Lecture 2026/02/26

Amortized Analysis, Tampering + forgery

void add (struct sequence *s, int i, int e){
if (s->size==s->cap){
s->array = realloc(s->array,___) 
}
}

realloc

increases block of memory to a new size.
if necessary, allocates a new larger block + frees old block w/ data copied over.
How big is to make new array?

naive:

One larger each time it is TO FALL.
Considering adding k-elements to the end to the end of the sequence when it is already full (size n )
(n+1)+(n+2)+(n+3)+....
⇒ O(n) time to add elts to the sequence every time.

Fix: Doubling strategy + use amortized analysis.

when the array is filled, double its size.

most calls will be cheap

If an array has cap k and is empty:

k inserts at a cost of 1 each ( k steps taken)
1 insert costs k+1 - cap now 2k ( k+1 steps taken )
k-1 inserts at a cost of 1 each ( k-1 steps taken )
1 insert costs 2k+1 - cap now 4k (2k+1 steps taken.
2k-1 inserts cost 1 each ( 2k-1 steps )
1 insert costs 4k+1 - cap now 8k ( 4k+1 steps )

...

` $2^{j-1}$ k` inserts cost 1 each ( ` $2^{j-1}$ k-1` steps )
1 insert costs 2^j k - cap now 2^{j+1}+1 steps.
Sum the inserts vs. sum of steps.
k + 1 + k-1 + 1 + 2k -1 +1 + ... + (2^{j-1}k-1)+1
k + 1 + k + 2k + ... + 2^{j-1}k
K+1 + k ( 1 + 2 + ... + 2^{j-1});
k+ 1 + k ( 2^{j}-1)
k+1 + k2^{j}-k
k2^{j}+1

total steps

k + k +1 + k-1 + 2k+1 + 2k-1 + 4k+1 + ... + 2^{j-1}k -1 + 2^{j}k +1
k + 2k + ... + 2^{j}k + 2^{j}k+ 1
k ( 1 + 2 + ... + 2^{j}) + 2^jk + 1
k(2^{j+1}-1) + 2^{j}k+1
2k2^{j} - k + 2^{j}k + 1
3(2^{j}k + 1 -k)

number of steps per insertion:

$\frac{3\cdot 2^jk-k+1}{2^{j}k+1}$
$\lim_{j\rightarrow \infty} (\frac{3\cdot 2^jk-k+1}{2^{j}k+1})$
$3$

Thus a constant number of steps (O(1)) # steps PER insertion when

taken over entire sequence of operations.

void increaseCap(struct Sequence *s){
if(s->size == s->cap){
s->array = realloc(s->array, 2* s-> cap * sizeof(int));
//WLOG
s->cap = 2* s->cap;
}
}

void add(struct Sequence *s, int e){
if(s->cap== s->size){
increaseCap(s);
...
}
s->array[s->size]=e;
s->cap ++;
}

Note, people who use your Sequence ADT may not be using it correctly.

Defensive Programming

tampering + forgery of ADTs

e.g.

#include "sequence.h"
int main(){
struct Sequence S = emptySeq();
s.size()= 8;
//these lie because they implicitly LIE 
// they are modifying the fields of the program/adt in a way that you don't expect.
// or they define their own sequence t, and setting the fields themselves.
// this is called tampering
}
struct Sequence t;
t.size = 10;
t.cap = 20;
//this is an example of forgery — creating an instance of the sequence adt without using the 
//assigned functions of the sequence adt.
// hence the implementation and initalization process could be incorrect.
}

So the question becomes how to prevent?

Leave the Sequence Definition, OUT of the header file, so people can't define it.
- In header file, just forward declare struct first.

Sequence.h

struct SeqUENCE;
Sequence emptySeq();
int size(Sequence s));
void add (Sequence *s, int e);
void remove (Sequence *S
...

sequence.c

Since the structure definition is out of the header file, the program will not know that the Sequence ADT has these different fields, size, cap, etc..., hence will throw an error to those trying to tamper/forge.

sort of why you have to leave information out of header-files

Unfortunately:

Now prevents the "good" users from using the Sequence ADT.

int main(){
struct Sequence s = emptySeq();
//produces an error - main doesn't know how much stack-space to reserve for S.
// in order to create a Sequence on stackframe, must know explicitly how 
// large the Sequence is to allocate the sufficient amount of Fmemory.
}

Fix:

prevent tampering + forgery, while allowing regular use:
- always going to use Sequence *s, instead of sequences.
- since we know pointers are all the same size.

sequence.h modified

struct Seq Impl;
typedef Struct Seq Impl* Sequence;
//Sequence is just the short-hand for struct Seq Impl*
//operations
Sequence emptySeq();
void(add Sequence s, int i, int e );

sequence.c

//implement the operations using sequence
struct SeqImpl{
int cap, size,*array;
}

main.c

//now when someone tries to tamper/forge sequence.h, they cannot, since we 
// did not give them the full definition fo sequence.
// and only working with pnters toof the struccture so mplementation is right?
##include "sequence.h"
int main(){
sequence s = emptySeq();
}

What are the increasesCap helper, can we prevent main.c from using it, since it isn't an ADT operation?

Leave the increaseCap declaration out of Sequence.h, then main.C would not be able to call it.

Unfortunately, this doesn't prevent a client from making their OWN declarations

e.g. making their own declarations of increaseCap.

#include "sequence.h"
void increaseCap(Sequence s);
int main(){
Sequence s = emptySeq();
increaseCap(s);
}

Sequence.c ; to prevent other files from calling increase CAp

static void increaseCap(Sequence s);
// prevents other people from using it and so it truly exists in one file.
// but globally exists?

Design our ADT, practice of increasing arrays/double array, how to structure files with ADTs, how to keep implementations secret, and talked about void statics.

cut-off for midterm.

More ADT practice - Racket - Mutable maps/dictionaries.

make-map:
- no params
- precondition: true

PreviousLecture 2026-2-24 NextTutorial 02/25

Last updated 2 days ago