| author | wenzelm |
| Sun, 19 Feb 2023 13:43:38 +0100 | |
| changeset 77300 | 57467fdd507d |
| parent 76987 | 4c275405faae |
| permissions | -rw-r--r-- |
|
71925
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
1 |
(* Title: HOL/Examples/Cantor.thy |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
2 |
Author: Makarius |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
3 |
*) |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
4 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
5 |
section \<open>Cantor's Theorem\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
6 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
7 |
theory Cantor |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
8 |
imports Main |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
9 |
begin |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
10 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
11 |
subsection \<open>Mathematical statement and proof\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
12 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
13 |
text \<open> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
14 |
Cantor's Theorem states that there is no surjection from |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
15 |
a set to its powerset. The proof works by diagonalization. E.g.\ see |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
16 |
\<^item> \<^url>\<open>http://mathworld.wolfram.com/CantorDiagonalMethod.html\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
17 |
\<^item> \<^url>\<open>https://en.wikipedia.org/wiki/Cantor's_diagonal_argument\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
18 |
\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
19 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
20 |
theorem Cantor: "\<nexists>f :: 'a \<Rightarrow> 'a set. \<forall>A. \<exists>x. A = f x" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
21 |
proof |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
22 |
assume "\<exists>f :: 'a \<Rightarrow> 'a set. \<forall>A. \<exists>x. A = f x" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
23 |
then obtain f :: "'a \<Rightarrow> 'a set" where *: "\<forall>A. \<exists>x. A = f x" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
24 |
let ?D = "{x. x \<notin> f x}"
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
25 |
from * obtain a where "?D = f a" by blast |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
26 |
moreover have "a \<in> ?D \<longleftrightarrow> a \<notin> f a" by blast |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
27 |
ultimately show False by blast |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
28 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
29 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
30 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
31 |
subsection \<open>Automated proofs\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
32 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
33 |
text \<open> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
34 |
These automated proofs are much shorter, but lack information why and how it |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
35 |
works. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
36 |
\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
37 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
38 |
theorem "\<nexists>f :: 'a \<Rightarrow> 'a set. \<forall>A. \<exists>x. f x = A" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
39 |
by best |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
40 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
41 |
theorem "\<nexists>f :: 'a \<Rightarrow> 'a set. \<forall>A. \<exists>x. f x = A" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
42 |
by force |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
43 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
44 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
45 |
subsection \<open>Elementary version in higher-order predicate logic\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
46 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
47 |
text \<open> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
48 |
The subsequent formulation bypasses set notation of HOL; it uses elementary |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
49 |
\<open>\<lambda>\<close>-calculus and predicate logic, with standard introduction and elimination |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
50 |
rules. This also shows that the proof does not require classical reasoning. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
51 |
\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
52 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
53 |
lemma iff_contradiction: |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
54 |
assumes *: "\<not> A \<longleftrightarrow> A" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
55 |
shows False |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
56 |
proof (rule notE) |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
57 |
show "\<not> A" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
58 |
proof |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
59 |
assume A |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
60 |
with * have "\<not> A" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
61 |
from this and \<open>A\<close> show False .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
62 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
63 |
with * show A .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
64 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
65 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
66 |
theorem Cantor': "\<nexists>f :: 'a \<Rightarrow> 'a \<Rightarrow> bool. \<forall>A. \<exists>x. A = f x" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
67 |
proof |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
68 |
assume "\<exists>f :: 'a \<Rightarrow> 'a \<Rightarrow> bool. \<forall>A. \<exists>x. A = f x" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
69 |
then obtain f :: "'a \<Rightarrow> 'a \<Rightarrow> bool" where *: "\<forall>A. \<exists>x. A = f x" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
70 |
let ?D = "\<lambda>x. \<not> f x x" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
71 |
from * have "\<exists>x. ?D = f x" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
72 |
then obtain a where "?D = f a" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
73 |
then have "?D a \<longleftrightarrow> f a a" by (rule arg_cong) |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
74 |
then have "\<not> f a a \<longleftrightarrow> f a a" . |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
75 |
then show False by (rule iff_contradiction) |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
76 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
77 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
78 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
79 |
subsection \<open>Classic Isabelle/HOL example\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
80 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
81 |
text \<open> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
82 |
The following treatment of Cantor's Theorem follows the classic example from |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
83 |
the early 1990s, e.g.\ see the file \<^verbatim>\<open>92/HOL/ex/set.ML\<close> in |
| 76987 | 84 |
Isabelle92 or \<^cite>\<open>\<open>\S18.7\<close> in "paulson-isa-book"\<close>. The old tactic scripts |
|
71925
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
85 |
synthesize key information of the proof by refinement of schematic goal |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
86 |
states. In contrast, the Isar proof needs to say explicitly what is proven. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
87 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
88 |
\<^bigskip> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
89 |
Cantor's Theorem states that every set has more subsets than it has |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
90 |
elements. It has become a favourite basic example in pure higher-order logic |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
91 |
since it is so easily expressed: |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
92 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
93 |
@{text [display]
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
94 |
\<open>\<forall>f::\<alpha> \<Rightarrow> \<alpha> \<Rightarrow> bool. \<exists>S::\<alpha> \<Rightarrow> bool. \<forall>x::\<alpha>. f x \<noteq> S\<close>} |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
95 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
96 |
Viewing types as sets, \<open>\<alpha> \<Rightarrow> bool\<close> represents the powerset of \<open>\<alpha>\<close>. This |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
97 |
version of the theorem states that for every function from \<open>\<alpha>\<close> to its |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
98 |
powerset, some subset is outside its range. The Isabelle/Isar proofs below |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
99 |
uses HOL's set theory, with the type \<open>\<alpha> set\<close> and the operator \<open>range :: (\<alpha> \<Rightarrow> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
100 |
\<beta>) \<Rightarrow> \<beta> set\<close>. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
101 |
\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
102 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
103 |
theorem "\<exists>S. S \<notin> range (f :: 'a \<Rightarrow> 'a set)" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
104 |
proof |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
105 |
let ?S = "{x. x \<notin> f x}"
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
106 |
show "?S \<notin> range f" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
107 |
proof |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
108 |
assume "?S \<in> range f" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
109 |
then obtain y where "?S = f y" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
110 |
then show False |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
111 |
proof (rule equalityCE) |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
112 |
assume "y \<in> f y" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
113 |
assume "y \<in> ?S" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
114 |
then have "y \<notin> f y" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
115 |
with \<open>y \<in> f y\<close> show ?thesis by contradiction |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
116 |
next |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
117 |
assume "y \<notin> ?S" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
118 |
assume "y \<notin> f y" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
119 |
then have "y \<in> ?S" .. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
120 |
with \<open>y \<notin> ?S\<close> show ?thesis by contradiction |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
121 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
122 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
123 |
qed |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
124 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
125 |
text \<open> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
126 |
How much creativity is required? As it happens, Isabelle can prove this |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
127 |
theorem automatically using best-first search. Depth-first search would |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
128 |
diverge, but best-first search successfully navigates through the large |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
129 |
search space. The context of Isabelle's classical prover contains rules for |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
130 |
the relevant constructs of HOL's set theory. |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
131 |
\<close> |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
132 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
133 |
theorem "\<exists>S. S \<notin> range (f :: 'a \<Rightarrow> 'a set)" |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
134 |
by best |
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
135 |
|
|
bf085daea304
clarified sessions: "Notable Examples in Isabelle/HOL";
wenzelm
parents:
diff
changeset
|
136 |
end |