Abstract
In real-time systems with threads, resource locking and priority scheduling, one faces the problem of Priority Inversion. This problem can make the behaviour of threads unpredictable and the resulting bugs can be hard to find. The Priority Inheritance Protocol is one solution implemented in many systems for solving this problem, but the correctness of this solution has never been formally verified in a theorem prover. As already pointed out in the literature, the original informal investigation of the Property Inheritance Protocol presents a correctness “proof” for an incorrect algorithm. In this paper we fix the problem of this proof by making all notions precise and implementing a variant of a solution proposed earlier. We also generalise the scheduling problem to the practically relevant case where crit- ical sections can overlap. Our formalisation in Isabelle/HOL is based on Paulson’s inductive approach to protocol verification. The formalisation not only uncovers facts overlooked in the literature, but also helps with an efficient implementation of this protocol. Earlier imple- mentations were criticised as too inefficient. Our implementation builds on top of the small PINTOS operating system used for teaching.
| Original language | English |
|---|---|
| Pages (from-to) | 73-95 |
| Number of pages | 23 |
| Journal | JOURNAL OF AUTOMATED REASONING |
| Volume | 64 |
| Issue number | 1 |
| Early online date | 12 Feb 2019 |
| DOIs | |
| Publication status | Published - 1 Jan 2020 |
Keywords
- Formal correctness proof
- Isabelle/HOL
- Priority Inheritance Protocol
- Real-time systems