Submission

submit comp2310 ass1 ReadMe.txt CardGame.lts CardGame.java
submit comp6310 ass1 ReadMe.txt CardGame.lts CardGame.java

Extensions

How Late	Penalty from 36 Marks
less than 1 hour	-2
between 1 and 6 hours	-4
between 6 and 24 hours (1 day)	-8
between 24 and 48 hours (2 days)	-16
between 48 and 72 hours (3 days)	-32
more than 72 hours (4 days)	-64 (forget it!)

Note: late penalties apply even if you submit just one file after the deadline.

Objectives

• To model a concurrent system of moderate size, and its safety and liveness properties.
• To implement the model using threads with monitors.

The Card Game

When play starts all players begin to (randomly) pick a card from the top of a (non-empty) pile and place it in their hands. They then select one card to put on the bottom of one of the piles, i.e. the pile from which they take a card need not be the same as the one that they discard to. Any pile must not contain more than P cards. Note that at any time a player can have at most P+1=5 and no fewer than P=4 cards in their hand.

When a player holds P=4 cards which are all of the same kind (i.e. four Aces) they declare a win and participate no further in the game. The game continues until all players have declared a `win'; then the game ends. The `winner' of the game is deemed to be the first player to have claimed a `win'; if further players claim a `win' without having picked up a card, it is deemed to be tied between them.

The game can be played with other configurations, as follows:

P players	C kinds of card	P'piles	n cards placed on a pile
2	3	1	2
2	3	2	1
3	4	3	1
4	6	4	2

In order to model the game, the different kinds of cards may be represented as integers in the range 1..C. A value of 0 may be used to denote an empty slot in a pile. There is no need to model the suites; cards of the same suite simply have the same value.

The dealer and all players are deemed to participate in the start action, and all players are deemed to participate in the end action. To facilitate deadlock analysis by the LTSA tool, they should engage in an endless series of end actions. In all other actions, only the 2 entities directly involved are deemed to participate.

System Description

Simple system. This is for the simple case of the game P=2, C=3, P'=1, n=2.

Intermediate system (part 1). This is to implement the case P=2, C=3, P'=2, n=1 for the (FSP) model, but all cases for the Java implementation.

Intermediate system (part 2). An important progress property for this game is that there is always one pile that is not full (whenever a player wants to place a card) and one pile that is not empty (whenever a player wants to pick a card) (so that any player can perform their next action). Specify such a property in FSP and a composition of your game model with this property (it is expected that this composition will be free of deadlock). In your implementation, for P≥3, a smart strategy should be implemented, where the player always keeps the cards with the highest number of other cards of the same value in the current hand. When the smart strategy option is activated, the player of the lowest id (and no others) should use this strategy.

Extended System This game is inherently unfair. A player can be starved of pick actions by other players who keep beating them to the piles. Specify an FSP process FAIRPLAY that prevents any player from performing more than F>0 pick actions than from any other player (who is still playing). Specify an FSP progress property together with an composition with appropriate action priority to check this (for at least one of the players). You will probably find the LTSA tool still detects a progress violation; in a comment in your FSP code, explain how the game rules / model would have to be changed for the LTSA to be able to detect that fairness is being enforced. In your implementation, activate enforcement of fairness when F>0.

Requirements

• The plain text file called ReadMe.txt containing:
  • a disclaimer with your name and student number stating what (if any) contributions from others (not including course staff) are in your submission. Note that significant contributions may require a revision of your final mark, as this is intended to be an individual assignment.
  • design decisions made in your modelling (FSP code) of the system, and any pertinent observations of the model's properties etc (as produced by the LTSA tool). It should also name the parallel compositions corresponding to each level, so that another person (i.e. your tutor!) will easily be able to compile and check your model.
  • design decisions made in your implementation of the model.
  • any notable deficiencies, bugs, or issues with your model or code (e.g. not satisfying a safety property).
  • (optional, not assessed) any feedback on what you found helpful in doing this work, or what from the course could be improved in helping you to carry out this work.
  A template file is available from here.

• an FSP file called CardGame.lts containing a description of your model. The model should be free from deadlock and always be able to make progress. You may freely use, modify or ignore the code in Dealer.lts, which provides a model of the dealer.

• a file called CardGame.java; this contains a definition of the CardGame, which has the main() method to start the game. Classes for the components of your system should also go in this file. After the command javac CardGame.java, the command:
  java -ea CardGame [-n -s -S] [P] [F]
  should run the game with P players (default value 2), with -s specifying the simple system (valid only for P=2), -S activating the smart strategy, and F>0 activating the fairplay constraint (default value 0). -n suppresses the creation of a GUI, which now gets created by default. main() must create a object from the provided CardGameParam class, which will obtain the game's parameters from the command line and shell environment variables. It must similarly create an object from the provided CardGameEvent class.

  Each player must be implemented by a separate thread (more threads can be optionally used for other parts of the system). In general you should follow the systematic approach in translating models to safe concurrent code that we have developed in this course (i.e. with the use of monitors), unless there is a good reason to deviate from this - in which case, this should be explained in ReadMe.txt.

  When your code completes an action (from your FSP model), it must signify this by calling the corresponding event logging method in the provided CardGameEvent class. If the monitor is also involved in this action, the monitor method should make the call (to ensure that the recorded series of actions on the program output are in exactly the same order). After performing the action, the active threads should call the sleepEvents() method: this will cause the thread to sleep for a random interval, which is needed to get sufficient interleaving between the actions of different threads (why is it a bad idea to do the sleeps inside the monitor?).

  You can get a zip file for all auxilliary class files and other files needed for the Card Game. It also contains the readme file, which contains instructions for using the GUI and for working externally. On the CS student system, an up-to-date version of the compiled files will be available through your CLASSPATH environment; you will only need a copy of these files if you are working externally.

  Where there is a choice of actions or action indices that it can engage in, you should ensure these are selected with equal probability. To achieve both variability and reproducibility with randomly generated values, you should either use the CardGameParams's getRandVal() method or its random number seed directly to seed your own generator. It is also desirable that your implementation exhibits a high degree of concurrency; for example, the interleaving of pick and put actions of the different players would indicate this.

  Appropriate defensive programming techniques such as the checking of monitor invariants and invalid method parameters / return values should be used (in particular the thread and monitor classes should not `trust' each other); the Java assert facility may be used for this. For the Extended System, it is especially important to check that the fairness property is indeed being preserved in the invariant.

Your solution may attempt any of the three levels of the system; please only submit for marking the code for the highest level. Note that for the intermediate and advanced levels, CardGame.java should also be able to handle the simple case P = 2, P'=1, n=2.

Marks will be allocated to the system levels approximately as follows:

System	COMP2310	COMP6310
Simple	60	50
Intermediate I	80	70
Intermediate II	100	85
Extended	100	100

The FSP and Java code do not have to be at the same level (in which case this should be explained in ReadMe.txt); there will be approximate weighting of 1/3 for the FSP and 2/3 for the Java, except for the Extended System (where they will be 50% each). A model/implementation at a particular level with serious flaws/bugs cannot score better than one at the next lower level.

CardGame Parameter and Event Classes and Applet Version

export CardGameSeed=50; java -ea CardGame -s

unset CardGameSeed

public CardGameParam(String[] args); // args as from main(String[] args)
int  getP();          // returns number of players 
int  getPprime();     // returns number of piles
int  getN();          // returns number of cards initially on a pile
int  getF();          // returns the fairness parameter
bool isSmartPlayer(); // returns if -S was specified in args
long getGameSeed();   // returns a random seed for the game
int  getRandVal(int max); // returns a random number in 0..max-1
int  getC();          // returns the number of kinds of cards

CardGameEvent(CardGameParam cardParam); 
// log respective game actions + their parameters in a consistent format    
void logDeal(int playerId, int cardId);
void logPlace(int pileId, int cardId);
void logPick(int playerId, int pileId, int cardId);
void logPut(int playerId, int pileId, int cardId);
void logWin(int playerId);
void logStart();
void logEnd();
void logOtherEvent(String eventDescription);
// sleep for some random time in 0..SleepFactor-1 ms
void sleepEvents();

Hints

• A way to get started is to study and play with the DEALER process in Dealer.lts. Observe its alphabet and run it watching the LTS (you may need to use full screen mode as even this system is pushing the limit of the size where an LTS can be visualized).
• Suggest that you start coding your FSP model from the simplest possible situation: the simple system, with C=2 Check it in the LTSA tool to see if it does what you expect and run it by your tutor (or lecturer) if you are not sure.
• When there are more than 1 piles, the pick and put actions need to include a pile id, from the point of view of the player. From the point of view of the pile, it may be useful to immediately include a player id. When you compose them, an appropriate action renaming can be used to make these actions identical.
• As you develop each FSP primitive process or composition, check its alphabet, and run it to ensure that it is doing what you intended. When checking the alphabet, unfortunately the tool does not `pretty-print' the action sub-sets; you may need to cut-and-paste the output and hand format it in an editor to see what is going on. Possibly inspecting its LTS will be useful, depending on how big it is.
• When checking the process for the player, it might be useful for debugging to temporarily add a showhand[1..C][1..C] action to effectively display the cards currently being held (i.e. if holding cards 1 and 2, only showhand.1.2 action will be available).
• Also compose your processes two at a time and check similarly. Is the composition what you expected? When there are multiple parallel processes in the program, there is a pane along the tool bar to specify the Target Composition for Run. If you are not careful with your composition, you can actually generate so many states that the tool takes a very long time or `hangs' trying to compose the system!
• Be careful with process indexing. For example:

  P = P[0],
  P[x:1..4] = in[v:1..4] -> P[v].
  

  generates a process that immediately goes to the ERROR state!
• When renaming indexed events, if you wish to preverve the value of the index, use { a[x:1..N] / b[x] }; the expression { a[1..N] / b[1..N] } does not. It seems that action renaming will be necessary in composing this system, particularly if you are using indexed action prefixing for your players and piles. However, if you use fixed prefixing (there are after all only 2 players), i.e. a:PLAYER || b:PLAYER, then it will be possible to compose the system with a minimal use of renaming.
• An internal monitor invariant checking method will also be convenient for printing out monitor state upon each call for debugging.
• Your monitor may assume that the calling threads produce their respective actions in the required order (i.e. it does not need to check this).
• For the progress property, it should be sufficient to merely use the piles length for the respective processes' state.
• While this system resembles the Dining Philosophers problem, it seems necessary to have all the piles in a single monitor. For example, only the system as a whole will be able to determine which piles are available for pick actions, and which are available for put actions. The player threads on their own will not be able to determine this, and so should be implemented as being able to accept any available pile, rather than choosing a particular pile and waiting for it to become available.
• Condition synchronization is probably only needed for implementing the start and end, unless you are doing the Extended Level. For the Intermediate model, the when actions for the pile process translate to the selection for availability of the piles, this occurs inside the monitor's implementation of the respective action.