A monitor is an approach to synchronizing two or more computer tasks that use a shared resource, usually a hardware device or a set of variables.
Mutual exclusion
A monitor consists of:
- a set of procedures that allow interaction with the shared resource
- a mutual exclusion lock
- the variables associated with the resource
- a monitor invariant that defines the assumptions needed to avoid race conditions
A monitor procedure takes the lock before doing anything else, and holds it until it either finishes or waits for a condition (explained below). If every procedure guarantees that the invariant is true before it releases the lock, then no task can ever find the resource in a state that might lead to a race condition.
As a simple example, consider a monitor for performing transactions on a bank account.
monitor account {
int balance := 0
function withdraw(int amount) {
if amount < 0 then error "Amount may not be negative"
else if balance < amount then error "Insufficient funds"
else balance := balance - amount
}
function deposit(int amount) {
if amount < 0 then error "Amount may not be negative"
else balance := balance + amount
}
}
The monitor invariant in this case simply says that the balance must reflect all past operations before another operation can begin. It is not stated in the code but may be mentioned in comments. The lock is added by the compiler. This makes monitors safer and more reliable than approaches that require the programmer to insert locking and unlocking operations by hand, since the programmer can forget them.
Condition variables
To avoid busy waiting, processes must be able to signal each other about events of interest. Monitors provide this capability through condition variables. When a monitor function requires a particular condition to be true before it can proceed, it waits on an associated condition variable. By waiting, it gives up the lock and is removed from the set of runnable processes. Any process that subsequently causes the condition to be true may then use the condition variable to notify a process waiting for the condition. A process that has been notified regains the lock and can proceed.
The following monitor uses condition variables to implement an interprocess communication channel that can store only one integer value at a time.
monitor channel {
int contents
boolean full := false
condition snd
condition rcv
function send(sent: int) {
if full == true then wait(rcv)
contents := sent
full := true
notify(snd)
}
function receive(): int {
int received
if full == false then wait(snd)
received := contents
full := false
notify(rcv)
return received
}
}
Note that since waiting on a condition forfeits the lock, the waiter must make sure the monitor invariant is satisfied before it waits. In the example above, the same is true for notifying.
In early monitor implementations, notifying a condition variable caused a waiting process to receive the lock and run immediately, thereby guaranteeing that the condition would still be true. Implementing this behavior is complicated and has a high overhead. It is also incompatible with schedulers that can interrupt a process arbitrarily. For these reasons, researchers have considered various other semantics for condition variables.
In most modern implementations, notifying does not take control away from the running process, but merely makes some waiting process runnable. The notifying process continues to hold the lock until it leaves the monitor function. The side effects of this approach are that the notifying process does not have to set up the monitor invariant before notifying, and the waiting process must double-check the condition it was waiting for. Specifically, if test then wait(cv) becomes while test do wait(cv). Implementations also provide a "notifyAll" operation that notifies every process waiting on a given condition. This operation is useful, for example, when several processes are waiting for different amounts of storage to become available. Releasing storage can enable any number of these processes to proceed, but the scheduler does not know which ones.
History
Per Brinch Hansen was the first to describe and implement monitors, basing them on ideas from C. A. R. Hoare. Hoare subsequently developed the theoretical framework and demonstrated their equivalence to semaphores.
Programming languages that have supported monitors include
C# does not have monitors as a feature of the language, although the .NET framework has a class that facilitates implementation of Java-style monitors by hand. The POSIX pthreads interface also supports the implementation of monitors.
External links
- Hoare, Monitors: An Operating System Structuring Concept
- Howard, Signalling in Monitors
- Lampson and Redell, Experience with Processes and Monitors in Mesa