Library prosa.analysis.facts.priority.edf
Require Export prosa.model.priority.edf.
Require Export prosa.model.task.absolute_deadline.
Require Export prosa.model.task.preemption.parameters.
Require Export prosa.model.task.absolute_deadline.
Require Export prosa.model.task.preemption.parameters.
We first make some trivial observations about EDF priorities to avoid
repeating these steps in subsequent proofs.
Consider any type of jobs with arrival times.
First, consider the general case where jobs have arbitrary deadlines.
Assume EDF priorities based on (arbitrary) job_deadline parameters.
Context `{JobDeadline Job} {JLFP : JLFP_policy Job}.
Hypothesis H_policy_is_EDF : policy_is_EDF JLFP.
Hypothesis H_policy_is_EDF : policy_is_EDF JLFP.
EDF priorities are reflexive since a job's deadline is no later than
itself.
EDF priorities are transitive since deadline order is transitive.
EDF priorities are total since any two deadlines are comparable.
Second, consider the case where job (absolute) deadlines are derived from
task (relative) deadlines.
If the jobs stem from tasks with relative deadlines ...
If EDF priorities are derived from task_deadline, ...
... then hep_job is a statement about job arrival times and relative
deadlines.
Fact hep_job_task_deadline :
∀ j j',
hep_job j j' = (job_arrival j + task_deadline (job_task j)
≤ job_arrival j' + task_deadline (job_task j')).
∀ j j',
hep_job j j' = (job_arrival j + task_deadline (job_task j)
≤ job_arrival j' + task_deadline (job_task j')).
Furthermore, if we are looking at two jobs of the same task, then
hep_job is a statement about their respective arrival times.
Fact hep_job_arrival_edf :
∀ j j',
same_task j j' →
hep_job j j' = (job_arrival j ≤ job_arrival j').
∀ j j',
same_task j j' →
hep_job j j' = (job_arrival j ≤ job_arrival j').
EDF scheduling respects the sequential-tasks hypothesis.
Fact EDF_policy_respects_sequential_tasks :
policy_respects_sequential_tasks JLFP.
End TaskDeadline.
End PriorityFacts.
policy_respects_sequential_tasks JLFP.
End TaskDeadline.
End PriorityFacts.
We add the above lemma into a "Hint Database" basic_rt_facts, so Coq
will be able to apply it automatically.
Global Hint Resolve
EDF_policy_is_reflexive
EDF_policy_is_transitive
EDF_policy_is_total
EDF_policy_respects_sequential_tasks
: basic_rt_facts.
Require Export prosa.model.task.sequentiality.
Require Export prosa.analysis.facts.priority.inversion.
Require Export prosa.analysis.facts.priority.sequential.
Require Export prosa.analysis.facts.model.sequential.
EDF_policy_is_reflexive
EDF_policy_is_transitive
EDF_policy_is_total
EDF_policy_respects_sequential_tasks
: basic_rt_facts.
Require Export prosa.model.task.sequentiality.
Require Export prosa.analysis.facts.priority.inversion.
Require Export prosa.analysis.facts.priority.sequential.
Require Export prosa.analysis.facts.model.sequential.
In this section, we prove that EDF scheduling implies that tasks
are executed sequentially.
Consider any type of tasks ...
... with a bound on the maximum non-preemptive segment length.
The bound is needed to ensure that, at any instant, it always
exists a subsequent preemption time in which the scheduler can,
if needed, switch to another higher-priority job.
Further, consider any type of jobs associated with these tasks.
Context {Job : JobType}.
Context `{JobTask Job Task}.
Context `{Arrival : JobArrival Job}.
Context `{Cost : JobCost Job}.
Context `{JobTask Job Task}.
Context `{Arrival : JobArrival Job}.
Context `{Cost : JobCost Job}.
Allow for any uniprocessor model.
Consider any valid arrival sequence.
Variable arr_seq : arrival_sequence Job.
Hypothesis H_valid_arrivals : valid_arrival_sequence arr_seq.
Hypothesis H_valid_arrivals : valid_arrival_sequence arr_seq.
Next, consider any schedule of this arrival sequence, ...
Assume EDF scheduling.
... allow for any work-bearing notion of job readiness, ...
Context `{@JobReady Job PState Cost Arrival}.
Hypothesis H_job_ready : work_bearing_readiness arr_seq sched.
Hypothesis H_job_ready : work_bearing_readiness arr_seq sched.
... and assume that the schedule is valid.
In addition, we assume the existence of a function mapping jobs
to their preemption points ...
... and assume that it defines a valid preemption model with
bounded non-preemptive segments.
Assume an EDF schedule.
To prove sequentiality, we use lemma
early_hep_job_is_scheduled. Clearly, under the EDF priority
policy, jobs satisfy the conditions described by the lemma
(i.e., given two jobs j1 and j2 from the same task, if j1
arrives earlier than j2, then j1 always has a higher
priority than job j2, and hence completes before j2);
therefore EDF implies sequential tasks.