Content deleted Content added
+mutable keyword. might deserve its own article, but for now its here |
m Disambiguating links to Object-orientation (link changed to Object-oriented programming) using DisamAssist. |
||
| (407 intermediate revisions by more than 100 users not shown) | |||
Line 1:
{{short description|Type qualifier denoting the data as being read-only}}
{{use dmy dates|date=December 2022|cs1-dates=y}}
{{lowercase title}}
In some [[programming language]]s, '''const''' is a [[type qualifier]] (a [[Keyword (computer programming)|keyword]] applied to a [[data type]]) that indicates that the data is read-only. While this can be used to declare [[Constant (computer programming)|constants]], {{mono|const}} in the [[List of C-family programming languages|C family]] of languages differs from similar constructs in other languages in that it is part of the ''type'', and thus has complicated behavior when combined with [[Pointer (computer programming)|pointers]], references, [[composite data type]]s, and [[type-checking]]. In other languages, the data is not in a single [[memory ___location]], but copied at [[compile time]] for each use.<ref>{{Cite web |title=Constant items – The Rust Reference |url=https://doc.rust-lang.org/reference/items/constant-items.html |access-date=2022-06-22 |website=doc.rust-lang.org}}</ref> Languages which use it include [[C (programming language)|C]], [[C++]], [[D (programming language)|D]], [[JavaScript]], [[Julia (programming language)|Julia]], and [[Rust (programming language)|Rust]].
== Introduction ==
When applied in an [[object (computer science)|object]] [[Declaration (computer programming)|declaration]],{{efn|Formally when the <code>const</code> is part of the outermost derived type in a declaration; pointers complicate discussion.}} it indicates that the object is a [[Constant (computer programming)|constant]]: its [[Value (computer science)|value]] may not be changed, unlike a [[variable (computer science)|variable]]. This basic use – to declare constants – has parallels in many other languages.
However, unlike in other languages, in the C family of languages the <code>const</code> is part of the ''type'', not part of the ''object''. For example, in C, {{code|2=c|1=int const x = 1;}} declares an object <code>x</code> of <code>int const</code> type – the <code>const</code> is part of the type, as if it were parsed "(int const) x" – while in [[Ada (programming language)|Ada]], {{code|2=ada|1=X : constant INTEGER := 1_}} declares a constant (a kind of object) <code>X</code> of <code>INTEGER</code> type: the <code>constant</code> is part of the ''object'', but not part of the ''type''.
This has two subtle results. Firstly, <code>const</code> can be applied to parts of a more complex type – for example, <code>int const * const x;</code> declares a constant pointer to a constant integer, while <code>int const * x;</code> declares a variable pointer to a constant integer, and <code>int * const x;</code> declares a constant pointer to a variable integer. Secondly, because <code>const</code> is part of the type, it must match as part of type-checking. For example, the following code is invalid:
<syntaxhighlight lang="cpp">
void f(int& x);
// ...
int const i;
f(i);
</syntaxhighlight>
because the argument to <code>f</code> must be a ''variable'' integer, but <code>i</code> is a ''constant'' integer. This matching is a form of [[program correctness]], and is known as '''const-correctness'''. This allows a form of [[programming by contract]], where functions specify as part of their [[type signature]] whether they modify their arguments or not, and whether their [[return value]] is modifiable or not. This type-checking is primarily of interest in pointers and references – not basic value types like integers – but also for [[composite data type]]s or templated types such as [[Container (abstract data type)|containers]]. It is concealed by the fact that the <code>const</code> can often be omitted, due to [[type coercion]] (implicit [[type conversion]]) and C being [[call-by-value]] (C++ and D are either call-by-value or call-by-reference).
== Consequences ==
The idea of const-ness does not imply that the variable as it is stored in [[computer memory]] is unwritable. Rather, <code>const</code>-ness is a [[compile-time]] construct that indicates what a programmer ''should'' do, not necessarily what they ''can'' do. Note, however, that in the case of predefined data (such as <code>char const *</code> [[string literal]]s), C <code>const</code> is ''often'' unwritable.
== Distinction from constants ==
While a constant does not change its value while the program is running, an object declared <code>const</code> may indeed change its value while the program is running. A common example are read only registers within embedded systems like the current state of a digital input. The data registers for digital inputs are often declared as <code>const</code> and <code>[[volatile (computer programming)|volatile]]</code>. The content of these registers may change without the program doing anything (<code>volatile</code>) but it would be ill-formed for the program to attempt write to them (<code>const</code>).
== Other uses ==
In addition, a (non-static) member-function can be declared as <code>const</code>. In this case, the [[this (computer programming)|<code>this</code> pointer]] inside such a function is of type <code>object_type const *</code> rather than merely of type <code>object_type *</code>.<ref>{{cite web |url=http://eel.is/c++draft/class.this#:this,type_of |title=The <code>this</code> pointer |website=Draft C++ Standard |access-date=2020-03-30 |quote=The type of <code>this</code> in a member function whose type has a ''cv-qualifier-seq cv'' and whose class is <code>X</code> is “pointer to ''cv'' <code>X</code>”.}}</ref> This means that non-const functions for this object cannot be called from inside such a function, nor can [[field (computer science)|member variables]] be modified. In C++, a member variable can be declared as <code>[[mutable object|mutable]]</code>, indicating that this restriction does not apply to it. In some cases, this can be useful, for example with [[cache (computing)|caching]], [[reference counting]], and [[data synchronization]]. In these cases, the logical meaning (state) of the object is unchanged, but the object is not physically constant since its bitwise representation may change.
== Syntax ==
In C, C++, and D, all data types, including those defined by the user, can be declared <code>const</code>, and const-correctness dictates that all variables or objects should be declared as such unless they need to be modified. Such proactive use of <code>const</code> makes values "easier to understand, track, and reason about",<ref>[[Herb Sutter]] and [[Andrei Alexandrescu]] (2005). ''C++ Coding Standards''. p. 30. Boston: Addison Wesley. {{ISBN|0-321-11358-6}}</ref> and it thus increases the readability and comprehensibility of code and makes working in teams and maintaining code simpler because it communicates information about a value's intended use. This can help the [[compiler]] as well as the developer when reasoning about code. It can also enable an [[optimizing compiler]] to generate more efficient code.<ref>{{cite web|url=https://lkml.org/lkml/2013/1/12/139 |title=Why is the kfree() argument const? |publisher=lkml.org |date=2013-01-12}}</ref>
=== Simple data types ===
For simple non-pointer data types, applying the <code>const</code> qualifier is straightforward. It can go on either side of some types for historical reasons (for example, <code>const char foo = 'a';</code> is equivalent to <code>char const foo = 'a';</code>). On some implementations, using <code>const</code> twice (for instance, <code>const char const</code> or <code>char const const</code>) generates a warning but not an error.
=== Pointers and references ===
For pointer and reference types, the meaning of <code>const</code> is more complicated – either the pointer itself, or the value being pointed to, or both, can be <code>const</code>. Further, the syntax can be confusing. A pointer can be declared as a <code>const</code> pointer to writable value, or a writable pointer to a <code>const</code> value, or <code>const</code> pointer to <code>const</code> value. {{anchor|Pointee|Cray pointer|Cray character pointer}}A <code>const</code> pointer cannot be reassigned to point to a different object from the one it is initially assigned, but it can be used to modify the value that it points to (called the ''[[pointee]]''<!-- Might be better described somewhere else, hence circular link with possibilities for now. If you point or move this elsewhere, please also take care of the incoming redirects to "Pointee" and "Cray pointer". -->).<ref>{{cite book |title=The GNU Fortran Compiler |chapter=5.1. Extensions implemented in GNU Fortran: 5.1.16 Cray pointers |date=2006 |url=https://gcc.gnu.org/onlinedocs/gfortran/Cray-pointers.html#Cray-pointers |access-date=2022-12-21 |url-status=live |archive-url=https://web.archive.org/web/20221221175054/https://gcc.gnu.org/onlinedocs/gfortran/Cray-pointers.html#Cray-pointers |archive-date=2022-12-21}}</ref><ref>{{cite web |title=Cray Fortran Pointers vs. Fortran 90 Pointers and Porting from the Cray C90 to the SGI Origin2000 |author-first1=Mark R. |author-last1=Fahey |author-first2=Dan |author-last2=Nagle |publisher=US Army Corps of Engineers Waterways Experiment Station, Major Shared Resource Center |publication-place=Vicksburg, Massachusetts, USA |date=1999-04-19 |url=https://fs.hlrs.de/projects/par/mooc/cray-pointers.pdf |access-date=2022-12-23 |url-status=live |archive-url=https://web.archive.org/web/20221223105738/https://fs.hlrs.de/projects/par/mooc/cray-pointers.pdf |archive-date=2022-12-23}} (8 pages)</ref><ref>{{cite web |title=Appendix C: Fortran 90 Features and Differences > Features > Cray Pointers |work=Fortran User's Guide |date=2010 |publisher=[[Oracle Corporation]] |url=https://docs.oracle.com/cd/E19957-01/805-4941/z40000a54ba7/index.html |access-date=2022-12-23 |url-status=live |archive-url=https://web.archive.org/web/20210921171349/https://docs.oracle.com/cd/E19957-01/805-4941/z40000a54ba7/index.html |archive-date=2021-09-21}}</ref><ref>{{cite web |title=Appendix C: Fortran 90 Features and Differences > Features > Cray Character Pointers |work=Fortran User's Guide |date=2010 |publisher=[[Oracle Corporation]] |url=https://docs.oracle.com/cd/E19957-01/805-4941/z40000a5510b/index.html |access-date=2022-12-23 |url-status=live |archive-url=https://web.archive.org/web/20221223112633/https://docs.oracle.com/cd/E19957-01/805-4941/z40000a5510b/index.html |archive-date=2022-12-23}}</ref><ref>{{cite book |title=Fortran Language Reference Manual, Volume 1 |volume=1 |id=Document Number: 007-3692-004 |chapter=Chapter 4. Data Types |date=1999 |orig-date=1993 |publisher=[[Silicon Graphics, Inc.]] |url=https://techpubs.jurassic.nl/manuals/0630/developer/Ftn_LRM_V1/sgi_html/ch04.html |access-date=2022-12-23 |url-status=live |archive-url=https://web.archive.org/web/20221223110605/https://techpubs.jurassic.nl/manuals/0630/developer/Ftn_LRM_V1/sgi_html/ch04.html |archive-date=2022-12-23}} (NB. Derived from "FORTRAN 90 HANDBOOK" (1992, [[McGraw-Hill, Inc.]]) by Walter S. Brainerd, Jeanne C. Adams, Jeanne T. Martin, Brian T. Smith, and Jerrold L. Wagener.)</ref> Reference variables in C++ are an alternate syntax for <code>const</code> pointers. A pointer to a <code>const</code> object, on the other hand, can be reassigned to point to another memory ___location (which should be an object of the same type or of a convertible type), but it cannot be used to modify the memory that it is pointing to. A <code>const</code> pointer to a <code>const</code> object can also be declared and can neither be used to modify the apointee{{typo help inline|reason=similar to appointee|date=June 2025}} nor be reassigned to point to another object. The following code illustrates these subtleties:
<syntaxhighlight lang="c">
void Foo( int * ptr,
int const * ptrToConst,
int * const constPtr,
int const * const constPtrToConst )
{
*ptr = 0; // OK: modifies the pointed to data
ptr = NULL; // OK: modifies the pointer
*ptrToConst = 0; // Error! Cannot modify the pointed to data
ptrToConst = NULL; // OK: modifies the pointer
*constPtr = 0; // OK: modifies the pointed to data
constPtr = NULL; // Error! Cannot modify the pointer
*constPtrToConst = 0; // Error! Cannot modify the pointed to data
constPtrToConst = NULL; // Error! Cannot modify the pointer
}
</syntaxhighlight>
==== C convention ====
Following usual C convention for declarations, declaration follows use, and the <code>*</code> in a pointer is written on the pointer, indicating [[dereferencing]]. For example, in the declaration <code>int *ptr</code>, the dereferenced form <code>*ptr</code> is an <code>int</code>, while the reference form <code>ptr</code> is a pointer to an <code>int</code>. Thus <code>const</code> modifies the ''name'' to its right. The C++ convention is instead to associate the <code>*</code> with the type, as in <code>int* ptr</code>, and read the <code>const</code> as modifying the ''type'' to the left. <code>int const * ptrToConst</code> can thus be read as "<code>*ptrToConst</code> is a <code>int const</code>" (the value is constant), or "<code>ptrToConst</code> is a <code>int const *</code>" (the pointer is a pointer to a constant integer). Thus:
<syntaxhighlight lang="c">
int *ptr; // *ptr is an int value
int const *ptrToConst; // *ptrToConst is a constant (int: integer value)
int * const constPtr; // constPtr is a constant (int *: integer pointer)
int const * const constPtrToConst; // constPtrToConst is a constant pointer and points
// to a constant value
</syntaxhighlight>
==== C++ convention ====
Following C++ convention of analyzing the type, not the value, a [[rule of thumb]] is to read the declaration from right to left. Thus, everything to the left of the star can be identified as the pointed type and everything to the right of the star are the pointer properties. For instance, in our example above, <code>int const *</code> can be read as a writable pointer that refers to a non-writable integer, and <code>int * const</code> can be read as a non-writable pointer that refers to a writable integer.
A more generic rule that helps you understand complex declarations and definitions works like this:
# find the identifier whose declaration you want to understand
# read as far as possible to the right (i.e., until the end of the declaration or to the next closing parenthesis, whichever comes first)
# back up to where you began, and read backwards to the left (i.e., until the beginning of the declaration or to the open-parenthesis matching the closing parenthesis found in the previous step)
# when you've reached the beginning of the declaration you're done. If not, continue at step 2, beyond the closing parenthesis that was matched last.
Here is an example:
{{aligned table
| class=wikitable
| cols=3
| colstyle=vertical-align:middle;
| row1header=y
| Part of expression | <syntaxhighlight lang="cpp">double (**const (*fun(int))(double))[10]</syntaxhighlight> | Meaning<br/>(reading downwards)
| Identifier | <syntaxhighlight lang="cpp"> fun </syntaxhighlight> | <code>fun</code> is a ...
| Read to the right | <syntaxhighlight lang="cpp"> (int)) </syntaxhighlight> | function expecting an int ...
| Find the matching ( | <syntaxhighlight lang="cpp"> (* </syntaxhighlight> | returning a pointer to ...
| Continue right | <syntaxhighlight lang="cpp"> (double)) </syntaxhighlight> | a function expecting a double ...
| Find the matching ( | <syntaxhighlight lang="cpp"> (**const </syntaxhighlight> | returning a constant pointer to<br/>a pointer to ...
| Continue right | <syntaxhighlight lang="cpp"> [10]</syntaxhighlight> | blocks of 10 ...
| Read to the left | <syntaxhighlight lang="cpp">double </syntaxhighlight> | doubles.
}}
When reading to the left, it is important that you read the elements from right to left. So an <code>int const *</code> becomes a ''pointer to a const int'' and not a ''const pointer to an int''.
In some cases C/C++ allows the <code>const</code> keyword to be placed to the left of the type. Here are some examples:
<syntaxhighlight lang="cpp">
const int *ptrToConst; //identical to: int const *ptrToConst,
const int *const constPtrToConst; //identical to: int const *const constPtrToConst
</syntaxhighlight>
Although C/C++ allows such definitions (which closely match the English language when reading the definitions from left to right), the compiler still reads the definitions according to the abovementioned procedure: from right to left. But putting <code>const</code> ''before'' what must be constant quickly introduces mismatches between what you intend to write and what the compiler decides you wrote. Consider pointers to pointers:
<syntaxhighlight lang="cpp">
int **ptr; // a pointer to a pointer to ints
int const **ptr // a pointer to a pointer to constant int value
// (not a pointer to a constant pointer to ints)
int *const *ptr // a pointer to a const pointer to int values
// (not a constant pointer to a pointer to ints)
int **const ptr // a constant pointer to pointers to ints
// (ptr, the identifier, being const makes no sense)
int const **const ptr // a constant pointer to pointers to constant int values
</syntaxhighlight>
As a final note regarding pointer definitions: always write the pointer symbol (the *) as much as possible to the right. Attaching the pointer symbol to the type is tricky, as it strongly suggests a pointer type, which isn't the case. Here are some examples:
<syntaxhighlight lang="cpp">
int* a; /* write: */ int *a; // a is a pointer to an int
int* a, b; // CONFUSING
/* write: */ int *a, b; // a is a pointer to an int,
// but b is a mere int
int* a, *b; // UGLY: both a and b are pointers to ints
/* write: */ int *a, *b;
</syntaxhighlight>
Bjarne Stroustrup's FAQ recommends only declaring one variable per line if using the C++ convention, to avoid this issue.<ref>{{Cite web | url=http://www.stroustrup.com/bs_faq2.html#whitespace |title = Stroustrup: C++ Style and Technique FAQ}}</ref>
The same considerations apply to defining references and rvalue references:
<syntaxhighlight lang="cpp">
int var = 22;
int const &refToConst = var; // OK
int const& ref2 = var, ref3 = var; // CONFUSING:
// ref2 is a reference, but ref3 isn't:
// ref3 is a constant int initialized with
// var's value
int &const constRef = var; // ERROR: as references can't change anyway.
// C++:
int&& rref = int(5), value = 10; // CONFUSING:
// rref is an rvalue reference, but value is
// a mere int.
/* write: */ int &&rref = int(5), value = 10;
</syntaxhighlight>
More complicated declarations are encountered when using multidimensional arrays and references (or pointers) to pointers. Although it is sometimes argued {{who|date=April 2012}} that such declarations are confusing and error-prone and that they therefore should be avoided or be replaced by higher-level structures, the procedure described at the top of this section can always be used without introducing ambiguities or confusion.
=== Parameters and variables ===
<code>const</code> can be declared both on function parameters and on variables ([[static variable|static]] or automatic, including global or local). The interpretation varies between uses. A <code>const</code> static variable (global variable or static local variable) is a constant, and may be used for data like mathematical constants, such as <code>double const PI = 3.14159</code> – realistically longer, or overall compile-time parameters. A <code>const</code> automatic variable (non-static local variable) means that [[single assignment]] is happening, though a different value may be used each time, such as <code>int const x_squared = x * x</code>. A <code>const</code> parameter in pass-by-reference means that the referenced value is not modified – it is part of the [[Design by contract|contract]] – while a <code>const</code> parameter in pass-by-value (or the pointer itself, in pass-by-reference) does not add anything to the interface (as the value has been copied), but indicates that internally, the function does not modify the local copy of the parameter (it is a single assignment). For this reason, some favor using <code>const</code> in parameters only for pass-by-reference, where it changes the contract, but not for pass-by-value, where it exposes the implementation.
== C++ ==
=== Methods ===
In order to take advantage of the [[design by contract]] approach for user-defined types (structs and classes), which can have methods as well as member data, the programmer may tag instance methods as <code>const</code> if they don't modify the object's data members.
Applying the <code>const</code> qualifier to instance methods thus is an essential feature for const-correctness, and is not available in many other [[Object-oriented programming|object-oriented]] languages such as [[Java (programming language)|Java]] and [[C Sharp (programming language)|C#]] or in [[Microsoft]]'s [[C++/CLI]] or [[Managed Extensions for C++]].
While <code>const</code> methods can be called by <code>const</code> and non-<code>const</code> objects alike, non-<code>const</code> methods can only be invoked by non-<code>const</code> objects.
The <code>const</code> modifier on an instance method applies to the object pointed to by the "<code>[[this (computer science)|this]]</code>" pointer, which is an implicit argument passed to all instance methods.
Thus having <code>const</code> methods is a way to apply const-correctness to the implicit "<code>this</code>" pointer argument just like other arguments.
This example illustrates:
<syntaxhighlight lang="cpp">
class C
{
int i;
public:
int Get() const // Note the "const" tag
{ return i; }
void Set(int j) // Note the lack of "const"
{ i = j; }
};
void Foo(C& nonConstC, C const& constC)
{
int y = nonConstC.Get(); // Ok
int x = constC.Get(); // Ok: Get() is const
nonConstC.Set(10); // Ok: nonConstC is modifiable
constC.Set(10); // Error! Set() is a non-const method and constC is a const-qualified object
}
</syntaxhighlight>
In the above code, the implicit "<code>this</code>" pointer to <code>Set()</code> has the type "<code>C *const</code>"; whereas the "<code>this</code>" pointer to <code>Get()</code> has type "<code>C const *const</code>", indicating that the method cannot modify its object through the "<code>this</code>" pointer.
Often the programmer will supply both a <code>const</code> and a non-<code>const</code> method with the same name (but possibly quite different uses) in a class to accommodate both types of callers. Consider:
<syntaxhighlight lang="cpp">
class MyArray
{
int data[100];
public:
int & Get(int i) { return data[i]; }
int const & Get(int i) const { return data[i]; }
};
void Foo( MyArray & array, MyArray const & constArray )
{
// Get a reference to an array element
// and modify its referenced value.
array.Get( 5 ) = 42; // OK! (Calls: int & MyArray::Get(int))
constArray.Get( 5 ) = 42; // Error! (Calls: int const & MyArray::Get(int) const)
}
</syntaxhighlight>
The <code>const</code>-ness of the calling object determines which version of <code>MyArray::Get()</code> will be invoked and thus whether or not the caller is given a reference with which he can manipulate or only observe the private data in the object.
The two methods technically have different signatures because their "<code>this</code>" pointers have different types, allowing the compiler to choose the right one. (Returning a <code>const</code> reference to an <code>int</code>, instead of merely returning the <code>int</code> by value, may be overkill in the second method, but the same technique can be used for arbitrary types, as in the [[Standard Template Library]].)
== Loopholes to const-correctness ==
There are several loopholes to pure const-correctness in C and C++. They exist primarily for compatibility with existing code.
The first, which applies only to C++, is the use of <code>const_cast</code>, which allows the programmer to strip the <code>const</code> qualifier, making any object modifiable.
The necessity of stripping the qualifier arises when using existing code and libraries that cannot be modified but which are not const-correct. For instance, consider this code:
<syntaxhighlight lang="cpp">
// Prototype for a function which we cannot change but which
// we know does not modify the pointee passed in.
void LibraryFunc(int* ptr, int size);
void CallLibraryFunc(int const * ptr, int size)
{
LibraryFunc(ptr, size); // Error! Drops const qualifier
int* nonConstPtr = const_cast<int*>(ptr); // Strip qualifier
LibraryFunc(nonConstPtr, size); // OK
}
</syntaxhighlight>
However, any attempt to modify an object that is itself declared <code>const</code> by means of a [[const cast]] results in undefined behavior according to the ISO C++ Standard.
In the example above, if <code>ptr</code> references a global, local, or member variable declared as <code>const</code>, or an object allocated on the heap via <code>new int const</code>, the code is only correct if <code>LibraryFunc</code> really does not modify the value pointed to by <code>ptr</code>.
The C language has a need of a loophole because a certain situation exists. Variables with static storage duration are allowed to be defined with an initial value. However, the initializer can use only constants like string constants and other literals, and is not allowed to use non-constant elements like variable names, whether the initializer elements are declared <code>const</code> or not, or whether the static duration variable is being declared <code>const</code> or not. There is a non-portable way to initialize a <code>const</code> variable that has static storage duration. By carefully constructing a typecast on the left hand side of a later assignment, a <code>const</code> variable can be written to, effectively stripping away the <code>const</code> attribute and 'initializing' it with non-constant elements like other <code>const</code> variables and such. Writing into a <code>const</code> variable this way may work as intended, but it causes undefined behavior and seriously contradicts const-correctness:
<syntaxhighlight lang="cpp">
size_t const bufferSize = 8*1024;
size_t const userTextBufferSize; // initial value depends on const bufferSize, can't be initialized here
...
int setupUserTextBox(textBox_t *defaultTextBoxType, rect_t *defaultTextBoxLocation)
{
*(size_t*)&userTextBufferSize = bufferSize - sizeof(struct textBoxControls); // warning: might work, but not guaranteed by C
...
}
</syntaxhighlight>
Another loophole<ref>[[Scott Meyers]] (2005). ''Effective C++, Third Edition''. pp. 21–23. Boston: Addison Wesley. {{ISBN|978-0-321-33487-9}}</ref> applies both to C and C++. Specifically, the languages dictate that member pointers and references are "shallow" with respect to the <code>const</code>-ness of their owners – that is, a containing object that is <code>const</code> has all <code>const</code> members except that member pointees (and referees) are still mutable. To illustrate, consider this C++ code:
<syntaxhighlight lang="cpp">
struct S
{
int val;
int *ptr;
};
void Foo(S const & s)
{
int i = 42;
s.val = i; // Error: s is const, so val is a const int
s.ptr = &i; // Error: s is const, so ptr is a const pointer to int
*s.ptr = i; // OK: the data pointed to by ptr is always mutable,
// even though this is sometimes not desirable
}
</syntaxhighlight>
Although the object <code>s</code> passed to <code>Foo()</code> is constant, which makes all of its members constant, the pointee accessible through <code>s.ptr</code> is still modifiable, though this may not be desirable from the standpoint of <code>const</code>-correctness because <code>s</code> might solely own the pointee.
For this reason, Meyers argues that the default for member pointers and references should be "deep" <code>const</code>-ness, which could be overridden by a <code>mutable</code> qualifier when the pointee is not owned by the container, but this strategy would create compatibility issues with existing code.
Thus, for historical reasons{{Citation needed|reason=not clear why the suggestion failed|date=February 2010}}, this loophole remains open in C and C++.
The latter loophole can be closed by using a class to hide the pointer behind a <code>const</code>-correct interface, but such classes either do not support the usual copy semantics from a <code>const</code> object (implying that the containing class cannot be copied by the usual semantics either) or allow other loopholes by permitting the stripping of <code>const</code>-ness through inadvertent or intentional copying.
Finally, several functions in the [[C standard library]] violate const-correctness before [[C23 (C standard revision)|C23]], as they accept a <code>const</code> pointer to a character string and return a non-<code>const</code> pointer to a part of the same string. <code>[[strstr]]</code> and <code>[[strchr]]</code> are among these functions.
Some implementations of the C++ standard library, such as Microsoft's<ref>{{cite web|url=https://msdn.microsoft.com/en-us/library/b34ccac3.aspx |title= strchr, wcschr, _mbschr (CRT) |publisher= Msdn.microsoft.com |date= |accessdate= 2017-11-23 }}</ref> try to close this loophole by providing two [[function overloading|overloaded]] versions of some functions: a "<code>const</code>" version and a "non-<code>const</code>" version.
== Problems ==
{{expand section|date=November 2014}}
The use of the type system to express constancy leads to various complexities and problems, and has accordingly been criticized and not adopted outside the narrow C family of C, C++, and D. Java and C#, which are heavily influenced by C and C++, both explicitly rejected <code>const</code>-style type qualifiers, instead expressing constancy by keywords that apply to the identifier (<code>final</code> in Java, <code>const</code> and <code>readonly</code> in C#). Even within C and C++, the use of <code>const</code> varies significantly, with some projects and organizations using it consistently, and others avoiding it.
=== <code>strchr</code> problem ===
The <code>const</code> type qualifier causes difficulties when the logic of a function is agnostic to whether its input is constant or not, but returns a value which should be of the same qualified type as an input. In other words, for these functions, if the input is constant (const-qualified), the return value should be as well, but if the input is variable (not <code>const</code>-qualified), the return value should be as well. Because the [[type signature]] of these functions differs, it requires two functions (or potentially more, in case of multiple inputs) with the same logic – a form of [[generic programming]].
This problem arises even for simple functions in the C standard library, notably <code>strchr</code>; this observation is credited by Ritchie to Tom Plum in the mid 1980s.<ref>{{Cite web | url=http://www.lysator.liu.se/c/dmr-on-noalias.html |title = Dennis Ritchie: Why I do not like X3J11 type qualifiers}}</ref> The <code>strchr</code> function locates a character in a string; formally, it returns a pointer to the first occurrence of the character <code>c</code> in the string <code>s</code>, and in classic C (K&R C) its prototype is:
<syntaxhighlight lang="c">
char *strchr(char *s, int c);
</syntaxhighlight>
The <code>strchr</code> function does not modify the input string, but the return value is often used by the caller to modify the string, such as:
<syntaxhighlight lang="c">
if (p = strchr(q, '/'))
*p = ' ';
</syntaxhighlight>
Thus on the one hand the input string ''can'' be <code>const</code> (since it is not modified by the function), and if the input string is <code>const</code> the return value should be as well – most simply because it might return exactly the input pointer, if the first character is a match – but on the other hand the return value should not be <code>const</code> if the original string was not <code>const</code>, since the caller may wish to use the pointer to modify the original string.
In C++ this is done via [[function overloading]], typically implemented via a [[Template (C++)|template]], resulting in two functions, so that the return value has the same <code>const</code>-qualified type as the input:{{efn|Note that pointer declaration syntax conventions differ between C and C++: in C <code>char *s</code> is standard, while in C++ <code>char* s</code> is standard.}}
<syntaxhighlight lang="cpp">
char* strchr(char* s, int c);
char const* strchr(char const* s, int c);
</syntaxhighlight>
These can in turn be defined by a template:
<syntaxhighlight lang="cpp">
template <T>
T* strchr(T* s, int c) { ... }
</syntaxhighlight>
In D this is handled via the <code>inout</code> keyword, which acts as a wildcard for const, immutable, or unqualified (variable), yielding:<ref name="d8_8">''The D Programming Language,'' [[Andrei Alexandrescu]], 8.8: Propagating a Qualifier from Parameter to Result</ref>{{efn|Idiomatic D code would use an array here instead of a pointer.<ref name="d8_8" />}}
<syntaxhighlight lang=d>
inout(char)* strchr(inout(char)* s, int c);
</syntaxhighlight>
However, in C neither of these is possible{{efn|In C11 and later <code>_Generic</code> could have been used to implement a const-correct <code>strchr</code>.
<syntaxhighlight lang="c">char* strchr_m(char *s, int c);
char const* strchr_c(char const *s, int c);
#define strchr(X,Y) _Generic((X), \
char*: strchr_m, \
const char*: strchr_c \
)(X,Y)</syntaxhighlight>}} since C does not have function overloading, and instead, this is handled by having a single function where the input is constant but the output is writable:
<syntaxhighlight lang="cpp">
char *strchr(char const *s, int c);
</syntaxhighlight>
This allows idiomatic C code but does strip the const qualifier if the input actually was const-qualified, violating type safety. This solution was proposed by Ritchie and subsequently adopted. This difference is one of the failures of [[compatibility of C and C++]].
Since [[C23 (C standard revision)|C23]], this problem is solved with the use of the <code>_Generic</code> facility of the language: the identifiers of <code>strchr</code> and the other functions affected by the issue have been turned into macros that expand a call to an appropriate function which will return a <code>const</code> pointer if one was passed to them and an unqualified pointer if an unqualified pointer was passed to them.<!-- The phrasing needs some work but keep in mind that the array elements cannot be volatile or restrict. --><ref name="N3020">{{cite web |title=WG14-N3020 : Qualifier-preserving standard library functions |url=https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3020.pdf |website=open-std.org |archive-url=https://web.archive.org/web/20221013190826/https://www.open-std.org/jtc1/sc22/WG14/www/docs/n3020.pdf |archive-date=October 13, 2022 |date=2022-06-13 |url-status=live}}</ref>
== D ==
In version 2 of the [[D (programming language)|D programming language]], two keywords relating to const exist.<ref>{{cite web|url=http://www.digitalmars.com/d/2.0/const-faq.html#const |title=const(FAQ) – D Programming Language |publisher=Digitalmars.com |date= |accessdate=2013-08-18}}</ref> The <code>immutable</code> keyword denotes data that cannot be modified through any reference.
The <code>const</code> keyword denotes a non-mutable view of mutable data.
Unlike C++ <code>const</code>, D <code>const</code> and <code>immutable</code> are "deep" or [[transitive relation|transitive]], and anything reachable through a <code>const</code> or <code>immutable</code> object is <code>const</code> or <code>immutable</code> respectively.
'''Example of const vs. immutable in D'''
<syntaxhighlight lang = "D">
int[] foo = new int[5]; // foo is mutable.
const int[] bar = foo; // bar is a const view of mutable data.
immutable int[] baz = foo; // Error: all views of immutable data must be immutable.
immutable int[] nums = new immutable(int)[5]; // No mutable reference to nums may be created.
const int[] constNums = nums; // Works. immutable is implicitly convertible to const.
int[] mutableNums = nums; // Error: Cannot create a mutable view of immutable data.
</syntaxhighlight>
'''Example of transitive or deep const in D'''
<syntaxhighlight lang = "D">
class Foo {
Foo next;
int num;
}
immutable Foo foo = new immutable(Foo);
foo.next.num = 5; // Won't compile. foo.next is of type immutable(Foo).
// foo.next.num is of type immutable(int).
</syntaxhighlight>
== History ==
<code>const</code> was introduced by [[Bjarne Stroustrup]] in [[C with Classes]], the predecessor to [[C++]], in 1981, and was originally called <code>readonly</code>.<ref>[[Bjarne Stroustrup]], "Extensions of the C Language Type Concept", Bell Labs internal Technical Memorandum, January 5, 1981.</ref><ref name="siblings">[http://www.stroustrup.com/sibling_rivalry.pdf Sibling Rivalry: C and C++], [[Bjarne Stroustrup]], 2002, p. 5</ref> As to motivation, Stroustrup writes:<ref name="siblings" />
: "It served two functions: as a way of defining a symbolic constant that obeys scope and type rules (that is, without using a macro) and as a way of deeming an object in memory immutable."
The first use, as a scoped and typed alternative to macros, was analogously fulfilled for function-like macros via the <code>inline</code> keyword. Constant pointers, and the <code>* const</code> notation, were suggested by Dennis Ritchie and so adopted.<ref name="siblings" />
<code>const</code> was then adopted in C as part of standardization, and appears in [[ANSI C|C89]] (and subsequent versions) along with the other type qualifier, <code>volatile</code>.<ref>[[Dennis M. Ritchie]], "[http://cm.bell-labs.com/who/dmr/chist.html The Development of the C Language] {{webarchive |url=https://archive.today/20120715050501/http://cm.bell-labs.com/who/dmr/chist.html |date=July 15, 2012 }}", 2003: "X3J11 also introduced a host of smaller additions and adjustments, for example, the type qualifiers '''const''' and '''volatile''', and slightly different type promotion rules."</ref> A further qualifier, <code>noalias</code>, was suggested at the December 1987 meeting of the X3J11 committee, but was rejected; its goal was ultimately fulfilled by the <code>[[restrict]]</code> keyword in [[C99]]. Ritchie was not very supportive of these additions, arguing that they did not "carry their weight", but ultimately did not argue for their removal from the standard.<ref>"Let me begin by saying that I'm not convinced that even the pre-December qualifiers ('const' and 'volatile') carry their weight; I suspect that what they add to the cost of learning and using the language is not repaid in greater expressiveness.
'Volatile', in particular, is a frill for esoteric applications, and much better expressed by other means. Its chief virtue is that nearly everyone can forget about it. 'Const' is simultaneously more useful and more obtrusive; you can't avoid learning about it, because of its presence in the library interface. Nevertheless, I don't argue for the extirpation of qualifiers, if only because it is too late."</ref>
D subsequently inherited <code>const</code> from C++, where it is known as a ''type constructor'' (not [[type qualifier]]) and added two further type constructors, <code>immutable</code> and <code>inout</code>, to handle related use cases.{{efn|D also introduced the <code>shared</code> type constructor, but this is related to use cases of <code>volatile</code>, not <code>const</code>.}}
== Other languages ==
Other languages do not follow C/C++ in having constancy part of the type, though they often have superficially similar constructs and may use the <code>const</code> keyword. Typically this is only used for constants (constant objects).
[[C Sharp (programming language)|C#]] has a <code>const</code> keyword, but with radically different and simpler semantics: it means a compile-time constant, and is not part of the type.
[[Nim (programming language)|Nim]] has a <code>const</code> keyword similar to that of C#: it also declares a compile-time constant rather than forming part of the type. However, in Nim, a constant can be declared from any expression that can be evaluated at compile time.<ref>[http://nim-lang.org/docs/manual.html#statements-and-expressions-const-section Nim Manual: Const section]</ref> In C#, only C# built-in types can be declared as <code>const</code>; user-defined types, including classes, structs, and arrays, cannot be <code>const</code>.<ref>[https://msdn.microsoft.com/en-us/library/e6w8fe1b.aspx const (C# Reference)]</ref>
[[Java (programming language)|Java]] does not have <code>const</code> – it instead has <code>final</code>, which can be applied to local "variable" declarations and applies to the ''identifier'', not the type. It has a different object-oriented use for object members, which is the origin of the name.
The Java language specification regards <code>const</code> as a reserved keyword – i.e., one that cannot be used as variable identifier – but assigns no semantics to it: it is a ''reserved word'' (it cannot be used in identifiers) but not a ''keyword'' (it has no special meaning). The keyword was included as a means for Java compilers to detect and warn about the incorrect usage of C++ keywords.<ref>{{Cite web |url=https://docs.oracle.com/javase/specs/jls/se6/html/lexical.html#3.9 |title=Java Language Specification Third Edition |last=Gosling |first=James |last2=Joy |first2=Bill |last3=Steele |first3=Guy}}</ref> An enhancement request ticket for implementing <code>const</code> correctness exists in the [[Java Community Process]], but was closed in 2005 on the basis that it was impossible to implement in a backwards-compatible fashion.<ref>{{cite web|url=http://bugs.java.com/view_bug.do?bug_id=4211070 |title=Bug ID: JDK-4211070 Java should support const parameters (like C++) for code {{sic|nolink=y|mai|ntainence}}|publisher=Bugs.sun.com |date= |accessdate=2014-11-04}}<!-- was previously at:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4211070
2013-08-18
--></ref>
The contemporary [[Ada 83]] independently had the notion of a constant object and a <code>constant</code> keyword,<ref>[http://archive.adaic.com/standards/83lrm/html/Welcome.htmlANSI/MIL-STD 1815A]{{dead link|date=September 2018|bot=medic}}{{cbignore|bot=medic}}, [http://archive.adaic.com/standards/83lrm/html/lrm-03-02.html#3.2.1 3.2.1. Object Declarations] {{webarchive |url=https://web.archive.org/web/20141020162257/http://archive.adaic.com/standards/83lrm/html/lrm-03-02.html#3.2.1 |date=October 20, 2014 }}:<br />
"The declared object is a constant if the reserved word constant appears in the object declaration; the declaration must then include an explicit initialization. The value of a constant cannot be modified after initialization. Formal parameters of mode in of subprograms and entries, and generic formal parameters of mode in, are also constants; a loop parameter is a constant within the corresponding loop; a subcomponent or slice of a constant is a constant."</ref>{{efn |The Ada standard calls this a "[[reserved word]]"; see that article for usage.}} with [[input parameter]]s and loop parameters being implicitly constant. Here the <code>constant</code> is a property of the object, not of the type.
[[JavaScript]] has a <code>const</code> declaration that defines a [[block scope|block-scoped]] variable that cannot be reassigned nor redeclared. It defines a read-only reference to a variable that cannot be redefined, but in some situations the value of the variable itself may potentially change, such as if the variable refers to an object and a property of it is altered.<ref>{{cite web|title=const|url=https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/const|website=MDN|accessdate=31 October 2017}}</ref>
== See also ==
* [[Single assignment]]
* [[restrict]]
* [[Pointer aliasing]]
== Notes ==
{{notelist}}
== References ==
{{reflist}}
== External links ==
* [http://gotw.ca/gotw/006.htm "Const-Correctness"] by [[Herb Sutter]]
* [http://gotw.ca/gotw/081.htm "Constant Optimization?"] by Herb Sutter
* [https://web.archive.org/web/20050611030410/http://www.parashift.com/c++-faq-lite/const-correctness.html The C++ FAQ Lite: Const correctness] by Marshall Cline
* Section "[http://www.mi.uni-koeln.de/c/mirror/www.codeguru.com/cpp/tic/tic_html.zip/tic0092.html Value substitution]" from the free electronic book ''[[Thinking in C++]]'' by [[Bruce Eckel]]
* [https://web.archive.org/web/20080105024742/http://www.digitalmars.com/d/const.html "Here A Const, There A Const"] by [[Walter Bright]]
* [http://www.digitalmars.com/d/2.0/const3.html "Const and Invariant" from D programming language specification, version 2 (experimental)]
{{DEFAULTSORT:Const-Correctness}}
[[Category:C programming language family]]
[[Category:Data types]]
[[Category:Articles with example C code]]
[[Category:Articles with example C++ code]]
[[Category:Programming language topics]]
| |||