| author | Christian Urban <christian.urban@kcl.ac.uk> |
| Fri, 23 Feb 2024 11:59:17 +0000 | |
| changeset 645 | 552a6b834d43 |
| parent 600 | 8628e9e9d73d |
| permissions | -rw-r--r-- |
| 86 | 1 |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" |
2 |
"http://www.w3.org/TR/REC-html40/loose.dtd"> |
|
3 |
<HEAD> |
|
4 |
<TITLE>Priority Inversion Protocol</TITLE> |
|
| 508 | 5 |
<BASE HREF="https://nms.kcl.ac.uk/christian.urban"> |
| 86 | 6 |
</HEAD> |
7 |
||
8 |
<BODY TEXT="#000000" |
|
9 |
BGCOLOR="#4169E1" |
|
10 |
LINK="#0000EF" |
|
11 |
VLINK="#51188E" |
|
12 |
ALINK="#FF0000"> |
|
13 |
||
14 |
<TABLE WIDTH="100%" |
|
15 |
BGCOLOR="#4169E1" |
|
16 |
BORDER="0" |
|
17 |
FRAME="border" |
|
18 |
CELLPADDING="10" |
|
19 |
CELLSPACING="2" |
|
20 |
RULES="all"> |
|
21 |
||
22 |
<!-- right column --> |
|
23 |
<TR> |
|
24 |
<TD BGCOLOR="#FFFFFF" WIDTH="75%"> |
|
25 |
<H2>Proving the Priority Inheritance Protocol Correct</H2> |
|
26 |
||
27 |
By Xingyuan Zhang, Christian Urban and Chunhan Wu |
|
28 |
<p> |
|
29 |
In real-time systems with threads, resource locking and |
|
30 |
priority scheduling, one faces the problem of Priority |
|
31 |
Inversion. This problem can make the behaviour of threads |
|
32 |
unpredictable and the resulting bugs can be hard to find. The |
|
33 |
Priority Inheritance Protocol is one solution implemented in many |
|
34 |
systems for solving this problem, but the correctness of this solution |
|
35 |
has never been formally verified in a theorem prover. As already |
|
36 |
pointed out in the literature, the original informal investigation of |
|
37 |
the Property Inheritance Protocol presents a correctness "proof" for |
|
38 |
an incorrect algorithm. In this paper we fix the problem of |
|
39 |
this proof by making all notions precise and implementing a variant of |
|
40 |
a solution proposed earlier. Our formalisation in Isabelle/HOL |
|
41 |
uncovers facts not mentioned in the literature, but also shows how to |
|
42 |
efficiently implement this protocol. Earlier correct implementations |
|
43 |
were criticised as too inefficient. Our formalisation is based on |
|
44 |
Paulson's inductive approach to verifying protocols. |
|
45 |
<BR><BR> |
|
46 |
||
| 87 | 47 |
The source code can be downloaded |
| 600 | 48 |
<A HREF="http://talisker.nms.kcl.ac.uk/cgi-bin/repos.cgi/pip/">here</A>. |
| 86 | 49 |
<BR><BR><BR><BR> |
50 |
||
51 |
</TABLE> |
|
|
432
87c1ad539fc9
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
87
diff
changeset
|
52 |
<P> |
|
87c1ad539fc9
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
87
diff
changeset
|
53 |
<!-- Created: Tue Mar 4 00:23:25 GMT 1997 --> |
|
87c1ad539fc9
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
87
diff
changeset
|
54 |
<!-- hhmts start --> Last modified: Thu May 5 10:20:23 BST 2016 <!-- hhmts end --> |
| 508 | 55 |
<a href="https://validator.w3.org/check/referer">[Validate this page.]</a> |
| 86 | 56 |
</BODY> |
57 |
</HTML> |