From mathcomp Require Import ssreflect ssrbool eqtype ssrnat seq path fintype bigop.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "_ + _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ - _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ <= _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ < _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ >= _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ > _" was already used in scope nat_scope.
[notation-overridden,parsing]
Notation "_ <= _ <= _" was already used in scope
nat_scope. [notation-overridden,parsing]
Notation "_ < _ <= _" was already used in scope
nat_scope. [notation-overridden,parsing]
Notation "_ <= _ < _" was already used in scope
nat_scope. [notation-overridden,parsing]
Notation "_ < _ < _" was already used in scope
nat_scope. [notation-overridden,parsing]
Notation "_ * _" was already used in scope nat_scope.
[notation-overridden,parsing]

Require Import prosa.model.readiness.basic.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Import prosa.model.priority.fifo.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Import prosa.analysis.facts.priority.fifo.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Import prosa.analysis.abstract.ideal_jlfp_rta.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Export prosa.analysis.facts.busy_interval.carry_in.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Export prosa.analysis.facts.busy_interval.ideal.inequalities.
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ | _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ : _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ | _ ]" was already used
in scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ & _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ | _ ]" was already used in
scope fun_scope. [notation-overridden,parsing]
Notation "[ rel _ _ in _ ]" was already used in scope
fun_scope. [notation-overridden,parsing]
Require Import prosa.analysis.facts.model.task_cost.

(** The formal development and the proofs in this file are described in-depth in
    the following paper:

    - Bedarkar et al., _"From Intuition to Coq: A Case Study in Verified
      Response-Time Analysis of FIFO Scheduling"_, RTSS'22.

    The interested reader is invited to follow along in parallel both in the
    paper and here. In particular, the below sections labeled _A_ through _H_
    correspond directly to the equivalently labeled subsections in Section IV of
    the paper. *)


(** * Response-Time Analysis for FIFO Schedulers *)

(** In the following, we derive a response-time analysis for FIFO schedulers,
    assuming a workload of sporadic real-time tasks characterized by arbitrary
    arrival curves executing upon an ideal uniprocessor. To this end, we
    instantiate the _abstract Response-Time Analysis_ (aRTA) as provided in the
    [prosa.analysis.abstract] module. *)

Section AbstractRTAforFIFOwithArrivalCurves.

  (** ** A. Defining the System Model *)

  (** Before any formal claims can be stated, an initial setup is needed to
      define the system model under consideration. To this end, we next
      introduce and define the following notions using Prosa's standard
      definitions and behavioral semantics:
      - tasks, jobs, and their parameters,
      - the sequence of job arrivals,
      - worst-case execution time (WCET) and the absence of self-suspensions,
      - the set of tasks under analysis,
      - the task under analysis, and, finally,
      - an arbitrary schedule of the task set. *)

  (** *** Tasks and Jobs  *)

  (** Consider any type of tasks, each characterized by a WCET [task_cost], an arrival
      curve [max_arrivals], and a run-to-completion threshold [task_rtct], ... *)
  Context {Task : TaskType}.
  Context `{TaskCost Task}.
  Context `{MaxArrivals Task}.
  Context `{TaskRunToCompletionThreshold Task}.

  (** ... and any type of jobs associated with these tasks, where each job has
      an arrival time [job_arrival], a cost [job_cost], and an arbitrary
      preemption model indicated by [job_preemptable]. *)
  Context {Job : JobType} `{JobTask Job Task}.
  Context `{JobArrival Job}.
  Context `{JobCost Job}.
  Context `{JobPreemptable Job}.

  (** *** The Job Arrival Sequence *)

  (** Consider any arrival sequence [arr_seq] with consistent, non-duplicate arrivals. *)
  Variable arr_seq : arrival_sequence Job.
  Hypothesis H_valid_arrival_sequence : valid_arrival_sequence arr_seq.

  (** *** Absence of Self-Suspensions and WCET Compliance *)

  (** We assume the classic (i.e., Liu & Layland) model of readiness without
      jitter or self-suspensions, wherein [pending] jobs are always ready. *)
  #[local] Existing Instance basic_ready_instance.

  (** We further require that a job's cost cannot exceed its task's stated
      WCET. *)
  Hypothesis H_valid_job_cost : arrivals_have_valid_job_costs arr_seq.

  (** *** The Task Set *)

  (** We consider an arbitrary task set [ts]... *)
  Variable ts : seq Task.

  (** ... and assume that all jobs stem from tasks in this task set. *)
  Hypothesis H_all_jobs_from_taskset : all_jobs_from_taskset arr_seq ts.

  (** Furthermore, we assume that [max_arrivals] is a family of valid arrival
      curves that constrains the arrival sequence [arr_seq], i.e., for any task
      [tsk] in [ts], [max_arrival tsk] is (1) an arrival bound of [tsk], and ... *)
  Hypothesis H_is_arrival_curve : taskset_respects_max_arrivals arr_seq ts.

  (** ... (2) a monotonic function that equals 0 for the empty interval [delta = 0]. *)
  Hypothesis H_valid_arrival_curve : valid_taskset_arrival_curve ts max_arrivals.

  (** *** The Task Under Analysis *)

  (** Let [tsk] be any task in [ts] that is to be analyzed. *)
  Variable tsk : Task.
  Hypothesis H_tsk_in_ts : tsk \in ts.

  (** We assume that [tsk] is described by a valid task _run-to-completion
      threshold_. That is, there exists a task parameter [task_rtct] such
      that [task_rtct tsk] is
      - (1) no larger than [tsk]'s WCET, and
      - (2) for any job of task [tsk], the job's run-to-completion threshold
            [job_rtct] is bounded by [task_rtct tsk]. *)
  Hypothesis H_valid_run_to_completion_threshold :
    valid_task_run_to_completion_threshold arr_seq tsk.

  (** *** The Schedule *)

  (** Finally, consider any arbitrary, valid ideal uni-processor schedule of the
      given arrival sequence [arr_seq] (and hence the given task set [ts]). *)
  Variable sched : schedule (ideal.processor_state Job).
  Hypothesis H_valid_schedule : valid_schedule sched arr_seq.

  (** We assume that the schedule complies with the preemption model ... *)
  Hypothesis H_valid_preemption_model : valid_preemption_model arr_seq sched.

  (** ... and, last but not least, that it respects the [FIFO] scheduling
          policy. *)
  Hypothesis H_respects_policy_at_preemption_point :
    respects_JLFP_policy_at_preemption_point arr_seq sched (FIFO Job).


  (** ** B. Encoding the Scheduling Policy and Preemption Model *)

  (** With the system model in place, the next step is to encode the scheduling
      policy and preemption model such that aRTA becomes applicable. To this
      end, we encode the semantics of the scheduling policy and preemption model
      using two functions, by convention called [interference] and
      [interfering_workload]. The paper explains the idea behind these two
      functions and how they interact in much more detail. At the code level,
      we fortunately can simply reuse the existing general definitions of
      _interference_ and _interfering workload_ that apply to any job-level
      fixed-priority (JLFP) policy (as provided in the module
      [ideal_jlfp_rta]). *)
  Let interference (j : Job) (t : instant) :=
    ideal_jlfp_rta.interference arr_seq sched j t.

  Let interfering_workload (j : Job) (t : instant) :=
    ideal_jlfp_rta.interfering_workload arr_seq sched j t.

  (** Please refer to the general definitions (by clicking on the links above)
      to see how they correspond to the definitions provided in Listing 3 of the
      paper (they are identical). *)

  (** ** C. Classic and Abstract Work Conservation *)

  (** The next step is to connect the classic notion of work conservation with
      the abstract notion assumed by aRTA. First, let us recall the abstract and
      classic notations of work conservation as [work_conserving_ab] and
      [work_conserving_cl], respectively. *)
  Let work_conserving_ab := abstract.definitions.work_conserving arr_seq sched.
  Let work_conserving_cl := work_conserving.work_conserving arr_seq sched.

  (** In the following, we make the standard assumption that the schedule is
      work-conserving in the classic sense. *)
  Hypothesis H_work_conserving : work_conserving_cl.

  (** As explained in much detail in the paper, a general proof obligation of
      aRTA is to show that its abstract notion of work conservation is also
      satisfied. That is, the classic, policy-specific notion assumed in
      [H_work_conserving] needs to be "translated" into the abstract notion
      understood by aRTA. Fortunately, in our case the proof is trivial: as a
      benefit of reusing the general definitions of [interference] and
      [interfering_workload] for JLFP policies, we can reuse the existing
      general lemma [instantiated_i_and_w_are_coherent_with_schedule]. This
      lemma immediately allows us to conclude that the schedule is
      work-conserving in the abstract sense with respect to [interference] and
      [interfering_workload]. *)
  Fact abstractly_work_conserving : work_conserving_ab interference interfering_workload.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
work_conserving_ab interference interfering_workload
  Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
work_conserving_ab interference interfering_workload by apply: instantiated_i_and_w_are_coherent_with_schedule; rt_eauto. Qed.

  (** The preceding fact [abstractly_work_conserving] corresponds to Lemma 1 in
      the paper. To see the correspondence, refer to the definition of
      [definitions.work_conserving] (by clicking the link in the above
      definition). *)

  (** ** D. Bounding the Maximum Busy-Window Length *)

  (** The next step is to establish a bound on the maximum busy-window length,
      which aRTA requires to be given. *)

  (** To this end, we assume that we are given a positive value [L] ...*)
  Variable L : duration.
  Hypothesis H_L_positive : L > 0.

  (** ... that is a fixed point of the following equation. *)
  Hypothesis H_fixed_point : L = total_request_bound_function ts L.

  (** Given this definition of [L], it is our proof obligation to show that all
      busy windows (in the _abstract_ sense) are indeed bounded by [L]. To this
      end, let us first recall the notion of a bound on the maximum busy-window
      length (or, interchangeably, busy-interval length) as understood by
      aRTA. *)
  Let busy_windows_are_bounded_by L :=
    busy_intervals_are_bounded_by arr_seq sched tsk interference interfering_workload L.

  (** We observe that the length of any (abstract) busy window in [sched] is
      indeed bounded by [L]. Again, the proof is trivial because we can reuse a
      general lemma, namely [instantiated_busy_intervals_are_bounded] in this
      case, due to the choice to reuse the existing JLFP definitions of
      [interference] and [interfering_workload]. *)
  Fact busy_windows_are_bounded : busy_windows_are_bounded_by L.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
busy_windows_are_bounded_by L
  Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
busy_windows_are_bounded_by L by apply: instantiated_busy_intervals_are_bounded; rt_eauto. Qed.

  (** The preceding fact [busy_windows_are_bounded] correspond to Lemma 2 in the
      paper. To clearly see the correspondence, refer to the definition of
      [busy_intervals_are_bounded_by] (by clicking on the link in the definition
      above). *)

  (** ** E. Defining the Interference Bound Function (IBF) *)

  (** Finally, we define the _interference bound function_ ([IBF]). [IBF] bounds
      the cumulative interference incurred by a job in its busy window. In
      general, aRTA expects to reason about an IBF parametric in two parameters,
      a _relative arrival offset_ [A] and an _interval length_ [Δ], as described
      in the paper. In our specific case, for [FIFO] scheduling, only [A] is
      actually relevant. We therefore define [IBF] as the sum, across all
      tasks, of the per-task request-bound functions (RBFs) in the interval [A +
      ε] minus the WCET of the task under analysis [tsk]. *)
  Let IBF tsk (A Δ : duration) := (\sum_(tsko <- ts) task_request_bound_function tsko (A + ε))
                                  - task_cost tsk.

  (** As discussed in the paper, our proof obligation now is to show that the
      stated [IBF] is indeed correct. To this end, we first establish two
      auxiliary lemmas. *)

  (** *** Absence of Priority Inversion *)

  (** Because we reuse the general JLFP notions of [interference] and
      [interfering_workload], which allowed us to save much proof effort in the
      preceding sections, we must reason about priority inversion. While
      priority inversion is _conceptually_ not relevant under FIFO scheduling,
      it clearly is a factor in the general JLFP case, and hence shows up in the
      definitions of [interference] and [interfering_workload]. We therefore
      next show it to be _actually_ impossible, too, by proving that, under FIFO
      scheduling, the cumulative priority inversion experienced by a job [j] in
      any interval within its busy window is always [0]. *)
  Section AbsenceOfPriorityInversion.

    (** Consider any job [j] of the task under analysis [tsk]. *)
    Variable j : Job.
    Hypothesis H_j_arrives : arrives_in arr_seq j.
    Hypothesis H_job_of_tsk : job_of_task tsk j.

    (** Assume that the job has a positive cost (as we later do not need to
        reason about zero-cost jobs). *)
    Hypothesis H_job_cost_positive: job_cost_positive j.

    (** Assume the busy interval of the job [j] is given by <<[t1,t2)>>. *)
    Variable t1 t2 : duration.
    Hypothesis H_busy_interval :
      definitions.busy_interval sched interference interfering_workload j t1 t2.

    (** Consider any sub-interval <<[t1, t1 + Δ)>> of the busy interval of [j]. *)
    Variable Δ : duration.
    Hypothesis H_Δ_in_busy : t1 + Δ < t2.

    (** We prove that the cumulative priority inversion in the interval <<[t1, t1 + Δ)>>
        is indeed [0]. *)
    Lemma no_priority_inversion:
      cumulative_priority_inversion arr_seq sched j t1 (t1 + Δ) = 0.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) = 0
    Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) = 0
      apply /eqP; rewrite -leqn0.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) <= 0
      pose zf : nat -> nat := (fun=> 0).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
zf:= (fun=> 0) : nat -> nat: nat -> nat
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) <= 0
      have: cumulative_priority_inversion arr_seq sched j t1 (t1 + Δ) <= zf (job_arrival j - t1);
        last by apply.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
zf:= (fun=> 0) : nat -> nat: nat -> nat
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) <= zf (job_arrival j - t1)
      apply: cumulative_priority_inversion_is_bounded; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
t1, t2: duration
H_busy_interval: definitions.busy_interval sched
  interference interfering_workload
  j t1 t2
Δ: duration
H_Δ_in_busy: t1 + Δ < t2
zf:= (fun=> 0) : nat -> nat: nat -> nat
priority_inversion_is_bounded_by arr_seq sched tsk zf
      have -> : priority_inversion_is_bounded_by arr_seq sched tsk zf
               = priority_inversion_is_bounded_by_constant arr_seq sched tsk 0;
        by try apply: FIFO_implies_no_pi; rt_eauto.
    Qed.

  End AbsenceOfPriorityInversion.

  (** *** Higher- and Equal-Priority Interference *)

  (** Next, we establish a bound on the interference produced by higher- and
      equal-priority jobs. *)
  Section BoundOnHEPWorkload.

    (** Consider again a job [j] of the task under analysis [tsk] with a positive cost. *)
    Variable j : Job.
    Hypothesis H_job_of_task : job_of_task tsk j.
    Hypothesis H_j_in_arrivals : arrives_in arr_seq j.
    Hypothesis H_job_cost_positive : job_cost_positive j.

    (** Consider the (abstract) busy window of [j] and denote it as  <<[t1, t2)>>. *)
    Variable t1 t2 : instant.
    Hypothesis H_busy_window :
      definitions.busy_interval sched interference interfering_workload j t1 t2.

    (** Consider any arbitrary sub-interval <<[t1, Δ)>> within the busy window
        of [j]. *)
    Variable Δ : instant.
    Hypothesis H_in_busy : t1 + Δ < t2.

    (** The cumulative interference from higher- and equal-priority jobs during
        <<[t1, Δ)>> is bounded as follows. *)
    Lemma bound_on_hep_workload :
      \sum_(t1 <= t < t1 + Δ) is_interference_from_another_hep_job sched j t <=
        \sum_(tsko <- ts) task_request_bound_function tsko (job_arrival j - t1 + ε) - task_cost tsk.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      move: H_busy_window => [ [ /andP [LE GT] [QUIETt1 _ ] ] [QUIETt2 EQNs]].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      rewrite (cumulative_i_ohep_eq_service_of_ohep arr_seq); rt_eauto;
        last by rewrite instantiated_quiet_time_equivalent_quiet_time; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
service_of_jobs sched (another_hep_job^~ j)
  (arrivals_between arr_seq t1 (t1 + Δ)) t1 (t1 + Δ) <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      eapply leq_trans; first by apply service_of_jobs_le_workload; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
workload_of_jobs (another_hep_job^~ j)
  (arrivals_between arr_seq t1 (t1 + Δ)) <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      rewrite (leqRW (workload_equal_subset _ _ _ _ _ _  _)); rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
workload_of_jobs (fun j0 : Job => j0 != j)
  (arrivals_between arr_seq t1 (job_arrival j + ε)) <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      rewrite (workload_minus_job_cost j); rt_eauto;
        last by rewrite /ε; apply job_in_arrivals_between; rt_auto; lia.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
workload_of_jobs predT
  (arrivals_between arr_seq t1 (job_arrival j + ε)) -
job_cost j <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
      rewrite /workload_of_jobs /IBF (big_rem tsk) //=
        (addnC (task_request_bound_function tsk (job_arrival j - t1 + ε))).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_request_bound_function tsk
  (job_arrival j - t1 + ε) - task_cost tsk
      rewrite -addnBA; last first.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
task_cost tsk <=
task_request_bound_function tsk
  (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- 
arrivals_between arr_seq t1 
  (job_arrival j + ε)) 
job_cost j - 
job_cost j <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_request_bound_function tsk
   (job_arrival j - t1 + ε) - 
 task_cost tsk)
      -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
task_cost tsk <=
task_request_bound_function tsk
  (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- 
arrivals_between arr_seq t1 
  (job_arrival j + ε)) 
job_cost j - 
job_cost j <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_request_bound_function tsk
   (job_arrival j - t1 + ε) - 
 task_cost tsk) apply leq_trans with (task_request_bound_function tsk ε);
          first by apply : (task_rbf_1_ge_task_cost arr_seq); rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
task_request_bound_function tsk ε <=
task_request_bound_function tsk
  (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- 
arrivals_between arr_seq t1 
  (job_arrival j + ε)) 
job_cost j - 
job_cost j <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_request_bound_function tsk
   (job_arrival j - t1 + ε) - 
 task_cost tsk)
        by apply task_rbf_monotone; [apply H_valid_arrival_curve | lia].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_request_bound_function tsk
   (job_arrival j - t1 + ε) - task_cost tsk)
      -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_request_bound_function tsk
   (job_arrival j - t1 + ε) - task_cost tsk) eapply leq_trans;
          last by erewrite leq_add2l; eapply task_rbf_excl_tsk_bounds_task_workload_excl_j; eauto 1.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
(task_workload_between arr_seq tsk t1
   (t1 + (job_arrival j - t1) + ε) - job_cost j)
        rewrite addnBA.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) - job_cost j
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
        +
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j -
job_cost j <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) - job_cost j
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) rewrite leq_sub2r //; eapply leq_trans.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j <= ?n
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
?n <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
          *
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(j <- arrivals_between arr_seq t1
             (job_arrival j + ε)) job_cost j <= ?n
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
?n <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) apply sum_over_partitions_le => j' inJOBS.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
j': Job
inJOBS: j'
  \in arrivals_between arr_seq t1
        (job_arrival j + ε)
?x_to_y j' \in ?ys
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(y <- 
?ys)
   \sum_(x <- 
   arrivals_between arr_seq t1 
     (job_arrival j + ε) | 
   xpredT x && 
   (?x_to_y x == y)) 
   job_cost x <=
\sum_(y <- 
rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            by apply H_all_jobs_from_taskset, (in_arrivals_implies_arrived _ _ _ _ inJOBS).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(y <- ts)
   \sum_(x <- arrivals_between arr_seq t1
                (job_arrival j + ε) | xpredT x &&
                                      ([eta job_task]
                                         x == y))
      job_cost x <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
          *
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(y <- ts)
   \sum_(x <- arrivals_between arr_seq t1
                (job_arrival j + ε) | xpredT x &&
                                      ([eta job_task]
                                         x == y))
      job_cost x <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε) +
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) rewrite (big_rem tsk) //= addnC leq_add //; last by rewrite subnKC.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(y <- rem (T:=Task) tsk ts)
   \sum_(x <- arrivals_between arr_seq t1
                (job_arrival j + ε) | job_task x == y)
      job_cost x <=
\sum_(y <- rem (T:=Task) tsk ts)
   task_request_bound_function y
     (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            rewrite big_seq_cond [in X in _ <= X]big_seq_cond big_mkcond [in X in _ <= X]big_mkcond //=.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(i <- rem (T:=Task) tsk ts)
   (if (i \in rem (T:=Task) tsk ts) && true
    then
     \sum_(x <- arrivals_between arr_seq t1
                  (job_arrival j + ε) | job_task x ==
                                        i) job_cost x
    else 0) <=
\sum_(i <- rem (T:=Task) tsk ts)
   (if (i \in rem (T:=Task) tsk ts) && true
    then
     task_request_bound_function i
       (job_arrival j - t1 + ε)
    else 0)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            apply leq_sum => tsk' _; rewrite andbC //=.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
tsk': Task
(if tsk' \in rem (T:=Task) tsk ts
 then
  \sum_(x <- arrivals_between arr_seq t1
               (job_arrival j + ε) | job_task x ==
                                     tsk') job_cost x
 else 0) <=
(if tsk' \in rem (T:=Task) tsk ts
 then
  task_request_bound_function tsk'
    (job_arrival j - t1 + ε)
 else 0)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            destruct (tsk' \in rem (T:=Task) tsk ts) eqn:IN; last by [].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
tsk': Task
IN: (tsk' \in rem (T:=Task) tsk ts) = true
\sum_(x <- arrivals_between arr_seq t1
             (job_arrival j + ε) | job_task x == tsk')
   job_cost x <=
task_request_bound_function tsk'
  (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            apply rem_in in IN.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
tsk': Task
IN: tsk' \in ts
\sum_(x <- arrivals_between arr_seq t1
             (job_arrival j + ε) | job_task x == tsk')
   job_cost x <=
task_request_bound_function tsk'
  (job_arrival j - t1 + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            eapply leq_trans;
              last by apply (task_workload_le_task_rbf _ _ _ IN H_valid_job_cost H_is_arrival_curve t1).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
tsk': Task
IN: tsk' \in ts
\sum_(x <- arrivals_between arr_seq t1
             (job_arrival j + ε) | job_task x == tsk')
   job_cost x <=
workload_of_jobs (job_of_task tsk')
  (arrivals_between arr_seq t1
     (t1 + (job_arrival j - t1 + ε)))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
            by rewrite addnBAC //= subnKC //= addn1; apply leqW.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
        +
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε) move : H_job_of_task => TSKj.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
TSKj: job_of_task tsk j
job_cost j <=
task_workload_between arr_seq tsk t1
  (t1 + (job_arrival j - t1) + ε)
          rewrite /task_workload_between /task_workload /workload_of_jobs (big_rem j) //=;
            first by rewrite TSKj; apply leq_addr.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
TSKj: job_of_task tsk j
j
  \in arrivals_between arr_seq t1
        (t1 + (job_arrival j - t1) + ε)
          apply job_in_arrivals_between => //; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
j: Job
H_job_of_task: job_of_task tsk j
H_j_in_arrivals: arrives_in arr_seq j
H_job_cost_positive: job_cost_positive j
t1, t2: instant
H_busy_window: definitions.busy_interval sched
  interference interfering_workload j
  t1 t2
Δ: instant
H_in_busy: t1 + Δ < t2
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
TSKj: job_of_task tsk j
t1 <= job_arrival j < t1 + (job_arrival j - t1) + ε
          by apply /andP; split; [| rewrite subnKC; [rewrite addn1 |]].
    Qed.

  End BoundOnHEPWorkload.

  (** *** Correctness of [IBF]  *)

  (** Combining the bound on interference due to lower-priority jobs (priority
      inversion, i.e., [no_priority_inversion]) and the interference due to
      higher- or equal-priority jobs ([bound_on_hep_workload]), we can prove
      that [IBF] indeed bounds the total interference. *)
  Lemma IBF_correct :
    job_interference_is_bounded_by arr_seq sched tsk interference interfering_workload  IBF.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload IBF
  Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload IBF
    move => t1 t2 Δ j ARRj TSKj BUSY IN_BUSY NCOMPL.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
let offset := job_arrival j - t1 in
cumul_interference interference j t1 (t1 + Δ) <=
IBF tsk offset Δ
    rewrite /cumul_interference cumulative_interference_split; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
cumulative_priority_inversion arr_seq sched j t1
  (t1 + Δ) +
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
IBF tsk (job_arrival j - t1) Δ
    rewrite /IBF /cumulative_priority_inversion.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
\sum_(t1 <= t < t1 + Δ)
   priority_inversion_dec arr_seq sched j t +
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    have JPOS: job_cost_positive j by rewrite -ltnNge in NCOMPL; unfold job_cost_positive; lia.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
JPOS: job_cost_positive j
\sum_(t1 <= t < t1 + Δ)
   priority_inversion_dec arr_seq sched j t +
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    move: (BUSY) => [ [ /andP [LE GT] [QUIETt1 _ ] ] [QUIETt2 EQNs]].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
JPOS: job_cost_positive j
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
\sum_(t1 <= t < t1 + Δ)
   priority_inversion_dec arr_seq sched j t +
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    have CPIB := no_priority_inversion j ARRj _ JPOS t1 t2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
JPOS: job_cost_positive j
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
CPIB: job_of_task tsk j ->
definitions.busy_interval sched interference
  interfering_workload j t1 t2 ->
forall Δ : duration,
t1 + Δ < t2 ->
cumulative_priority_inversion arr_seq sched j
  t1 (t1 + Δ) = 0
\sum_(t1 <= t < t1 + Δ)
   priority_inversion_dec arr_seq sched j t +
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    rewrite /cumulative_priority_inversion in CPIB;
      rewrite /ideal_jlfp_rta.cumulative_priority_inversion CPIB //= add0n.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
t1, t2: instant
Δ: nat
j: Job
ARRj: arrives_in arr_seq j
TSKj: job_of_task tsk j
BUSY: definitions.busy_interval sched interference
  interfering_workload j t1 t2
IN_BUSY: t1 + Δ < t2
NCOMPL: ~~ completed_by sched j (t1 + Δ)
JPOS: job_cost_positive j
LE: t1 <= job_arrival j
GT: job_arrival j < t2
QUIETt1: definitions.quiet_time sched interference
  interfering_workload j t1
QUIETt2: cumul_interference interference j 0 t2 =
cumul_interfering_workload
  interfering_workload j 0 t2
EQNs: ~~ pending_earlier_and_at sched j t2
CPIB: job_of_task tsk j ->
definitions.busy_interval sched interference
  interfering_workload j t1 t2 ->
forall Δ : duration,
t1 + Δ < t2 ->
\sum_(t1 <= t < 
t1 + Δ)
   priority_inversion_dec arr_seq sched j t = 0
\sum_(t1 <= t < t1 + Δ)
   is_interference_from_another_hep_job sched j t <=
\sum_(tsko <- ts)
   task_request_bound_function tsko
     (job_arrival j - t1 + ε) - task_cost tsk
    by apply: bound_on_hep_workload; rt_eauto.
  Qed.

  (** The preceding lemma [IBF_correct] corresponds to Lemma 3 in the paper. To
      see the correspondence more clearly, refer to the definition of
      [job_interference_is_bounded_by] in the above lemma. *)

  (** ** F. Defining the Search Space *)

  (** In this section, we define the concrete search space for [FIFO] and relate
      it to the abstract search space of aRTA. In the case of [FIFO], the concrete
      search space is the set of offsets less than [L] such that there exists a
      task [tsk'] in [ts] such that [r bf tsk' (A) ≠ rbf tsk' (A + ε)]. *)
  Definition is_in_concrete_search_space (A : duration) :=
    (A < L) && has (fun tsk' => task_request_bound_function tsk' (A) !=
                               task_request_bound_function tsk' ( A + ε )) ts.

  (** To enable the use of aRTA, we must now show that any offset [A] included
      in the abstract search space is also included in the concrete search
      space. That is, we must show that the concrete search space is a
      refinement of the abstract search space assumed by aRTA. *)

  (** To this end, first recall the notion of the abstract search space in aRTA. *)
  Let is_in_abstract_search_space A := abstract.search_space.is_in_search_space tsk L IBF A.

  Section SearchSpaceRefinement.

    (** Suppose we are given a job [j] of the task under analysis [tsk] with
        positive cost. We use the existence of such a job in the subsequent
        proof, even if it does not feature in the claim directly. *)
    Variable j : Job.
    Hypothesis H_j_arrives : arrives_in arr_seq j.
    Hypothesis H_job_of_tsk : job_of_task tsk j.
    Hypothesis H_positive_cost : 0 < task_cost tsk.

    (** Under this assumption, given any [A] from the _abstract_ search space, ... *)
    Variable A : nat.
    Hypothesis H_in_abstract : is_in_abstract_search_space A.

    (** ... we prove that [A] is also in the concrete search space. In other
        words, we prove that the abstract search space is a subset of the
        concrete search space. *)
    Lemma search_space_refinement : is_in_concrete_search_space A.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
is_in_concrete_search_space A
    Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
is_in_concrete_search_space A
      move: H_in_abstract => [INSP | [/andP [POSA LTL] [x [LTx INSP2]]]].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
INSP: A = 0
is_in_concrete_search_space A
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
is_in_concrete_search_space A
      {
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
INSP: A = 0
is_in_concrete_search_space A subst A.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
is_in_concrete_search_space 0
        apply/andP; split; [by done |].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
has
  (fun tsk' : Task =>
   task_request_bound_function tsk' 0
   != task_request_bound_function tsk' (0 + ε)) ts
        apply /hasP.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
exists2 x : Task,
  x \in ts &
  task_request_bound_function x 0
  != task_request_bound_function x (0 + ε) exists tsk; first by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_request_bound_function tsk 0
!= task_request_bound_function tsk (0 + ε)
        rewrite neq_ltn;apply/orP; left.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_request_bound_function tsk 0 <
task_request_bound_function tsk (0 + ε)
        erewrite task_rbf_0_zero; eauto 2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
0 < task_request_bound_function tsk (0 + ε)
        rewrite add0n ; apply leq_trans with (task_cost tsk).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
0 < task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_cost tsk <= task_request_bound_function tsk ε
        -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
0 < task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_cost tsk <= task_request_bound_function tsk ε by eapply leq_trans; eauto 2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_cost tsk <= task_request_bound_function tsk ε
        -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
H_in_abstract: is_in_abstract_search_space 0
task_cost tsk <= task_request_bound_function tsk ε by eapply task_rbf_1_ge_task_cost; rt_eauto. }
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
is_in_concrete_search_space A
      {
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
is_in_concrete_search_space A apply /andP; split; first by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
has
  (fun tsk' : Task =>
   task_request_bound_function tsk' A
   != task_request_bound_function tsk' (A + ε)) ts
        apply /hasPn.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
~
{in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
        move => EQ2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: IBF tsk (A - ε) x <> IBF tsk A x
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
False unfold IBF in INSP2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
INSP2: \sum_(tsko <- ts)
   task_request_bound_function tsko
     (A - ε + ε) - 
task_cost tsk <>
\sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) -
task_cost tsk
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
False
        rewrite subnK in INSP2; try by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
INSP2: \sum_(tsko <- ts)
   task_request_bound_function tsko A -
task_cost tsk <>
\sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) -
task_cost tsk
False
        apply INSP2; clear INSP2.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
\sum_(tsko <- ts) task_request_bound_function tsko A -
task_cost tsk =
\sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) -
task_cost tsk
        have -> : \sum_(tsko <- ts) task_request_bound_function tsko A =
                   \sum_(tsko <- ts)  task_request_bound_function tsko (A + ε); last by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
\sum_(tsko <- ts) task_request_bound_function tsko A =
\sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε)
        apply eq_big_seq => //= task IN.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_positive_cost: 0 < task_cost tsk
A: nat
H_in_abstract: is_in_abstract_search_space A
POSA: 0 < A
LTL: A < L
x: nat
LTx: x < L
EQ2: {in ts,
  forall x : Task,
  ~~
  (task_request_bound_function x A
   != task_request_bound_function x (A + ε))}
task: Task
IN: task \in ts
task_request_bound_function task A =
task_request_bound_function task (A + ε)
        by move: (EQ2 task IN) => /negPn /eqP. }
    Qed.

    (** The preceding lemma [search_space_refinement] corresponds to Lemma 4 in
        the paper, which is apparent after consulting the definitions of the
        abstract and concrete search spaces. *)

  End SearchSpaceRefinement.

  (** ** G. Stating the Response-Time Bound [R] *)

  (** Having established all necessary preliminaries, it is finally time to
      state the claimed response-time bound [R]. *)
  Variable R : duration.
  Hypothesis H_R_max:
    forall (A : duration),
      is_in_concrete_search_space A ->
      exists (F : nat),
        A + F >= \sum_(tsko <- ts) task_request_bound_function tsko (A + ε) /\
          F <= R.

  (** Ultimately, we seek to apply aRTA to prove the correctness of this [R].
      However, in order to connect the concrete definition of [R] with aRTA, we
      must first restate the bound in the shape of the abstract response-time
      bound equation that aRTA expects, which we do next. *)

  Section ResponseTimeBoundRestated.
    (** Suppose again we are given a job [j] of the task under analysis [tsk]
        with positive cost. We use the existence of such a job in the subsequent
        proof, even if it does not feature in the claim directly. *)
    Variable j : Job.
    Hypothesis H_j_arrives : arrives_in arr_seq j.
    Hypothesis H_job_of_tsk : job_of_task tsk j.
    Hypothesis H_job_cost_positive : job_cost_positive j.

    (** We know that:
        - if [A] is in the abstract search space, then it is also in
           the concrete search space; and
        - if [A] is in the concrete search space, then there exists a solution
          that satisfies the inequalities stated in [H_R_is_maximum].
        Using these facts, we prove that, if [A] is in the abstract search
        space, then there also exists a solution [F] to the response-time
        equation as expected by aRTA. *)
    Lemma soln_abstract_response_time_recurrence :
      forall A,
        is_in_abstract_search_space A ->
        exists (F : nat),
          A + F >= task_rtct tsk + IBF tsk A (A + F) /\
            F + (task_cost tsk - task_rtct tsk) <= R.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
forall A : nat,
is_in_abstract_search_space A ->
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
    Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
forall A : nat,
is_in_abstract_search_space A ->
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      move => A IN.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_abstract_search_space A
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      eapply search_space_refinement in IN; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      move: (H_R_max _ IN) => [F [FIX NEQ]].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      have R_GE_TC: task_cost tsk <= R.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
task_cost tsk <= R
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      {
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
task_cost tsk <= R move : (H_R_max 0) => SEARCH; feed SEARCH;
          first by eapply search_space_refinement; rt_eauto; left.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
SEARCH: exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko (0 + ε) <=
  0 + F /\ 
  F <= R
task_cost tsk <= R
        move: SEARCH => [F' [LE1 LE2]].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
F': nat
LE1: \sum_(tsko <- ts)
   task_request_bound_function tsko (0 + ε) <=
0 + F'
LE2: F' <= R
task_cost tsk <= R
        rewrite !add0n in LE1.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
F': nat
LE2: F' <= R
LE1: \sum_(tsko <- ts)
   task_request_bound_function tsko ε <= F'
task_cost tsk <= R
        rewrite -(leqRW LE2) -(leqRW LE1).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
F': nat
LE2: F' <= R
LE1: \sum_(tsko <- ts)
   task_request_bound_function tsko ε <= F'
task_cost tsk <=
\sum_(tsko <- ts) task_request_bound_function tsko ε
        by eapply (task_cost_le_sum_rbf arr_seq); rt_eauto. }
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
      exists (R - (task_cost tsk - task_rtct tsk)); split.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk +
IBF tsk A (A + (R - (task_cost tsk - task_rtct tsk))) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
      -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk +
IBF tsk A (A + (R - (task_cost tsk - task_rtct tsk))) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R rewrite /IBF.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk +
(\sum_(tsko <- ts)
    task_request_bound_function tsko (A + ε) -
 task_cost tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
        rewrite (leqRW FIX) addnC -subnA; first last.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_cost tsk <= A + F
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
        +
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_cost tsk <= A + F
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R rewrite -(leqRW FIX).
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_cost tsk <=
\sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε)
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
          apply : (task_cost_le_sum_rbf _ _ _ ); rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
0 < A + ε
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
          by rewrite addn1.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
        +
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_rtct tsk <= task_cost tsk
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R by move : H_valid_run_to_completion_threshold => [TASKvalid JOBvalid].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
        +
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
A + F - (task_cost tsk - task_rtct tsk) <=
A + (R - (task_cost tsk - task_rtct tsk))
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R rewrite addnBA; first by rewrite leq_sub2r // leq_add2l.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_cost tsk - task_rtct tsk <= R
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
          by apply leq_trans with (task_cost tsk); [lia|].
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R
      -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
R - (task_cost tsk - task_rtct tsk) +
(task_cost tsk - task_rtct tsk) <= R rewrite subnK; first by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
j: Job
H_j_arrives: arrives_in arr_seq j
H_job_of_tsk: job_of_task tsk j
H_job_cost_positive: job_cost_positive j
A: nat
IN: is_in_concrete_search_space A
F: nat
FIX: \sum_(tsko <- ts)
   task_request_bound_function tsko (A + ε) <=
A + F
NEQ: F <= R
R_GE_TC: task_cost tsk <= R
task_cost tsk - task_rtct tsk <= R
        by apply leq_trans with (task_cost tsk); [lia| ].
    Qed.

    (** Lemma [soln_abstract_response_time_recurrence] is shown in Listing 3 in
        the paper. *)
  End ResponseTimeBoundRestated.

  (** ** H. Soundness of the Response-Time Bound *)

  (** Finally, we are in a position to establish the soundness of the claimed
      response-time bound [R] by applying the main general aRTA theorem
      [uniprocessor_response_time_bound]. *)
  Theorem uniprocessor_response_time_bound_FIFO:
    task_response_time_bound arr_seq sched tsk R.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
task_response_time_bound arr_seq sched tsk R
  Proof.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
task_response_time_bound arr_seq sched tsk R
    move => js ARRs TSKs.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
job_response_time_bound sched js R
    rewrite /job_response_time_bound /completed_by.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
job_cost js <= service sched js (job_arrival js + R)
    case: (posnP (@job_cost _ _ js)) => [ -> |POS]; first by done.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_cost js <= service sched js (job_arrival js + R)
    eapply uniprocessor_response_time_bound; rt_eauto.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
definitions.work_conserving arr_seq sched
  ?interference ?interfering_workload
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
busy_intervals_are_bounded_by arr_seq sched tsk
  ?interference 
  ?interfering_workload 
  ?L
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  ?interference 
  ?interfering_workload 
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk 
  ?L ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R
    -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
definitions.work_conserving arr_seq sched
  ?interference ?interfering_workload
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
busy_intervals_are_bounded_by arr_seq sched tsk
  ?interference 
  ?interfering_workload 
  ?L
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  ?interference 
  ?interfering_workload 
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk 
  ?L ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R exact: abstractly_work_conserving.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
busy_intervals_are_bounded_by arr_seq sched tsk
  interference interfering_workload ?L
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk 
  ?L ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R
    -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
busy_intervals_are_bounded_by arr_seq sched tsk
  interference interfering_workload ?L
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk 
  ?L ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R exact: busy_windows_are_bounded.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk L 
  ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R
    -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
job_interference_is_bounded_by arr_seq sched tsk
  interference interfering_workload
  ?interference_bound_function
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk L 
  ?interference_bound_function A ->
exists F : nat,
  task_rtct tsk +
  ?interference_bound_function tsk A (A + F) <= 
  A + F /\ 
  F + (task_cost tsk - task_rtct tsk) <= R exact: IBF_correct.
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk L IBF A ->
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R
    -
Task: TaskType
H: TaskCost Task
H0: MaxArrivals Task
H1: TaskRunToCompletionThreshold Task
Job: JobType
H2: JobTask Job Task
H3: JobArrival Job
H4: JobCost Job
H5: JobPreemptable Job
arr_seq: arrival_sequence Job
H_valid_arrival_sequence: valid_arrival_sequence
  arr_seq
H_valid_job_cost: arrivals_have_valid_job_costs
  arr_seq
ts: seq Task
H_all_jobs_from_taskset: all_jobs_from_taskset
  arr_seq ts
H_is_arrival_curve: taskset_respects_max_arrivals
  arr_seq ts
H_valid_arrival_curve: valid_taskset_arrival_curve ts
  max_arrivals
tsk: Task
H_tsk_in_ts: tsk \in ts
H_valid_run_to_completion_threshold: valid_task_run_to_completion_threshold
  arr_seq tsk
sched: schedule (ideal.processor_state Job)
H_valid_schedule: valid_schedule sched arr_seq
H_valid_preemption_model: valid_preemption_model
  arr_seq sched
H_respects_policy_at_preemption_point: respects_JLFP_policy_at_preemption_point
  arr_seq sched
  (FIFO Job)
interference:= fun j : Job =>
[eta ideal_jlfp_rta.interference arr_seq
       sched j]: Job -> instant -> bool
interfering_workload:= fun j : Job =>
[eta ideal_jlfp_rta.interfering_workload
       arr_seq sched j]: Job -> instant -> nat
work_conserving_ab:= definitions.work_conserving
  arr_seq sched: (Job -> instant -> bool) ->
(Job -> instant -> duration) ->
Prop
work_conserving_cl:= work_conserving arr_seq sched: Prop
H_work_conserving: work_conserving_cl
L: duration
H_L_positive: 0 < L
H_fixed_point: L = total_request_bound_function ts L
busy_windows_are_bounded_by:= [eta busy_intervals_are_bounded_by
       arr_seq sched tsk
       interference
       interfering_workload]: nat -> Prop
IBF:= fun (tsk : Task) (A : duration) =>
fun=> \sum_(tsko <- ts)
         
      task_request_bound_function tsko (A + ε) -
      task_cost tsk: Task -> duration -> duration -> nat
is_in_abstract_search_space:= [eta is_in_search_space
       tsk L IBF]: nat -> Prop
R: duration
H_R_max: forall A : duration,
is_in_concrete_search_space A ->
exists F : nat,
  \sum_(tsko <- ts)
     task_request_bound_function tsko
       (A + ε) <= 
  A + F /\ 
  F <= R
js: Job
ARRs: arrives_in arr_seq js
TSKs: job_of_task tsk js
POS: 0 < job_cost js
forall A : nat,
is_in_search_space tsk L IBF A ->
exists F : nat,
  task_rtct tsk + IBF tsk A (A + F) <= A + F /\
  F + (task_cost tsk - task_rtct tsk) <= R by apply: soln_abstract_response_time_recurrence; eauto.
  Qed.

  (** The preceding theorem [uniprocessor_response_time_bound_FIFO] corresponds
      to Theorem 2 in the paper. The correspondence becomes clearer when referring
      to the definition of [task_response_time_bound], and then in turn to the
      definitions of [job_of_task] and [job_response_time_bound].  *)

End AbstractRTAforFIFOwithArrivalCurves.