * );
1253forall( otype T ) _Atomic volatile lvalue T *?( _Atomic volatile T * );
1254forall( otype T ) _Atomic restrict lvalue T *?( _Atomic restrict T * );
1255forall( otype T ) const volatile lvalue T *?( const volatile T * );
1256forall( otype T ) const restrict lvalue T *?( const restrict T * );
1257forall( otype T ) restrict volatile lvalue T *?( restrict volatile T * );
1258forall( otype T ) _Atomic const volatile lvalue T *?( _Atomic const volatile T * );
1259forall( otype T ) _Atomic const restrict lvalue T *?( _Atomic const restrict T * );
1260forall( otype T ) _Atomic restrict volatile lvalue T *?( _Atomic restrict volatile T * );
1261forall( otype T ) const restrict volatile lvalue T *?( const restrict volatile T * );
1262forall( otype T ) _Atomic const restrict volatile lvalue T *?( _Atomic const restrict volatile T * );
1263forall( ftype FT ) FT *?( FT * );
1264\end{lstlisting}
1265
1266\constraints
1267The operand of the unary ``©&©'' operator shall have exactly one \Index{interpretation}\index{ambiguous interpretation}, which shall be unambiguous.
1268
1269\semantics
1270The ``©&©'' expression has one interpretation which is of type ©T *©, where ©T© is the type of the operand.
1271
1272The interpretations of an indirection expression are the interpretations of the corresponding function call.
1273
1274
1275\subsubsection{Unary arithmetic operators}
1276
1277\predefined
1278\begin{lstlisting}
1279int     +?( int ), -?( int ), ~?( int );
1280unsigned int +?( unsigned int ), -?( unsigned int ), ~?( unsigned int );
1281long int +?( long int ), -?( long int ), ~?( long int );
1282long unsigned int +?( long unsigned int ), -?( long unsigned int ), ~?( long unsigned int );
1283long long int +?( long long int ), -?( long long int ), ~?( long long int );
1284long long unsigned int +?( long long unsigned int ), -?( long long unsigned int ), ~?( long long unsigned int );
1285float +?( float ), -?( float );
1286double +?( double ), -?( double );
1287long double +?( long double ), -?( long double );
1288_Complex float +?( _Complex float ), -?( _Complex float );
1289_Complex double +?( _Complex double ), -?( _Complex double );
1290_Complex long double +?( _Complex long double ), -?( _Complex long double );
1291int !?( int ), !?( unsigned int ), !?( long ), !?( long unsigned int ),
1292        !?( long long int ), !?( long long unsigned int ),
1293        !?( float ), !?( double ), !?( long double ),
1294        !?( _Complex float ), !?( _Complex double ), !?( _Complex long double );
1295forall( dtype DT ) int !?( const restrict volatile DT * );
1296forall( dtype DT ) int !?( _Atomic const restrict volatile DT * );
1297forall( ftype FT ) int !?( FT * );
1298\end{lstlisting}
1299For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1300% Don't use predefined: keep this out of prelude.cf.
1301\begin{lstlisting}
1302X +?( X ), -?( X ), ~?( X );
1303int !?( X );
1304\end{lstlisting}
1305
1306\semantics
1307The interpretations of a unary arithmetic expression are the interpretations of the corresponding function call.
1308
1309\examples
1310\begin{lstlisting}
1311long int li;
1312void eat_double( double );§\use{eat_double}§
1313eat_double(-li ); // => eat_double( -?( li ) );
1314\end{lstlisting}
1315The valid interpretations of ``©-li©'' (assuming no extended integer types exist) are
1316\begin{center}
1317\begin{tabular}{llc} interpretation & result type & expression conversion cost \\
1318\hline
1319©-?( (int)li )©                                         & ©int©                                         & (unsafe) \\
1320©-?( (unsigned)li)©                                     & ©unsigned int©                        & (unsafe) \\
1321©-?( (long)li)©                                         & ©long©                                        & 0 \\
1322©-?( (long unsigned int)li)©            & ©long unsigned int©           & 1 \\
1323©-?( (long long int)li)©                        & ©long long int©                       & 2 \\
1324©-?( (long long unsigned int)li)©       & ©long long unsigned int©      & 3 \\
1325©-?( (float)li)©                                        & ©float©                                       & 4 \\
1326©-?( (double)li)©                                       & ©double©                                      & 5 \\
1327©-?( (long double)li)©                          & ©long double©                         & 6 \\
1328©-?( (_Complex float)li)©                       & ©float©                                       & (unsafe) \\
1329©-?( (_Complex double)li)©                      & ©double©                                      & (unsafe) \\
1330©-?( (_Complex long double)li)©         & ©long double©                         & (unsafe) \\
1331\end{tabular}
1332\end{center}
1333The valid interpretations of the ©eat_double© call, with the cost of the argument conversion and the cost of the entire expression, are
1334\begin{center}
1335\begin{tabular}{lcc} interpretation & argument cost & expression cost \\
1336\hline
1337©eat_double( (double)-?( (int)li) )©                                    & 7                     & (unsafe) \\
1338©eat_double( (double)-?( (unsigned)li) )©                               & 6                     & (unsafe) \\
1339©eat_double( (double)-?(li) )©                                                  & 5                     & \(0+5=5\) \\
1340©eat_double( (double)-?( (long unsigned int)li) )©              & 4                     & \(1+4=5\) \\
1341©eat_double( (double)-?( (long long int)li) )©                  & 3                     & \(2+3=5\) \\
1342©eat_double( (double)-?( (long long unsigned int)li) )© & 2                     & \(3+2=5\) \\
1343©eat_double( (double)-?( (float)li) )©                                  & 1                     & \(4+1=5\) \\
1344©eat_double( (double)-?( (double)li) )©                                 & 0                     & \(5+0=5\) \\
1345©eat_double( (double)-?( (long double)li) )©                    & (unsafe)      & (unsafe) \\
1346©eat_double( (double)-?( (_Complex float)li) )©                 & (unsafe)      & (unsafe) \\
1347©eat_double( (double)-?( (_Complex double)li) )©                & (unsafe)      & (unsafe) \\
1348©eat_double( (double)-?( (_Complex long double)li) )©   & (unsafe)      & (unsafe) \\
1349\end{tabular}
1350\end{center}
1351Each has result type ©void©, so the best must be selected.
1352The interpretations involving unsafe conversions are discarded.
1353The remainder have equal expression conversion costs, so the ``highest argument conversion cost'' rule is invoked, and the chosen interpretation is ©eat_double( (double)-?(li) )©.
1354
1355
1356\subsubsection[The sizeof and \_Alignof operators]{The \lstinline@sizeof@ and \lstinline@_Alignof@ operators}
1357
1358\constraints
1359The operand of ©sizeof© or ©_Alignof© shall not be ©type©, ©dtype©, or ©ftype©.
1360
1361When the ©sizeof©\use{sizeof} operator is applied to an expression, the expression shall have exactly one \Index{interpretation}\index{ambiguous interpretation}, which shall be unambiguous. \semantics A ©sizeof© or ©_Alignof© expression has one interpretation, of type ©size_t©.
1362
1363When ©sizeof© is applied to an identifier declared by a \nonterm{type-declaration} or a
1364\nonterm{type-parameter}, it yields the size in bytes of the type that implements the operand.
1365When the operand is an opaque type or an inferred type parameter\index{inferred parameter}, the expression is not a constant expression.
1366
1367When ©_Alignof© is applied to an identifier declared by a \nonterm{type-declaration} or a
1368\nonterm{type-parameter}, it yields the alignment requirement of the type that implements the operand.
1369When the operand is an opaque type or an inferred type parameter\index{inferred parameter}, the expression is not a constant expression.
1370\begin{rationale}
1371\begin{lstlisting}
1372otype Pair = struct { int first, second; };
1373size_t p_size = sizeof(Pair);           // constant expression
1374extern otype Rational;§\use{Rational}§
1375size_t c_size = sizeof(Rational);       // non-constant expression
1376forall(type T) T f(T p1, T p2) {
1377        size_t t_size = sizeof(T);              // non-constant expression
1378        ...
1379}
1380\end{lstlisting}
1381``©sizeof Rational©'', although not statically known, is fixed.
1382Within ©f()©, ``©sizeof(T)©'' is fixed for each call of ©f()©, but may vary from call to call.
1383\end{rationale}
1384
1385
1386\subsection{Cast operators}
1387
1388\begin{syntax}
1389\lhs{cast-expression}
1390\rhs \nonterm{unary-expression}
1391\rhs ©(© \nonterm{type-name} ©)© \nonterm{cast-expression}
1392\end{syntax}
1393
1394\constraints
1395The \nonterm{type-name} in a \nonterm{cast-expression} shall not be ©type©, ©dtype©, or ©ftype©.
1396
1397\semantics
1398
1399In a \Index{cast expression} ``©(©\nonterm{type-name}©)e©'', if
1400\nonterm{type-name} is the type of an interpretation of ©e©, then that interpretation is the only interpretation of the cast expression;
1401otherwise, ©e© shall have some interpretation that can be converted to \nonterm{type-name}, and the interpretation of the cast expression is the cast of the interpretation that can be converted at the lowest cost.
1402The cast expression's interpretation is ambiguous\index{ambiguous interpretation} if more than one interpretation can be converted at the lowest cost or if the selected interpretation is ambiguous.
1403
1404\begin{rationale}
1405Casts can be used to eliminate ambiguity in expressions by selecting interpretations of subexpressions, and to specialize polymorphic functions and values.
1406\end{rationale}
1407
1408
1409\subsection{Multiplicative operators}
1410
1411\begin{syntax}
1412\lhs{multiplicative-expression}
1413\rhs \nonterm{cast-expression}
1414\rhs \nonterm{multiplicative-expression} ©*© \nonterm{cast-expression}
1415\rhs \nonterm{multiplicative-expression} ©/© \nonterm{cast-expression}
1416\rhs \nonterm{multiplicative-expression} ©%© \nonterm{cast-expression}
1417\end{syntax}
1418
1419\rewriterules
1420\begin{lstlisting}
1421a * b => ?*?( a, b )§\use{?*?}§
1422a / b => ?/?( a, b )§\use{?/?}§
1423a % b => ?%?( a, b )§\use{?%?}§
1424\end{lstlisting}
1425
1426\predefined
1427\begin{lstlisting}
1428int?*?( int, int ), ?/?( int, int ), ?%?( int, int );
1429unsigned int?*?( unsigned int, unsigned int ), ?/?( unsigned int, unsigned int ), ?%?( unsigned int, unsigned int );
1430long int?*?( long int, long int ), ?/?( long, long ), ?%?( long, long );
1431long unsigned int?*?( long unsigned int, long unsigned int ),
1432        ?/?( long unsigned int, long unsigned int ), ?%?( long unsigned int, long unsigned int );
1433long long int?*?( long long int, long long int ), ?/?( long long int, long long int ),
1434        ?%?( long long int, long long int );
1435long long unsigned int ?*?( long long unsigned int, long long unsigned int ),
1436        ?/?( long long unsigned int, long long unsigned int ), ?%?( long long unsigned int, long long unsigned int );
1437float?*?( float, float ), ?/?( float, float );
1438double?*?( double, double ), ?/?( double, double );
1439long double?*?( long double, long double ), ?/?( long double, long double );
1440_Complex float?*?( float, _Complex float ), ?/?( float, _Complex float ),
1441        ?*?( _Complex float, float ), ?/?( _Complex float, float ),
1442        ?*?( _Complex float, _Complex float ), ?/?( _Complex float, _Complex float );
1443_Complex double?*?( double, _Complex double ), ?/?( double, _Complex double ),
1444        ?*?( _Complex double, double ), ?/?( _Complex double, double ),
1445        ?*?( _Complex double, _Complex double ), ?/?( _Complex double, _Complex double );
1446_Complex long double?*?( long double, _Complex long double ), ?/?( long double, _Complex long double ),
1447        ?*?( _Complex long double, long double ), ?/?( _Complex long double, long double ),
1448        ?*?( _Complex long double, _Complex long double ), ?/?( _Complex long double, _Complex long double );
1449\end{lstlisting}
1450For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1451% Don't use predefined: keep this out of prelude.cf.
1452\begin{lstlisting}
1453X ?*?( X ), ?/?( X ), ?%?( X );
1454\end{lstlisting}
1455
1456\begin{rationale}
1457{\c11} does not include conversions from the \Index{real type}s to \Index{complex type}s in the \Index{usual arithmetic conversion}s.  Instead it specifies conversion of the result of binary operations on arguments from mixed type domains. \CFA's predefined operators match that pattern.
1458\end{rationale}
1459
1460\semantics
1461The interpretations of multiplicative expressions are the interpretations of the corresponding function call.
1462
1463\examples
1464\begin{lstlisting}
1465int i;
1466long li;
1467void eat_double( double );§\use{eat_double}§
1468eat_double( li % i );
1469\end{lstlisting}
1470``©li % i©'' is rewritten as ``©?%?(li, i )©''.
1471The valid interpretations of ©?%?(li, i )©, the cost\index{conversion cost} of converting their arguments, and the cost of converting the result to ©double© (assuming no extended integer types are present ) are
1472\begin{center}
1473\begin{tabular}{lcc} interpretation & argument cost & result cost \\
1474\hline
1475© ?%?( (int)li, i )©                                                                            & (unsafe)      & 6     \\
1476© ?%?( (unsigned)li,(unsigned)i )©                                                      & (unsafe)      & 5     \\
1477© ?%?( li, (long)i )©                                                                           & 1                     & 4     \\
1478© ?%?( (long unsigned)li,(long unsigned)i )©                            & 3                     & 3     \\
1479© ?%?( (long long)li,(long long)i )©                                            & 5                     & 2     \\
1480© ?%?( (long long unsigned)li, (long long unsigned)i )©         & 7                     & 1     \\
1481\end{tabular}
1482\end{center}
1483The best interpretation of ©eat_double( li, i )© is ©eat_double( (double)?%?(li, (long)i ))©, which has no unsafe conversions and the lowest total cost.
1484
1485\begin{rationale}
1486{\c11} defines most arithmetic operations to apply an \Index{integer promotion} to any argument that belongs to a type that has an \Index{integer conversion rank} less than that of ©int©.
1487If ©s© is a ©short int©, ``©s *s©'' does not have type ©short int©;
1488it is treated as ``©( (int)s ) * ( (int)s )©'', and has type ©int©. \CFA matches that pattern;
1489it does not predefine ``©short ?*?( short, short )©''.
1490
1491These ``missing'' operators limit polymorphism.
1492Consider
1493\begin{lstlisting}
1494forall( otype T | T ?*?( T, T ) ) T square( T );
1495short s;
1496square( s );
1497\end{lstlisting}
1498Since \CFA does not define a multiplication operator for ©short int©, ©square( s )© is treated as ©square( (int)s )©, and the result has type ©int©.
1499This is mildly surprising, but it follows the {\c11} operator pattern.
1500
1501A more troubling example is
1502\begin{lstlisting}
1503forall( otype T | ?*?( T, T ) ) T product( T[], int n );
1504short sa[5];
1505product( sa, 5);
1506\end{lstlisting}
1507This has no valid interpretations, because \CFA has no conversion from ``array of ©short int©'' to ``array of ©int©''.
1508The alternatives in such situations include
1509\begin{itemize}
1510\item
1511Defining monomorphic overloadings of ©product© for ©short© and the other ``small'' types.
1512\item
1513Defining ``©short ?*?( short, short )©'' within the scope containing the call to ©product©.
1514\item
1515Defining ©product© to take as an argument a conversion function from the ``small'' type to the operator's argument type.
1516\end{itemize}
1517\end{rationale}
1518
1519
1520\subsection{Additive operators}
1521
1522\begin{syntax}
1523\lhs{additive-expression}
1524\rhs \nonterm{multiplicative-expression}
1525\rhs \nonterm{additive-expression} ©+© \nonterm{multiplicative-expression}
1526\rhs \nonterm{additive-expression} ©-© \nonterm{multiplicative-expression}
1527\end{syntax}
1528
1529\rewriterules
1530\begin{lstlisting}
1531a + b => ?+?( a, b )§\use{?+?}§
1532a - b => ?-?( a, b )§\use{?-?}§
1533\end{lstlisting}
1534
1535\predefined
1536\begin{lstlisting}
1537int?+?( int, int ), ?-?( int, int );
1538unsigned int?+?( unsigned int, unsigned int ), ?-?( unsigned int, unsigned int );
1539long int?+?( long int, long int ), ?-?( long int, long int );
1540long unsigned int?+?( long unsigned int, long unsigned int ), ?-?( long unsigned int, long unsigned int );
1541long long int?+?( long long int, long long int ), ?-?( long long int, long long int );
1542long long unsigned int ?+?( long long unsigned int, long long unsigned int ),
1543        ?-?( long long unsigned int, long long unsigned int );
1544float?+?( float, float ), ?-?( float, float );
1545double?+?( double, double ), ?-?( double, double );
1546long double?+?( long double, long double ), ?-?( long double, long double );
1547_Complex float?+?( _Complex float, float ), ?-?( _Complex float, float ),
1548        ?+?( float, _Complex float ), ?-?( float, _Complex float ),
1549        ?+?( _Complex float, _Complex float ), ?-?( _Complex float, _Complex float );
1550_Complex double?+?( _Complex double, double ), ?-?( _Complex double, double ),
1551        ?+?( double, _Complex double ), ?-?( double, _Complex double ),
1552        ?+?( _Complex double, _Complex double ), ?-?( _Complex double, _Complex double );
1553_Complex long double?+?( _Complex long double, long double ), ?-?( _Complex long double, long double ),
1554        ?+?( long double, _Complex long double ), ?-?( long double, _Complex long double ),
1555        ?+?( _Complex long double, _Complex long double ), ?-?( _Complex long double, _Complex long double );
1556
1557forall( otype T ) T * ?+?( T *, ptrdiff_t ), * ?+?( ptrdiff_t, T * ), * ?-?( T *, ptrdiff_t );
1558forall( otype T ) _Atomic T * ?+?( _Atomic T *, ptrdiff_t ), * ?+?( ptrdiff_t, _Atomic T * ),
1559        * ?-?( _Atomic T *, ptrdiff_t );
1560forall( otype T ) const T * ?+?( const T *, ptrdiff_t ), * ?+?( ptrdiff_t, const T * ),
1561        * ?-?( const T *, ptrdiff_t );
1562forall( otype T ) restrict T * ?+?( restrict T *, ptrdiff_t ), * ?+?( ptrdiff_t, restrict T * ),
1563        * ?-?( restrict T *, ptrdiff_t );
1564forall( otype T ) volatile T * ?+?( volatile T *, ptrdiff_t ), * ?+?( ptrdiff_t, volatile T * ),
1565        * ?-?( volatile T *, ptrdiff_t );
1566forall( otype T ) _Atomic const T * ?+?( _Atomic const T *, ptrdiff_t ), * ?+?( ptrdiff_t, _Atomic const T * ),
1567        * ?-?( _Atomic const T *, ptrdiff_t );
1568forall( otype T ) _Atomic restrict T * ?+?( _Atomic restrict T *, ptrdiff_t ), * ?+?( ptrdiff_t, _Atomic restrict T * ),
1569        * ?-?( _Atomic restrict T *, ptrdiff_t );
1570forall( otype T ) _Atomic volatile T * ?+?( _Atomic volatile T *, ptrdiff_t ), * ?+?( ptrdiff_t, _Atomic volatile T * ),
1571        * ?-?( _Atomic volatile T *, ptrdiff_t );
1572forall( otype T ) const restrict T * ?+?( const restrict T *, ptrdiff_t ), * ?+?( ptrdiff_t, const restrict T * ),
1573        * ?-?( const restrict T *, ptrdiff_t );
1574forall( otype T ) const volatile T * ?+?( const volatile T *, ptrdiff_t ), * ?+?( ptrdiff_t, const volatile T * ),
1575        * ?-?( const volatile T *, ptrdiff_t );
1576forall( otype T ) restrict volatile T * ?+?( restrict volatile T *, ptrdiff_t ), * ?+?( ptrdiff_t, restrict volatile T * ),
1577        * ?-?( restrict volatile T *, ptrdiff_t );
1578forall( otype T ) _Atomic const restrict T * ?+?( _Atomic const restrict T *, ptrdiff_t ),
1579        * ?+?( ptrdiff_t, _Atomic const restrict T * ),
1580        * ?-?( _Atomic const restrict T *, ptrdiff_t );
1581forall( otype T ) ptrdiff_t
1582        * ?-?( const restrict volatile T *, const restrict volatile T * ),
1583        * ?-?( _Atomic const restrict volatile T *, _Atomic const restrict volatile T * );
1584\end{lstlisting}
1585For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1586% Don't use predefined: keep this out of prelude.cf.
1587\begin{lstlisting}
1588X ?+?( X ), ?-?( X );
1589\end{lstlisting}
1590
1591\semantics
1592The interpretations of additive expressions are the interpretations of the corresponding function calls.
1593
1594\begin{rationale}
1595©ptrdiff_t© is an implementation-defined identifier defined in ©<stddef.h>© that is synonymous with a signed integral type that is large enough to hold the difference between two pointers.
1596It seems reasonable to use it for pointer addition as well. (This is technically a difference between \CFA and C, which only specifies that pointer addition uses an \emph{integral} argument.) Hence it is also used for subscripting, which is defined in terms of pointer addition.
1597The {\c11} standard uses ©size_t© in several cases where a library function takes an argument that is used as a subscript, but ©size_t© is unsuitable here because it is an unsigned type.
1598\end{rationale}
1599
1600
1601\subsection{Bitwise shift operators}
1602
1603\begin{syntax}
1604\lhs{shift-expression}
1605\rhs \nonterm{additive-expression}
1606\rhs \nonterm{shift-expression} ©<<© \nonterm{additive-expression}
1607\rhs \nonterm{shift-expression} ©>>© \nonterm{additive-expression}
1608\end{syntax}
1609
1610\rewriterules
1611\begin{lstlisting}
1612a << b => ?<<?( a, b )§\use{?<<?}§
1613a >> b => ?>>?( a, b )§\use{?>>?}§
1614\end{lstlisting}
1615
1616\predefined
1617\begin{lstlisting}
1618int ?<<?( int, int ), ?>>?( int, int );
1619unsigned int ?<<?( unsigned int, int ), ?>>?( unsigned int, int );
1620long int ?<<?( long int, int ), ?>>?( long int, int );
1621long unsigned int ?<<?( long unsigned int, int ), ?>>?( long unsigned int, int );
1622long long int ?<<?( long long int, int ), ?>>?( long long int, int );
1623long long unsigned int ?<<?( long long unsigned int, int ), ?>>?( long long unsigned int, int);
1624\end{lstlisting}
1625For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1626% Don't use predefined: keep this out of prelude.cf.
1627\begin{lstlisting}
1628X ?<<?( X, int ), ?>>?( X, int );
1629\end{lstlisting}
1630
1631\begin{rationale}
1632The bitwise shift operators break the usual pattern: they do not convert both operands to a common type.
1633The right operand only undergoes \Index{integer promotion}.
1634\end{rationale}
1635
1636\semantics
1637The interpretations of a bitwise shift expression are the interpretations of the corresponding function calls.
1638
1639
1640\subsection{Relational operators}
1641
1642\begin{syntax}
1643\lhs{relational-expression}
1644\rhs \nonterm{shift-expression}
1645\rhs \nonterm{relational-expression} ©< © \nonterm{shift-expression}
1646\rhs \nonterm{relational-expression} ©> © \nonterm{shift-expression}
1647\rhs \nonterm{relational-expression} ©<=© \nonterm{shift-expression}
1648\rhs \nonterm{relational-expression} ©>=© \nonterm{shift-expression}
1649\end{syntax}
1650
1651\rewriterules
1652\begin{lstlisting}
1653a < b => ?<?( a, b )§\use{?<?}§
1654a > b => ?>?( a, b )§\use{?>?}§
1655a <= b => ?<=?( a, b )§\use{?<=?}§
1656a >= b => ?>=?( a, b )§\use{?>=?}§
1657\end{lstlisting}
1658
1659\predefined
1660\begin{lstlisting}
1661int ?<?( int, int ), ?<=?( int, int ),
1662        ?>?( int, int ), ?>=?( int, int );
1663int ?<?( unsigned int, unsigned int ), ?<=?( unsigned int, unsigned int ),
1664        ?>?( unsigned int, unsigned int ), ?>=?( unsigned int, unsigned int );
1665int ?<?( long int, long int ), ?<=?( long int, long int ),
1666        ?>?( long int, long int ), ?>=?( long int, long int );
1667int ?<?( long unsigned int, long unsigned ), ?<=?( long unsigned int, long unsigned ),
1668        ?>?( long unsigned int, long unsigned ), ?>=?( long unsigned int, long unsigned );
1669int ?<?( long long int, long long int ), ?<=?( long long int, long long int ),
1670        ?>?( long long int, long long int ), ?>=?( long long int, long long int );
1671int ?<?( long long unsigned int, long long unsigned ), ?<=?( long long unsigned int, long long unsigned ),
1672        ?>?( long long unsigned int, long long unsigned ), ?>=?( long long unsigned int, long long unsigned );
1673int ?<?( float, float ), ?<=?( float, float ),
1674        ?>?( float, float ), ?>=?( float, float );
1675int ?<?( double, double ), ?<=?( double, double ),
1676        ?>?( double, double ), ?>=?( double, double );
1677int ?<?( long double, long double ), ?<=?( long double, long double ),
1678        ?>?( long double, long double ), ?>=?( long double, long double );
1679forall( dtype DT ) int ?<?( const restrict volatile DT *, const restrict volatile DT * ),
1680        ?<?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * ),
1681        ?<=?( const restrict volatile DT *, const restrict volatile DT * ),
1682        ?<=?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * ),
1683        ?>?( const restrict volatile DT *, const restrict volatile DT * ),
1684        ?>?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * ),
1685        ?>=?( const restrict volatile DT *, const restrict volatile DT * ),
1686        ?>=?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * );
1687\end{lstlisting}
1688For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1689% Don't use predefined: keep this out of prelude.cf.
1690\begin{lstlisting}
1691int ?<?( X, X ),
1692        ?<=?( X, X ),
1693        ?<?( X, X ),
1694        ?>=?( X, X );
1695\end{lstlisting}
1696
1697\semantics
1698The interpretations of a relational expression are the interpretations of the corresponding function call.
1699
1700
1701\subsection{Equality operators}
1702
1703\begin{syntax}
1704\lhs{equality-expression}
1705\rhs \nonterm{relational-expression}
1706\rhs \nonterm{equality-expression} ©==© \nonterm{relational-expression}
1707\rhs \nonterm{equality-expression} ©!=© \nonterm{relational-expression}
1708\end{syntax}
1709
1710\rewriterules
1711\begin{lstlisting}
1712a == b => ?==?( a, b )§\use{?==?}§
1713a != b => ?!=?( a, b )§\use{?"!=?}§
1714\end{lstlisting}
1715
1716\predefined
1717\begin{lstlisting}
1718int ?==?( int, int ), ?!=?( int, int ),
1719        ?==?( unsigned int, unsigned int ), ?!=?( unsigned int, unsigned int ),
1720        ?==?( long int, long int ), ?!=?( long int, long int ),
1721        ?==?( long unsigned int, long unsigned int ), ?!=?( long unsigned int, long unsigned int ),
1722        ?==?( long long int, long long int ), ?!=?( long long int, long long int ),
1723        ?==?( long long unsigned int, long long unsigned int ), ?!=?( long long unsigned int, long long unsigned int ),
1724        ?==?( float, float ), ?!=?( float, float ),
1725        ?==?( _Complex float, float ), ?!=?( _Complex float, float ),
1726        ?==?( float, _Complex float ), ?!=?( float, _Complex float ),
1727        ?==?( _Complex float, _Complex float ), ?!=?( _Complex float, _Complex float ),
1728        ?==?( double, double ), ?!=?( double, double ),
1729        ?==?( _Complex double, double ), ?!=?( _Complex double, double ),
1730        ?==?( double, _Complex double ), ?!=?( double, _Complex double ),
1731        ?==?( _Complex double, _Complex double ), ?!=?( _Complex double, _Complex double ),
1732        ?==?( long double, long double ), ?!=?( long double, long double ),
1733        ?==?( _Complex long double, long double ), ?!=?( _Complex long double, long double ),
1734        ?==?( long double, _Complex long double ), ?!=?( long double, _Complex long double ),
1735        ?==?( _Complex long double, _Complex long double ), ?!=?( _Complex long double, _Complex long double );
1736forall( dtype DT ) int
1737        ?==?( const restrict volatile DT *, const restrict volatile DT * ),
1738        ?!=?( const restrict volatile DT *, const restrict volatile DT * ),
1739        ?==?( const restrict volatile DT *, const restrict volatile void * ),
1740        ?!=?( const restrict volatile DT *, const restrict volatile void * ),
1741        ?==?( const restrict volatile void *, const restrict volatile DT * ),
1742        ?!=?( const restrict volatile void *, const restrict volatile DT * ),
1743        ?==?( const restrict volatile DT *, forall( dtype DT2) const DT2 * ),
1744        ?!=?( const restrict volatile DT *, forall( dtype DT2) const DT2 * ),
1745        ?==?( forall( dtype DT2) const DT2*, const restrict volatile DT * ),
1746        ?!=?( forall( dtype DT2) const DT2*, const restrict volatile DT * ),
1747        ?==?( forall( dtype DT2) const DT2*, forall( dtype DT3) const DT3 * ),
1748        ?!=?( forall( dtype DT2) const DT2*, forall( dtype DT3) const DT3 * ),
1749
1750        ?==?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * ),
1751        ?!=?( _Atomic const restrict volatile DT *, _Atomic const restrict volatile DT * ),
1752        ?==?( _Atomic const restrict volatile DT *, const restrict volatile void * ),
1753        ?!=?( _Atomic const restrict volatile DT *, const restrict volatile void * ),
1754        ?==?( const restrict volatile void *, _Atomic const restrict volatile DT * ),
1755        ?!=?( const restrict volatile void *, _Atomic const restrict volatile DT * ),
1756        ?==?( _Atomic const restrict volatile DT *, forall( dtype DT2) const DT2 * ),
1757        ?!=?( _Atomic const restrict volatile DT *, forall( dtype DT2) const DT2 * ),
1758        ?==?( forall( dtype DT2) const DT2*, _Atomic const restrict volatile DT * ),
1759        ?!=?( forall( dtype DT2) const DT2*, _Atomic const restrict volatile DT * );
1760forall( ftype FT ) int
1761        ?==?( FT *, FT * ), ?!=?( FT *, FT * ),
1762        ?==?( FT *, forall( ftype FT2) FT2 * ), ?!=?( FT *, forall( ftype FT2) FT2 * ),
1763        ?==?( forall( ftype FT2) FT2*, FT * ), ?!=?( forall( ftype FT2) FT2*, FT * ),
1764        ?==?( forall( ftype FT2) FT2*, forall( ftype FT3) FT3 * ), ?!=?( forall( ftype FT2) FT2*, forall( ftype FT3) FT3 * );
1765\end{lstlisting}
1766For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1767% Don't use predefined: keep this out of prelude.cf.
1768\begin{lstlisting}
1769int ?==?( X, X ),
1770        ?!=?( X, X );
1771\end{lstlisting}
1772
1773\begin{rationale}
1774The polymorphic equality operations come in three styles: comparisons between pointers of compatible types, between pointers to ©void© and pointers to object types or incomplete types, and between the \Index{null pointer} constant and pointers to any type.
1775In the last case, a special constraint rule for null pointer constant operands has been replaced by a consequence of the \CFA type system.
1776\end{rationale}
1777
1778\semantics
1779The interpretations of an equality expression are the interpretations of the corresponding function call.
1780
1781\begin{sloppypar}
1782The result of an equality comparison between two pointers to predefined functions or predefined values is implementation-defined.
1783\end{sloppypar}
1784\begin{rationale}
1785The implementation-defined status of equality comparisons allows implementations to use one library routine to implement many predefined functions.
1786These optimization are particularly important when the predefined functions are polymorphic, as is the case for most pointer operations
1787\end{rationale}
1788
1789
1790\subsection{Bitwise AND operator}
1791
1792\begin{syntax}
1793\lhs{AND-expression}
1794\rhs \nonterm{equality-expression}
1795\rhs \nonterm{AND-expression} ©&© \nonterm{equality-expression}
1796\end{syntax}
1797
1798\rewriterules
1799\begin{lstlisting}
1800a & b => ?&?( a, b )§\use{?&?}§
1801\end{lstlisting}
1802
1803\predefined
1804\begin{lstlisting}
1805int ?&?( int, int );
1806unsigned int ?&?( unsigned int, unsigned int );
1807long int ?&?( long int, long int );
1808long unsigned int ?&?( long unsigned int, long unsigned int );
1809long long int ?&?( long long int, long long int );
1810long long unsigned int ?&?( long long unsigned int, long long unsigned int );
1811\end{lstlisting}
1812For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1813% Don't use predefined: keep this out of prelude.cf.
1814\begin{lstlisting}
1815int ?&?( X, X );
1816\end{lstlisting}
1817
1818\semantics
1819The interpretations of a bitwise AND expression are the interpretations of the corresponding function call.
1820
1821
1822\subsection{Bitwise exclusive OR operator}
1823
1824\begin{syntax}
1825\lhs{exclusive-OR-expression}
1826\rhs \nonterm{AND-expression}
1827\rhs \nonterm{exclusive-OR-expression} ©^© \nonterm{AND-expression}
1828\end{syntax}
1829
1830\rewriterules
1831\begin{lstlisting}
1832a ^ b => ?^?( a, b )§\use{?^?}§
1833\end{lstlisting}
1834
1835\predefined
1836\begin{lstlisting}
1837int ?^?( int, int );
1838unsigned int ?^?( unsigned int, unsigned int );
1839long int ?^?( long int, long int );
1840long unsigned int ?^?( long unsigned int, long unsigned int );
1841long long int ?^?( long long int, long long int );
1842long long unsigned int ?^?( long long unsigned int, long long unsigned int );
1843\end{lstlisting}
1844For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1845% Don't use predefined: keep this out of prelude.cf.
1846\begin{lstlisting}
1847int ?^?( X, X );
1848\end{lstlisting}
1849
1850\semantics
1851The interpretations of a bitwise exclusive OR expression are the interpretations of the corresponding function call.
1852
1853
1854\subsection{Bitwise inclusive OR operator}
1855
1856\begin{syntax}
1857\lhs{inclusive-OR-expression}
1858\rhs \nonterm{exclusive-OR-expression}
1859\rhs \nonterm{inclusive-OR-expression} ©|© \nonterm{exclusive-OR-expression}
1860\end{syntax}
1861
1862\rewriterules
1863\begin{lstlisting}
1864a | b => ?|?( a, b )§\use{?"|?}§
1865\end{lstlisting}
1866
1867\predefined
1868\begin{lstlisting}
1869int ?|?( int, int );
1870unsigned int ?|?( unsigned int, unsigned int );
1871long int ?|?( long int, long int );
1872long unsigned int ?|?( long unsigned int, long unsigned int );
1873long long int ?|?( long long int, long long int );
1874long long unsigned int ?|?( long long unsigned int, long long unsigned int );
1875\end{lstlisting}
1876For every extended integer type ©X© with \Index{integer conversion rank} greater than the rank of ©int© there exist
1877% Don't use predefined: keep this out of prelude.cf.
1878\begin{lstlisting}
1879int ?|?( X, X );
1880\end{lstlisting}
1881
1882\semantics 
1883The interpretations of a bitwise inclusive OR expression are the interpretations of the corresponding function call.
1884
1885
1886\subsection{Logical AND operator}
1887
1888\begin{syntax}
1889\lhs{logical-AND-expression}
1890\rhs \nonterm{inclusive-OR-expression}
1891\rhs \nonterm{logical-AND-expression} ©&&© \nonterm{inclusive-OR-expression}
1892\end{syntax}
1893
1894\semantics The operands of the expression ``©a && b©'' are treated as ``©(int)((a)!=0)©'' and ``©(int)((b)!=0)©'', which shall both be unambiguous.
1895The expression has only one interpretation, which is of type ©int©.
1896\begin{rationale}
1897When the operands of a logical expression are values of built-in types, and ``©!=©'' has not been redefined for those types, the compiler can optimize away the function calls.
1898
1899A common C idiom omits comparisons to ©0© in the controlling expressions of loops and ©if© statements.
1900For instance, the loop below iterates as long as ©rp© points at a ©Rational© value that is non-zero.
1901
1902\begin{lstlisting}
1903extern otype Rational;§\use{Rational}§
1904extern const Rational 0;§\use{0}§
1905extern int ?!=?( Rational, Rational );
1906Rational *rp;
1907while ( rp && *rp ) { ... }
1908\end{lstlisting}
1909The logical expression calls the ©Rational© inequality operator, passing it ©*rp© and the ©Rational 0©, and getting a 1 or 0 as a result.
1910In contrast, {\CC} would apply a programmer-defined ©Rational©-to-©int© conversion to ©*rp© in the equivalent situation.
1911The conversion to ©int© would produce a general integer value, which is unfortunate, and possibly dangerous if the conversion was not written with this situation in mind.
1912\end{rationale}
1913
1914
1915\subsection{Logical OR operator}
1916
1917\begin{syntax}
1918\lhs{logical-OR-expression}
1919\rhs \nonterm{logical-AND-expression}
1920\rhs \nonterm{logical-OR-expression} ©||© \nonterm{logical-AND-expression}
1921\end{syntax}
1922
1923\semantics
1924
1925The operands of the expression ``©a || b©'' are treated as ``©(int)((a)!=0)©'' and ``©(int)((b))!=0)©'', which shall both be unambiguous.
1926The expression has only one interpretation, which is of type ©int©.
1927
1928
1929\subsection{Conditional operator}
1930
1931\begin{syntax}
1932\lhs{conditional-expression}
1933\rhs \nonterm{logical-OR-expression}
1934\rhs \nonterm{logical-OR-expression} ©?© \nonterm{expression}
1935         ©:© \nonterm{conditional-expression}
1936\end{syntax}
1937
1938\semantics
1939In the conditional expression\use{?:} ``©a?b:c©'', if the second and third operands both have an interpretation with ©void© type, then the expression has an interpretation with type ©void©, equivalent to
1940\begin{lstlisting}
1941( int)(( a)!=0) ? ( void)( b) : ( void)( c)
1942\end{lstlisting}
1943
1944If the second and third operands both have interpretations with non-©void© types, the expression is treated as if it were the call ``©cond((a)!=0, b, c)©'', with ©cond© declared as
1945\begin{lstlisting}
1946forall( otype T ) T cond( int, T, T );
1947forall( dtype D ) void * cond( int, D *, void * ), * cond( int, void *, D * );
1948forall( dtype D ) _atomic void * cond(
1949        int, _Atomic D *, _Atomic void * ), * cond( int, _Atomic void *, _Atomic D * );
1950forall( dtype D ) const void * cond(
1951        int, const D *, const void * ), * cond( int, const void *, const D * );
1952forall( dtype D ) restrict void * cond(
1953        int, restrict D *, restrict void * ), * cond( int, restrict void *, restrict D * );
1954forall( dtype D ) volatile void * cond(
1955        int, volatile D *, volatile void * ), * cond( int, volatile void *, volatile D * );
1956forall( dtype D ) _Atomic const void * cond(
1957        int, _Atomic const D *, _Atomic const void * ), * cond( int, _Atomic const void *, _Atomic const D * );
1958forall( dtype D ) _Atomic restrict void * cond(
1959        int, _Atomic restrict D *, _Atomic restrict void * ), * cond( int, _Atomic restrict void *, _Atomic restrict D * );
1960forall( dtype D ) _Atomic volatile void * cond(
1961        int, _Atomic volatile D *, _Atomic volatile void * ), * cond( int, _Atomic volatile void *, _Atomic volatile D * );
1962forall( dtype D ) const restrict void * cond(
1963        int, const restrict D *, const restrict void * ), * cond( int, const restrict void *, const restrict D * );
1964forall( dtype D ) const volatile void * cond(
1965        int, const volatile D *, const volatile void * ), * cond( int, const volatile void *, const volatile D * );
1966forall( dtype D ) restrict volatile void * cond(
1967        int, restrict volatile D *, restrict volatile void * ), * cond( int, restrict volatile void *, restrict volatile D * );
1968forall( dtype D ) _Atomic const restrict void * cond(
1969        int, _Atomic const restrict D *, _Atomic const restrict void * ),
1970        * cond( int, _Atomic const restrict void *, _Atomic const restrict D * );
1971forall( dtype D ) _Atomic const volatile void * cond(
1972        int, _Atomic const volatile D *, _Atomic const volatile void * ),
1973        * cond( int, _Atomic const volatile void *, _Atomic const volatile D * );
1974forall( dtype D ) _Atomic restrict volatile void * cond(
1975        int, _Atomic restrict volatile D *, _Atomic restrict volatile void * ),
1976        * cond( int, _Atomic restrict volatile void *, _Atomic restrict volatile D * );
1977forall( dtype D ) const restrict volatile void * cond(
1978        int, const restrict volatile D *, const restrict volatile void * ),
1979        * cond( int, const restrict volatile void *, const restrict volatile D * );
1980forall( dtype D ) _Atomic const restrict volatile void * cond(
1981        int, _Atomic const restrict volatile D *, _Atomic const restrict volatile void * ),
1982        * cond( int, _Atomic const restrict volatile void *, _Atomic const restrict volatile D * );
1983\end{lstlisting}
1984
1985\begin{rationale}
1986The object of the above is to apply the \Index{usual arithmetic conversion}s when the second and third operands have arithmetic type, and to combine the qualifiers of the second and third operands if they are pointers.
1987\end{rationale}
1988
1989\examples
1990\begin{lstlisting}
1991#include <stdlib.h>
1992int i;
1993long l;
1994rand() ? i : l;
1995\end{lstlisting}
1996The best interpretation infers the expression's type to be ©long© and applies the safe ©int©-to-©long© conversion to ©i©.
1997
1998\begin{lstlisting}
1999const int *cip;
2000volatile int *vip;
2001rand() ? cip : vip;
2002\end{lstlisting}
2003The expression has type ©const volatile int *©, with safe conversions applied to the second and third operands to add ©volatile© and ©const© qualifiers, respectively.
2004
2005\begin{lstlisting}
2006rand() ? cip : 0;
2007\end{lstlisting}
2008The expression has type ©const int *©, with a specialization conversion applied to ©0©.
2009
2010
2011\subsection{Assignment operators}
2012
2013\begin{syntax}
2014\lhs{assignment-expression}
2015\rhs \nonterm{conditional-expression}
2016\rhs \nonterm{unary-expression} \nonterm{assignment-operator}
2017         \nonterm{assignment-expression}
2018\lhs{assignment-operator} one of
2019\rhs ©=©\ \ ©*=©\ \ ©/=©\ \ ©%=©\ \ ©+=©\ \ ©-=©\ \ ©<<=©\ \ ©>>=©\ \ ©&=©\ \ ©^=©\ \ ©|=©
2020\end{syntax}
2021
2022\rewriterules
2023Let ``©<-©'' be any of the assignment operators.
2024Then
2025\use{?=?}\use{?*=?}\use{?/=?}\use{?%=?}\use{?+=?}\use{?-=?}\use{?>>=?}\use{?&=?}\use{?^=?}\use{?"|=?}%use{?<<=?}
2026\begin{lstlisting}
2027a <- b => ?<-?( &( a ), b )
2028\end{lstlisting}
2029
2030\semantics
2031Each interpretation of the left operand of an assignment expression is considered separately.
2032For each interpretation that is a bit-field or is declared with the ©register© storage class specifier, the expression has one valid interpretation, with the type of the left operand.
2033The right operand is cast to that type, and the assignment expression is ambiguous if either operand is.
2034For the remaining interpretations, the expression is rewritten, and the interpretations of the assignment expression are the interpretations of the corresponding function call.
2035Finally, all interpretations of the expression produced for the different interpretations of the left operand are combined to produce the interpretations of the expression as a whole;
2036where interpretations have compatible result types, the best interpretations are selected in the manner described for function call expressions.
2037
2038
2039\subsubsection{Simple assignment}
2040
2041\predefined
2042\begin{lstlisting}
2043_Bool
2044        ?=?( volatile _Bool *, _Bool ),
2045        ?=?( volatile _Bool *, forall( dtype D ) D * ),
2046        ?=?( volatile _Bool *, forall( ftype F ) F * ),
2047        ?=?( _Atomic volatile _Bool *, _Bool ),
2048        ?=?( _Atomic volatile _Bool *, forall( dtype D ) D * ),
2049        ?=?( _Atomic volatile _Bool *, forall( ftype F ) F * );
2050char
2051        ?=?( volatile char *, char ),
2052        ?=?( _Atomic volatile char *, char );
2053unsigned char
2054        ?=?( volatile unsigned char *, unsigned char ),
2055        ?=?( _Atomic volatile unsigned char *, unsigned char );
2056signed char
2057        ?=?( volatile signed char *, signed char ),
2058        ?=?( _Atomic volatile signed char *, signed char );
2059short int
2060        ?=?( volatile short int *, short int ),
2061        ?=?( _Atomic volatile short int *, short int );
2062unsigned short
2063        ?=?( volatile unsigned int *, unsigned int ),
2064        ?=?( _Atomic volatile unsigned int *, unsigned int );
2065int
2066        ?=?( volatile int *, int ),
2067        ?=?( _Atomic volatile int *, int );
2068unsigned int
2069        ?=?( volatile unsigned int *, unsigned int ),
2070        ?=?( _Atomic volatile unsigned int *, unsigned int );
2071long int
2072        ?=?( volatile long int *, long int ),
2073        ?=?( _Atomic volatile long int *, long int );
2074unsigned long int
2075        ?=?( volatile unsigned long int *, unsigned long int ),
2076        ?=?( _Atomic volatile unsigned long int *, unsigned long int );
2077long long int
2078        ?=?( volatile long long int *, long long int ),
2079        ?=?( _Atomic volatile long long int *, long long int );
2080unsigned long long int
2081        ?=?( volatile unsigned long long int *, unsigned long long int ),
2082        ?=?( _Atomic volatile unsigned long long int *, unsigned long long int );
2083float
2084        ?=?( volatile float *, float ),
2085        ?=?( _Atomic volatile float *, float );
2086double
2087        ?=?( volatile double *, double ),
2088        ?=?( _Atomic volatile double *, double );
2089long double
2090        ?=?( volatile long double *, long double ),
2091        ?=?( _Atomic volatile long double *, long double );
2092_Complex float
2093        ?=?( volatile float *, float ),
2094        ?=?( _Atomic volatile float *, float );
2095_Complex double
2096        ?=?( volatile double *, double ),
2097        ?=?( _Atomic volatile double *, double );
2098_Complex long double
2099        ?=?( volatile _Complex long double *, _Complex long double ),
2100        ?=?( _Atomic volatile _Complex long double *, _Atomic _Complex long double );
2101forall( ftype FT ) FT
2102        * ?=?( FT * volatile *, FT * ),
2103        * ?=?( FT * volatile *, forall( ftype F ) F * );
2104forall( ftype FT ) FT const
2105        * ?=?( FT const * volatile *, FT const * ),
2106        * ?=?( FT const * volatile *, forall( ftype F ) F * );
2107forall( ftype FT ) FT volatile
2108        * ?=?( FT volatile * volatile *, FT * ),
2109        * ?=?( FT volatile * volatile *, forall( ftype F ) F * );
2110forall( ftype FT ) FT const
2111        * ?=?( FT const volatile * volatile *, FT const * ),
2112        * ?=?( FT const volatile * volatile *, forall( ftype F ) F * );
2113forall( dtype DT ) DT
2114        * ?=?( DT * restrict volatile *, DT * ),
2115        * ?=?( DT * restrict volatile *, void * ),
2116        * ?=?( DT * restrict volatile *, forall( dtype D ) D * ),
2117        * ?=?( DT * _Atomic restrict volatile *, DT * ),
2118        * ?=?( DT * _Atomic restrict volatile *, void * ),
2119        * ?=?( DT * _Atomic restrict volatile *, forall( dtype D ) D * );
2120forall( dtype DT ) DT _Atomic
2121        * ?=?( _Atomic DT * restrict volatile *, DT _Atomic * ),
2122        * ?=?( _Atomic DT * restrict volatile *, void * ),
2123        * ?=?( _Atomic DT * restrict volatile *, forall( dtype D ) D * ),
2124        * ?=?( _Atomic DT * _Atomic restrict volatile *, DT _Atomic * ),
2125        * ?=?( _Atomic DT * _Atomic restrict volatile *, void * ),
2126        * ?=?( _Atomic DT * _Atomic restrict volatile *, forall( dtype D ) D * );
2127forall( dtype DT ) DT const
2128        * ?=?( DT const * restrict volatile *, DT const * ),
2129        * ?=?( DT const * restrict volatile *, void const * ),
2130        * ?=?( DT const * restrict volatile *, forall( dtype D ) D * ),
2131        * ?=?( DT const * _Atomic restrict volatile *, DT const * ),
2132        * ?=?( DT const * _Atomic restrict volatile *, void const * ),
2133        * ?=?( DT const * _Atomic restrict volatile *, forall( dtype D ) D * );
2134forall( dtype DT ) DT restrict
2135        * ?=?( restrict DT * restrict volatile *, DT restrict * ),
2136        * ?=?( restrict DT * restrict volatile *, void * ),
2137        * ?=?( restrict DT * restrict volatile *, forall( dtype D ) D * ),
2138        * ?=?( restrict DT * _Atomic restrict volatile *, DT restrict * ),
2139        * ?=?( restrict DT * _Atomic restrict volatile *, void * ),
2140        * ?=?( restrict DT * _Atomic restrict volatile *, forall( dtype D ) D * );
2141forall( dtype DT ) DT volatile
2142        * ?=?( DT volatile * restrict volatile *, DT volatile * ),
2143        * ?=?( DT volatile * restrict volatile *, void volatile * ),
2144        * ?=?( DT volatile * restrict volatile *, forall( dtype D ) D * ),
2145        * ?=?( DT volatile * _Atomic restrict volatile *, DT volatile * ),
2146        * ?=?( DT volatile * _Atomic restrict volatile *, void volatile * ),
2147        * ?=?( DT volatile * _Atomic restrict volatile *, forall( dtype D ) D * );
2148forall( dtype DT ) DT _Atomic const
2149        * ?=?( DT _Atomic const * restrict volatile *, DT _Atomic const * ),
2150        * ?=?( DT _Atomic const * restrict volatile *, void const * ),
2151        * ?=?( DT _Atomic const * restrict volatile *, forall( dtype D ) D * ),
2152        * ?=?( DT _Atomic const * _Atomic restrict volatile *, DT _Atomic const * ),
2153        * ?=?( DT _Atomic const * _Atomic restrict volatile *, void const * ),
2154        * ?=?( DT _Atomic const * _Atomic restrict volatile *, forall( dtype D ) D * );
2155forall( dtype DT ) DT _Atomic restrict
2156        * ?=?( _Atomic restrict DT * restrict volatile *, DT _Atomic restrict * ),
2157        * ?=?( _Atomic restrict DT * restrict volatile *, void * ),
2158        * ?=?( _Atomic restrict DT * restrict volatile *, forall( dtype D ) D * ),
2159        * ?=?( _Atomic restrict DT * _Atomic restrict volatile *, DT _Atomic restrict * ),
2160        * ?=?( _Atomic restrict DT * _Atomic restrict volatile *, void * ),
2161        * ?=?( _Atomic restrict DT * _Atomic restrict volatile *, forall( dtype D ) D * );
2162forall( dtype DT ) DT _Atomic volatile
2163        * ?=?( DT _Atomic volatile * restrict volatile *, DT _Atomic volatile * ),
2164        * ?=?( DT _Atomic volatile * restrict volatile *, void volatile * ),
2165        * ?=?( DT _Atomic volatile * restrict volatile *, forall( dtype D ) D * ),
2166        * ?=?( DT _Atomic volatile * _Atomic restrict volatile *, DT _Atomic volatile * ),
2167        * ?=?( DT _Atomic volatile * _Atomic restrict volatile *, void volatile * ),
2168        * ?=?( DT _Atomic volatile * _Atomic restrict volatile *, forall( dtype D ) D * );
2169forall( dtype DT ) DT const restrict
2170        * ?=?( DT const restrict * restrict volatile *, DT const restrict * ),
2171        * ?=?( DT const restrict * restrict volatile *, void const * ),
2172        * ?=?( DT const restrict * restrict volatile *, forall( dtype D ) D * ),
2173        * ?=?( DT const restrict * _Atomic restrict volatile *, DT const restrict * ),
2174        * ?=?( DT const restrict * _Atomic restrict volatile *, void const * ),
2175        * ?=?( DT const restrict * _Atomic restrict volatile *, forall( dtype D ) D * );
2176forall( dtype DT ) DT const volatile
2177        * ?=?( DT const volatile * restrict volatile *, DT const volatile * ),
2178        * ?=?( DT const volatile * restrict volatile *, void const volatile * ),
2179        * ?=?( DT const volatile * restrict volatile *, forall( dtype D ) D * ),
2180        * ?=?( DT const volatile * _Atomic restrict volatile *, DT const volatile * ),
2181        * ?=?( DT const volatile * _Atomic restrict volatile *, void const volatile * ),
2182        * ?=?( DT const volatile * _Atomic restrict volatile *, forall( dtype D ) D * );
2183forall( dtype DT ) DT restrict volatile
2184        * ?=?( DT restrict volatile * restrict volatile *, DT restrict volatile * ),
2185        * ?=?( DT restrict volatile * restrict volatile *, void volatile * ),
2186        * ?=?( DT restrict volatile * restrict volatile *, forall( dtype D ) D * ),
2187        * ?=?( DT restrict volatile * _Atomic restrict volatile *, DT restrict volatile * ),
2188        * ?=?( DT restrict volatile * _Atomic restrict volatile *, void volatile * ),
2189        * ?=?( DT restrict volatile * _Atomic restrict volatile *, forall( dtype D ) D * );
2190forall( dtype DT ) DT _Atomic const restrict
2191        * ?=?( DT _Atomic const restrict * restrict volatile *,
2192         DT _Atomic const restrict * ),
2193        * ?=?( DT _Atomic const restrict * restrict volatile *,
2194         void const * ),
2195        * ?=?( DT _Atomic const restrict * restrict volatile *,
2196         forall( dtype D ) D * ),
2197        * ?=?( DT _Atomic const restrict * _Atomic restrict volatile *,
2198         DT _Atomic const restrict * ),
2199        * ?=?( DT _Atomic const restrict * _Atomic restrict volatile *,
2200         void const * ),
2201        * ?=?( DT _Atomic const restrict * _Atomic restrict volatile *,
2202         forall( dtype D ) D * );
2203forall( dtype DT ) DT _Atomic const volatile
2204        * ?=?( DT _Atomic const volatile * restrict volatile *,
2205         DT _Atomic const volatile * ),
2206        * ?=?( DT _Atomic const volatile * restrict volatile *,
2207         void const volatile * ),
2208        * ?=?( DT _Atomic const volatile * restrict volatile *,
2209         forall( dtype D ) D * ),
2210        * ?=?( DT _Atomic const volatile * _Atomic restrict volatile *,
2211         DT _Atomic const volatile * ),
2212        * ?=?( DT _Atomic const volatile * _Atomic restrict volatile *,
2213         void const volatile * ),
2214        * ?=?( DT _Atomic const volatile * _Atomic restrict volatile *,
2215         forall( dtype D ) D * );
2216forall( dtype DT ) DT _Atomic restrict volatile
2217        * ?=?( DT _Atomic restrict volatile * restrict volatile *,
2218         DT _Atomic restrict volatile * ),
2219        * ?=?( DT _Atomic restrict volatile * restrict volatile *,
2220         void volatile * ),
2221        * ?=?( DT _Atomic restrict volatile * restrict volatile *,
2222         forall( dtype D ) D * ),
2223        * ?=?( DT _Atomic restrict volatile * _Atomic restrict volatile *,
2224         DT _Atomic restrict volatile * ),
2225        * ?=?( DT _Atomic restrict volatile * _Atomic restrict volatile *,
2226         void volatile * ),
2227        * ?=?( DT _Atomic restrict volatile * _Atomic restrict volatile *,
2228         forall( dtype D ) D * );
2229forall( dtype DT ) DT const restrict volatile
2230        * ?=?( DT const restrict volatile * restrict volatile *,
2231         DT const restrict volatile * ),
2232        * ?=?( DT const restrict volatile * restrict volatile *,
2233         void const volatile * ),
2234        * ?=?( DT const restrict volatile * restrict volatile *,
2235         forall( dtype D ) D * ),
2236        * ?=?( DT const restrict volatile * _Atomic restrict volatile *,
2237         DT const restrict volatile * ),
2238        * ?=?( DT const restrict volatile * _Atomic restrict volatile *,
2239         void const volatile * ),
2240        * ?=?( DT const restrict volatile * _Atomic restrict volatile *,
2241         forall( dtype D ) D * );
2242forall( dtype DT ) DT _Atomic const restrict volatile
2243        * ?=?( DT _Atomic const restrict volatile * restrict volatile *,
2244         DT _Atomic const restrict volatile * ),
2245        * ?=?( DT _Atomic const restrict volatile * restrict volatile *,
2246         void const volatile * ),
2247        * ?=?( DT _Atomic const restrict volatile * restrict volatile *,
2248         forall( dtype D ) D * ),
2249        * ?=?( DT _Atomic const restrict volatile * _Atomic restrict volatile *,
2250         DT _Atomic const restrict volatile * ),
2251        * ?=?( DT _Atomic const restrict volatile * _Atomic restrict volatile *,
2252         void const volatile * ),
2253        * ?=?( DT _Atomic const restrict volatile * _Atomic restrict volatile *,
2254         forall( dtype D ) D * );
2255forall( dtype DT ) void
2256        * ?=?( void * restrict volatile *, DT * );
2257forall( dtype DT ) void const
2258        * ?=?( void const * restrict volatile *, DT const * );
2259forall( dtype DT ) void volatile
2260        * ?=?( void volatile * restrict volatile *, DT volatile * );
2261forall( dtype DT ) void const volatile
2262        * ?=?( void const volatile * restrict volatile *, DT const volatile * );
2263\end{lstlisting}
2264\begin{rationale}
2265The pattern of overloadings for simple assignment resembles that of pointer increment and decrement, except that the polymorphic pointer assignment functions declare a ©dtype© parameter, instead of a ©type© parameter, because the left operand may be a pointer to an incomplete type.
2266\end{rationale}
2267
2268For every complete structure or union type ©S© there exist
2269% Don't use predefined: keep this out of prelude.cf.
2270\begin{lstlisting}
2271S ?=?( S volatile *, S ), ?=?( S _Atomic volatile *, S );
2272\end{lstlisting}
2273
2274For every extended integer type ©X© there exist
2275% Don't use predefined: keep this out of prelude.cf.
2276\begin{lstlisting}
2277X ?=?( X volatile *, X ), ?=?( X _Atomic volatile *, X );
2278\end{lstlisting}
2279
2280For every complete enumerated type ©E© there exist
2281% Don't use predefined: keep this out of prelude.cf.
2282\begin{lstlisting}
2283E ?=?( E volatile *, int ), ?=?( E _Atomic volatile *, int );
2284\end{lstlisting}
2285\begin{rationale}
2286The right-hand argument is ©int© because enumeration constants have type ©int©.
2287\end{rationale}
2288
2289\semantics
2290The structure assignment functions provide member-wise assignment;
2291each non-array member and each element of each array member of the right argument is assigned to the corresponding member or element of the left argument using the assignment function defined for its type.
2292All other assignment functions have the same effect as the corresponding C assignment expression.
2293\begin{rationale}
2294Note that, by default, union assignment\index{deficiencies!union assignment} uses C semantics---that is, bitwise copy---even if some of the union members have programmer-defined assignment functions.
2295\end{rationale}
2296
2297
2298\subsubsection{Compound assignment}
2299
2300\predefined
2301\begin{lstlisting}
2302forall( otype T ) T
2303        * ?+=?( T * restrict volatile *, ptrdiff_t ),
2304        * ?-=?( T * restrict volatile *, ptrdiff_t ),
2305        * ?+=?( T * _Atomic restrict volatile *, ptrdiff_t ),
2306        * ?-=?( T * _Atomic restrict volatile *, ptrdiff_t );
2307forall( otype T ) T _Atomic
2308        * ?+=?( T _Atomic * restrict volatile *, ptrdiff_t ),
2309        * ?-=?( T _Atomic * restrict volatile *, ptrdiff_t ),
2310        * ?+=?( T _Atomic * _Atomic restrict volatile *, ptrdiff_t ),
2311        * ?-=?( T _Atomic * _Atomic restrict volatile *, ptrdiff_t );
2312forall( otype T ) T const
2313        * ?+=?( T const * restrict volatile *, ptrdiff_t ),
2314        * ?-=?( T const * restrict volatile *, ptrdiff_t ),
2315        * ?+=?( T const * _Atomic restrict volatile *, ptrdiff_t ),
2316        * ?-=?( T const * _Atomic restrict volatile *, ptrdiff_t );
2317forall( otype T ) T restrict
2318        * ?+=?( T restrict * restrict volatile *, ptrdiff_t ),
2319        * ?-=?( T restrict * restrict volatile *, ptrdiff_t ),
2320        * ?+=?( T restrict * _Atomic restrict volatile *, ptrdiff_t ),
2321        * ?-=?( T restrict * _Atomic restrict volatile *, ptrdiff_t );
2322forall( otype T ) T volatile
2323        * ?+=?( T volatile * restrict volatile *, ptrdiff_t ),
2324        * ?-=?( T volatile * restrict volatile *, ptrdiff_t ),
2325        * ?+=?( T volatile * _Atomic restrict volatile *, ptrdiff_t ),
2326        * ?-=?( T volatile * _Atomic restrict volatile *, ptrdiff_t );
2327forall( otype T ) T _Atomic const
2328        * ?+=?( T _Atomic const restrict volatile *, ptrdiff_t ),
2329        * ?-=?( T _Atomic const restrict volatile *, ptrdiff_t ),
2330        * ?+=?( T _Atomic const _Atomic restrict volatile *, ptrdiff_t ),
2331        * ?-=?( T _Atomic const _Atomic restrict volatile *, ptrdiff_t );
2332forall( otype T ) T _Atomic restrict
2333        * ?+=?( T _Atomic restrict * restrict volatile *, ptrdiff_t ),
2334        * ?-=?( T _Atomic restrict * restrict volatile *, ptrdiff_t ),
2335        * ?+=?( T _Atomic restrict * _Atomic restrict volatile *, ptrdiff_t ),
2336        * ?-=?( T _Atomic restrict * _Atomic restrict volatile *, ptrdiff_t );
2337forall( otype T ) T _Atomic volatile
2338        * ?+=?( T _Atomic volatile * restrict volatile *, ptrdiff_t ),
2339        * ?-=?( T _Atomic volatile * restrict volatile *, ptrdiff_t ),
2340        * ?+=?( T _Atomic volatile * _Atomic restrict volatile *, ptrdiff_t ),
2341        * ?-=?( T _Atomic volatile * _Atomic restrict volatile *, ptrdiff_t );
2342forall( otype T ) T const restrict
2343        * ?+=?( T const restrict * restrict volatile *, ptrdiff_t ),
2344        * ?-=?( T const restrict * restrict volatile *, ptrdiff_t ),
2345        * ?+=?( T const restrict * _Atomic restrict volatile *, ptrdiff_t ),
2346        * ?-=?( T const restrict * _Atomic restrict volatile *, ptrdiff_t );
2347forall( otype T ) T const volatile
2348        * ?+=?( T const volatile * restrict volatile *, ptrdiff_t ),
2349        * ?-=?( T const volatile * restrict volatile *, ptrdiff_t ),
2350        * ?+=?( T const volatile * _Atomic restrict volatile *, ptrdiff_t ),
2351        * ?-=?( T const volatile * _Atomic restrict volatile *, ptrdiff_t );
2352forall( otype T ) T restrict volatile
2353        * ?+=?( T restrict volatile * restrict volatile *, ptrdiff_t ),
2354        * ?-=?( T restrict volatile * restrict volatile *, ptrdiff_t ),
2355        * ?+=?( T restrict volatile * _Atomic restrict volatile *, ptrdiff_t ),
2356        * ?-=?( T restrict volatile * _Atomic restrict volatile *, ptrdiff_t );
2357forall( otype T ) T _Atomic const restrict
2358        * ?+=?( T _Atomic const restrict * restrict volatile *, ptrdiff_t ),
2359        * ?-=?( T _Atomic const restrict * restrict volatile *, ptrdiff_t ),
2360        * ?+=?( T _Atomic const restrict * _Atomic restrict volatile *, ptrdiff_t ),
2361        * ?-=?( T _Atomic const restrict * _Atomic restrict volatile *, ptrdiff_t );
2362forall( otype T ) T _Atomic const volatile
2363        * ?+=?( T _Atomic const volatile * restrict volatile *, ptrdiff_t ),
2364        * ?-=?( T _Atomic const volatile * restrict volatile *, ptrdiff_t ),
2365        * ?+=?( T _Atomic const volatile * _Atomic restrict volatile *, ptrdiff_t ),
2366        * ?-=?( T _Atomic const volatile * _Atomic restrict volatile *, ptrdiff_t );
2367forall( otype T ) T _Atomic restrict volatile
2368        * ?+=?( T _Atomic restrict volatile * restrict volatile *, ptrdiff_t ),
2369        * ?-=?( T _Atomic restrict volatile * restrict volatile *, ptrdiff_t ),
2370        * ?+=?( T _Atomic restrict volatile * _Atomic restrict volatile *, ptrdiff_t ),
2371        * ?-=?( T _Atomic restrict volatile * _Atomic restrict volatile *, ptrdiff_t );
2372forall( otype T ) T const restrict volatile
2373        * ?+=?( T const restrict volatile * restrict volatile *, ptrdiff_t ),
2374        * ?-=?( T const restrict volatile * restrict volatile *, ptrdiff_t ),
2375        * ?+=?( T const restrict volatile * _Atomic restrict volatile *, ptrdiff_t ),
2376        * ?-=?( T const restrict volatile * _Atomic restrict volatile *, ptrdiff_t );
2377forall( otype T ) T _Atomic const restrict volatile
2378        * ?+=?( T _Atomic const restrict volatile * restrict volatile *, ptrdiff_t ),
2379        * ?-=?( T _Atomic const restrict volatile * restrict volatile *, ptrdiff_t ),
2380        * ?+=?( T _Atomic const restrict volatile * _Atomic restrict volatile *, ptrdiff_t ),
2381        * ?-=?( T _Atomic const restrict volatile * _Atomic restrict volatile *, ptrdiff_t );
2382
2383_Bool
2384        ?*=?( _Bool volatile *, _Bool ),
2385        ?/=?( _Bool volatile *, _Bool ),
2386        ?+=?( _Bool volatile *, _Bool ),
2387        ?-=?( _Bool volatile *, _Bool ),
2388        ?%=?( _Bool volatile *, _Bool ),
2389        ?<<=?( _Bool volatile *, int ),
2390        ?>>=?( _Bool volatile *, int ),
2391        ?&=?( _Bool volatile *, _Bool ),
2392        ?^=?( _Bool volatile *, _Bool ),
2393        ?|=?( _Bool volatile *, _Bool );
2394char
2395        ?*=?( char volatile *, char ),
2396        ?/=?( char volatile *, char ),
2397        ?+=?( char volatile *, char ),
2398        ?-=?( char volatile *, char ),
2399        ?%=?( char volatile *, char ),
2400        ?<<=?( char volatile *, int ),
2401        ?>>=?( char volatile *, int ),
2402        ?&=?( char volatile *, char ),
2403        ?^=?( char volatile *, char ),
2404        ?|=?( char volatile *, char );
2405unsigned char
2406        ?*=?( unsigned char volatile *, unsigned char ),
2407        ?/=?( unsigned char volatile *, unsigned char ),
2408        ?+=?( unsigned char volatile *, unsigned char ),
2409        ?-=?( unsigned char volatile *, unsigned char ),
2410        ?%=?( unsigned char volatile *, unsigned char ),
2411        ?<<=?( unsigned char volatile *, int ),
2412        ?>>=?( unsigned char volatile *, int ),
2413        ?&=?( unsigned char volatile *, unsigned char ),
2414        ?^=?( unsigned char volatile *, unsigned char ),
2415        ?|=?( unsigned char volatile *, unsigned char );
2416signed char
2417        ?*=?( signed char volatile *, signed char ),
2418        ?/=?( signed char volatile *, signed char ),
2419        ?+=?( signed char volatile *, signed char ),
2420        ?-=?( signed char volatile *, signed char ),
2421        ?%=?( signed char volatile *, signed char ),
2422        ?<<=?( signed char volatile *, int ),
2423        ?>>=?( signed char volatile *, int ),
2424        ?&=?( signed char volatile *, signed char ),
2425        ?^=?( signed char volatile *, signed char ),
2426        ?|=?( signed char volatile *, signed char );
2427short int
2428        ?*=?( short int volatile *, short int ),
2429        ?/=?( short int volatile *, short int ),
2430        ?+=?( short int volatile *, short int ),
2431        ?-=?( short int volatile *, short int ),
2432        ?%=?( short int volatile *, short int ),
2433        ?<<=?( short int volatile *, int ),
2434        ?>>=?( short int volatile *, int ),
2435        ?&=?( short int volatile *, short int ),
2436        ?^=?( short int volatile *, short int ),
2437        ?|=?( short int volatile *, short int );
2438unsigned short int
2439        ?*=?( unsigned short int volatile *, unsigned short int ),
2440        ?/=?( unsigned short int volatile *, unsigned short int ),
2441        ?+=?( unsigned short int volatile *, unsigned short int ),
2442        ?-=?( unsigned short int volatile *, unsigned short int ),
2443        ?%=?( unsigned short int volatile *, unsigned short int ),
2444        ?<<=?( unsigned short int volatile *, int ),
2445        ?>>=?( unsigned short int volatile *, int ),
2446        ?&=?( unsigned short int volatile *, unsigned short int ),
2447        ?^=?( unsigned short int volatile *, unsigned short int ),
2448        ?|=?( unsigned short int volatile *, unsigned short int );
2449int
2450        ?*=?( int volatile *, int ),
2451        ?/=?( int volatile *, int ),
2452        ?+=?( int volatile *, int ),
2453        ?-=?( int volatile *, int ),
2454        ?%=?( int volatile *, int ),
2455        ?<<=?( int volatile *, int ),
2456        ?>>=?( int volatile *, int ),
2457        ?&=?( int volatile *, int ),
2458        ?^=?( int volatile *, int ),
2459        ?|=?( int volatile *, int );
2460unsigned int
2461        ?*=?( unsigned int volatile *, unsigned int ),
2462        ?/=?( unsigned int volatile *, unsigned int ),
2463        ?+=?( unsigned int volatile *, unsigned int ),
2464        ?-=?( unsigned int volatile *, unsigned int ),
2465        ?%=?( unsigned int volatile *, unsigned int ),
2466        ?<<=?( unsigned int volatile *, int ),
2467        ?>>=?( unsigned int volatile *, int ),
2468        ?&=?( unsigned int volatile *, unsigned int ),
2469        ?^=?( unsigned int volatile *, unsigned int ),
2470        ?|=?( unsigned int volatile *, unsigned int );
2471long int
2472        ?*=?( long int volatile *, long int ),
2473        ?/=?( long int volatile *, long int ),
2474        ?+=?( long int volatile *, long int ),
2475        ?-=?( long int volatile *, long int ),
2476        ?%=?( long int volatile *, long int ),
2477        ?<<=?( long int volatile *, int ),
2478        ?>>=?( long int volatile *, int ),
2479        ?&=?( long int volatile *, long int ),
2480        ?^=?( long int volatile *, long int ),
2481        ?|=?( long int volatile *, long int );
2482unsigned long int
2483        ?*=?( unsigned long int volatile *, unsigned long int ),
2484        ?/=?( unsigned long int volatile *, unsigned long int ),
2485        ?+=?( unsigned long int volatile *, unsigned long int ),
2486        ?-=?( unsigned long int volatile *, unsigned long int ),
2487        ?%=?( unsigned long int volatile *, unsigned long int ),
2488        ?<<=?( unsigned long int volatile *, int ),
2489        ?>>=?( unsigned long int volatile *, int ),
2490        ?&=?( unsigned long int volatile *, unsigned long int ),
2491        ?^=?( unsigned long int volatile *, unsigned long int ),
2492        ?|=?( unsigned long int volatile *, unsigned long int );
2493long long int
2494        ?*=?( long long int volatile *, long long int ),
2495        ?/=?( long long int volatile *, long long int ),
2496        ?+=?( long long int volatile *, long long int ),
2497        ?-=?( long long int volatile *, long long int ),
2498        ?%=?( long long int volatile *, long long int ),
2499        ?<<=?( long long int volatile *, int ),
2500        ?>>=?( long long int volatile *, int ),
2501        ?&=?( long long int volatile *, long long int ),
2502        ?^=?( long long int volatile *, long long int ),
2503        ?|=?( long long int volatile *, long long int );
2504unsigned long long int
2505        ?*=?( unsigned long long int volatile *, unsigned long long int ),
2506        ?/=?( unsigned long long int volatile *, unsigned long long int ),
2507        ?+=?( unsigned long long int volatile *, unsigned long long int ),
2508        ?-=?( unsigned long long int volatile *, unsigned long long int ),
2509        ?%=?( unsigned long long int volatile *, unsigned long long int ),
2510        ?<<=?( unsigned long long int volatile *, int ),
2511        ?>>=?( unsigned long long int volatile *, int ),
2512        ?&=?( unsigned long long int volatile *, unsigned long long int ),
2513        ?^=?( unsigned long long int volatile *, unsigned long long int ),
2514        ?|=?( unsigned long long int volatile *, unsigned long long int );
2515float
2516        ?*=?( float volatile *, float ),
2517        ?/=?( float volatile *, float ),
2518        ?+=?( float volatile *, float ),
2519        ?-=?( float volatile *, float );
2520double
2521        ?*=?( double volatile *, double ),
2522        ?/=?( double volatile *, double ),
2523        ?+=?( double volatile *, double ),
2524        ?-=?( double volatile *, double );
2525long double
2526        ?*=?( long double volatile *, long double ),
2527        ?/=?( long double volatile *, long double ),
2528        ?+=?( long double volatile *, long double ),
2529        ?-=?( long double volatile *, long double );
2530_Complex float
2531        ?*=?( _Complex float volatile *, _Complex float ),
2532        ?/=?( _Complex float volatile *, _Complex float ),
2533        ?+=?( _Complex float volatile *, _Complex float ),
2534        ?-=?( _Complex float volatile *, _Complex float );
2535_Complex double
2536        ?*=?( _Complex double volatile *, _Complex double ),
2537        ?/=?( _Complex double volatile *, _Complex double ),
2538        ?+=?( _Complex double volatile *, _Complex double ),
2539        ?-=?( _Complex double volatile *, _Complex double );
2540_Complex long double
2541        ?*=?( _Complex long double volatile *, _Complex long double ),
2542        ?/=?( _Complex long double volatile *, _Complex long double ),
2543        ?+=?( _Complex long double volatile *, _Complex long double ),
2544        ?-=?( _Complex long double volatile *, _Complex long double );
2545\end{lstlisting}
2546
2547For every extended integer type ©X© there exist
2548% Don't use predefined: keep this out of prelude.cf.
2549\begin{lstlisting}
2550?*=?( X volatile *, X ),
2551?/=?( X volatile *, X ),
2552?+=?( X volatile *, X ),
2553?-=?( X volatile *, X ),
2554?%=?( X volatile *, X ),
2555?<<=?( X volatile *, int ),
2556?>>=?( X volatile *, int ),
2557?&=?( X volatile *, X ),
2558?^=?( X volatile *, X ),
2559?|=?( X volatile *, X );
2560\end{lstlisting}
2561
2562For every complete enumerated type ©E© there exist
2563% Don't use predefined: keep this out of prelude.cf.
2564\begin{lstlisting}
2565?*=?( E volatile *, E ),
2566?/=?( E volatile *, E ),
2567?+=?( E volatile *, E ),
2568?-=?( E volatile *, E ),
2569?%=?( E volatile *, E ),
2570?<<=?( E volatile *, int ),
2571?>>=?( E volatile *, int ),
2572?&=?( E volatile *, E ),
2573?^=?( E volatile *, E ),
2574?|=?( E volatile *, E );
2575\end{lstlisting}
2576
2577
2578\subsection{Comma operator}
2579
2580\begin{syntax}
2581\lhs{expression}
2582\rhs \nonterm{assignment-expression}
2583\rhs \nonterm{expression} ©,© \nonterm{assignment-expression}
2584\end{syntax}
2585
2586\semantics
2587In the comma expression ``©a, b©'', the first operand is interpreted as ``©( void )(a)©'', which shall be unambiguous\index{ambiguous interpretation}.
2588The interpretations of the expression are the interpretations of the second operand.
2589
2590
2591\section{Constant expressions}
2592
2593
2594\section{Declarations}
2595
2596\begin{syntax}
2597\oldlhs{declaration}
2598\rhs \nonterm{type-declaration}
2599\rhs \nonterm{spec-definition}
2600\end{syntax}
2601
2602\constraints
2603If an identifier has \Index{no linkage}, there shall be no more than one declaration of the identifier ( in a declarator or type specifier ) with compatible types in the same scope and in the same name space, except that:
2604\begin{itemize}
2605\item a typedef name may be redefined to denote the same type as it currently does, provided that type is not a variably modified type;
2606\item tags may be redeclared as specified in section 6.7.2.3 of the {\c11} standard.
2607\end{itemize}
2608\begin{rationale}
2609This constraint adds the phrase ``with compatible types'' to the {\c11} constraint, to allow overloading.
2610\end{rationale}
2611
2612An identifier declared by a type declaration shall not be redeclared as a parameter in a function definition whose declarator includes an identifier list.
2613\begin{rationale}
2614This restriction echos {\c11}'s ban on the redeclaration of typedef names as parameters.
2615This avoids an ambiguity between old-style function declarations and new-style function prototypes:
2616\begin{lstlisting}
2617void f( Complex,        // ... 3000 characters ...
2618void g( Complex,        // ... 3000 characters ...
2619int Complex;
2620{ ... }
2621\end{lstlisting}
2622Without the rule, ©Complex© would be a type in the first case, and a parameter name in the second.
2623\end{rationale}
2624
2625
2626\setcounter{subsection}{1}
2627\subsection{Type specifiers}
2628
2629\begin{syntax}
2630\oldlhs{type-specifier}
2631\rhs \nonterm{forall-specifier}
2632\end{syntax}
2633
2634\semantics
2635Forall specifiers are discussed in \VRef{forall}.
2636
2637
2638\subsubsection{Structure and union specifiers}
2639
2640\semantics 
2641\CFA extends the {\c11} definition of \define{anonymous structure} to include structure specifiers with tags, and extends the {\c11} definition of \define{anonymous union} to include union specifiers with tags.
2642\begin{rationale}
2643This extension imitates an extension in the Plan 9 C compiler \cite{Thompson90new}.
2644\end{rationale}
2645
2646\examples
2647\begin{lstlisting}
2648struct point {§\impl{point}§
2649        int x, y;
2650};
2651struct color_point {§\impl{color_point}§
2652        enum { RED, BLUE, GREEN } color;
2653        struct point;
2654};
2655struct color_point cp;
2656cp.x = 0;
2657cp.color = RED;
2658struct literal {§\impl{literal}§
2659        enum { NUMBER, STRING } tag;
2660        union {
2661                double n;
2662                char *s;
2663        };
2664};
2665struct literal *next;
2666int length;
2667extern int strlen( const char * );
2668...
2669if ( next->tag == STRING ) length = strlen( next->s );
2670\end{lstlisting}
2671
2672
2673\setcounter{subsubsection}{4}
2674\subsubsection{Forall specifiers}
2675\label{forall}
2676
2677\begin{syntax}
2678\lhs{forall-specifier}
2679\rhs ©forall© ©(© \nonterm{type-parameter-list} ©)©
2680\end{syntax}
2681
2682\begin{comment}
2683\constraints
2684If the \nonterm{declaration-specifiers} of a declaration that contains a \nonterm{forall-specifier} declares a structure or union tag, the types of the members of the structure or union shall not use any of the type identifiers declared by the \nonterm{type-parameter-list}.
2685\begin{rationale}
2686This sort of declaration is illegal because the scope of the type identifiers ends at the end of the declaration, but the scope of the structure tag does not.
2687\begin{lstlisting}
2688forall( otype T ) struct Pair { T a, b;
2689} mkPair( T, T ); // illegal
2690\end{lstlisting}
2691If an instance of ©struct Pair© was declared later in the current scope, what would the members' type be?
2692\end{rationale}
2693\end{comment}
2694
2695\semantics
2696The \nonterm{type-parameter-list}s and assertions of the \nonterm{forall-specifier}s declare type identifiers, function and object identifiers with \Index{no linkage}.
2697
2698If, in the declaration ``©T D©'', ©T© contains \nonterm{forall-specifier}s and ©D© has the form
2699\begin{lstlisting}
2700D( §\normalsize\nonterm{parameter-type-list}§ )
2701\end{lstlisting} then a type identifier declared by one of the \nonterm{forall-specifier}s is an \define{inferred parameter} of the function declarator if and only if it is not an inferred parameter of a function declarator in ©D©, and it is used in the type of a parameter in the following
2702\nonterm{type-parameter-list} or it and an inferred parameter are used as arguments of a \Index{specification} in one of the \nonterm{forall-specifier}s.
2703The identifiers declared by assertions that use an inferred parameter of a function declarator are \Index{assertion parameter}s of that function declarator.
2704
2705\begin{comment}
2706\begin{rationale}
2707Since every inferred parameter is used by some parameter, inference can be understood as a single bottom-up pass over the expression tree, that only needs to apply local reasoning at each node.
2708
2709If this restriction were lifted, it would be possible to write
2710\begin{lstlisting}
2711forall( otype T ) T * alloc( void );§\use{alloc}§ int *p = alloc();
2712\end{lstlisting}
2713Here ©alloc()© would receive ©int© as an inferred argument, and return an ©int *©.
2714In general, if a call to ©alloc()© is a subexpression of an expression involving polymorphic functions and overloaded identifiers, there could be considerable distance between the call and the subexpression that causes ©T© to be bound.
2715
2716With the current restriction, ©alloc()© must be given an argument that determines ©T©:
2717\begin{lstlisting}
2718forall( otype T ) T * alloc( T initial_value );§\use{alloc}§
2719\end{lstlisting}
2720\end{rationale}
2721\end{comment}
2722
2723If a function declarator is part of a function definition, its inferred parameters and assertion parameters have \Index{block scope};
2724otherwise, identifiers declared by assertions have a \define{declaration scope}, which terminates at the end of the \nonterm{declaration}.
2725
2726A function type that has at least one inferred parameter is a \define{polymorphic function} type.
2727Function types with no inferred parameters are \define{monomorphic function} types.
2728One function type is \define{less polymorphic} than another if it has fewer inferred parameters, or if it has the same number of inferred parameters and fewer of its explicit parameters have types that depend on an inferred parameter.
2729
2730The names of inferred parameters and the order of identifiers in forall specifiers are not relevant to polymorphic function type compatibility.
2731Let $f$ and $g$ be two polymorphic function types with the same number of inferred parameters, and let $f_i$ and $g_i$ be the inferred parameters of $f$ and $g$ in their order of occurance in the function types' \nonterm{parameter-type-list}s.
2732Let $f'$ be $f$ with every occurrence of $f_i$ replaced by $g_i$, for all $i$.
2733Then $f$ and $g$ are \Index{compatible type}s if $f'$'s and $g$'s return types and parameter lists are compatible, and if for every assertion parameter of $f'$ there is an assertion parameter in $g$ with the same identifier and compatible type, and vice versa.
2734
2735\examples
2736Consider these analogous monomorphic and polymorphic declarations.
2737\begin{lstlisting}
2738int fi( int );
2739forall( otype T ) T fT( T );
2740\end{lstlisting}
2741©fi()© takes an ©int© and returns an ©int©. ©fT()© takes a ©T© and returns a ©T©, for any type ©T©.
2742\begin{lstlisting}
2743int (*pfi )( int ) = fi;
2744forall( otype T ) T (*pfT )( T ) = fT;
2745\end{lstlisting}
2746©pfi© and ©pfT© are pointers to functions. ©pfT© is not polymorphic, but the function it points at is.
2747\begin{lstlisting}
2748int (*fvpfi( void ))( int ) {
2749        return pfi;
2750}
2751forall( otype T ) T (*fvpfT( void ))( T ) {
2752        return pfT;
2753}
2754\end{lstlisting}
2755©fvpfi()© and ©fvpfT()© are functions taking no arguments and returning pointers to functions. ©fvpfT()© is monomorphic, but the function that its return value points at is polymorphic.
2756\begin{lstlisting}
2757forall( otype T ) int ( *fTpfi( T ) )( int );
2758forall( otype T ) T ( *fTpfT( T ) )( T );
2759forall( otype T, otype U ) U ( *fTpfU( T ) )( U );
2760\end{lstlisting}
2761©fTpfi()© is a polymorphic function that returns a pointer to a monomorphic function taking an integer and returning an integer.
2762It could return ©pfi©. ©fTpfT()© is subtle: it is a polymorphic function returning a \emph{monomorphic} function taking and returning
2763©T©, where ©T© is an inferred parameter of ©fTpfT()©.
2764For instance, in the expression ``©fTpfT(17)©'', ©T© is inferred to be ©int©, and the returned value would have type ©int ( * )( int )©. ``©fTpfT(17)(13)©'' and ``©fTpfT("yes")("no")©'' are legal, but ``©fTpfT(17)("no")©'' is illegal.
2765©fTpfU()© is polymorphic ( in type ©T©), and returns a pointer to a function that is polymorphic ( in type ©U©). ``©f5(17)("no")©'' is a legal expression of type ©char *©.
2766\begin{lstlisting}
2767forall( otype T, otype U, otype V ) U * f( T *, U, V * const );
2768forall( otype U, otype V, otype W ) U * g( V *, U, W * const );
2769\end{lstlisting}
2770The functions ©f()© and ©g()© have compatible types.
2771Let \(f\) and \(g\) be their types;
2772then \(f_1\) = ©T©, \(f_2\) = ©U©, \(f_3\) = ©V©, \(g_1\)
2773= ©V©, \(g_2\) = ©U©, and \(g_3\) = ©W©.
2774Replacing every \(f_i\) by \(g_i\) in \(f\) gives
2775\begin{lstlisting}
2776forall( otype V, otype U, otype W ) U * f( V *, U, W * const );
2777\end{lstlisting} which has a return type and parameter list that is compatible with \(g\).
2778\begin{rationale}
2779The word ``©type©'' in a forall specifier is redundant at the moment, but I want to leave room for inferred parameters of ordinary types in case parameterized types get added one day.
2780
2781Even without parameterized types, I might try to allow
2782\begin{lstlisting}
2783forall( int n ) int sum( int vector[n] );
2784\end{lstlisting} but C currently rewrites array parameters as pointer parameters, so the effects of such a change require more thought.
2785\end{rationale}
2786
2787\begin{rationale}
2788A polymorphic declaration must do two things: it must introduce type parameters, and it must apply assertions to those types.
2789Adding this to existing C declaration syntax and semantics was delicate, and not entirely successful.
2790
2791C depends on declaration-before-use, so a forall specifier must introduce type names before they can be used in the declaration specifiers.
2792This could be done by making the forall specifier part of the declaration specifiers, or by making it a new introductory clause of declarations.
2793
2794Assertions are also part of polymorphic function types, because it must be clear which functions have access to the assertion parameters declared by the assertions.
2795All attempts to put assertions inside an introductory clause produced complex semantics and confusing code.
2796Building them into the declaration specifiers could be done by placing them in the function's parameter list, or in a forall specifier that is a declaration specifier.
2797Assertions are also used with type parameters of specifications, and by type declarations.
2798For consistency's sake it seems best to attach assertions to the type declarations in forall specifiers, which means that forall specifiers must be declaration specifiers.
2799\end{rationale}
2800%HERE
2801
2802
2803\subsection{Type qualifiers}
2804
2805\CFA defines a new type qualifier ©lvalue©\impl{lvalue}\index{lvalue}.
2806\begin{syntax}
2807\oldlhs{type-qualifier}
2808\rhs ©lvalue©
2809\end{syntax}
2810
2811\constraints
2812\Indexc{restrict} Types other than type parameters and pointer types whose referenced type is an object type shall not be restrict-qualified.
2813
2814\semantics
2815An object's type may be a restrict-qualified type parameter.
2816©restrict© does not establish any special semantics in that case.
2817
2818\begin{rationale}
2819\CFA loosens the constraint on the restrict qualifier so that restrict-qualified pointers may be passed to polymorphic functions.
2820\end{rationale}
2821
2822©lvalue© may be used to qualify the return type of a function type.
2823Let ©T© be an unqualified version of a type;
2824then the result of calling a function with return type ©lvalue T© is a \Index{modifiable lvalue} of type ©T©.
2825©const©\use{const} and ©volatile©\use{volatile} qualifiers may also be added to indicate that the function result is a constant or volatile lvalue.
2826\begin{rationale}
2827The ©const© and ©volatile© qualifiers can only be sensibly used to qualify the return type of a function if the ©lvalue© qualifier is also used.
2828\end{rationale}
2829
2830An {lvalue}-qualified type may be used in a \Index{cast expression} if the operand is an lvalue;
2831the result of the expression is an lvalue.
2832
2833\begin{rationale}
2834©lvalue© provides some of the functionality of {\CC}'s ``©T&©'' ( reference to object of type ©T©) type.
2835Reference types have four uses in {\CC}.
2836\begin{itemize}
2837\item
2838They are necessary for user-defined operators that return lvalues, such as ``subscript'' and ``dereference''.
2839
2840\item
2841A reference can be used to define an alias for a complicated lvalue expression, as a way of getting some of the functionality of the Pascal ©with© statement.
2842The following {\CC} code gives an example.
2843\begin{lstlisting}
2844{
2845        char &code = long_name.some_field[i].data->code;
2846        code = toupper( code );
2847}
2848\end{lstlisting}
2849This is not very useful.
2850
2851\item
2852A reference parameter can be used to allow a function to modify an argument without forcing the caller to pass the address of the argument.
2853This is most useful for user-defined assignment operators.
2854In {\CC}, plain assignment is done by a function called ``©operator=©'', and the two expressions
2855\begin{lstlisting}
2856a = b;
2857operator=( a, b );
2858\end{lstlisting} are equivalent.
2859If ©a© and ©b© are of type ©T©, then the first parameter of ©operator=© must have type ``©T&©''.
2860It cannot have type ©T©, because then assignment couldn't alter the variable, and it can't have type ``©T *©'', because the assignment would have to be written ``©&a = b;©''.
2861
2862In the case of user-defined operators, this could just as well be handled by using pointer types and by changing the rewrite rules so that ``©a = b;©'' is equivalent to ``©operator=(&( a), b )©''.
2863Reference parameters of ``normal'' functions are Bad Things, because they remove a useful property of C function calls: an argument can only be modified by a function if it is preceded by ``©&©''.
2864
2865\item
2866References to \Index{const-qualified} types can be used instead of value parameters.  Given the
2867{\CC} function call ``©fiddle( a_thing )©'', where the type of ©a_thing© is
2868©Thing©, the type of ©fiddle© could be either of
2869\begin{lstlisting}
2870void fiddle( Thing );
2871void fiddle( const Thing & );
2872\end{lstlisting}
2873If the second form is used, then constructors and destructors are not invoked to create a temporary variable at the call site ( and it is bad style for the caller to make any assumptions about such things), and within ©fiddle© the parameter is subject to the usual problems caused by aliases.
2874The reference form might be chosen for efficiency's sake if ©Thing©s are too large or their constructors or destructors are too expensive.
2875An implementation may switch between them without causing trouble for well-behaved clients.
2876This leaves the implementor to define ``too large'' and ``too expensive''.
2877
2878I propose to push this job onto the compiler by allowing it to implement
2879\begin{lstlisting}
2880void fiddle( const volatile Thing );
2881\end{lstlisting} with call-by-reference.
2882Since it knows all about the size of ©Thing©s and the parameter passing mechanism, it should be able to come up with a better definition of ``too large'', and may be able to make a good guess at ``too expensive''.
2883\end{itemize}
2884
2885In summary, since references are only really necessary for returning lvalues, I'll only provide lvalue functions.
2886\end{rationale}
2887
2888
2889\setcounter{subsection}{8}
2890\subsection{Initialization}
2891
2892An expression that is used as an \nonterm{initializer} is treated as being cast to the type of the object being initialized.
2893An expression used in an \nonterm{initializer-list} is treated as being cast to the type of the aggregate member that it initializes.
2894In either case the cast must have a single unambiguous \Index{interpretation}.
2895
2896
2897\setcounter{subsection}{10}
2898\subsection{Specification definitions}
2899
2900\begin{syntax}
2901\lhs{spec-definition}
2902\rhs ©spec© \nonterm{identifier} 
2903        ©(© \nonterm{type-parameter-list} ©)©
2904        ©{© \nonterm{spec-declaration-list}\opt ©}©
2905\lhs{spec-declaration-list}
2906\rhs \nonterm{spec-declaration} ©;©
2907\rhs \nonterm{spec-declaration-list} \nonterm{spec-declaration} ©;©
2908\lhs{spec-declaration}
2909\rhs \nonterm{specifier-qualifier-list} \nonterm{declarator-list}
2910\lhs{declarator-list}
2911\rhs \nonterm{declarator}
2912\rhs \nonterm{declarator-list} ©,© \nonterm{declarator}
2913\end{syntax}
2914\begin{rationale}
2915The declarations allowed in a specification are much the same as those allowed in a structure, except that bit fields are not allowed, and \Index{incomplete type}s and function types are allowed.
2916\end{rationale}
2917
2918\semantics
2919A \define{specification definition} defines a name for a \define{specification}: a parameterized collection of object and function declarations.
2920
2921The declarations in a specification consist of the declarations in the
2922\nonterm{spec-declaration-list} and declarations produced by any assertions in the
2923\nonterm{spec-parameter-list}.
2924If the collection contains two declarations that declare the same identifier and have compatible types, they are combined into one declaration with the composite type constructed from the two types.
2925
2926
2927\subsubsection{Assertions}
2928
2929\begin{syntax}
2930\lhs{assertion-list}
2931\rhs \nonterm{assertion}
2932\rhs \nonterm{assertion-list} \nonterm{assertion}
2933\lhs{assertion}
2934\rhs ©|© \nonterm{identifier} ©(© \nonterm{type-name-list} ©)©
2935\rhs ©|© \nonterm{spec-declaration}
2936\lhs{type-name-list}
2937\rhs \nonterm{type-name}
2938\rhs \nonterm{type-name-list} ©,© \nonterm{type-name}
2939\end{syntax}
2940
2941\constraints
2942The \nonterm{identifier} in an assertion that is not a \nonterm{spec-declaration} shall be the name of a specification.
2943The \nonterm{type-name-list} shall contain one \nonterm{type-name} argument for each \nonterm{type-parameter} in that specification's \nonterm{spec-parameter-list}.
2944If the
2945\nonterm{type-parameter} uses type-class ©type©\use{type}, the argument shall be the type name of an \Index{object type};
2946if it uses ©dtype©, the argument shall be the type name of an object type or an \Index{incomplete type};
2947and if it uses ©ftype©, the argument shall be the type name of a \Index{function type}.
2948
2949\semantics
2950An \define{assertion} is a declaration of a collection of objects and functions, called \define{assertion parameters}.
2951
2952The assertion parameters produced by an assertion that applies the name of a specification to type arguments are found by taking the declarations specified in the specification and treating each of the specification's parameters as a synonym for the corresponding \nonterm{type-name} argument.
2953
2954The collection of assertion parameters produced by the \nonterm{assertion-list} are found by combining the declarations produced by each assertion.
2955If the collection contains two declarations that declare the same identifier and have compatible types, they are combined into one declaration with the \Index{composite type} constructed from the two types.
2956
2957\examples
2958\begin{lstlisting}
2959forall( otype T | T ?*?( T, T ))§\use{?*?}§
2960T square( T val ) {§\impl{square}§
2961        return val + val;
2962}
2963trait summable( otype T ) {§\impl{summable}§
2964        T ?+=?( T *, T );§\use{?+=?}§
2965        const T 0;§\use{0}§
2966};
2967trait list_of( otype List, otype Element ) {§\impl{list_of}§
2968        Element car( List );
2969        List cdr( List );
2970        List cons( Element, List );
2971        List nil;
2972        int is_nil( List );
2973};
2974trait sum_list( otype List, otype Element | summable( Element ) | list_of( List, Element ) ) {};
2975\end{lstlisting}
2976©sum_list© contains seven declarations, which describe a list whose elements can be added up.
2977The assertion ``©|sum_list( i_list, int )©''\use{sum_list} produces the assertion parameters
2978\begin{lstlisting}
2979int ?+=?( int *, int );
2980const int 0;
2981int car( i_list );
2982i_list cdr( i_list );
2983i_list cons( int, i_list );
2984i_list nil;
2985int is_nil;
2986\end{lstlisting}
2987
2988
2989\subsection{Type declarations}
2990
2991\begin{syntax}
2992\lhs{type-parameter-list}
2993\rhs \nonterm{type-parameter}
2994\rhs \nonterm{type-parameter-list} ©,© \nonterm{type-parameter}
2995\lhs{type-parameter}
2996\rhs \nonterm{type-class} \nonterm{identifier} \nonterm{assertion-list}\opt
2997\lhs{type-class}
2998\rhs ©type©
2999\rhs ©dtype©
3000\rhs ©ftype©
3001\lhs{type-declaration}
3002\rhs \nonterm{storage-class-specifier}\opt ©type© \nonterm{type-declarator-list} \verb|;|
3003\lhs{type-declarator-list}
3004\rhs \nonterm{type-declarator}
3005\rhs \nonterm{type-declarator-list} ©,© \nonterm{type-declarator}
3006\lhs{type-declarator}
3007\rhs \nonterm{identifier} \nonterm{assertion-list}\opt ©=© \nonterm{type-name}
3008\rhs \nonterm{identifier} \nonterm{assertion-list}\opt
3009\end{syntax}
3010
3011\constraints
3012If a type declaration has block scope, and the declared identifier has external or internal linkage, the declaration shall have no initializer for the identifier.
3013
3014\semantics
3015A \nonterm{type-parameter} or a \nonterm{type-declarator} declares an identifier to be a \Index{type name} for a type incompatible with all other types.
3016
3017An identifier declared by a \nonterm{type-parameter} has \Index{no linkage}.
3018Identifiers declared with type-class ©type©\use{type} are \Index{object type}s;
3019those declared with type-class ©dtype©\use{dtype} are \Index{incomplete type}s;
3020and those declared with type-class ©ftype©\use{ftype} are \Index{function type}s.
3021The identifier has \Index{block scope} that terminates at the end of the \nonterm{spec-declaration-list} or polymorphic function that contains the \nonterm{type-parameter}.
3022
3023A \nonterm{type-declarator} with an \Index{initializer} is a \define{type definition}.  The declared identifier is an \Index{incomplete type} within the initializer, and an \Index{object type} after the end of the initializer.
3024The type in the initializer is called the \define{implementation
3025  type}.
3026Within the scope of the declaration, \Index{implicit conversion}s can be performed between the defined type and the implementation type, and between pointers to the defined type and pointers to the implementation type.
3027
3028A type declaration without an \Index{initializer} and without a \Index{storage-class specifier} or with storage-class specifier ©static©\use{static} defines an \Index{incomplete type}.
3029If a \Index{translation unit} or \Index{block} contains one or more such declarations for an identifier, it must contain exactly one definition of the identifier ( but not in an enclosed block, which would define a new type known only within that block).
3030\begin{rationale}
3031Incomplete type declarations allow compact mutually-recursive types.
3032\begin{lstlisting}
3033otype t1; // incomplete type declaration
3034otype t2 = struct { t1 * p; ... };
3035otype t1 = struct { t2 * p; ... };
3036\end{lstlisting}
3037Without them, mutual recursion could be handled by declaring mutually recursive structures, then initializing the types to those structures.
3038\begin{lstlisting}
3039struct s1;
3040otype t2 = struct s2 { struct s1 * p; ... };
3041otype t1 = struct s1 { struct s2 * p; ... };
3042\end{lstlisting}
3043This introduces extra names, and may force the programmer to cast between the types and their implementations.
3044\end{rationale}
3045
3046A type declaration without an initializer and with \Index{storage-class specifier} ©extern©\use{extern} is an \define{opaque type declaration}.
3047Opaque types are \Index{object type}s.
3048An opaque type is not a \nonterm{constant-expression};
3049neither is a structure or union that has a member whose type is not a \nonterm{constant-expression}.
3050Every other \Index{object type} is a \nonterm{constant-expression}.
3051Objects with static storage duration shall be declared with a type that is a \nonterm{constant-expression}.
3052\begin{rationale}
3053Type declarations can declare identifiers with external linkage, whereas typedef declarations declare identifiers that only exist within a translation unit.
3054These opaque types can be used in declarations, but the implementation of the type is not visible.
3055
3056Static objects can not have opaque types because space for them would have to be allocated at program start-up.
3057This is a deficiency\index{deficiencies!static opaque objects}, but I don't want to deal with ``module initialization'' code just now.
3058\end{rationale}
3059
3060An \Index{incomplete type} which is not a qualified version\index{qualified type} of a type is a value of \Index{type-class} ©dtype©.
3061An object type\index{object types} which is not a qualified version of a type is a value of type-classes ©type© and ©dtype©.
3062A \Index{function type} is a value of type-class ©ftype©.
3063\begin{rationale}
3064Syntactically, a type value is a \nonterm{type-name}, which is a declaration for an object which omits the identifier being declared.
3065
3066Object types are precisely the types that can be instantiated.
3067Type qualifiers are not included in type values because the compiler needs the information they provide at compile time to detect illegal statements or to produce efficient machine instructions.
3068For instance, the code that a compiler must generate to manipulate an object that has volatile-qualified type may be different from the code to manipulate an ordinary object.
3069
3070Type qualifiers are a weak point of C's type system.
3071Consider the standard library function ©strchr()© which, given a string and a character, returns a pointer to the first occurrence of the character in the string.
3072\begin{lstlisting}
3073char *strchr( const char *s, int c ) {§\impl{strchr}§
3074        char real_c = c; // done because c was declared as int.
3075        for ( ; *s != real_c; s++ )
3076                if ( *s == '\0' ) return NULL;
3077        return ( char * )s;
3078}
3079\end{lstlisting}
3080The parameter ©s© must be ©const char *©, because ©strchr()© might be used to search a constant string, but the return type must be ©char *©, because the result might be used to modify a non-constant string.
3081Hence the body must perform a cast, and ( even worse) ©strchr()© provides a type-safe way to attempt to modify constant strings.
3082What is needed is some way to say that ©s©'s type might contain qualifiers, and the result type has exactly the same qualifiers.
3083Polymorphic functions do not provide a fix for this deficiency\index{deficiencies!pointers to qualified types}, because type qualifiers are not part of type values.
3084Instead, overloading can be used to define ©strchr()© for each combination of qualifiers.
3085\end{rationale}
3086
3087\begin{rationale}
3088Since \Index{incomplete type}s are not type values, they can not be used as the initializer in a type declaration, or as the type of a structure or union member.
3089This prevents the declaration of types that contain each other.
3090\begin{lstlisting}
3091otype t1;
3092otype t2 = t1; // illegal: incomplete type t1
3093otype t1 = t2;
3094\end{lstlisting}
3095
3096The initializer in a file-scope declaration must be a constant expression.
3097This means type declarations can not build on opaque types, which is a deficiency\index{deficiencies!nesting opaque
3098 types}.
3099\begin{lstlisting}
3100extern otype Huge; // extended-precision integer type
3101otype Rational = struct {
3102        Huge numerator, denominator;    // illegal
3103};
3104struct Pair {
3105        Huge first, second;                             // legal
3106};
3107\end{lstlisting}
3108Without this restriction, \CFA might require ``module initialization'' code ( since ©Rational© has external linkage, it must be created before any other translation unit instantiates it), and would force an ordering on the initialization of the translation unit that defines ©Huge© and the translation that declares ©Rational©.
3109
3110A benefit of the restriction is that it prevents the declaration in separate translation units of types that contain each other, which would be hard to prevent otherwise.
3111\begin{lstlisting}
3112//  File a.c:
3113        extern type t1;
3114        type t2 = struct { t1 f1; ... } // illegal
3115//  File b.c:
3116        extern type t2;
3117        type t1 = struct { t2 f2; ... } // illegal
3118\end{lstlisting}
3119\end{rationale}
3120
3121\begin{rationale}
3122Since a \nonterm{type-declaration} is a \nonterm{declaration} and not a
3123\nonterm{struct-declaration}, type declarations can not be structure members.
3124The form of
3125\nonterm{type-declaration} forbids arrays of, pointers to, and functions returning ©type©.
3126Hence the syntax of \nonterm{type-specifier} does not have to be extended to allow type-valued expressions.
3127It also side-steps the problem of type-valued expressions producing different values in different declarations.
3128
3129Since a type declaration is not a \nonterm{parameter-declaration}, functions can not have explicit type parameters.
3130This may be too restrictive, but it attempts to make compilation simpler.
3131Recall that when traditional C scanners read in an identifier, they look it up in the symbol table to determine whether or not it is a typedef name, and return a ``type'' or ``identifier'' token depending on what they find.
3132A type parameter would add a type name to the current scope.
3133The scope manipulations involved in parsing the declaration of a function that takes function pointer parameters and returns a function pointer may just be too complicated.
3134
3135Explicit type parameters don't seem to be very useful, anyway, because their scope would not include the return type of the function.
3136Consider the following attempt to define a type-safe memory allocation function.
3137\begin{lstlisting}
3138#include <stdlib.h>
3139T * new( otype T ) { return ( T * )malloc( sizeof( T) ); };
3140... int * ip = new( int );
3141\end{lstlisting}
3142This looks sensible, but \CFA's declaration-before-use rules mean that ``©T©'' in the function body refers to the parameter, but the ``©T©'' in the return type refers to the meaning of ©T© in the scope that contains ©new©;
3143it could be undefined, or a type name, or a function or variable name.
3144Nothing good can result from such a situation.
3145\end{rationale}
3146
3147\examples
3148Since type declarations create new types, instances of types are always passed by value.
3149\begin{lstlisting}
3150otype A1 = int[2];
3151void f1( A1 a ) { a[0] = 0; };
3152otypedef int A2[2];
3153void f2( A2 a ) { a[0] = 0; };
3154A1 v1;
3155A2 v2;
3156f1( v1 );
3157f2( v2 );
3158\end{lstlisting}
3159©V1© is passed by value, so ©f1()©'s assignment to ©a[0]© does not modify v1.  ©V2© is converted to a pointer, so ©f2()© modifies ©v2[0]©.
3160
3161A translation unit containing the declarations
3162\begin{lstlisting}
3163extern type Complex;§\use{Complex}§ // opaque type declaration
3164extern float abs( Complex );§\use{abs}§
3165\end{lstlisting} can contain declarations of complex numbers, which can be passed to ©abs©.
3166Some other translation unit must implement ©Complex© and ©abs©.
3167That unit might contain the declarations
3168\begin{lstlisting}
3169otype Complex = struct { float re, im; }\impl{Complex}§
3170Complex cplx_i = { 0.0, 1.0 }\impl{cplx_i}§
3171float abs( Complex c ) {§\impl{abs( Complex )}§
3172        return sqrt( c.re * c.re + c.im * c.im );
3173}
3174\end{lstlisting}
3175Note that ©c© is implicitly converted to a ©struct© so that its components can be retrieved.
3176
3177\begin{lstlisting}
3178otype Time_of_day = int;§\impl{Time_of_day}§ // seconds since midnight.
3179Time_of_day ?+?( Time_of_day t1, int seconds ) {§\impl{?+?}§
3180        return (( int)t1 + seconds ) % 86400;
3181}
3182\end{lstlisting}
3183©t1© must be cast to its implementation type to prevent infinite recursion.
3184
3185\begin{rationale}
3186Within the scope of a type definition, an instance of the type can be viewed as having that type or as having the implementation type.
3187In the ©Time_of_day© example, the difference is important.
3188Different languages have treated the distinction between the abstraction and the implementation in different ways.
3189\begin{itemize}
3190\item
3191Inside a Clu cluster \cite{CLU}, the declaration of an instance states which view applies.
3192Two primitives called ©up© and ©down© can be used to convert between the views.
3193\item
3194The Simula class \cite{SIMULA87} is essentially a record type.
3195Since the only operations on a record are member selection and assignment, which can not be overloaded, there is never any ambiguity as to whether the abstraction or the implementation view is being used.
3196In {\CC}
3197\cite{C++}, operations on class instances include assignment and ``©&©'', which can be overloaded.
3198A ``scope resolution'' operator can be used inside the class to specify whether the abstract or implementation version of the operation should be used.
3199\item
3200An Ada derived type definition \cite{Ada} creates a new type from an old type, and also implicitly declares derived subprograms that correspond to the existing subprograms that use the old type as a parameter type or result type.
3201The derived subprograms are clones of the existing subprograms with the old type replaced by the derived type.
3202Literals and aggregates of the old type are also cloned.
3203In other words, the abstract view provides exactly the same operations as the implementation view.
3204This allows the abstract view to be used in all cases.
3205
3206The derived subprograms can be replaced by programmer-specified subprograms.
3207This is an exception to the normal scope rules, which forbid duplicate definitions of a subprogram in a scope.
3208In this case, explicit conversions between the derived type and the old type can be used.
3209\end{itemize}
3210\CFA's rules are like Clu's, except that implicit conversions and conversion costs allow it to do away with most uses of ©up© and ©down©.
3211\end{rationale}
3212
3213
3214\subsubsection{Default functions and objects}
3215
3216A declaration\index{type declaration} of a type identifier ©T© with type-class ©type© implicitly declares a \define{default assignment} function ©T ?=?( T *, T )©\use{?=?}, with the same \Index{scope} and \Index{linkage} as the identifier ©T©.
3217\begin{rationale}
3218Assignment is central to C's imperative programming style, and every existing C object type has assignment defined for it ( except for array types, which are treated as pointer types for purposes of assignment).
3219Without this rule, nearly every inferred type parameter would need an accompanying assignment assertion parameter.
3220If a type parameter should not have an assignment operation, ©dtype© should be used.
3221If a type should not have assignment defined, the user can define an assignment function that causes a run-time error, or provide an external declaration but no definition and thus cause a link-time error.
3222\end{rationale}
3223
3224A definition\index{type definition} of a type identifier ©T© with \Index{implementation type} ©I© and type-class ©type© implicitly defines a default assignment function.
3225A definition\index{type definition} of a type identifier ©T© with implementation type ©I© and an assertion list implicitly defines \define{default function}s and \define{default object}s as declared by the assertion declarations.
3226The default objects and functions have the same \Index{scope} and \Index{linkage} as the identifier ©T©.
3227Their values are determined as follows:
3228\begin{itemize}
3229\item
3230If at the definition of ©T© there is visible a declaration of an object with the same name as the default object, and if the type of that object with all occurrence of ©I© replaced by ©T© is compatible with the type of the default object, then the default object is initialized with that object.
3231Otherwise the scope of the declaration of ©T© must contain a definition of the default object.
3232
3233\item 
3234If at the definition of ©T© there is visible a declaration of a function with the same name as the default function, and if the type of that function with all occurrence of ©I© replaced by ©T© is compatible with the type of the default function, then the default function calls that function after converting its arguments and returns the converted result.
3235
3236Otherwise, if ©I© contains exactly one anonymous member\index{anonymous member} such that at the definition of ©T© there is visible a declaration of a function with the same name as the default function, and the type of that function with all occurrences of the anonymous member's type in its parameter list replaced by ©T© is compatible with the type of the default function, then the default function calls that function after converting its arguments and returns the result.
3237
3238Otherwise the scope of the declaration of ©T© must contain a definition of the default function.
3239\end{itemize}
3240\begin{rationale}
3241Note that a pointer to a default function will not compare as equal to a pointer to the inherited function.
3242\end{rationale}
3243
3244A function or object with the same type and name as a default function or object that is declared within the scope of the definition of ©T© replaces the default function or object.
3245
3246\examples
3247\begin{lstlisting}
3248trait s( otype T ) {
3249        T a, b;
3250} struct impl { int left, right; } a = { 0, 0 };
3251otype Pair | s( Pair ) = struct impl;
3252Pair b = { 1, 1 };
3253\end{lstlisting}
3254The definition of ©Pair© implicitly defines two objects ©a© and ©b©.
3255©Pair a© inherits its value from the ©struct impl a©.
3256The definition of ©Pair b© is compulsory because there is no ©struct impl b© to construct a value from.
3257\begin{lstlisting}
3258trait ss( otype T ) {
3259        T clone( T );
3260        void munge( T * );
3261}
3262otype Whatsit | ss( Whatsit );§\use{Whatsit}§
3263otype Doodad | ss( Doodad ) = struct doodad {§\use{Doodad}§
3264        Whatsit; // anonymous member
3265        int extra;
3266};
3267Doodad clone( Doodad ) { ... }
3268\end{lstlisting}
3269The definition of ©Doodad© implicitly defines three functions:
3270\begin{lstlisting}
3271Doodad ?=?( Doodad *, Doodad );
3272Doodad clone( Doodad );
3273void munge( Doodad * );
3274\end{lstlisting}
3275The assignment function inherits ©struct doodad©'s assignment function because the types match when ©struct doodad©  is replaced by ©Doodad© throughout.
3276©munge()© inherits ©Whatsit©'s ©munge()© because the types match when ©Whatsit© is replaced by ©Doodad© in the parameter list. ©clone()© does \emph{not} inherit ©Whatsit©'s ©clone()©: replacement in the parameter list yields ``©Whatsit clone( Doodad )©'', which is not compatible with ©Doodad©'s ©clone()©'s type.
3277Hence the definition of ``©Doodad clone( Doodad )©'' is necessary.
3278
3279Default functions and objects are subject to the normal scope rules.
3280\begin{lstlisting}
3281otype T = ...;
3282T a_T = ...;            // Default assignment used.
3283T ?=?( T *, T );
3284T a_T = ...;            // Programmer-defined assignment called.
3285\end{lstlisting}
3286\begin{rationale}
3287A compiler warning would be helpful in this situation.
3288\end{rationale}
3289
3290\begin{rationale}
3291The \emph{class} construct of object-oriented programming languages performs three independent functions.
3292It \emph{encapsulates} a data structure;
3293it defines a \emph{subtype} relationship, whereby instances of one class may be used in contexts that require instances of another;
3294and it allows one class to \emph{inherit} the implementation of another.
3295
3296In \CFA, encapsulation is provided by opaque types and the scope rules, and subtyping is provided by specifications and assertions.
3297Inheritance is provided by default functions and objects.
3298\end{rationale}
3299
3300
3301\section{Statements and blocks}
3302
3303\begin{syntax}
3304\oldlhs{statement}
3305\rhs \nonterm{exception-statement}
3306\end{syntax}
3307
3308Many statements contain expressions, which may have more than one interpretation.
3309The following sections describe how the \CFA translator selects an interpretation.
3310In all cases the result of the selection shall be a single unambiguous \Index{interpretation}.
3311
3312
3313\subsection{Labeled statements}
3314
3315\begin{syntax}
3316\oldlhs{labeled-statement}
3317\rhs ©case© \nonterm{case-value-list} : \nonterm{statement}
3318\lhs{case-value-list}
3319\rhs \nonterm{case-value}
3320\rhs \nonterm{case-value-list} ©,© \nonterm{case-value}
3321\lhs{case-value}
3322\rhs \nonterm{constant-expression}
3323\rhs \nonterm{subrange}
3324\lhs{subrange}
3325\rhs \nonterm{constant-expression} ©~© \nonterm{constant-expression}
3326\end{syntax}
3327
3328The following have identical meaning:
3329\begin{lstlisting}
3330case 1:  case 2:  case 3:  case 4:  case 5:
3331case 1, 2, 3, 4, 5:
3332case 1~5:
3333\end{lstlisting}
3334Multiple subranges are allowed:
3335\begin{lstlisting}
3336case 1~4, 9~14, 27~32:
3337\end{lstlisting}
3338The ©case© and ©default© clauses are restricted within the ©switch© and ©choose© statements, precluding Duff's device.
3339
3340
3341\subsection{Expression and null statements}
3342
3343The expression in an expression statement is treated as being cast to ©void©.
3344
3345
3346\subsection{Selection statements}
3347
3348\begin{syntax}
3349\oldlhs{selection-statement}
3350\rhs ©choose© ©(© \nonterm{expression} ©)© \nonterm{statement}
3351\end{syntax}
3352
3353The controlling expression ©E© in the ©switch© and ©choose© statement:
3354\begin{lstlisting}
3355switch ( E ) ...
3356choose ( E ) ...
3357\end{lstlisting} may have more than one interpretation, but it shall have only one interpretation with an integral type.
3358An \Index{integer promotion} is performed on the expression if necessary.
3359The constant expressions in ©case© statements with the switch are converted to the promoted type.
3360
3361
3362\setcounter{subsubsection}{3}
3363\subsubsection[The choose statement]{The \lstinline@choose@ statement}
3364
3365The ©choose© statement is the same as the ©switch© statement except control transfers to the end of the ©choose© statement at a ©case© or ©default© labeled statement.
3366The ©fallthru© statement is used to fall through to the next ©case© or ©default© labeled statement.
3367The following have identical meaning:
3368\begin{flushleft}
3369\begin{tabular}{@{\hspace{2em}}l@{\hspace{2em}}l@{}}
3370\begin{lstlisting}
3371switch (...) {
3372  case 1: ... ; break;
3373  case 2: ... ; break;
3374  case 3: ... ; // fall through
3375  case 4: ... ; // fall through
3376  default: ... break;
3377}
3378\end{lstlisting}
3379&
3380\begin{lstlisting}
3381choose (...) {
3382  case 1: ... ; // exit
3383  case 2: ... ; // exit
3384  case 3: ... ; fallthru;
3385  case 4: ... ; fallthru;
3386  default: ... ; // exit
3387}
3388\end{lstlisting}
3389\end{tabular}
3390\end{flushleft}
3391The ©choose© statement addresses the problem of accidental fall-through associated with the ©switch© statement.
3392
3393
3394\subsection{Iteration statements}
3395
3396The controlling expression ©E© in the loops
3397\begin{lstlisting}
3398if ( E ) ...
3399while ( E ) ...
3400do ... while ( E );
3401\end{lstlisting}
3402is treated as ``©( int )((E)!=0)©''.
3403
3404The statement
3405\begin{lstlisting}
3406for ( a; b; c ) ...
3407\end{lstlisting} is treated as
3408\begin{lstlisting}
3409for ( ( void )( a ); ( int )(( b )!=0); ( void )( c ) ) ...
3410\end{lstlisting}
3411
3412
3413\subsection{Jump statements}
3414
3415\begin{syntax}
3416\oldlhs{jump-statement}
3417\rhs ©continue© \nonterm{identifier}\opt
3418\rhs ©break© \nonterm{identifier}\opt
3419\rhs \ldots
3420\rhs ©throw© \nonterm{assignment-expression}\opt
3421\rhs ©throwResume© \nonterm{assignment-expression}\opt \nonterm{at-expression}\opt
3422\lhs{at-expression} ©_At© \nonterm{assignment-expression}
3423\end{syntax}
3424
3425Labeled ©continue© and ©break© allow useful but restricted control-flow that reduces the need for the ©goto© statement for exiting multiple nested control-structures.
3426\begin{lstlisting}
3427L1: {                                                   // compound
3428  L2: switch ( ... ) {                  // switch
3429          case ...:
3430          L3: for ( ;; ) {                      // outer for
3431                L4: for ( ;; ) {                // inner for
3432                                continue L1;    // error: not enclosing iteration
3433                                continue L2;    // error: not enclosing iteration
3434                                continue L3;    // next iteration of outer for
3435                                continue L4;    // next iteration of inner for
3436                                break L1;               // exit compound
3437                                break L2;               // exit switch
3438                                break L3;               // exit outer for
3439                                break L4;               // exit inner for
3440                        } // for
3441                } // for
3442                break;                                  // exit switch
3443          default:
3444                break L1;                               // exit compound
3445        } // switch
3446        ...
3447} // compound
3448\end{lstlisting}
3449
3450
3451\setcounter{subsubsection}{1}
3452\subsubsection[The continue statement]{The \lstinline@continue@ statement}
3453
3454The identifier in a ©continue© statement shall name a label located on an enclosing iteration statement.
3455
3456
3457\subsubsection[The break statement]{The \lstinline@break@ statement}
3458
3459The identifier in a ©break© statement shall name a label located on an enclosing compound, selection or iteration statement.
3460
3461
3462\subsubsection[The return statement]{The \lstinline@return@ statement}
3463
3464An expression in a ©return© statement is treated as being cast to the result type of the function.
3465
3466
3467\subsubsection[The throw statement]{The \lstinline@throw@ statement}
3468
3469When an exception is raised, \Index{propagation} directs control from a raise in the source execution to a handler in the faulting execution.
3470
3471
3472\subsubsection[The throwResume statement]{The \lstinline@throwResume@ statement}
3473
3474
3475\subsection{Exception statements}
3476
3477\begin{syntax}
3478\lhs{exception-statement}
3479\rhs ©try© \nonterm{compound-statement} \nonterm{handler-list}
3480\rhs ©try© \nonterm{compound-statement} \nonterm{finally-clause}
3481\rhs ©try© \nonterm{compound-statement} \nonterm{handler-list} \nonterm{finally-clause}
3482\lhs{handler-list}
3483\rhs \nonterm{handler-clause}
3484\rhs ©catch© ©(© \ldots ©)© \nonterm{compound-statement}
3485\rhs \nonterm{handler-clause} ©catch© ©(© \ldots ©)© \nonterm{compound-statement}
3486\rhs ©catchResume© ©(© \ldots ©)© \nonterm{compound-statement}
3487\rhs \nonterm{handler-clause} ©catchResume© ©(© \ldots ©)© \nonterm{compound-statement}
3488\lhs{handler-clause}
3489\rhs ©catch© ©(© \nonterm{exception-declaration} ©)© \nonterm{compound-statement}
3490\rhs \nonterm{handler-clause} ©catch© ©(© \nonterm{exception-declaration} ©)© \nonterm{compound-statement}
3491\rhs ©catchResume© ©(© \nonterm{exception-declaration} ©)© \nonterm{compound-statement}
3492\rhs \nonterm{handler-clause} ©catchResume© ©(© \nonterm{exception-declaration} ©)© \nonterm{compound-statement}
3493\lhs{finally-clause}
3494\rhs ©finally© \nonterm{compound-statement}
3495\lhs{exception-declaration}
3496\rhs \nonterm{type-specifier}
3497\rhs \nonterm{type-specifier} \nonterm{declarator}
3498\rhs \nonterm{type-specifier} \nonterm{abstract-declarator}
3499\rhs \nonterm{new-abstract-declarator-tuple} \nonterm{identifier}
3500\rhs \nonterm{new-abstract-declarator-tuple}
3501\lhs{asynchronous-statement}
3502\rhs ©enable© \nonterm{identifier-list} \nonterm{compound-statement}
3503\rhs ©disable© \nonterm{identifier-list} \nonterm{compound-statement}
3504\end{syntax}
3505
3506\Index{Exception statement}s allow a dynamic call to a handler for \Index{recovery} (\Index{termination}) or \Index{correction} (\Index{resumption}) of an \Index{abnormal event}.
3507
3508
3509\subsubsection[The try statement]{The \lstinline@try@ statement}
3510
3511The ©try© statement is a block with associated handlers, called a \Index{guarded block};
3512all other blocks are \Index{unguarded block}s.
3513A ©goto©, ©break©, ©return©, or ©continue© statement can be used to transfer control out of a try block or handler, but not into one.
3514
3515
3516\subsubsection[The enable/disable statements]{The \lstinline@enable@/\lstinline@disable@ statements}
3517
3518The ©enable©/©disable© statements toggle delivery of \Index{asynchronous exception}s.
3519
3520
3521\setcounter{section}{9}
3522\section{Preprocessing directives}
3523
3524
3525\setcounter{subsection}{7}
3526\subsection{Predefined macro names}
3527
3528The implementation shall define the macro names ©__LINE__©, ©__FILE__©, ©__DATE__©, and ©__TIME__©, as in the {\c11} standard.
3529It shall not define the macro name ©__STDC__©.
3530
3531In addition, the implementation shall define the macro name ©__CFORALL__© to be the decimal constant 1.
3532
3533
3534\appendix
3535
3536
3537\chapter{Examples}
3538
3539
3540\section{C types}
3541This section gives example specifications for some groups of types that are important in the C language, in terms of the predefined operations that can be applied to those types.
3542
3543
3544\subsection{Scalar, arithmetic, and integral types}
3545
3546The pointer, integral, and floating-point types are all \define{scalar types}.
3547All of these types can be logically negated and compared.
3548The assertion ``©scalar( Complex )©'' should be read as ``type ©Complex© is scalar''.
3549\begin{lstlisting}
3550trait scalar( otype T ) {§\impl{scalar}§
3551        int !?( T );
3552        int ?<?( T, T ), ?<=?( T, T ), ?==?( T, T ), ?>=?( T, T ), ?>?( T, T ), ?!=?( T, T );
3553};
3554\end{lstlisting}
3555
3556The integral and floating-point types are \define{arithmetic types}, which support the basic arithmetic operators.
3557The use of an assertion in the \nonterm{spec-parameter-list} declares that, in order to be arithmetic, a type must also be scalar ( and hence that scalar operations are available ).
3558This is equivalent to inheritance of specifications.
3559\begin{lstlisting}
3560trait arithmetic( otype T | scalar( T ) ) {§\impl{arithmetic}§§\use{scalar}§
3561        T +?( T ), -?( T );
3562        T ?*?( T, T ), ?/?( T, T ), ?+?( T, T ), ?-?( T, T );
3563};
3564\end{lstlisting}
3565
3566The various flavors of ©char© and ©int© and the enumerated types make up the \define{integral types}.
3567\begin{lstlisting}
3568trait integral( otype T | arithmetic( T ) ) {§\impl{integral}§§\use{arithmetic}§
3569        T ~?( T );
3570        T ?&?( T, T ), ?|?( T, T ), ?^?( T, T );
3571        T ?%?( T, T );
3572        T ?<<?( T, T ), ?>>?( T, T );
3573};
3574\end{lstlisting}
3575
3576
3577\subsection{Modifiable types}
3578\index{modifiable lvalue}
3579
3580The only operation that can be applied to all modifiable lvalues is simple assignment.
3581\begin{lstlisting}
3582trait m_lvalue( otype T ) {§\impl{m_lvalue}§
3583        T ?=?( T *, T );
3584};
3585\end{lstlisting}
3586
3587Modifiable scalar lvalues are scalars and are modifiable lvalues, and assertions in the
3588\nonterm{spec-parameter-list} reflect those relationships.
3589This is equivalent to multiple inheritance of specifications.
3590Scalars can also be incremented and decremented.
3591\begin{lstlisting}
3592trait m_l_scalar( otype T | scalar( T ) | m_lvalue( T ) ) {§\impl{m_l_scalar}§
3593        T ?++( T * ), ?--( T * );§\use{scalar}§§\use{m_lvalue}§
3594        T ++?( T * ), --?( T * );
3595};
3596\end{lstlisting}
3597
3598Modifiable arithmetic lvalues are both modifiable scalar lvalues and arithmetic.
3599Note that this results in the ``inheritance'' of ©scalar© along both paths.
3600\begin{lstlisting}
3601trait m_l_arithmetic( otype T | m_l_scalar( T ) | arithmetic( T ) ) {§\impl{m_l_arithmetic}§
3602        T ?/=?( T *, T ), ?*=?( T *, T );§\use{m_l_scalar}§§\use{arithmetic}§
3603        T ?+=?( T *, T ), ?-=?( T *, T );
3604};
3605trait m_l_integral( otype T | m_l_arithmetic( T ) | integral( T ) ) {§\impl{m_l_integral}§
3606        T ?&=?( T *, T ), ?|=?( T *, T ), ?^=?( T *, T );§\use{m_l_arithmetic}§
3607        T ?%=?( T *, T ), ?<<=?( T *, T ), ?>>=?( T *, T );§\use{integral}§
3608};
3609\end{lstlisting}
3610
3611
3612\subsection{Pointer and array types}
3613
3614Array types can barely be said to exist in {\c11}, since in most cases an array name is treated as a constant pointer to the first element of the array, and the subscript expression ``©a[i]©'' is equivalent to the dereferencing expression ``©(*( a+( i )))©''.
3615Technically, pointer arithmetic and pointer comparisons other than ``©==©'' and ``©!=©'' are only defined for pointers to array elements, but the type system does not enforce those restrictions.
3616Consequently, there is no need for a separate ``array type'' specification.
3617
3618Pointer types are scalar types.
3619Like other scalar types, they have ``©+©'' and ``©-©'' operators, but the types do not match the types of the operations in ©arithmetic©, so these operators cannot be consolidated in ©scalar©.
3620\begin{lstlisting}
3621trait pointer( type P | scalar( P ) ) {§\impl{pointer}§§\use{scalar}§
3622        P ?+?( P, long int ), ?+?( long int, P ), ?-?( P, long int );
3623        ptrdiff_t ?-?( P, P );
3624};
3625trait m_l_pointer( type P | pointer( P ) | m_l_scalar( P ) ) {§\impl{m_l_pointer}§
3626        P ?+=?( P *, long int ), ?-=?( P *, long int );
3627        P ?=?( P *, void * );
3628        void * ?=?( void **, P );
3629};
3630\end{lstlisting}
3631
3632Specifications that define the dereference operator ( or subscript operator ) require two parameters, one for the pointer type and one for the pointed-at ( or element ) type.
3633Different specifications are needed for each set of \Index{type qualifier}s, because qualifiers are not included in types.
3634The assertion ``©|ptr_to( Safe_pointer, int )©'' should be read as ``©Safe_pointer© acts like a pointer to ©int©''.
3635\begin{lstlisting}
3636trait ptr_to( otype P | pointer( P ), otype T ) {§\impl{ptr_to}§§\use{pointer}§
3637        lvalue T *?( P );
3638        lvalue T ?[?]( P, long int );
3639};
3640trait ptr_to_const( otype P | pointer( P ), otype T ) {§\impl{ptr_to_const}§
3641        const lvalue T *?( P );
3642        const lvalue T ?[?]( P, long int );§\use{pointer}§
3643};
3644trait ptr_to_volatile( otype P | pointer( P ), otype T ) }§\impl{ptr_to_volatile}§
3645        volatile lvalue T *?( P );
3646        volatile lvalue T ?[?]( P, long int );§\use{pointer}§
3647};
3648trait ptr_to_const_volatile( otype P | pointer( P ), otype T ) }§\impl{ptr_to_const_volatile}§
3649        const volatile lvalue T *?( P );§\use{pointer}§
3650        const volatile lvalue T ?[?]( P, long int );
3651};
3652\end{lstlisting}
3653
3654Assignment to pointers is more complicated than is the case with other types, because the target's type can have extra type qualifiers in the pointed-at type: a ``©T *©'' can be assigned to a ``©const T *©'', a ``©volatile T *©'', and a ``©const volatile T *©''.
3655Again, the pointed-at type is passed in, so that assertions can connect these specifications to the ``©ptr_to©'' specifications.
3656\begin{lstlisting}
3657trait m_l_ptr_to( otype P | m_l_pointer( P ),§\use{m_l_pointer}§§\impl{m_l_ptr_to}§ otype T | ptr_to( P, T )§\use{ptr_to}§ {
3658        P ?=?( P *, T * );
3659        T * ?=?( T **, P );
3660};
3661trait m_l_ptr_to_const( otype P | m_l_pointer( P ),§\use{m_l_pointer}§§\impl{m_l_ptr_to_const}§ otype T | ptr_to_const( P, T )§\use{ptr_to_const}§) {
3662        P ?=?( P *, const T * );
3663        const T * ?=?( const T **, P );
3664};
3665trait m_l_ptr_to_volatile( otype P | m_l_pointer( P ),§\use{m_l_pointer}§§\impl{m_l_ptr_to_volatile}§ otype T | ptr_to_volatile( P, T )) {§\use{ptr_to_volatile}§
3666        P ?=?( P *, volatile T * );
3667        volatile T * ?=?( volatile T **, P );
3668};
3669trait m_l_ptr_to_const_volatile( otype P | ptr_to_const_volatile( P ),§\use{ptr_to_const_volatile}§§\impl{m_l_ptr_to_const_volatile}§
3670                otype T | m_l_ptr_to_volatile( P, T ) | m_l_ptr_to_const( P )) {§\use{m_l_ptr_to_const}§§\use{m_l_ptr_to_volatile}§
3671        P ?=?( P *, const volatile T * );
3672        const volatile T * ?=?( const volatile T **, P );
3673};
3674\end{lstlisting}
3675
3676Note the regular manner in which type qualifiers appear in those specifications.
3677An alternative specification can make use of the fact that qualification of the pointed-at type is part of a pointer type to capture that regularity.
3678\begin{lstlisting}
3679trait m_l_ptr_like( type MyP | m_l_pointer( MyP ),§\use{m_l_pointer}§§\impl{m_l_ptr_like}§ type CP | m_l_pointer( CP ) ) {
3680        MyP ?=?( MyP *, CP );
3681        CP ?=?( CP *, MyP );
3682};
3683\end{lstlisting}
3684The assertion ``©| m_l_ptr_like( Safe_ptr, const int * )©'' should be read as ``©Safe_ptr© is a pointer type like ©const int *©''.
3685This specification has two defects, compared to the original four: there is no automatic assertion that dereferencing a ©MyP© produces an lvalue of the type that ©CP© points at, and the ``©|m_l_pointer( CP )©'' assertion provides only a weak assurance that the argument passed to ©CP© really is a pointer type.
3686
3687
3688\section{Relationships between operations}
3689
3690Different operators often have related meanings;
3691for instance, in C, ``©+©'', ``©+=©'', and the two versions of ``©++©'' perform variations of addition.
3692Languages like {\CC} and Ada allow programmers to define operators for new types, but do not require that these relationships be preserved, or even that all of the operators be implemented.
3693Completeness and consistency is left to the good taste and discretion of the programmer.
3694It is possible to encourage these attributes by providing generic operator functions, or member functions of abstract classes, that are defined in terms of other, related operators.
3695
3696In \CFA, polymorphic functions provide the equivalent of these generic operators, and specifications explicitly define the minimal implementation that a programmer should provide.
3697This section shows a few examples.
3698
3699
3700\subsection{Relational and equality operators}
3701
3702The different comparison operators have obvious relationships, but there is no obvious subset of the operations to use in the implementation of the others.
3703However, it is usually convenient to implement a single comparison function that returns a negative integer, 0, or a positive integer if its first argument is respectively less than, equal to, or greater than its second argument;
3704the library function ©strcmp© is an example.
3705
3706C and \CFA have an extra, non-obvious comparison operator: ``©!©'', logical negation, returns 1 if its operand compares equal to 0, and 0 otherwise.
3707\begin{lstlisting}
3708trait comparable( otype T ) {
3709        const T 0;
3710        int compare( T, T );
3711}
3712forall( otype T | comparable( T ) ) int ?<?( T l, T r ) {
3713        return compare( l, r ) < 0;
3714}
3715// ... similarly for <=, ==, >=, >, and !=.
3716forall( otype T | comparable( T ) ) int !?( T operand ) {
3717        return !compare( operand, 0 );
3718}
3719\end{lstlisting}
3720
3721
3722\subsection{Arithmetic and integer operations}
3723
3724A complete arithmetic type would provide the arithmetic operators and the corresponding assignment operators.
3725Of these, the assignment operators are more likely to be implemented directly, because it is usually more efficient to alter the contents of an existing object than to create and return a new one.
3726Similarly, a complete integral type would provide integral operations based on integral assignment operations.
3727\begin{lstlisting}
3728trait arith_base( otype T ) {
3729        const T 1;
3730        T ?+=?( T *, T ), ?-=?( T *, T ), ?*=?( T *, T ), ?/=?( T *, T );
3731}
3732forall( otype T | arith_base( T ) ) T ?+?( T l, T r ) {
3733        return l += r;
3734}
3735forall( otype T | arith_base( T ) ) T ?++( T * operand ) {
3736        T temporary = *operand;
3737        *operand += 1;
3738        return temporary;
3739}
3740forall( otype T | arith_base( T ) ) T ++?( T * operand ) {
3741        return *operand += 1;
3742}
3743// ... similarly for -, --, *, and /.
3744trait int_base( otype T ) {
3745        T ?&=?( T *, T ), ?|=?( T *, T ), ?^=?( T *, T );
3746        T ?%=?( T *, T ), ?<<=?( T *, T ), ?>>=?( T *, T );
3747}
3748forall( otype T | int_base( T ) ) T ?&?( T l, T r ) {
3749        return l &= r;
3750}
3751// ... similarly for |, ^, %, <<, and >>.
3752\end{lstlisting}
3753
3754Note that, although an arithmetic type would certainly provide comparison functions, and an integral type would provide arithmetic operations, there does not have to be any relationship among ©int_base©, ©arith_base© and ©comparable©.
3755Note also that these declarations provide guidance and assistance, but they do not define an absolutely minimal set of requirements.
3756A truly minimal implementation of an arithmetic type might only provide ©0©, ©1©, and ©?-=?©, which would be used by polymorphic ©?+=?©, ©?*=?©, and ©?/=?© functions.
3757
3758Note also that ©short© is an integer type in C11 terms, but has no operations!
3759
3760
3761\chapter{TODO}
3762Review index entries.
3763
3764Restrict allowed to qualify anything, or type/dtype parameters, but only affects pointers.
3765This gets into ©noalias© territory.
3766Qualifying anything (``©short restrict rs©'') means pointer parameters of ©?++©, etc, would need restrict qualifiers.
3767
3768Enumerated types.
3769Constants are not ints.
3770Overloading.
3771Definition should be ``representable as an integer type'', not ``as an int''.
3772C11 usual conversions freely convert to and from ordinary integer types via assignment, which works between any integer types.
3773Does enum Color ?*?( enum
3774Color, enum Color ) really make sense? ?++ does, but it adds (int)1.
3775
3776Operators on {,signed,unsigned} char and other small types. ©?<?© harmless;
3777?*? questionable for chars.
3778Generic selections make these choices visible.
3779Safe conversion operators? Predefined ``promotion'' function?
3780
3781©register© assignment might be handled as assignment to a temporary with copying back and forth, but copying must not be done by assignment.
3782
3783Don't use ©ptrdiff_t© by name in the predefineds.
3784
3785Polymorphic objects.
3786Polymorphic typedefs and type declarations.
3787
3788
3789\bibliographystyle{plain}
3790\bibliography{cfa}
3791
3792
3793\addcontentsline{toc}{chapter}{\indexname} % add index name to table of contents
3794\begin{theindex}
3795Italic page numbers give the location of the main entry for the referenced term.
3796Plain page numbers denote uses of the indexed term.
3797Entries for grammar non-terminals are italicized.
3798A typewriter font is used for grammar terminals and program identifiers.
3799\indexspace
3800\input{refrat.ind}
3801\end{theindex}
3802
3803\end{document}
3804
3805% Local Variables: %
3806% tab-width: 4 %
3807% fill-column: 100 %
3808% compile-command: "make" %
3809% End: %
Note: See TracBrowser for help on using the repository browser.