The Concurrent Logical Framework, or CLF, is a new logical framework in which concurrent computations can be represented as monadic objects, for which there is an intrinsic notion of concurrency. It is designed as a conservative extension of the linear logical framework LLF with the synchronous connectives# of intuitionistic linear logic, encapsulated in a monad. LLF is itself a conservative extension of LF with the asynchronous connectives -#, & and #.

We present algorithms for unification and antiunification in the Calculus of Constructions, where occurrences of free variables (the variables subject to instantiation) are restricted to higher-order patterns, a notion investigated for the simply-typed -calculus by Miller. Most general unifiers and least common antiinstances are shown to exist and are unique up to a simple equivalence. The unification algorithm is used for logic program execution and type and term reconstruction in the current implementation of Elf and has shown itself to be practical. The main application of the anti-unification algorithm we have in mind is that of proof generalization. 1 Introduction Higher-order logic with an embedded simply-typed - calculus has been used as the basis for a number of theorem provers (for example [1, 19]) and the programming language Prolog [16]. Central to these systems is an implementation of Huet's pre-unification algorithm for the simply-typed -calculus [12] which has shown it...

We present new proofs of cut elimination for intuitionistic, classical, and linear sequent calculi. In all cases the proofs proceed by three nested structural inductions, avoiding the explicit use of multi-sets and termination measures on sequent derivations. This makes them amenable to elegant and concise implementations in Elf, a constraint logic programming language based on the LF logical framework. 1 Introduction Gentzen's sequent calculi [Gen35] for intuitionistic and classical logic have been the central tool in many proof-theoretical investigations and applications of logic in computer science such as logic programming or automated theorem proving. The central property of sequent calculi is cut elimination (Gentzen's Hauptsatz) which yields consistency of the logic as a corollary. The algorithm for cut elimination may be interpreted computationally, similarly to the way normalization for natural deduction may be viewed as functional computation. For the case of linear logic, ...

In computer science we speak of implementing a logic; this is done in a programming language, such as Lisp, called here the implementation language. We also reason about the logic, as in understanding how to search for proofs; these arguments are expressed in the metalanguage and conducted in the metalogic of the object language being implemented. We also reason about the implementation itself, say to know it is correct; this is done in a programming logic. How do all these logics relate? This paper considers that question and more. We show that by taking the view that the metalogic is primary, these other parts are related in standard ways. The metalogic should be suitably rich so that the object logic can be presented as an abstract data type, and it must be suitably computational (or constructive) so that an instance of that type is an implementation. The data type abstractly encodes all that is relevant for metareasoning, i.e., not only the term constructing functions but also the...

We present a variant of Proof-Carrying Code (PCC) in which the trusted inference rules are represented as a higherorder logic program, the proof checker is replaced by a nondeterministic higher-order logic interpreter and the proof by an oracle implemented as a stream of bits that resolve the nondeterministic interpretation choices. In this setting, Proof-Carrying Code allows the receiver of the code the luxury of using nondeterminism in constructing a simple yet powerful checking procedure. This oracle-based variant of PCC is able to adapt quite naturally to situations when the property being checked is simple or there is a fairly directed search procedure for it. As an example, we demonstrate that if PCC is used to verify type safety of assembly language programs compiled from Java source programs, the oracles that are needed are on the average just 12% of the size of the code, which represents an improvement of a factor of 30 over previous syntactic representations of PCC proofs. ...

We consider the problem of mechanically constructing abstract machines from operational semantics, producing intermediate-level specifications of evaluators guaranteed to be correct with respect to the operational semantics. We construct these machines by repeatedly applying correctness-preserving transformations to operational semantics until the resulting specifications have the form of abstract machines. Though not automatable in general, this approach to constructing machine implementations can be mechanized, providing machine-verified correctness proofs. As examples we present the transformation of specifications for both call-by-name and call-by-value evaluation of the untyped λ-calculus into abstract machines that implement such evaluation strategies. We also present extensions to the call-by-value machine for a language containing constructs for recursion, conditionals, concrete data types, and built-in functions. In all cases, the correctness of the derived abstract machines follows from the (generally transparent) correctness of the initial operational semantic specification and the correctness of the transformations applied. 1.

This paper presents a logical framework derived from the Edinburgh Logical Framework (LF) [5] that can be used to obtain compact representations of proofs and efficient proof checkers. These are essential ingredients of any application that manipulates proofs as first-class objects, such as a Proof-Carrying Code [11] system, in which proofs are used to allow the easy validation of properties of safety-critical or untrusted code. Our framework, which we call LF i , inherits from LF the capability to encode various logics in a natural way. In addition, the LF i framework allows proof representations without the high degree of redundancy that is characteristic of LF representations. The missing parts of LF i proof representations can be reconstructed during proof checking by an efficient reconstruction algorithm. We also describe an algorithm that can be used to strip the unnecessary parts of an LF representation of a proof. The experimental data that we gathered in the context of a Proof...

In [6] we have proposed a general higher-order unification method using a theory of explicit substitutions and we have proved its completeness. In this paper, we investigate the case of higher-order patterns as introduced by Miller. We show that our general algorithm specializes in a very convenient way to patterns. We also sketch an efficient implementation of the abstract algorithm and its generalization to constraint simplification, which has yielded good experimental results at the core of a higher-order constraint logic programming language.

This report describes a framework for representing and validating formal proofs in various axiomatic systems. The framework is based on the Edinburgh Logical Framework (LF) but is optimized for minimizing the size of proofs and the complexity of proof validation, by removing redundant representation components. Several variants of representation algorithms are presented with the resulting representations being a factor of 15 smaller than similar LF representations. The validation algorithm is a reconstruction algorithm that runs about 7 times faster than LF typechecking. We present a full proof of correctness of the reconstruction algorithm and hints for the efficient implementation using explicit substitutions. We conclude with a quantitative analysis of the algorithms. This research was sponsored in part by the Advanced Research Projects Agency CSTO under the title "The Fox Project: Advanced Languages for Systems Software," ARPA Order No. C533, issued by ESC/ENS under Contract No. F1...

This paper describes the transformation of lambda-terms from continuation-passing style (CPS) to direct style. This transformation is the left inverse of Plotkin's left-to-right call-by-value CPS encoding for the pure lambda-calculus. Not all -terms are CPS terms, and not all CPS terms encode a left-to-right call-by-value evaluation. These CPS terms are characterized here; they can be mapped back to direct style. In addition, the two transformations -- to continuation-passing style and to direct style -- are factored using a language where all intermediate values are named and their computation is sequentialized. The issue of proper tail-recursion is also addressed.