61

I have the following code:

using (Mutex mut = new Mutex(false, MUTEX_NAME))
{
    if (mut.WaitOne(new TimeSpan(0, 0, 30)))
    {
       // Some code that deals with a specific TCP port
       // Don't want this to run at the same time in another process
    }
}

I've set a breakpoint within the if block, and ran the same code within another instance of Visual Studio. As expected, the .WaitOne call blocks. However, to my surprise, as soon as I continue in the first instance and the using block terminates, I get an exception in the second process about an abandoned Mutex.

The fix is to call ReleaseMutex:

using (Mutex mut = new Mutex(false, MUTEX_NAME))
{
    if (mut.WaitOne(new TimeSpan(0, 0, 30)))
    {
       // Some code that deals with a specific TCP port
       // Don't want this to run twice in multiple processes
    }

    mut.ReleaseMutex();
}

Now, things work as expected.

My Question: Usually the point of an IDisposable is it cleans up whatever state you put things in. I could see perhaps having multiple waits and releases within a using block, but when the handle to the Mutex is disposed, shouldn't it get released automatically? In other words, why do I need to call ReleaseMutex if I'm in a using block?

I'm also now concerned that if the code within the if block crashes, I'll have abandoned mutexes lying around.

Is there any benefit to putting Mutex in a using block? Or, should I just new up a Mutex instance, wrap it in a try/catch, and call ReleaseMutex() within the finally block (Basically implementing exactly what I thought Dispose() would do)

Mike Christensen
  • 88,082
  • 50
  • 208
  • 326
  • Knowing what I know about mutexes (conceptually) I imagine that when Dispose() is called on the Mutex, it checks to see if it is still in use. If so, I imagine it does not dispose itself (and it shouldn't!) I would like to see further information on this topic, though, from someone who is more familiar with the internals of the `Mutex` class in .Net. – RLH Aug 21 '14 at 17:46
  • The point of `using` is just to call `Dispose` at the end. It gets translated into `try{ //yourcode } finally { yourobj.Dispose() }`... if you need more logic (like releasing in this case) you need to manage it your own – pollirrata Aug 21 '14 at 17:51
  • Are you using this in multiple processes, or are you just concerned with multiple threads within the same process? – voithos Aug 21 '14 at 17:58
  • @voithos - Multiple processes, which is why the Mutex has a name. – Mike Christensen Aug 21 '14 at 18:00

10 Answers10

64

The documentation explains (in the "Remarks" section) that there is a conceptual difference between instantiating a Mutex object (which does not, in fact, do anything special as far as synchronization goes) and acquiring a Mutex (using WaitOne). Note that:

  • WaitOne returns a boolean, meaning that acquiring a Mutex can fail (timeout) and both cases must be handled
  • When WaitOne returns true, then the calling thread has acquired the Mutex and must call ReleaseMutex, or else the Mutex will become abandoned
  • When it returns false, then the calling thread must not call ReleaseMutex

So, there's more to Mutexes than instantiation. As for whether you should use using anyway, let's take a look at what Dispose does (as inherited from WaitHandle):

protected virtual void Dispose(bool explicitDisposing)
{
    if (this.safeWaitHandle != null)
    {
        this.safeWaitHandle.Close();
    }
}

As we can see, the Mutex is not released, but there is some cleanup involved, so sticking with using would be a good approach.

As to how you should proceed, you can of course use a try/finally block to make sure that, if the Mutex is acquired, that it gets properly released. This is likely the most straightforward approach.

If you really don't care about the case where the Mutex fails to be acquired (which you haven't indicated, since you pass a TimeSpan to WaitOne), you could wrap Mutex in your own class that implements IDisposable, acquire the Mutex in the constructor (using WaitOne() with no arguments), and release it inside Dispose. Although, I probably wouldn't recommend this, as this would cause your threads to wait indefinitely if something goes wrong, and regardless there are good reasons for explicitly handling both cases when attempting an acquire, as mentioned by @HansPassant.

Community
  • 1
  • 1
voithos
  • 68,482
  • 12
  • 101
  • 116
  • 7
    `+1` - Great answer! I think the fact that you *can't* call `ReleaseMutex` if `WaitOne` failed means that `Dispose` *cannot* implement this, unless it also implemented logic to track successful waits. Looks like the solution is to put `Mutex` in a using block, and put a `try/finally` block within the `if` block. – Mike Christensen Aug 21 '14 at 18:20
  • 1
    @MikeChristensen it could just `throw` in case it failed to acquire the mutex in its timeout span, which makes more sense IMO anyway since it's indicating a failure. – Benjamin Gruenbaum Sep 15 '14 at 08:42
  • yea, if you can't call ReleaseMutex you can just put it in a try { } inside your dispose. – 00jt Apr 30 '19 at 19:29
41

This design decision was made a long, long time ago. Over 21 years ago, well before .NET was ever envisioned or the semantics of IDisposable were ever considered. The .NET Mutex class is a wrapper class for the underlying operating system support for mutexes. The constructor pinvokes CreateMutex, the WaitOne() method pinvokes WaitForSingleObject().

Note the WAIT_ABANDONED return value of WaitForSingleObject(), that's the one that generates the exception.

The Windows designers put the rock-hard rule in place that a thread that owns the mutex must call ReleaseMutex() before it exits. And if it doesn't that this is a very strong indication that the thread terminated in an unexpected way, typically through an exception. Which implies that synchronization is lost, a very serious threading bug. Compare to Thread.Abort(), a very dangerous way to terminate a thread in .NET for the same reason.

The .NET designers did not in any way alter this behavior. Not in the least because there isn't any way to test the state of the mutex other than by performing a wait. You must call ReleaseMutex(). And do note that your second snippet is not correct either; you cannot call it on a mutex that you didn't acquire. It must be moved inside of the if() statement body.

Hans Passant
  • 922,412
  • 146
  • 1,693
  • 2,536
  • `+1` - Thanks for the history! Can you comment on the code I posted within my *answer* to this question? From what I can tell, this should be the ideal way to do this. – Mike Christensen Aug 21 '14 at 18:44
  • 1
    Hmya, you are covering up the diagnostic that the Windows designers built in on purpose. Your code crashed while it owned the mutex, you can't reason about the state of the program anymore. The odds that you can recover are exceedingly slim, particularly since you have no other decent way to signal the other process that it should stop using the shared resource since it is in an entirely unknown state. Exceptions are a Good Thing, don't do it. – Hans Passant Aug 21 '14 at 18:50
  • So, it's best to just let it crash and abandon the Mutex? Then, let the other `WaitOne` calls also crash? – Mike Christensen Aug 21 '14 at 19:05
  • You say that the .NET designers didn't change anything but I seem to remember that the AbandonedMutexException being thrown by `WaitXXX` was a breaking change from 1.1 to 2.0. Under 1.1 (and 1.0), the `WaitXXX` method wrappers just returned if they encountered an abandoned mutex. And much fun and games ensued. – Damien_The_Unbeliever Aug 22 '14 at 06:18
  • @Damien_The_Unbeliever: The concept of a locking primitives having an "awaited condition will never happen" state is very useful. I wish monitor locks included something similar, though I'm not sure what existing code could be expected to do if someone threw one of its locks into such a state. There are good reasons why `Monitor.Pulse` can only be done after acquiring a lock, but there should be a mechanism by which code which is shutting down a service could set its monitors to a "shutdown" state without having to acquire the associated locks first. If something like a finalizer... – supercat Aug 22 '14 at 16:12
  • ...discovers that nobody cares anymore about the work a service is doing, but the lock is held by some other code which got swapped out to disk and will call `Monitor.Wait` before releasing the lock, there may be no reasonable way for the finalizer to prevent that other code from waiting forever for something which the finalizer knows is never going to happen. – supercat Aug 22 '14 at 16:15
  • Point of order: don't you mean `IDisposable` rather than IDispatch in your second sentence? – Jesse C. Slicer Aug 26 '14 at 19:23
  • @HansPassant Is is valid to say that `bool released = mutex.WaitOne(1);` is equivalent to a check if the mutex is not acquired ? – Zein Makki Jul 12 '16 at 12:01
  • This answer needs to be incorporated in the documentation for `Mutex`. as it stands now (3/2017) the behavior seems undocumented. – CoderBrien Mar 06 '17 at 22:59
8

Ok, posting an answer to my own question. From what I can tell, this is the ideal way to implement a Mutex that:

  1. Always gets Disposed
  2. Gets Released iff WaitOne was successful.
  3. Will not get abandoned if any code throws an exception.

Hopefully this helps someone out!

using (Mutex mut = new Mutex(false, MUTEX_NAME))
{
    if (mut.WaitOne(new TimeSpan(0, 0, 30)))
    {
        try
        {
           // Some code that deals with a specific TCP port
           // Don't want this to run twice in multiple processes        
        }
        catch(Exception)
        {
           // Handle exceptions and clean up state
        }
        finally
        {
            mut.ReleaseMutex();
        }
    }
}

Update: Some may argue that if the code within the try block puts your resource in an unstable state, you should not release the Mutex and instead let it get abandoned. In other words, just call mut.ReleaseMutex(); when the code finishes successfully, and not put it within the finally block. The code acquiring the Mutex could then catch this exception and do the right thing.

In my situation, I'm not really changing any state. I'm temporarily using a TCP port and can't have another instance of the program run at the same time. For this reason, I think my solution above is fine but yours may be different.

Mike Christensen
  • 88,082
  • 50
  • 208
  • 326
  • Not sure why this was downvoted, but I've added some more details. Maybe it's just considered *bad form* to answer your own question. – Mike Christensen Aug 21 '14 at 22:21
  • 1
    Not bad form to answer your own question at all! It was probably downvoted because the code is incorrect. You are catching and swallowing the exception, which is hiding a serious threading bug—the kind of bug that you don't want under the rug. – Cody Gray - on strike Aug 22 '14 at 09:42
  • 2
    @CodyGray I see Mike adding a `catch` clause after your comment. But isn't a try/finally block, with no `catch(){}`, okay: the exception might be handled higher up the stack, not swallowed? (And if not caught at all, the program terminates, and it did not matter about releasing the mutex!) – Darren Cook Nov 20 '14 at 11:03
7

One of the primary uses of a mutex is to ensure that the only code which will ever see a shared object in a state which doesn't satisfy its invariants is the code which (hopefully temporarily) put the object into that state. A normal pattern for code which needs to modify an object is:

  1. Acquire mutex
  2. Make changes to object which cause its state to become invalid
  3. Make changes to object which cause its state to become valid again
  4. Release mutex

If something goes wrong in after #2 has begun and before #3 has finished, the object may be left in a state which does not satisfy its invariants. Since the proper pattern is to release a mutex before disposing it, the fact that code disposes a mutex without releasing it implies that something went wrong somewhere. As such, it may not be safe for code to enter the mutex (since it hasn't been released), but there's no reason to wait for the mutex to be released (since--having been disposed--it never will be). Thus, the proper course of action is to throw an exception.

A pattern which is somewhat nicer than the one implemented by the .NET mutex object is to have the "acquire" method return an IDisposable object which encapsulates not the mutex, but rather a particular acquisition thereof. Disposing that object will then release the mutex. Code can then look something like:

using(acq = myMutex.Acquire())
{
   ... stuff that examines but doesn't modify the guarded resource
   acq.EnterDanger();
   ... actions which might invalidate the guarded resource
   ... actions which make it valid again
   acq.LeaveDanger();
   ... possibly more stuff that examines but doesn't modify the resource
}

If the inner code fails between EnterDanger and LeaveDanger, then the acquisition object should invalidate the mutex by calling Dispose on it, since the guarded resource may be in a corrupted state. If the inner code fails elsewhere, the mutex should be released since the guarded resource is in a valid state, and the code within the using block won't need to access it anymore. I don't have any particular recommendations of libraries implementing that pattern, but it isn't particularly difficult to implement as a wrapper around other kinds of mutex.

supercat
  • 77,689
  • 9
  • 166
  • 211
4

We need to understand more then .net to know what is going on the start of the MSDN page gives the first hint that someone “odd” is going on:

A synchronization primitive that can also be used for interprocess synchronization.

A Mutex is a Win32Named Object”, each process locks it by name, the .net object is just a wrapper round the Win32 calls. The Muxtex itself lives within the Windows Kernal address space, not your application address space.

In most cases you are better off using a Monitor, if you are only trying to synchronizes access to objects within a single process.

Ian Ringrose
  • 51,220
  • 55
  • 213
  • 317
3

If you need to garantee that the mutex is released switch to a try catch finally block and put the mutex release in the finally block. It is assumed that you own and have a handle for the mutex. That logic needs to be included before release is invoked.

Mike Beeler
  • 4,081
  • 2
  • 29
  • 44
2

Reading the documentation for ReleaseMutex, it seems the design decision was that a Mutex should be released consciously. if ReleaseMutex isn't called, it signifies an abnormal exit of the protected section. putting the release in a finally or dispose, circumvents this mechanism. you are still free to ignore the AbandonedMutexException, of course.

ths
  • 2,858
  • 1
  • 16
  • 21
2

Be aware: The Mutex.Dispose() executed by the Garbage collector fails because the garbage collection process does not own the handle according Windows.

Willem-Derk Nijdam
  • 21
  • 1
1

Dispose depends on WaitHandle to be released. So, even though using calls Dispose, it won't go into affect until the the conditions of stable state are met. When you call ReleaseMutex you're telling the system that you're releasing the resource, and thus, it is free to dispose of it.

B.K.
  • 9,982
  • 10
  • 73
  • 105
1

For the last question.

Is there any benefit to putting Mutex in a using block? Or, should I just new up a Mutex instance, wrap it in a try/catch, and call ReleaseMutex() within the finally block (Basically implementing exactly what I thought Dispose() would do)

If you don't dispose of the mutex object, creating too many mutex objects may encounter the following issue.

---> (Inner Exception #4) System.IO.IOException: Not enough storage is available to process this command. : 'ABCDEFGHIJK'
 at System.Threading.Mutex.CreateMutexCore(Boolean initiallyOwned, String name, Boolean& createdNew)
 at NormalizationService.Controllers.PhysicalChunkingController.Store(Chunk chunk, Stream bytes) in /usr/local/...

The program uses the named mutex and runs 200,000 times in the parallel for loop.
Adding using statement resolves the issue.

Sungfu Chiu
  • 94
  • 6