Library prosa.analysis.abstract.restricted_supply.iw_readiness
Require Export prosa.analysis.abstract.abstract_rta.
Require Export prosa.analysis.abstract.IBF.supply_task.
Require Export prosa.analysis.facts.interference.
Require Export prosa.analysis.facts.busy_interval.service_inversion.
Require Export prosa.analysis.definitions.service_inversion.readiness_aware.
Require Export prosa.analysis.facts.readiness_interference.
Require Export prosa.analysis.facts.model.uniprocessor.
Require Export prosa.model.schedule.work_conserving.
Require Export prosa.analysis.abstract.IBF.supply_task.
Require Export prosa.analysis.facts.interference.
Require Export prosa.analysis.facts.busy_interval.service_inversion.
Require Export prosa.analysis.definitions.service_inversion.readiness_aware.
Require Export prosa.analysis.facts.readiness_interference.
Require Export prosa.analysis.facts.model.uniprocessor.
Require Export prosa.model.schedule.work_conserving.
Readiness-Aware JLFP Instantiation of Interference and Interfering Workload Functions for Restricted-Supply Uniprocessors
Consider any type of tasks ...
... and any type of jobs associated with these tasks.
Context {Job : JobType}.
Context `{JobTask Job Task}.
Context `{JobArrival Job}.
Context `{JobCost Job}.
Context `{JobTask Job Task}.
Context `{JobArrival Job}.
Context `{JobCost Job}.
Assume a fully supply-consuming, unit-supply uniprocessor model.
Context `{PState : ProcessorState Job}.
Hypothesis H_uniprocessor_proc_model : uniprocessor_model PState.
Hypothesis H_unit_supply_proc_model : unit_supply_proc_model PState.
Hypothesis H_consumed_supply_proc_model : fully_consuming_proc_model PState.
Hypothesis H_uniprocessor_proc_model : uniprocessor_model PState.
Hypothesis H_unit_supply_proc_model : unit_supply_proc_model PState.
Hypothesis H_consumed_supply_proc_model : fully_consuming_proc_model PState.
Allow for any notion of job readiness.
Consider any valid arrival sequence ...
Variable arr_seq : arrival_sequence Job.
Hypothesis H_valid_arrival_sequence : valid_arrival_sequence arr_seq.
Hypothesis H_valid_arrival_sequence : valid_arrival_sequence arr_seq.
... and any valid schedule of this arrival sequence.
Consider any JLFP policy and assume that the priority relation is
reflexive and transitive.
Context {JLFP : JLFP_policy Job}.
Hypothesis H_priority_is_reflexive : reflexive_job_priorities JLFP.
Hypothesis H_priority_is_transitive : transitive_job_priorities JLFP.
Hypothesis H_priority_is_reflexive : reflexive_job_priorities JLFP.
Hypothesis H_priority_is_transitive : transitive_job_priorities JLFP.
Interference and Interfering Workload
In the following, we introduce definitions of interference and interfering workload.Instantiation of Interference
#[local] Instance rs_readiness_jlfp_interference : Interference Job :=
{
interference (j : Job) (t : instant) :=
is_blackout sched t
|| another_hep_job_interference arr_seq sched j t
|| service_inversion arr_seq sched j t
|| (has_supply sched t && ~~ some_hep_job_ready arr_seq sched j t)
}.
{
interference (j : Job) (t : instant) :=
is_blackout sched t
|| another_hep_job_interference arr_seq sched j t
|| service_inversion arr_seq sched j t
|| (has_supply sched t && ~~ some_hep_job_ready arr_seq sched j t)
}.
Instantiation of Interfering Workload
#[local] Instance rs_readiness_jlfp_interfering_workload : InterferingWorkload Job :=
{
interfering_workload (j : Job) (t : instant) :=
is_blackout sched t
+ other_hep_jobs_interfering_workload arr_seq j t
+ service_inversion arr_seq sched j t
+ has_supply sched t && ~~ some_hep_job_ready arr_seq sched j t
}.
To simplify our proof, we define a notion of
cumulative_readiness_interference that is disjoint from is_blackout.
This will help us to split cumulative_interference and
cumulative_interfering_workload into disjoint parts.
Let readiness_interference_during (j : Job) (t1 t2 : instant) :=
\sum_(t1 ≤ t < t2) has_supply sched t && ~~ some_hep_job_ready arr_seq sched j t.
\sum_(t1 ≤ t < t2) has_supply sched t && ~~ some_hep_job_ready arr_seq sched j t.
Lemma cumulative_interference_split :
∀ j t1 t2,
cumulative_interference j t1 t2
= blackout_during sched t1 t2
+ cumulative_another_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
∀ j t1 t2,
cumulative_interference j t1 t2
= blackout_during sched t1 t2
+ cumulative_another_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
Similarly, we prove that we can split cumulative interfering workload into
disjoint parts.
Lemma cumulative_interfering_workload_split :
∀ j t1 t2,
cumulative_interfering_workload j t1 t2
= blackout_during sched t1 t2
+ cumulative_other_hep_jobs_interfering_workload arr_seq j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
∀ j t1 t2,
cumulative_interfering_workload j t1 t2
= blackout_during sched t1 t2
+ cumulative_other_hep_jobs_interfering_workload arr_seq j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
Now, let tsk be any given task.
Let
[t1, t2) be a time interval and let j be any job of task tsk
that is not completed by time t2. Then we prove a bound on the
cumulative interference received due to jobs of other tasks executing.
Lemma cumulative_task_interference_split :
∀ j t1 t2,
arrives_in arr_seq j →
job_of_task tsk j →
~~ completed_by sched j t2 →
cumul_cond_interference (nonself_intra arr_seq sched) j t1 t2
≤ cumulative_another_task_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
∀ j t1 t2,
arrives_in arr_seq j →
job_of_task tsk j →
~~ completed_by sched j t2 →
cumul_cond_interference (nonself_intra arr_seq sched) j t1 t2
≤ cumulative_another_task_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
Next, consider cumulative intra-supply interference, which accounts for
any interference that occurs while the processor offers supply.
To this end, let's first define a predicate to express intra-supply
interference.
The cumulative interference conditioned on intra_supply can be split
into three disjoint parts.
Lemma cumulative_intra_interference_split :
∀ j t1 t2,
cumul_cond_interference intra_supply j t1 t2
≤ cumulative_another_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
∀ j t1 t2,
cumul_cond_interference intra_supply j t1 t2
≤ cumulative_another_hep_job_interference arr_seq sched j t1 t2
+ cumulative_service_inversion arr_seq sched j t1 t2
+ readiness_interference_during j t1 t2.
In this section, we prove that the (abstract) cumulative interfering
workload due to other higher-or-equal priority jobs is equal to the
conventional workload (from other higher-or-equal priority jobs).
Let
[t1, t2) be any time interval.
Variable j : Job.
Hypothesis H_j_arrives : arrives_in arr_seq j.
Hypothesis H_job_of_tsk : job_of_task tsk j.
Hypothesis H_j_arrives : arrives_in arr_seq j.
Hypothesis H_job_of_tsk : job_of_task tsk j.
The cumulative interfering workload (w.r.t. j) due to other
higher-or-equal priority jobs is equal to the conventional workload from
other higher-or-equal priority jobs.
Lemma cumulative_iw_hep_eq_workload_of_ohep :
cumulative_other_hep_jobs_interfering_workload arr_seq j t1 t2
= workload_of_other_hep_jobs arr_seq j t1 t2.
End InstantiatedWorkloadEquivalence.
cumulative_other_hep_jobs_interfering_workload arr_seq j t1 t2
= workload_of_other_hep_jobs arr_seq j t1 t2.
End InstantiatedWorkloadEquivalence.
In this section we prove that the abstract definition of busy interval is
equivalent to the conventional, concrete definition of busy interval for
JLFP scheduling.
In order to avoid confusion, we denote the notion of a quiet time in the
classical sense as quiet_time_cl, and the notion of quiet time in
the abstract sense as quiet_time_ab.
Let quiet_time_cl := classical.quiet_time arr_seq sched.
Let quiet_time_ab := abstract.definitions.quiet_time sched.
Let quiet_time_ab := abstract.definitions.quiet_time sched.
We similarly define local names for the two notions of a busy interval
prefix ...
Let busy_interval_prefix_cl := classical.busy_interval_prefix arr_seq sched.
Let busy_interval_prefix_ab := abstract.definitions.busy_interval_prefix sched.
Let busy_interval_prefix_ab := abstract.definitions.busy_interval_prefix sched.
... and the two notions of a busy interval.
Let busy_interval_cl := classical.busy_interval arr_seq sched.
Let busy_interval_ab := abstract.definitions.busy_interval sched.
Let busy_interval_ab := abstract.definitions.busy_interval sched.
To prove that the two notions of busy intervals are equivalent, we first
show that the respective notions of quiet times are also equivalent.
First, we show that the classical notion of quiet time implies the
abstract notion of quiet time.
And vice versa, the abstract notion of quiet time implies the classical
notion of quiet time.
The equivalence trivially follows from the lemmas above.
Corollary instantiated_quiet_time_equivalent_quiet_time :
∀ t,
quiet_time_cl j t ↔ quiet_time_ab j t.
∀ t,
quiet_time_cl j t ↔ quiet_time_ab j t.
Based on that, we prove that the concept of a busy-interval prefix
obtained by instantiating the abstract definition of busy-interval
prefix coincides with the conventional definition of busy-interval
prefix.
Lemma instantiated_busy_interval_prefix_equivalent_busy_interval_prefix :
∀ t1 t2,
busy_interval_prefix_cl j t1 t2 ↔ busy_interval_prefix_ab j t1 t2.
∀ t1 t2,
busy_interval_prefix_cl j t1 t2 ↔ busy_interval_prefix_ab j t1 t2.
Similarly, we prove that the concept of busy interval obtained by
instantiating the abstract definition of busy interval coincides with
the conventional definition of busy interval.
Lemma instantiated_busy_interval_equivalent_busy_interval :
∀ t1 t2,
busy_interval_cl j t1 t2 ↔ busy_interval_ab j t1 t2.
∀ t1 t2,
busy_interval_cl j t1 t2 ↔ busy_interval_ab j t1 t2.
Next, we prove that abstract busy window implies the existence of a
classic quiet time.
Fact abstract_busy_interval_classic_quiet_time :
∀ t1 t2,
busy_interval_ab j t1 t2 → quiet_time_cl j t1.
∀ t1 t2,
busy_interval_ab j t1 t2 → quiet_time_cl j t1.
Also, we note a similar fact about classic busy-window prefixes.
Fact abstract_busy_interval_classic_busy_interval_prefix :
∀ t1 t2,
busy_interval_ab j t1 t2 → busy_interval_prefix_cl j t1 t2.
End BusyIntervalEquivalence.
∀ t1 t2,
busy_interval_ab j t1 t2 → busy_interval_prefix_cl j t1 t2.
End BusyIntervalEquivalence.
In this section we prove some properties about the interference and
interfering workload as defined in this file.
Note that we differentiate between abstract and classical notions of
work-conserving schedules.
Let work_conserving_ab := definitions.work_conserving arr_seq sched.
Let work_conserving_cl := work_conserving.work_conserving arr_seq sched.
Let work_conserving_cl := work_conserving.work_conserving arr_seq sched.
Recall the notion of an abstract busy-interval prefix.
We assume that the schedule is a work-conserving schedule in the
classical sense, and later prove that this implies that abstract
work-conservation also holds.
In this section, we prove the correctness of interference inside the
busy interval, i.e., we prove that if interference for a job is false
then the job is scheduled and vice versa. This property is referred to
as abstract work conservation.
Consider an arriving job j with positive cost.
Variable j : Job.
Hypothesis H_arrives : arrives_in arr_seq j.
Hypothesis H_job_cost_positive : 0 < job_cost j.
Hypothesis H_arrives : arrives_in arr_seq j.
Hypothesis H_job_cost_positive : 0 < job_cost j.
Let
[t1, t2) be a busy-interval prefix of the job.
Consider a time t inside the busy-interval prefix of the job.
We first prove that, inside the busy interval, there always exists a
pending higher-or-equal-priority job. To prove this, we make use of
the obtained result that, for the given interference and interfering
workload functions, the notions of abstract and classical busy intervals
are equivalent.
Lemma pending_hep_job_exists_inside_busy_interval :
∃ jhp,
arrives_in arr_seq jhp
∧ pending sched jhp t
∧ hep_job jhp j.
∃ jhp,
arrives_in arr_seq jhp
∧ pending sched jhp t
∧ hep_job jhp j.
Lemma scheduled_implies_no_interference :
receives_service_at sched j t → ~~ interference j t.
End Abstract_Work_Conservation.
receives_service_at sched j t → ~~ interference j t.
End Abstract_Work_Conservation.
Using the above two lemmas, we can prove that abstract work conservation
always holds for these instantiations of interference (I) and
interfering workload (W).
Next, in order to prove that these definitions of interference and
interfering workload are consistent with sequential tasks, we need to
assume that the policy under consideration respects sequential tasks.
We prove that these definitions of interference and interfering workload
are consistent with sequential tasks.
Lemma instantiated_interference_and_workload_consistent_with_sequential_tasks :
interference_and_workload_consistent_with_sequential_tasks arr_seq sched tsk.
interference_and_workload_consistent_with_sequential_tasks arr_seq sched tsk.
Finally, we show that cumulative interference (I) never exceeds
the cumulative interfering workload (W).