Immutability in C# Part One: Kinds of Immutability

Immutability in C# Part One: Kinds of Immutability

Rate This
  • Comments 54

I said in an earlier post that I believe that immutable objects are the way of the future in C#. I stand by that statement while at the same time noting that it is at this point sufficiently vague as to be practically meaningless! “Immutable” means different things to different people; different kinds of immutability have different pros and cons. I’d like to spend some time over the next few weeks talking about possible directions that C# could go to improve the developer experience when writing programs that use immutable objects, as well as giving some practical examples of the sort of immutable object programming you can do today.

(Again, I want to emphasize that in these sorts of “future feature” posts we are all playfully hypothesizing and brainstorming about ideas for entirely hypothetical future versions of C#. We have not yet shipped C# 3.0 and have not announced that there will ever be any future version of the language. Nothing here should be construed as any kind of promise or announcement; we’re just geeks talking about programming languages, ‘cause that’s what we do.)

So, disclaimers out of the way, what kinds of immutability are there? Lots. Here’s just a few. Note that these categories are not necessarily mutually exclusive!

Realio-trulio immutability:

There’s nothing you can do to the number one that changes it. You cannot paint it purple (‡), make it even or get it angry. It’s the number one, it is eternal, implacable and unchanging. Attempting to do something to it – say, adding three to it – doesn’t change the number one at all. Rather, it produces an entirely different and also immutable number. If you cast it to a double, you don’t change the integer one; rather, you get a brand new double.

Strings, numbers and the null value are all truly immutable.

C# allows you to declare truly immutable named fields with the const keyword. The compiler ensures that the only things that are allowed to go into const fields are truly immutable things – numbers, strings, null. (See the section of the standard on “constant expressions” for details.)

Write-once immutability:

Fields marked as const have to be compile-time constants, which is a bit of a pain if what you want to do is have a field which never changes but nevertheless cannot be computed until runtime. For example, in a later post I’m going to define an immutable stack class which has this code:

    public sealed class Stack<T> : IStack<T>
    {
        private sealed class EmptyStack : IStack<T>
        { /* ... */ }
        private static readonly EmptyStack empty = new EmptyStack();
        public static IStack<T> Empty { get { return empty; } }

I will want to create a singleton empty stack. Clearly it is not a compile-time constant, so I cannot make the field const. But I want to say “once this thing is initialized it is never going to change again.” That’s what the readonly modifier ensures. Basically it’s a “write only once” field. Not exactly immutable, since obviously it changes exactly once, from null to having a value. But pretty darn immutable.

Popsicle immutability:

...is what I whimsically call a slight weakening of write-once immutability. One could imagine an object or a field which remained mutable for a little while during its initialization, and then got “frozen” forever. This kind of immutability is particularly useful for immutable objects which circularly reference each other, or immutable objects which have been serialized to disk and upon deserialization need to be “fluid” until the entire deserialization process is done, at which point all the objects may be frozen.

There is at present no really universal convention for how to declare a freezable object, and there certainly is no support in the compiler for this kind of immutability.

Shallow vs deep immutability:

Consider a write-once field containing an array:

public class C {
    private static readonly int[] ints = new int[] { 1, 2, 3 };
    public static int[] Ints { get { return ints; } }

The value of the field cannot be changed; C.ints = null; would be illegal even from inside the class. This is a sort of “referential” immutability. But there is nothing immutable at all about the array itself! C.Ints[1] = 100; is still perfectly legal from outside the class.

The ints field is “shallowly” immutable. You can rely upon it being immutable to a certain extent, but once you reach a point where there is a reference to a mutable object, all bets are off.

Obviously the opposite of shallow immutability is “deep” immutability; in a deeply immutable object it is immutable all the way down.

If we had immutability in the type system, something like the far stronger kind of “const” in C/C++, then a hypothetical future compiler could verify that an object marked as deeply immutable had only deeply immutable fields.

Objects which are truly madly deeply immutable have a lot of great properties. They are 100% threadsafe, for example, since obviously there will be no conflicts between readers and (non-existant) writers. They are easier to reason about than objects which can change. But their strict requirements may be more than we need, or more than is practical to achieve.

Immutable facades:

Since the contents of an array (though, interestingly enough, not its size) may be changed arbitrarily, it’s a bad idea to expose data that you want to be logically read-only in a public array field. To make this a bit easier, the base class library lets you say

public class C {
    private static readonly intarray = new int[] { 1, 2, 3 };
    public static readonly ReadOnlyCollection<int> ints = new ReadOnlyCollection<int>(intarray);
    public static ReadOnlyCollection<int> Ints { get { return ints; } }

The read-only collection has the interface of a regular collection; it just throws an exception every time a method which would modify the collection is called. However, clearly the underlying collection is still mutable. Code inside C could mutate the array members.

Another down side of this kind of immutability is that the compiler is unable to detect attempts to modify the collection. Attempts to, say, add new members to the collection will fail at runtime, not at compile time.

This sort of immutability is a special case of...

Observational immutability:

Suppose you’ve got an object which has the property that every time you call a method on it, look at a field, etc, you get the same result. From the point of view of the caller such an object would be immutable. However you could imagine that behind the scenes the object was doing lazy initialization, memoizing results of function calls in a hash table, etc. The “guts” of the object might be entirely mutable.

What does it matter? Truly deeply immutable objects never change their internal state at all, and are therefore inherently threadsafe. An object which is mutable behind the scenes might still need to have complicated threading code in order to protect its internal mutable state from corruption should the object be called on two threads “at the same time”.

Summing up:

Holy goodness, this is complicated! And we have just barely touched upon the deeply complex relationship between immutability of objects and “purity” of methods, which opens up huge cans of worms.

So, smart people, what do you think? Are there forms of immutability which I did not touch upon here that you like to take advantage of in your programs? Are there any particular forms of immutability which you would like to see made easier to use in C#?

Next time: let’s get a little more practical. I already implemented an immutable stack in my A* series, but that was pretty special-purpose. We’ll take a look at how one might implement a general-purpose immutable stack today in C# 3.0. We'll then expand that to immutable queues, trees, etc. (And I might even discuss how one could take advantage of typesafe covariance when designing interfaces for immutable data structures, oh frabjous day!)

(‡) A dear old friend of mine from school who happens to be a grapheme-colour synaesthete tells me that of course you cannot paint the number one purple because it is already blue. Silly me!

  • mccoyn,

    the key is to derive IList from IReadOnlyList, not the other way around.

    Guessing const-ness of parameters would be an invitation for unintentional breaking changes. Unfortunately, like MGSPDevB just said, const needs to be infectious to bring any real value.

    However, compared to C++, I believe the problem there was that it didn't pull its own weight. It was created to find bugs at compile time, but in real life it just found const-ness errors.

    However, in a system that can enforce const-ness for security reasons, this in itself would be a value. ("Casting away constness" by casting an IReadOnlyList to an IList is nothing that could be prevented by CAS though)

    Making it usable in parallel scenarios would be an additional goodie. The question is, how much does it have to affect existing code, or how easy is it to ignore const-ness and just get on with it. Modifying the BCL to specify const-ness of parameters is certainly possible, and for input parameters if really affects no one. However, changing output parameters/returns to const would have an effect that MS is certainly not going to tolerate (unless they introduce somthing like Option Ignore Const, which is totally not C#)

  • What was the story with Spec#? It's been a while I looked but  I remember vaguely that you could constrain sizes of stuff etc. throughout method invocations. Sounds like some sort of immutability. Could you not express immutability concerns with the concept of Spec#?

  • I love immutable types. The trouble is, I also love object initialization syntax. If there were a way those two could play nicely, I would be elated.

  • I'm concerning about two things.

    One is overhead of creation of immutable object.

    Whatif objects are created masively which that the way in real-life usage.right?

    The other is GC.

    if everything go immutable, Is GC will does the collecting up oftenly which is led to performance problem?

    How can we handle this issues?

  • A bunch of people ( Eric , Wes , Joe , etc) have been writing about the wonders of immutable data structures

  • A bunch of people ( Eric , Wes , Joe , etc) have been writing about the wonders of immutable data structures

  • Even "deeply" immutable objects are NOT necessarily 100% thread-safe (or at least their methods aren't), because the methods might rely on non-immutable properties from their arguments. The only way around this is to require all method arguments on deep-immutable objects to be at minimum observationally immutable.

  • Right, that's what I meant when I said that the relationship between functional purity and immutability opens up interesting cans of worms.

  • I read this first hopping there was something going on that could help me with something that was driving me nuts. There are times when I want to have a field calculated for example I want a set of numbers based on a seed value. This value could change from time to time but the calculation would not. Now I want to use this calculation or calculations as the value of a const (Because I want to use it in a switch). This should work fine if the two calculated values are immutable Int32's for instance. Now if C# had preprocessor type Macro's I could define my constant in one place and it would be substituted at compile time letting me use it in a switch. Is there some way to make this kind of thing happen or is it just a dream. And if it is just a dream am a alone in dreaming it? Well just a thought along these lines.

  • I was hoping to find intentions to support readonly also on local Variables and Parameters.

    This is possible in Java using the "final" Keyword and it keeps a lot of hassle from less experienced Programmers, because it prevents them from changing the Value of once-initialized Variables, which is one of the most frequent Reason for bugs, according to "Code Complete" by Steve McConnell.

    I would go even further and make EACH Variable readonly and use a new Keyword like e.g. "writable" to indicate mutable Variables.

    In Fact the only really useful mutable Variables are indices and Accumulators in Loops, so these should implicitly be mutable:

    double sum;

    for(int i = arr.length; --i >= 0;) sum+=arr[i];

  • An object which represent a data model (like an Abstract Syntax Tree), may be passed to n number of consumers in a program. All the comsumers are supposed to do is use the model for calculations; not to modify it. In this scenario, If I could say that the object itself is readonly, it can preven anybody from altering the contenets of it. Wont that be a nice feature a language should have. (I know that I can clone the object to prevent the changes from reflecting back or use a state pattern to allow/disallow changes; but will affect other aspects of my program)

  • @Eric,

    I get that you understand the complexity involved, but I was just responding to your comment that "[o]bjects which are truly madly deeply immutable...are 100% threadsafe...", which is not strictly true (depending on your definition of madly), and might be confusing to some.

  • Seasonal immutability:

    The idea is like Popsicle, but occasionally, you thaw it out to change its data, then re-freeze it.  I have a lot of cases where I have shared data that is const, but every once in a while I need to publish a change to that data.  That means my accessors have to implement some type of reader/writer lock even though days can go by with no change.  I don’t know what if anything the compiler could do to help though.

  • There might be another angle on this.  As you said, if you cast the integer one to a double you get a new double with a value of 1.  The old integer 1 is still an integer 1 and acts like the integer 1.  The new double, while conceptually equal to the old integer 1 it is derived by and operated on by different rules.  int i=5;i/=4; is also (integer) 1, but double d=5;d/=4; it is not (double) 1.

    We have to consider a version of immutability that includes the context it is being using in (which override or new functions) and the lambda expression values on static members in the class at the time.

    Our another way to think of it is instead of a declarative expression ( int i = 1; ) or a functional expression ( return new Int32(1); )   we need a nominative expression ( enum { One=(int)1 }  ) declaring that we want to call this class with all of its values in its current state by the name "One".  

    Just like the integer before, the class is still open to be changed.   i++;    But it will no longer be One.

  • I'm not sure the above says what I meant it to.

    What I meant is that I'd like to see a tag in the enum style to create an immutable object.  It's up to the compiler to decide if it has enough to resolve at compile or run-time.

    (MSVS does a pretty good job of partially building objects up enough to display them in the designer.)

    Call it an Alias, Signature, Snapshot, Tag, or whatever you think a class object level naming expression needs to be named.

    The idea is:

    //new object, value resolves as (int) 1

    FunkyIntType intlikeOne = new FunkyIntType((int)1);

    //new object, value resolves as (double) 1

    FunkyIntType doublelikeOne = new FunkyIntType((double)1);

    Alias One = { (int)1, (double)1, new funkyIntType((int)1), doublelikeOne };

    int i=One;    //new Int32( (Int32)One )  returns either One[0] or One[2], most likely One[0]

    for(;i<One*7;i++) ...   //again, since i is int, One is first Aliased typeof(int), or nearest context'd typeof(int)

    double d=One;

    for(;d<One*22;d++) ...

    doublelikeOne.divideOp=intlikeOne.divideOp;

    if (doublelikeOne is One)  ...  

    //this is indeterminate unless immutable tag types above are declared, strictly speaking on object in One is a snapshot of the current doublelikeOne, even though One[1] and One[3] resolve to the same thing.

    // new context

    {  

        //new object, value resolves as (double) 1

        FunkyIntType exprlikeOne = new FunkyIntType( () => 5/4 );  

        exprlikeOne.methods[arithmetic] = int.methods[arithmetic];

       //Add to previous aliases from here to end of block

        Alias One {  (int)new FunkyIntType( () => 5/4, int.methods[arithmetic]  ),       exprlikeOne    };

        // compiler created the first object, resolved it and threw it away after the expression was finished

        // but second inclusion is a lambda expression that creates a copy of this exprlikeOne snapshot in

        // this current state if it is referenced later

       if (   new FunkyIntType( () => 5/4 , int.methods[arithmetic] ) == One  ) ...    

       //this is true

       if (   exprlikeOne == One  ) ...    

       //this is true

        exprlikeOne.methods[arithmetic] = double.methods[arithmetic];

       if (   new FunkyIntType( () => 5/4, int.methods[arithmetic] ) == One  ) ...    

       //this is true

       if (   exprlikeOne == One  ) ...    

       //this is false, because this is the same as  (   ( (double)5/4 ) == One  )

    }

    if (   new FunkyIntType( () => 5/4 ) == One  ) ...    

    //this is indeterminate unless immutable tag types above are declared,

    // i.e. do we do conversion against each type Aliased or not

Page 2 of 4 (54 items) 1234