Skip to content

R
rt-proofs
Commit a58b283a authored by Felipe Cerqueira's avatar Felipe Cerqueira
Browse files
Options

Remove JobIn to simplify specification

parent 9295617e
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 4947 additions and 4519 deletions
Makefile
View file @ a58b283a
This diff is collapsed.
analysis/apa/bertogna_edf_comp.v
View file @ a58b283a
......@@ -16,6 +16,7 @@ Module ResponseTimeIterationEDF.
Variable task_deadline: sporadic_task -> time.
Context {Job: eqType}.
Variable job_arrival: Job -> time.
Variable job_cost: Job -> time.
Variable job_deadline: Job -> time.
Variable job_task: Job -> sporadic_task.
......@@ -883,46 +884,51 @@ Module ResponseTimeIterationEDF.
forall tsk, tsk \in ts -> is_subaffinity (alpha' tsk) (alpha tsk).
(* Next, consider any arrival sequence such that...*)
Context {arr_seq: arrival_sequence Job}.
Variable arr_seq: arrival_sequence Job.
(* ...all jobs come from task set ts, ...*)
Hypothesis H_all_jobs_from_taskset:
forall (j: JobIn arr_seq), job_task j \in ts.
forall j,
arrives_in arr_seq j -> job_task j \in ts.
(* ...they have valid parameters,...*)
Hypothesis H_valid_job_parameters:
forall (j: JobIn arr_seq),
forall j,
arrives_in arr_seq j ->
valid_sporadic_job task_cost task_deadline job_cost job_deadline job_task j.
(* ... and satisfy the sporadic task model.*)
Hypothesis H_sporadic_tasks:
sporadic_task_model task_period arr_seq job_task.
sporadic_task_model task_period job_arrival job_task arr_seq.
(* Then, consider any schedule with at least one CPU such that...*)
Variable sched: schedule num_cpus arr_seq.
Variable sched: schedule Job num_cpus.
Hypothesis H_jobs_come_from_arrival_sequence:
jobs_come_from_arrival_sequence sched arr_seq.
(* ...jobs only execute after they arrived and no longer
than their execution costs,... *)
Hypothesis H_jobs_must_arrive_to_execute:
jobs_must_arrive_to_execute sched.
Hypothesis H_completed_jobs_dont_execute:
completed_jobs_dont_execute job_cost sched.
Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute job_arrival sched.
Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.
(* ...and jobs are sequential. *)
Hypothesis H_sequential_jobs: sequential_jobs sched.
(* Assume a work-conserving APA scheduler that respects EDF policy. *)
Hypothesis H_respects_affinity: respects_affinity job_task sched alpha.
Hypothesis H_work_conserving: apa_work_conserving job_cost job_task sched alpha.
Hypothesis H_edf_policy: respects_JLFP_policy_under_weak_APA job_cost job_task sched alpha (EDF job_deadline).
Hypothesis H_work_conserving: apa_work_conserving job_arrival job_cost job_task arr_seq
sched alpha.
Hypothesis H_edf_policy:
respects_JLFP_policy_under_weak_APA job_arrival job_cost job_task
arr_seq sched alpha (EDF job_arrival job_deadline).
(* To avoid a long list of parameters, we provide some local definitions. *)
Definition no_deadline_missed_by_task (tsk: sporadic_task) :=
task_misses_no_deadline job_cost job_deadline job_task sched tsk.
task_misses_no_deadline job_arrival job_cost job_deadline job_task arr_seq sched tsk.
Definition no_deadline_missed_by_job :=
job_misses_no_deadline job_cost job_deadline sched.
job_misses_no_deadline job_arrival job_cost job_deadline sched.
Let response_time_bounded_by (tsk: sporadic_task) :=
is_response_time_bound_of_task job_cost job_task tsk sched.
is_response_time_bound_of_task job_arrival job_cost job_task arr_seq sched tsk.
(* In the following theorem, we prove that any response-time bound contained
in edf_claimed_bounds is safe. The proof follows by direct application of
......@@ -933,12 +939,12 @@ Module ResponseTimeIterationEDF.
response_time_bounded_by tsk R.
Proof.
have BOUND := bertogna_cirinei_response_time_bound_edf.
intros tsk R IN j JOBj.
intros tsk R IN j ARRj JOBj.
destruct (edf_claimed_bounds ts) as [rt_bounds |] eqn:SOME; last by done.
unfold edf_rta_iteration in *.
unfold is_response_time_bound_of_task in *.
apply BOUND with (task_cost := task_cost) (task_period := task_period)
(task_deadline := task_deadline) (job_deadline := job_deadline)
(arr_seq := arr_seq) (task_deadline := task_deadline) (job_deadline := job_deadline)
(job_task := job_task) (ts := ts) (tsk := tsk) (rt_bounds := rt_bounds) (alpha := alpha) (alpha' := alpha'); try (by ins).
by unfold edf_claimed_bounds in SOME; desf; rewrite edf_claimed_bounds_unzip1_iteration.
by ins; apply edf_claimed_bounds_finds_fixed_point_for_each_bound with (ts := ts).
......@@ -960,10 +966,10 @@ Module ResponseTimeIterationEDF.
edf_schedulable,
valid_sporadic_job in *.
rename H_valid_job_parameters into JOBPARAMS.
intros tsk INtsk j JOBtsk.
intros tsk INtsk j ARRj JOBtsk.
destruct (edf_claimed_bounds ts) as [rt_bounds |] eqn:SOME; last by ins.
exploit (HAS rt_bounds tsk); [by ins | by ins | clear HAS; intro HAS; des].
have COMPLETED := RLIST tsk R HAS j JOBtsk.
have COMPLETED := RLIST tsk R HAS j ARRj JOBtsk.
exploit (DL rt_bounds tsk R);
[by ins | by ins | clear DL; intro DL].
......@@ -972,7 +978,7 @@ Module ResponseTimeIterationEDF.
{
unfold valid_sporadic_taskset, is_valid_sporadic_task in *.
apply extend_sum; rewrite // leq_add2l.
specialize (JOBPARAMS j); des; rewrite JOBPARAMS1.
specialize (JOBPARAMS j ARRj); des; rewrite JOBPARAMS1.
by rewrite JOBtsk.
}
rewrite leq_eqVlt; apply/orP; left; rewrite eq_sym.
......@@ -983,12 +989,12 @@ Module ResponseTimeIterationEDF.
are spawned by the task set, we conclude that no job misses
its deadline. *)
Theorem jobs_schedulable_by_edf_rta :
forall (j: JobIn arr_seq), no_deadline_missed_by_job j.
forall j, arrives_in arr_seq j -> no_deadline_missed_by_job j.
Proof.
intros j.
intros j ARRj.
have SCHED := taskset_schedulable_by_edf_rta.
unfold no_deadline_missed_by_task, task_misses_no_deadline in *.
apply SCHED with (tsk := job_task j); last by done.
apply SCHED with (tsk := job_task j); try (by done).
by apply H_all_jobs_from_taskset.
Qed.
......
analysis/apa/bertogna_edf_theory.v
View file @ a58b283a
This diff is collapsed.
analysis/apa/bertogna_fp_comp.v
View file @ a58b283a
......@@ -16,6 +16,7 @@ Module ResponseTimeIterationFP.
Variable task_deadline: sporadic_task -> time.
Context {Job: eqType}.
Variable job_arrival: Job -> time.
Variable job_cost: Job -> time.
Variable job_deadline: Job -> time.
Variable job_task: Job -> sporadic_task.
......@@ -503,47 +504,50 @@ Module ResponseTimeIterationFP.
Hypothesis H_priority_transitive: FP_is_transitive higher_priority.
(* Next, consider any arrival sequence such that...*)
Context {arr_seq: arrival_sequence Job}.
Variable arr_seq: arrival_sequence Job.
(* ...all jobs come from task set ts, ...*)
Hypothesis H_all_jobs_from_taskset:
forall (j: JobIn arr_seq), job_task j \in ts.
forall j, arrives_in arr_seq j -> job_task j \in ts.
(* ...jobs have valid parameters,...*)
Hypothesis H_valid_job_parameters:
forall (j: JobIn arr_seq),
forall j,
arrives_in arr_seq j ->
valid_sporadic_job task_cost task_deadline job_cost job_deadline job_task j.
(* ... and satisfy the sporadic task model.*)
Hypothesis H_sporadic_tasks:
sporadic_task_model task_period arr_seq job_task.
sporadic_task_model task_period job_arrival job_task arr_seq.
(* Then, consider any schedule such that...*)
Variable sched: schedule num_cpus arr_seq.
Variable sched: schedule Job num_cpus.
Hypothesis H_jobs_come_from_arrival_sequence:
jobs_come_from_arrival_sequence sched arr_seq.
(* ...jobs only execute after they arrived and no longer
than their execution costs,... *)
Hypothesis H_jobs_must_arrive_to_execute:
jobs_must_arrive_to_execute sched.
Hypothesis H_completed_jobs_dont_execute:
completed_jobs_dont_execute job_cost sched.
Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute job_arrival sched.
Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.
(* ...and jobs are sequential. *)
Hypothesis H_sequential_jobs: sequential_jobs sched.
(* Assume a work-conserving APA scheduler that respects the FP policy. *)
Hypothesis H_respects_affinity: respects_affinity job_task sched alpha.
Hypothesis H_work_conserving: apa_work_conserving job_cost job_task sched alpha.
Hypothesis H_work_conserving: apa_work_conserving job_arrival job_cost job_task arr_seq
sched alpha.
Hypothesis H_respects_FP_policy:
respects_FP_policy_under_weak_APA job_cost job_task sched alpha higher_priority.
respects_FP_policy_under_weak_APA job_arrival job_cost job_task arr_seq sched
alpha higher_priority.
(* To avoid a long list of parameters, we provide some local definitions. *)
Let no_deadline_missed_by_task (tsk: sporadic_task) :=
task_misses_no_deadline job_cost job_deadline job_task sched tsk.
task_misses_no_deadline job_arrival job_cost job_deadline job_task arr_seq sched tsk.
Let no_deadline_missed_by_job :=
job_misses_no_deadline job_cost job_deadline sched.
job_misses_no_deadline job_arrival job_cost job_deadline sched.
Let response_time_bounded_by (tsk: sporadic_task) :=
is_response_time_bound_of_task job_cost job_task tsk sched.
is_response_time_bound_of_task job_arrival job_cost job_task arr_seq sched tsk.
(* In the following theorem, we prove that any response-time bound contained
in fp_claimed_bounds is safe. The proof follows by induction on the task set:
......@@ -580,20 +584,13 @@ Module ResponseTimeIterationFP.
clear EQ.
assert (PAIR: forall idx, (TASK idx, RESP idx) = NTH idx).
{
by intros i; unfold TASK, RESP; destruct (NTH i).
}
assert (SUBST: forall i, i < size hp_bounds -> TASK i = nth tsk ts i).
{
by intros i LTi; rewrite /TASK /NTH -UNZIP (nth_map elem) //.
}
assert (SIZE: size hp_bounds = size ts).
{
by rewrite -UNZIP size_map.
}
induction idx as [idx IH'] using strong_ind.
......@@ -688,7 +685,7 @@ Module ResponseTimeIterationFP.
job_misses_no_deadline, completed,
fp_schedulable, valid_sporadic_job in *.
rename H_valid_job_parameters into JOBPARAMS.
move => tsk INtsk j JOBtsk.
move => tsk INtsk j ARRj JOBtsk.
destruct (fp_claimed_bounds ts) as [rt_bounds |]; last by ins.
feed (UNZIP rt_bounds); first by done.
......@@ -697,14 +694,14 @@ Module ResponseTimeIterationFP.
rewrite set_mem -UNZIP in INtsk; move: INtsk => /mapP EX.
by destruct EX as [p]; destruct p as [tsk' R]; simpl in *; subst tsk'; exists R.
} des.
exploit (RLIST tsk R); [by ins | by apply JOBtsk | intro COMPLETED].
exploit (RLIST tsk R EX j ARRj); [by apply JOBtsk | intro COMPLETED].
exploit (DL rt_bounds tsk R); [by ins | by ins | clear DL; intro DL].
rewrite eqn_leq; apply/andP; split; first by apply cumulative_service_le_job_cost.
apply leq_trans with (n := service sched j (job_arrival j + R)); last first.
{
unfold valid_sporadic_taskset, is_valid_sporadic_task in *.
apply extend_sum; rewrite // leq_add2l.
specialize (JOBPARAMS j); des; rewrite JOBPARAMS1.
specialize (JOBPARAMS j ARRj); des; rewrite JOBPARAMS1.
by rewrite JOBtsk.
}
rewrite leq_eqVlt; apply/orP; left; rewrite eq_sym.
......@@ -715,12 +712,12 @@ Module ResponseTimeIterationFP.
are spawned by the task set, we also conclude that no job in
the schedule misses its deadline. *)
Theorem jobs_schedulable_by_fp_rta :
forall (j: JobIn arr_seq), no_deadline_missed_by_job j.
forall j, arrives_in arr_seq j -> no_deadline_missed_by_job j.
Proof.
intros j.
intros j ARRj.
have SCHED := taskset_schedulable_by_fp_rta.
unfold no_deadline_missed_by_task, task_misses_no_deadline in *.
apply SCHED with (tsk := job_task j); last by done.
apply SCHED with (tsk := job_task j); try (by done).
by apply H_all_jobs_from_taskset.
Qed.
......
analysis/apa/bertogna_fp_theory.v
View file @ a58b283a
This diff is collapsed.
analysis/apa/interference_bound_edf.v
View file @ a58b283a
This diff is collapsed.
analysis/apa/workload_bound.v
View file @ a58b283a
This diff is collapsed.
analysis/global/basic/bertogna_edf_comp.v
View file @ a58b283a
......@@ -20,6 +20,7 @@ Module ResponseTimeIterationEDF.
Let task_with_response_time := (sporadic_task * time)%type.
Context {Job: eqType}.
Variable job_arrival: Job -> time.
Variable job_cost: Job -> time.
Variable job_deadline: Job -> time.
Variable job_task: Job -> sporadic_task.
......@@ -869,45 +870,47 @@ Module ResponseTimeIterationEDF.
forall tsk, tsk \in ts -> task_deadline tsk <= task_period tsk.
(* Next, consider any arrival sequence such that...*)
Context {arr_seq: arrival_sequence Job}.
Variable arr_seq: arrival_sequence Job.
(* ...all jobs come from task set ts, ...*)
Hypothesis H_all_jobs_from_taskset:
forall (j: JobIn arr_seq), job_task j \in ts.
forall j, arrives_in arr_seq j -> job_task j \in ts.
(* ...they have valid parameters,...*)
Hypothesis H_valid_job_parameters:
forall (j: JobIn arr_seq),
forall j,
arrives_in arr_seq j ->
valid_sporadic_job task_cost task_deadline job_cost job_deadline job_task j.
(* ... and satisfy the sporadic task model.*)
Hypothesis H_sporadic_tasks:
sporadic_task_model task_period arr_seq job_task.
sporadic_task_model task_period job_arrival job_task arr_seq.
(* Then, consider any platform with at least one CPU such that...*)
Variable sched: schedule num_cpus arr_seq.
(* Then, consider any schedule of this arrival sequence such that... *)
Variable sched: schedule Job num_cpus.
Hypothesis H_at_least_one_cpu: num_cpus > 0.
Hypothesis H_jobs_come_from_arrival_sequence:
jobs_come_from_arrival_sequence sched arr_seq.
(* ...jobs only execute after they arrived and no longer
than their execution costs. *)
Hypothesis H_jobs_must_arrive_to_execute:
jobs_must_arrive_to_execute sched.
Hypothesis H_completed_jobs_dont_execute:
completed_jobs_dont_execute job_cost sched.
Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute job_arrival sched.
Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.
(* Also assume that jobs are sequential. *)
Hypothesis H_sequential_jobs: sequential_jobs sched.
(* Assume a work-conserving scheduler with EDF policy. *)
Hypothesis H_work_conserving: work_conserving job_cost sched.
Hypothesis H_edf_policy: respects_JLFP_policy job_cost sched (EDF job_deadline).
Hypothesis H_work_conserving: work_conserving job_arrival job_cost arr_seq sched.
Hypothesis H_edf_policy: respects_JLFP_policy job_arrival job_cost arr_seq sched
(EDF job_arrival job_deadline).
Definition no_deadline_missed_by_task (tsk: sporadic_task) :=
task_misses_no_deadline job_cost job_deadline job_task sched tsk.
task_misses_no_deadline job_arrival job_cost job_deadline job_task arr_seq sched tsk.
Definition no_deadline_missed_by_job :=
job_misses_no_deadline job_cost job_deadline sched.
job_misses_no_deadline job_arrival job_cost job_deadline sched.
Let response_time_bounded_by (tsk: sporadic_task) :=
is_response_time_bound_of_task job_cost job_task tsk sched.
is_response_time_bound_of_task job_arrival job_cost job_task arr_seq sched tsk.
(* In the following theorem, we prove that any response-time bound contained
in edf_claimed_bounds is safe. The proof follows by direct application of
......@@ -923,7 +926,7 @@ Module ResponseTimeIterationEDF.
have BOUND := bertogna_cirinei_response_time_bound_edf.
unfold is_response_time_bound_of_task in *.
apply BOUND with (task_cost := task_cost) (task_period := task_period)
(task_deadline := task_deadline) (job_deadline := job_deadline)
(arr_seq := arr_seq) (task_deadline := task_deadline) (job_deadline := job_deadline)
(job_task := job_task) (ts := ts) (tsk := tsk) (rt_bounds := rt_bounds); try (by ins).
by unfold edf_claimed_bounds in SOME; desf; rewrite edf_claimed_bounds_unzip1_iteration.
by ins; apply edf_claimed_bounds_finds_fixed_point_for_each_bound with (ts := ts).
......@@ -952,19 +955,18 @@ Module ResponseTimeIterationEDF.
H_all_jobs_from_taskset into ALLJOBS,
H_test_succeeds into TEST.
move => tsk INtsk j JOBtsk.
move => tsk INtsk j ARRj JOBtsk.
destruct (edf_claimed_bounds ts) as [rt_bounds |] eqn:SOME; last by ins.
exploit (HAS rt_bounds tsk); [by ins | by ins | clear HAS; intro HAS; des].
have COMPLETED := RLIST tsk R HAS j JOBtsk.
exploit (DL rt_bounds tsk R);
[by ins | by ins | clear DL; intro DL].
have COMPLETED := RLIST tsk R HAS j ARRj JOBtsk.
exploit (DL rt_bounds tsk R); try (by done); clear DL; intro DL.
rewrite eqn_leq; apply/andP; split; first by apply cumulative_service_le_job_cost.
apply leq_trans with (n := service sched j (job_arrival j + R)); last first.
{
unfold valid_sporadic_taskset, is_valid_sporadic_task in *.
apply extend_sum; rewrite // leq_add2l.
specialize (JOBPARAMS j); des; rewrite JOBPARAMS1.
specialize (JOBPARAMS j ARRj); des; rewrite JOBPARAMS1.
by rewrite JOBtsk.
}
rewrite leq_eqVlt; apply/orP; left; rewrite eq_sym.
......@@ -975,12 +977,12 @@ Module ResponseTimeIterationEDF.
are spawned by the task set, we conclude that no job misses
its deadline. *)
Theorem jobs_schedulable_by_edf_rta :
forall (j: JobIn arr_seq), no_deadline_missed_by_job j.
forall j, arrives_in arr_seq j -> no_deadline_missed_by_job j.
Proof.
intros j.
intros j ARRj.
have SCHED := taskset_schedulable_by_edf_rta.
unfold no_deadline_missed_by_task, task_misses_no_deadline in *.
apply SCHED with (tsk := job_task j); last by done.
apply SCHED with (tsk := job_task j); try (by done).
by apply H_all_jobs_from_taskset.
Qed.
......
analysis/global/basic/bertogna_edf_theory.v
View file @ a58b283a
This diff is collapsed.
analysis/global/basic/bertogna_fp_comp.v
View file @ a58b283a
......@@ -20,6 +20,7 @@ Module ResponseTimeIterationFP.
Let task_with_response_time := (sporadic_task * time)%type.
Context {Job: eqType}.
Variable job_arrival: Job -> time.
Variable job_cost: Job -> time.
Variable job_deadline: Job -> time.
Variable job_task: Job -> sporadic_task.
......@@ -493,25 +494,28 @@ Module ResponseTimeIterationFP.
(* ...all jobs come from task set ts, ...*)
Hypothesis H_all_jobs_from_taskset:
forall (j: JobIn arr_seq), job_task j \in ts.
forall j, arrives_in arr_seq j -> job_task j \in ts.
(* ...jobs have valid parameters,...*)
Hypothesis H_valid_job_parameters:
forall (j: JobIn arr_seq),
forall j,
arrives_in arr_seq j ->
valid_sporadic_job task_cost task_deadline job_cost job_deadline job_task j.
(* ... and satisfy the sporadic task model.*)
Hypothesis H_sporadic_tasks:
sporadic_task_model task_period arr_seq job_task.
sporadic_task_model task_period job_arrival job_task arr_seq.
(* Then, consider any platform with at least one CPU such that...*)
Variable sched: schedule num_cpus arr_seq.
(* Then, consider any schedule of this arrival sequence such that... *)
Variable sched: schedule Job num_cpus.
Hypothesis H_at_least_one_cpu: num_cpus > 0.
Hypothesis H_jobs_come_from_arrival_sequence:
jobs_come_from_arrival_sequence sched arr_seq.
(* ...jobs only execute after they arrived and no longer
than their execution costs. *)
Hypothesis H_jobs_must_arrive_to_execute:
jobs_must_arrive_to_execute sched.
jobs_must_arrive_to_execute job_arrival sched.
Hypothesis H_completed_jobs_dont_execute:
completed_jobs_dont_execute job_cost sched.
......@@ -519,16 +523,16 @@ Module ResponseTimeIterationFP.
Hypothesis H_sequential_jobs: sequential_jobs sched.
(* Assume that the scheduler is work-conserving and respects the FP policy. *)
Hypothesis H_work_conserving: work_conserving job_cost sched.
Hypothesis H_work_conserving: work_conserving job_arrival job_cost arr_seq sched.
Hypothesis H_respects_FP_policy:
respects_FP_policy job_cost job_task sched higher_priority.
respects_FP_policy job_arrival job_cost job_task arr_seq sched higher_priority.
Let no_deadline_missed_by_task (tsk: sporadic_task) :=
task_misses_no_deadline job_cost job_deadline job_task sched tsk.
task_misses_no_deadline job_arrival job_cost job_deadline job_task arr_seq sched tsk.
Let no_deadline_missed_by_job :=
job_misses_no_deadline job_cost job_deadline sched.
job_misses_no_deadline job_arrival job_cost job_deadline sched.
Let response_time_bounded_by (tsk: sporadic_task) :=
is_response_time_bound_of_task job_cost job_task tsk sched.
is_response_time_bound_of_task job_arrival job_cost job_task arr_seq sched tsk.
(* In the following theorem, we prove that any response-time bound contained
in fp_claimed_bounds is safe. The proof follows by induction on the task set:
......@@ -565,20 +569,13 @@ Module ResponseTimeIterationFP.
clear EQ.
assert (PAIR: forall idx, (TASK idx, RESP idx) = NTH idx).
{
by intros i; unfold TASK, RESP; destruct (NTH i).
}
assert (SUBST: forall i, i < size hp_bounds -> TASK i = nth tsk ts i).
{
by intros i LTi; rewrite /TASK /NTH -UNZIP (nth_map elem) //.
}
assert (SIZE: size hp_bounds = size ts).
{
by rewrite -UNZIP size_map.
}
induction idx as [idx IH'] using strong_ind.
......@@ -672,7 +669,7 @@ Module ResponseTimeIterationFP.
job_misses_no_deadline, completed,
fp_schedulable, valid_sporadic_job in *.
rename H_valid_job_parameters into JOBPARAMS.
move => tsk INtsk j JOBtsk.
move => tsk INtsk j ARRj JOBtsk.
destruct (fp_claimed_bounds ts) as [rt_bounds |]; last by ins.
feed (UNZIP rt_bounds); first by done.
assert (EX: exists R, (tsk, R) \in rt_bounds).
......@@ -680,14 +677,14 @@ Module ResponseTimeIterationFP.
rewrite set_mem -UNZIP in INtsk; move: INtsk => /mapP EX.
by destruct EX as [p]; destruct p as [tsk' R]; simpl in *; subst tsk'; exists R.
} des.
exploit (RLIST tsk R); [by ins | by apply JOBtsk | intro COMPLETED].
exploit (RLIST tsk R EX j ARRj); [by done | intro COMPLETED].
exploit (DL rt_bounds tsk R); [by ins | by ins | clear DL; intro DL].
rewrite eqn_leq; apply/andP; split; first by apply cumulative_service_le_job_cost.
apply leq_trans with (n := service sched j (job_arrival j + R)); last first.
{
unfold valid_sporadic_taskset, is_valid_sporadic_task in *.
apply extend_sum; rewrite // leq_add2l.
specialize (JOBPARAMS j); des; rewrite JOBPARAMS1.
specialize (JOBPARAMS j ARRj); des; rewrite JOBPARAMS1.
by rewrite JOBtsk.
}
rewrite leq_eqVlt; apply/orP; left; rewrite eq_sym.
......@@ -698,12 +695,12 @@ Module ResponseTimeIterationFP.
are spawned by the task set, we also conclude that no job in
the schedule misses its deadline. *)
Theorem jobs_schedulable_by_fp_rta :
forall (j: JobIn arr_seq), no_deadline_missed_by_job j.
forall j, arrives_in arr_seq j -> no_deadline_missed_by_job j.
Proof.
intros j.
intros j ARRj.
have SCHED := taskset_schedulable_by_fp_rta.
unfold no_deadline_missed_by_task, task_misses_no_deadline in *.
apply SCHED with (tsk := job_task j); last by done.
apply SCHED with (tsk := job_task j); try (by done).
by apply H_all_jobs_from_taskset.
Qed.
......
analysis/global/basic/bertogna_fp_theory.v
View file @ a58b283a
This diff is collapsed.
analysis/global/basic/workload_bound.v
View file @ a58b283a
This diff is collapsed.
analysis/global/jitter/bertogna_edf_comp.v
View file @ a58b283a
......@@ -21,6 +21,7 @@ Module ResponseTimeIterationEDF.
Let task_with_response_time := (sporadic_task * time)%type.
Context {Job: eqType}.
Variable job_arrival: Job -> time.
Variable job_cost: Job -> time.
Variable job_deadline: Job -> time.
Variable job_task: Job -> sporadic_task.
......@@ -960,25 +961,28 @@ Module ResponseTimeIterationEDF.
(* ...all jobs come from task set ts, ...*)
Hypothesis H_all_jobs_from_taskset:
forall (j: JobIn arr_seq), job_task j \in ts.
forall j, arrives_in arr_seq j -> job_task j \in ts.
(* ...they have valid parameters,...*)
Hypothesis H_valid_job_parameters:
forall (j: JobIn arr_seq),
forall j,
arrives_in arr_seq j ->
valid_sporadic_job_with_jitter task_cost task_deadline task_jitter job_cost
job_deadline job_task job_jitter j.
(* ... and satisfy the sporadic task model.*)
Hypothesis H_sporadic_tasks:
sporadic_task_model task_period arr_seq job_task.
sporadic_task_model task_period job_arrival job_task arr_seq.
(* Then, consider any platform with at least one CPU such that...*)
Variable sched: schedule num_cpus arr_seq.
(* Then, consider any schedule of this arrival sequence such that... *)
Variable sched: schedule Job num_cpus.
Hypothesis H_at_least_one_cpu: num_cpus > 0.
Hypothesis H_jobs_come_from_arrival_sequence:
jobs_come_from_arrival_sequence sched arr_seq.
(* ...jobs only execute after jitter and no longer than their execution costs. *)
Hypothesis H_jobs_execute_after_jitter:
jobs_execute_after_jitter job_jitter sched.
jobs_execute_after_jitter job_arrival job_jitter sched.
Hypothesis H_completed_jobs_dont_execute:
completed_jobs_dont_execute job_cost sched.
......@@ -986,15 +990,16 @@ Module ResponseTimeIterationEDF.
Hypothesis H_sequential_jobs: sequential_jobs sched.
(* Assume that we have a work-conserving EDF scheduler. *)
Hypothesis H_work_conserving: work_conserving job_cost job_jitter sched.
Hypothesis H_edf_policy: respects_JLFP_policy job_cost job_jitter sched (EDF job_deadline).
Hypothesis H_work_conserving: work_conserving job_arrival job_cost job_jitter arr_seq sched.
Hypothesis H_edf_policy: respects_JLFP_policy job_arrival job_cost job_jitter arr_seq sched
(EDF job_arrival job_deadline).
Let no_deadline_missed_by_task (tsk: sporadic_task) :=
task_misses_no_deadline job_cost job_deadline job_task sched tsk.
task_misses_no_deadline job_arrival job_cost job_deadline job_task arr_seq sched tsk.
Let no_deadline_missed_by_job :=
job_misses_no_deadline job_cost job_deadline sched.
job_misses_no_deadline job_arrival job_cost job_deadline sched.
Let response_time_bounded_by (tsk: sporadic_task) :=
is_response_time_bound_of_task job_cost job_task tsk sched.
is_response_time_bound_of_task job_arrival job_cost job_task arr_seq sched tsk.
(* In the following theorem, we prove that any response-time bound contained
in edf_claimed_bounds is safe. The proof follows by direct application of
......@@ -1015,7 +1020,7 @@ Module ResponseTimeIterationEDF.
unfold response_time_bounded_by, is_response_time_bound_of_task in *.
intros j JOBtsk.
apply BOUND with (task_cost := task_cost) (task_period := task_period)
(task_deadline := task_deadline) (job_deadline := job_deadline) (job_jitter := job_jitter)
(arr_seq := arr_seq) (task_deadline := task_deadline) (job_deadline := job_deadline) (job_jitter := job_jitter)
(job_task := job_task) (ts := ts) (tsk := tsk) (rt_bounds := rt_bounds); try (by ins).
by unfold edf_claimed_bounds in SOME; desf; rewrite edf_claimed_bounds_unzip1_iteration.
by ins; apply edf_claimed_bounds_finds_fixed_point_for_each_bound with (ts := ts).
......@@ -1043,19 +1048,19 @@ Module ResponseTimeIterationEDF.
H_jobs_execute_after_jitter into AFTER,
H_all_jobs_from_taskset into ALLJOBS,
H_test_succeeds into TEST.
move => tsk INtsk j JOBtsk.
move => tsk INtsk j ARRj JOBtsk.
destruct (edf_claimed_bounds ts) as [rt_bounds |] eqn:SOME; last by ins.
exploit (HAS rt_bounds tsk); [by ins | by ins | clear HAS; intro HAS; des].
have COMPLETED := RLIST tsk R HAS j JOBtsk.
have COMPLETED := RLIST tsk R HAS j ARRj JOBtsk.
exploit (DL rt_bounds tsk R);
[by ins | by ins | clear DL; intro DL].