Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
rtproofs
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Sophie Quinton
rtproofs
Commits
ccd2b0ca
Commit
ccd2b0ca
authored
Apr 04, 2019
by
Sergey Bozhko
Committed by
Sergey Bozhko
Apr 05, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add platform for models with bounded nonpreemptive segments
parent
13dc6eaf
Changes
6
Expand all
Hide whitespace changes
Inline
Sidebyside
Showing
6 changed files
with
2151 additions
and
0 deletions
+2151
0
model/schedule/uni/limited/platform/definitions.v
model/schedule/uni/limited/platform/definitions.v
+239
0
model/schedule/uni/limited/platform/limited.v
model/schedule/uni/limited/platform/limited.v
+413
0
model/schedule/uni/limited/platform/nonpreemptive.v
model/schedule/uni/limited/platform/nonpreemptive.v
+157
0
model/schedule/uni/limited/platform/preemptive.v
model/schedule/uni/limited/platform/preemptive.v
+70
0
model/schedule/uni/limited/platform/priority_inversion_is_bounded.v
...dule/uni/limited/platform/priority_inversion_is_bounded.v
+588
0
model/schedule/uni/limited/platform/util.v
model/schedule/uni/limited/platform/util.v
+684
0
No files found.
model/schedule/uni/limited/platform/definitions.v
0 → 100644
View file @
ccd2b0ca
This diff is collapsed.
Click to expand it.
model/schedule/uni/limited/platform/limited.v
0 → 100644
View file @
ccd2b0ca
This diff is collapsed.
Click to expand it.
model/schedule/uni/limited/platform/nonpreemptive.v
0 → 100644
View file @
ccd2b0ca
Require
Import
rt
.
util
.
all
.
Require
Import
rt
.
model
.
arrival
.
basic
.
job
rt
.
model
.
arrival
.
basic
.
task
rt
.
model
.
priority
rt
.
model
.
arrival
.
basic
.
task_arrival
.
Require
Import
rt
.
model
.
schedule
.
uni
.
schedule
rt
.
model
.
schedule
.
uni
.
service
rt
.
model
.
schedule
.
uni
.
basic
.
platform
.
Require
Import
rt
.
model
.
schedule
.
uni
.
nonpreemptive
.
schedule
.
Require
Export
rt
.
model
.
schedule
.
uni
.
limited
.
platform
.
definitions
.
From
mathcomp
Require
Import
ssreflect
ssrbool
ssrfun
eqtype
ssrnat
seq
fintype
bigop
.
(** * Platform for fully nonpreemptive model *)
(** In module uni.limited.platform we introduce the notion of whether a job can be preempted
at a given time (using a predicate can_be_preempted). In this section, we instantiate
can_be_preempted for the fully nonpreemptive model and prove its correctness. *)
Module
FullyNonPreemptivePlatform
.
Import
Epsilon
Job
SporadicTaskset
UniprocessorSchedule
Priority
Service
LimitedPreemptionPlatform
.
Section
FullyNonPreemptiveModel
.
Context
{
Task
:
eqType
}.
Variable
task_cost
:
Task
>
time
.
Context
{
Job
:
eqType
}.
Variable
job_arrival
:
Job
>
time
.
Variable
job_cost
:
Job
>
time
.
Variable
job_task
:
Job
>
Task
.
(* Consider any arrival sequence with consistent, nonduplicate arrivals. *)
Variable
arr_seq
:
arrival_sequence
Job
.
Hypothesis
H_arrival_times_are_consistent
:
arrival_times_are_consistent
job_arrival
arr_seq
.
Hypothesis
H_arr_seq_is_a_set
:
arrival_sequence_is_a_set
arr_seq
.
(* Next, consider any uniprocessor nonpreemptive schedule of this arrival sequence...*)
Variable
sched
:
schedule
Job
.
Hypothesis
H_jobs_come_from_arrival_sequence
:
jobs_come_from_arrival_sequence
sched
arr_seq
.
Hypothesis
H_nonpreemptive_sched
:
NonpreemptiveSchedule
.
is_nonpreemptive_schedule
job_cost
sched
.
(* ... where jobs do not execute before their arrival nor after completion. *)
Hypothesis
H_jobs_must_arrive_to_execute
:
jobs_must_arrive_to_execute
job_arrival
sched
.
Hypothesis
H_completed_jobs_dont_execute
:
completed_jobs_dont_execute
job_cost
sched
.
(* For simplicity, let's define some local names. *)
Let
job_pending
:
=
pending
job_arrival
job_cost
sched
.
Let
job_completed_by
:
=
completed_by
job_cost
sched
.
Let
job_scheduled_at
:
=
scheduled_at
sched
.
(* Assume that a job cost cannot be larger than a task cost. *)
Hypothesis
H_job_cost_le_task_cost
:
cost_of_jobs_from_arrival_sequence_le_task_cost
task_cost
job_cost
job_task
arr_seq
.
(* We say that the model is fully nonpreemptive
iff every job cannot be preempted until its completion. *)
Definition
can_be_preempted_for_fully_nonpreemptive_model
(
j
:
Job
)
(
progr
:
time
)
:
=
(
progr
==
0
)

(
progr
==
job_cost
j
).
(* Since in a fully nonpreemptive model a job cannot be preempted after
it starts the execution, job_max_nps is equal to job_cost. *)
Let
job_max_nps
(
j
:
Job
)
:
=
job_cost
j
.
(* In order to bound job_max_nps, task_max_nps should be equal to task_cost. *)
Let
task_max_nps
(
tsk
:
Task
)
:
=
task_cost
tsk
.
(* Then, we prove that fully_nonpreemptive_model is a correct preemption model... *)
Lemma
fully_nonpreemptive_model_is_correct
:
correct_preemption_model
arr_seq
sched
can_be_preempted_for_fully_nonpreemptive_model
.
Proof
.
intros
j
;
split
.
{
move
=>
t
.
rewrite
/
can_be_preempted_for_fully_nonpreemptive_model
Bool
.
negb_orb

lt0n
.
move
=>
/
andP
[
POS
NCOMPL
].
unfold
NonpreemptiveSchedule
.
is_nonpreemptive_schedule
in
*.
move
:
(
incremental_service_during
_
_
_
_
_
POS
)
=>
[
ft
[/
andP
[
_
LT
]
[
SCHED
SERV
]]].
apply
H_nonpreemptive_sched
with
ft
.
{
by
apply
ltnW
.
}
{
by
done
.
}
{
rewrite
/
completed_by
neq_ltn
;
apply
/
orP
;
left
.
move
:
NCOMPL
;
rewrite
neq_ltn
;
move
=>
/
orP
[
LE

GE
]
;
[
by
done

exfalso
].
move
:
GE
;
rewrite
ltnNge
;
move
=>
/
negP
GE
;
apply
:
GE
.
by
eauto
2
.
}
}
{
intros
t
NSCHED
SCHED
.
rewrite
/
can_be_preempted_for_fully_nonpreemptive_model
.
apply
/
orP
;
left
.
apply
/
negP
;
intros
CONTR
.
move
:
CONTR
=>
/
negP
;
rewrite

lt0n
;
intros
POS
.
move
:
(
incremental_service_during
_
_
_
_
_
POS
)
=>
[
ft
[/
andP
[
_
LT
]
[
SCHEDn
SERV
]]].
move
:
NSCHED
=>
/
negP
NSCHED
;
apply
:
NSCHED
.
apply
H_nonpreemptive_sched
with
ft
.
{
by
rewrite

ltnS
.
}
{
by
done
.
}
{
rewrite
/
completed_by
neq_ltn
;
apply
/
orP
;
left
.
apply
leq_ltn_trans
with
(
service
sched
j
t
.+
1
).
{
by
rewrite
/
service
/
service_during
big_nat_recr
//=
leq_addr
.
}
{
rewrite

addn1
.
apply
leq_trans
with
(
service
sched
j
t
.+
2
).

unfold
service
,
service_during
.
have
EQ
:
(
service_at
sched
j
t
.+
1
)
=
1
.
{
by
apply
/
eqP
;
rewrite
eqb1
.
}
by
rewrite

EQ

big_nat_recr
//=.

by
eauto
2
.
}
}
}
Qed
.
(* ... and has bounded nonpreemptive regions. *)
Lemma
fully_nonpreemptive_model_is_model_with_bounded_nonpreemptive_regions
:
model_with_bounded_nonpreemptive_segments
job_cost
job_task
arr_seq
can_be_preempted_for_fully_nonpreemptive_model
job_max_nps
task_max_nps
.
Proof
.
have
F
:
forall
n
,
n
=
0
\/
n
>
0
.
{
by
intros
n
;
destruct
n
;
[
left

right
].
}
intros
j
;
split
;
last
split
;
last
split
.
{
by
done
.
}
{
by
apply
/
orP
;
right
.
}
{
intros
ARR
.
rewrite
/
job_max_nps
/
task_max_nps
.
by
eauto
2
.
}
{
intros
progr
.
move
:
(
F
(
progr
))
=>
[
EQ

GT
].
{
exists
progr
;
split
.

by
apply
/
andP
;
split
;
[
done

rewrite
leq_addr
].

by
rewrite
/
can_be_preempted_for_fully_nonpreemptive_model
EQ
.
}
{
exists
(
maxn
progr
(
job_cost
j
)).
have
POS
:
0
<
job_cost
j
.
{
by
apply
leq_trans
with
progr
;
last
move
:
H0
=>
/
andP
[
_
H0
].
}
split
.
{
apply
/
andP
;
split
;
first
by
rewrite
leq_maxl
.
rewrite
/
job_max_nps
addnBA
;
last
eauto
2
.
rewrite
geq_max
;
apply
/
andP
;
split
.

rewrite

addnBA
;
last
by
eauto
2
.
by
rewrite
leq_addr
.

by
rewrite
addnC

addnBA
//
leq_addr
.
}
{
unfold
can_be_preempted_for_fully_nonpreemptive_model
.
apply
/
orP
;
right
.
move
:
H0
=>
/
andP
[
_
LE
].
rewrite
eqn_leq
;
apply
/
andP
;
split
.

by
rewrite
geq_max
;
apply
/
andP
;
split
.

by
rewrite
leq_max
;
apply
/
orP
;
right
.
}
}
}
Qed
.
End
FullyNonPreemptiveModel
.
End
FullyNonPreemptivePlatform
.
\ No newline at end of file
model/schedule/uni/limited/platform/preemptive.v
0 → 100644
View file @
ccd2b0ca
Require
Import
rt
.
util
.
all
.
Require
Import
rt
.
model
.
arrival
.
basic
.
job
rt
.
model
.
arrival
.
basic
.
task
rt
.
model
.
priority
rt
.
model
.
arrival
.
basic
.
task_arrival
.
Require
Import
rt
.
model
.
schedule
.
uni
.
schedule
rt
.
model
.
schedule
.
uni
.
service
rt
.
model
.
schedule
.
uni
.
basic
.
platform
.
Require
Export
rt
.
model
.
schedule
.
uni
.
limited
.
platform
.
definitions
.
From
mathcomp
Require
Import
ssreflect
ssrbool
ssrfun
eqtype
ssrnat
seq
fintype
bigop
.
(** * Platform for fully premptive model *)
(** In module uni.limited.platform we introduce the notion of whether a job can be preempted
at a given time (using a predicate can_be_preempted). In this section, we instantiate
can_be_preempted for the fully preemptive model and prove its correctness. *)
Module
FullyPreemptivePlatform
.
Import
Epsilon
Job
SporadicTaskset
UniprocessorSchedule
Priority
Service
LimitedPreemptionPlatform
.
Section
FullyPreemptiveModel
.
Context
{
Task
:
eqType
}.
Context
{
Job
:
eqType
}.
Variable
job_arrival
:
Job
>
time
.
Variable
job_cost
:
Job
>
time
.
Variable
job_task
:
Job
>
Task
.
(* Consider any job arrival sequence ...*)
Variable
arr_seq
:
arrival_sequence
Job
.
(* ...and any uniprocessor schedule of these jobs. *)
Variable
sched
:
schedule
Job
.
(* For simplicity, let's define some local names. *)
Let
job_pending
:
=
pending
job_arrival
job_cost
sched
.
Let
job_completed_by
:
=
completed_by
job_cost
sched
.
Let
job_scheduled_at
:
=
scheduled_at
sched
.
(* In the fully preemptive model any job can be preempted at any time. *)
Definition
can_be_preempted_for_fully_preemptive_model
(
j
:
Job
)
(
progr
:
time
)
:
=
true
.
(* Since in a fully preemptive model a job can be preempted at
any time job_max_nps cannot be greater than ε. *)
Let
job_max_nps
(
j
:
Job
)
:
=
ε
.
(* In order to bound job_max_nps, we can choose task_max_nps that is equal to ε for any task. *)
Let
task_max_nps
(
tsk
:
Task
)
:
=
ε
.
(* Then, we prove that fully_preemptive_model is a correct preemption model... *)
Lemma
fully_preemptive_model_is_correct
:
correct_preemption_model
arr_seq
sched
can_be_preempted_for_fully_preemptive_model
.
Proof
.
by
intros
j
;
split
;
intros
t
CONTR
.
Qed
.
(* ... and has bounded nonpreemptive regions. *)
Lemma
fully_preemptive_model_is_model_with_bounded_nonpreemptive_regions
:
model_with_bounded_nonpreemptive_segments
job_cost
job_task
arr_seq
can_be_preempted_for_fully_preemptive_model
job_max_nps
task_max_nps
.
Proof
.
intros
j
;
repeat
split
;
try
done
.
intros
t
;
exists
t
;
split
.
{
by
apply
/
andP
;
split
;
[
done

rewrite
subnn
addn0
].
}
{
by
done
.
}
Qed
.
End
FullyPreemptiveModel
.
End
FullyPreemptivePlatform
.
\ No newline at end of file
model/schedule/uni/limited/platform/priority_inversion_is_bounded.v
0 → 100644
View file @
ccd2b0ca
This diff is collapsed.
Click to expand it.
model/schedule/uni/limited/platform/util.v
0 → 100644
View file @
ccd2b0ca
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment