Commit d6cdcfe1 authored by Sergey Bozhko's avatar Sergey Bozhko Committed by Björn Brandenburg

tighten response-time recurrence for EDF

When we were writing the paper on Abstract RTA, we noticed that the response-time recurrence for EDF does not match the known bound.

This merge request tightens the analysis in Prosa to match the known bound.
parent 05c93849
Pipeline #19186 passed with stages
in 5 minutes and 14 seconds
This diff is collapsed.
......@@ -129,8 +129,7 @@ Module RTAforConcreteModels.
job_arrival job_cost arr_seq sched
can_be_preempted_for_fully_preemptive_model higher_eq_priority.
(* Let L be any positive fixed point of the busy interval recurrence,
determined by the higher-or-equal-priority workload. *)
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = total_rbf L.
......@@ -173,7 +172,6 @@ Module RTAforConcreteModels.
rewrite /task_lock_in_service_le_task_cost. by done.
unfold task_lock_in_service_bounds_job_lock_in_service.
by intros ? ARR TSK; rewrite -TSK; apply H_job_cost_le_task_cost.
- by rewrite BLOCK add0n.
- move => A /andP [LT NEQ].
specialize (H_R_is_maximum A); feed H_R_is_maximum.
{ by apply/andP; split. }
......@@ -204,11 +202,10 @@ Module RTAforConcreteModels.
\max_(tsk_other <- ts | (tsk_other != tsk) && (D tsk_other > D tsk))
(task_cost tsk_other - ε).
(* Let L be any positive fixed point of the busy interval recurrence, determined by
the sum of blocking and higher-or-equal-priority workload. *)
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = blocking_bound + total_rbf L.
Hypothesis H_fixed_point: L = total_rbf L.
(* To reduce the time complexity of the analysis, recall the notion of search space. *)
Let is_in_search_space A :=
......@@ -294,11 +291,10 @@ Module RTAforConcreteModels.
\max_(tsk_other <- ts | (tsk_other != tsk) && (D tsk_other > D tsk))
(task_max_nps tsk_other - ε).
(* Let L be any positive fixed point of the busy interval recurrence, determined by
the sum of blocking and higher-or-equal-priority workload. *)
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = blocking_bound + total_rbf L.
Hypothesis H_fixed_point: L = total_rbf L.
(* To reduce the time complexity of the analysis, recall the notion of search space. *)
Let is_in_search_space A :=
......@@ -365,8 +361,7 @@ Module RTAforConcreteModels.
eapply uniprocessor_response_time_bound_edf_with_bounded_nonpreemptive_segments
with (task_lock_in_service := fun tsk => (task_cost tsk - (task_last_nps tsk - ε)))
(job_lock_in_service := fun job => (job_cost job - (job_last_nps job - ε)))
(L0 := L) (job_max_nps0 := job_max_nps)
(job_cost0 := job_cost )
(L0 := L)(job_cost0 := job_cost) (task_max_nps0 := task_max_nps)
; eauto 2.
{ by apply model_with_fixed_preemption_points_is_correct. }
{ eapply model_with_fixed_preemption_points_is_model_with_bounded_nonpreemptive_regions; eauto 2.
......@@ -426,7 +421,6 @@ Module RTAforConcreteModels.
eapply list_of_preemption_point_is_not_empty with (job_cost0 := job_cost); eauto 2.
}
by done.
rewrite -ENDj; last by done.
apply leq_trans with (job_max_nps j).
- by apply NondecreasingSequence.last_of_seq_le_max_of_seq.
......@@ -525,11 +519,10 @@ Module RTAforConcreteModels.
\max_(tsk_other <- ts | (tsk_other != tsk) && (D tsk_other > D tsk))
(task_max_nps tsk_other - ε).
(* Let L be any positive fixed point of the busy interval recurrence, determined by
the sum of blocking and higher-or-equal-priority workload. *)
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = blocking_bound + total_rbf L.
Hypothesis H_fixed_point: L = total_rbf L.
(* To reduce the time complexity of the analysis, recall the notion of search space. *)
Let is_in_search_space A :=
......
......@@ -306,7 +306,7 @@ Module RTAforEDFwithBoundedNonpreemptiveSegmentsWithArrivalCurves.
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = blocking_bound + total_rbf L.
Hypothesis H_fixed_point: L = total_rbf L.
(* To reduce the time complexity of the analysis, recall the notion of search space. *)
Let is_in_search_space A :=
......
......@@ -147,7 +147,7 @@ Module AbstractRTAforEDFwithArrivalCurves.
(* Let L be any positive fixed point of the busy interval recurrence. *)
Variable L: time.
Hypothesis H_L_positive: L > 0.
Hypothesis H_fixed_point: L = priority_inversion_bound + total_rbf L.
Hypothesis H_fixed_point: L = total_rbf L.
(* Next, we define an upper bound on interfering workload received from jobs
of other tasks with higher-than-or-equal priority. *)
......@@ -297,21 +297,15 @@ Module AbstractRTAforEDFwithArrivalCurves.
job_arrival job_cost job_task arr_seq sched tsk interference interfering_workload L.
Proof.
intros j ARR TSK POS.
have EX := exists_busy_interval
have EX := exists_busy_interval_from_total_workload_bound
job_arrival job_cost arr_seq _ sched _
EDF j _ _ _ _ _ _ priority_inversion_bound _ L.
feed_n 12 EX; try eauto 2.
EDF _ _ _ _ _ L _ _ j ARR POS.
feed_n 9 EX; try eauto 2.
{ by unfold JLFP_is_reflexive, reflexive, EDF, Priority.EDF. }
{ intros.
rewrite {2}H_fixed_point leq_add //.
apply leq_trans with (workload_of_jobs job_cost (jobs_arrived_between arr_seq t (t + L)) predT).
- rewrite /workload_of_higher_or_equal_priority_jobs /workload_of_jobs
big_mkcond [X in _ <= X]big_mkcond leq_sum //=.
intros s _.
by case (EDF s j).
- apply total_workload_le_total_rbf'' with job_task; try done.
intros tsk0 IN0.
by move: (H_family_of_proper_arrival_curves tsk0 IN0) => [ARRB _].
rewrite {2}H_fixed_point.
apply total_workload_le_total_rbf'' with job_task; try done.
by intros tsk0 IN0; move: (H_family_of_proper_arrival_curves tsk0 IN0) => [ARRB _].
}
move: EX => [t1 [t2 [H1 [H2 GGG]]]].
exists t1, t2; split; first by done.
......
......@@ -203,6 +203,7 @@ Module Service.
(* ... where jobs do not execute before their arrival or after completion. *)
Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute job_arrival sched.
Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.
Hypothesis H_jobs_come_from_arrival_sequence: jobs_come_from_arrival_sequence sched arr_seq.
(* For simplicity, let's define some local names. *)
Let job_completed_by := completed_by job_cost sched.
......@@ -366,6 +367,95 @@ Module Service.
by apply service_of_jobs_le_1.
Qed.
(* Next we prove that total service that is lower than the
range implies the existence of an idle time instant. *)
Lemma low_service_implies_existence_of_idle_time :
forall t1 t2,
t1 <= t2 ->
service_of_jobs sched (arrivals_between 0 t2) predT t1 t2 < t2 - t1 ->
exists t, t1 <= t < t2 /\ is_idle sched t.
Proof.
intros ? ? LE SERV.
have EX: exists δ, t2 = t1 + δ.
{ by exists (t2 - t1); rewrite subnKC // ltnW. }
move: EX => [δ EQ]; subst t2; clear LE.
rewrite {3}[t1 + δ]addnC -addnBA // subnn addn0 in SERV.
rewrite /service_of_jobs exchange_big //= in SERV.
apply sum_le_summation_range in SERV.
move: SERV => [x [/andP [GEx LEx] L]].
exists x; split; first by apply/andP; split.
apply/negPn; apply/negP; intros NIDLE.
unfold is_idle in NIDLE.
destruct(sched x) eqn:SCHED; last by done.
move: SCHED => /eqP SCHED; clear NIDLE.
move: L => /eqP; rewrite -sum_nat_eq0_nat; move => /allP L.
specialize (L s); feed L.
{ unfold arrivals_between.
eapply arrived_between_implies_in_arrivals; eauto 2.
apply/andP; split; first by done.
apply H_jobs_must_arrive_to_execute in SCHED.
by apply leq_ltn_trans with x.
}
by move: L; simpl; rewrite /service_at /scheduled_at SCHED eqb0; move => /eqP EQ.
Qed.
(* In this section we prove a few facts about splitting
the total service of a set of jobs. *)
Section ServiceCat.
(* We show that the total service of jobs released in a time interval [t1,t2) during [t1,t2)
is equal to the sum of:
(1) the total service of jobs released in time interval [t1, t) during time [t1, t)
(2) the total service of jobs released in time interval [t1, t) during time [t, t2)
and (3) the total service of jobs released in time interval [t, t2) during time [t, t2). *)
Lemma service_of_jobs_cat_scheduling_interval :
forall P t1 t2 t,
t1 <= t <= t2 ->
service_of_jobs sched (arrivals_between t1 t2) P t1 t2
= service_of_jobs sched (arrivals_between t1 t) P t1 t
+ service_of_jobs sched (arrivals_between t1 t) P t t2
+ service_of_jobs sched (arrivals_between t t2) P t t2.
Proof.
move => P t1 t2 t /andP [GEt LEt].
rewrite /arrivals_between (job_arrived_between_cat _ _ t) //.
rewrite {1}/service_of_jobs big_cat //=.
rewrite exchange_big //= (@big_cat_nat _ _ _ t) //=;
rewrite [in X in X + _ + _]exchange_big //= [in X in _ + X + _]exchange_big //=.
apply/eqP; rewrite -!addnA eqn_add2l eqn_add2l.
rewrite exchange_big //= (@big_cat_nat _ _ _ t) //= [in X in _ + X]exchange_big //=.
rewrite -[service_of_jobs _ _ _ _ _]add0n /service_of_jobs eqn_add2r.
rewrite big_nat_cond big1 //.
move => x /andP [/andP [GEi LTi] _].
rewrite big_seq_cond big1 //.
move => s /andP [ARR Ps].
rewrite /service_at /scheduled_at.
apply/eqP; rewrite eqb0; apply/negP; intros SCHED.
apply H_jobs_must_arrive_to_execute in SCHED.
eapply in_arrivals_implies_arrived_between in ARR; eauto 2.
move: SCHED; rewrite /has_arrived leqNgt; move => /negP CONTR; apply: CONTR.
move: ARR => /andP [ARR1 ARR2].
by apply leq_trans with t.
Qed.
(* We show that the total service of jobs released in a time interval [t1,t2) during [t,t2)
is equal to the sum of:
(1) the total service of jobs released in a time interval [t1,t) during [t,t2)
and (2) the total service of jobs released in a time interval [t,t2) during [t,t2). *)
Lemma service_of_jobs_cat_arrival_interval :
forall P t1 t2 t,
t1 <= t <= t2 ->
service_of_jobs sched (arrivals_between t1 t2) P t t2 =
service_of_jobs sched (arrivals_between t1 t) P t t2 +
service_of_jobs sched (arrivals_between t t2) P t t2.
Proof.
move => P t1 t2 t /andP [GEt LEt].
apply/eqP;rewrite eq_sym; apply/eqP.
rewrite /arrivals_between [in X in _ = X](job_arrived_between_cat _ _ t) //.
by rewrite {3}/service_of_jobs -big_cat //=.
Qed.
End ServiceCat.
(* In this section, we introduce a connection between the cumulative
service, cumulative workload, and completion of jobs. *)
Section WorkloadServiceAndCompletion.
......
......@@ -262,6 +262,28 @@ Section ExtraLemmas.
by rewrite subnn addn0.
Qed.
(* We show that the fact that the sum is smaller than the range
of the summation implies the existence of a zero element. *)
Lemma sum_le_summation_range :
forall f t Δ,
\sum_(t <= x < t + Δ) f x < Δ ->
exists x, t <= x < t + Δ /\ f x = 0.
Proof.
induction Δ; intros; first by rewrite ltn0 in H.
destruct (f (t + Δ)) eqn: EQ.
{ exists (t + Δ); split; last by done.
by apply/andP; split; [rewrite leq_addr | rewrite addnS ltnS].
}
{ move: H; rewrite addnS big_nat_recr //= ?leq_addr // EQ addnS ltnS; move => H.
feed IHΔ.
{ by apply leq_ltn_trans with (\sum_(t <= i < t + Δ) f i + n); first rewrite leq_addr. }
move: IHΔ => [z [/andP [LE GE] ZERO]].
exists z; split; last by done.
apply/andP; split; first by done.
by rewrite ltnS ltnW.
}
Qed.
End ExtraLemmas.
(* Lemmas about arithmetic with sums. *)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment