I'm looking for a rationale of why .NET CancellationToken struct was introduced in addition to CancellationTokenSource class. I understand how the API is to be used, but want to also understand why it is designed that way.

I.e., why do we have:

var cts = new CancellationTokenSource();
SomeCancellableOperation(cts.Token);

...
public void SomeCancellableOperation(CancellationToken token) {
    ...
    token.ThrowIfCancellationRequested();
    ...
}

instead of directly passing CancellationTokenSource around like:

var cts = new CancellationTokenSource();
SomeCancellableOperation(cts);

...
public void SomeCancellableOperation(CancellationTokenSource cts) {
    ...
    cts.ThrowIfCancellationRequested();
    ...
}

Is this a performance optimization based on the fact that cancellation state checks happen more frequently than passing the token around?

So that CancellationTokenSource can keep track of and update CancellationTokens, and for each token the cancellation check is a local field access?

Given that a volatile bool with no locking is enough in both cases, I still can't see why that would be faster.

Thanks!

I was involved in design and implementation of these classes.

The short answer is "separation of concerns". It is quite true that there are various implementation strategies and that some are simpler at least regarding the type system and initial learning. However, CTS and CT are intended for use in a great many scenarios (such as deep library stacks, parallel computation, async, etc) and thus was designed with many complex use cases in mind. It is a design intended to encourage successful patterns and discourage anti-patterns without sacrificing performance.

If the door was left open for misbehaving APIs, then the usefulness of of the cancellation design could quickly be eroded.

I had the exact same question and I wanted to understand the rationale behind this design.

The accepted answer got the rationale exactly right. Here's the confirmation from the team who designed this feature (emphasis mine):

Two new types form the basis of the framework: A CancellationToken is a struct that represents a ‘potential request for cancellation’. This struct is passed into method calls as a parameter and the method can poll on it or register a callback to be fired when cancellation is requested. A CancellationTokenSource is a class that provides the mechanism for initiating a cancellation request and it has a Token property for obtaining an associated token. It would have been natural to combine these two classes into one, but this design allows the two key operations (initiating a cancellation request vs. observing and responding to cancellation) to be cleanly separated. In particular, methods that take only a CancellationToken can observe a cancellation request but cannot initiate one.

Link: .NET 4 Cancellation Framework

In my opinion, the fact that CancellationToken can only observe the state and not change it, is extremely critical. You can hand out the token like a candy and never worry that someone else, other than you, will Cancel it. It protects you from hostile third party code. Yes, the chances are slim, but I personally like that guarantee.

I also feel that it makes the API cleaner and avoids accidental mistake and promotes better component design.

Let's look at public API for both of these classes.

If you were to combine them, when writing LongRunningFunction, I will see methods like those multiple overloads of 'Cancel' which I should not be using. Personally, I hate to see Dispose method as well.

I think the current class design follows 'pit of success' philosophy, it guides developers to create better components which can handle Task cancellation and then instrument them together in numerous way to create complicated workflows.

Let me ask you a question, have you wondered what is the purpose of token.Register? It didn't make sense to me. And then I read Cancellation in Managed Threads and everything became crystal clear.

I believe that the Cancellation Framework Design in TPL is absolutely top notch.

They are separate not for technical reasons but semantic ones. If you look at the implementation of CancellationToken under ILSpy, you'll find it's merely a wrapper around CancellationTokenSource (and thus no different performance-wise than passing around a reference).

They provide this separation of functionality to make things more predictable: when you pass a method a CancellationToken, you know you're still the only one that can cancel it. Sure, the method could still throw a TaskCancelledException, but the CancellationToken itself -- and any other methods referencing the same token -- would remain safe.

The CancellationToken is a struct so many copies could exist due to passing it along to methods.

The CancellationTokenSource sets the state of ALL copies of a token when calling Cancel on the source. See this MSDN page

The reason for the design might be just a matter of seperation of concerns and the speed of a struct.

The CancellationTokenSource is the 'thing' that issues the cancellation, for whatever reason. It needs a way to 'dispatch' that cancellation to all the CancellationToken's it has issued. That's how, for example, ASP.NET can cancel operations when a request is aborted. Each request has a CTSource that forwards the cancellation to all the tokens it has issued.

This great for unit testing BTW - create your own cancellation token source, get a token, call Cancel on the soource, and pass the token to your code that has to handle the cancellation.

My "theory" is that the role of CancellationToken is to provide a thread-safe wrapper to avoid contention.

If there were only one class, so a unique instance would be used with copy of reference, and you have a lot of threads registering handlers for cancellation for example, this class should manage concurrency using some locking, reducing the performance.

Whereas with the CancellationToken struct you have a copy of each callbacks-queue for each thread so no contention.

This is pure speculation and I may be completely wrong and/or there may be other good reasons for this design.

The only thing that is sure is that there is at least one good reason, and it is a shame this kind of decision is not more documented as it is an invaluable insight when using a technology.