<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <HEAD><TITLE>Priority Inversion Protocol</TITLE><BASE HREF="https://nms.kcl.ac.uk/christian.urban"></HEAD><BODY TEXT="#000000" BGCOLOR="#4169E1" LINK="#0000EF" VLINK="#51188E" ALINK="#FF0000"><TABLE WIDTH="100%" BGCOLOR="#4169E1" BORDER="0" FRAME="border" CELLPADDING="10" CELLSPACING="2" RULES="all"><!-- right column --><TR><TD BGCOLOR="#FFFFFF" WIDTH="75%"><H2>Proving the Priority Inheritance Protocol Correct</H2>By Xingyuan Zhang, Christian Urban and Chunhan Wu<p>In real-time systems with threads, resource locking and priority scheduling, one faces the problem of PriorityInversion. This problem can make the behaviour of threadsunpredictable and the resulting bugs can be hard to find. ThePriority Inheritance Protocol is one solution implemented in manysystems for solving this problem, but the correctness of this solutionhas never been formally verified in a theorem prover. As alreadypointed out in the literature, the original informal investigation ofthe Property Inheritance Protocol presents a correctness "proof" foran incorrect algorithm. In this paper we fix the problem ofthis proof by making all notions precise and implementing a variant ofa solution proposed earlier. Our formalisation in Isabelle/HOLuncovers facts not mentioned in the literature, but also shows how toefficiently implement this protocol. Earlier correct implementationswere criticised as too inefficient. Our formalisation is based onPaulson's inductive approach to verifying protocols.<BR><BR>The source code can be downloaded <A HREF="http://talisker.inf.kcl.ac.uk/cgi-bin/repos.cgi/pip/">here</A>.<BR><BR><BR><BR></TABLE><P><!-- Created: Tue Mar 4 00:23:25 GMT 1997 --><!-- hhmts start --> Last modified: Thu May 5 10:20:23 BST 2016 <!-- hhmts end --><a href="https://validator.w3.org/check/referer">[Validate this page.]</a></BODY></HTML>