Imports

CLRS Section 18.2 - B-tree insertion

This first-pass section gives specification-level split and insertion wrappers over the mathematical B-tree model from Section 18.1. The goal is a stable public theorem surface before introducing full node occupancy and separator repair proofs.

Main results:

  • Theorem BTree.splitChild_preserves_model: the first-pass split wrapper preserves validity and membership.

  • Theorem BTree.splitChild_valid: the first-pass split wrapper preserves validity.

  • Theorem BTree.splitChild_mem_iff: membership after the first-pass split wrapper is unchanged.

  • Theorem BTree.splitChild_not_mem_iff: failed membership is also unchanged after the first-pass split wrapper.

  • Theorem BTree.splitChild_not_mem_old: old absent keys remain absent after the first-pass split wrapper.

  • Theorem BTree.splitChild_search_iff: searching after the first-pass split wrapper is equivalent to searching before it.

  • Theorem BTree.splitChild_search_false_iff: unsuccessful search is also preserved by the first-pass split wrapper.

  • Theorem BTree.splitChild_search_false_old: old unsuccessful searches remain unsuccessful after the first-pass split wrapper.

  • Theorems BTree.splitChild_mem_old and BTree.splitChild_search_old: old members and searchable keys remain so after the first-pass split wrapper.

  • Theorems BTree.splitChild_search_of_mem and BTree.splitChild_search_false_of_not_mem: old membership and absence give direct post-split successful and failed searches.

  • Theorem BTree.insert_preserves_model: specification insertion preserves the first-pass validity predicate.

  • Theorem BTree.insert_valid: direct validity-preservation wrapper for specification insertion.

  • Theorem BTree.insert_mem_iff: insertion adds exactly the inserted key to the membership specification.

  • Theorem BTree.insert_search_iff: searching after insertion succeeds exactly for the inserted key or an old searchable key.

  • Theorem BTree.insert_search_false_iff: searching after insertion fails exactly for keys different from the inserted key that failed before.

  • Theorem BTree.insert_search_false_of_ne: old failed searches for keys different from the inserted key remain failed after insertion.

  • Theorem BTree.insert_not_mem_iff: membership after insertion fails exactly for keys different from the inserted key that were absent before.

  • Theorem BTree.insert_not_mem_of_ne: old absent keys different from the inserted key remain absent after insertion.

  • Theorems BTree.insert_mem_self and BTree.insert_search_self: the inserted key is present and searchable after insertion.

  • Theorem BTree.insert_search_of_eq: any query key equal to the inserted key is searchable after insertion.

  • Theorems BTree.insert_mem_old and BTree.insert_search_old: old members and searchable keys remain so after insertion.

  • Theorems BTree.insert_search_of_mem and BTree.insert_search_false_of_not_mem_ne: old membership and absent noninserted keys give direct post-insertion search results.

Current gaps:

  • This is not yet the full CLRS in-node split and insert-nonfull proof. It is a specification layer that fixes the public theorem names and membership behavior for the later structural refinement.

namespace CLRSnamespace Chapter18namespace BTree

First-pass split-child wrapper. Structural split refinement is future work.

def splitChild (t : BTree) : BTree := t

Membership after the first-pass split wrapper is unchanged.

theorem splitChild_mem_iff (x : Nat) (t : BTree) : mem x (splitChild t) <-> mem x t :=

Old keys remain present after the first-pass split wrapper.

Failed membership after the first-pass split wrapper is unchanged.

Old absent keys remain absent after the first-pass split wrapper.

The first-pass split wrapper preserves validity and membership.

theorem splitChild_preserves_model {minDegree : Nat} {t : BTree} (hvalid : Valid minDegree t) : Valid minDegree (splitChild t) forall x, mem x (splitChild t) <-> mem x t := exact hvalid, ;

The first-pass split wrapper preserves validity.

theorem splitChild_valid {minDegree : Nat} {t : BTree} (hvalid : Valid minDegree t) : Valid minDegree (splitChild t) :=

Searching after the first-pass split wrapper is unchanged.

Old searchable keys remain searchable after the first-pass split wrapper.

Old members are directly searchable after the first-pass split wrapper.

theorem splitChild_search_of_mem {minDegree x : Nat} {t : BTree} (hvalid : Valid minDegree t) (hx : mem x t) : search x (splitChild t) = true :=

Unsuccessful search is preserved by the first-pass split wrapper.

Old unsuccessful searches remain unsuccessful after the first-pass split wrapper.

Old absent keys directly remain failed searches after the first-pass split wrapper.

theorem splitChild_search_false_of_not_mem {minDegree x : Nat} {t : BTree} (hvalid : Valid minDegree t) (hx : ¬ mem x t) : search x (splitChild t) = false :=

Specification-level B-tree insertion: add the key at a fresh root.

def insert (x : Nat) (t : BTree) : BTree := node (x :: keysOf t) []

Specification insertion preserves the first-pass validity predicate.

theorem insert_preserves_model {minDegree x : Nat} {t : BTree} (hvalid : Valid minDegree t) : Valid minDegree (insert x t) :=

Specification insertion preserves validity under the direct operation name.

theorem insert_valid {minDegree x : Nat} {t : BTree} (hvalid : Valid minDegree t) : Valid minDegree (insert x t) :=

Specification insertion adds exactly the inserted key to membership.

theorem insert_mem_iff (x y : Nat) (t : BTree) : mem y (insert x t) <-> y = x mem y t :=

The inserted key is present after specification insertion.

Old keys remain present after specification insertion.

Membership after insertion fails exactly for noninserted keys absent before insertion.

cases hmem with

Old absent keys different from the inserted key remain absent after insertion.

Searching after insertion succeeds exactly for the new key or an old key.

Searching for the inserted key succeeds after specification insertion.

Any key equal to the inserted key is searchable after specification insertion.

Old searchable keys remain searchable after specification insertion.

Old members are directly searchable after specification insertion.

theorem insert_search_of_mem {minDegree x y : Nat} {t : BTree} (hvalid : Valid minDegree t) (hy : mem y t) : search y (insert x t) = true :=

Searching after insertion fails exactly for noninserted keys that failed before.

Old failed searches for keys different from the inserted key remain failed.

Old absent keys different from the inserted key are directly failed searches after insertion.

theorem insert_search_false_of_not_mem_ne {minDegree x y : Nat} {t : BTree} (hvalid : Valid minDegree t) (hxy : y x) (hy : ¬ mem y t) : search y (insert x t) = false :=
end BTreeend Chapter18end CLRS