Changeset cdd25ef for doc/user/user.tex
- Timestamp:
- Apr 18, 2024, 10:26:48 PM (6 months ago)
- Branches:
- master
- Children:
- da87eaf
- Parents:
- 2b6db03
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
doc/user/user.tex
r2b6db03 rcdd25ef 11 11 %% Created On : Wed Apr 6 14:53:29 2016 12 12 %% Last Modified By : Peter A. Buhr 13 %% Last Modified On : Mon Feb 12 11:50:26202414 %% Update Count : 6 19913 %% Last Modified On : Thu Apr 18 21:53:45 2024 14 %% Update Count : 6502 15 15 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% 16 16 … … 130 130 \vspace*{\fill} 131 131 \noindent 132 \copyright\,2016, 2018, 2021 \CFA Project \\ \\132 \copyright\,2016, 2018, 2021, 2024 \CFA Project \\ \\ 133 133 \noindent 134 134 This work is licensed under the Creative Commons Attribution 4.0 International License. … … 312 312 For example, it is possible to write a type-safe \CFA wrapper ©malloc© based on the C ©malloc©: 313 313 \begin{cfa} 314 forall( dtype T| sized(T) ) T * malloc( void ) { return (T *)malloc( sizeof(T) ); }314 forall( T & | sized(T) ) T * malloc( void ) { return (T *)malloc( sizeof(T) ); } 315 315 int * ip = malloc(); §\C{// select type and size from left-hand side}§ 316 316 double * dp = malloc(); … … 1023 1023 while () { sout | "empty"; break; } 1024 1024 do { sout | "empty"; break; } while (); 1025 for () { sout | "empty"; break; } §\C{sout | nl | nlOff;}§1026 1027 for ( 0 ) { sout | "A"; } sout | "zero"; 1028 for ( 1 ) { sout | "A"; } 1029 for ( 10 ) { sout | "A"; } 1030 for ( ~= 10 ) { sout | "A"; } 1031 for ( 1 ~= 10 ~ 2 ) { sout | "B"; } 1032 for ( 1 -~= 10 ~ 2 ) { sout | "C"; } 1033 for ( 0.5 ~ 5.5 ) { sout | "D"; } 1034 for ( 0.5 -~ 5.5 ) { sout | "E"; } 1035 for ( i; 10 ) { sout | i; } 1036 for ( i; ~= 10 ) { sout | i; } 1037 for ( i; 1 ~= 10 ~ 2 ) { sout | i; } 1038 for ( i; 1 -~= 10 ~ 2 ) { sout | i; } 1039 for ( i; 0.5 ~ 5.5 ) { sout | i; } 1040 for ( i; 0.5 -~ 5.5 ) { sout | i; } 1041 for ( ui; 2u ~= 10u ~ 2u ) { sout | ui; } 1042 for ( ui; 2u -~= 10u ~ 2u ) { sout | ui; } 1025 for () { sout | "empty"; break; } §\C[3in]{sout | nl | nlOff;}§ 1026 1027 for ( 0 ) { sout | "A"; } sout | "zero"; §\C{sout | nl;}§ 1028 for ( 1 ) { sout | "A"; } §\C{sout | nl;}§ 1029 for ( 10 ) { sout | "A"; } §\C{sout | nl;}§ 1030 for ( ~= 10 ) { sout | "A"; } §\C{sout | nl;}§ 1031 for ( 1 ~= 10 ~ 2 ) { sout | "B"; } §\C{sout | nl;}§ 1032 for ( 1 -~= 10 ~ 2 ) { sout | "C"; } §\C{sout | nl;}§ 1033 for ( 0.5 ~ 5.5 ) { sout | "D"; } §\C{sout | nl;}§ 1034 for ( 0.5 -~ 5.5 ) { sout | "E"; } §\C{sout | nl;}§ 1035 for ( i; 10 ) { sout | i; } §\C{sout | nl;}§ 1036 for ( i; ~= 10 ) { sout | i; } §\C{sout | nl;}§ 1037 for ( i; 1 ~= 10 ~ 2 ) { sout | i; } §\C{sout | nl;}§ 1038 for ( i; 1 -~= 10 ~ 2 ) { sout | i; } §\C{sout | nl;}§ 1039 for ( i; 0.5 ~ 5.5 ) { sout | i; } §\C{sout | nl;}§ 1040 for ( i; 0.5 -~ 5.5 ) { sout | i; } §\C{sout | nl;}§ 1041 for ( ui; 2u ~= 10u ~ 2u ) { sout | ui; } §\C{sout | nl;}§ 1042 for ( ui; 2u -~= 10u ~ 2u ) { sout | ui; } §\C{sout | nl | nl | nl;}§ 1043 1043 1044 1044 enum { N = 10 }; 1045 for ( N ) { sout | "N"; } 1046 for ( i; N ) { sout | i; } 1047 for ( i; -~ N ) { sout | i; } 1045 for ( N ) { sout | "N"; } §\C{sout | nl;}§ 1046 for ( i; N ) { sout | i; } §\C{sout | nl;}§ 1047 for ( i; -~ N ) { sout | i; } §\C{sout | nl | nl | nl;}§ 1048 1048 1049 1049 const int low = 3, high = 10, inc = 2; 1050 for ( i; low ~ high ~ inc + 1 ) { sout | i; } 1051 for ( i; 1 ~ @ ) { if ( i > 10 ) break; sout | i; } 1052 for ( i; @ -~ 10 ) { if ( i < 0 ) break; sout | i; } 1053 for ( i; 2 ~ @ ~ 2 ) { if ( i > 10 ) break; sout | i; } 1050 for ( i; low ~ high ~ inc + 1 ) { sout | i; } §\C{sout | nl;}§ 1051 for ( i; 1 ~ @ ) { if ( i > 10 ) break; sout | i; } §\C{sout | nl;}§ 1052 for ( i; @ -~ 10 ) { if ( i < 0 ) break; sout | i; } §\C{sout | nl;}§ 1053 for ( i; 2 ~ @ ~ 2 ) { if ( i > 10 ) break; sout | i; } §\C{sout | nl;}§ 1054 1054 for ( i; 2.1 ~ @ ~ @ ) { if ( i > 10.5 ) break; sout | i; i += 1.7; } §\C{sout | nl;}§ 1055 1055 for ( i; @ -~ 10 ~ 2 ) { if ( i < 0 ) break; sout | i; } §\C{sout | nl;}§ 1056 1056 for ( i; 12.1 ~ @ ~ @ ) { if ( i < 2.5 ) break; sout | i; i -= 1.7; } §\C{sout | nl;}§ 1057 for ( i; 5 : j; -5 ~ @ ) { sout | i | j; } 1058 for ( i; 5 : j; @ -~ -5 ) { sout | i | j; } 1059 for ( i; 5 : j; -5 ~ @ ~ 2 ) { sout | i | j; } 1060 for ( i; 5 : j; @ -~ -5 ~ 2 ) { sout | i | j; } 1061 for ( i; 5 : j; -5 ~ @ ) { sout | i | j; } 1062 for ( i; 5 : j; @ -~ -5 ) { sout | i | j; } 1063 for ( i; 5 : j; -5 ~ @ ~ 2 ) { sout | i | j; } 1064 for ( i; 5 : j; @ -~ -5 ~ 2 ) { sout | i | j; } 1057 for ( i; 5 : j; -5 ~ @ ) { sout | i | j; } §\C{sout | nl;}§ 1058 for ( i; 5 : j; @ -~ -5 ) { sout | i | j; } §\C{sout | nl;}§ 1059 for ( i; 5 : j; -5 ~ @ ~ 2 ) { sout | i | j; } §\C{sout | nl;}§ 1060 for ( i; 5 : j; @ -~ -5 ~ 2 ) { sout | i | j; } §\C{sout | nl;}§ 1061 for ( i; 5 : j; -5 ~ @ ) { sout | i | j; } §\C{sout | nl;}§ 1062 for ( i; 5 : j; @ -~ -5 ) { sout | i | j; } §\C{sout | nl;}§ 1063 for ( i; 5 : j; -5 ~ @ ~ 2 ) { sout | i | j; } §\C{sout | nl;}§ 1064 for ( i; 5 : j; @ -~ -5 ~ 2 ) { sout | i | j; } §\C{sout | nl;}§ 1065 1065 for ( i; 5 : j; @ -~ -5 ~ 2 : k; 1.5 ~ @ ) { sout | i | j | k; } §\C{sout | nl;}§ 1066 1066 for ( i; 5 : j; @ -~ -5 ~ 2 : k; 1.5 ~ @ ) { sout | i | j | k; } §\C{sout | nl;}§ 1067 for ( i; 5 : k; 1.5 ~ @ : j; @ -~ -5 ~ 2 ) { sout | i | j | k; } §\C{sout | nl;} §1067 for ( i; 5 : k; 1.5 ~ @ : j; @ -~ -5 ~ 2 ) { sout | i | j | k; } §\C{sout | nl;}\CRT§ 1068 1068 \end{cfa} 1069 1069 & … … 2960 2960 The string ``©int (*f(x))[ 5 ]©'' declares a K\&R style routine of type returning a pointer to an array of 5 integers, while the string ``©[ 5 ] int x©'' declares a \CFA style parameter ©x© of type array of 5 integers. 2961 2961 Since the strings overlap starting with the open bracket, ©[©, there is an ambiguous interpretation for the string. 2962 2963 {\color{red} 2962 2964 As well, \CFA-style declarations cannot be used to declare parameters for C-style routine-definitions because of the following ambiguity: 2963 2965 \begin{cfa} … … 2967 2969 The string ``©int (* foo)©'' declares a C-style named-parameter of type pointer to an integer (the parenthesis are superfluous), while the same string declares a \CFA style unnamed parameter of type routine returning integer with unnamed parameter of type pointer to foo. 2968 2970 The redefinition of a type name in a parameter list is the only context in C where the character ©*© can appear to the left of a type name, and \CFA relies on all type qualifier characters appearing to the right of the type name. 2969 The inability to use \CFA declarations in these two contexts is probably a blessing because it precludes programmers from arbitrarily switching between declarations forms within a declaration contexts. 2971 The inability to use \CFA declarations in these two contexts is probably a blessing because it precludes programmers from arbitrarily switching between declarations forms within a declaration contexts.} 2970 2972 2971 2973 C-style declarations can be used to declare parameters for \CFA style routine definitions, \eg: … … 3055 3057 static [ int ] g ( int ); 3056 3058 \end{cfa} 3059 3060 3061 \subsection{Postfix Function} 3062 \label{s:PostfixFunction} 3063 3064 \CFA provides an alternative call syntax where the argument appears before the function name. 3065 The syntax uses the backquote ©`© to separate the parameters/arguments and function name: ©?`© denotes a postfix-function name, \eg ©int ?`h( int s )© and ©`© denotes a postfix-function call, \eg ©0`h© meaning ©h( 0 )©. 3066 \begin{cquote} 3067 \begin{tabular}{@{}l|l|l|l@{}} 3068 postfix function & constant argument call & variable argument call & postfix function pointer \\ 3069 \hline 3070 \begin{cfa} 3071 int ?`h( int s ); 3072 int ?`h( double s ); 3073 int ?`m( char c ); 3074 int ?`m( const char * s ); 3075 int ?`t( int a, int b, int c ); 3076 \end{cfa} 3077 & 3078 \begin{cfa} 3079 0`h; 3080 3.5`h; 3081 '1'`m; 3082 "123" "456"`m; 3083 [1,2,3]`t; 3084 \end{cfa} 3085 & 3086 \begin{cfa} 3087 int i = 7; 3088 i`h; 3089 (i + 3)`h; 3090 (i + 3.5)`h; 3091 \end{cfa} 3092 & 3093 \begin{cfa} 3094 int (* ?`p)( int i ); 3095 ?`p = ?`h; 3096 3`p; 3097 i`p; 3098 (i + 3)`p; 3099 \end{cfa} 3100 \end{tabular} 3101 \end{cquote} 3102 3103 \VRef[Figure]{f:UnitsComparison} shows a common usage for postfix functions: converting basic literals into user literals. 3104 \see*{\VRef{s:DynamicStorageManagement} for other uses for postfix functions.} 3105 The \CFA example (left) stores a mass in units of stones (1 stone = 14 lb or 6.35 kg) and provides an addition operator (imagine a full set of arithmetic operators). 3106 The three postfixing function names ©st©, ©lb©, and ©kg©, represent units stones, pounds, and kilograms, respectively. 3107 Each name has two forms that bidirectional convert: a value of a specified unit to stones, \eg ©w = 14`lb© $\Rightarrow$ ©w == 1© stone or a ©Weight© from stones back to specific units, \eg ©w`lb© (1 stone) to ©14©. 3108 All arithmetic operations manipulate stones and the postfix operations convert to the different units. 3109 A similar group of postfix functions provide user constants for converting time units into nanoseconds, which is the basic time unit, \eg ©ns©, ©us©, ©ms©, ©s©, ©m©, ©h©, ©d©, and ©w©, for nanosecond, microsecond, millisecond, second, minute, hour, day, and week, respectively. 3110 (Note, month is not a fixed period of time nor is year because of leap years.) 3111 3112 \begin{figure} 3113 \centering 3114 \begin{tabular}{@{}l|l@{}} 3115 \multicolumn{1}{@{}c|}{\textbf{\CFA Postfix Routine}} & \multicolumn{1}{c@{}}{\textbf{\CC User Literals}} \\ 3116 \hline 3117 \begin{cfa} 3118 struct Weight { 3119 double stones; 3120 }; 3121 3122 3123 Weight ?+?( Weight l, Weight r ) { 3124 return l.stones + r.stones; 3125 } 3126 Weight ?`st( double w ) { return w; } 3127 double ?`st( Weight w ) { return w.stones; } 3128 Weight ?`lb( double w ) { return w / 14.0; } 3129 double ?`lb( Weight w ) { return w.stones * 14.0; } 3130 Weight ?`kg( double w ) { return w / 6.35; } 3131 double ?`kg( Weight w ) { return w.stones * 6.35; } 3132 int main() { 3133 Weight w, heavy = { 20 }; // stones 3134 w = 155`lb; 3135 w = 0b_1111`st; 3136 w = 0_233`lb; 3137 w = 0x_9b`kg; 3138 w = 5.5`st + 8`kg + 25.01`lb + heavy; 3139 } 3140 \end{cfa} 3141 & 3142 \begin{C++} 3143 struct Weight { 3144 double stones; 3145 Weight() {} 3146 Weight( double w ) { stones = w; } 3147 }; 3148 Weight operator+( Weight l, Weight r ) { 3149 return l.stones + r.stones; 3150 } 3151 Weight operator""_st( long double w ) { return w; } 3152 Weight operator""_lb( long double w ) { return w / 14.0; } 3153 Weight operator""_kg( long double w ) { return w / 6.35; } 3154 Weight operator""_st( unsigned long long int w ) { return w; } 3155 Weight operator""_lb( unsigned long long int w ) { return w / 14.0; } 3156 Weight operator""_kg( unsigned long long int w ) { return w / 6.35; } 3157 int main() { 3158 Weight w, heavy = { 20 }; // stones 3159 w = 155_lb; 3160 w = 0b1111_st; 3161 w = 0'233_lb; // quote separator 3162 w = 0x9b_kg; 3163 w = 5.5_st + 8_kg + 25.01_lb + heavy; 3164 } 3165 \end{C++} 3166 \end{tabular} 3167 3168 \begin{comment} 3169 Time : comparison of time units. \\ 3170 \begin{tabular}{@{}ll@{}} 3171 \CFA & \CC \\ 3172 \begin{cfa} 3173 #include <fstream.hfa> 3174 #include <time.hfa> 3175 3176 3177 Duration s = 1`h + 2 * 10`m + 70`s / 10; 3178 sout | "1 hour + 2*10 min + 70/10 sec = " | s | "seconds"; 3179 sout | "Dividing that by 2 minutes gives" | s / 2`m; 3180 sout | "Dividing that by 2 gives" | s / 2 | "seconds\n"; 3181 sout | s | "seconds is" 3182 | s`h | "hours," 3183 | (s % 1`h)`m | "minutes," 3184 | (s % 1`m)`s | "seconds"; 3185 \end{cfa} 3186 & 3187 \begin{C++} 3188 #include <iostream> 3189 #include <chrono> 3190 using namespace std; 3191 using namespace std::chrono; 3192 seconds s = hours(1) + 2 * minutes(10) + seconds(70) / 10; 3193 cout << "1 hour + 2*10 min + 70/10 sec = " << s.count() << " seconds\n"; 3194 cout << "Dividing that by 2 minutes gives " << s / minutes(2) << '\n'; 3195 cout << "Dividing that by 2 gives " << (s / 2).count() << " seconds\n"; 3196 cout << s.count() << " seconds is " 3197 << duration_cast<hours>( s ).count() << " hours, " 3198 << duration_cast<minutes>( s % hours(1) ).count() << " minutes, " 3199 << duration_cast<seconds>( s % minutes(1) ).count() << " seconds\n"; 3200 \end{C++} 3201 \end{tabular} 3202 \end{comment} 3203 3204 \caption{Units: Stone, Pound, Kilogram Comparison} 3205 \label{f:UnitsComparison} 3206 \end{figure} 3207 3208 The \CC example (right) provides a \emph{restricted} capability via user literals. 3209 The \lstinline[language=C++]{operator ""} only takes a constant argument (\ie no variable argument), and the constant type must be the highest-level constant-type, \eg ©long double© for all floating-point constants. 3210 As well, there is no constant conversion, \ie ©int© to ©double© constants, so integral constants are handled by a separate set of routines, with maximal integral type ©unsigned long long int©. 3211 Finally, there is no mechanism to use this syntax for a bidirectional conversion because \lstinline[language=C++]{operator ""} does not accept variable arguments. 3057 3212 3058 3213 … … 3809 3964 \subsection{Polymorphism} 3810 3965 3811 Due to the implicit flattening and structuring conversions involved in argument passing, ©otype© and ©dtype©parameters are restricted to matching only with non-tuple types.3966 Due to the implicit flattening and structuring conversions involved in argument passing, object and opaque parameters are restricted to matching only with non-tuple types. 3812 3967 The integration of polymorphism, type assertions, and monomorphic specialization of tuple-assertions are a primary contribution of this thesis to the design of tuples. 3813 3968 \begin{cfa} 3814 forall(T, dtype U)3969 forall(T, U &) 3815 3970 void f(T x, U * y); 3816 3971 … … 4925 5080 sout | '1' | '2' | '3'; 4926 5081 sout | 1 | "" | 2 | "" | 3; 4927 sout | "x (" | 1 | "x [" | 2 | "x {" | 3 | "x =" | 4 | "x $" | 5 | "x £" | 6 | "x Â¥"4928 | 7 | "x ¡" | 8 | "x ¿" | 9 | "x «" | 10;5082 sout | "x (" | 1 | "x [" | 2 | "x {" | 3 | "x =" | 4 | "x $" | 5 | "x £" | 6 | "x ¥" 5083 | 7 | "x ¡" | 8 | "x ¿" | 9 | "x «" | 10; 4929 5084 sout | 1 | ", x" | 2 | ". x" | 3 | "; x" | 4 | "! x" | 5 | "? x" | 6 | "% x" 4930 | 7 | " ¢ x" | 8 | "» x" | 9 | ") x" | 10 | "] x" | 11 | "} x";5085 | 7 | "¢ x" | 8 | "» x" | 9 | ") x" | 10 | "] x" | 11 | "} x"; 4931 5086 sout | "x`" | 1 | "`x'" | 2 | "'x\"" | 3 | "\"x:" | 4 | ":x " | 5 | " x\t" | 6 | "\tx"; 4932 5087 sout | "x ( " | 1 | " ) x" | 2 | " , x" | 3 | " :x: " | 4; … … 7775 7930 \item[Rationale:] increase type safety 7776 7931 \item[Effect on original feature:] deletion of semantically well-defined feature. 7777 \item[Difficulty of converting:] requires adding a cast \see{\VRef{s: StorageManagement} for better alternatives}:7932 \item[Difficulty of converting:] requires adding a cast \see{\VRef{s:DynamicStorageManagement} for better alternatives}: 7778 7933 \begin{cfa} 7779 7934 int * b = (int *)malloc( sizeof(int) ); … … 7988 8143 \label{s:StandardLibrary} 7989 8144 7990 The \CFA standard-library wraps explicitly-polymorphic C routines into implicitly-polymorphic versions. 7991 7992 7993 \subsection{Storage Management} 7994 \label{s:StorageManagement} 7995 7996 The storage-management routines extend their C equivalents by overloading, alternate names, providing shallow type-safety, and removing the need to specify the allocation size for non-array types. 7997 7998 C storage management provides the following capabilities: 7999 \begin{description} 8000 \item[filled] 8001 after allocation with a specified character or value. 8145 The \CFA standard-library extends existing C library routines by adding new function, wrapping existing explicitly-polymorphic C routines into implicitly-polymorphic versions, and adding new \CFA extensions. 8146 8147 8148 \subsection{Dynamic Storage-Management} 8149 \label{s:DynamicStorageManagement} 8150 8151 Dynamic storage-management in C is based on explicit allocation and deallocation (©malloc©/©free©). 8152 Programmer's must manage all allocated storage via its address (pointer) and subsequently deallocate the storage via this address. 8153 Storage that is not deallocated becomes inaccessible, called a \newterm{memory leak}, which can only be detected at program termination. 8154 Storage freed twice is an error, called a \newterm{duplicate free}, which can sometimes be detected. 8155 Storage used after it is deallocated is an error, called using a \newterm{dangling pointer}, which can sometimes be detected. 8156 8157 8158 \subsubsection{C Interface} 8159 8160 C dynamic storage-management provides the following properties. 8161 \begin{description}[leftmargin=*] 8162 \item[fill] 8163 storage after an allocation with a specified character or value. 8164 \item[align] 8165 an allocation on a specified memory boundary, \eg, an address multiple of 64 or 128 for cache-line purposes. 8166 \item[scale] 8167 an allocation size to the specified number of array elements. 8168 An array may be filled, resized, or aligned. 8002 8169 \item[resize] 8003 8170 an existing allocation to decreased or increased its size. 8004 In either case, new storage may or may not be allocated and, if there is a new allocation, as much data from the existing allocation is copied into the new allocation. 8005 For an increase in storage size, new storage after the copied data may be filled. 8006 \item[align] 8007 an allocation on a specified memory boundary, \eg, an address multiple of 64 or 128 for cache-line purposes. 8008 \item[array] 8009 the allocation size is scaled to the specified number of array elements. 8010 An array may be filled, resized, or aligned. 8171 In either direction, new storage may or may not be allocated, but if there is a new allocation, as much data from the existing allocation is copied into the new allocation. 8172 When new storage is allocated, it may be aligned and storage after copied data may be filled. 8011 8173 \end{description} 8012 \VRef[Table]{t:AllocationVersusCapabilities} shows allocation routines supporting different combinations of storage-management capabilities. 8174 \VRef[Table]{t:AllocationVersusProperties} shows different combinations of storage-management properties provided by the C and \CFA allocation routines. 8175 8013 8176 \begin{table} 8177 \caption{Allocation Routines versus Storage-Management Properties} 8178 \label{t:AllocationVersusProperties} 8014 8179 \centering 8015 8180 \begin{minipage}{0.75\textwidth} 8016 8181 \begin{tabular}{@{}r|l|l|l|l|l@{}} 8017 \multicolumn{1}{c}{}& & \multicolumn{1}{c|}{fill} & resize & alignment & array\\8182 & \multicolumn{1}{c|}{routine} & \multicolumn{1}{c|}{\textbf{fill}} & \textbf{alignment} & \textbf{scale} & \textbf{resize} \\ 8018 8183 \hline 8019 8184 C & ©malloc© & no & no & no & no \\ 8020 & ©calloc© & yes (0 only) & no & no & yes \\ 8021 & ©realloc© & copy & yes & no & no \\ 8022 & ©memalign© & no & no & yes & no \\ 8023 & ©aligned_alloc©\footnote{Same as ©memalign© but size is an integral multiple of alignment, which is universally ignored.} 8024 & no & no & yes & no \\ 8025 & ©posix_memalign© & no & no & yes & no \\ 8026 & ©valloc© & no & no & yes (page size)& no \\ 8185 & ©calloc© & yes (0 only) & no & yes & no \\ 8186 & ©realloc© & copy & no & no & yes \\ 8187 & ©reallocarray© & copy & no & yes & yes \\ 8188 & ©memalign© & no & yes & no & no \\ 8189 & ©aligned_alloc©\footnote{Same as ©memalign© but size is an integral multiple of alignment.} 8190 & no & yes & no & no \\ 8191 & ©posix_memalign© & no & yes & no & no \\ 8192 & ©valloc© & no & yes (page size)& no & no \\ 8027 8193 & ©pvalloc©\footnote{Same as ©valloc© but rounds size to multiple of page size.} 8028 & no & no & yes (page size)& no \\ 8029 \hline 8030 \CFA & ©cmemalign© & yes (0 only) & no & yes & yes \\ 8031 & ©realloc© & copy & yes & yes & no \\ 8032 & ©alloc© & no & yes & no & yes \\ 8033 & ©alloc_set© & yes & yes & no & yes \\ 8034 & ©alloc_align© & no & yes & yes & yes \\ 8035 & ©alloc_align_set© & yes & yes & yes & yes \\ 8194 & no & yes (page size)& no & no \\ 8195 \hline 8196 \CFA & ©cmemalign© & yes (0 only) & yes & yes & no \\ 8197 & ©resize© & no copy & yes & no & yes \\ 8198 & ©realloc© & copy & yes & no & yes \\ 8199 & ©alloc©\footnote{Multiple overloads with different parameters.} 8200 & yes & yes & yes & yes 8036 8201 \end{tabular} 8037 8202 \end{minipage} 8038 \caption{Allocation Routines versus Storage-Management Capabilities} 8039 \label{t:AllocationVersusCapabilities} 8203 \vspace*{-10pt} 8040 8204 \end{table} 8041 8205 8042 \CFA memory management extends the type safety of all allocations by using the type of the left-hand-side type to determine the allocation size and return a matching type for the new storage. 8043 Type-safe allocation is provided for all C allocation routines and new \CFA allocation routines, \eg in 8044 \begin{cfa} 8045 int * ip = (int *)malloc( sizeof(int) ); §\C{// C}§ 8046 int * ip = malloc(); §\C{// \CFA type-safe version of C malloc}§ 8047 int * ip = alloc(); §\C{// \CFA type-safe uniform alloc}§ 8048 \end{cfa} 8049 the latter two allocations determine the allocation size from the type of ©p© (©int©) and cast the pointer to the allocated storage to ©int *©. 8050 8051 \CFA memory management extends allocation safety by implicitly honouring all alignment requirements, \eg in 8052 \begin{cfa} 8053 struct S { int i; } __attribute__(( aligned( 128 ) )); // cache-line alignment 8054 S * sp = malloc(); §\C{// honour type alignment}§ 8055 \end{cfa} 8056 the storage allocation is implicitly aligned to 128 rather than the default 16. 8057 The alignment check is performed at compile time so there is no runtime cost. 8058 8059 \CFA memory management extends the resize capability with the notion of \newterm{sticky properties}. 8060 Hence, initial allocation capabilities are remembered and maintained when resize requires copying. 8061 For example, an initial alignment and fill capability are preserved during a resize copy so the copy has the same alignment and extended storage is filled. 8062 Without sticky properties it is dangerous to use ©realloc©, resulting in an idiom of manually performing the reallocation to maintain correctness. 8063 \begin{cfa} 8064 8065 \end{cfa} 8066 8067 \CFA memory management extends allocation to support constructors for initialization of allocated storage, \eg in 8068 \begin{cfa} 8069 struct S { int i; }; §\C{// cache-line alignment}§ 8070 void ?{}( S & s, int i ) { s.i = i; } 8071 // assume ?|? operator for printing an S 8072 8073 S & sp = *®new®( 3 ); §\C{// call constructor after allocation}§ 8074 sout | sp.i; 8075 ®delete®( &sp ); 8076 8077 S * spa = ®anew®( 10, 5 ); §\C{// allocate array and initialize each array element}§ 8078 for ( i; 10 ) sout | spa[i] | nonl; 8079 sout | nl; 8080 ®adelete®( 10, spa ); 8206 8207 \subsubsection{\CFA Interface} 8208 8209 \CFA dynamic memory management: 8210 \begin{enumerate}[leftmargin=\parindent] 8211 \item 8212 Extend type safety of all allocation routines by using the left-hand assignment type to determine the allocation size and alignment, and return a matching type for the new storage, which removes many common allocation errors. 8213 \begin{cfa} 8214 int * ip = (int *)malloc( sizeof(int) ); §\C[2.3in]{// C}§ 8215 int * ip = malloc(); §\C{// \CFA type-safe call of C malloc}§ 8216 int * ip = alloc(); §\C{// \CFA type-safe call of \CFA alloc}§ 8217 struct __attribute__(( aligned(128) )) spinlock { ... }; 8218 spinlock * slp = malloc(); §\C{// correct size, alignment, and return type}\CRT§ 8219 \end{cfa} 8220 Here, the alignment of the ©ip© storage is 16 (default) and 128 for ©slp©. 8221 8222 \item 8223 Introduce the notion of \newterm{sticky properties} used in resizing. 8224 All initial allocation properties are remembered and maintained for use should resize require new storage. 8225 For example, the initial alignment and fill properties in the initial allocation 8226 \begin{cfa} 8227 struct __attribute__(( aligned(4096) )) S { ... }; 8228 S * sp = calloc( 10 ); §\C{// align 4K and zero fill}§ 8229 sp = reallocarray( sp, 100 ); §\C{// preserve 4K alignment and zero fill new storage}§ 8230 \end{cfa} 8231 are preserved in the resize so the new storage has the same alignment and extra storage after the data copy is zero filled. 8232 Without sticky properties it is dangerous to resize, resulting in the C idiom of manually performing the reallocation to maintain correctness, which is error prone. 8233 8234 \item 8235 Provide resizing without data copying, which is useful to repurpose an existing block of storage for another purpose, rather than freeing the old storage and performing a new allocation. 8236 The resize might be able to take advantage of unused storage after the data to preventing the free/reallocation step altogether. 8237 8238 \item 8239 Provide ©free©/©delete© functions that delete a variable number of pointers. 8240 \begin{cfa} 8241 int * ip = malloc(), * jp = malloc(), * kp = malloc(); 8242 double * xp = malloc(), * yp = malloc(), * zp = malloc(); 8243 free( ®ip, jp, kp, xp, yp, zp® ); 8244 \end{cfa} 8245 8246 \item 8247 Support constructors for initialization of allocated storage (like \CC) and destructors for deallocation. 8248 \begin{cfa} 8249 struct S { int v; }; §\C{// default constructors}§ 8250 void ^?{}( S & ) { ... } §\C{// destructor}§ 8251 S & sp = *®new®( 3 ); §\C{// allocate and call constructor}§ 8252 sout | sp.v; 8253 ®delete®( &sp ); §\C{// call destructor}§ 8254 S * spa1 = ®anew®( 10, 5 ), * spa2 = ®anew®( 10, 8 ); §\C{// allocate array and call constructor for each array element}§ 8255 for ( i; 10 ) sout | spa1[i].v | spa2[i].v | nonl; sout | nl; 8256 ®adelete®( spa1, spa2 ); §\C{// call destructors on all array objects}§ 8257 8258 3 8259 5 8 5 8 5 8 5 8 5 8 5 8 5 8 5 8 5 8 5 8 8081 8260 \end{cfa} 8082 8261 Allocation routines ©new©/©anew© allocate a variable/array and initialize storage using the allocated type's constructor. 8083 8262 Note, the matching deallocation routines ©delete©/©adelete©. 8084 8085 \leavevmode 8263 \end{enumerate} 8264 8265 In addition, \CFA provides a new allocator interface to further increase orthogonality and usability of dynamic-memory allocation. 8266 This interface helps programmers in three ways. 8267 \begin{enumerate} 8268 \item 8269 naming: \CFA regular and ©ttype© polymorphism (similar to \CC variadic templates) is used to encapsulate a wide range of allocation functionality into a single routine name, so programmers do not have to remember multiple routine names for different kinds of dynamic allocations. 8270 \item 8271 named arguments: individual allocation properties are specified using postfix function call \see{\VRef{s:PostfixFunction}}, so programmers do not have to remember parameter positions in allocation calls. 8272 \item 8273 safe usage: like the \CFA's C-interface, programmers do not have to specify object size or cast allocation results. 8274 \end{enumerate} 8275 8276 The polymorphic functions ©T * alloc( ... )© and ©T * alloc( size_t dim, ... )© are overloaded with a variable number of specific allocation properties, or an integer dimension parameter followed by a variable number of specific allocation properties. 8277 These allocation properties can be passed as named arguments when calling the \lstinline{alloc} routine. 8278 A call without parameters returns an uninitialized dynamically allocated object of type ©T© (©malloc©). 8279 A call with only the dimension (dim) parameter returns an uninitialized dynamically allocated array of objects with type ©T© (©aalloc©). 8280 The variable number of arguments consist of allocation properties, which can be combined to produce different kinds of allocations. 8281 The properties ©resize© and ©realloc© are associated with the allocation variable indicating how the existing allocation is modified, without or with data copying. 8282 Function ©alloc© is used extensively in the \CFA runtime. 8283 8284 The following allocation property functions may be combined and appear in any order as arguments to ©alloc©, 8285 \begin{itemize} 8286 \item 8287 ©T_align ?`align( size_t alignment )© to align an allocation. 8288 The alignment parameter must be $\ge$ the default alignment (©libAlign()© in \CFA) and a power of two, \eg: 8289 \begin{cfa} 8290 int * i0 = alloc( ®4096`align® ); sout | i0 | nl; 8291 int * i1 = alloc( 3, ®4096`align® ); sout | i1; for (i; 3 ) sout | &i1[i] | nonl; sout | nl; 8292 8293 0x555555572000 8294 0x555555574000 0x555555574000 0x555555574004 0x555555574008 8295 \end{cfa} 8296 returns a dynamic object and object array aligned on a 4096-byte boundary. 8297 8298 \item 8299 ©S_fill(T) ?`fill ( /* various types */ )© to initialize storage. 8300 There are three ways to fill storage: 8301 \begin{enumerate} 8302 \item 8303 A ©char© fills every byte of each object. 8304 \item 8305 An object of the returned type fills each object. 8306 \item 8307 An object array pointer fills some or all of the corresponding object array. 8308 \end{enumerate} 8309 For example: 8310 \begin{cfa}[numbers=left] 8311 int * i0 = alloc( ®0n`fill® ); sout | *i0 | nl; // 0n disambiguates 0 8312 int * i1 = alloc( ®5`fill® ); sout | *i1 | nl; 8313 int * i2 = alloc( ®'\xfe'`fill® ); sout | hex( *i2 ) | nl; 8314 int * i3 = alloc( 5, ®5`fill® ); for ( i; 5 ) sout | i3[i] | nonl; sout | nl; 8315 int * i4 = alloc( 5, ®0xdeadbeefN`fill® ); for ( i; 5 ) sout | hex( i4[i] ) | nonl; sout | nl; 8316 int * i5 = alloc( 5, ®i3`fill® ); for ( i; 5 ) sout | i5[i] | nonl; sout | nl; // completely fill from i3 8317 int * i6 = alloc( 5, ®[i3, 3]`fill® ); for ( i; 5 ) sout | i6[i] | nonl; sout | nl; // partial fill from i3 8318 \end{cfa} 8319 \begin{lstlisting}[numbers=left] 8320 0 8321 5 8322 0xfefefefe 8323 5 5 5 5 5 8324 0xdeadbeef 0xdeadbeef 0xdeadbeef 0xdeadbeef 0xdeadbeef 8325 5 5 5 5 5 8326 5 5 5 -555819298 -555819298 // two undefined values 8327 \end{lstlisting} 8328 Examples 1 to 3 fill an object with a value or characters. 8329 Examples 4 to 7 fill an array of objects with values, another array, or part of an array. 8330 8331 \item 8332 ©S_resize(T) ?`resize( void * oaddr )© used to resize, realign, and fill, where the old object data is not copied to the new object. 8333 The old object type may be different from the new object type, since the values are not used. 8334 For example: 8335 \begin{cfa}[numbers=left] 8336 int * i = alloc( ®5`fill® ); sout | i | *i; 8337 i = alloc( ®i`resize®, ®256`align®, ®7`fill® ); sout | i | *i; 8338 double * d = alloc( ®i`resize®, ®4096`align®, ®13.5`fill® ); sout | d | *d; 8339 \end{cfa} 8340 \begin{lstlisting}[numbers=left] 8341 0x55555556d5c0 5 8342 0x555555570000 7 8343 0x555555571000 13.5 8344 \end{lstlisting} 8345 Examples 2 to 3 change the alignment, fill, and size for the initial storage of ©i©. 8346 8347 \begin{cfa}[numbers=left] 8348 int * ia = alloc( 5, ®5`fill® ); for ( i; 5 ) sout | ia[i] | nonl; sout | nl; 8349 ia = alloc( 10, ®ia`resize®, ®7`fill® ); for ( i; 10 ) sout | ia[i] | nonl; sout | nl; 8350 sout | ia; ia = alloc( 5, ®ia`resize®, ®512`align®, ®13`fill® ); sout | ia; for ( i; 5 ) sout | ia[i] | nonl; sout | nl;; 8351 ia = alloc( 3, ®ia`resize®, ®4096`align®, ®2`fill® ); sout | ia; for ( i; 3 ) sout | &ia[i] | ia[i] | nonl; sout | nl; 8352 \end{cfa} 8353 \begin{lstlisting}[numbers=left] 8354 5 5 5 5 5 8355 7 7 7 7 7 7 7 7 7 7 8356 0x55555556d560 0x555555571a00 13 13 13 13 13 8357 0x555555572000 0x555555572000 2 0x555555572004 2 0x555555572008 2 8358 \end{lstlisting} 8359 Examples 2 to 4 change the array size, alignment and fill for the initial storage of ©ia©. 8360 8361 \item 8362 ©S_realloc(T) ?`realloc( T * a ))© 8363 used to resize, realign, and fill, where the old object data is copied to the new object. 8364 The old object type must be the same as the new object type, since the value is used. 8365 Note, for ©fill©, only the extra space after copying the data from the old object is filled with the given parameter. 8366 For example: 8367 \begin{cfa}[numbers=left] 8368 int * i = alloc( ®5`fill® ); sout | i | *i; 8369 i = alloc( ®i`realloc®, ®256`align® ); sout | i | *i; 8370 i = alloc( ®i`realloc®, ®4096`align®, ®13`fill® ); sout | i | *i; 8371 \end{cfa} 8372 \begin{lstlisting}[numbers=left] 8373 0x55555556d5c0 5 8374 0x555555570000 5 8375 0x555555571000 5 8376 \end{lstlisting} 8377 Examples 2 to 3 change the alignment for the initial storage of ©i©. 8378 The ©13`fill© in example 3 does nothing because no extra space is added. 8379 8380 \begin{cfa}[numbers=left] 8381 int * ia = alloc( 5, ®5`fill® ); for ( i; 5 ) sout | ia[i]; sout | nl; 8382 ia = alloc( 10, ®ia`realloc®, ®7`fill® ); for ( i; 10 ) sout | ia[i]; sout | nl; 8383 sout | ia; ia = alloc( 1, ®ia`realloc®, ®512`align®, ®13`fill® ); sout | ia; for ( i; 1 ) sout | ia[i]; sout | nl;; 8384 ia = alloc( 3, ®ia`realloc®, ®4096`align®, ®2`fill® ); sout | ia; for ( i; 3 ) sout | &ia[i] | ia[i]; sout | nl; 8385 \end{cfa} 8386 \begin{lstlisting}[numbers=left] 8387 5 5 5 5 5 8388 5 5 5 5 5 7 7 7 7 7 8389 0x55555556c560 0x555555570a00 5 8390 0x555555571000 0x555555571000 5 0x555555571004 2 0x555555571008 2 8391 \end{lstlisting} 8392 Examples 2 to 4 change the array size, alignment and fill for the initial storage of ©ia©. 8393 The ©13`fill© in example 3 does nothing because no extra space is added. 8394 \end{itemize} 8395 8396 \medskip 8086 8397 \begin{cfa}[aboveskip=0pt,belowskip=0pt] 8087 8398 extern "C" { 8088 // C unsafe allocation 8089 void * malloc( size_t size );§\indexc{malloc}§ 8090 void * calloc( size_t dim, size_t size );§\indexc{calloc}§ 8091 void * realloc( void * ptr, size_t size );§\indexc{realloc}§ 8092 void * memalign( size_t align, size_t size );§\indexc{memalign}§ 8093 void * aligned_alloc( size_t align, size_t size );§\indexc{aligned_alloc}§ 8094 int posix_memalign( void ** ptr, size_t align, size_t size );§\indexc{posix_memalign}§ 8095 void * cmemalign( size_t alignment, size_t noOfElems, size_t elemSize );§\indexc{cmemalign}§ // CFA 8096 8097 // C unsafe initialization/copy 8098 void * memset( void * dest, int c, size_t size );§\indexc{memset}§ 8099 void * memcpy( void * dest, const void * src, size_t size );§\indexc{memcpy}§ 8100 } 8101 8102 void * realloc( void * oaddr, size_t nalign, size_t size ); // CFA heap 8103 8104 forall( dtype T | sized(T) ) { 8105 // §\CFA§ safe equivalents, i.e., implicit size specification 8106 T * malloc( void ); 8107 T * calloc( size_t dim ); 8108 T * realloc( T * ptr, size_t size ); 8109 T * memalign( size_t align ); 8110 T * cmemalign( size_t align, size_t dim ); 8111 T * aligned_alloc( size_t align ); 8112 int posix_memalign( T ** ptr, size_t align ); 8399 // New allocation operations. 8400 void * aalloc( size_t dim, size_t elemSize );§\indexc{aalloc}§ 8401 void * resize( void * oaddr, size_t size );§\indexc{resize}§ 8402 void * amemalign( size_t align, size_t dim, size_t elemSize );§\indexc{amemalign}§ 8403 void * cmemalign( size_t align, size_t dim, size_t elemSize );§\indexc{cmemalign}§ 8404 size_t malloc_alignment( void * addr );§\indexc{malloc_alignment}§ 8405 bool malloc_zero_fill( void * addr );§\indexc{malloc_zero_fill}§ 8406 size_t malloc_size( void * addr );§\indexc{malloc_size}§ 8407 int malloc_stats_fd( int fd );§\indexc{malloc_stats_fd}§ 8408 size_t malloc_expansion();§\indexc{malloc_expansion}§ $\C{// heap expansion size (bytes)}$ 8409 size_t malloc_mmap_start();§\indexc{malloc_mmap_start}§ $\C{// crossover allocation size from sbrk to mmap}$ 8410 size_t malloc_unfreed();§\indexc{malloc_unfreed()}§ $\C{// heap unfreed size (bytes)}$ 8411 void malloc_stats_clear();§\indexc{malloc_stats_clear}§ $\C{// clear heap statistics}$ 8412 } 8413 8414 // New allocation operations. 8415 void * resize( void * oaddr, size_t alignment, size_t size ); 8416 void * realloc( void * oaddr, size_t alignment, size_t size ); 8417 void * reallocarray( void * oaddr, size_t nalign, size_t dim, size_t elemSize ); 8418 8419 forall( T & | sized(T) ) { 8420 // §\CFA§ safe equivalents, i.e., implicit size specification, eliminate return-type cast 8421 T * malloc( void );§\indexc{malloc}§ 8422 T * aalloc( size_t dim );§\indexc{aalloc}§ 8423 T * calloc( size_t dim );§\indexc{calloc}§ 8424 T * resize( T * ptr, size_t size );§\indexc{resize}§ 8425 T * realloc( T * ptr, size_t size );§\indexc{realloc}§ 8426 T * reallocarray( T * ptr, size_t dim );§\indexc{reallocarray}§ 8427 T * memalign( size_t align );§\indexc{memalign}§ 8428 T * amemalign( size_t align, size_t dim );§\indexc{amemalign}§ 8429 T * cmemalign( size_t align, size_t dim );§\indexc{aalloc}§ 8430 T * aligned_alloc( size_t align );§\indexc{aligned_alloc}§ 8431 int posix_memalign( T ** ptr, size_t align );§\indexc{posix_memalign}§ 8432 T * valloc( void );§\indexc{valloc}§ 8433 T * pvalloc( void );§\indexc{pvalloc}§ 8113 8434 8114 8435 // §\CFA§ safe general allocation, fill, resize, alignment, array 8115 T * alloc( void );§\indexc{alloc}§ §\C[3.5in]{// variable, T size}§ 8116 T * alloc( size_t dim ); §\C{// array[dim], T size elements}§ 8117 T * alloc( T ptr[], size_t dim ); §\C{// realloc array[dim], T size elements}§ 8118 8119 T * alloc_set( char fill );§\indexc{alloc_set}§ §\C{// variable, T size, fill bytes with value}§ 8120 T * alloc_set( T fill ); §\C{// variable, T size, fill with value}§ 8121 T * alloc_set( size_t dim, char fill ); §\C{// array[dim], T size elements, fill bytes with value}§ 8122 T * alloc_set( size_t dim, T fill ); §\C{// array[dim], T size elements, fill elements with value}§ 8123 T * alloc_set( size_t dim, const T fill[] ); §\C{// array[dim], T size elements, fill elements with array}§ 8124 T * alloc_set( T ptr[], size_t dim, char fill ); §\C{// realloc array[dim], T size elements, fill bytes with value}§ 8125 8126 T * alloc_align( size_t align ); §\C{// aligned variable, T size}§ 8127 T * alloc_align( size_t align, size_t dim ); §\C{// aligned array[dim], T size elements}§ 8128 T * alloc_align( T ptr[], size_t align ); §\C{// realloc new aligned array}§ 8129 T * alloc_align( T ptr[], size_t align, size_t dim ); §\C{// realloc new aligned array[dim]}§ 8130 8131 T * alloc_align_set( size_t align, char fill ); §\C{// aligned variable, T size, fill bytes with value}§ 8132 T * alloc_align_set( size_t align, T fill ); §\C{// aligned variable, T size, fill with value}§ 8133 T * alloc_align_set( size_t align, size_t dim, char fill ); §\C{// aligned array[dim], T size elements, fill bytes with value}§ 8134 T * alloc_align_set( size_t align, size_t dim, T fill ); §\C{// aligned array[dim], T size elements, fill elements with value}§ 8135 T * alloc_align_set( size_t align, size_t dim, const T fill[] ); §\C{// aligned array[dim], T size elements, fill elements with array}§ 8136 T * alloc_align_set( T ptr[], size_t align, size_t dim, char fill ); §\C{// realloc new aligned array[dim], fill new bytes with value}§ 8436 T * alloc( ... );§\indexc{alloc}§ §\C{// variable, T size}§ 8437 T * alloc( size_t dim, ... ); 8438 T_align ?`align( size_t alignment );§\indexc{align}§ 8439 S_fill(T) ?`fill( /* various types */ );§\indexc{fill}§ 8440 S_resize(T) ?`resize( void * oaddr );§\indexc{resize}§ 8441 S_realloc(T) ?`realloc( T * a ));§\indexc{realloc}§ 8137 8442 8138 8443 // §\CFA§ safe initialization/copy, i.e., implicit size specification … … 8146 8451 8147 8452 // §\CFA§ allocation/deallocation and constructor/destructor, non-array types 8148 forall( dtype T | sized(T), ttype Params | { void ?{}( T &, Params ); } ) T * new( Params p );§\indexc{new}§ 8149 forall( dtype T | sized(T) | { void ^?{}( T & ); } ) void delete( T * ptr );§\indexc{delete}§ 8150 forall( dtype T, ttype Params | sized(T) | { void ^?{}( T & ); void delete( Params ); } ) 8151 void delete( T * ptr, Params rest ); 8453 forall( T &, TT ... ) void free( T * ptr, ... ); 8454 8455 forall( T & | sized(T), Params ... | { void ?{}( T &, Params ); } ) 8456 T * new( Params p );§\indexc{new}§ 8457 forall( T & | { void ^?{}( T & ); } ) 8458 void delete( T * ptr );§\indexc{delete}§ 8459 forall( T &, Params ... | { void ^?{}( T & ); void delete( Params ); } ) 8460 void delete( T * ptr, Params rest ); 8152 8461 8153 8462 // §\CFA§ allocation/deallocation and constructor/destructor, array types 8154 forall( dtype T | sized(T), ttype Params | { void ?{}( T &, Params ); } ) T * anew( size_t dim, Params p );§\indexc{anew}§ 8155 forall( dtype T | sized(T) | { void ^?{}( T & ); } ) void adelete( size_t dim, T arr[] );§\indexc{adelete}§ 8156 forall( dtype T | sized(T) | { void ^?{}( T & ); }, ttype Params | { void adelete( Params ); } ) 8157 void adelete( size_t dim, T arr[], Params rest ); 8463 forall( T & | sized(T), Params ... | { void ?{}( T &, Params ); } ) 8464 T * anew( size_t dim, Params p );§\indexc{anew}§ 8465 forall( T & | sized(T) | { void ^?{}( T & ); } ) 8466 void adelete( T arr[] );§\indexc{adelete}§ 8467 forall( T & | sized(T) | { void ^?{}( T & ); }, Params ... | { void adelete( Params ); } ) 8468 void adelete( T arr[], Params rest ); 8158 8469 \end{cfa} 8159 8470 … … 9290 9601 Int sqrt( Int oper ); 9291 9602 9292 forall( dtype istype| istream( istype ) ) istype * ?|?( istype * is, Int * mp ); §\C{// I/O}§9293 forall( dtype ostype| ostream( ostype ) ) ostype * ?|?( ostype * os, Int mp );9603 forall( istype & | istream( istype ) ) istype * ?|?( istype * is, Int * mp ); §\C{// I/O}§ 9604 forall( ostype & | ostream( ostype ) ) ostype * ?|?( ostype * os, Int mp ); 9294 9605 \end{cfa} 9295 9606 \VRef[Figure]{f:MultiPrecisionFactorials} shows \CFA and C factorial programs using the GMP interfaces. … … 9299 9610 \begin{cquote} 9300 9611 \begin{tabular}{@{}l@{\hspace{\parindentlnth}}|@{\hspace{\parindentlnth}}l@{}} 9301 \multicolumn{1}{@{}c|@{\hspace{\parindentlnth}}}{\textbf{ C}} & \multicolumn{1}{@{\hspace{\parindentlnth}}c@{}}{\textbf{\CFA}} \\9612 \multicolumn{1}{@{}c|@{\hspace{\parindentlnth}}}{\textbf{\CFA}} & \multicolumn{1}{@{\hspace{\parindentlnth}}c@{}}{\textbf{C}} \\ 9302 9613 \hline 9614 \begin{cfa} 9615 #include <gmp.hfa>§\indexc{gmp}§ 9616 int main( void ) { 9617 sout | "Factorial Numbers"; 9618 ®Int® fact = 1; 9619 9620 sout | 0 | fact; 9621 for ( i; 40 ) { 9622 fact *= i; 9623 sout | i | fact; 9624 } 9625 } 9626 \end{cfa} 9627 & 9303 9628 \begin{cfa} 9304 9629 #include <gmp.h>§\indexc{gmp.h}§ … … 9311 9636 ®mpz_mul_ui®( fact, fact, i ); 9312 9637 ®gmp_printf®( "%d %Zd\n", i, fact ); 9313 }9314 }9315 \end{cfa}9316 &9317 \begin{cfa}9318 #include <gmp.hfa>§\indexc{gmp}§9319 int main( void ) {9320 sout | "Factorial Numbers";9321 Int fact = 1;9322 9323 sout | 0 | fact;9324 for ( i; 40 ) {9325 fact *= i;9326 sout | i | fact;9327 9638 } 9328 9639 } … … 9419 9730 Rational narrow( double f, long int md ); 9420 9731 9421 forall( dtype istype| istream( istype ) ) istype * ?|?( istype *, Rational * ); // I/O9422 forall( dtype ostype| ostream( ostype ) ) ostype * ?|?( ostype *, Rational );9732 forall( istype & | istream( istype ) ) istype * ?|?( istype *, Rational * ); // I/O 9733 forall( ostype & | ostream( ostype ) ) ostype * ?|?( ostype *, Rational ); 9423 9734 \end{cfa} 9424 9735 … … 9440 9751 \end{document} 9441 9752 9753 From: Michael Leslie Brooks <mlbrooks@uwaterloo.ca> 9754 To: Peter Buhr <pabuhr@uwaterloo.ca>, 9755 Andrew James Beach 9756 <ajbeach@uwaterloo.ca>, 9757 Fangren Yu <f37yu@uwaterloo.ca>, Jiada Liang 9758 <j82liang@uwaterloo.ca> 9759 Subject: The White House on Memory-Safe programming 9760 Date: Mon, 4 Mar 2024 16:49:53 +0000 9761 9762 I heard tell of this announcement last night. Haven't read the actual report yet. 9763 9764 Most mainstream article I can find: https://me.pcmag.com/en/security/22413/white-house-to-developers-using-c-or-c-invites-cybersecurity-risks 9765 Less fluffy summary: https://www.developer-tech.com/news/2024/feb/27/white-house-urges-adoption-memory-safe-programming-languages/ 9766 Horse's Mouth: https://www.whitehouse.gov/wp-content/uploads/2024/02/Final-ONCD-Technical-Report.pdf 9767 "This report focuses on the programming language as a primary building block, and explores hardware architecture and formal methods as complementary approaches" 9768 9769 A contrary analysis: https://hackaday.com/2024/02/29/the-white-house-memory-safety-appeal-is-a-security-red-herring/ 9770 9442 9771 % Local Variables: % 9443 9772 % tab-width: 4 %
Note: See TracChangeset
for help on using the changeset viewer.