| author | cu | 
| Thu, 28 Sep 2017 14:53:38 +0100 | |
| changeset 511 | 55bc18956577 | 
| parent 508 | 75cb87ade00f | 
| child 600 | 8628e9e9d73d | 
| permissions | -rw-r--r-- | 
| 86 | 1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" | 
| 2 | "http://www.w3.org/TR/REC-html40/loose.dtd"> | |
| 3 | <HEAD> | |
| 4 | <TITLE>Priority Inversion Protocol</TITLE> | |
| 508 | 5 | <BASE HREF="https://nms.kcl.ac.uk/christian.urban"> | 
| 86 | 6 | </HEAD> | 
| 7 | ||
| 8 | <BODY TEXT="#000000" | |
| 9 | BGCOLOR="#4169E1" | |
| 10 | LINK="#0000EF" | |
| 11 | VLINK="#51188E" | |
| 12 | ALINK="#FF0000"> | |
| 13 | ||
| 14 | <TABLE WIDTH="100%" | |
| 15 | BGCOLOR="#4169E1" | |
| 16 | BORDER="0" | |
| 17 | FRAME="border" | |
| 18 | CELLPADDING="10" | |
| 19 | CELLSPACING="2" | |
| 20 | RULES="all"> | |
| 21 | ||
| 22 | <!-- right column --> | |
| 23 | <TR> | |
| 24 | <TD BGCOLOR="#FFFFFF" WIDTH="75%"> | |
| 25 | <H2>Proving the Priority Inheritance Protocol Correct</H2> | |
| 26 | ||
| 27 | By Xingyuan Zhang, Christian Urban and Chunhan Wu | |
| 28 | <p> | |
| 29 | In real-time systems with threads, resource locking and | |
| 30 | priority scheduling, one faces the problem of Priority | |
| 31 | Inversion. This problem can make the behaviour of threads | |
| 32 | unpredictable and the resulting bugs can be hard to find. The | |
| 33 | Priority Inheritance Protocol is one solution implemented in many | |
| 34 | systems for solving this problem, but the correctness of this solution | |
| 35 | has never been formally verified in a theorem prover. As already | |
| 36 | pointed out in the literature, the original informal investigation of | |
| 37 | the Property Inheritance Protocol presents a correctness "proof" for | |
| 38 | an incorrect algorithm. In this paper we fix the problem of | |
| 39 | this proof by making all notions precise and implementing a variant of | |
| 40 | a solution proposed earlier. Our formalisation in Isabelle/HOL | |
| 41 | uncovers facts not mentioned in the literature, but also shows how to | |
| 42 | efficiently implement this protocol. Earlier correct implementations | |
| 43 | were criticised as too inefficient. Our formalisation is based on | |
| 44 | Paulson's inductive approach to verifying protocols. | |
| 45 | <BR><BR> | |
| 46 | ||
| 87 | 47 | The source code can be downloaded | 
| 508 | 48 | <A HREF="http://talisker.inf.kcl.ac.uk/cgi-bin/repos.cgi/pip/">here</A>. | 
| 86 | 49 | <BR><BR><BR><BR> | 
| 50 | ||
| 51 | </TABLE> | |
| 432 
87c1ad539fc9
updated
 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 
87diff
changeset | 52 | <P> | 
| 
87c1ad539fc9
updated
 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 
87diff
changeset | 53 | <!-- Created: Tue Mar 4 00:23:25 GMT 1997 --> | 
| 
87c1ad539fc9
updated
 Christian Urban <christian dot urban at kcl dot ac dot uk> parents: 
87diff
changeset | 54 | <!-- hhmts start --> Last modified: Thu May 5 10:20:23 BST 2016 <!-- hhmts end --> | 
| 508 | 55 | <a href="https://validator.w3.org/check/referer">[Validate this page.]</a> | 
| 86 | 56 | </BODY> | 
| 57 | </HTML> |