Clarify definitions and comments

d0dfa9b4 · Felipe Cerqueira · f3b4f2a5 · d0dfa9b4 · d0dfa9b4 · d0dfa9b4
Commit d0dfa9b4 authored Oct 26, 2016 by Felipe Cerqueira
5 changed files
--- a/Makefile
+++ b/Makefile
@@ -14,7 +14,7 @@

 #
 # This Makefile was generated by the command line :
-# coq_makefile -f _CoqProject ./util/ssromega.v ./util/seqset.v ./util/sorting.v ./util/step_function.v ./util/minmax.v ./util/powerset.v ./util/all.v ./util/ord_quantifier.v ./util/nat.v ./util/sum.v ./util/bigord.v ./util/counting.v ./util/tactics.v ./util/induction.v ./util/list.v ./util/divround.v ./util/bigcat.v ./util/fixedpoint.v ./util/notation.v ./analysis/global/jitter/bertogna_fp_comp.v ./analysis/global/jitter/interference_bound_edf.v ./analysis/global/jitter/workload_bound.v ./analysis/global/jitter/bertogna_edf_comp.v ./analysis/global/jitter/bertogna_fp_theory.v ./analysis/global/jitter/interference_bound.v ./analysis/global/jitter/interference_bound_fp.v ./analysis/global/jitter/bertogna_edf_theory.v ./analysis/global/parallel/bertogna_fp_comp.v ./analysis/global/parallel/interference_bound_edf.v ./analysis/global/parallel/workload_bound.v ./analysis/global/parallel/bertogna_edf_comp.v ./analysis/global/parallel/bertogna_fp_theory.v ./analysis/global/parallel/interference_bound.v ./analysis/global/parallel/interference_bound_fp.v ./analysis/global/parallel/bertogna_edf_theory.v ./analysis/global/basic/bertogna_fp_comp.v ./analysis/global/basic/interference_bound_edf.v ./analysis/global/basic/workload_bound.v ./analysis/global/basic/bertogna_edf_comp.v ./analysis/global/basic/bertogna_fp_theory.v ./analysis/global/basic/interference_bound.v ./analysis/global/basic/interference_bound_fp.v ./analysis/global/basic/bertogna_edf_theory.v ./analysis/apa/bertogna_fp_comp.v ./analysis/apa/interference_bound_edf.v ./analysis/apa/workload_bound.v ./analysis/apa/bertogna_edf_comp.v ./analysis/apa/bertogna_fp_theory.v ./analysis/apa/interference_bound.v ./analysis/apa/interference_bound_fp.v ./analysis/apa/bertogna_edf_theory.v ./analysis/uni/susp/dynamic/oblivious/fp_rta.v ./analysis/uni/susp/dynamic/oblivious/reduction.v ./analysis/uni/basic/workload_bound_fp.v ./analysis/uni/basic/fp_rta_comp.v ./analysis/uni/basic/fp_rta_theory.v ./model/arrival_sequence.v ./model/task.v ./model/task_arrival.v ./model/suspension.v ./model/partitioned/schedulability.v ./model/partitioned/schedule.v ./model/priority.v ./model/global/workload.v ./model/global/schedulability.v ./model/global/jitter/interference_edf.v ./model/global/jitter/interference.v ./model/global/jitter/job.v ./model/global/jitter/constrained_deadlines.v ./model/global/jitter/schedule.v ./model/global/jitter/platform.v ./model/global/response_time.v ./model/global/basic/interference_edf.v ./model/global/basic/interference.v ./model/global/basic/constrained_deadlines.v ./model/global/basic/schedule.v ./model/global/basic/platform.v ./model/job.v ./model/time.v ./model/arrival_bounds.v ./model/apa/interference_edf.v ./model/apa/interference.v ./model/apa/affinity.v ./model/apa/constrained_deadlines.v ./model/apa/platform.v ./model/uni/workload.v ./model/uni/transformation/construction.v ./model/uni/susp/suspension_intervals.v ./model/uni/susp/schedule.v ./model/uni/susp/platform.v ./model/uni/schedulability.v ./model/uni/schedule_of_task.v ./model/uni/response_time.v ./model/uni/schedule.v ./model/uni/basic/arrival_bounds.v ./model/uni/basic/busy_interval.v ./model/uni/basic/platform.v ./model/uni/service.v ./implementation/arrival_sequence.v ./implementation/task.v ./implementation/global/jitter/arrival_sequence.v ./implementation/global/jitter/task.v ./implementation/global/jitter/bertogna_edf_example.v ./implementation/global/jitter/job.v ./implementation/global/jitter/bertogna_fp_example.v ./implementation/global/jitter/schedule.v ./implementation/global/parallel/bertogna_edf_example.v ./implementation/global/parallel/bertogna_fp_example.v ./implementation/global/basic/bertogna_edf_example.v ./implementation/global/basic/bertogna_fp_example.v ./implementation/global/basic/schedule.v ./implementation/job.v ./implementation/apa/arrival_sequence.v ./implementation/apa/task.v ./implementation/apa/bertogna_edf_example.v ./implementation/apa/job.v ./implementation/apa/bertogna_fp_example.v ./implementation/apa/schedule.v ./implementation/uni/susp/dynamic/arrival_sequence.v ./implementation/uni/susp/dynamic/task.v ./implementation/uni/susp/dynamic/job.v ./implementation/uni/susp/dynamic/oblivious/fp_rta_example.v ./implementation/uni/susp/schedule.v ./implementation/uni/basic/fp_rta_example.v ./implementation/uni/basic/schedule.v -o Makefile 
+# coq_makefile -f _CoqProject ./util/ssromega.v ./util/seqset.v ./util/sorting.v ./util/step_function.v ./util/minmax.v ./util/powerset.v ./util/all.v ./util/ord_quantifier.v ./util/nat.v ./util/sum.v ./util/bigord.v ./util/counting.v ./util/tactics.v ./util/induction.v ./util/list.v ./util/divround.v ./util/bigcat.v ./util/fixedpoint.v ./util/notation.v ./analysis/global/jitter/bertogna_fp_comp.v ./analysis/global/jitter/interference_bound_edf.v ./analysis/global/jitter/workload_bound.v ./analysis/global/jitter/bertogna_edf_comp.v ./analysis/global/jitter/bertogna_fp_theory.v ./analysis/global/jitter/interference_bound.v ./analysis/global/jitter/interference_bound_fp.v ./analysis/global/jitter/bertogna_edf_theory.v ./analysis/global/parallel/bertogna_fp_comp.v ./analysis/global/parallel/interference_bound_edf.v ./analysis/global/parallel/workload_bound.v ./analysis/global/parallel/bertogna_edf_comp.v ./analysis/global/parallel/bertogna_fp_theory.v ./analysis/global/parallel/interference_bound.v ./analysis/global/parallel/interference_bound_fp.v ./analysis/global/parallel/bertogna_edf_theory.v ./analysis/global/basic/bertogna_fp_comp.v ./analysis/global/basic/interference_bound_edf.v ./analysis/global/basic/workload_bound.v ./analysis/global/basic/bertogna_edf_comp.v ./analysis/global/basic/bertogna_fp_theory.v ./analysis/global/basic/interference_bound.v ./analysis/global/basic/interference_bound_fp.v ./analysis/global/basic/bertogna_edf_theory.v ./analysis/apa/bertogna_fp_comp.v ./analysis/apa/interference_bound_edf.v ./analysis/apa/workload_bound.v ./analysis/apa/bertogna_edf_comp.v ./analysis/apa/bertogna_fp_theory.v ./analysis/apa/interference_bound.v ./analysis/apa/interference_bound_fp.v ./analysis/apa/bertogna_edf_theory.v ./analysis/uni/susp/dynamic/oblivious/fp_rta.v ./analysis/uni/susp/dynamic/oblivious/reduction.v ./analysis/uni/basic/workload_bound_fp.v ./analysis/uni/basic/fp_rta_comp.v ./analysis/uni/basic/fp_rta_theory.v ./model/arrival_sequence.v ./model/task.v ./model/task_arrival.v ./model/suspension.v ./model/partitioned/schedulability.v ./model/partitioned/schedule.v ./model/priority.v ./model/global/workload.v ./model/global/schedulability.v ./model/global/jitter/interference_edf.v ./model/global/jitter/interference.v ./model/global/jitter/job.v ./model/global/jitter/constrained_deadlines.v ./model/global/jitter/schedule.v ./model/global/jitter/platform.v ./model/global/response_time.v ./model/global/basic/interference_edf.v ./model/global/basic/interference.v ./model/global/basic/constrained_deadlines.v ./model/global/basic/schedule.v ./model/global/basic/platform.v ./model/job.v ./model/time.v ./model/arrival_bounds.v ./model/apa/interference_edf.v ./model/apa/interference.v ./model/apa/affinity.v ./model/apa/constrained_deadlines.v ./model/apa/platform.v ./model/uni/workload.v ./model/uni/transformation/construction.v ./model/uni/susp/suspension_intervals.v ./model/uni/susp/last_execution.v ./model/uni/susp/schedule.v ./model/uni/susp/platform.v ./model/uni/schedulability.v ./model/uni/schedule_of_task.v ./model/uni/response_time.v ./model/uni/schedule.v ./model/uni/basic/arrival_bounds.v ./model/uni/basic/busy_interval.v ./model/uni/basic/platform.v ./model/uni/service.v ./implementation/arrival_sequence.v ./implementation/task.v ./implementation/global/jitter/arrival_sequence.v ./implementation/global/jitter/task.v ./implementation/global/jitter/bertogna_edf_example.v ./implementation/global/jitter/job.v ./implementation/global/jitter/bertogna_fp_example.v ./implementation/global/jitter/schedule.v ./implementation/global/parallel/bertogna_edf_example.v ./implementation/global/parallel/bertogna_fp_example.v ./implementation/global/basic/bertogna_edf_example.v ./implementation/global/basic/bertogna_fp_example.v ./implementation/global/basic/schedule.v ./implementation/job.v ./implementation/apa/arrival_sequence.v ./implementation/apa/task.v ./implementation/apa/bertogna_edf_example.v ./implementation/apa/job.v ./implementation/apa/bertogna_fp_example.v ./implementation/apa/schedule.v ./implementation/uni/susp/dynamic/arrival_sequence.v ./implementation/uni/susp/dynamic/task.v ./implementation/uni/susp/dynamic/job.v ./implementation/uni/susp/dynamic/oblivious/fp_rta_example.v ./implementation/uni/susp/schedule.v ./implementation/uni/basic/fp_rta_example.v ./implementation/uni/basic/schedule.v -o Makefile 
 #

 .DEFAULT_GOAL := all
@@ -182,6 +182,7 @@ VFILES:=util/ssromega.v\
  model/uni/workload.v\
  model/uni/transformation/construction.v\
  model/uni/susp/suspension_intervals.v\
+  model/uni/susp/last_execution.v\
  model/uni/susp/schedule.v\
  model/uni/susp/platform.v\
  model/uni/schedulability.v\

--- a/analysis/uni/susp/dynamic/oblivious/fp_rta.v
+++ b/analysis/uni/susp/dynamic/oblivious/fp_rta.v
@@ -15,7 +15,10 @@ Module SuspensionObliviousFP.
  Export ResponseTimeIterationFP ReductionToBasicSchedule.

  (* In this section, we formalize the suspension-oblivious RTA
-     for fixed-priority tasks under the dynamic self-suspension model. *)
+     for fixed-priority tasks under the dynamic self-suspension model.
+     This is just a straightforward application of the reduction
+     in analysis/uni/susp/dynamic/oblivious/reduction.v with the basic
+     response-time analysis for uniprocessor FP scheduling. *)
  Section ReductionToBasicAnalysis.

    Context {SporadicTask: eqType}.
@@ -64,48 +67,48 @@ Module SuspensionObliviousFP.
    Hypothesis H_dynamic_suspensions:
      dynamic_suspension_model job_cost job_task next_suspension task_suspension_bound.

-    (* Next, consider any suspension-aware schedule... *)
-    Variable sched: schedule arr_seq.
+    (* As part of the analysis, we are going to use task costs inflated with suspension bounds, ... *)
+    Let inflated_cost := inflated_task_cost task_cost task_suspension_bound.

-    (* ...where jobs only execute after they arrive... *)
-    Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute sched.
+    (* ...with the condition that they are no larger than the deadline nor the period of each task. *)
+    Hypothesis H_inflated_cost_le_deadline_and_period:
+      forall tsk,
+        tsk \in ts ->
+          inflated_cost tsk <= task_deadline tsk /\
+          inflated_cost tsk <= task_period tsk.
+      
+    (* Now we proceed with the schedulability analysis. *)
+    Section MainProof.

-    (* ...and no longer than their execution costs. *)
-    Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.
+      (* Consider any suspension-aware schedule... *)
+      Variable sched: schedule arr_seq.

-    (* Also assume that the schedule is work-conserving when there are non-suspended jobs, ... *)
-    Hypothesis H_work_conserving: work_conserving job_cost next_suspension sched.
+      (* ...where jobs only execute after they arrive... *)
+      Hypothesis H_jobs_must_arrive_to_execute: jobs_must_arrive_to_execute sched.

-    (* ...that the schedule respects job priority... *)
-    Hypothesis H_respects_priority:
-      respects_FP_policy job_cost job_task next_suspension sched higher_eq_priority.
+      (* ...and no longer than their execution costs. *)
+      Hypothesis H_completed_jobs_dont_execute: completed_jobs_dont_execute job_cost sched.

-    (* ...and that suspended jobs are not allowed to be scheduled. *)
-    Hypothesis H_respects_self_suspensions:
-      respects_self_suspensions job_cost next_suspension sched.
+      (* Also assume that the schedule is work-conserving when there are non-suspended jobs, ... *)
+      Hypothesis H_work_conserving: work_conserving job_cost next_suspension sched.

-    (* Now we move to the schedulability analysis. *)
-    Section MainProof.
+      (* ...that the schedule respects job priority... *)
+      Hypothesis H_respects_priority:
+        respects_FP_policy job_cost job_task next_suspension sched higher_eq_priority.

-      (* For simplicity, let's first define some local names. *)
-      Let task_is_schedulable := task_misses_no_deadline job_cost job_deadline job_task sched.
-      
-      (* Now, consider the task costs inflated with suspension bounds... *)
-      Let inflated_cost := inflated_task_cost task_cost task_suspension_bound.
+      (* ...and that suspended jobs are not allowed to be scheduled. *)
+      Hypothesis H_respects_self_suspensions:
+        respects_self_suspensions job_cost next_suspension sched.

-      (* ...and assume that these costs are no larger than the deadline nor the period of each task. *)
-      Hypothesis H_inflated_cost_le_deadline_and_period:
-        forall tsk,
-          tsk \in ts ->
-            inflated_cost tsk <= task_deadline tsk /\
-            inflated_cost tsk <= task_period tsk.
+      (* For simplicity, let's also define some local names. *)
+      Let task_is_schedulable := task_misses_no_deadline job_cost job_deadline job_task sched.
      
      (* Next, recall the response-time analysis for FP scheduling instantiated with
-         these inflated task costs. *)
+         the inflated task costs. *)
      Let claimed_to_be_schedulable :=
        fp_schedulable inflated_cost task_period task_deadline higher_eq_priority.

-      (* Finally, we prove that if the suspension-oblivious schedulability test suceeds... *)
+      (* Then, we prove that if this suspension-oblivious response-time analysis suceeds... *)
      Hypothesis H_claimed_schedulable_by_suspension_oblivious_RTA:
        claimed_to_be_schedulable ts.


--- a/implementation/uni/susp/dynamic/oblivious/fp_rta_example.v
+++ b/implementation/uni/susp/dynamic/oblivious/fp_rta_example.v
@@ -166,7 +166,7 @@ Module ResponseTimeAnalysisFP.
      - by apply RM_is_reflexive.
      - by apply RM_is_transitive.
      - by intros tsk_a tsk_b INa INb; apply/orP; apply leq_total.
- 
+      - by apply inflated_cost_le_deadline_and_period. 
      - by apply scheduler_jobs_must_arrive_to_execute.
      - by apply scheduler_completed_jobs_dont_execute; intro j'; specialize (VALID j'); des.
      - by apply scheduler_work_conserving.
@@ -174,7 +174,6 @@ Module ResponseTimeAnalysisFP.
        -- by intros t; apply RM_is_transitive.
        -- by intros _ j1 j2; apply leq_total.
      - by apply scheduler_respects_self_suspensions.
-      - by apply inflated_cost_le_deadline_and_period.
      - by apply schedulability_test_succeeds.
    Qed.


--- a/model/uni/susp/last_execution.v
+++ b/model/uni/susp/last_execution.v
--- a/model/uni/susp/suspension_intervals.v
+++ b/model/uni/susp/suspension_intervals.v