Context Navigation

← Previous Change
Next Change →

user.tex

Timestamp:

Jul 19, 2017, 11:49:33 AM (8 years ago)

Author:

Aaron Moss <a3moss@…>

Branches:

ADT, aaron-thesis, arm-eh, ast-experimental, cleanup-dtors, deferred_resn, demangler, enum, forall-pointer-decay, jacob/cs343-translation, jenkins-sandbox, master, new-ast, new-ast-unique-expr, new-env, no_list, persistent-indexer, pthread-emulation, qualifiedEnum, resolv-new, with_gc

Children:

9cc0472

Parents:

fea3faa (diff), a57cb58 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

Merge branch 'master' of plg.uwaterloo.ca:software/cfa/cfa-cc

File:

: 1 edited

doc/user/user.tex (modified) (49 diffs)

Legend:

: Unmodified
: Added
: Removed

doc/user/user.tex

-              rfea3faa
+              rb826e6b
 %% Created On       : Wed Apr  6 14:53:29 2016
 %% Last Modified By : Peter A. Buhr
 %% Last Modified On : Fri Jun 16 12:00:01 2017
 %% Update Count     : 2433
+%% Last Modified On : Mon Jul 17 13:06:40 2017
+%% Update Count     : 2825
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 …
 \usepackage{textcomp}
 \usepackage[latin1]{inputenc}
-% Default underscore is too low and wide. Cannot use lstlisting "literate" as replacing underscore
-% removes it as a variable-name character so keyworks in variables are highlighted
-\DeclareTextCommandDefault{\textunderscore}{\leavevmode\makebox[1.2ex][c]{\rule{1ex}{0.1ex}}}
 \usepackage{fullpage,times,comment}
 …
 \renewcommand{\UrlFont}{\small\sf}
+% Default underscore is too low and wide. Cannot use lstlisting "literate" as replacing underscore
+% removes it as a variable-name character so keywords in variables are highlighted. MUST APPEAR
+% AFTER HYPERREF.
+\renewcommand{\_}{\leavevmode\makebox[1.2ex][c]{\rule{1ex}{0.075ex}}}
+\renewcommand{\textunderscore}{\leavevmode\makebox[1.2ex][c]{\rule{1ex}{0.075ex}}}
 \setlength{\topmargin}{-0.45in}                                                 % move running title into header
 \setlength{\headsep}{0.25in}
 …
 \CFAStyle                                                                                               % use default CFA format-style
+\lstnewenvironment{C++}[1][]
+{\lstset{language=C++,moredelim=**[is][\protect\color{red}]{®}{®}#1}}
+{}
 % inline code ©...© (copyright symbol) emacs: C-q M-)
 …
 \renewcommand{\subsectionmark}[1]{\markboth{\thesubsection\quad #1}{\thesubsection\quad #1}}
 \pagenumbering{roman}
 %\linenumbers                                            % comment out to turn off line numbering
+\linenumbers                                            % comment out to turn off line numbering
 \maketitle
 …
 \CFA{}\index{cforall@\CFA}\footnote{Pronounced ``\Index*{C-for-all}'', and written \CFA, CFA, or \CFL.} is a modern general-purpose programming-language, designed as an evolutionary step forward for the C programming language.
 The syntax of the \CFA language builds from C, and should look immediately familiar to C/\Index*[C++]{\CC{}} programmers.
+The syntax of \CFA builds from C and should look immediately familiar to C/\Index*[C++]{\CC{}} programmers.
 % Any language feature that is not described here can be assumed to be using the standard \Celeven syntax.
 \CFA adds many modern programming-language features that directly lead to increased \emph{\Index{safety}} and \emph{\Index{productivity}}, while maintaining interoperability with existing C programs and achieving C performance.
 Like C, \CFA is a statically typed, procedural language with a low-overhead runtime, meaning there is no global \Index{garbage-collection}, but \Index{regional garbage-collection}\index{garbage-collection!regional} is possible.
+\CFA adds many modern programming-language features that directly lead to increased \emph{\Index{safety}} and \emph{\Index{productivity}}, while maintaining interoperability with existing C programs and achieving similar performance.
+Like C, \CFA is a statically typed, procedural (non-\Index{object-oriented}) language with a low-overhead runtime, meaning there is no global \Index{garbage-collection}, but \Index{regional garbage-collection}\index{garbage-collection!regional} is possible.
 The primary new features include parametric-polymorphic routines and types, exceptions, concurrency, and modules.
+One of the main design philosophies of \CFA is to ``describe not prescribe'', which means \CFA tries to provide a pathway from low-level C programming to high-level \CFA programming, but it does not force programmers to ``do the right thing''.
+Programmers can cautiously add \CFA extensions to their C programs in any order and at any time to incrementally move towards safer, higher-level programming features.
+A programmer is always free to reach back to C from \CFA for any reason, and in many cases, new \CFA features have a fallback to a C mechanism.
+There is no notion or requirement for rewriting a legacy C program in \CFA;
+instead, a programmer evolves an existing C program into \CFA by incrementally incorporating \CFA features.
+New programs can be written in \CFA using a combination of C and \CFA features.
+\Index*[C++]{\CC{}} had a similar goal 30 years ago, but currently has the disadvantages of multiple legacy design-choices that cannot be updated and active divergence of the language model from C, requiring significant effort and training to incrementally add \CC to a C-based project.
+One of the main design philosophies of \CFA is to ``\Index{describe not prescribe}'', which means \CFA tries to provide a pathway from low-level C programming to high-level \CFA programming, but it does not force programmers to ``do the right thing''.
+Programmers can cautiously add \CFA extensions to their C programs in any order and at any time to incrementally move towards safer, higher-level programming.
+A programmer is always free to reach back to C from \CFA, for any reason, and in many cases, new \CFA features can be locally switched back to there C counterpart.
+There is no notion or requirement for \emph{rewriting} a legacy C program in \CFA;
+instead, a programmer evolves a legacy program into \CFA by incrementally incorporating \CFA features.
+As well, new programs can be written in \CFA using a combination of C and \CFA features.
+\Index*[C++]{\CC{}} had a similar goal 30 years ago, allowing object-oriented programming to be incrementally added to C.
+However, \CC currently has the disadvantages of a strong object-oriented bias, multiple legacy design-choices that cannot be updated, and active divergence of the language model from C, all of which requires significant effort and training to incrementally add \CC to a C-based project.
 In contrast, \CFA has 30 years of hindsight and a clean starting point.
 …
 \begin{quote2}
 \begin{tabular}{@{}l@{\hspace{1.5em}}l@{\hspace{1.5em}}l@{}}
+\multicolumn{1}{c@{\hspace{1.5em}}}{\textbf{\CFA}}      & \multicolumn{1}{c}{\textbf{C}}        & \multicolumn{1}{c}{\textbf{\CC}}      \\
+\begin{cfa}
+#include <fstream>§\indexc{fstream}§
+int main( void ) {
+        int x = 0, y = 1, z = 2;
+        ®sout | x | y | z | endl;®
+}
+\end{cfa}
+&
+\begin{lstlisting}
+\multicolumn{1}{c@{\hspace{1.5em}}}{\textbf{C}} & \multicolumn{1}{c}{\textbf{\CFA}}     & \multicolumn{1}{c}{\textbf{\CC}}      \\
+\begin{cfa}
 #include <stdio.h>§\indexc{stdio.h}§
 …
         ®printf( "%d %d %d\n", x, y, z );®
+}
 \end{lstlisting}
+\end{cfa}
+&
+\begin{lstlisting}
+\begin{cfa}
+#include <fstream>§\indexc{fstream}§
+int main( void ) {
+        int x = 0, y = 1, z = 2;
+        ®sout | x | y | z | endl;®§\indexc{sout}§
+}
+\end{cfa}
+&
+\begin{cfa}
 #include <iostream>§\indexc{iostream}§
 using namespace std;
 …
         ®cout<<x<<" "<<y<<" "<<z<<endl;®
+}
 \end{lstlisting}
+\end{cfa}
 \end{tabular}
 \end{quote2}
 While the \CFA I/O looks similar to the \Index*[C++]{\CC{}} output style, there are important differences, such as automatic spacing between variables as in \Index*{Python} (see~\VRef{s:IOLibrary}).
+\subsection{Background}
 This document is a programmer reference-manual for the \CFA programming language.
 The manual covers the core features of the language and runtime-system, with simple examples illustrating syntax and semantics of each feature.
 The manual does not teach programming, i.e., how to combine the new constructs to build complex programs.
 A reader should already have an intermediate knowledge of control flow, data structures, and concurrency issues to understand the ideas presented as well as some experience programming in C/\CC.
 Implementers may refer to the \CFA Programming Language Specification for details about the language syntax and semantics.
+A reader should already have an intermediate knowledge of control flow, data structures, and concurrency issues to understand the ideas presented, as well as some experience programming in C/\CC.
+Implementers should refer to the \CFA Programming Language Specification for details about the language syntax and semantics.
 Changes to the syntax and additional features are expected to be included in later revisions.
 …
 This installation base and the programmers producing it represent a massive software-engineering investment spanning decades and likely to continue for decades more.
 Even with all its problems, C continues to be popular because it allows writing software at virtually any level in a computer system without restriction.
 For system programming, where direct access to hardware and dealing with real-time issues is a requirement, C is usually the language of choice.
+For system programming, where direct access to hardware, storage management, and real-time issues are a requirement, C is usually the only language of choice.
 The TIOBE index~\cite{TIOBE} for March 2016 showed the following programming-language popularity: \Index*{Java} 20.5\%, C 14.5\%, \Index*[C++]{\CC{}} 6.7\%, \Csharp 4.3\%, \Index*{Python} 4.3\%, where the next 50 languages are less than 3\% each with a long tail.
 As well, for 30 years, C has been the number 1 and 2 most popular programming language:
 …
 \end{center}
 Hence, C is still an extremely important programming language, with double the usage of \Index*[C++]{\CC{}}; in many cases, \CC is often used solely as a better C.
 Love it or hate it, C has been an important and influential part of computer science for 40 years and sit appeal is not diminishing.
 Unfortunately, C has too many problems and omissions to make it an acceptable programming language for modern needs.
 As stated, the goal of the \CFA project is to engineer modern language features into C in an evolutionary rather than revolutionary way.
+Love it or hate it, C has been an important and influential part of computer science for 40 years and its appeal is not diminishing.
+Unfortunately, C has many problems and omissions that make it an unacceptable programming language for modern needs.
+As stated, the goal of the \CFA project is to engineer modern language-features into C in an evolutionary rather than revolutionary way.
 \CC~\cite{C++14,C++} is an example of a similar project;
 however, it largely extended the language, and did not address many existing problems.\footnote{%
+however, it largely extended the C language, and did not address most of C's existing problems.\footnote{%
 Two important existing problems addressed were changing the type of character literals from ©int© to ©char© and enumerator from ©int© to the type of its enumerators.}
 \Index*{Fortran}~\cite{Fortran08}, \Index*{Ada}~\cite{Ada12}, and \Index*{Cobol}~\cite{Cobol14} are examples of programming languages that took an evolutionary approach, where modern language features (\eg objects, concurrency) are added and problems fixed within the framework of the existing language.
+\Index*{Fortran}~\cite{Fortran08}, \Index*{Ada}~\cite{Ada12}, and \Index*{Cobol}~\cite{Cobol14} are examples of programming languages that took an evolutionary approach, where modern language-features (\eg objects, concurrency) are added and problems fixed within the framework of the existing language.
 \Index*{Java}~\cite{Java8}, \Index*{Go}~\cite{Go}, \Index*{Rust}~\cite{Rust} and \Index*{D}~\cite{D} are examples of the revolutionary approach for modernizing C/\CC, resulting in a new language rather than an extension of the descendent.
 These languages have different syntax and semantics from C, and do not interoperate directly with C, largely because of garbage collection.
+These languages have different syntax and semantics from C, do not interoperate directly with C, and are not systems languages because of restrictive memory-management or garbage collection.
 As a result, there is a significant learning curve to move to these languages, and C legacy-code must be rewritten.
 These costs can be prohibitive for many companies with a large software base in C/\CC, and a significant number of programmers requiring retraining to a new programming language.
 The result of this project is a language that is largely backwards compatible with \Index*[C11]{\Celeven{}}~\cite{C11}, but fixing some of the well known C problems and containing many modern language features.
+These costs can be prohibitive for many companies with a large software-base in C/\CC, and a significant number of programmers require retraining to the new programming language.
+The result of this project is a language that is largely backwards compatible with \Index*[C11]{\Celeven{}}~\cite{C11}, but fixes many of the well known C problems while containing modern language-features.
 Without significant extension to the C programming language, it is becoming unable to cope with the needs of modern programming problems and programmers;
 as a result, it will fade into disuse.
 Considering the large body of existing C code and programmers, there is significant impetus to ensure C is transformed into a modern programming language.
 While \Index*[C11]{\Celeven{}} made a few simple extensions to the language, nothing was added to address existing problems in the language or to augment the language with modern language features.
 While some may argue that modern language features may make C complex and inefficient, it is clear a language without modern capabilities is insufficient for the advanced programming problems existing today.
+While \Index*[C11]{\Celeven{}} made a few simple extensions to the language, nothing was added to address existing problems in the language or to augment the language with modern language-features.
+While some may argue that modern language-features may make C complex and inefficient, it is clear a language without modern capabilities is insufficient for the advanced programming problems existing today.
 \section{History}
 The \CFA project started with \Index*{K-W C}~\cite{Buhr94a,Till89}, which extended C with new declaration syntax, multiple return values from routines, and extended assignment capabilities using the notion of tuples.
+The \CFA project started with \Index*{K-W C}~\cite{Buhr94a,Till89}, which extended C with new declaration syntax, multiple return values from routines, and advanced assignment capabilities using the notion of tuples.
 (See~\cite{Werther96} for similar work in \Index*[C++]{\CC{}}.)
+A first \CFA implementation of these extensions was by Esteves~\cite{Esteves04}.
+The signature feature of \CFA is parametric-polymorphic functions~\cite{forceone:impl,Cormack90,Duggan96} with functions generalized using a ©forall© clause (giving the language its name):
+The first \CFA implementation of these extensions was by Esteves~\cite{Esteves04}.
+The signature feature of \CFA is \Index{overload}able \Index{parametric-polymorphic} functions~\cite{forceone:impl,Cormack90,Duggan96} with functions generalized using a ©forall© clause (giving the language its name):
 \begin{lstlisting}
 ®forall( otype T )® T identity( T val ) { return val; }
 …
 \CFA{}\hspace{1pt}'s polymorphism was originally formalized by Ditchfiled~\cite{Ditchfield92}, and first implemented by Bilson~\cite{Bilson03}.
 However, at that time, there was little interesting in extending C, so work did not continue.
 As the saying goes, ``What goes around, comes around.'', and there is now renewed interest in the C programming language because of legacy code-bases, so the \CFA project has been restarted.
+As the saying goes, ``\Index*{What goes around, comes around.}'', and there is now renewed interest in the C programming language because of legacy code-bases, so the \CFA project has been restarted.
 …
 \CFA is designed to integrate directly with existing C programs and libraries.
 The most important feature of \Index{interoperability} is using the same \Index{calling convention}s, so there is no overhead to call existing C routines.
+The most important feature of \Index{interoperability} is using the same \Index{calling convention}s, so there is no complex interface or overhead to call existing C routines.
 This feature allows \CFA programmers to take advantage of the existing panoply of C libraries to access thousands of external software features.
 Language developers often state that adequate \Index{library support} takes more work than designing and implementing the language itself.
 Fortunately, \CFA, like \Index*[C++]{\CC{}}, starts with immediate access to all exiting C libraries, and in many cases, can easily wrap library routines with simpler and safer interfaces, at very low cost.
 Hence, \CFA begins by leveraging the large repository of C libraries with little cost.
+Hence, \CFA begins by leveraging the large repository of C libraries at little cost.
 \begin{comment}
 …
 \end{comment}
 However, it is necessary to differentiate between C and \CFA code because of name overloading, as for \CC.
+However, it is necessary to differentiate between C and \CFA code because of name \Index{overload}ing, as for \CC.
 For example, the C math-library provides the following routines for computing the absolute value of the basic types: ©abs©, ©labs©, ©llabs©, ©fabs©, ©fabsf©, ©fabsl©, ©cabsf©, ©cabs©, and ©cabsl©.
 Whereas, \CFA wraps each of these routines into ones with the common name ©abs©:
+Whereas, \CFA wraps each of these routines into ones with the overloaded name ©abs©:
 \begin{cfa}
 char abs( char );
 …
 Hence, there is the same need as in \CC, to know if a name is a C or \CFA name, so it can be correctly formed.
 There is no way around this problem, other than C's approach of creating unique names for each pairing of operation and type.
 This example strongly illustrates a core idea in \CFA: \emph{the power of a name}.
+This example strongly illustrates a core idea in \CFA: \emph{the \Index{power of a name}}.
 The name ``©abs©'' evokes the notion of absolute value, and many mathematical types provide the notion of absolute value.
 Hence, knowing the name ©abs© should be sufficient to apply it to any type where it is applicable.
 The time savings and safety of using one name uniformly versus $N$ unique names should not be underestimated.
 \section[Compiling CFA Program]{Compiling \CFA Program}
+Hence, knowing the name ©abs© is sufficient to apply it to any type where it is applicable.
+The time savings and safety of using one name uniformly versus $N$ unique names cannot be underestimated.
+\section[Compiling a CFA Program]{Compiling a \CFA Program}
 The command ©cfa© is used to compile \CFA program(s), and is based on the GNU \Indexc{gcc} command, \eg:
 \begin{cfa}
 cfa§\indexc{cfa}\index{compilation!cfa@©cfa©}§ [ gcc-options ] C/§\CFA§-files [ assembler/loader-files ]
+cfa§\indexc{cfa}\index{compilation!cfa@©cfa©}§ [ gcc-options ] C/§\CFA{}§-files [ assembler/loader-files ]
 \end{cfa}
 \CFA programs having the following ©gcc© flags turned on:
 …
 The 1999 C standard plus GNU extensions.
 \item
+{\lstset{deletekeywords={inline}}
+\Indexc{-fgnu89-inline}\index{compilation option!-fgnu89-inline@{©-fgnu89-inline©}}
+\Indexc[deletekeywords=inline]{-fgnu89-inline}\index{compilation option!-fgnu89-inline@{\lstinline[deletekeywords=inline]$-fgnu89-inline$}}
 Use the traditional GNU semantics for inline routines in C99 mode, which allows inline routines in header files.
-}%
 \end{description}
 The following new \CFA options are available:
 …
 \Indexc{-debug}\index{compilation option!-debug@©-debug©}
 The program is linked with the debugging version of the runtime system.
 The debug version performs runtime checks to help during the debugging phase of a \CFA program, but substantially slows the execution of the program.
+The debug version performs runtime checks to help during the debugging phase of a \CFA program, but can substantially slow program execution.
 The runtime checks should only be removed after the program is completely debugged.
 \textbf{This option is the default.}
 …
 \end{description}
 These preprocessor variables allow conditional compilation of programs that must work differently in these situations.
 For example, to toggle between C and \CFA extensions, using the following:
+For example, to toggle between C and \CFA extensions, use the following:
 \begin{cfa}
 #ifndef __CFORALL__
 …
 \section{Constants Underscores}
 Numeric constants are extended to allow \Index{underscore}s within constants\index{constant!underscore}, \eg:
+\section{Constant Underscores}
+Numeric constants are extended to allow \Index{underscore}s\index{constant!underscore}, \eg:
 \begin{cfa}
 ®_®147®_®483®_®648;                                    §\C{// decimal constant}§
 …
 L®_®§"\texttt{\textbackslash{x}}§®_®§\texttt{ff}§®_®§\texttt{ee}"§;     §\C{// wide character constant}§
 \end{cfa}
 The rules for placement of underscores is as follows:
 \begin{enumerate}
+The rules for placement of underscores are:
+\begin{enumerate}[topsep=5pt,itemsep=5pt,parsep=0pt]
 \item
 A sequence of underscores is disallowed, \eg ©12__34© is invalid.
 …
 \label{s:BackquoteIdentifiers}
+\CFA accommodates keyword clashes with existing C variable-names by syntactic transformations using the \CFA backquote escape-mechanism:
+\CFA introduces in new keywords (see \VRef{s:CFAKeywords}) that can clash with existing C variable-names in legacy code.
+Keyword clashes are accommodated by syntactic transformations using the \CFA backquote escape-mechanism:
 \begin{cfa}
 int ®`®otype®`® = 3;                    §\C{// make keyword an identifier}§
 …
 \end{cfa}
 Existing C programs with keyword clashes can be converted by enclosing keyword identifiers in backquotes, and eventually the identifier name can be changed to a non-keyword name.
 \VRef[Figure]{f:InterpositionHeaderFile} shows how clashes in C header files (see~\VRef{s:StandardHeaders}) can be handled using preprocessor \newterm{interposition}: ©#include_next© and ©-I filename©:
+\VRef[Figure]{f:HeaderFileInterposition} shows how clashes in C header files (see~\VRef{s:StandardHeaders}) can be handled using preprocessor \newterm{interposition}: ©#include_next© and ©-I filename©:
 \begin{figure}
 …
 #define otype ®`®otype®`®               §\C{// make keyword an identifier}§
 #define __CFA_BFD_H__
 #endif // ! otype
 #include_next <bfd.h>                   §\C{// must have internal check for multiple expansion}§
+#endif
+®#include_next <bfd.h>                  §\C{// must have internal check for multiple expansion}§
+®
 #if defined( otype ) && defined( __CFA_BFD_H__ )        §\C{// reset only if set}§
 #undef otype
 #undef __CFA_BFD_H__
 #endif // otype && __CFA_BFD_H__
 \end{cfa}
 \caption{Interposition of Header File}
 \label{f:InterpositionHeaderFile}
+#endif
+\end{cfa}
+\caption{Header-File Interposition}
+\label{f:HeaderFileInterposition}
 \end{figure}
+\section{Declarations}
+\label{s:Declarations}
+C declaration syntax is notoriously confusing and error prone.
+For example, many C programmers are confused by a declaration as simple as:
+\begin{quote2}
+\begin{tabular}{@{}ll@{}}
+\begin{cfa}
+int * x[5]
+\end{cfa}
+&
+\raisebox{-0.75\totalheight}{\input{Cdecl}}
+\end{tabular}
+\end{quote2}
+Is this an array of 5 pointers to integers or a \Index{pointer} to an array of 5 integers?
+The fact this declaration is unclear to many C programmers means there are \Index{productivity} and \Index{safety} issues even for basic programs.
+Another example of confusion results from the fact that a routine name and its parameters are embedded within the return type, mimicking the way the return value is used at the routine's call site.
+For example, a routine returning a \Index{pointer} to an array of integers is defined and used in the following way:
+\begin{cfa}
+int ®(*®f®())[®5®]® {...};                              §\C{definition}§
+ ... ®(*®f®())[®3®]® += 1;                              §\C{usage}§
+\end{cfa}
+Essentially, the return type is wrapped around the routine name in successive layers (like an \Index{onion}).
+While attempting to make the two contexts consistent is a laudable goal, it has not worked out in practice.
+\CFA provides its own type, variable and routine declarations, using a different syntax.
+The new declarations place qualifiers to the left of the base type, while C declarations place qualifiers to the right of the base type.
+In the following example, \R{red} is the base type and \B{blue} is qualifiers.
+The \CFA declarations move the qualifiers to the left of the base type, \ie move the blue to the left of the red, while the qualifiers have the same meaning but are ordered left to right to specify a variable's type.
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+ß[5] *ß ®int® x1;
+ß* [5]ß ®int® x2;
+ß[* [5] int]ß f®( int p )®;
+\end{cfa}
+&
+\begin{cfa}
+®int® ß*ß x1 ß[5]ß;
+®int® ß(*ßx2ß)[5]ß;
+ßint (*ßf®( int p )®ß)[5]ß;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The only exception is \Index{bit field} specification, which always appear to the right of the base type.
+% Specifically, the character ©*© is used to indicate a pointer, square brackets ©[©\,©]© are used to represent an array or function return value, and parentheses ©()© are used to indicate a routine parameter.
+However, unlike C, \CFA type declaration tokens are distributed across all variables in the declaration list.
+For instance, variables ©x© and ©y© of type \Index{pointer} to integer are defined in \CFA as follows:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®*® int x, y;
+\end{cfa}
+&
+\begin{cfa}
+int ®*®x, ®*®y;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The downside of this semantics is the need to separate regular and \Index{pointer} declarations:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®*® int x;
+int y;
+\end{cfa}
+&
+\begin{cfa}
+int ®*®x, y;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+which is \Index{prescribing} a safety benefit.
+Other examples are:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{\hspace{2em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{2em}}}{\textbf{C}} \\
+\begin{cfa}
+[ 5 ] int z;
+[ 5 ] * char w;
+* [ 5 ] double v;
+struct s {
+        int f0:3;
+        * int f1;
+        [ 5 ] * int f2;
+};
+\end{cfa}
+&
+\begin{cfa}
+int z[ 5 ];
+char * w[ 5 ];
+double (* v)[ 5 ];
+struct s {
+        int f0:3;
+        int * f1;
+        int * f2[ 5 ]
+};
+\end{cfa}
+&
+\begin{cfa}
+// array of 5 integers
+// array of 5 pointers to char
+// pointer to array of 5 doubles
+// common bit field syntax
+\end{cfa}
+\end{tabular}
+\end{quote2}
+All type qualifiers, \eg ©const©, ©volatile©, etc., are used in the normal way with the new declarations and also appear left to right, \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{1em}}l@{\hspace{1em}}l@{}}
+\multicolumn{1}{c@{\hspace{1em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{1em}}}{\textbf{C}} \\
+\begin{cfa}
+const * const int x;
+const * [ 5 ] const int y;
+\end{cfa}
+&
+\begin{cfa}
+int const * const x;
+const int (* const y)[ 5 ]
+\end{cfa}
+&
+\begin{cfa}
+// const pointer to const integer
+// const pointer to array of 5 const integers
+\end{cfa}
+\end{tabular}
+\end{quote2}
+All declaration qualifiers, \eg ©extern©, ©static©, etc., are used in the normal way with the new declarations but can only appear at the start of a \CFA routine declaration,\footnote{\label{StorageClassSpecifier}
+The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature.~\cite[\S~6.11.5(1)]{C11}} \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{\hspace{2em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{2em}}}{\textbf{C}} \\
+\begin{cfa}
+extern [ 5 ] int x;
+static * const int y;
+\end{cfa}
+&
+\begin{cfa}
+int extern x[ 5 ];
+const int static * y;
+\end{cfa}
+&
+\begin{cfa}
+// externally visible array of 5 integers
+// internally visible pointer to constant int
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The new declaration syntax can be used in other contexts where types are required, \eg casts and the pseudo-routine ©sizeof©:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+y = (®* int®)x;
+i = sizeof(®[ 5 ] * int®);
+\end{cfa}
+&
+\begin{cfa}
+y = (®int *®)x;
+i = sizeof(®int * [ 5 ]®);
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Finally, new \CFA declarations may appear together with C declarations in the same program block, but cannot be mixed within a specific declaration.
+Therefore, a programmer has the option of either continuing to use traditional C declarations or take advantage of the new style.
+Clearly, both styles need to be supported for some time due to existing C-style header-files, particularly for UNIX systems.
+\section{Pointer/Reference}
+C provides a \newterm{pointer type};
+\CFA adds a \newterm{reference type}.
+These types may be derived from an object or routine type, called the \newterm{referenced type}.
+Objects of these types contain an \newterm{address}, which is normally a location in memory, but may also address memory-mapped registers in hardware devices.
+An integer constant expression with the value 0, or such an expression cast to type ©void *©, is called a \newterm{null-pointer constant}.\footnote{
+One way to conceptualize the null pointer is that no variable is placed at this address, so the null-pointer address can be used to denote an uninitialized pointer/reference object;
+\ie the null pointer is guaranteed to compare unequal to a pointer to any object or routine.}
+An address is \newterm{sound}, if it points to a valid memory location in scope, \ie within the program's execution-environment and has not been freed.
+Dereferencing an \newterm{unsound} address, including the null pointer, is \Index{undefined}, often resulting in a \Index{memory fault}.
+A program \newterm{object} is a region of data storage in the execution environment, the contents of which can represent values.
+In most cases, objects are located in memory at an address, and the variable name for an object is an implicit address to the object generated by the compiler and automatically dereferenced, as in:
+\begin{quote2}
+\begin{tabular}{@{}ll@{\hspace{2em}}l@{}}
+\begin{cfa}
+int x;
+x = 3;
+int y;
+y = x;
+\end{cfa}
+&
+\raisebox{-0.45\totalheight}{\input{pointer1}}
+&
+\begin{cfa}
+int * ®const® x = (int *)100
+*x = 3;                 // implicit dereference
+int * ®const® y = (int *)104;
+*y = *x;                // implicit dereference
+\end{cfa}
+\end{tabular}
+\end{quote2}
+where the right example is how the compiler logically interprets the variables in the left example.
+Since a variable name only points to one address during its lifetime, it is an \Index{immutable} \Index{pointer};
+hence, the implicit type of pointer variables ©x© and ©y© are constant pointers in the compiler interpretation.
+In general, variable addresses are stored in instructions instead of loaded from memory, and hence may not occupy storage.
+These approaches are contrasted in the following:
+\begin{quote2}
+\begin{tabular}{@{}l|l@{}}
+\multicolumn{1}{c|}{explicit variable address} & \multicolumn{1}{c}{implicit variable address} \\
+\hline
+\begin{cfa}
+lda             r1,100                  // load address of x
+ld               r2,(r1)                  // load value of x
+lda             r3,104                  // load address of y
+st               r2,(r3)                  // store x into y
+\end{cfa}
+&
+\begin{cfa}
+ld              r2,(100)                // load value of x
+st              r2,(104)                // store x into y
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Finally, the immutable nature of a variable's address and the fact that there is no storage for the variable pointer means pointer assignment\index{pointer!assignment}\index{assignment!pointer} is impossible.
+Therefore, the expression ©x = y© has only one meaning, ©*x = *y©, \ie manipulate values, which is why explicitly writing the dereferences is unnecessary even though it occurs implicitly as part of \Index{instruction decoding}.
+A \Index{pointer}/\Index{reference} object is a generalization of an object variable-name, \ie a mutable address that can point to more than one memory location during its lifetime.
+(Similarly, an integer variable can contain multiple integer literals during its lifetime versus an integer constant representing a single literal during its lifetime, and like a variable name, may not occupy storage if the literal is embedded directly into instructions.)
+Hence, a pointer occupies memory to store its current address, and the pointer's value is loaded by dereferencing, \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{2em}}l@{}}
+\begin{cfa}
+int x, y, ®*® p1, ®*® p2, ®**® p3;
+p1 = ®&®x;               // p1 points to x
+p2 = p1;                 // p2 points to x
+p1 = ®&®y;               // p1 points to y
+p3 = &p2;               // p3 points to p2
+\end{cfa}
+&
+\raisebox{-0.5\totalheight}{\input{pointer2.pstex_t}}
+\end{tabular}
+\end{quote2}
+Notice, an address has a \Index{duality}\index{address!duality}: a location in memory or the value at that location.
+In many cases, a compiler might be able to infer the best meaning for these two cases.
+For example, \Index*{Algol68}~\cite{Algol68} infers pointer dereferencing to select the best meaning for each pointer usage
+\begin{cfa}
+p2 = p1 + x;                                    §\C{// compiler infers *p2 = *p1 + x;}§
+\end{cfa}
+Algol68 infers the following dereferencing ©*p2 = *p1 + x©, because adding the arbitrary integer value in ©x© to the address of ©p1© and storing the resulting address into ©p2© is an unlikely operation.
+Unfortunately, automatic dereferencing does not work in all cases, and so some mechanism is necessary to fix incorrect choices.
+Rather than inferring dereference, most programming languages pick one implicit dereferencing semantics, and the programmer explicitly indicates the other to resolve address-duality.
+In C, objects of pointer type always manipulate the pointer object's address:
+\begin{cfa}
+p1 = p2;                                                §\C{// p1 = p2\ \ rather than\ \ *p1 = *p2}§
+p2 = p1 + x;                                    §\C{// p2 = p1 + x\ \ rather than\ \ *p2 = *p1 + x}§
+\end{cfa}
+even though the assignment to ©p2© is likely incorrect, and the programmer probably meant:
+\begin{cfa}
+p1 = p2;                                                §\C{// pointer address assignment}§
+®*®p2 = ®*®p1 + x;                              §\C{// pointed-to value assignment / operation}§
+\end{cfa}
+The C semantics work well for situations where manipulation of addresses is the primary meaning and data is rarely accessed, such as storage management (©malloc©/©free©).
+However, in most other situations, the pointed-to value is requested more often than the pointer address.
+\begin{cfa}
+*p2 = ((*p1 + *p2) * (**p3 - *p1)) / (**p3 - 15);
+\end{cfa}
+In this case, it is tedious to explicitly write the dereferencing, and error prone when pointer arithmetic is allowed.
+It is better to have the compiler generate the dereferencing and have no implicit pointer arithmetic:
+\begin{cfa}
+p2 = ((p1 + p2) * (p3 - p1)) / (p3 - 15);
+\end{cfa}
+To support this common case, a reference type is introduced in \CFA, denoted by ©&©, which is the opposite dereference semantics to a pointer type, making the value at the pointed-to location the implicit semantics for dereferencing (similar but not the same as \CC \Index{reference type}s).
+\begin{cfa}
+int x, y, ®&® r1, ®&® r2, ®&&® r3;
+®&®r1 = &x;                                             §\C{// r1 points to x}§
+®&®r2 = &r1;                                    §\C{// r2 points to x}§
+®&®r1 = &y;                                             §\C{// r1 points to y}§
+®&&®r3 = ®&®&r2;                                §\C{// r3 points to r2}§
+r2 = ((r1 + r2) * (r3 - r1)) / (r3 - 15); §\C{// implicit dereferencing}§
+\end{cfa}
+Except for auto-dereferencing by the compiler, this reference example is the same as the previous pointer example.
+Hence, a reference behaves like the variable name for the current variable it is pointing-to.
+One way to conceptualize a reference is via a rewrite rule, where the compiler inserts a dereference operator before the reference variable for each reference qualifier in a declaration, so the previous example becomes:
+\begin{cfa}
+®*®r2 = ((®*®r1 + ®*®r2) ®*® (®**®r3 - ®*®r1)) / (®**®r3 - 15);
+\end{cfa}
+When a reference operation appears beside a dereference operation, \eg ©&*©, they cancel out.
+However, in C, the cancellation always yields a value (\Index{rvalue}).\footnote{
+The unary ©&© operator yields the address of its operand.
+If the operand has type ``type'', the result has type ``pointer to type''.
+If the operand is the result of a unary ©*© operator, neither that operator nor the ©&© operator is evaluated and the result is as if both were omitted, except that the constraints on the operators still apply and the result is not an lvalue.~\cite[\S~6.5.3.2--3]{C11}}
+For a \CFA reference type, the cancellation on the left-hand side of assignment leaves the reference as an address (\Index{lvalue}):
+\begin{cfa}
+(&®*®)r1 = &x;                                  §\C{// (\&*) cancel giving address in r1 not variable pointed-to by r1}§
+\end{cfa}
+Similarly, the address of a reference can be obtained for assignment or computation (\Index{rvalue}):
+\begin{cfa}
+(&(&®*®)®*®)r3 = &(&®*®)r2;             §\C{// (\&*) cancel giving address in r2, (\&(\&*)*) cancel giving address in r3}§
+\end{cfa}
+Cancellation\index{cancellation!pointer/reference}\index{pointer!cancellation} works to arbitrary depth.
+Fundamentally, pointer and reference objects are functionally interchangeable because both contain addresses.
+\begin{cfa}
+int x, *p1 = &x, **p2 = &p1, ***p3 = &p2,
+                 &r1 = x,    &&r2 = r1,   &&&r3 = r2;
+***p3 = 3;                                              §\C{// change x}§
+r3 = 3;                                                 §\C{// change x, ***r3}§
+**p3 = ...;                                             §\C{// change p1}§
+&r3 = ...;                                              §\C{// change r1, (\&*)**r3, 1 cancellation}§
+*p3 = ...;                                              §\C{// change p2}§
+&&r3 = ...;                                             §\C{// change r2, (\&(\&*)*)*r3, 2 cancellations}§
+&&&r3 = p3;                                             §\C{// change r3 to p3, (\&(\&(\&*)*)*)r3, 3 cancellations}§
+\end{cfa}
+Furthermore, both types are equally performant, as the same amount of dereferencing occurs for both types.
+Therefore, the choice between them is based solely on whether the address is dereferenced frequently or infrequently, which dictates the amount of implicit dereferencing aid from the compiler.
+As for a pointer type, a reference type may have qualifiers:
+\begin{cfa}
+const int cx = 5;                                       §\C{// cannot change cx;}§
+const int & cr = cx;                            §\C{// cannot change what cr points to}§
+®&®cr = &cx;                                            §\C{// can change cr}§
+cr = 7;                                                         §\C{// error, cannot change cx}§
+int & const rc = x;                                     §\C{// must be initialized}§
+®&®rc = &x;                                                     §\C{// error, cannot change rc}§
+const int & const crc = cx;                     §\C{// must be initialized}§
+crc = 7;                                                        §\C{// error, cannot change cx}§
+®&®crc = &cx;                                           §\C{// error, cannot change crc}§
+\end{cfa}
+Hence, for type ©& const©, there is no pointer assignment, so ©&rc = &x© is disallowed, and \emph{the address value cannot be the null pointer unless an arbitrary pointer is coerced\index{coercion} into the reference}:
+\begin{cfa}
+int & const cr = *0;                            §\C{// where 0 is the int * zero}§
+\end{cfa}
+Note, constant reference-types do not prevent \Index{addressing errors} because of explicit storage-management:
+\begin{cfa}
+int & const cr = *malloc();
+cr = 5;
+free( &cr );
+cr = 7;                                                         §\C{// unsound pointer dereference}§
+\end{cfa}
+The position of the ©const© qualifier \emph{after} the pointer/reference qualifier causes confuse for C programmers.
+The ©const© qualifier cannot be moved before the pointer/reference qualifier for C style-declarations;
+\CFA-style declarations (see \VRef{s:Declarations}) attempt to address this issue:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®const® * ®const® * const int ccp;
+®const® & ®const® & const int ccr;
+\end{cfa}
+&
+\begin{cfa}
+const int * ®const® * ®const® ccp;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+where the \CFA declaration is read left-to-right.
+Finally, like pointers, references are usable and composable with other type operators and generators.
+\begin{cfa}
+int w, x, y, z, & ar[3] = { x, y, z }; §\C{// initialize array of references}§
+&ar[1] = &w;                                            §\C{// change reference array element}§
+typeof( ar[1] ) p;                                      §\C{// (gcc) is int, i.e., the type of referenced object}§
+typeof( &ar[1] ) q;                                     §\C{// (gcc) is int \&, i.e., the type of reference}§
+sizeof( ar[1] ) == sizeof( int );       §\C{// is true, i.e., the size of referenced object}§
+sizeof( &ar[1] ) == sizeof( int *)      §\C{// is true, i.e., the size of a reference}§
+\end{cfa}
+In contrast to \CFA reference types, \Index*[C++]{\CC{}}'s reference types are all ©const© references, preventing changes to the reference address, so only value assignment is possible, which eliminates half of the \Index{address duality}.
+Also, \CC does not allow \Index{array}s\index{array!reference} of reference\footnote{
+The reason for disallowing arrays of reference is unknown, but possibly comes from references being ethereal (like a textual macro), and hence, replaceable by the referant object.}
+\Index*{Java}'s reference types to objects (all Java objects are on the heap) are like C pointers, which always manipulate the address, and there is no (bit-wise) object assignment, so objects are explicitly cloned by shallow or deep copying, which eliminates half of the address duality.
+\subsection{Initialization}
+\Index{Initialization} is different than \Index{assignment} because initialization occurs on the empty (uninitialized) storage on an object, while assignment occurs on possibly initialized storage of an object.
+There are three initialization contexts in \CFA: declaration initialization, argument/parameter binding, return/temporary binding.
+Because the object being initialized has no value, there is only one meaningful semantics with respect to address duality: it must mean address as there is no pointed-to value.
+In contrast, the left-hand side of assignment has an address that has a duality.
+Therefore, for pointer/reference initialization, the initializing value must be an address not a value.
+\begin{cfa}
+int * p = &x;                                           §\C{// assign address of x}§
+®int * p = x;®                                          §\C{// assign value of x}§
+int & r = x;                                            §\C{// must have address of x}§
+\end{cfa}
+Like the previous example with C pointer-arithmetic, it is unlikely assigning the value of ©x© into a pointer is meaningful (again, a warning is usually given).
+Therefore, for safety, this context requires an address, so it is superfluous to require explicitly taking the address of the initialization object, even though the type is incorrect.
+Note, this is strictly a convenience and safety feature for a programmer.
+Hence, \CFA allows ©r© to be assigned ©x© because it infers a reference for ©x©, by implicitly inserting a address-of operator, ©&©, and it is an error to put an ©&© because the types no longer match due to the implicit dereference.
+Unfortunately, C allows ©p© to be assigned with ©&x© (address) or ©x© (value), but most compilers warn about the latter assignment as being potentially incorrect.
+Similarly, when a reference type is used for a parameter/return type, the call-site argument does not require a reference operator for the same reason.
+\begin{cfa}
+int & f( int & r );                                     §\C{// reference parameter and return}§
+z = f( x ) + f( y );                            §\C{// reference operator added, temporaries needed for call results}§
+\end{cfa}
+Within routine ©f©, it is possible to change the argument by changing the corresponding parameter, and parameter ©r© can be locally reassigned within ©f©.
+Since operator routine ©?+?© takes its arguments by value, the references returned from ©f© are used to initialize compiler generated temporaries with value semantics that copy from the references.
+\begin{cfa}
+int temp1 = f( x ), temp2 = f( y );
+z = temp1 + temp2;
+\end{cfa}
+This \Index{implicit referencing} is crucial for reducing the syntactic burden for programmers when using references;
+otherwise references have the same syntactic  burden as pointers in these contexts.
+When a pointer/reference parameter has a ©const© value (immutable), it is possible to pass literals and expressions.
+\begin{cfa}
+void f( ®const® int & cr );
+void g( ®const® int * cp );
+f( 3 );                   g( ®&®3 );
+f( x + y );             g( ®&®(x + y) );
+\end{cfa}
+Here, the compiler passes the address to the literal 3 or the temporary for the expression ©x + y©, knowing the argument cannot be changed through the parameter.
+The ©&© before the constant/expression for the pointer-type parameter (©g©) is a \CFA extension necessary to type match and is a common requirement before a variable in C (\eg ©scanf©).
+Importantly, ©&3© may not be equal to ©&3©, where the references occur across calls because the temporaries maybe different on each call.
+\CFA \emph{extends} this semantics to a mutable pointer/reference parameter, and the compiler implicitly creates the necessary temporary (copying the argument), which is subsequently pointed-to by the reference parameter and can be changed.\footnote{
+If whole program analysis is possible, and shows the parameter is not assigned, \ie it is ©const©, the temporary is unnecessary.}
+\begin{cfa}
+void f( int & r );
+void g( int * p );
+f( 3 );                   g( ®&®3 );            §\C{// compiler implicit generates temporaries}§
+f( x + y );             g( ®&®(x + y) );        §\C{// compiler implicit generates temporaries}§
+\end{cfa}
+Essentially, there is an implicit \Index{rvalue} to \Index{lvalue} conversion in this case.\footnote{
+This conversion attempts to address the \newterm{const hell} problem, when the innocent addition of a ©const© qualifier causes a cascade of type failures, requiring an unknown number of additional ©const© qualifiers, until it is discovered a ©const© qualifier cannot be added and all the ©const© qualifiers must be removed.}
+The implicit conversion allows seamless calls to any routine without having to explicitly name/copy the literal/expression to allow the call.
+%\CFA attempts to handle pointers and references in a uniform, symmetric manner.
+Finally, C handles \Index{routine object}s in an inconsistent way.
+A routine object is both a pointer and a reference (\Index{particle and wave}).
+\begin{cfa}
+void f( int i );
+void (*fp)( int );                                      §\C{// routine pointer}§
+fp = f;                                                         §\C{// reference initialization}§
+fp = &f;                                                        §\C{// pointer initialization}§
+fp = *f;                                                        §\C{// reference initialization}§
+fp(3);                                                          §\C{// reference invocation}§
+(*fp)(3);                                                       §\C{// pointer invocation}§
+\end{cfa}
+While C's treatment of routine objects has similarity to inferring a reference type in initialization contexts, the examples are assignment not initialization, and all possible forms of assignment are possible (©f©, ©&f©, ©*f©) without regard for type.
+Instead, a routine object should be referenced by a ©const© reference:
+\begin{cfa}
+®const® void (®&® fr)( int ) = f;       §\C{// routine reference}§
+fr = ...                                                        §\C{// error, cannot change code}§
+&fr = ...;                                                      §\C{// changing routine reference}§
+fr( 3 );                                                        §\C{// reference call to f}§
+(*fr)(3);                                                       §\C{// error, incorrect type}§
+\end{cfa}
+because the value of the routine object is a routine literal, \ie the routine code is normally immutable during execution.\footnote{
+Dynamic code rewriting is possible but only in special circumstances.}
+\CFA allows this additional use of references for routine objects in an attempt to give a more consistent meaning for them.
+\subsection{Address-of Semantics}
+In C, ©&E© is an rvalue for any expression ©E©.
+\CFA extends the ©&© (address-of) operator as follows:
+\begin{itemize}
+\item
+if ©R© is an \Index{rvalue} of type ©T &$_1$...&$_r$© where $r \ge 1$ references (©&© symbols) than ©&R© has type ©T ®*®&$_{\color{red}2}$...&$_{\color{red}r}$©, \ie ©T© pointer with $r-1$ references (©&© symbols).
+\item
+if ©L© is an \Index{lvalue} of type ©T &$_1$...&$_l$© where $l \ge 0$ references (©&© symbols) then ©&L© has type ©T ®*®&$_{\color{red}1}$...&$_{\color{red}l}$©, \ie ©T© pointer with $l$ references (©&© symbols).
+\end{itemize}
+The following example shows the first rule applied to different \Index{rvalue} contexts:
+\begin{cfa}
+int x, * px, ** ppx, *** pppx, **** ppppx;
+int & rx = x, && rrx = rx, &&& rrrx = rrx ;
+x = rrrx;               // rrrx is an lvalue with type int &&& (equivalent to x)
+px = &rrrx;             // starting from rrrx, &rrrx is an rvalue with type int *&&& (&x)
+ppx = &&rrrx;   // starting from &rrrx, &&rrrx is an rvalue with type int **&& (&rx)
+pppx = &&&rrrx; // starting from &&rrrx, &&&rrrx is an rvalue with type int ***& (&rrx)
+ppppx = &&&&rrrx; // starting from &&&rrrx, &&&&rrrx is an rvalue with type int **** (&rrrx)
+\end{cfa}
+The following example shows the second rule applied to different \Index{lvalue} contexts:
+\begin{cfa}
+int x, * px, ** ppx, *** pppx;
+int & rx = x, && rrx = rx, &&& rrrx = rrx ;
+rrrx = 2;               // rrrx is an lvalue with type int &&& (equivalent to x)
+&rrrx = px;             // starting from rrrx, &rrrx is an rvalue with type int *&&& (rx)
+&&rrrx = ppx;   // starting from &rrrx, &&rrrx is an rvalue with type int **&& (rrx)
+&&&rrrx = pppx; // starting from &&rrrx, &&&rrrx is an rvalue with type int ***& (rrrx)
+\end{cfa}
+\subsection{Conversions}
+C provides a basic implicit conversion to simplify variable usage:
+\begin{enumerate}
+\setcounter{enumi}{-1}
+\item
+lvalue to rvalue conversion: ©cv T© converts to ©T©, which allows implicit variable dereferencing.
+\begin{cfa}
+int x;
+x + 1;                  // lvalue variable (int) converts to rvalue for expression
+\end{cfa}
+An rvalue has no type qualifiers (©cv©), so the lvalue qualifiers are dropped.
+\end{enumerate}
+\CFA provides three new implicit conversion for reference types to simplify reference usage.
+\begin{enumerate}
+\item
+reference to rvalue conversion: ©cv T &© converts to ©T©, which allows implicit reference dereferencing.
+\begin{cfa}
+int x, &r = x, f( int p );
+x = ®r® + f( ®r® );  // lvalue reference converts to rvalue
+\end{cfa}
+An rvalue has no type qualifiers (©cv©), so the reference qualifiers are dropped.
+\item
+lvalue to reference conversion: \lstinline[deletekeywords={lvalue}]@lvalue-type cv1 T@ converts to ©cv2 T &©, which allows implicitly converting variables to references.
+\begin{cfa}
+int x, &r = ®x®, f( int & p ); // lvalue variable (int) convert to reference (int &)
+f( ®x® );               // lvalue variable (int) convert to reference (int &)
+\end{cfa}
+Conversion can restrict a type, where ©cv1© $\le$ ©cv2©, \eg passing an ©int© to a ©const volatile int &©, which has low cost.
+Conversion can expand a type, where ©cv1© $>$ ©cv2©, \eg passing a ©const volatile int© to an ©int &©, which has high cost (\Index{warning});
+furthermore, if ©cv1© has ©const© but not ©cv2©, a temporary variable is created to preserve the immutable lvalue.
+\item
+rvalue to reference conversion: ©T© converts to ©cv T &©, which allows binding references to temporaries.
+\begin{cfa}
+int x, & f( int & p );
+f( ®x + 3® );   // rvalue parameter (int) implicitly converts to lvalue temporary reference (int &)
+®&f®(...) = &x; // rvalue result (int &) implicitly converts to lvalue temporary reference (int &)
+\end{cfa}
+In both case, modifications to the temporary are inaccessible (\Index{warning}).
+Conversion expands the temporary-type with ©cv©, which is low cost since the temporary is inaccessible.
+\end{enumerate}
+\begin{comment}
+From: Richard Bilson <rcbilson@gmail.com>
+Date: Wed, 13 Jul 2016 01:58:58 +0000
+Subject: Re: pointers / references
+To: "Peter A. Buhr" <pabuhr@plg2.cs.uwaterloo.ca>
+As a general comment I would say that I found the section confusing, as you move back and forth
+between various real and imagined programming languages. If it were me I would rewrite into two
+subsections, one that specifies precisely the syntax and semantics of reference variables and
+another that provides the rationale.
+I don't see any obvious problems with the syntax or semantics so far as I understand them. It's not
+obvious that the description you're giving is complete, but I'm sure you'll find the special cases
+as you do the implementation.
+My big gripes are mostly that you're not being as precise as you need to be in your terminology, and
+that you say a few things that aren't actually true even though I generally know what you mean.
+C provides a pointer type; CFA adds a reference type. Both types contain an address, which is normally a
+location in memory.
+An address is not a location in memory; an address refers to a location in memory. Furthermore it
+seems weird to me to say that a type "contains" an address; rather, objects of that type do.
+Special addresses are used to denote certain states or access co-processor memory. By
+convention, no variable is placed at address 0, so addresses like 0, 1, 2, 3 are often used to denote no-value
+or other special states.
+This isn't standard C at all. There has to be one null pointer representation, but it doesn't have
+to be a literal zero representation and there doesn't have to be more than one such representation.
+Often dereferencing a special state causes a memory fault, so checking is necessary
+during execution.
+I don't see the connection between the two clauses here. I feel like if a bad pointer will not cause
+a memory fault then I need to do more checking, not less.
+If the programming language assigns addresses, a program's execution is sound, \ie all
+addresses are to valid memory locations.
+You haven't said what it means to "assign" an address, but if I use my intuitive understanding of
+the term I don't see how this can be true unless you're assuming automatic storage management.
+Program variables are implicit pointers to memory locations generated by the compiler and automatically
+dereferenced, as in:
+There is no reason why a variable needs to have a location in memory, and indeed in a typical
+program many variables will not. In standard terminology an object identifier refers to data in the
+execution environment, but not necessarily in memory.
+A pointer/reference is a generalization of a variable name, \ie a mutable address that can point to more
+than one memory location during its lifetime.
+I feel like you're off the reservation here. In my world there are objects of pointer type, which
+seem to be what you're describing here, but also pointer values, which can be stored in an object of
+pointer type but don't necessarily have to be. For example, how would you describe the value denoted
+by "&main" in a C program? I would call it a (function) pointer, but that doesn't satisfy your
+definition.
+not occupy storage as the literal is embedded directly into instructions.) Hence, a pointer occupies memory
+to store its current address, and the pointer's value is loaded by dereferencing, e.g.:
+As with my general objection regarding your definition of variables, there is no reason why a
+pointer variable (object of pointer type) needs to occupy memory.
+p2 = p1 + x; // compiler infers *p2 = *p1 + x;
+What language are we in now?
+pointer usage. However, in C, the following cases are ambiguous, especially with pointer arithmetic:
+p1 = p2; // p1 = p2 or *p1 = *p2
+This isn't ambiguous. it's defined to be the first option.
+p1 = p1 + 1; // p1 = p1 + 1 or *p1 = *p1 + 1
+Again, this statement is not ambiguous.
+example. Hence, a reference behaves like the variable name for the current variable it is pointing-to. The
+simplest way to understand a reference is to imagine the compiler inserting a dereference operator before
+the reference variable for each reference qualifier in a declaration, e.g.:
+It's hard for me to understand who the audience for this part is. I think a practical programmer is
+likely to be satisfied with "a reference behaves like the variable name for the current variable it
+is pointing-to," maybe with some examples. Your "simplest way" doesn't strike me as simpler than
+that. It feels like you're trying to provide a more precise definition for the semantics of
+references, but it isn't actually precise enough to be a formal specification. If you want to
+express the semantics of references using rewrite rules that's a great way to do it, but lay the
+rules out clearly, and when you're showing an example of rewriting keep your
+references/pointers/values separate (right now, you use \eg "r3" to mean a reference, a pointer,
+and a value).
+Cancellation works to arbitrary depth, and pointer and reference values are interchangeable because both
+contain addresses.
+Except they're not interchangeable, because they have different and incompatible types.
+Interestingly, C++ deals with the address duality by making the pointed-to value the default, and prevent-
+ing changes to the reference address, which eliminates half of the duality. Java deals with the address duality
+by making address assignment the default and requiring field assignment (direct or indirect via methods),
+\ie there is no builtin bit-wise or method-wise assignment, which eliminates half of the duality.
+I can follow this but I think that's mostly because I already understand what you're trying to
+say. I don't think I've ever heard the term "method-wise assignment" and I don't see you defining
+it. Furthermore Java does have value assignment of basic (non-class) types, so your summary here
+feels incomplete. (If it were me I'd drop this paragraph rather than try to save it.)
+Hence, for type & const, there is no pointer assignment, so &rc = &x is disallowed, and the address value
+cannot be 0 unless an arbitrary pointer is assigned to the reference.
+Given the pains you've taken to motivate every little bit of the semantics up until now, this last
+clause ("the address value cannot be 0") comes out of the blue. It seems like you could have
+perfectly reasonable semantics that allowed the initialization of null references.
+In effect, the compiler is managing the
+addresses for type & const not the programmer, and by a programming discipline of only using references
+with references, address errors can be prevented.
+Again, is this assuming automatic storage management?
+rary binding. For reference initialization (like pointer), the initializing value must be an address (lvalue) not
+a value (rvalue).
+This sentence appears to suggest that an address and an lvalue are the same thing.
+int * p = &x; // both &x and x are possible interpretations
+Are you saying that we should be considering "x" as a possible interpretation of the initializer
+"&x"? It seems to me that this expression has only one legitimate interpretation in context.
+int & r = x; // x unlikely interpretation, because of auto-dereferencing
+You mean, we can initialize a reference using an integer value? Surely we would need some sort of
+cast to induce that interpretation, no?
+Hence, the compiler implicitly inserts a reference operator, &, before the initialization expression.
+But then the expression would have pointer type, which wouldn't be compatible with the type of r.
+Similarly,
+when a reference is used for a parameter/return type, the call-site argument does not require a reference
+operator.
+Furthermore, it would not be correct to use a reference operator.
+The implicit conversion allows
+seamless calls to any routine without having to explicitly name/copy the literal/expression to allow the call.
+While C' attempts to handle pointers and references in a uniform, symmetric manner, C handles routine
+variables in an inconsistent way: a routine variable is both a pointer and a reference (particle and wave).
+After all this talk of how expressions can have both pointer and value interpretations, you're
+disparaging C because it has expressions that have both pointer and value interpretations?
+On Sat, Jul 9, 2016 at 4:18 PM Peter A. Buhr <pabuhr@plg.uwaterloo.ca> wrote:
+> Aaron discovered a few places where "&"s are missing and where there are too many "&", which are
+> corrected in the attached updated. None of the text has changed, if you have started reading
+> already.
+\end{comment}
+\section{Routine Definition}
+\CFA also supports a new syntax for routine definition, as well as \Celeven and K\&R routine syntax.
+The point of the new syntax is to allow returning multiple values from a routine~\cite{Galletly96,CLU}, \eg:
+\begin{cfa}
+®[ int o1, int o2, char o3 ]® f( int i1, char i2, char i3 ) {
+        §\emph{routine body}§
+}
+\end{cfa}
+where routine ©f© has three output (return values) and three input parameters.
+Existing C syntax cannot be extended with multiple return types because it is impossible to embed a single routine name within multiple return type specifications.
+In detail, the brackets, ©[]©, enclose the result type, where each return value is named and that name is a local variable of the particular return type.\footnote{
+\Index*{Michael Tiemann}, with help from \Index*{Doug Lea}, provided named return values in g++, circa 1989.}
+The value of each local return variable is automatically returned at routine termination.
+Declaration qualifiers can only appear at the start of a routine definition, \eg:
+\begin{cfa}
+®extern® [ int x ] g( int y ) {§\,§}
+\end{cfa}
+Lastly, if there are no output parameters or input parameters, the brackets and/or parentheses must still be specified;
+in both cases the type is assumed to be void as opposed to old style C defaults of int return type and unknown parameter types, respectively, as in:
+\begin{cfa}
+[§\,§] g();                                                     §\C{// no input or output parameters}§
+[ void ] g( void );                                     §\C{// no input or output parameters}§
+\end{cfa}
+Routine f is called as follows:
+\begin{cfa}
+[ i, j, ch ] = f( 3, 'a', ch );
+\end{cfa}
+The list of return values from f and the grouping on the left-hand side of the assignment is called a \newterm{return list} and discussed in Section 12.
+\CFA style declarations cannot be used to declare parameters for K\&R style routine definitions because of the following ambiguity:
+\begin{cfa}
+int (*f(x))[ 5 ] int x; {}
+\end{cfa}
+The string ``©int (*f(x))[ 5 ]©'' declares a K\&R style routine of type returning a pointer to an array of 5 integers, while the string ``©[ 5 ] int x©'' declares a \CFA style parameter x of type array of 5 integers.
+Since the strings overlap starting with the open bracket, ©[©, there is an ambiguous interpretation for the string.
+As well, \CFA-style declarations cannot be used to declare parameters for C-style routine-definitions because of the following ambiguity:
+\begin{cfa}
+typedef int foo;
+int f( int (* foo) );                           §\C{// foo is redefined as a parameter name}§
+\end{cfa}
+The string ``©int (* foo)©'' declares a C-style named-parameter of type pointer to an integer (the parenthesis are superfluous), while the same string declares a \CFA style unnamed parameter of type routine returning integer with unnamed parameter of type pointer to foo.
+The redefinition of a type name in a parameter list is the only context in C where the character ©*© can appear to the left of a type name, and \CFA relies on all type qualifier characters appearing to the right of the type name.
+The inability to use \CFA declarations in these two contexts is probably a blessing because it precludes programmers from arbitrarily switching between declarations forms within a declaration contexts.
+C-style declarations can be used to declare parameters for \CFA style routine definitions, \eg:
+\begin{cfa}
+[ int ] f( * int, int * );                      §\C{// returns an integer, accepts 2 pointers to integers}§
+[ * int, int * ] f( int );                      §\C{// returns 2 pointers to integers, accepts an integer}§
+\end{cfa}
+The reason for allowing both declaration styles in the new context is for backwards compatibility with existing preprocessor macros that generate C-style declaration-syntax, as in:
+\begin{cfa}
+#define ptoa( n, d ) int (*n)[ d ]
+int f( ptoa( p, 5 ) ) ...                       §\C{// expands to int f( int (*p)[ 5 ] )}§
+[ int ] f( ptoa( p, 5 ) ) ...           §\C{// expands to [ int ] f( int (*p)[ 5 ] )}§
+\end{cfa}
+Again, programmers are highly encouraged to use one declaration form or the other, rather than mixing the forms.
+\subsection{Named Return Values}
+\Index{Named return values} handle the case where it is necessary to define a local variable whose value is then returned in a ©return© statement, as in:
+\begin{cfa}
+int f() {
+        int x;
+        ... x = 0; ... x = y; ...
+        return x;
+}
+\end{cfa}
+Because the value in the return variable is automatically returned when a \CFA routine terminates, the ©return© statement \emph{does not} contain an expression, as in:
+\newline
+\begin{minipage}{\linewidth}
+\begin{cfa}
+®[ int x, int y ]® f() {
+        int z;
+        ... x = 0; ... y = z; ...
+        ®return;®                                                       §\C{// implicitly return x, y}§
+}
+\end{cfa}
+\end{minipage}
+\newline
+When the return is encountered, the current values of ©x© and ©y© are returned to the calling routine.
+As well, ``falling off the end'' of a routine without a ©return© statement is permitted, as in:
+\begin{cfa}
+[ int x, int y ] f() {
+        ...
+}                                                                               §\C{// implicitly return x, y}§
+\end{cfa}
+In this case, the current values of ©x© and ©y© are returned to the calling routine just as if a ©return© had been encountered.
+Named return values may be used in conjunction with named parameter values;
+specifically, a return and parameter can have the same name.
+\begin{cfa}
+[ int x, int y ] f( int, x, int y ) {
+        ...
+}                                                                               §\C{// implicitly return x, y}§
+\end{cfa}
+This notation allows the compiler to eliminate temporary variables in nested routine calls.
+\begin{cfa}
+[ int x, int y ] f( int, x, int y );    §\C{// prototype declaration}§
+int a, b;
+[a, b] = f( f( f( a, b ) ) );
+\end{cfa}
+While the compiler normally ignores parameters names in prototype declarations, here they are used to eliminate temporary return-values by inferring that the results of each call are the inputs of the next call, and ultimately, the left-hand side of the assignment.
+Hence, even without the body of routine ©f© (separate compilation), it is possible to perform a global optimization across routine calls.
+The compiler warns about naming inconsistencies between routine prototype and definition in this case, and behaviour is \Index{undefined} if the programmer is inconsistent.
+\subsection{Routine Prototype}
+The syntax of the new routine prototype declaration follows directly from the new routine definition syntax;
+as well, parameter names are optional, \eg:
+\begin{cfa}
+[ int x ] f ();                                                 §\C{// returning int with no parameters}§
+[ * int ] g (int y);                                    §\C{// returning pointer to int with int parameter}§
+[ ] h ( int, char );                                    §\C{// returning no result with int and char parameters}§
+[ * int, int ] j ( int );                               §\C{// returning pointer to int and int, with int parameter}§
+\end{cfa}
+This syntax allows a prototype declaration to be created by cutting and pasting source text from the routine definition header (or vice versa).
+It is possible to declare multiple routine-prototypes in a single declaration, but the entire type specification is distributed across \emph{all} routine names in the declaration list (see~\VRef{s:Declarations}), \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+[ int ] f( int ), g;
+\end{cfa}
+&
+\begin{cfa}
+int f( int ), g( int );
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Declaration qualifiers can only appear at the start of a \CFA routine declaration,\footref{StorageClassSpecifier} \eg:
+\begin{cfa}
+extern [ int ] f ( int );
+static [ int ] g ( int );
+\end{cfa}
+\section{Routine Pointers}
+The syntax for pointers to \CFA routines specifies the pointer name on the right, \eg:
+\begin{cfa}
+* [ int x ] () fp;                                              §\C{// pointer to routine returning int with no parameters}§
+* [ * int ] (int y) gp;                                 §\C{// pointer to routine returning pointer to int with int parameter}§
+* [ ] (int,char) hp;                                    §\C{// pointer to routine returning no result with int and char parameters}§
+* [ * int,int ] ( int ) jp;                             §\C{// pointer to routine returning pointer to int and int, with int parameter}§
+\end{cfa}
+While parameter names are optional, \emph{a routine name cannot be specified};
+for example, the following is incorrect:
+\begin{cfa}
+* [ int x ] f () fp;                                    §\C{// routine name "f" is not allowed}§
+\end{cfa}
+\section{Named and Default Arguments}
+Named\index{named arguments}\index{arguments!named} and default\index{default arguments}\index{arguments!default} arguments~\cite{Hardgrave76}\footnote{
+Francez~\cite{Francez77} proposed a further extension to the named-parameter passing style, which specifies what type of communication (by value, by reference, by name) the argument is passed to the routine.}
+are two mechanisms to simplify routine call.
+Both mechanisms are discussed with respect to \CFA.
+\begin{description}
+\item[Named (or Keyword) Arguments:]
+provide the ability to specify an argument to a routine call using the parameter name rather than the position of the parameter.
+For example, given the routine:
+\begin{cfa}
+void p( int x, int y, int z ) {...}
+\end{cfa}
+a positional call is:
+\begin{cfa}
+p( 4, 7, 3 );
+\end{cfa}
+whereas a named (keyword) call may be:
+\begin{cfa}
+p( z : 3, x : 4, y : 7 );       §\C{// rewrite $\Rightarrow$ p( 4, 7, 3 )}§
+\end{cfa}
+Here the order of the arguments is unimportant, and the names of the parameters are used to associate argument values with the corresponding parameters.
+The compiler rewrites a named call into a positional call.
+The advantages of named parameters are:
+\begin{itemize}
+\item
+Remembering the names of the parameters may be easier than the order in the routine definition.
+\item
+Parameter names provide documentation at the call site (assuming the names are descriptive).
+\item
+Changes can be made to the order or number of parameters without affecting the call (although the call must still be recompiled).
+\end{itemize}
+Unfortunately, named arguments do not work in C-style programming-languages because a routine prototype is not required to specify parameter names, nor do the names in the prototype have to match with the actual definition.
+For example, the following routine prototypes and definition are all valid.
+\begin{cfa}
+void p( int, int, int );                        §\C{// equivalent prototypes}§
+void p( int x, int y, int z );
+void p( int y, int x, int z );
+void p( int z, int y, int x );
+void p( int q, int r, int s ) {}        §\C{// match with this definition}§
+\end{cfa}
+Forcing matching parameter names in routine prototypes with corresponding routine definitions is possible, but goes against a strong tradition in C programming.
+Alternatively, prototype definitions can be eliminated by using a two-pass compilation, and implicitly creating header files for exports.
+The former is easy to do, while the latter is more complex.
+Furthermore, named arguments do not work well in a \CFA-style programming-languages because they potentially introduces a new criteria for type matching.
+For example, it is technically possible to disambiguate between these two overloaded definitions of ©f© based on named arguments at the call site:
+\begin{cfa}
+int f( int i, int j );
+int f( int x, double y );
+f( j : 3, i : 4 );                              §\C{// 1st f}§
+f( x : 7, y : 8.1 );                    §\C{// 2nd f}§
+f( 4, 5 );                                              §\C{// ambiguous call}§
+\end{cfa}
+However, named arguments compound routine resolution in conjunction with conversions:
+\begin{cfa}
+f( i : 3, 5.7 );                                §\C{// ambiguous call ?}§
+\end{cfa}
+Depending on the cost associated with named arguments, this call could be resolvable or ambiguous.
+Adding named argument into the routine resolution algorithm does not seem worth the complexity.
+Therefore, \CFA does \emph{not} attempt to support named arguments.
+\item[Default Arguments]
+provide the ability to associate a default value with a parameter so it can be optionally specified in the argument list.
+For example, given the routine:
+\begin{cfa}
+void p( int x = 1, int y = 2, int z = 3 ) {...}
+\end{cfa}
+the allowable positional calls are:
+\begin{cfa}
+p();                                                    §\C{// rewrite $\Rightarrow$ p( 1, 2, 3 )}§
+p( 4 );                                                 §\C{// rewrite $\Rightarrow$ p( 4, 2, 3 )}§
+p( 4, 4 );                                              §\C{// rewrite $\Rightarrow$ p( 4, 4, 3 )}§
+p( 4, 4, 4 );                                   §\C{// rewrite $\Rightarrow$ p( 4, 4, 4 )}§
+// empty arguments
+p(  , 4, 4 );                                   §\C{// rewrite $\Rightarrow$ p( 1, 4, 4 )}§
+p( 4,  , 4 );                                   §\C{// rewrite $\Rightarrow$ p( 4, 2, 4 )}§
+p( 4, 4,   );                                   §\C{// rewrite $\Rightarrow$ p( 4, 4, 3 )}§
+p( 4,  ,   );                                   §\C{// rewrite $\Rightarrow$ p( 4, 2, 3 )}§
+p(  , 4,   );                                   §\C{// rewrite $\Rightarrow$ p( 1, 4, 3 )}§
+p(  ,  , 4 );                                   §\C{// rewrite $\Rightarrow$ p( 1, 2, 4 )}§
+p(  ,  ,   );                                   §\C{// rewrite $\Rightarrow$ p( 1, 2, 3 )}§
+\end{cfa}
+Here the missing arguments are inserted from the default values in the parameter list.
+The compiler rewrites missing default values into explicit positional arguments.
+The advantages of default values are:
+\begin{itemize}
+\item
+Routines with a large number of parameters are often very generalized, giving a programmer a number of different options on how a computation is performed.
+For many of these kinds of routines, there are standard or default settings that work for the majority of computations.
+Without default values for parameters, a programmer is forced to specify these common values all the time, resulting in long argument lists that are error prone.
+\item
+When a routine's interface is augmented with new parameters, it extends the interface providing generalizability\footnote{
+``It should be possible for the implementor of an abstraction to increase its generality.
+So long as the modified abstraction is a generalization of the original, existing uses of the abstraction will not require change.
+It might be possible to modify an abstraction in a manner which is not a generalization without affecting existing uses, but, without inspecting the modules in which the uses occur, this possibility cannot be determined.
+This criterion precludes the addition of parameters, unless these parameters have default or inferred values that are valid for all possible existing applications.''~\cite[p.~128]{Cormack90}}
+(somewhat like the generalization provided by inheritance for classes).
+That is, all existing calls are still valid, although the call must still be recompiled.
+\end{itemize}
+The only disadvantage of default arguments is that unintentional omission of an argument may not result in a compiler-time error.
+Instead, a default value is used, which may not be the programmer's intent.
+Default values may only appear in a prototype versus definition context:
+\begin{cfa}
+void p( int x, int y = 2, int z = 3 );          §\C{// prototype: allowed}§
+void p( int, int = 2, int = 3 );                        §\C{// prototype: allowed}§
+void p( int x, int y = 2, int z = 3 ) {}        §\C{// definition: not allowed}§
+\end{cfa}
+The reason for this restriction is to allow separate compilation.
+Multiple prototypes with different default values is an error.
+\end{description}
+Ellipse (``...'') arguments present problems when used with default arguments.
+The conflict occurs because both named and ellipse arguments must appear after positional arguments, giving two possibilities:
+\begin{cfa}
+p( /* positional */, ... , /* named */ );
+p( /* positional */, /* named */, ... );
+\end{cfa}
+While it is possible to implement both approaches, the first possibly is more complex than the second, \eg:
+\begin{cfa}
+p( int x, int y, int z, ... );
+p( 1, 4, 5, 6, z : 3, y : 2 ); §\C{// assume p( /* positional */, ... , /* named */ );}§
+p( 1, z : 3, y : 2, 4, 5, 6 ); §\C{// assume p( /* positional */, /* named */, ... );}§
+\end{cfa}
+In the first call, it is necessary for the programmer to conceptually rewrite the call, changing named arguments into positional, before knowing where the ellipse arguments begin.
+Hence, this approach seems significantly more difficult, and hence, confusing and error prone.
+In the second call, the named arguments separate the positional and ellipse arguments, making it trivial to read the call.
+The problem is exacerbated with default arguments, \eg:
+\begin{cfa}
+void p( int x, int y = 2, int z = 3... );
+p( 1, 4, 5, 6, z : 3 );         §\C{// assume p( /* positional */, ... , /* named */ );}§
+p( 1, z : 3, 4, 5, 6 );         §\C{// assume p( /* positional */, /* named */, ... );}§
+\end{cfa}
+The first call is an error because arguments 4 and 5 are actually positional not ellipse arguments;
+therefore, argument 5 subsequently conflicts with the named argument z : 3.
+In the second call, the default value for y is implicitly inserted after argument 1 and the named arguments separate the positional and ellipse arguments, making it trivial to read the call.
+For these reasons, \CFA requires named arguments before ellipse arguments.
+Finally, while ellipse arguments are needed for a small set of existing C routines, like printf, the extended \CFA type system largely eliminates the need for ellipse arguments (see Section 24), making much of this discussion moot.
+Default arguments and overloading (see Section 24) are complementary.
+While in theory default arguments can be simulated with overloading, as in:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{default arguments}}   & \multicolumn{1}{c}{\textbf{overloading}}      \\
+\begin{cfa}
+void p( int x, int y = 2, int z = 3 ) {...}
+\end{cfa}
+&
+\begin{cfa}
+void p( int x, int y, int z ) {...}
+void p( int x ) { p( x, 2, 3 ); }
+void p( int x, int y ) { p( x, y, 3 ); }
+\end{cfa}
+\end{tabular}
+\end{quote2}
+the number of required overloaded routines is linear in the number of default values, which is unacceptable growth.
+In general, overloading should only be used over default arguments if the body of the routine is significantly different.
+Furthermore, overloading cannot handle accessing default arguments in the middle of a positional list, via a missing argument, such as:
+\begin{cfa}
+p( 1, /* default */, 5 );               §\C{// rewrite $\Rightarrow$ p( 1, 2, 5 )}§
+\end{cfa}
+Given the \CFA restrictions above, both named and default arguments are backwards compatible.
+\Index*[C++]{\CC{}} only supports default arguments;
+\Index*{Ada} supports both named and default arguments.
+\section{Unnamed Structure Fields}
+C requires each field of a structure to have a name, except for a bit field associated with a basic type, \eg:
+\begin{cfa}
+struct {
+        int f1;                                 §\C{// named field}§
+        int f2 : 4;                             §\C{// named field with bit field size}§
+        int : 3;                                §\C{// unnamed field for basic type with bit field size}§
+        int ;                                   §\C{// disallowed, unnamed field}§
+        int *;                                  §\C{// disallowed, unnamed field}§
+        int (*)( int );                 §\C{// disallowed, unnamed field}§
+};
+\end{cfa}
+This requirement is relaxed by making the field name optional for all field declarations; therefore, all the field declarations in the example are allowed.
+As for unnamed bit fields, an unnamed field is used for padding a structure to a particular size.
+A list of unnamed fields is also supported, \eg:
+\begin{cfa}
+struct {
+        int , , ;                               §\C{// 3 unnamed fields}§
+}
+\end{cfa}
+\section{Nesting}
+Nesting of types and routines is useful for controlling name visibility (\newterm{name hiding}).
+\subsection{Type Nesting}
+\CFA allows \Index{type nesting}, and type qualification of the nested types (see \VRef[Figure]{f:TypeNestingQualification}), where as C hoists\index{type hoisting} (refactors) nested types into the enclosing scope and has no type qualification.
+\begin{figure}
+\centering
+\begin{tabular}{@{}l@{\hspace{3em}}l|l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{C Type Nesting}}      & \multicolumn{1}{c}{\textbf{C Implicit Hoisting}}      & \multicolumn{1}{|c}{\textbf{\CFA}}    \\
+\hline
+\begin{cfa}
+struct S {
+        enum C { R, G, B };
+        struct T {
+                union U { int i, j; };
+                enum C c;
+                short int i, j;
+        };
+        struct T t;
+} s;
+int fred() {
+        s.t.c = R;
+        struct T t = { R, 1, 2 };
+        enum C c;
+        union U u;
+}
+\end{cfa}
+&
+\begin{cfa}
+enum C { R, G, B };
+union U { int i, j; };
+struct T {
+        enum C c;
+        short int i, j;
+};
+struct S {
+        struct T t;
+} s;
+\end{cfa}
+&
+\begin{cfa}
+struct S {
+        enum C { R, G, B };
+        struct T {
+                union U { int i, j; };
+                enum C c;
+                short int i, j;
+        };
+        struct T t;
+} s;
+int fred() {
+        s.t.c = ®S.®R;  // type qualification
+        struct ®S.®T t = { ®S.®R, 1, 2 };
+        enum ®S.®C c;
+        union ®S.T.®U u;
+}
+\end{cfa}
+\end{tabular}
+\caption{Type Nesting / Qualification}
+\label{f:TypeNestingQualification}
+\end{figure}
+In the left example in C, types ©C©, ©U© and ©T© are implicitly hoisted outside of type ©S© into the containing block scope.
+In the right example in \CFA, the types are not hoisted and accessed using the field-selection operator ``©.©'' for type qualification, as does \Index*{Java}, rather than the \CC type-selection operator ``©::©''.
+\subsection{Routine Nesting}
+While \CFA does not provide object programming by putting routines into structures, it does rely heavily on locally nested routines to redefine operations at or close to a call site.
+For example, the C quick-sort is wrapped into the following polymorphic \CFA routine:
+\begin{cfa}
+forall( otype T | { int ?<?( T, T ); } )
+void qsort( const T * arr, size_t dimension );
+\end{cfa}
+which can be used to sort in ascending and descending order by locally redefining the less-than operator into greater-than.
+\begin{cfa}
+const unsigned int size = 5;
+int ia[size];
+...                                             §\C{// assign values to array ia}§
+qsort( ia, size );              §\C{// sort ascending order using builtin ?<?}§
+{
+        ®int ?<?( int x, int y ) { return x > y; }® §\C{// nested routine}§
+        qsort( ia, size );      §\C{// sort descending order by local redefinition}§
+}
+\end{cfa}
+Nested routines are not first-class, meaning a nested routine cannot be returned if it has references to variables in its enclosing blocks;
+the only exception is references to the external block of the translation unit, as these variables persist for the duration of the program.
+The following program in undefined in \CFA (and Indexc{gcc})
+\begin{cfa}
+[* [int]( int )] foo() {                §\C{// int (*foo())( int )}§
+        int ®i® = 7;
+        int bar( int p ) {
+                ®i® += 1;                               §\C{// dependent on local variable}§
+                sout | ®i® | endl;
+        }
+        return bar;                                     §\C{// undefined because of local dependence}§
+}
+int main() {
+        * [int]( int ) fp = foo();      §\C{// int (*fp)( int )}§
+        sout | fp( 3 ) | endl;
+}
+\end{cfa}
+because
+Currently, there are no \Index{lambda} expressions, \ie unnamed routines because routine names are very important to properly select the correct routine.
+\section{Tuples}
+In C and \CFA, lists of elements appear in several contexts, such as the parameter list for a routine call.
+(More contexts are added shortly.)
+A list of such elements is called a \newterm{lexical list}.
+The general syntax of a lexical list is:
+\begin{cfa}
+[ §\emph{exprlist}§ ]
+\end{cfa}
+where ©$\emph{exprlist}$© is a list of one or more expressions separated by commas.
+The brackets, ©[]©, allow differentiating between lexical lists and expressions containing the C comma operator.
+The following are examples of lexical lists:
+\begin{cfa}
+[ x, y, z ]
+[ 2 ]
+[ v+w, x*y, 3.14159, f() ]
+\end{cfa}
+Tuples are permitted to contain sub-tuples (\ie nesting), such as ©[ [ 14, 21 ], 9 ]©, which is a 2-element tuple whose first element is itself a tuple.
+Note, a tuple is not a record (structure);
+a record denotes a single value with substructure, whereas a tuple is multiple values with no substructure (see flattening coercion in Section 12.1).
+In essence, tuples are largely a compile time phenomenon, having little or no runtime presence.
+Tuples can be organized into compile-time tuple variables;
+these variables are of \newterm{tuple type}.
+Tuple variables and types can be used anywhere lists of conventional variables and types can be used.
+The general syntax of a tuple type is:
+\begin{cfa}
+[ §\emph{typelist}§ ]
+\end{cfa}
+where ©$\emph{typelist}$© is a list of one or more legal \CFA or C type specifications separated by commas, which may include other tuple type specifications.
+Examples of tuple types include:
+\begin{cfa}
+[ unsigned int, char ]
+[ double, double, double ]
+[ * int, int * ]                §\C{// mix of CFA and ANSI}§
+[ * [ 5 ] int, * * char, * [ [ int, int ] ] (int, int) ]
+\end{cfa}
+Like tuples, tuple types may be nested, such as ©[ [ int, int ], int ]©, which is a 2-element tuple type whose first element is itself a tuple type.
+Examples of declarations using tuple types are:
+\begin{cfa}
+[ int, int ] x;                 §\C{// 2 element tuple, each element of type int}§
+* [ char, char ] y;             §\C{// pointer to a 2 element tuple}§
+[ [ int, int ] ] z ([ int, int ]);
+\end{cfa}
+The last example declares an external routine that expects a 2 element tuple as an input parameter and returns a 2 element tuple as its result.
+As mentioned, tuples can appear in contexts requiring a list of value, such as an argument list of a routine call.
+In unambiguous situations, the tuple brackets may be omitted, \eg a tuple that appears as an argument may have its
+square brackets omitted for convenience; therefore, the following routine invocations are equivalent:
+\begin{cfa}
+f( [ 1, x+2, fred() ] );
+f( 1, x+2, fred() );
+\end{cfa}
+Also, a tuple or a tuple variable may be used to supply all or part of an argument list for a routine expecting multiple input parameters or for a routine expecting a tuple as an input parameter.
+For example, the following are all legal:
+\begin{cfa}
+[ int, int ] w1;
+[ int, int, int ] w2;
+[ void ] f (int, int, int); /* three input parameters of type int */
+[ void ] g ([ int, int, int ]); /* 3 element tuple as input */
+f( [ 1, 2, 3 ] );
+f( w1, 3 );
+f( 1, w1 );
+f( w2 );
+g( [ 1, 2, 3 ] );
+g( w1, 3 );
+g( 1, w1 );
+g( w2 );
+\end{cfa}
+Note, in all cases 3 arguments are supplied even though the syntax may appear to supply less than 3. As mentioned, a
+tuple does not have structure like a record; a tuple is simply converted into a list of components.
+\begin{rationale}
+The present implementation of \CFA does not support nested routine calls when the inner routine returns multiple values; \ie a statement such as ©g( f() )© is not supported.
+Using a temporary variable to store the  results of the inner routine and then passing this variable to the outer routine works, however.
+\end{rationale}
+A tuple can contain a C comma expression, provided the expression containing the comma operator is enclosed in parentheses.
+For instance, the following tuples are equivalent:
+\begin{cfa}
+[ 1, 3, 5 ]
+[ 1, (2, 3), 5 ]
+\end{cfa}
+The second element of the second tuple is the expression (2, 3), which yields the result 3.
+This requirement is the same as for comma expressions in argument lists.
+Type qualifiers, \ie const and volatile, may modify a tuple type.
+The meaning is the same as for a type qualifier modifying an aggregate type [Int99, x 6.5.2.3(7),x 6.7.3(11)], \ie the qualifier is distributed across all of the types in the tuple, \eg:
+\begin{cfa}
+const volatile [ int, float, const int ] x;
+\end{cfa}
+is equivalent to:
+\begin{cfa}
+[ const volatile int, const volatile float, const volatile int ] x;
+\end{cfa}
+Declaration qualifiers can only appear at the start of a \CFA tuple declaration4, \eg:
+\begin{cfa}
+extern [ int, int ] w1;
+static [ int, int, int ] w2;
+\end{cfa}
+\begin{rationale}
+Unfortunately, C's syntax for subscripts precluded treating them as tuples.
+The C subscript list has the form ©[i][j]...© and not ©[i, j, ...]©.
+Therefore, there is no syntactic way for a routine returning multiple values to specify the different subscript values, \eg ©f[g()]© always means a single subscript value because there is only one set of brackets.
+Fixing this requires a major change to C because the syntactic form ©M[i, j, k]© already has a particular meaning: ©i, j, k© is a comma expression.
+\end{rationale}
+\subsection{Tuple Coercions}
+There are four coercions that can be performed on tuples and tuple variables: closing, opening, flattening and structuring.
+In addition, the coercion of dereferencing can be performed on a tuple variable to yield its value(s), as for other variables.
+A \newterm{closing coercion} takes a set of values and converts it into a tuple value, which is a contiguous set of values, as in:
+\begin{cfa}
+[ int, int, int, int ] w;
+w = [ 1, 2, 3, 4 ];
+\end{cfa}
+First the right-hand tuple is closed into a tuple value and then the tuple value is assigned.
+An \newterm{opening coercion} is the opposite of closing; a tuple value is converted into a tuple of values, as in:
+\begin{cfa}
+[ a, b, c, d ] = w
+\end{cfa}
+©w© is implicitly opened to yield a tuple of four values, which are then assigned individually.
+A \newterm{flattening coercion} coerces a nested tuple, \ie a tuple with one or more components, which are themselves tuples, into a flattened tuple, which is a tuple whose components are not tuples, as in:
+\begin{cfa}
+[ a, b, c, d ] = [ 1, [ 2, 3 ], 4 ];
+\end{cfa}
+First the right-hand tuple is flattened and then the values are assigned individually.
+Flattening is also performed on tuple types.
+For example, the type ©[ int, [ int, int ], int ]© can be coerced, using flattening, into the type ©[ int, int, int, int ]©.
+A \newterm{structuring coercion} is the opposite of flattening;
+a tuple is structured into a more complex nested tuple.
+For example, structuring the tuple ©[ 1, 2, 3, 4 ]© into the tuple ©[ 1, [ 2, 3 ], 4 ]© or the tuple type ©[ int, int, int, int ]© into the tuple type ©[ int, [ int, int ], int ]©.
+In the following example, the last assignment illustrates all the tuple coercions:
+\begin{cfa}
+[ int, int, int, int ] w = [ 1, 2, 3, 4 ];
+int x = 5;
+[ x, w ] = [ w, x ];            §\C{// all four tuple coercions}§
+\end{cfa}
+Starting on the right-hand tuple in the last assignment statement, w is opened, producing a tuple of four values;
+therefore, the right-hand tuple is now the tuple ©[ [ 1, 2, 3, 4 ], 5 ]©.
+This tuple is then flattened, yielding ©[ 1, 2, 3, 4, 5 ]©, which is structured into ©[ 1, [ 2, 3, 4, 5 ] ]© to match the tuple type of the left-hand side.
+The tuple ©[ 2, 3, 4, 5 ]© is then closed to create a tuple value.
+Finally, ©x© is assigned ©1© and ©w© is assigned the tuple value using multiple assignment (see Section 14).
+\begin{rationale}
+A possible additional language extension is to use the structuring coercion for tuples to initialize a complex record with a tuple.
+\end{rationale}
+\section{Mass Assignment}
+\CFA permits assignment to several variables at once using mass assignment~\cite{CLU}.
+Mass assignment has the following form:
+\begin{cfa}
+[ §\emph{lvalue}§, ... , §\emph{lvalue}§ ] = §\emph{expr}§;
+\end{cfa}
+\index{lvalue}
+The left-hand side is a tuple of \emph{lvalues}, which is a list of expressions each yielding an address, \ie any data object that can appear on the left-hand side of a conventional assignment statement.
+©$\emph{expr}$© is any standard arithmetic expression.
+Clearly, the types of the entities being assigned must be type compatible with the value of the expression.
+Mass assignment has parallel semantics, \eg the statement:
+\begin{cfa}
+[ x, y, z ] = 1.5;
+\end{cfa}
+is equivalent to:
+\begin{cfa}
+x = 1.5; y = 1.5; z = 1.5;
+\end{cfa}
+This semantics is not the same as the following in C:
+\begin{cfa}
+x = y = z = 1.5;
+\end{cfa}
+as conversions between intermediate assignments may lose information.
+A more complex example is:
+\begin{cfa}
+[ i, y[i], z ] = a + b;
+\end{cfa}
+which is equivalent to:
+\begin{cfa}
+t = a + b;
+a1 = &i; a2 = &y[i]; a3 = &z;
+*a1 = t; *a2 = t; *a3 = t;
+\end{cfa}
+The temporary ©t© is necessary to store the value of the expression to eliminate conversion issues.
+The temporaries for the addresses are needed so that locations on the left-hand side do not change as the values are assigned.
+In this case, ©y[i]© uses the previous value of ©i© and not the new value set at the beginning of the mass assignment.
+\section{Multiple Assignment}
+\CFA also supports the assignment of several values at once, known as multiple assignment~\cite{CLU,Galletly96}.
+Multiple assignment has the following form:
+\begin{cfa}
+[ §\emph{lvalue}§, ... , §\emph{lvalue}§ ] = [ §\emph{expr}§, ... , §\emph{expr}§ ];
+\end{cfa}
+\index{lvalue}
+The left-hand side is a tuple of \emph{lvalues}, and the right-hand side is a tuple of \emph{expr}s.
+Each \emph{expr} appearing on the right-hand side of a multiple assignment statement is assigned to the corresponding \emph{lvalues} on the left-hand side of the statement using parallel semantics for each assignment.
+An example of multiple assignment is:
+\begin{cfa}
+[ x, y, z ] = [ 1, 2, 3 ];
+\end{cfa}
+Here, the values ©1©, ©2© and ©3© are assigned, respectively, to the variables ©x©, ©y© and ©z©.
+ A more complex example is:
+\begin{cfa}
+[ i, y[ i ], z ] = [ 1, i, a + b ];
+\end{cfa}
+Here, the values ©1©, ©i© and ©a + b© are assigned to the variables ©i©, ©y[i]© and ©z©, respectively.
+ Note, the parallel semantics of
+multiple assignment ensures:
+\begin{cfa}
+[ x, y ] = [ y, x ];
+\end{cfa}
+correctly interchanges (swaps) the values stored in ©x© and ©y©.
+The following cases are errors:
+\begin{cfa}
+[ a, b, c ] = [ 1, 2, 3, 4 ];
+[ a, b, c ] = [ 1, 2 ];
+\end{cfa}
+because the number of entities in the left-hand tuple is unequal with the right-hand tuple.
+As for all tuple contexts in C, side effects should not be used because C does not define an ordering for the evaluation of the elements of a tuple;
+both these examples produce indeterminate results:
+\begin{cfa}
+f( x++, x++ );                          §\C{// C routine call with side effects in arguments}§
+[ v1, v2 ] = [ x++, x++ ];      §\C{// side effects in righthand side of multiple assignment}§
+\end{cfa}
+\section{Cascade Assignment}
+As in C, \CFA mass and multiple assignments can be cascaded, producing cascade assignment.
+Cascade assignment has the following form:
+\begin{cfa}
+§\emph{tuple}§ = §\emph{tuple}§ = ... = §\emph{tuple}§;
+\end{cfa}
+and it has the same parallel semantics as for mass and multiple assignment.
+Some examples of cascade assignment are:
+\begin{cfa}
+x1 = y1 = x2 = y2 = 0;
+[ x1, y1 ] = [ x2, y2 ] = [ x3, y3 ];
+[ x1, y1 ] = [ x2, y2 ] = 0;
+[ x1, y1 ] = z = 0;
+\end{cfa}
+As in C, the rightmost assignment is performed first, \ie assignment parses right to left.
+\section{Field Tuples}
+Tuples may be used to select multiple fields of a record by field name.
+Its general form is:
+\begin{cfa}
+§\emph{expr}§ . [ §\emph{fieldlist}§ ]
+§\emph{expr}§ -> [ §\emph{fieldlist}§ ]
+\end{cfa}
+\emph{expr} is any expression yielding a value of type record, \eg ©struct©, ©union©.
+Each element of \emph{ fieldlist} is an element of the record specified by \emph{expr}.
+A record-field tuple may be used anywhere a tuple can be used. An example of the use of a record-field tuple is
+the following:
+\begin{cfa}
+struct s {
+        int f1, f2;
+        char f3;
+        double f4;
+} v;
+v.[ f3, f1, f2 ] = ['x', 11, 17 ];      §\C{// equivalent to v.f3 = 'x', v.f1 = 11, v.f2 = 17}§
+f( v.[ f3, f1, f2 ] );                          §\C{// equivalent to f( v.f3, v.f1, v.f2 )}§
+\end{cfa}
+Note, the fields appearing in a record-field tuple may be specified in any order;
+also, it is unnecessary to specify all the fields of a struct in a multiple record-field tuple.
+If a field of a ©struct© is itself another ©struct©, multiple fields of this subrecord can be specified using a nested record-field tuple, as in the following example:
+\begin{cfa}
+struct inner {
+        int f2, f3;
+};
+struct outer {
+        int f1;
+        struct inner i;
+        double f4;
+} o;
+o.[ f1, i.[ f2, f3 ], f4 ] = [ 11, 12, 13, 3.14159 ];
+\end{cfa}
+\section{Labelled Continue/Break}
+\section{Exponentiation Operator}
+C, \CC, and Java (and many other programming languages) have no exponentiation operator\index{exponentiation!operator}\index{operator!exponentiation}, \ie $x^y$, and instead use a routine, like \Indexc{pow}, to perform the exponentiation operation.
+\CFA extends the basic operators with the exponentiation operator ©?\?©\index{?\\?@\lstinline$?\?$} and ©?\=?©\index{?\\=?@\lstinline$?\=?$}, as in, ©x \ y© and ©x \= y©, which means $x^y$ and $x \leftarrow x^y$.
+The priority of the exponentiation operator is between the cast and multiplicative operators, so that ©w * (int)x \ (int)y * z© is parenthesized as ©((w * (((int)x) \ ((int)y))) * z)©.
+As for \Index{division}, there are exponentiation operators for integral and floating-point types, including the builtin \Index{complex} types.
+Unsigned integral exponentiation\index{exponentiation!unsigned integral} is performed with repeated multiplication (or shifting if the base is 2).
+Signed integral exponentiation\index{exponentiation!signed integral} is performed with repeated multiplication (or shifting if the base is 2), but yields a floating-point result because $b^{-e}=1/b^e$.
+Hence, it is important to designate exponent integral-constants as unsigned or signed: ©3 \ 3u© return an integral result, while ©3 \ 3© returns a floating-point result.
+Floating-point exponentiation\index{exponentiation!floating point} is performed using \Index{logarithm}s\index{exponentiation!logarithm}, so the base cannot be negative.
+\begin{cfa}
+sout | 2 ®\® 8u | 4 ®\® 3u | -4 ®\® 3u | 4 ®\® -3 | -4 ®\® -3 | 4.0 ®\® 2.1 | (1.0f+2.0fi) ®\® (3.0f+2.0fi) | endl;
+64 -64 0.015625 -0.015625 18.3791736799526 0.264715-1.1922i
+\end{cfa}
+Parenthesis are necessary for the complex constants or the expresion is parsed as ©1.0f+(2.0fi \ 3.0f)+2.0fi©.
+The exponentiation operator is available for all the basic types, but for user-defined types, only the integral version is available, if the user type defines multiplication, ©*©, and one, ©1©.
+\section{\texorpdfstring{Labelled \LstKeywordStyle{continue} / \LstKeywordStyle{break}}{Labelled continue / break}}
 While C provides ©continue© and ©break© statements for altering control flow, both are restricted to one level of nesting for a particular control structure.
 Unfortunately, this restriction forces programmers to use \Indexc{goto} to achieve the equivalent control-flow for more than one level of nesting.
 To prevent having to switch to the ©goto©, \CFA extends the \Indexc{continue}\index{continue@\lstinline $continue$!labelled}\index{labelled!continue@©continue©} and \Indexc{break}\index{break@\lstinline $break$!labelled}\index{labelled!break@©break©} with a target label to support static multi-level exit\index{multi-level exit}\index{static multi-level exit}~\cite{Buhr85,Java}.
+To prevent having to switch to the ©goto©, \CFA extends the \Indexc{continue}\index{continue@\lstinline $continue$!labelled}\index{labelled!continue@©continue©} and \Indexc{break}\index{break@\lstinline $break$!labelled}\index{labelled!break@©break©} with a target label to support static multi-level exit\index{multi-level exit}\index{static multi-level exit}~\cite{Buhr85}.
 For both ©continue© and ©break©, the target label must be directly associated with a ©for©, ©while© or ©do© statement;
 for ©break©, the target label can also be associated with a ©switch©, ©if© or compound (©{}©) statement.
 \VRef[Figure]{f:MultiLevelResumeTermination} shows the labelled ©continue© and ©break©, specifying which control structure is the target for exit, and the corresponding C program using only ©goto©.
 The innermost loop has 7 exit points, which cause resumption or termination of one or more of the 7 \Index{nested control-structure}s.
+Java supports both labelled ©continue© and ©break© statements.
 \begin{figure}
 …
 \section{Switch Statement}
+\section{\texorpdfstring{\LstKeywordStyle{switch} Statement}{switch Statement}}
 C allows a number of questionable forms for the ©switch© statement:
 …
         ®// open input file
 ®} else if ( argc == 2 ) {
         ®// open input file
+        ®// open input file (duplicate)
 ®} else {
 …
 \begin{cfa}
 switch ( i ) {
   case 1: case 3: case 5:       // odd values
         // same action
+  ®case 1: case 3: case 5:®     // odd values
+        // odd action
         break;
   case 2: case 4: case 6:       // even values
         // same action
+  ®case 2: case 4: case 6:®     // even values
+        // even action
         break;
+}
 …
 However, this situation is handled in other languages without fall-through by allowing a list of case values.
 While fall-through itself is not a problem, the problem occurs when fall-through is the default, as this semantics is unintuitive to many programmers and is different from virtually all other programming languages with a ©switch© statement.
 Hence, default fall-through semantics results in a large number of programming errors as programmers often forget the ©break© statement at the end of a ©case© clause, resulting in inadvertent fall-through.
+Hence, default fall-through semantics results in a large number of programming errors as programmers often \emph{forget} the ©break© statement at the end of a ©case© clause, resulting in inadvertent fall-through.
 \item
 …
 and there is only a medium amount of fall-through from one ©case© clause to the next, and most of these result from a list of case values executing common code, rather than a sequence of case actions that compound.
 \end{itemize}
 These observations help to put the \CFA changes to the ©switch© into perspective.
+These observations put into perspective the \CFA changes to the ©switch©.
 \begin{enumerate}
 \item
 …
 still works.
 Nevertheless, reversing the default action would have a non-trivial effect on case actions that compound, such as the above example of processing shell arguments.
 Therefore, to preserve backwards compatibility, it is necessary to introduce a new kind of ©switch© statement, called ©choose©, with no implicit fall-through semantics and an explicit fall-through if the last statement of a case-clause ends with the new keyword ©fallthrough©/©fallthru©, e.g.:
+Therefore, to preserve backwards compatibility, it is necessary to introduce a new kind of ©switch© statement, called ©choose©, with no implicit fall-through semantics and an explicit fall-through if the last statement of a case-clause ends with the new keyword ©fallthrough©/©fallthru©, \eg:
 \begin{cfa}
 ®choose® ( i ) {
 …
   case 7:
         ...
         ®break®                                         §\C{// explicit end of switch}§
+        ®break®                                         §\C{// redundant explicit end of switch}§
   default:
         j = 3;
 …
 \end{cfa}
 Like the ©switch© statement, the ©choose© statement retains the fall-through semantics for a list of ©case© clauses;
 the implicit ©break© is applied only at the end of the \emph{statements} following a ©case© clause.
 The explicit ©fallthru© is retained because it is a C-idiom most C programmers expect, and its absence might discourage programmers from using the ©choose© statement.
+An implicit ©break© is applied only at the end of the \emph{statements} following a ©case© clause.
+An explicit ©fallthru© is retained because it is a C-idiom most C programmers expect, and its absence might discourage programmers from using the ©choose© statement.
 As well, allowing an explicit ©break© from the ©choose© is a carry over from the ©switch© statement, and expected by C programmers.
 \item
 …
 \section{Case Clause}
+\section{\texorpdfstring{\LstKeywordStyle{case} Clause}{case Clause}}
 C restricts the ©case© clause of a ©switch© statement to a single value.
 …
+\section{\texorpdfstring{\LstKeywordStyle{with} Clause / Statement}{with Clause / Statement}}
+\label{s:WithClauseStatement}
+In \Index{object-oriented} programming, there is an implicit first parameter, often names \textbf{©self©} or \textbf{©this©}, which is elided.
+\begin{C++}
+class C {
+        int i, j;
+        int mem() {              ®// implicit "this" parameter
+®               i = 1;          ®// this->i
+®               j = 3;          ®// this->j
+®       }
+}
+\end{C++}
+Since CFA is non-object-oriented, the equivalent object-oriented program looks like:
+\begin{cfa}
+struct S { int i, j; };
+int mem( S &this ) {    // explicit "this" parameter
+        ®this.®i = 1;                     // "this" is not elided
+        ®this.®j = 2;
+}
+\end{cfa}
+but it is cumbersome having to write "©this.©" many times in a member.
+\CFA provides a ©with© clause/statement to elided the "©this.©" by opening a scope containing field identifiers and changing the qualified fields into variables, giving an opportunity for optimizing qualified references.\footnote{
+The ©with© statement comes from Pascal~\cite[\S~4.F]{Pascal}.}
+\begin{cfa}
+int mem( S &this ) ®with this® {
+        i = 1;                  ®// this.i
+®       j = 2;                  ®// this.j
+®}
+\end{cfa}
+which extends to multiple routine parameters:
+\begin{cfa}
+struct T { double m, n; };
+int mem2( S &this1, T &this2 ) ®with this1, this2® {
+        i = 1; j = 2;
+        m = 1.0; n = 2.0;
+}
+\end{cfa}
+The statement form is used within a block:
+\begin{cfa}
+int foo() {
+        struct S1 { ... } s1;
+        struct S2 { ... } s2;
+        ®with s1® {
+                // access fields of s1 without qualification
+                ®with s2® {  // nesting
+                        // access fields of s1 and s2 without qualification
+                }
+        }
+        ®with s1, s2® {
+                // access unambiguous fields of s1 and s2 without qualification
+        }
+}
+\end{cfa}
+When opening multiple structures, fields with the same name and type are ambiguous and must be fully qualified.
+For fields with the same name but different type, context/cast can be used to disambiguate.
+\begin{cfa}
+struct S { int i; int j; double m; } a, c;
+struct T { int i; int k; int m } b, c;
+®with a, b® {
+        j + k;                                          §\C{// unambiguous, unique names define unique type}§
+        i;                                                      §\C{// ambiguous, same name and type}§
+        a.i + b.i;                                      §\C{// unambiguous, qualification defines unique type}§
+        m;                                                      §\C{// ambiguous, no context to define unique type}§
+        m = 5.0;                                        §\C{// unambiguous, context defines unique type}§
+        m = 1;                                          §\C{// unambiguous, context defines unique type}§
+}
+®with c® { ... }                                §\C{// ambiguous, no context}§
+®with (S)c® { ... }                             §\C{// unambiguous, cast defines unique type}§
+\end{cfa}
 \section{Exception Handling}
+\label{s:ExceptionHandling}
 Exception handling provides two mechanism: change of control flow from a raise to a handler, and communication from the raise to the handler.
+\begin{cfa}
+exception void h( int i );
+exception int h( int i, double d );
+Transfer of control can be local, within a routine, or non-local, among routines.
+Non-local transfer can cause stack unwinding, i.e., non-local routine termination, depending on the kind of raise.
+\begin{cfa}
+exception_t E {};                               §\C{// exception type}§
 void f(...) {
+        ... throw h( 3 );
+        ... i = resume h( 3, 5.1 );
+}
+        ... throw E{}; ...                      §\C{// termination}§
+        ... throwResume E{}; ...        §\C{// resumption}§
+}
 try {
         f(...);
 } catch h( int w ) {
         // reset
 } resume h( int p, double x ) {
         return 17;  // recover
+} catch( E e : §boolean-predicate§ ) {                  §\C{// termination handler}§
+        // recover and continue
+} catchResume( E e : §boolean-predicate§ ) {    §\C{// resumption handler}§
+        // repair and return
 } finally {
+}
+\end{cfa}
+So the type raised would be the mangled name of the exception prototype and that name would be matched at the handler clauses by comparing the strings.
+The arguments for the call would have to be packed in a message and unpacked at handler clause and then a call made to the handler.
+        // always executed
+}
+\end{cfa}
+The kind of raise and handler match: ©throw© with ©catch© and @throwResume@ with @catchResume@.
+Then the exception type must match along with any additonal predicate must be true.
+The ©catch© and ©catchResume© handlers may appear in any oder.
+However, the ©finally© clause must
+\subsection{Exception Hierarchy}
+An exception type can be derived from another exception type, just like deriving a subclass from a class, providing a kind of polymorphism among exception types.
+The exception-type hierarchy that is created is used to organize exception types, similar to a class hierarchy in object-oriented languages, \eg:
+\begin{center}
+\input{EHMHierarchy}
+\end{center}
+A programmer can then choose to handle an exception at different degrees of specificity along the hierarchy;
+derived exception-types support a more flexible programming style.
+For example, higher-level code should catch general exceptions to reduce coupling to the specific implementation at the lower levels;
+unnecessary coupling may force changes in higher-level code when low-level code changes.
+A consequence of derived exception-types is that multiple exceptions may match, \eg:
+\begin{cfa}
+catch( Arithmetic )
+\end{cfa}
+matches all three derived exception-types: ©DivideByZero©, ©Overflow©, and ©Underflow©.
+Because the propagation mechanisms perform a simple linear search of the handler clause for a guarded block, and selects the first matching handler, the order of catch clauses in the handler clause becomes important, \eg:
+\begin{cfa}
+try {
+        ...
+} catch( Overflow ) {   // must appear first
+        // handle overflow
+} catch( Arithmetic )
+        // handle other arithmetic issues
+}
+\end{cfa}
+\newterm{Multiple derivation} among exception is not supported.
+\section{Declarations}
+\label{s:Declarations}
+C declaration syntax is notoriously confusing and error prone.
+For example, many C programmers are confused by a declaration as simple as:
+\begin{quote2}
+\begin{tabular}{@{}ll@{}}
+\begin{cfa}
+int * x[5]
+\end{cfa}
+&
+\raisebox{-0.75\totalheight}{\input{Cdecl}}
+\end{tabular}
+\end{quote2}
+Is this an array of 5 pointers to integers or a \Index{pointer} to an array of 5 integers?
+The fact this declaration is unclear to many C programmers means there are \Index{productivity} and \Index{safety} issues even for basic programs.
+Another example of confusion results from the fact that a routine name and its parameters are embedded within the return type, mimicking the way the return value is used at the routine's call site.
+For example, a routine returning a \Index{pointer} to an array of integers is defined and used in the following way:
+\begin{cfa}
+int ®(*®f®())[®5®]® {...};                              §\C{definition}§
+ ... ®(*®f®())[®3®]® += 1;                              §\C{usage}§
+\end{cfa}
+Essentially, the return type is wrapped around the routine name in successive layers (like an \Index{onion}).
+While attempting to make the two contexts consistent is a laudable goal, it has not worked out in practice.
+\CFA provides its own type, variable and routine declarations, using a different syntax.
+The new declarations place qualifiers to the left of the base type, while C declarations place qualifiers to the right of the base type.
+In the following example, \R{red} is the base type and \B{blue} is qualifiers.
+The \CFA declarations move the qualifiers to the left of the base type, \ie move the blue to the left of the red, while the qualifiers have the same meaning but are ordered left to right to specify a variable's type.
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+ß[5] *ß ®int® x1;
+ß* [5]ß ®int® x2;
+ß[* [5] int]ß f®( int p )®;
+\end{cfa}
+&
+\begin{cfa}
+®int® ß*ß x1 ß[5]ß;
+®int® ß(*ßx2ß)[5]ß;
+ßint (*ßf®( int p )®ß)[5]ß;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The only exception is \Index{bit field} specification, which always appear to the right of the base type.
+% Specifically, the character ©*© is used to indicate a pointer, square brackets ©[©\,©]© are used to represent an array or function return value, and parentheses ©()© are used to indicate a routine parameter.
+However, unlike C, \CFA type declaration tokens are distributed across all variables in the declaration list.
+For instance, variables ©x© and ©y© of type \Index{pointer} to integer are defined in \CFA as follows:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®*® int x, y;
+\end{cfa}
+&
+\begin{cfa}
+int ®*®x, ®*®y;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The downside of this semantics is the need to separate regular and \Index{pointer} declarations:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®*® int x;
+int y;
+\end{cfa}
+&
+\begin{cfa}
+int ®*®x, y;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+which is \Index{prescribing} a safety benefit.
+Other examples are:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{\hspace{2em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{2em}}}{\textbf{C}} \\
+\begin{cfa}
+[ 5 ] int z;
+[ 5 ] * char w;
+* [ 5 ] double v;
+struct s {
+        int f0:3;
+        * int f1;
+        [ 5 ] * int f2;
+};
+\end{cfa}
+&
+\begin{cfa}
+int z[ 5 ];
+char * w[ 5 ];
+double (* v)[ 5 ];
+struct s {
+        int f0:3;
+        int * f1;
+        int * f2[ 5 ]
+};
+\end{cfa}
+&
+\begin{cfa}
+// array of 5 integers
+// array of 5 pointers to char
+// pointer to array of 5 doubles
+// common bit field syntax
+\end{cfa}
+\end{tabular}
+\end{quote2}
+All type qualifiers, \eg ©const©, ©volatile©, etc., are used in the normal way with the new declarations and also appear left to right, \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{1em}}l@{\hspace{1em}}l@{}}
+\multicolumn{1}{c@{\hspace{1em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{1em}}}{\textbf{C}} \\
+\begin{cfa}
+const * const int x;
+const * [ 5 ] const int y;
+\end{cfa}
+&
+\begin{cfa}
+int const * const x;
+const int (* const y)[ 5 ]
+\end{cfa}
+&
+\begin{cfa}
+// const pointer to const integer
+// const pointer to array of 5 const integers
+\end{cfa}
+\end{tabular}
+\end{quote2}
+All declaration qualifiers, \eg ©extern©, ©static©, etc., are used in the normal way with the new declarations but can only appear at the start of a \CFA routine declaration,\footnote{\label{StorageClassSpecifier}
+The placement of a storage-class specifier other than at the beginning of the declaration specifiers in a declaration is an obsolescent feature.~\cite[\S~6.11.5(1)]{C11}} \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{\hspace{2em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c@{\hspace{2em}}}{\textbf{C}} \\
+\begin{cfa}
+extern [ 5 ] int x;
+static * const int y;
+\end{cfa}
+&
+\begin{cfa}
+int extern x[ 5 ];
+const int static * y;
+\end{cfa}
+&
+\begin{cfa}
+// externally visible array of 5 integers
+// internally visible pointer to constant int
+\end{cfa}
+\end{tabular}
+\end{quote2}
+The new declaration syntax can be used in other contexts where types are required, \eg casts and the pseudo-routine ©sizeof©:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+y = (®* int®)x;
+i = sizeof(®[ 5 ] * int®);
+\end{cfa}
+&
+\begin{cfa}
+y = (®int *®)x;
+i = sizeof(®int * [ 5 ]®);
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Finally, new \CFA declarations may appear together with C declarations in the same program block, but cannot be mixed within a specific declaration.
+Therefore, a programmer has the option of either continuing to use traditional C declarations or take advantage of the new style.
+Clearly, both styles need to be supported for some time due to existing C-style header-files, particularly for UNIX systems.
+\section{Pointer / Reference}
+C provides a \newterm{pointer type};
+\CFA adds a \newterm{reference type}.
+These types may be derived from an object or routine type, called the \newterm{referenced type}.
+Objects of these types contain an \newterm{address}, which is normally a location in memory, but may also address memory-mapped registers in hardware devices.
+An integer constant expression with the value 0, or such an expression cast to type ©void *©, is called a \newterm{null-pointer constant}.\footnote{
+One way to conceptualize the null pointer is that no variable is placed at this address, so the null-pointer address can be used to denote an uninitialized pointer/reference object;
+\ie the null pointer is guaranteed to compare unequal to a pointer to any object or routine.}
+An address is \newterm{sound}, if it points to a valid memory location in scope, \ie within the program's execution-environment and has not been freed.
+Dereferencing an \newterm{unsound} address, including the null pointer, is \Index{undefined}, often resulting in a \Index{memory fault}.
+A program \newterm{object} is a region of data storage in the execution environment, the contents of which can represent values.
+In most cases, objects are located in memory at an address, and the variable name for an object is an implicit address to the object generated by the compiler and automatically dereferenced, as in:
+\begin{quote2}
+\begin{tabular}{@{}ll@{\hspace{2em}}l@{}}
+\begin{cfa}
+int x;
+x = 3;
+int y;
+y = x;
+\end{cfa}
+&
+\raisebox{-0.45\totalheight}{\input{pointer1}}
+&
+\begin{cfa}
+int * ®const® x = (int *)100
+*x = 3;                 // implicit dereference
+int * ®const® y = (int *)104;
+*y = *x;                // implicit dereference
+\end{cfa}
+\end{tabular}
+\end{quote2}
+where the right example is how the compiler logically interprets the variables in the left example.
+Since a variable name only points to one address during its lifetime, it is an \Index{immutable} \Index{pointer};
+hence, the implicit type of pointer variables ©x© and ©y© are constant pointers in the compiler interpretation.
+In general, variable addresses are stored in instructions instead of loaded from memory, and hence may not occupy storage.
+These approaches are contrasted in the following:
+\begin{quote2}
+\begin{tabular}{@{}l|l@{}}
+\multicolumn{1}{c|}{explicit variable address} & \multicolumn{1}{c}{implicit variable address} \\
+\hline
+\begin{cfa}
+lda             r1,100                  // load address of x
+ld               r2,(r1)                  // load value of x
+lda             r3,104                  // load address of y
+st               r2,(r3)                  // store x into y
+\end{cfa}
+&
+\begin{cfa}
+ld              r2,(100)                // load value of x
+st              r2,(104)                // store x into y
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Finally, the immutable nature of a variable's address and the fact that there is no storage for the variable pointer means pointer assignment\index{pointer!assignment}\index{assignment!pointer} is impossible.
+Therefore, the expression ©x = y© has only one meaning, ©*x = *y©, \ie manipulate values, which is why explicitly writing the dereferences is unnecessary even though it occurs implicitly as part of \Index{instruction decoding}.
+A \Index{pointer}/\Index{reference} object is a generalization of an object variable-name, \ie a mutable address that can point to more than one memory location during its lifetime.
+(Similarly, an integer variable can contain multiple integer literals during its lifetime versus an integer constant representing a single literal during its lifetime, and like a variable name, may not occupy storage if the literal is embedded directly into instructions.)
+Hence, a pointer occupies memory to store its current address, and the pointer's value is loaded by dereferencing, \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{2em}}l@{}}
+\begin{cfa}
+int x, y, ®*® p1, ®*® p2, ®**® p3;
+p1 = ®&®x;               // p1 points to x
+p2 = p1;                 // p2 points to x
+p1 = ®&®y;               // p1 points to y
+p3 = &p2;               // p3 points to p2
+\end{cfa}
+&
+\raisebox{-0.5\totalheight}{\input{pointer2.pstex_t}}
+\end{tabular}
+\end{quote2}
+Notice, an address has a \Index{duality}\index{address!duality}: a location in memory or the value at that location.
+In many cases, a compiler might be able to infer the best meaning for these two cases.
+For example, \Index*{Algol68}~\cite{Algol68} infers pointer dereferencing to select the best meaning for each pointer usage
+\begin{cfa}
+p2 = p1 + x;                                    §\C{// compiler infers *p2 = *p1 + x;}§
+\end{cfa}
+Algol68 infers the following dereferencing ©*p2 = *p1 + x©, because adding the arbitrary integer value in ©x© to the address of ©p1© and storing the resulting address into ©p2© is an unlikely operation.
+Unfortunately, automatic dereferencing does not work in all cases, and so some mechanism is necessary to fix incorrect choices.
+Rather than inferring dereference, most programming languages pick one implicit dereferencing semantics, and the programmer explicitly indicates the other to resolve address-duality.
+In C, objects of pointer type always manipulate the pointer object's address:
+\begin{cfa}
+p1 = p2;                                                §\C{// p1 = p2\ \ rather than\ \ *p1 = *p2}§
+p2 = p1 + x;                                    §\C{// p2 = p1 + x\ \ rather than\ \ *p2 = *p1 + x}§
+\end{cfa}
+even though the assignment to ©p2© is likely incorrect, and the programmer probably meant:
+\begin{cfa}
+p1 = p2;                                                §\C{// pointer address assignment}§
+®*®p2 = ®*®p1 + x;                              §\C{// pointed-to value assignment / operation}§
+\end{cfa}
+The C semantics work well for situations where manipulation of addresses is the primary meaning and data is rarely accessed, such as storage management (©malloc©/©free©).
+However, in most other situations, the pointed-to value is requested more often than the pointer address.
+\begin{cfa}
+*p2 = ((*p1 + *p2) * (**p3 - *p1)) / (**p3 - 15);
+\end{cfa}
+In this case, it is tedious to explicitly write the dereferencing, and error prone when pointer arithmetic is allowed.
+It is better to have the compiler generate the dereferencing and have no implicit pointer arithmetic:
+\begin{cfa}
+p2 = ((p1 + p2) * (p3 - p1)) / (p3 - 15);
+\end{cfa}
+To support this common case, a reference type is introduced in \CFA, denoted by ©&©, which is the opposite dereference semantics to a pointer type, making the value at the pointed-to location the implicit semantics for dereferencing (similar but not the same as \CC \Index{reference type}s).
+\begin{cfa}
+int x, y, ®&® r1, ®&® r2, ®&&® r3;
+®&®r1 = &x;                                             §\C{// r1 points to x}§
+®&®r2 = &r1;                                    §\C{// r2 points to x}§
+®&®r1 = &y;                                             §\C{// r1 points to y}§
+®&&®r3 = ®&®&r2;                                §\C{// r3 points to r2}§
+r2 = ((r1 + r2) * (r3 - r1)) / (r3 - 15); §\C{// implicit dereferencing}§
+\end{cfa}
+Except for auto-dereferencing by the compiler, this reference example is the same as the previous pointer example.
+Hence, a reference behaves like the variable name for the current variable it is pointing-to.
+One way to conceptualize a reference is via a rewrite rule, where the compiler inserts a dereference operator before the reference variable for each reference qualifier in a declaration, so the previous example becomes:
+\begin{cfa}
+®*®r2 = ((®*®r1 + ®*®r2) ®*® (®**®r3 - ®*®r1)) / (®**®r3 - 15);
+\end{cfa}
+When a reference operation appears beside a dereference operation, \eg ©&*©, they cancel out.
+However, in C, the cancellation always yields a value (\Index{rvalue}).\footnote{
+The unary ©&© operator yields the address of its operand.
+If the operand has type ``type'', the result has type ``pointer to type''.
+If the operand is the result of a unary ©*© operator, neither that operator nor the ©&© operator is evaluated and the result is as if both were omitted, except that the constraints on the operators still apply and the result is not an lvalue.~\cite[\S~6.5.3.2--3]{C11}}
+For a \CFA reference type, the cancellation on the left-hand side of assignment leaves the reference as an address (\Index{lvalue}):
+\begin{cfa}
+(&®*®)r1 = &x;                                  §\C{// (\&*) cancel giving address in r1 not variable pointed-to by r1}§
+\end{cfa}
+Similarly, the address of a reference can be obtained for assignment or computation (\Index{rvalue}):
+\begin{cfa}
+(&(&®*®)®*®)r3 = &(&®*®)r2;             §\C{// (\&*) cancel giving address in r2, (\&(\&*)*) cancel giving address in r3}§
+\end{cfa}
+Cancellation\index{cancellation!pointer/reference}\index{pointer!cancellation} works to arbitrary depth.
+Fundamentally, pointer and reference objects are functionally interchangeable because both contain addresses.
+\begin{cfa}
+int x, *p1 = &x, **p2 = &p1, ***p3 = &p2,
+                 &r1 = x,    &&r2 = r1,   &&&r3 = r2;
+***p3 = 3;                                              §\C{// change x}§
+r3 = 3;                                                 §\C{// change x, ***r3}§
+**p3 = ...;                                             §\C{// change p1}§
+&r3 = ...;                                              §\C{// change r1, (\&*)**r3, 1 cancellation}§
+*p3 = ...;                                              §\C{// change p2}§
+&&r3 = ...;                                             §\C{// change r2, (\&(\&*)*)*r3, 2 cancellations}§
+&&&r3 = p3;                                             §\C{// change r3 to p3, (\&(\&(\&*)*)*)r3, 3 cancellations}§
+\end{cfa}
+Furthermore, both types are equally performant, as the same amount of dereferencing occurs for both types.
+Therefore, the choice between them is based solely on whether the address is dereferenced frequently or infrequently, which dictates the amount of implicit dereferencing aid from the compiler.
+As for a pointer type, a reference type may have qualifiers:
+\begin{cfa}
+const int cx = 5;                                       §\C{// cannot change cx;}§
+const int & cr = cx;                            §\C{// cannot change what cr points to}§
+®&®cr = &cx;                                            §\C{// can change cr}§
+cr = 7;                                                         §\C{// error, cannot change cx}§
+int & const rc = x;                                     §\C{// must be initialized}§
+®&®rc = &x;                                                     §\C{// error, cannot change rc}§
+const int & const crc = cx;                     §\C{// must be initialized}§
+crc = 7;                                                        §\C{// error, cannot change cx}§
+®&®crc = &cx;                                           §\C{// error, cannot change crc}§
+\end{cfa}
+Hence, for type ©& const©, there is no pointer assignment, so ©&rc = &x© is disallowed, and \emph{the address value cannot be the null pointer unless an arbitrary pointer is coerced\index{coercion} into the reference}:
+\begin{cfa}
+int & const cr = *0;                            §\C{// where 0 is the int * zero}§
+\end{cfa}
+Note, constant reference-types do not prevent \Index{addressing errors} because of explicit storage-management:
+\begin{cfa}
+int & const cr = *malloc();
+cr = 5;
+free( &cr );
+cr = 7;                                                         §\C{// unsound pointer dereference}§
+\end{cfa}
+The position of the ©const© qualifier \emph{after} the pointer/reference qualifier causes confuse for C programmers.
+The ©const© qualifier cannot be moved before the pointer/reference qualifier for C style-declarations;
+\CFA-style declarations (see \VRef{s:Declarations}) attempt to address this issue:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+®const® * ®const® * const int ccp;
+®const® & ®const® & const int ccr;
+\end{cfa}
+&
+\begin{cfa}
+const int * ®const® * ®const® ccp;
+\end{cfa}
+\end{tabular}
+\end{quote2}
+where the \CFA declaration is read left-to-right.
+Finally, like pointers, references are usable and composable with other type operators and generators.
+\begin{cfa}
+int w, x, y, z, & ar[3] = { x, y, z }; §\C{// initialize array of references}§
+&ar[1] = &w;                                            §\C{// change reference array element}§
+typeof( ar[1] ) p;                                      §\C{// (gcc) is int, i.e., the type of referenced object}§
+typeof( &ar[1] ) q;                                     §\C{// (gcc) is int \&, i.e., the type of reference}§
+sizeof( ar[1] ) == sizeof( int );       §\C{// is true, i.e., the size of referenced object}§
+sizeof( &ar[1] ) == sizeof( int *)      §\C{// is true, i.e., the size of a reference}§
+\end{cfa}
+In contrast to \CFA reference types, \Index*[C++]{\CC{}}'s reference types are all ©const© references, preventing changes to the reference address, so only value assignment is possible, which eliminates half of the \Index{address duality}.
+Also, \CC does not allow \Index{array}s\index{array!reference} of reference\footnote{
+The reason for disallowing arrays of reference is unknown, but possibly comes from references being ethereal (like a textual macro), and hence, replaceable by the referant object.}
+\Index*{Java}'s reference types to objects (all Java objects are on the heap) are like C pointers, which always manipulate the address, and there is no (bit-wise) object assignment, so objects are explicitly cloned by shallow or deep copying, which eliminates half of the address duality.
+\subsection{Initialization}
+\Index{Initialization} is different than \Index{assignment} because initialization occurs on the empty (uninitialized) storage on an object, while assignment occurs on possibly initialized storage of an object.
+There are three initialization contexts in \CFA: declaration initialization, argument/parameter binding, return/temporary binding.
+Because the object being initialized has no value, there is only one meaningful semantics with respect to address duality: it must mean address as there is no pointed-to value.
+In contrast, the left-hand side of assignment has an address that has a duality.
+Therefore, for pointer/reference initialization, the initializing value must be an address not a value.
+\begin{cfa}
+int * p = &x;                                           §\C{// assign address of x}§
+®int * p = x;®                                          §\C{// assign value of x}§
+int & r = x;                                            §\C{// must have address of x}§
+\end{cfa}
+Like the previous example with C pointer-arithmetic, it is unlikely assigning the value of ©x© into a pointer is meaningful (again, a warning is usually given).
+Therefore, for safety, this context requires an address, so it is superfluous to require explicitly taking the address of the initialization object, even though the type is incorrect.
+Note, this is strictly a convenience and safety feature for a programmer.
+Hence, \CFA allows ©r© to be assigned ©x© because it infers a reference for ©x©, by implicitly inserting a address-of operator, ©&©, and it is an error to put an ©&© because the types no longer match due to the implicit dereference.
+Unfortunately, C allows ©p© to be assigned with ©&x© (address) or ©x© (value), but most compilers warn about the latter assignment as being potentially incorrect.
+Similarly, when a reference type is used for a parameter/return type, the call-site argument does not require a reference operator for the same reason.
+\begin{cfa}
+int & f( int & r );                                     §\C{// reference parameter and return}§
+z = f( x ) + f( y );                            §\C{// reference operator added, temporaries needed for call results}§
+\end{cfa}
+Within routine ©f©, it is possible to change the argument by changing the corresponding parameter, and parameter ©r© can be locally reassigned within ©f©.
+Since operator routine ©?+?© takes its arguments by value, the references returned from ©f© are used to initialize compiler generated temporaries with value semantics that copy from the references.
+\begin{cfa}
+int temp1 = f( x ), temp2 = f( y );
+z = temp1 + temp2;
+\end{cfa}
+This \Index{implicit referencing} is crucial for reducing the syntactic burden for programmers when using references;
+otherwise references have the same syntactic  burden as pointers in these contexts.
+When a pointer/reference parameter has a ©const© value (immutable), it is possible to pass literals and expressions.
+\begin{cfa}
+void f( ®const® int & cr );
+void g( ®const® int * cp );
+f( 3 );                   g( ®&®3 );
+f( x + y );             g( ®&®(x + y) );
+\end{cfa}
+Here, the compiler passes the address to the literal 3 or the temporary for the expression ©x + y©, knowing the argument cannot be changed through the parameter.
+The ©&© before the constant/expression for the pointer-type parameter (©g©) is a \CFA extension necessary to type match and is a common requirement before a variable in C (\eg ©scanf©).
+Importantly, ©&3© may not be equal to ©&3©, where the references occur across calls because the temporaries maybe different on each call.
+\CFA \emph{extends} this semantics to a mutable pointer/reference parameter, and the compiler implicitly creates the necessary temporary (copying the argument), which is subsequently pointed-to by the reference parameter and can be changed.\footnote{
+If whole program analysis is possible, and shows the parameter is not assigned, \ie it is ©const©, the temporary is unnecessary.}
+\begin{cfa}
+void f( int & r );
+void g( int * p );
+f( 3 );                   g( ®&®3 );            §\C{// compiler implicit generates temporaries}§
+f( x + y );             g( ®&®(x + y) );        §\C{// compiler implicit generates temporaries}§
+\end{cfa}
+Essentially, there is an implicit \Index{rvalue} to \Index{lvalue} conversion in this case.\footnote{
+This conversion attempts to address the \newterm{const hell} problem, when the innocent addition of a ©const© qualifier causes a cascade of type failures, requiring an unknown number of additional ©const© qualifiers, until it is discovered a ©const© qualifier cannot be added and all the ©const© qualifiers must be removed.}
+The implicit conversion allows seamless calls to any routine without having to explicitly name/copy the literal/expression to allow the call.
+%\CFA attempts to handle pointers and references in a uniform, symmetric manner.
+Finally, C handles \Index{routine object}s in an inconsistent way.
+A routine object is both a pointer and a reference (\Index{particle and wave}).
+\begin{cfa}
+void f( int i );
+void (*fp)( int );                                      §\C{// routine pointer}§
+fp = f;                                                         §\C{// reference initialization}§
+fp = &f;                                                        §\C{// pointer initialization}§
+fp = *f;                                                        §\C{// reference initialization}§
+fp(3);                                                          §\C{// reference invocation}§
+(*fp)(3);                                                       §\C{// pointer invocation}§
+\end{cfa}
+While C's treatment of routine objects has similarity to inferring a reference type in initialization contexts, the examples are assignment not initialization, and all possible forms of assignment are possible (©f©, ©&f©, ©*f©) without regard for type.
+Instead, a routine object should be referenced by a ©const© reference:
+\begin{cfa}
+®const® void (®&® fr)( int ) = f;       §\C{// routine reference}§
+fr = ...                                                        §\C{// error, cannot change code}§
+&fr = ...;                                                      §\C{// changing routine reference}§
+fr( 3 );                                                        §\C{// reference call to f}§
+(*fr)(3);                                                       §\C{// error, incorrect type}§
+\end{cfa}
+because the value of the routine object is a routine literal, \ie the routine code is normally immutable during execution.\footnote{
+Dynamic code rewriting is possible but only in special circumstances.}
+\CFA allows this additional use of references for routine objects in an attempt to give a more consistent meaning for them.
+\subsection{Address-of Semantics}
+In C, ©&E© is an rvalue for any expression ©E©.
+\CFA extends the ©&© (address-of) operator as follows:
+\begin{itemize}
+\item
+if ©R© is an \Index{rvalue} of type ©T &$_1$...&$_r$© where $r \ge 1$ references (©&© symbols) than ©&R© has type ©T ®*®&$_{\color{red}2}$...&$_{\color{red}r}$©, \ie ©T© pointer with $r-1$ references (©&© symbols).
+\item
+if ©L© is an \Index{lvalue} of type ©T &$_1$...&$_l$© where $l \ge 0$ references (©&© symbols) then ©&L© has type ©T ®*®&$_{\color{red}1}$...&$_{\color{red}l}$©, \ie ©T© pointer with $l$ references (©&© symbols).
+\end{itemize}
+The following example shows the first rule applied to different \Index{rvalue} contexts:
+\begin{cfa}
+int x, * px, ** ppx, *** pppx, **** ppppx;
+int & rx = x, && rrx = rx, &&& rrrx = rrx ;
+x = rrrx;               // rrrx is an lvalue with type int &&& (equivalent to x)
+px = &rrrx;             // starting from rrrx, &rrrx is an rvalue with type int *&&& (&x)
+ppx = &&rrrx;   // starting from &rrrx, &&rrrx is an rvalue with type int **&& (&rx)
+pppx = &&&rrrx; // starting from &&rrrx, &&&rrrx is an rvalue with type int ***& (&rrx)
+ppppx = &&&&rrrx; // starting from &&&rrrx, &&&&rrrx is an rvalue with type int **** (&rrrx)
+\end{cfa}
+The following example shows the second rule applied to different \Index{lvalue} contexts:
+\begin{cfa}
+int x, * px, ** ppx, *** pppx;
+int & rx = x, && rrx = rx, &&& rrrx = rrx ;
+rrrx = 2;               // rrrx is an lvalue with type int &&& (equivalent to x)
+&rrrx = px;             // starting from rrrx, &rrrx is an rvalue with type int *&&& (rx)
+&&rrrx = ppx;   // starting from &rrrx, &&rrrx is an rvalue with type int **&& (rrx)
+&&&rrrx = pppx; // starting from &&rrrx, &&&rrrx is an rvalue with type int ***& (rrrx)
+\end{cfa}
+\subsection{Conversions}
+C provides a basic implicit conversion to simplify variable usage:
+\begin{enumerate}
+\setcounter{enumi}{-1}
+\item
+lvalue to rvalue conversion: ©cv T© converts to ©T©, which allows implicit variable dereferencing.
+\begin{cfa}
+int x;
+x + 1;                  // lvalue variable (int) converts to rvalue for expression
+\end{cfa}
+An rvalue has no type qualifiers (©cv©), so the lvalue qualifiers are dropped.
+\end{enumerate}
+\CFA provides three new implicit conversion for reference types to simplify reference usage.
+\begin{enumerate}
+\item
+reference to rvalue conversion: ©cv T &© converts to ©T©, which allows implicit reference dereferencing.
+\begin{cfa}
+int x, &r = x, f( int p );
+x = ®r® + f( ®r® );  // lvalue reference converts to rvalue
+\end{cfa}
+An rvalue has no type qualifiers (©cv©), so the reference qualifiers are dropped.
+\item
+lvalue to reference conversion: \lstinline[deletekeywords=lvalue]$lvalue-type cv1 T$ converts to ©cv2 T &©, which allows implicitly converting variables to references.
+\begin{cfa}
+int x, &r = ®x®, f( int & p ); // lvalue variable (int) convert to reference (int &)
+f( ®x® );               // lvalue variable (int) convert to reference (int &)
+\end{cfa}
+Conversion can restrict a type, where ©cv1© $\le$ ©cv2©, \eg passing an ©int© to a ©const volatile int &©, which has low cost.
+Conversion can expand a type, where ©cv1© $>$ ©cv2©, \eg passing a ©const volatile int© to an ©int &©, which has high cost (\Index{warning});
+furthermore, if ©cv1© has ©const© but not ©cv2©, a temporary variable is created to preserve the immutable lvalue.
+\item
+rvalue to reference conversion: ©T© converts to ©cv T &©, which allows binding references to temporaries.
+\begin{cfa}
+int x, & f( int & p );
+f( ®x + 3® );   // rvalue parameter (int) implicitly converts to lvalue temporary reference (int &)
+®&f®(...) = &x; // rvalue result (int &) implicitly converts to lvalue temporary reference (int &)
+\end{cfa}
+In both case, modifications to the temporary are inaccessible (\Index{warning}).
+Conversion expands the temporary-type with ©cv©, which is low cost since the temporary is inaccessible.
+\end{enumerate}
+\begin{comment}
+From: Richard Bilson <rcbilson@gmail.com>
+Date: Wed, 13 Jul 2016 01:58:58 +0000
+Subject: Re: pointers / references
+To: "Peter A. Buhr" <pabuhr@plg2.cs.uwaterloo.ca>
+As a general comment I would say that I found the section confusing, as you move back and forth
+between various real and imagined programming languages. If it were me I would rewrite into two
+subsections, one that specifies precisely the syntax and semantics of reference variables and
+another that provides the rationale.
+I don't see any obvious problems with the syntax or semantics so far as I understand them. It's not
+obvious that the description you're giving is complete, but I'm sure you'll find the special cases
+as you do the implementation.
+My big gripes are mostly that you're not being as precise as you need to be in your terminology, and
+that you say a few things that aren't actually true even though I generally know what you mean.
+C provides a pointer type; CFA adds a reference type. Both types contain an address, which is normally a
+location in memory.
+An address is not a location in memory; an address refers to a location in memory. Furthermore it
+seems weird to me to say that a type "contains" an address; rather, objects of that type do.
+Special addresses are used to denote certain states or access co-processor memory. By
+convention, no variable is placed at address 0, so addresses like 0, 1, 2, 3 are often used to denote no-value
+or other special states.
+This isn't standard C at all. There has to be one null pointer representation, but it doesn't have
+to be a literal zero representation and there doesn't have to be more than one such representation.
+Often dereferencing a special state causes a memory fault, so checking is necessary
+during execution.
+I don't see the connection between the two clauses here. I feel like if a bad pointer will not cause
+a memory fault then I need to do more checking, not less.
+If the programming language assigns addresses, a program's execution is sound, \ie all
+addresses are to valid memory locations.
+You haven't said what it means to "assign" an address, but if I use my intuitive understanding of
+the term I don't see how this can be true unless you're assuming automatic storage management.
+Program variables are implicit pointers to memory locations generated by the compiler and automatically
+dereferenced, as in:
+There is no reason why a variable needs to have a location in memory, and indeed in a typical
+program many variables will not. In standard terminology an object identifier refers to data in the
+execution environment, but not necessarily in memory.
+A pointer/reference is a generalization of a variable name, \ie a mutable address that can point to more
+than one memory location during its lifetime.
+I feel like you're off the reservation here. In my world there are objects of pointer type, which
+seem to be what you're describing here, but also pointer values, which can be stored in an object of
+pointer type but don't necessarily have to be. For example, how would you describe the value denoted
+by "&main" in a C program? I would call it a (function) pointer, but that doesn't satisfy your
+definition.
+not occupy storage as the literal is embedded directly into instructions.) Hence, a pointer occupies memory
+to store its current address, and the pointer's value is loaded by dereferencing, \eg:
+As with my general objection regarding your definition of variables, there is no reason why a
+pointer variable (object of pointer type) needs to occupy memory.
+p2 = p1 + x; // compiler infers *p2 = *p1 + x;
+What language are we in now?
+pointer usage. However, in C, the following cases are ambiguous, especially with pointer arithmetic:
+p1 = p2; // p1 = p2 or *p1 = *p2
+This isn't ambiguous. it's defined to be the first option.
+p1 = p1 + 1; // p1 = p1 + 1 or *p1 = *p1 + 1
+Again, this statement is not ambiguous.
+example. Hence, a reference behaves like the variable name for the current variable it is pointing-to. The
+simplest way to understand a reference is to imagine the compiler inserting a dereference operator before
+the reference variable for each reference qualifier in a declaration, \eg:
+It's hard for me to understand who the audience for this part is. I think a practical programmer is
+likely to be satisfied with "a reference behaves like the variable name for the current variable it
+is pointing-to," maybe with some examples. Your "simplest way" doesn't strike me as simpler than
+that. It feels like you're trying to provide a more precise definition for the semantics of
+references, but it isn't actually precise enough to be a formal specification. If you want to
+express the semantics of references using rewrite rules that's a great way to do it, but lay the
+rules out clearly, and when you're showing an example of rewriting keep your
+references/pointers/values separate (right now, you use \eg "r3" to mean a reference, a pointer,
+and a value).
+Cancellation works to arbitrary depth, and pointer and reference values are interchangeable because both
+contain addresses.
+Except they're not interchangeable, because they have different and incompatible types.
+Interestingly, C++ deals with the address duality by making the pointed-to value the default, and prevent-
+ing changes to the reference address, which eliminates half of the duality. Java deals with the address duality
+by making address assignment the default and requiring field assignment (direct or indirect via methods),
+\ie there is no builtin bit-wise or method-wise assignment, which eliminates half of the duality.
+I can follow this but I think that's mostly because I already understand what you're trying to
+say. I don't think I've ever heard the term "method-wise assignment" and I don't see you defining
+it. Furthermore Java does have value assignment of basic (non-class) types, so your summary here
+feels incomplete. (If it were me I'd drop this paragraph rather than try to save it.)
+Hence, for type & const, there is no pointer assignment, so &rc = &x is disallowed, and the address value
+cannot be 0 unless an arbitrary pointer is assigned to the reference.
+Given the pains you've taken to motivate every little bit of the semantics up until now, this last
+clause ("the address value cannot be 0") comes out of the blue. It seems like you could have
+perfectly reasonable semantics that allowed the initialization of null references.
+In effect, the compiler is managing the
+addresses for type & const not the programmer, and by a programming discipline of only using references
+with references, address errors can be prevented.
+Again, is this assuming automatic storage management?
+rary binding. For reference initialization (like pointer), the initializing value must be an address (lvalue) not
+a value (rvalue).
+This sentence appears to suggest that an address and an lvalue are the same thing.
+int * p = &x; // both &x and x are possible interpretations
+Are you saying that we should be considering "x" as a possible interpretation of the initializer
+"&x"? It seems to me that this expression has only one legitimate interpretation in context.
+int & r = x; // x unlikely interpretation, because of auto-dereferencing
+You mean, we can initialize a reference using an integer value? Surely we would need some sort of
+cast to induce that interpretation, no?
+Hence, the compiler implicitly inserts a reference operator, &, before the initialization expression.
+But then the expression would have pointer type, which wouldn't be compatible with the type of r.
+Similarly,
+when a reference is used for a parameter/return type, the call-site argument does not require a reference
+operator.
+Furthermore, it would not be correct to use a reference operator.
+The implicit conversion allows
+seamless calls to any routine without having to explicitly name/copy the literal/expression to allow the call.
+While C' attempts to handle pointers and references in a uniform, symmetric manner, C handles routine
+variables in an inconsistent way: a routine variable is both a pointer and a reference (particle and wave).
+After all this talk of how expressions can have both pointer and value interpretations, you're
+disparaging C because it has expressions that have both pointer and value interpretations?
+On Sat, Jul 9, 2016 at 4:18 PM Peter A. Buhr <pabuhr@plg.uwaterloo.ca> wrote:
+> Aaron discovered a few places where "&"s are missing and where there are too many "&", which are
+> corrected in the attached updated. None of the text has changed, if you have started reading
+> already.
+\end{comment}
+\section{Routine Definition}
+\CFA also supports a new syntax for routine definition, as well as \Celeven and K\&R routine syntax.
+The point of the new syntax is to allow returning multiple values from a routine~\cite{Galletly96,CLU}, \eg:
+\begin{cfa}
+®[ int o1, int o2, char o3 ]® f( int i1, char i2, char i3 ) {
+        §\emph{routine body}§
+}
+\end{cfa}
+where routine ©f© has three output (return values) and three input parameters.
+Existing C syntax cannot be extended with multiple return types because it is impossible to embed a single routine name within multiple return type specifications.
+In detail, the brackets, ©[]©, enclose the result type, where each return value is named and that name is a local variable of the particular return type.\footnote{
+\Index*{Michael Tiemann}, with help from \Index*{Doug Lea}, provided named return values in g++, circa 1989.}
+The value of each local return variable is automatically returned at routine termination.
+Declaration qualifiers can only appear at the start of a routine definition, \eg:
+\begin{cfa}
+®extern® [ int x ] g( int y ) {§\,§}
+\end{cfa}
+Lastly, if there are no output parameters or input parameters, the brackets and/or parentheses must still be specified;
+in both cases the type is assumed to be void as opposed to old style C defaults of int return type and unknown parameter types, respectively, as in:
+\begin{cfa}
+[§\,§] g();                                                     §\C{// no input or output parameters}§
+[ void ] g( void );                                     §\C{// no input or output parameters}§
+\end{cfa}
+Routine f is called as follows:
+\begin{cfa}
+[ i, j, ch ] = f( 3, 'a', ch );
+\end{cfa}
+The list of return values from f and the grouping on the left-hand side of the assignment is called a \newterm{return list} and discussed in Section 12.
+\CFA style declarations cannot be used to declare parameters for K\&R style routine definitions because of the following ambiguity:
+\begin{cfa}
+int (*f(x))[ 5 ] int x; {}
+\end{cfa}
+The string ``©int (*f(x))[ 5 ]©'' declares a K\&R style routine of type returning a pointer to an array of 5 integers, while the string ``©[ 5 ] int x©'' declares a \CFA style parameter x of type array of 5 integers.
+Since the strings overlap starting with the open bracket, ©[©, there is an ambiguous interpretation for the string.
+As well, \CFA-style declarations cannot be used to declare parameters for C-style routine-definitions because of the following ambiguity:
+\begin{cfa}
+typedef int foo;
+int f( int (* foo) );                           §\C{// foo is redefined as a parameter name}§
+\end{cfa}
+The string ``©int (* foo)©'' declares a C-style named-parameter of type pointer to an integer (the parenthesis are superfluous), while the same string declares a \CFA style unnamed parameter of type routine returning integer with unnamed parameter of type pointer to foo.
+The redefinition of a type name in a parameter list is the only context in C where the character ©*© can appear to the left of a type name, and \CFA relies on all type qualifier characters appearing to the right of the type name.
+The inability to use \CFA declarations in these two contexts is probably a blessing because it precludes programmers from arbitrarily switching between declarations forms within a declaration contexts.
+C-style declarations can be used to declare parameters for \CFA style routine definitions, \eg:
+\begin{cfa}
+[ int ] f( * int, int * );                      §\C{// returns an integer, accepts 2 pointers to integers}§
+[ * int, int * ] f( int );                      §\C{// returns 2 pointers to integers, accepts an integer}§
+\end{cfa}
+The reason for allowing both declaration styles in the new context is for backwards compatibility with existing preprocessor macros that generate C-style declaration-syntax, as in:
+\begin{cfa}
+#define ptoa( n, d ) int (*n)[ d ]
+int f( ptoa( p, 5 ) ) ...                       §\C{// expands to int f( int (*p)[ 5 ] )}§
+[ int ] f( ptoa( p, 5 ) ) ...           §\C{// expands to [ int ] f( int (*p)[ 5 ] )}§
+\end{cfa}
+Again, programmers are highly encouraged to use one declaration form or the other, rather than mixing the forms.
+\subsection{Named Return Values}
+\Index{Named return values} handle the case where it is necessary to define a local variable whose value is then returned in a ©return© statement, as in:
+\begin{cfa}
+int f() {
+        int x;
+        ... x = 0; ... x = y; ...
+        return x;
+}
+\end{cfa}
+Because the value in the return variable is automatically returned when a \CFA routine terminates, the ©return© statement \emph{does not} contain an expression, as in:
+\newline
+\begin{minipage}{\linewidth}
+\begin{cfa}
+®[ int x, int y ]® f() {
+        int z;
+        ... x = 0; ... y = z; ...
+        ®return;®                                                       §\C{// implicitly return x, y}§
+}
+\end{cfa}
+\end{minipage}
+\newline
+When the return is encountered, the current values of ©x© and ©y© are returned to the calling routine.
+As well, ``falling off the end'' of a routine without a ©return© statement is permitted, as in:
+\begin{cfa}
+[ int x, int y ] f() {
+        ...
+}                                                                               §\C{// implicitly return x, y}§
+\end{cfa}
+In this case, the current values of ©x© and ©y© are returned to the calling routine just as if a ©return© had been encountered.
+Named return values may be used in conjunction with named parameter values;
+specifically, a return and parameter can have the same name.
+\begin{cfa}
+[ int x, int y ] f( int, x, int y ) {
+        ...
+}                                                                               §\C{// implicitly return x, y}§
+\end{cfa}
+This notation allows the compiler to eliminate temporary variables in nested routine calls.
+\begin{cfa}
+[ int x, int y ] f( int, x, int y );    §\C{// prototype declaration}§
+int a, b;
+[a, b] = f( f( f( a, b ) ) );
+\end{cfa}
+While the compiler normally ignores parameters names in prototype declarations, here they are used to eliminate temporary return-values by inferring that the results of each call are the inputs of the next call, and ultimately, the left-hand side of the assignment.
+Hence, even without the body of routine ©f© (separate compilation), it is possible to perform a global optimization across routine calls.
+The compiler warns about naming inconsistencies between routine prototype and definition in this case, and behaviour is \Index{undefined} if the programmer is inconsistent.
+\subsection{Routine Prototype}
+The syntax of the new routine prototype declaration follows directly from the new routine definition syntax;
+as well, parameter names are optional, \eg:
+\begin{cfa}
+[ int x ] f ();                                                 §\C{// returning int with no parameters}§
+[ * int ] g (int y);                                    §\C{// returning pointer to int with int parameter}§
+[ ] h ( int, char );                                    §\C{// returning no result with int and char parameters}§
+[ * int, int ] j ( int );                               §\C{// returning pointer to int and int, with int parameter}§
+\end{cfa}
+This syntax allows a prototype declaration to be created by cutting and pasting source text from the routine definition header (or vice versa).
+It is possible to declare multiple routine-prototypes in a single declaration, but the entire type specification is distributed across \emph{all} routine names in the declaration list (see~\VRef{s:Declarations}), \eg:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{\CFA}}        & \multicolumn{1}{c}{\textbf{C}}        \\
+\begin{cfa}
+[ int ] f( int ), g;
+\end{cfa}
+&
+\begin{cfa}
+int f( int ), g( int );
+\end{cfa}
+\end{tabular}
+\end{quote2}
+Declaration qualifiers can only appear at the start of a \CFA routine declaration,\footref{StorageClassSpecifier} \eg:
+\begin{cfa}
+extern [ int ] f ( int );
+static [ int ] g ( int );
+\end{cfa}
+\section{Routine Pointers}
+The syntax for pointers to \CFA routines specifies the pointer name on the right, \eg:
+\begin{cfa}
+* [ int x ] () fp;                                              §\C{// pointer to routine returning int with no parameters}§
+* [ * int ] (int y) gp;                                 §\C{// pointer to routine returning pointer to int with int parameter}§
+* [ ] (int,char) hp;                                    §\C{// pointer to routine returning no result with int and char parameters}§
+* [ * int,int ] ( int ) jp;                             §\C{// pointer to routine returning pointer to int and int, with int parameter}§
+\end{cfa}
+While parameter names are optional, \emph{a routine name cannot be specified};
+for example, the following is incorrect:
+\begin{cfa}
+* [ int x ] f () fp;                                    §\C{// routine name "f" is not allowed}§
+\end{cfa}
+\section{Named and Default Arguments}
+Named\index{named arguments}\index{arguments!named} and default\index{default arguments}\index{arguments!default} arguments~\cite{Hardgrave76}\footnote{
+Francez~\cite{Francez77} proposed a further extension to the named-parameter passing style, which specifies what type of communication (by value, by reference, by name) the argument is passed to the routine.}
+are two mechanisms to simplify routine call.
+Both mechanisms are discussed with respect to \CFA.
+\begin{description}
+\item[Named (or Keyword) Arguments:]
+provide the ability to specify an argument to a routine call using the parameter name rather than the position of the parameter.
+For example, given the routine:
+\begin{cfa}
+void p( int x, int y, int z ) {...}
+\end{cfa}
+a positional call is:
+\begin{cfa}
+p( 4, 7, 3 );
+\end{cfa}
+whereas a named (keyword) call may be:
+\begin{cfa}
+p( z : 3, x : 4, y : 7 );       §\C{// rewrite $\Rightarrow$ p( 4, 7, 3 )}§
+\end{cfa}
+Here the order of the arguments is unimportant, and the names of the parameters are used to associate argument values with the corresponding parameters.
+The compiler rewrites a named call into a positional call.
+The advantages of named parameters are:
+\begin{itemize}
+\item
+Remembering the names of the parameters may be easier than the order in the routine definition.
+\item
+Parameter names provide documentation at the call site (assuming the names are descriptive).
+\item
+Changes can be made to the order or number of parameters without affecting the call (although the call must still be recompiled).
+\end{itemize}
+Unfortunately, named arguments do not work in C-style programming-languages because a routine prototype is not required to specify parameter names, nor do the names in the prototype have to match with the actual definition.
+For example, the following routine prototypes and definition are all valid.
+\begin{cfa}
+void p( int, int, int );                        §\C{// equivalent prototypes}§
+void p( int x, int y, int z );
+void p( int y, int x, int z );
+void p( int z, int y, int x );
+void p( int q, int r, int s ) {}        §\C{// match with this definition}§
+\end{cfa}
+Forcing matching parameter names in routine prototypes with corresponding routine definitions is possible, but goes against a strong tradition in C programming.
+Alternatively, prototype definitions can be eliminated by using a two-pass compilation, and implicitly creating header files for exports.
+The former is easy to do, while the latter is more complex.
+Furthermore, named arguments do not work well in a \CFA-style programming-languages because they potentially introduces a new criteria for type matching.
+For example, it is technically possible to disambiguate between these two overloaded definitions of ©f© based on named arguments at the call site:
+\begin{cfa}
+int f( int i, int j );
+int f( int x, double y );
+f( j : 3, i : 4 );                              §\C{// 1st f}§
+f( x : 7, y : 8.1 );                    §\C{// 2nd f}§
+f( 4, 5 );                                              §\C{// ambiguous call}§
+\end{cfa}
+However, named arguments compound routine resolution in conjunction with conversions:
+\begin{cfa}
+f( i : 3, 5.7 );                                §\C{// ambiguous call ?}§
+\end{cfa}
+Depending on the cost associated with named arguments, this call could be resolvable or ambiguous.
+Adding named argument into the routine resolution algorithm does not seem worth the complexity.
+Therefore, \CFA does \emph{not} attempt to support named arguments.
+\item[Default Arguments]
+provide the ability to associate a default value with a parameter so it can be optionally specified in the argument list.
+For example, given the routine:
+\begin{cfa}
+void p( int x = 1, int y = 2, int z = 3 ) {...}
+\end{cfa}
+the allowable positional calls are:
+\begin{cfa}
+p();                                                    §\C{// rewrite $\Rightarrow$ p( 1, 2, 3 )}§
+p( 4 );                                                 §\C{// rewrite $\Rightarrow$ p( 4, 2, 3 )}§
+p( 4, 4 );                                              §\C{// rewrite $\Rightarrow$ p( 4, 4, 3 )}§
+p( 4, 4, 4 );                                   §\C{// rewrite $\Rightarrow$ p( 4, 4, 4 )}§
+// empty arguments
+p(  , 4, 4 );                                   §\C{// rewrite $\Rightarrow$ p( 1, 4, 4 )}§
+p( 4,  , 4 );                                   §\C{// rewrite $\Rightarrow$ p( 4, 2, 4 )}§
+p( 4, 4,   );                                   §\C{// rewrite $\Rightarrow$ p( 4, 4, 3 )}§
+p( 4,  ,   );                                   §\C{// rewrite $\Rightarrow$ p( 4, 2, 3 )}§
+p(  , 4,   );                                   §\C{// rewrite $\Rightarrow$ p( 1, 4, 3 )}§
+p(  ,  , 4 );                                   §\C{// rewrite $\Rightarrow$ p( 1, 2, 4 )}§
+p(  ,  ,   );                                   §\C{// rewrite $\Rightarrow$ p( 1, 2, 3 )}§
+\end{cfa}
+Here the missing arguments are inserted from the default values in the parameter list.
+The compiler rewrites missing default values into explicit positional arguments.
+The advantages of default values are:
+\begin{itemize}
+\item
+Routines with a large number of parameters are often very generalized, giving a programmer a number of different options on how a computation is performed.
+For many of these kinds of routines, there are standard or default settings that work for the majority of computations.
+Without default values for parameters, a programmer is forced to specify these common values all the time, resulting in long argument lists that are error prone.
+\item
+When a routine's interface is augmented with new parameters, it extends the interface providing generalizability\footnote{
+``It should be possible for the implementor of an abstraction to increase its generality.
+So long as the modified abstraction is a generalization of the original, existing uses of the abstraction will not require change.
+It might be possible to modify an abstraction in a manner which is not a generalization without affecting existing uses, but, without inspecting the modules in which the uses occur, this possibility cannot be determined.
+This criterion precludes the addition of parameters, unless these parameters have default or inferred values that are valid for all possible existing applications.''~\cite[p.~128]{Cormack90}}
+(somewhat like the generalization provided by inheritance for classes).
+That is, all existing calls are still valid, although the call must still be recompiled.
+\end{itemize}
+The only disadvantage of default arguments is that unintentional omission of an argument may not result in a compiler-time error.
+Instead, a default value is used, which may not be the programmer's intent.
+Default values may only appear in a prototype versus definition context:
+\begin{cfa}
+void p( int x, int y = 2, int z = 3 );          §\C{// prototype: allowed}§
+void p( int, int = 2, int = 3 );                        §\C{// prototype: allowed}§
+void p( int x, int y = 2, int z = 3 ) {}        §\C{// definition: not allowed}§
+\end{cfa}
+The reason for this restriction is to allow separate compilation.
+Multiple prototypes with different default values is an error.
+\end{description}
+Ellipse (``...'') arguments present problems when used with default arguments.
+The conflict occurs because both named and ellipse arguments must appear after positional arguments, giving two possibilities:
+\begin{cfa}
+p( /* positional */, ... , /* named */ );
+p( /* positional */, /* named */, ... );
+\end{cfa}
+While it is possible to implement both approaches, the first possibly is more complex than the second, \eg:
+\begin{cfa}
+p( int x, int y, int z, ... );
+p( 1, 4, 5, 6, z : 3, y : 2 ); §\C{// assume p( /* positional */, ... , /* named */ );}§
+p( 1, z : 3, y : 2, 4, 5, 6 ); §\C{// assume p( /* positional */, /* named */, ... );}§
+\end{cfa}
+In the first call, it is necessary for the programmer to conceptually rewrite the call, changing named arguments into positional, before knowing where the ellipse arguments begin.
+Hence, this approach seems significantly more difficult, and hence, confusing and error prone.
+In the second call, the named arguments separate the positional and ellipse arguments, making it trivial to read the call.
+The problem is exacerbated with default arguments, \eg:
+\begin{cfa}
+void p( int x, int y = 2, int z = 3... );
+p( 1, 4, 5, 6, z : 3 );         §\C{// assume p( /* positional */, ... , /* named */ );}§
+p( 1, z : 3, 4, 5, 6 );         §\C{// assume p( /* positional */, /* named */, ... );}§
+\end{cfa}
+The first call is an error because arguments 4 and 5 are actually positional not ellipse arguments;
+therefore, argument 5 subsequently conflicts with the named argument z : 3.
+In the second call, the default value for y is implicitly inserted after argument 1 and the named arguments separate the positional and ellipse arguments, making it trivial to read the call.
+For these reasons, \CFA requires named arguments before ellipse arguments.
+Finally, while ellipse arguments are needed for a small set of existing C routines, like printf, the extended \CFA type system largely eliminates the need for ellipse arguments (see Section 24), making much of this discussion moot.
+Default arguments and overloading (see Section 24) are complementary.
+While in theory default arguments can be simulated with overloading, as in:
+\begin{quote2}
+\begin{tabular}{@{}l@{\hspace{3em}}l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{default arguments}}   & \multicolumn{1}{c}{\textbf{overloading}}      \\
+\begin{cfa}
+void p( int x, int y = 2, int z = 3 ) {...}
+\end{cfa}
+&
+\begin{cfa}
+void p( int x, int y, int z ) {...}
+void p( int x ) { p( x, 2, 3 ); }
+void p( int x, int y ) { p( x, y, 3 ); }
+\end{cfa}
+\end{tabular}
+\end{quote2}
+the number of required overloaded routines is linear in the number of default values, which is unacceptable growth.
+In general, overloading should only be used over default arguments if the body of the routine is significantly different.
+Furthermore, overloading cannot handle accessing default arguments in the middle of a positional list, via a missing argument, such as:
+\begin{cfa}
+p( 1, /* default */, 5 );               §\C{// rewrite $\Rightarrow$ p( 1, 2, 5 )}§
+\end{cfa}
+Given the \CFA restrictions above, both named and default arguments are backwards compatible.
+\Index*[C++]{\CC{}} only supports default arguments;
+\Index*{Ada} supports both named and default arguments.
+\section{Unnamed Structure Fields}
+C requires each field of a structure to have a name, except for a bit field associated with a basic type, \eg:
+\begin{cfa}
+struct {
+        int f1;                                 §\C{// named field}§
+        int f2 : 4;                             §\C{// named field with bit field size}§
+        int : 3;                                §\C{// unnamed field for basic type with bit field size}§
+        int ;                                   §\C{// disallowed, unnamed field}§
+        int *;                                  §\C{// disallowed, unnamed field}§
+        int (*)( int );                 §\C{// disallowed, unnamed field}§
+};
+\end{cfa}
+This requirement is relaxed by making the field name optional for all field declarations; therefore, all the field declarations in the example are allowed.
+As for unnamed bit fields, an unnamed field is used for padding a structure to a particular size.
+A list of unnamed fields is also supported, \eg:
+\begin{cfa}
+struct {
+        int , , ;                               §\C{// 3 unnamed fields}§
+}
+\end{cfa}
+\section{Nesting}
+Nesting of types and routines is useful for controlling name visibility (\newterm{name hiding}).
+\subsection{Type Nesting}
+\CFA allows \Index{type nesting}, and type qualification of the nested types (see \VRef[Figure]{f:TypeNestingQualification}), where as C hoists\index{type hoisting} (refactors) nested types into the enclosing scope and has no type qualification.
+\begin{figure}
+\centering
+\begin{tabular}{@{}l@{\hspace{3em}}l|l@{}}
+\multicolumn{1}{c@{\hspace{3em}}}{\textbf{C Type Nesting}}      & \multicolumn{1}{c}{\textbf{C Implicit Hoisting}}      & \multicolumn{1}{|c}{\textbf{\CFA}}    \\
+\hline
+\begin{cfa}
+struct S {
+        enum C { R, G, B };
+        struct T {
+                union U { int i, j; };
+                enum C c;
+                short int i, j;
+        };
+        struct T t;
+} s;
+int fred() {
+        s.t.c = R;
+        struct T t = { R, 1, 2 };
+        enum C c;
+        union U u;
+}
+\end{cfa}
+&
+\begin{cfa}
+enum C { R, G, B };
+union U { int i, j; };
+struct T {
+        enum C c;
+        short int i, j;
+};
+struct S {
+        struct T t;
+} s;
+\end{cfa}
+&
+\begin{cfa}
+struct S {
+        enum C { R, G, B };
+        struct T {
+                union U { int i, j; };
+                enum C c;
+                short int i, j;
+        };
+        struct T t;
+} s;
+int fred() {
+        s.t.c = ®S.®R;  // type qualification
+        struct ®S.®T t = { ®S.®R, 1, 2 };
+        enum ®S.®C c;
+        union ®S.T.®U u;
+}
+\end{cfa}
+\end{tabular}
+\caption{Type Nesting / Qualification}
+\label{f:TypeNestingQualification}
+\end{figure}
+In the left example in C, types ©C©, ©U© and ©T© are implicitly hoisted outside of type ©S© into the containing block scope.
+In the right example in \CFA, the types are not hoisted and accessed using the field-selection operator ``©.©'' for type qualification, as does \Index*{Java}, rather than the \CC type-selection operator ``©::©''.
+\subsection{Routine Nesting}
+While \CFA does not provide object programming by putting routines into structures, it does rely heavily on locally nested routines to redefine operations at or close to a call site.
+For example, the C quick-sort is wrapped into the following polymorphic \CFA routine:
+\begin{cfa}
+forall( otype T | { int ?<?( T, T ); } )
+void qsort( const T * arr, size_t dimension );
+\end{cfa}
+which can be used to sort in ascending and descending order by locally redefining the less-than operator into greater-than.
+\begin{cfa}
+const unsigned int size = 5;
+int ia[size];
+...                                             §\C{// assign values to array ia}§
+qsort( ia, size );              §\C{// sort ascending order using builtin ?<?}§
+{
+        ®int ?<?( int x, int y ) { return x > y; }® §\C{// nested routine}§
+        qsort( ia, size );      §\C{// sort descending order by local redefinition}§
+}
+\end{cfa}
+Nested routines are not first-class, meaning a nested routine cannot be returned if it has references to variables in its enclosing blocks;
+the only exception is references to the external block of the translation unit, as these variables persist for the duration of the program.
+The following program in undefined in \CFA (and Indexc{gcc})
+\begin{cfa}
+[* [int]( int )] foo() {                §\C{// int (*foo())( int )}§
+        int ®i® = 7;
+        int bar( int p ) {
+                ®i® += 1;                               §\C{// dependent on local variable}§
+                sout | ®i® | endl;
+        }
+        return bar;                                     §\C{// undefined because of local dependence}§
+}
+int main() {
+        * [int]( int ) fp = foo();      §\C{// int (*fp)( int )}§
+        sout | fp( 3 ) | endl;
+}
+\end{cfa}
+because
+Currently, there are no \Index{lambda} expressions, \ie unnamed routines because routine names are very important to properly select the correct routine.
+\section{Tuples}
+In C and \CFA, lists of elements appear in several contexts, such as the parameter list for a routine call.
+(More contexts are added shortly.)
+A list of such elements is called a \newterm{lexical list}.
+The general syntax of a lexical list is:
+\begin{cfa}
+[ §\emph{exprlist}§ ]
+\end{cfa}
+where ©$\emph{exprlist}$© is a list of one or more expressions separated by commas.
+The brackets, ©[]©, allow differentiating between lexical lists and expressions containing the C comma operator.
+The following are examples of lexical lists:
+\begin{cfa}
+[ x, y, z ]
+[ 2 ]
+[ v+w, x*y, 3.14159, f() ]
+\end{cfa}
+Tuples are permitted to contain sub-tuples (\ie nesting), such as ©[ [ 14, 21 ], 9 ]©, which is a 2-element tuple whose first element is itself a tuple.
+Note, a tuple is not a record (structure);
+a record denotes a single value with substructure, whereas a tuple is multiple values with no substructure (see flattening coercion in Section 12.1).
+In essence, tuples are largely a compile time phenomenon, having little or no runtime presence.
+Tuples can be organized into compile-time tuple variables;
+these variables are of \newterm{tuple type}.
+Tuple variables and types can be used anywhere lists of conventional variables and types can be used.
+The general syntax of a tuple type is:
+\begin{cfa}
+[ §\emph{typelist}§ ]
+\end{cfa}
+where ©$\emph{typelist}$© is a list of one or more legal \CFA or C type specifications separated by commas, which may include other tuple type specifications.
+Examples of tuple types include:
+\begin{cfa}
+[ unsigned int, char ]
+[ double, double, double ]
+[ * int, int * ]                §\C{// mix of CFA and ANSI}§
+[ * [ 5 ] int, * * char, * [ [ int, int ] ] (int, int) ]
+\end{cfa}
+Like tuples, tuple types may be nested, such as ©[ [ int, int ], int ]©, which is a 2-element tuple type whose first element is itself a tuple type.
+Examples of declarations using tuple types are:
+\begin{cfa}
+[ int, int ] x;                 §\C{// 2 element tuple, each element of type int}§
+* [ char, char ] y;             §\C{// pointer to a 2 element tuple}§
+[ [ int, int ] ] z ([ int, int ]);
+\end{cfa}
+The last example declares an external routine that expects a 2 element tuple as an input parameter and returns a 2 element tuple as its result.
+As mentioned, tuples can appear in contexts requiring a list of value, such as an argument list of a routine call.
+In unambiguous situations, the tuple brackets may be omitted, \eg a tuple that appears as an argument may have its
+square brackets omitted for convenience; therefore, the following routine invocations are equivalent:
+\begin{cfa}
+f( [ 1, x+2, fred() ] );
+f( 1, x+2, fred() );
+\end{cfa}
+Also, a tuple or a tuple variable may be used to supply all or part of an argument list for a routine expecting multiple input parameters or for a routine expecting a tuple as an input parameter.
+For example, the following are all legal:
+\begin{cfa}
+[ int, int ] w1;
+[ int, int, int ] w2;
+[ void ] f (int, int, int); /* three input parameters of type int */
+[ void ] g ([ int, int, int ]); /* 3 element tuple as input */
+f( [ 1, 2, 3 ] );
+f( w1, 3 );
+f( 1, w1 );
+f( w2 );
+g( [ 1, 2, 3 ] );
+g( w1, 3 );
+g( 1, w1 );
+g( w2 );
+\end{cfa}
+Note, in all cases 3 arguments are supplied even though the syntax may appear to supply less than 3. As mentioned, a
+tuple does not have structure like a record; a tuple is simply converted into a list of components.
+\begin{rationale}
+The present implementation of \CFA does not support nested routine calls when the inner routine returns multiple values; \ie a statement such as ©g( f() )© is not supported.
+Using a temporary variable to store the  results of the inner routine and then passing this variable to the outer routine works, however.
+\end{rationale}
+A tuple can contain a C comma expression, provided the expression containing the comma operator is enclosed in parentheses.
+For instance, the following tuples are equivalent:
+\begin{cfa}
+[ 1, 3, 5 ]
+[ 1, (2, 3), 5 ]
+\end{cfa}
+The second element of the second tuple is the expression (2, 3), which yields the result 3.
+This requirement is the same as for comma expressions in argument lists.
+Type qualifiers, \ie const and volatile, may modify a tuple type.
+The meaning is the same as for a type qualifier modifying an aggregate type [Int99, x 6.5.2.3(7),x 6.7.3(11)], \ie the qualifier is distributed across all of the types in the tuple, \eg:
+\begin{cfa}
+const volatile [ int, float, const int ] x;
+\end{cfa}
+is equivalent to:
+\begin{cfa}
+[ const volatile int, const volatile float, const volatile int ] x;
+\end{cfa}
+Declaration qualifiers can only appear at the start of a \CFA tuple declaration4, \eg:
+\begin{cfa}
+extern [ int, int ] w1;
+static [ int, int, int ] w2;
+\end{cfa}
+\begin{rationale}
+Unfortunately, C's syntax for subscripts precluded treating them as tuples.
+The C subscript list has the form ©[i][j]...© and not ©[i, j, ...]©.
+Therefore, there is no syntactic way for a routine returning multiple values to specify the different subscript values, \eg ©f[g()]© always means a single subscript value because there is only one set of brackets.
+Fixing this requires a major change to C because the syntactic form ©M[i, j, k]© already has a particular meaning: ©i, j, k© is a comma expression.
+\end{rationale}
+\subsection{Tuple Coercions}
+There are four coercions that can be performed on tuples and tuple variables: closing, opening, flattening and structuring.
+In addition, the coercion of dereferencing can be performed on a tuple variable to yield its value(s), as for other variables.
+A \newterm{closing coercion} takes a set of values and converts it into a tuple value, which is a contiguous set of values, as in:
+\begin{cfa}
+[ int, int, int, int ] w;
+w = [ 1, 2, 3, 4 ];
+\end{cfa}
+First the right-hand tuple is closed into a tuple value and then the tuple value is assigned.
+An \newterm{opening coercion} is the opposite of closing; a tuple value is converted into a tuple of values, as in:
+\begin{cfa}
+[ a, b, c, d ] = w
+\end{cfa}
+©w© is implicitly opened to yield a tuple of four values, which are then assigned individually.
+A \newterm{flattening coercion} coerces a nested tuple, \ie a tuple with one or more components, which are themselves tuples, into a flattened tuple, which is a tuple whose components are not tuples, as in:
+\begin{cfa}
+[ a, b, c, d ] = [ 1, [ 2, 3 ], 4 ];
+\end{cfa}
+First the right-hand tuple is flattened and then the values are assigned individually.
+Flattening is also performed on tuple types.
+For example, the type ©[ int, [ int, int ], int ]© can be coerced, using flattening, into the type ©[ int, int, int, int ]©.
+A \newterm{structuring coercion} is the opposite of flattening;
+a tuple is structured into a more complex nested tuple.
+For example, structuring the tuple ©[ 1, 2, 3, 4 ]© into the tuple ©[ 1, [ 2, 3 ], 4 ]© or the tuple type ©[ int, int, int, int ]© into the tuple type ©[ int, [ int, int ], int ]©.
+In the following example, the last assignment illustrates all the tuple coercions:
+\begin{cfa}
+[ int, int, int, int ] w = [ 1, 2, 3, 4 ];
+int x = 5;
+[ x, w ] = [ w, x ];            §\C{// all four tuple coercions}§
+\end{cfa}
+Starting on the right-hand tuple in the last assignment statement, w is opened, producing a tuple of four values;
+therefore, the right-hand tuple is now the tuple ©[ [ 1, 2, 3, 4 ], 5 ]©.
+This tuple is then flattened, yielding ©[ 1, 2, 3, 4, 5 ]©, which is structured into ©[ 1, [ 2, 3, 4, 5 ] ]© to match the tuple type of the left-hand side.
+The tuple ©[ 2, 3, 4, 5 ]© is then closed to create a tuple value.
+Finally, ©x© is assigned ©1© and ©w© is assigned the tuple value using multiple assignment (see Section 14).
+\begin{rationale}
+A possible additional language extension is to use the structuring coercion for tuples to initialize a complex record with a tuple.
+\end{rationale}
+\section{Mass Assignment}
+\CFA permits assignment to several variables at once using mass assignment~\cite{CLU}.
+Mass assignment has the following form:
+\begin{cfa}
+[ §\emph{lvalue}§, ... , §\emph{lvalue}§ ] = §\emph{expr}§;
+\end{cfa}
+\index{lvalue}
+The left-hand side is a tuple of \emph{lvalues}, which is a list of expressions each yielding an address, \ie any data object that can appear on the left-hand side of a conventional assignment statement.
+©$\emph{expr}$© is any standard arithmetic expression.
+Clearly, the types of the entities being assigned must be type compatible with the value of the expression.
+Mass assignment has parallel semantics, \eg the statement:
+\begin{cfa}
+[ x, y, z ] = 1.5;
+\end{cfa}
+is equivalent to:
+\begin{cfa}
+x = 1.5; y = 1.5; z = 1.5;
+\end{cfa}
+This semantics is not the same as the following in C:
+\begin{cfa}
+x = y = z = 1.5;
+\end{cfa}
+as conversions between intermediate assignments may lose information.
+A more complex example is:
+\begin{cfa}
+[ i, y[i], z ] = a + b;
+\end{cfa}
+which is equivalent to:
+\begin{cfa}
+t = a + b;
+a1 = &i; a2 = &y[i]; a3 = &z;
+*a1 = t; *a2 = t; *a3 = t;
+\end{cfa}
+The temporary ©t© is necessary to store the value of the expression to eliminate conversion issues.
+The temporaries for the addresses are needed so that locations on the left-hand side do not change as the values are assigned.
+In this case, ©y[i]© uses the previous value of ©i© and not the new value set at the beginning of the mass assignment.
+\section{Multiple Assignment}
+\CFA also supports the assignment of several values at once, known as multiple assignment~\cite{CLU,Galletly96}.
+Multiple assignment has the following form:
+\begin{cfa}
+[ §\emph{lvalue}§, ... , §\emph{lvalue}§ ] = [ §\emph{expr}§, ... , §\emph{expr}§ ];
+\end{cfa}
+\index{lvalue}
+The left-hand side is a tuple of \emph{lvalues}, and the right-hand side is a tuple of \emph{expr}s.
+Each \emph{expr} appearing on the right-hand side of a multiple assignment statement is assigned to the corresponding \emph{lvalues} on the left-hand side of the statement using parallel semantics for each assignment.
+An example of multiple assignment is:
+\begin{cfa}
+[ x, y, z ] = [ 1, 2, 3 ];
+\end{cfa}
+Here, the values ©1©, ©2© and ©3© are assigned, respectively, to the variables ©x©, ©y© and ©z©.
+ A more complex example is:
+\begin{cfa}
+[ i, y[ i ], z ] = [ 1, i, a + b ];
+\end{cfa}
+Here, the values ©1©, ©i© and ©a + b© are assigned to the variables ©i©, ©y[i]© and ©z©, respectively.
+ Note, the parallel semantics of
+multiple assignment ensures:
+\begin{cfa}
+[ x, y ] = [ y, x ];
+\end{cfa}
+correctly interchanges (swaps) the values stored in ©x© and ©y©.
+The following cases are errors:
+\begin{cfa}
+[ a, b, c ] = [ 1, 2, 3, 4 ];
+[ a, b, c ] = [ 1, 2 ];
+\end{cfa}
+because the number of entities in the left-hand tuple is unequal with the right-hand tuple.
+As for all tuple contexts in C, side effects should not be used because C does not define an ordering for the evaluation of the elements of a tuple;
+both these examples produce indeterminate results:
+\begin{cfa}
+f( x++, x++ );                          §\C{// C routine call with side effects in arguments}§
+[ v1, v2 ] = [ x++, x++ ];      §\C{// side effects in righthand side of multiple assignment}§
+\end{cfa}
+\section{Cascade Assignment}
+As in C, \CFA mass and multiple assignments can be cascaded, producing cascade assignment.
+Cascade assignment has the following form:
+\begin{cfa}
+§\emph{tuple}§ = §\emph{tuple}§ = ... = §\emph{tuple}§;
+\end{cfa}
+and it has the same parallel semantics as for mass and multiple assignment.
+Some examples of cascade assignment are:
+\begin{cfa}
+x1 = y1 = x2 = y2 = 0;
+[ x1, y1 ] = [ x2, y2 ] = [ x3, y3 ];
+[ x1, y1 ] = [ x2, y2 ] = 0;
+[ x1, y1 ] = z = 0;
+\end{cfa}
+As in C, the rightmost assignment is performed first, \ie assignment parses right to left.
+\section{Field Tuples}
+Tuples may be used to select multiple fields of a record by field name.
+Its general form is:
+\begin{cfa}
+§\emph{expr}§ . [ §\emph{fieldlist}§ ]
+§\emph{expr}§ -> [ §\emph{fieldlist}§ ]
+\end{cfa}
+\emph{expr} is any expression yielding a value of type record, \eg ©struct©, ©union©.
+Each element of \emph{ fieldlist} is an element of the record specified by \emph{expr}.
+A record-field tuple may be used anywhere a tuple can be used. An example of the use of a record-field tuple is
+the following:
+\begin{cfa}
+struct s {
+        int f1, f2;
+        char f3;
+        double f4;
+} v;
+v.[ f3, f1, f2 ] = ['x', 11, 17 ];      §\C{// equivalent to v.f3 = 'x', v.f1 = 11, v.f2 = 17}§
+f( v.[ f3, f1, f2 ] );                          §\C{// equivalent to f( v.f3, v.f1, v.f2 )}§
+\end{cfa}
+Note, the fields appearing in a record-field tuple may be specified in any order;
+also, it is unnecessary to specify all the fields of a struct in a multiple record-field tuple.
+If a field of a ©struct© is itself another ©struct©, multiple fields of this subrecord can be specified using a nested record-field tuple, as in the following example:
+\begin{cfa}
+struct inner {
+        int f2, f3;
+};
+struct outer {
+        int f1;
+        struct inner i;
+        double f4;
+} o;
+o.[ f1, i.[ f2, f3 ], f4 ] = [ 11, 12, 13, 3.14159 ];
+\end{cfa}
 …
 The goal of \CFA I/O is to simplify the common cases\index{I/O!common case}, while fully supporting polymorphism and user defined types in a consistent way.
+The approach combines ideas from \CC and Python.
 The \CFA header file for the I/O library is \Indexc{fstream}.
 …
 \end{cfa}
 \\
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
  2 3
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+® ®2® ®3
 \end{cfa}
+&
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
 2 3
 \end{cfa}
 \end{tabular}
 \end{quote2}
 The \CFA form has half as many characters as the \CC form, and is similar to \Index*{Python} I/O with respect to implicit separators.
 A tuple prints all the tuple's values, each separated by ©", "©.
 \begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
 [int, int] t1 = [1, 2], t2 = [3, 4];
+The \CFA form has half the characters of the \CC form, and is similar to \Index*{Python} I/O with respect to implicit separators.
+Similar simplification occurs for \Index{tuple} I/O, which prints all tuple values separated by ``\lstinline[showspaces=true]@, @''.
+\begin{cfa}
+[int, [ int, int ] ] t1 = [ 1, [ 2, 3 ] ], t2 = [ 4, [ 5, 6 ] ];
 sout | t1 | t2 | endl;                                  §\C{// print tuples}§
 \end{cfa}
 \begin{cfa}[mathescape=off,showspaces=true,belowskip=0pt]
 , 2, 3, 4
 \end{cfa}
 \CFA uses the logical-or operator for I/O because it is the lowest-priority overloadable operator, other than assignment.
+\begin{cfa}[showspaces=true,aboveskip=0pt]
+®, ®2®, ®3 4®, ®5®, ®6
+\end{cfa}
+Finally, \CFA uses the logical-or operator for I/O as it is the lowest-priority overloadable operator, other than assignment.
 Therefore, fewer output expressions require parenthesis.
 \begin{quote2}
 …
 \\
+&
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[showspaces=true,aboveskip=0pt]
 3 12 0 3 1 2
 \end{cfa}
 \end{tabular}
 \end{quote2}
+Finally, the logical-or operator has a link with the Shell pipe-operator for moving data, where data flows in the correct direction for input but the opposite direction for output.
+The implicit separator\index{I/O!separator} character (space/blank) is a separator not a terminator.
+There is a weak similarity between the \CFA logical-or operator and the Shell pipe-operator for moving data, where data flows in the correct direction for input but the opposite direction for output.
+\subsection{Implicit Separator}
+The \Index{implicit separator}\index{I/O!separator} character (space/blank) is a separator not a terminator.
 The rules for implicitly adding the separator are:
 \begin{enumerate}
 …
 sout | 1 | 2 | 3 | endl;
 \end{cfa}
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
 2 3
 \end{cfa}
 …
 \end{enumerate}
+The following routines and \CC-style \Index{manipulator}s control implicit seperation.
+\subsection{Manipulator}
+The following \CC-style \Index{manipulator}s and routines control implicit seperation.
 \begin{enumerate}
 \item
 Routines \Indexc{sepSet}\index{manipulator!sepSet@©sepSet©} and \Indexc{sepGet}\index{manipulator!sepGet@©sepGet©} set and get the separator string.
+Routines \Indexc{sepSet}\index{manipulator!sepSet@©sepSet©} and \Indexc{sep}\index{manipulator!sep@©sep©}/\Indexc{sepGet}\index{manipulator!sepGet@©sepGet©} set and get the separator string.
 The separator string can be at most 16 characters including the ©'\0'© string terminator (15 printable characters).
 \begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[mathescape=off,belowskip=0pt]
 sepSet( sout, ", $" );                                          §\C{// set separator from " " to ", \$"}§
 sout | 1 | 2 | 3 | " \"" | ®sepGet( sout )® | "\"" | endl;
+sout | 1 | 2 | 3 | " \"" | ®sep® | "\"" | endl;
 \end{cfa}
 %$
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt]
 , $2, $3 ®", $"®
+®, $®2®, $®3 ®", $"®
 \end{cfa}
 %$
 \begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[belowskip=0pt]
 sepSet( sout, " " );                                            §\C{// reset separator to " "}§
 sout | 1 | 2 | 3 | " \"" | ®sepGet( sout )® | "\"" | endl;
 \end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt]
+2 3 ®" "®
+\end{cfa}
+\item
+Manipulators \Indexc{sepOn}\index{manipulator!sepOn@©sepOn©} and \Indexc{sepOff}\index{manipulator!sepOff@©sepOff©} \emph{locally} toggle printing the separator, \ie the seperator is adjusted only with respect to the next printed item.
+\begin{cfa}[mathescape=off,belowskip=0pt]
+sout | sepOn | 1 | 2 | 3 | sepOn | endl;        §\C{// separator at start of line}§
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+2 3
+\end{cfa}
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sout | 1 | sepOff | 2 | 3 | endl;                       §\C{// locally turn off implicit separator}§
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+3
+\end{cfa}
+\item
+Manipulators \Indexc{sepDisable}\index{manipulator!sepDisable@©sepDisable©} and \Indexc{sepEnable}\index{manipulator!sepEnable@©sepEnable©} \emph{globally} toggle printing the separator, \ie the seperator is adjusted with respect to all subsequent printed items, unless locally adjusted.
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sout | sepDisable | 1 | 2 | 3 | endl;           §\C{// globally turn off implicit separation}§
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+\begin{cfa}[showspaces=true,aboveskip=0pt]
+® ®2® ®3 ®" "®
+\end{cfa}
+©sepGet© can be used to store a separator and then restore it:
+\begin{cfa}[belowskip=0pt]
+char store[®sepSize®];                                          §\C{// sepSize is the maximum separator size}§
+strcpy( store, sepGet( sout ) );                          §\C{// copy current separator}§
+sepSet( sout, "_" );                                            §\C{// change separator to underscore}§
+sout | 1 | 2 | 3 | endl;
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+®_®2®_®3
+\end{cfa}
+\begin{cfa}[belowskip=0pt]
+sepSet( sout, store );                                          §\C{// change separator back to original}§
+sout | 1 | 2 | 3 | endl;
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt]
+® ®2® ®3
+\end{cfa}
+\item
+Routine \Indexc{sepSetTuple}\index{manipulator!sepSetTuple@©sepSetTuple©} and \Indexc{sepTuple}\index{manipulator!sepTuple@©sepTuple©}/\Indexc{sepGetTuple}\index{manipulator!sepGetTuple@©sepGetTuple©} get and set the tuple separator-string.
+The tuple separator-string can be at most 16 characters including the ©'\0'© string terminator (15 printable characters).
+\begin{cfa}[belowskip=0pt]
+sepSetTuple( sout, " " );                                       §\C{// set tuple separator from ", " to " "}§
+sout | t1 | t2 | " \"" | ®sepTuple® | "\"" | endl;
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt]
+2 3 4 5 6 ®" "®
+\end{cfa}
+\begin{cfa}[belowskip=0pt]
+sepSetTuple( sout, ", " );                                      §\C{// reset tuple separator to ", "}§
+sout | t1 | t2 | " \"" | ®sepGetTuple( sout )® | "\"" | endl;
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt]
+, 2, 3 4, 5, 6 ®", "®
+\end{cfa}
+As for ©sepGet©, ©sepGetTuple© can be use to store a tuple separator and then restore it.
+\item
+Manipulators \Indexc{sepDisable}\index{manipulator!sepDisable@©sepDisable©} and \Indexc{sepEnable}\index{manipulator!sepEnable@©sepEnable©} \emph{globally} toggle printing the separator, \ie the seperator is adjusted with respect to all subsequent printed items.
+\begin{cfa}[belowskip=0pt]
+sout | sepDisable | 1 | 2 | 3 | endl;           §\C{// globally turn off implicit separator}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
 \end{cfa}
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sout | 1 | sepOn | 2 | 3 | endl;                        §\C{// locally turn on implicit separator}§
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+23
+\end{cfa}
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sout | sepEnable | 1 | 2 | 3 | endl;            §\C{// globally turn on implicit separation}§
+\begin{cfa}[belowskip=0pt]
+sout | sepEnable | 1 | 2 | 3 | endl;            §\C{// globally turn on implicit separator}§
 \end{cfa}
 \begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
 …
 \item
+Routine \Indexc{sepSetTuple}\index{manipulator!sepSetTuple@©sepSetTuple©} and \Indexc{sepGetTuple}\index{manipulator!sepGetTuple@©sepGetTuple©} get and set the tuple separator-string.
+The tuple separator-string can be at most 16 characters including the ©'\0'© string terminator (15 printable characters).
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sepSetTuple( sout, " " );                                       §\C{// set tuple separator from ", " to " "}§
+sout | t1 | t2 | " \"" | ®sepGetTuple( sout )® | "\"" | endl;
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt]
+2 3 4 ®" "®
+\end{cfa}
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sepSetTuple( sout, ", " );                                      §\C{// reset tuple separator to ", "}§
+sout | t1 | t2 | " \"" | ®sepGetTuple( sout )® | "\"" | endl;
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt]
+, 2, 3, 4 ®", "®
+\end{cfa}
+\item
+The tuple separator can also be turned on and off.
+\begin{cfa}[mathescape=off,aboveskip=0pt,belowskip=0pt]
+sout | sepOn | t1 | sepOff | t2 | endl;         §\C{// locally turn on/off implicit separation}§
+\end{cfa}
+\begin{cfa}[mathescape=off,showspaces=true,aboveskip=0pt,belowskip=0pt]
+, 1, 23, 4
+\end{cfa}
+Notice a tuple seperator starts the line because the next item is a tuple.
+Manipulators \Indexc{sepOn}\index{manipulator!sepOn@©sepOn©} and \Indexc{sepOff}\index{manipulator!sepOff@©sepOff©} \emph{locally} toggle printing the separator, \ie the seperator is adjusted only with respect to the next printed item.
+\begin{cfa}[belowskip=0pt]
+sout | 1 | sepOff | 2 | 3 | endl;                       §\C{// locally turn off implicit separator}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+3
+\end{cfa}
+\begin{cfa}[belowskip=0pt]
+sout | sepDisable | 1 | sepOn | 2 | 3 | endl; §\C{// locally turn on implicit separator}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+23
+\end{cfa}
+The tuple separator also responses to being turned on and off.
+\begin{cfa}[belowskip=0pt]
+sout | t1 | sepOff | t2 | endl;                         §\C{// locally turn on/off implicit separator}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+, 2, 34, 5, 6
+\end{cfa}
+©sepOn© \emph{cannot} be used to start/end a line with a separator because separators do not appear at the start/end of a line;
+use ©sep© to accomplish this functionality.
+\begin{cfa}[belowskip=0pt]
+sout | sepOn | 1 | 2 | 3 | sepOn | endl ;       §\C{// sepOn does nothing at start/end of line}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+2 3
+\end{cfa}
+\begin{cfa}[belowskip=0pt]
+sout | sep | 1 | 2 | 3 | sep | endl ;           §\C{// use sep to print separator at start/end of line}§
+\end{cfa}
+\begin{cfa}[showspaces=true,aboveskip=0pt,belowskip=0pt]
+® ®1 2 3® ®
+\end{cfa}
 \end{enumerate}
 \begin{comment}
 #include <fstream>
+#include <string.h>                                                                             // strcpy
 int main( void ) {
         int x = 1, y = 2, z = 3;
         sout | x | y | z | endl;
         [int, int] t1 = [1, 2], t2 = [3, 4];
         sout | t1 | t2 | endl;                                          // print tuple
+        [int, [ int, int ] ] t1 = [ 1, [ 2, 3 ] ], t2 = [ 4, [ 5, 6 ] ];
+        sout | t1 | t2 | endl;                                          // print tuples
         sout | x * 3 | y + 1 | z << 2 | x == y | (x | y) | (x || y) | (x > z ? 1 : 2) | endl;
         sout | 1 | 2 | 3 | endl;
 …
         sepSet( sout, ", $" );                                          // set separator from " " to ", $"
         sout | 1 | 2 | 3 | " \"" | sepGet( sout ) | "\"" | endl;
+        sout | 1 | 2 | 3 | " \"" | sep | "\"" | endl;
         sepSet( sout, " " );                                            // reset separator to " "
         sout | 1 | 2 | 3 | " \"" | sepGet( sout ) | "\"" | endl;
         sout | sepOn | 1 | 2 | 3 | sepOn | endl;        // separator at start of line
         sout | 1 | sepOff | 2 | 3 | endl;                       // locally turn off implicit separator
         sout | sepDisable | 1 | 2 | 3 | endl;           // globally turn off implicit separation
         sout | 1 | sepOn | 2 | 3 | endl;                        // locally turn on implicit separator
         sout | sepEnable | 1 | 2 | 3 | endl;            // globally turn on implicit separation
+        char store[sepSize];
+        strcpy( store, sepGet( sout ) );
+        sepSet( sout, "_" );
+        sout | 1 | 2 | 3 | endl;
+        sepSet( sout, store );
+        sout | 1 | 2 | 3 | endl;
         sepSetTuple( sout, " " );                                       // set tuple separator from ", " to " "
         sout | t1 | t2 | " \"" | sepGetTuple( sout ) | "\"" | endl;
+        sout | t1 | t2 | " \"" | sepTuple | "\"" | endl;
         sepSetTuple( sout, ", " );                                      // reset tuple separator to ", "
         sout | t1 | t2 | " \"" | sepGetTuple( sout ) | "\"" | endl;
+        sout | t1 | t2 | endl;                                          // print tuple
+        sout | sepOn | t1 | sepOff | t2 | endl;         // locally turn on/off implicit separation
+        sout | sepDisable | 1 | 2 | 3 | endl;           // globally turn off implicit separator
+        sout | sepEnable | 1 | 2 | 3 | endl;            // globally turn on implicit separator
+        sout | 1 | sepOff | 2 | 3 | endl;                       // locally turn on implicit separator
+        sout | sepDisable | 1 | sepOn | 2 | 3 | endl; // globally turn off implicit separator
+        sout | sepEnable;
+        sout | t1 | sepOff | t2 | endl;                         // locally turn on/off implicit separator
+        sout | sepOn | 1 | 2 | 3 | sepOn | endl ;       // sepOn does nothing at start/end of line
+        sout | sep | 1 | 2 | 3 | sep | endl ;           // use sep to print separator at start/end of line
+}
 …
 \section{\protect\CFA Keywords}
+\section{\texorpdfstring{\CFA Keywords}{Cforall Keywords}}
 \label{s:CFAKeywords}
+\CFA introduces the following new keywords.
 \begin{quote2}
 \begin{tabular}{llll}
+\begin{tabular}{lllll}
 \begin{tabular}{@{}l@{}}
 ©_AT©                   \\
+©_At©                   \\
 ©catch©                 \\
 ©catchResume©   \\
 ©choose©                \\
 ©coroutine©             \\
-©disable©               \\
 \end{tabular}
+&
 \begin{tabular}{@{}l@{}}
+©disable©               \\
 ©dtype©                 \\
 ©enable©                \\
 ©fallthrough©   \\
 ©fallthru©              \\
-©finally©               \\
-©forall©                \\
 \end{tabular}
+&
 \begin{tabular}{@{}l@{}}
+©finally©               \\
+©forall©                \\
 ©ftype©                 \\
 ©lvalue©                \\
 ©monitor©               \\
+\end{tabular}
+&
+\begin{tabular}{@{}l@{}}
 ©mutex©                 \\
 ©one_t©                 \\
 ©otype©                 \\
+©throw©                 \\
+©throwResume©   \\
 \end{tabular}
+&
 \begin{tabular}{@{}l@{}}
-©throw©                 \\
-©throwResume©   \\
 ©trait©                 \\
 ©try©                   \\
 ©ttype©                 \\
 ©zero_t©                \\
+                                \\
 \end{tabular}
 \end{tabular}
 …
 \Celeven prescribes the following standard header-files~\cite[\S~7.1.2]{C11} and \CFA adds to this list:
 \begin{quote2}
+\lstset{deletekeywords={float}}
+\begin{tabular}{@{}llll|l@{}}
+\multicolumn{4}{c|}{C11} & \multicolumn{1}{c}{\CFA}             \\
+\begin{tabular}{@{}lllll|l@{}}
+\multicolumn{5}{c|}{C11} & \multicolumn{1}{c}{\CFA}             \\
 \hline
 \begin{tabular}{@{}l@{}}
 …
 \Indexc{errno.h}                \\
 \Indexc{fenv.h}                 \\
+\Indexc{float.h}                \\
+\Indexc{inttypes.h}             \\
+\Indexc{iso646.h}               \\
+\Indexc[deletekeywords=float]{float.h} \\
 \end{tabular}
+&
 \begin{tabular}{@{}l@{}}
+\Indexc{inttypes.h}             \\
+\Indexc{iso646.h}               \\
 \Indexc{limits.h}               \\
 \Indexc{locale.h}               \\
 \Indexc{math.h}                 \\
 \Indexc{setjmp.h}               \\
+\end{tabular}
+&
+\begin{tabular}{@{}l@{}}
 \Indexc{signal.h}               \\
 \Indexc{stdalign.h}             \\
 \Indexc{stdarg.h}               \\
 \Indexc{stdatomic.h}    \\
+\Indexc{stdbool.h}              \\
+\Indexc{stddef.h}               \\
 \end{tabular}
+&
 \begin{tabular}{@{}l@{}}
-\Indexc{stdbool.h}              \\
-\Indexc{stddef.h}               \\
 \Indexc{stdint.h}               \\
 \Indexc{stdio.h}                \\
 …
 \Indexc{wctype.h}               \\
                                                 \\
-                                                \\
-                                                \\
 \end{tabular}
+&
 …
 \Indexc{unistd.h}               \\
 \Indexc{gmp.h}                  \\
-                                                \\
-                                                \\
                                                 \\
                                                 \\
 …
 For an increase in storage size, new storage after the copied data may be filled.
 \item[alignment]
 an allocation starts on a specified memory boundary, e.g., an address multiple of 64 or 128 for cache-line purposes.
+an allocation starts on a specified memory boundary, \eg, an address multiple of 64 or 128 for cache-line purposes.
 \item[array]
 the allocation size is scaled to the specified number of array elements.
 …
 The table shows allocation routines supporting different combinations of storage-management capabilities:
 \begin{center}
 \begin{tabular}{@{}lr|l|l|l|l@{}}
                 &                                       & \multicolumn{1}{c|}{fill}     & resize        & alignment     & array \\
+\begin{tabular}{@{}r|r|l|l|l|l@{}}
+\multicolumn{1}{c}{}&           & \multicolumn{1}{c|}{fill}     & resize        & alignment     & array \\
 \hline
 C               & ©malloc©                      & no                    & no            & no            & no    \\
 …
                 & ©memalign©            & no                    & no            & yes           & no    \\
                 & ©posix_memalign©      & no                    & no            & yes           & no    \\
+\hline
 C11             & ©aligned_alloc©       & no                    & no            & yes           & no    \\
+\hline
 \CFA    & ©alloc©                       & no/copy/yes   & no/yes        & no            & yes   \\
                 & ©align_alloc©         & no/yes                & no            & yes           & yes   \\
 …
 // C unsafe allocation
 extern "C" {
 void * mallac( size_t size );§\indexc{memset}§
+void * malloc( size_t size );§\indexc{memset}§
 void * calloc( size_t dim, size_t size );§\indexc{calloc}§
 void * realloc( void * ptr, size_t size );§\indexc{realloc}§

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset b826e6b for doc/user/user.tex

Legend:

doc/user/user.tex

Download in other formats: