| author | Christian Urban <urbanc@in.tum.de> |
| Wed, 02 Jan 2019 21:09:05 +0000 | |
| changeset 208 | a5afc26b1d62 |
| parent 204 | 5191a09d9928 |
| permissions | -rwxr-xr-x |
|
20
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
1 |
%\documentclass{article}
|
| 208 | 2 |
%\documentclass{llncs}
|
3 |
\documentclass{svjour3}
|
|
4 |
||
|
27
6b1141c5e24c
cleaned up
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
24
diff
changeset
|
5 |
\pagestyle{headings}
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
6 |
\usepackage{isabelle}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
7 |
\usepackage{isabellesym}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
8 |
\usepackage{amsmath}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
9 |
\usepackage{amssymb}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
10 |
\usepackage{mathpartir}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
11 |
\usepackage{tikz}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
12 |
\usepackage{pgf}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
13 |
\usepackage{pdfsetup}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
14 |
\usepackage{ot1patch}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
15 |
\usepackage{times}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
16 |
\usepackage{stmaryrd}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
17 |
\usepackage{url}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
18 |
\usepackage{color}
|
|
7
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
19 |
\usepackage{courier}
|
|
142
10c16b85a839
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
75
diff
changeset
|
20 |
\usepackage{endnotes}
|
|
32
e861aff29655
made some modifications.
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
27
diff
changeset
|
21 |
\usetikzlibrary{patterns}
|
|
7
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
22 |
\usepackage{listings}
|
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
23 |
\lstset{language=C,
|
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
24 |
numbers=left, |
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
25 |
basicstyle=\small\ttfamily, |
|
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
26 |
numberstyle=\footnotesize, frame=tb} |
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
27 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
28 |
\urlstyle{rm}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
29 |
\isabellestyle{it}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
30 |
\renewcommand{\isastyleminor}{\it}%
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
31 |
\renewcommand{\isastyle}{\normalsize\it}%
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
32 |
|
|
7
0514be2ad83e
started code explanation
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
6
diff
changeset
|
33 |
%%%\titlerunning{Proving the Priority Inheritance Protocol Correct}
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
34 |
\def\dn{\,\stackrel{\mbox{\scriptsize def}}{=}\,}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
35 |
\renewcommand{\isasymequiv}{$\dn$}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
36 |
\renewcommand{\isasymemptyset}{$\varnothing$}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
37 |
\renewcommand{\isacharunderscore}{\mbox{$\_\!\_$}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
38 |
\renewcommand{\isasymiota}{}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
39 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
40 |
\newcommand{\numbered}[1]{\refstepcounter{equation}{\rm(\arabic{equation})}\label{#1}}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
41 |
\definecolor{mygrey}{rgb}{.80,.80,.80}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
42 |
|
|
20
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
43 |
%\newtheorem{definition}{Definition}
|
|
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
44 |
%\newtheorem{theorem}[definition]{Theorem}
|
|
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
45 |
%\newtheorem{lemma}[definition]{Lemma}
|
|
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
46 |
%\newtheorem{proof}{Proof}
|
|
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
47 |
%\renewcommand{\theproof}{}
|
|
b56616fd88dd
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
17
diff
changeset
|
48 |
%\newcommand{\qed}{\hfill \mbox{\raggedright \rule{0.1in}{0.1in}}}
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
49 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
50 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
51 |
\begin{document}
|
| 208 | 52 |
|
53 |
\title{Priority Inheritance Protocol Proved Correct$^\star$\thanks{$^\star$ This paper is a revised, corrected and expanded version of \cite{ZhangUrbanWu12}.
|
|
| 190 | 54 |
In Section 4 we improve our previous result by proving a finite bound for Priority Inversion. |
55 |
Moreover, we are giving in this paper |
|
| 201 | 56 |
more details about our proof and describe some of our (unverified) C-code for implementing the |
57 |
Priority Inversion |
|
58 |
Protocol, as well as surveying |
|
59 |
the existing literature in more depth. |
|
| 208 | 60 |
Our C-code follows closely all results we proved about optimisations of the Priority Inheritance Protocol.}} |
61 |
\titlerunning{Priority Inheritance Protocol Proved Correct}
|
|
62 |
\author{Xingyuan Zhang \and Christian Urban \and Chunhan Wu}
|
|
63 |
\institute{Chunhan Wu \and Xingyuan Zhang \at PLA University of Science and Technology Nanjing, China \and
|
|
64 |
Christian Urban \at King's College London, United Kingdom} |
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
65 |
\maketitle |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
66 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
67 |
\begin{abstract}
|
| 200 | 68 |
In real-time systems with threads, resource locking and priority |
69 |
sched\-uling, one faces the problem of Priority Inversion. This |
|
70 |
problem can make the behaviour of threads unpredictable and the |
|
71 |
resulting bugs can be hard to find. The Priority Inheritance |
|
72 |
Protocol is one solution implemented in many systems for solving |
|
73 |
this problem, but the correctness of this solution has never been |
|
74 |
formally verified in a theorem prover. As already pointed out in the |
|
75 |
literature, the original informal investigation of the Property |
|
76 |
Inheritance Protocol presents a correctness ``proof'' for an |
|
77 |
\emph{incorrect} algorithm. In this paper we fix the problem of this
|
|
78 |
proof by making all notions precise and implementing a variant of a |
|
79 |
solution proposed earlier. We also generalise the scheduling problem |
|
80 |
to the practically relevant case where critical sections can |
|
81 |
overlap. Our formalisation in Isabelle/HOL is based on Paulson's |
|
| 204 | 82 |
inductive approach to protocol verification. The formalisation not |
| 200 | 83 |
only uncovers facts overlooked in the literature, but also helps |
| 201 | 84 |
with an efficient implementation of this protocol. Earlier |
| 200 | 85 |
implementations were criticised as too inefficient. Our |
86 |
implementation builds on top of the small PINTOS operating system |
|
87 |
used for teaching.\medskip |
|
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
88 |
|
| 208 | 89 |
\noindent |
|
75
2aa37de77f31
updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
35
diff
changeset
|
90 |
{\bf Keywords:} Priority Inheritance Protocol, formal correctness proof,
|
|
2aa37de77f31
updated paper
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
35
diff
changeset
|
91 |
real-time systems, Isabelle/HOL |
|
6
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
92 |
\end{abstract}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
93 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
94 |
\input{session}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
95 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
96 |
%\bibliographystyle{plain}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
97 |
%\bibliography{root}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
98 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
99 |
\end{document}
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
100 |
|
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
101 |
%%% Local Variables: |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
102 |
%%% mode: latex |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
103 |
%%% TeX-master: t |
|
7f2493296c39
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
104 |
%%% End: |