A typed interrupt calculus

Abstract. Most real-time systems require responsive interrupt handling. Programming of interrupt handlers is challenging: in order to ensure responsiveness, it is often necessary to have interrupt processing enabled in the body of lower priority handlers. It would be a programming error to allow the interrupt handlers to interrupt each other in a cyclic fashion; it could lead to an unbounded stack. Until now, static checking for such errors could only be done using model checking. However, the needed form of model checking requires a whole-program analysis that cannot check program fragments. In this paper, we present a calculus that contains essential constructs for programming interrupt-driven systems. The calculus has a static type system that guarantees stack boundedness and enables modular type checking. A number of common programming idioms have been type checked using our prototype implementation.