Index: doc/theses/fangren_yu_MMath/intro.tex
===================================================================
--- doc/theses/fangren_yu_MMath/intro.tex	(revision fbb5bddaaa349c1b387c0a56e42a38eb8e7edb10)
+++ doc/theses/fangren_yu_MMath/intro.tex	(revision 50be644477314cc6ae43b906adadec8e8f5b156e)
@@ -291,4 +291,290 @@
 \section{Polymorphism}
 
+\CFA provides polymorphic functions and types, where the polymorphic function can be the constraints types using assertions based on traits.
+
+\subsection{\texorpdfstring{\protect\lstinline{forall} functions}{forall functions}}
+\label{sec:poly-fns}
+
+The signature feature of \CFA is parametric-polymorphic functions~\cite{forceone:impl,Cormack90,Duggan96} with functions generalized using a @forall@ clause (giving the language its name).
+\begin{cfa}
+@forall( T )@ T identity( T val ) { return val; }
+int forty_two = identity( 42 );		$\C{// T is bound to int, forty\_two == 42}$
+\end{cfa}
+This @identity@ function can be applied to any complete \newterm{object type} (or @otype@).
+The type variable @T@ is transformed into a set of additional implicit parameters encoding sufficient information about @T@ to create and return a variable of that type.
+The \CFA implementation passes the size and alignment of the type represented by an @otype@ parameter, as well as an assignment operator, constructor, copy constructor, and destructor.
+If this extra information is not needed, for instance, for a pointer, the type parameter can be declared as a \newterm{data type} (or @dtype@).
+
+In \CFA, the polymorphic runtime cost is spread over each polymorphic call, because more arguments are passed to polymorphic functions;
+the experiments in Section~\ref{sec:eval} show this overhead is similar to \CC virtual function calls.
+A design advantage is that, unlike \CC template functions, \CFA polymorphic functions are compatible with C \emph{separate compilation}, preventing compilation and code bloat.
+
+Since bare polymorphic types provide a restricted set of available operations, \CFA provides a \newterm{type assertion}~\cite[pp.~37-44]{Alphard} mechanism to provide further type information, where type assertions may be variable or function declarations that depend on a polymorphic type variable.
+For example, the function @twice@ can be defined using the \CFA syntax for operator overloading.
+\begin{cfa}
+forall( T @| { T ?+?(T, T); }@ ) T twice( T x ) { return x @+@ x; }  $\C{// ? denotes operands}$
+int val = twice( twice( 3.7 ) );  $\C{// val == 14}$
+\end{cfa}
+This works for any type @T@ with a matching addition operator.
+The polymorphism is achieved by creating a wrapper function for calling @+@ with the @T@ bound to @double@ and then passing this function to the first call of @twice@.
+There is now the option of using the same @twice@ and converting the result into @int@ on assignment or creating another @twice@ with the type parameter @T@ bound to @int@ because \CFA uses the return type~\cite{Cormack81,Baker82,Ada} in its type analysis.
+The first approach has a late conversion from @double@ to @int@ on the final assignment, whereas the second has an early conversion to @int@.
+\CFA minimizes the number of conversions and their potential to lose information;
+hence, it selects the first approach, which corresponds with C programmer intuition.
+
+Crucial to the design of a new programming language are the libraries to access thousands of external software features.
+Like \CC, \CFA inherits a massive compatible library base, where other programming languages must rewrite or provide fragile interlanguage communication with C.
+A simple example is leveraging the existing type-unsafe (@void *@) C @bsearch@ to binary search a sorted float array.
+\begin{cfa}
+void * bsearch( const void * key, const void * base, size_t nmemb, size_t size,
+				int (* compar)( const void *, const void * ));
+int comp( const void * t1, const void * t2 ) {
+	 return *(double *)t1 < *(double *)t2 ? -1 : *(double *)t2 < *(double *)t1 ? 1 : 0;
+}
+double key = 5.0, vals[10] = { /* 10 sorted float values */ };
+double * val = (double *)bsearch( &key, vals, 10, sizeof(vals[0]), comp ); $\C{// search sorted array}$
+\end{cfa}
+This can be augmented simply with generalized, type-safe, \CFA-overloaded wrappers.
+\begin{cfa}
+forall( T | { int ?<?( T, T ); } ) T * bsearch( T key, const T * arr, size_t size ) {
+	int comp( const void * t1, const void * t2 ) { /* as above with double changed to T */ }
+	return (T *)bsearch( &key, arr, size, sizeof(T), comp );
+}
+forall( T | { int ?<?( T, T ); } ) unsigned int bsearch( T key, const T * arr, size_t size ) {
+	T * result = bsearch( key, arr, size );	$\C{// call first version}$
+	return result ? result - arr : size; $\C{// pointer subtraction includes sizeof(T)}$
+}
+double * val = bsearch( 5.0, vals, 10 ); $\C{// selection based on return type}$
+int posn = bsearch( 5.0, vals, 10 );
+\end{cfa}
+The nested function @comp@ provides the hidden interface from typed \CFA to untyped (@void *@) C, plus the cast of the result.
+% FIX
+Providing a hidden @comp@ function in \CC is awkward as lambdas do not use C calling conventions and template declarations cannot appear in block scope.
+In addition, an alternate kind of return is made available: position versus pointer to found element.
+\CC's type system cannot disambiguate between the two versions of @bsearch@ because it does not use the return type in overload resolution, nor can \CC separately compile a template @bsearch@.
+
+\CFA has replacement libraries condensing hundreds of existing C functions into tens of \CFA overloaded functions, all without rewriting the actual computations (see Section~\ref{sec:libraries}).
+For example, it is possible to write a type-safe \CFA wrapper @malloc@ based on the C @malloc@, where the return type supplies the type/size of the allocation, which is impossible in most type systems.
+\begin{cfa}
+forall( T & | sized(T) ) T * malloc( void ) { return (T *)malloc( sizeof(T) ); }
+// select type and size from left-hand side
+int * ip = malloc();  double * dp = malloc();  struct S {...} * sp = malloc();
+\end{cfa}
+
+Call site inferencing and nested functions provide a localized form of inheritance.
+For example, the \CFA @qsort@ only sorts in ascending order using @<@.
+However, it is trivial to locally change this behavior.
+\begin{cfa}
+forall( T | { int ?<?( T, T ); } ) void qsort( const T * arr, size_t size ) { /* use C qsort */ }
+int main() {
+	int ?<?( double x, double y ) { return x @>@ y; } $\C{// locally override behavior}$
+	qsort( vals, 10 );							$\C{// descending sort}$
+}
+\end{cfa}
+The local version of @?<?@ performs @?>?@ overriding the built-in @?<?@ so it is passed to @qsort@.
+Therefore, programmers can easily form local environments, adding and modifying appropriate functions, to maximize the reuse of other existing functions and types.
+
+To reduce duplication, it is possible to distribute a group of @forall@ (and storage-class qualifiers) over functions/types, such that each block declaration is prefixed by the group (see the example in Appendix~\ref{s:CforallStack}).
+\begin{cfa}
+forall( @T@ ) {							$\C{// distribution block, add forall qualifier to declarations}$
+	struct stack { stack_node(@T@) * head; };	$\C{// generic type}$
+	inline {									$\C{// nested distribution block, add forall/inline to declarations}$
+		void push( stack(@T@) & s, @T@ value ) ...	$\C{// generic operations}$
+	}
+}
+\end{cfa}
+
+
+\subsection{Traits}
+
+\CFA provides \newterm{traits} to name a group of type assertions, where the trait name allows specifying the same set of assertions in multiple locations, preventing repetition mistakes at each function declaration.
+\begin{cquote}
+\lstDeleteShortInline@%
+\begin{tabular}{@{}l@{\hspace{\parindentlnth}}|@{\hspace{\parindentlnth}}l@{}}
+\begin{cfa}
+trait @sumable@( T ) {
+	void @?{}@( T &, zero_t ); // 0 literal constructor
+	T ?+?( T, T );			 // assortment of additions
+	T @?+=?@( T &, T );
+	T ++?( T & );
+	T ?++( T & );
+};
+\end{cfa}
+&
+\begin{cfa}
+forall( T @| sumable( T )@ ) // use trait
+T sum( T a[$\,$], size_t size ) {
+	@T@ total = { @0@ };  // initialize by 0 constructor
+	for ( size_t i = 0; i < size; i += 1 )
+		total @+=@ a[i]; // select appropriate +
+	return total;
+}
+\end{cfa}
+\end{tabular}
+\lstMakeShortInline@%
+\end{cquote}
+
+Note that the @sumable@ trait does not include a copy constructor needed for the right side of @?+=?@ and return;
+it is provided by @otype@, which is syntactic sugar for the following trait.
+\begin{cfa}
+trait otype( T & | sized(T) ) {  // sized is a pseudo-trait for types with known size and alignment
+	void ?{}( T & );						$\C{// default constructor}$
+	void ?{}( T &, T );						$\C{// copy constructor}$
+	void ?=?( T &, T );						$\C{// assignment operator}$
+	void ^?{}( T & );						$\C{// destructor}$
+};
+\end{cfa}
+Given the information provided for an @otype@, variables of polymorphic type can be treated as if they were a complete type: stack allocatable, default or copy initialized, assigned, and deleted.
+
+In summation, the \CFA type system uses \newterm{nominal typing} for concrete types, matching with the C type system, and \newterm{structural typing} for polymorphic types.
+Hence, trait names play no part in type equivalence;
+the names are simply macros for a list of polymorphic assertions, which are expanded at usage sites.
+Nevertheless, trait names form a logical subtype hierarchy with @dtype@ at the top, where traits often contain overlapping assertions, \eg operator @+@.
+Traits are used like interfaces in Java or abstract base classes in \CC, but without the nominal inheritance relationships.
+Instead, each polymorphic function (or generic type) defines the structural type needed for its execution (polymorphic type key), and this key is fulfilled at each call site from the lexical environment, which is similar to the Go~\cite{Go} interfaces.
+Hence, new lexical scopes and nested functions are used extensively to create local subtypes, as in the @qsort@ example, without having to manage a nominal inheritance hierarchy.
+% (Nominal inheritance can be approximated with traits using marker variables or functions, as is done in Go.)
+
+% Nominal inheritance can be simulated with traits using marker variables or functions:
+% \begin{cfa}
+% trait nominal(T) {
+%     T is_nominal;
+% };
+% int is_nominal;								$\C{// int now satisfies the nominal trait}$
+% \end{cfa}
+%
+% Traits, however, are significantly more powerful than nominal-inheritance interfaces; most notably, traits may be used to declare a relationship \emph{among} multiple types, a property that may be difficult or impossible to represent in nominal-inheritance type systems:
+% \begin{cfa}
+% trait pointer_like(Ptr, El) {
+%     lvalue El *?(Ptr);						$\C{// Ptr can be dereferenced into a modifiable value of type El}$
+% }
+% struct list {
+%     int value;
+%     list * next;								$\C{// may omit "struct" on type names as in \CC}$
+% };
+% typedef list * list_iterator;
+%
+% lvalue int *?( list_iterator it ) { return it->value; }
+% \end{cfa}
+% In the example above, @(list_iterator, int)@ satisfies @pointer_like@ by the user-defined dereference function, and @(list_iterator, list)@ also satisfies @pointer_like@ by the built-in dereference operator for pointers. Given a declaration @list_iterator it@, @*it@ can be either an @int@ or a @list@, with the meaning disambiguated by context (\eg @int x = *it;@ interprets @*it@ as an @int@, while @(*it).value = 42;@ interprets @*it@ as a @list@).
+% While a nominal-inheritance system with associated types could model one of those two relationships by making @El@ an associated type of @Ptr@ in the @pointer_like@ implementation, few such systems could model both relationships simultaneously.
+
+
+\subsection{Generic Types}
+
+A significant shortcoming of standard C is the lack of reusable type-safe abstractions for generic data structures and algorithms.
+Broadly speaking, there are three approaches to implement abstract data structures in C.
+One approach is to write bespoke data structures for each context in which they are needed.
+While this approach is flexible and supports integration with the C type checker and tooling, it is also tedious and error prone, especially for more complex data structures.
+A second approach is to use @void *@-based polymorphism, \eg the C standard library functions @bsearch@ and @qsort@, which allow for the reuse of code with common functionality.
+However, basing all polymorphism on @void *@ eliminates the type checker's ability to ensure that argument types are properly matched, often requiring a number of extra function parameters, pointer indirection, and dynamic allocation that is otherwise not needed.
+A third approach to generic code is to use preprocessor macros, which does allow the generated code to be both generic and type checked, but errors may be difficult to interpret.
+Furthermore, writing and using preprocessor macros is unnatural and inflexible.
+
+\CC, Java, and other languages use \newterm{generic types} to produce type-safe abstract data types.
+\CFA generic types integrate efficiently and naturally with the existing polymorphic functions, while retaining backward compatibility with C and providing separate compilation.
+However, for known concrete parameters, the generic-type definition can be inlined, like \CC templates.
+
+A generic type can be declared by placing a @forall@ specifier on a @struct@ or @union@ declaration and instantiated using a parenthesized list of types after the type name.
+\begin{cquote}
+\lstDeleteShortInline@%
+\begin{tabular}{@{}l|@{\hspace{\parindentlnth}}l@{}}
+\begin{cfa}
+@forall( R, S )@ struct pair {
+	R first;	S second;
+};
+@forall( T )@ // dynamic
+T value( pair(const char *, T) p ) { return p.second; }
+@forall( dtype F, T )@ // dtype-static (concrete)
+T value( pair(F *, T * ) p) { return *p.second; }
+\end{cfa}
+&
+\begin{cfa}
+pair(const char *, int) p = {"magic", 42}; // concrete
+int i = value( p );
+pair(void *, int *) q = { 0, &p.second }; // concrete
+i = value( q );
+double d = 1.0;
+pair(double *, double *) r = { &d, &d }; // concrete
+d = value( r );
+\end{cfa}
+\end{tabular}
+\lstMakeShortInline@%
+\end{cquote}
+
+\CFA classifies generic types as either \newterm{concrete} or \newterm{dynamic}.
+Concrete types have a fixed memory layout regardless of type parameters, whereas dynamic types vary in memory layout depending on their type parameters.
+A \newterm{dtype-static} type has polymorphic parameters but is still concrete.
+Polymorphic pointers are an example of dtype-static types;
+given some type variable @T@, @T@ is a polymorphic type, as is @T *@, but @T *@ has a fixed size and can, therefore, be represented by @void *@ in code generation.
+
+\CFA generic types also allow checked argument constraints.
+For example, the following declaration of a sorted set type ensures the set key supports equality and relational comparison.
+\begin{cfa}
+forall( Key | { _Bool ?==?(Key, Key); _Bool ?<?(Key, Key); } ) struct sorted_set;
+\end{cfa}
+
+
+\subsection{Concrete generic types}
+
+The \CFA translator template expands concrete generic types into new structure types, affording maximal inlining.
+To enable interoperation among equivalent instantiations of a generic type, the translator saves the set of instantiations currently in scope and reuses the generated structure declarations where appropriate.
+A function declaration that accepts or returns a concrete generic type produces a declaration for the instantiated structure in the same scope, which all callers may reuse.
+For example, the concrete instantiation for @pair( const char *, int )@ is
+\begin{cfa}
+struct _pair_conc0 {
+	const char * first;  int second;
+};
+\end{cfa}
+
+A concrete generic type with dtype-static parameters is also expanded to a structure type, but this type is used for all matching instantiations.
+In the above example, the @pair( F *, T * )@ parameter to @value@ is such a type; its expansion is below, and it is used as the type of the variables @q@ and @r@ as well, with casts for member access where appropriate.
+\begin{cfa}
+struct _pair_conc1 {
+	void * first, * second;
+};
+\end{cfa}
+
+
+\subsection{Dynamic generic types}
+
+Though \CFA implements concrete generic types efficiently, it also has a fully general system for dynamic generic types.
+As mentioned in Section~\ref{sec:poly-fns}, @otype@ function parameters (in fact, all @sized@ polymorphic parameters) come with implicit size and alignment parameters provided by the caller.
+Dynamic generic types also have an \newterm{offset array} containing structure-member offsets.
+A dynamic generic @union@ needs no such offset array, as all members are at offset 0, but size and alignment are still necessary.
+Access to members of a dynamic structure is provided at runtime via base displacement addressing
+% FIX
+using the structure pointer and the member offset (similar to the @offsetof@ macro), moving a compile-time offset calculation to runtime.
+
+The offset arrays are statically generated where possible.
+If a dynamic generic type is declared to be passed or returned by value from a polymorphic function, the translator can safely assume that the generic type is complete (\ie has a known layout) at any call site, and the offset array is passed from the caller;
+if the generic type is concrete at the call site, the elements of this offset array can even be statically generated using the C @offsetof@ macro.
+As an example, the body of the second @value@ function is implemented as
+\begin{cfa}
+_assign_T( _retval, p + _offsetof_pair[1] ); $\C{// return *p.second}$
+\end{cfa}
+\newpage
+\noindent
+Here, @_assign_T@ is passed in as an implicit parameter from @T@, and takes two @T *@ (@void *@ in the generated code), a destination and a source, and @_retval@ is the pointer to a caller-allocated buffer for the return value, the usual \CFA method to handle dynamically sized return types.
+@_offsetof_pair@ is the offset array passed into @value@;
+this array is generated at the call site as
+\begin{cfa}
+size_t _offsetof_pair[] = { offsetof( _pair_conc0, first ), offsetof( _pair_conc0, second ) }
+\end{cfa}
+
+In some cases, the offset arrays cannot be statically generated.
+For instance, modularity is generally provided in C by including an opaque forward declaration of a structure and associated accessor and mutator functions in a header file, with the actual implementations in a separately compiled @.c@ file.
+\CFA supports this pattern for generic types, but the caller does not know the actual layout or size of the dynamic generic type and only holds it by a pointer.
+The \CFA translator automatically generates \newterm{layout functions} for cases where the size, alignment, and offset array of a generic struct cannot be passed into a function from that function's caller.
+These layout functions take as arguments pointers to size and alignment variables and a caller-allocated array of member offsets, as well as the size and alignment of all @sized@ parameters to the generic structure (un@sized@ parameters are forbidden from being used in a context that affects layout).
+Results of these layout functions are cached so that they are only computed once per type per function. %, as in the example below for @pair@.
+Layout functions also allow generic types to be used in a function definition without reflecting them in the function signature.
+For instance, a function that strips duplicate values from an unsorted @vector(T)@ likely has a pointer to the vector as its only explicit parameter, but uses some sort of @set(T)@ internally to test for duplicate values.
+This function could acquire the layout for @set(T)@ by calling its layout function with the layout of @T@ implicitly passed into the function.
+
+Whether a type is concrete, dtype-static, or dynamic is decided solely on the @forall@'s type parameters.
+This design allows opaque forward declarations of generic types, \eg @forall(T)@ @struct Box@ -- like in C, all uses of @Box(T)@ can be separately compiled, and callers from other translation units know the proper calling conventions to use.
+If the definition of a structure type is included in deciding whether a generic type is dynamic or concrete, some further types may be recognized as dtype-static (\eg @forall(T)@ @struct unique_ptr { T * p }@ does not depend on @T@ for its layout, but the existence of an @otype@ parameter means that it \emph{could}.);
+however, preserving separate compilation (and the associated C compatibility) in the existing design is judged to be an appropriate trade-off.