| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Wed, 19 Dec 2012 12:51:06 +0000 | |
| changeset 7 | 0514be2ad83e |
| parent 6 | 7f2493296c39 |
| child 8 | 5ba3d79622da |
| permissions | -rwxr-xr-x |
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
1 |
\documentclass{article}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
2 |
\textwidth 130mm |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
3 |
\textheight 200mm |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
4 |
\renewenvironment{abstract}{\section*{Abstract}\small}{}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
5 |
\usepackage{isabelle}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
6 |
\usepackage{isabellesym}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
7 |
\usepackage{amsmath}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
8 |
\usepackage{amssymb}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
9 |
\usepackage{mathpartir}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
10 |
\usepackage{tikz}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
11 |
\usepackage{pgf}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
12 |
\usepackage{pdfsetup}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
13 |
\usepackage{ot1patch}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
14 |
\usepackage{times}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
15 |
\usepackage{stmaryrd}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
16 |
\usepackage{url}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
17 |
\usepackage{color}
|
|
7
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
18 |
\usepackage{courier}
|
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
19 |
\usepackage{listings}
|
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
20 |
\lstset{language=C,
|
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
21 |
numbers=left, |
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
22 |
basicstyle=\small\ttfamily, |
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
23 |
numberstyle=\footnotesize, frame=tb} |
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
24 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
25 |
\urlstyle{rm}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
26 |
\isabellestyle{it}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
27 |
\renewcommand{\isastyleminor}{\it}%
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
28 |
\renewcommand{\isastyle}{\normalsize\it}%
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
29 |
|
|
7
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
30 |
%%%\titlerunning{Proving the Priority Inheritance Protocol Correct}
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
31 |
\def\dn{\,\stackrel{\mbox{\scriptsize def}}{=}\,}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
32 |
\renewcommand{\isasymequiv}{$\dn$}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
33 |
\renewcommand{\isasymemptyset}{$\varnothing$}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
34 |
\renewcommand{\isacharunderscore}{\mbox{$\_\!\_$}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
35 |
\renewcommand{\isasymiota}{}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
36 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
37 |
\newcommand{\numbered}[1]{\refstepcounter{equation}{\rm(\arabic{equation})}\label{#1}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
38 |
\definecolor{mygrey}{rgb}{.80,.80,.80}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
39 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
40 |
\newtheorem{definition}{Definition}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
41 |
\newtheorem{theorem}[definition]{Theorem}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
42 |
\newtheorem{lemma}[definition]{Lemma}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
43 |
\newtheorem{proof}{Proof}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
44 |
\renewcommand{\theproof}{}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
45 |
\newcommand{\qed}{\hfill \mbox{\raggedright \rule{0.1in}{0.1in}}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
46 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
47 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
48 |
\begin{document}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
49 |
\renewcommand{\thefootnote}{$\star$}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
50 |
\footnotetext[1]{This is a revised and expanded version of \cite{ZhangUrbanWu12}.}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
51 |
\renewcommand{\thefootnote}{\arabic{footnote}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
52 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
53 |
\title{Priority Inheritance Protocol Proved Correct}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
54 |
\author{Xingyuan Zhang, Christian Urban and Chunhan Wu}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
55 |
%\institute{PLA University of Science and Technology, China \and
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
56 |
% King's College London, United Kingdom} |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
57 |
\maketitle |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
58 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
59 |
\begin{abstract}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
60 |
In real-time systems with threads, resource locking and |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
61 |
priority sched\-uling, one faces the problem of Priority |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
62 |
Inversion. This problem can make the behaviour of threads |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
63 |
unpredictable and the resulting bugs can be hard to find. The |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
64 |
Priority Inheritance Protocol is one solution implemented in many |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
65 |
systems for solving this problem, but the correctness of this solution |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
66 |
has never been formally verified in a theorem prover. As already |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
67 |
pointed out in the literature, the original informal investigation of |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
68 |
the Property Inheritance Protocol presents a correctness ``proof'' for |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
69 |
an \emph{incorrect} algorithm. In this paper we fix the problem of
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
70 |
this proof by making all notions precise and implementing a variant of |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
71 |
a solution proposed earlier. Our formalisation in Isabelle/HOL |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
72 |
uncovers facts not mentioned in the literature, but also shows how to |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
73 |
efficiently implement this protocol. Earlier correct implementations |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
74 |
were criticised as too inefficient. Our formalisation is based on |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
75 |
Paulson's inductive approach to verifying protocols; our implementation |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
76 |
is on top of the small PINTOS operating system.\medskip |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
77 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
78 |
%{\bf Keywords:} Priority Inheritance Protocol, formal correctness proof,
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
79 |
%real-time systems, Isabelle/HOL |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
80 |
\end{abstract}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
81 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
82 |
\input{session}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
83 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
84 |
%\bibliographystyle{plain}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
85 |
%\bibliography{root}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
86 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
87 |
\end{document}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
88 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
89 |
%%% Local Variables: |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
90 |
%%% mode: latex |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
91 |
%%% TeX-master: t |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
92 |
%%% End: |