This article contains the theoretical foundations of LPTP, a logic program theorem prover that has been implemented in Prolog by the author. LPTP is an interactive theorem prover in which one can prove correctness properties of pure Prolog programs that contain negation and built-in predicates like is/2 and call/n + 1. The largest example program that has been verified using LPTP is 635 lines long including its specification. The full formal correctness proof is 13128 lines long (133 pages). The formal theory underlying LPTP is the inductive extension of pure Prolog programs. This is a first-order theory that contains induction principles corresponding to the definition of the predicates in the program plus appropriate axioms for built-in predicates. The inductive extension allows to express modes and types of predicates. These can then be used to prove termination and correctness properties of programs. The main result of this article is that the inductive extension is an adequate axiomatization of the operational semantics of pure Prolog with built-in predicates. Keywords: Verification of logic programs; pure Prolog; left-termination; induction. 1

The five lectures at Marktoberdorf on which these notes are based were about the architecture of problem solving environments which use theorem provers. Experience with these systems over the past two decades has shown that the prover must be extensible, yet it must be kept safe. We examine a way to safely add new decision procedures to the Nuprl prover. It relies on a reflection mechanism and is applicable to any tactic-oriented prover with sufficient reflection. The lectures explain reflection in the setting of constructive type theory, the core logic of Nuprl.

Applicative theories form the basis of Feferman's systems of explicit mathematics, which have been introduced in the early seventies. In an applicative universe, all individuals may be thought of as operations, which can freely be applied to each other: self-application is meaningful, but not necessarily total. It has turned out that theories with self-application provide a natural setting for studying notions of abstract computability, especially from a proof-theoretic perspective.

Constructive type theory as conceived by Per Martin-Löf has a very rich type system, but partial functions cannot be typed. This also makes it impossible to directly write recursive programs. In this paper a constructive type theory Red is defined which includes a partial type constructor A; objects in the type A may diverge, but if they converge, they must be members of A. A fixed point typing principle is given to allow typing of recursive functions. The extraction paradigm of type theory, whereby programs are automatically extracted from constructive proofs, is extended to allow extraction of fixed points. There is a Scott fixed point induction principle for reasoning about these functions. Soundness of the theory is proven. Type theory becomes a more expressive programming logic as a result.

In this paper we study the relationships between logic programming and functional programming, trying to answer the following basic question: to what extent is logic programming just functional programming in disguise? We develop a theory to formally express this correspondence, and exhibit a class that can by right be considered as the functional core of logic programming. Moreover, since the functional meaning of each program in this class is provided constructively, via a transformation from logic to functional programs, we show how the obtained theoretical results are useful also in the study of languages integration, termination issues, and practical implementations. 1 Introduction During the recent years, a huge amount of effort was devoted to integrating the two paradigms of functional programming and logic programming, and to develop languages combining them (see for instance [12]). However, much less attention was devoted to the basic problem of studying what are the intimat...

In this paper a hybrid type theory HTT is defined which combines the programming language notion of partial type with the logical notion of total type into a single theory. A new partial type constructor A is added to the type theory: objects in A may diverge, but if they converge, they must be members of A. A fixed point typing rule is given to allow for typing of fixed points. The underlying theory is based on ideas from Feferman's Class Theory and Martin Lof's Intuitionistic Type Theory. The extraction paradigm of constructive type theory is extended to allow direct extraction of arbitrary fixed points. Important features of general programming logics such as LCF are preserved, including the typing of all partial functions, a partial ordering ! ¸ on computations, and a fixed point induction principle. The resulting theory is thus intended as a general-purpose programming logic. Rules are presented and soundness of the theory established. Keywords: Constructive Type Theory, Logics...

In this paper we present a recursion-theoretic denotational semantics for Featherweight Java. Our interpretation is based on a formalization of the object model of Castagna, Ghelli and Longo in a predicative theory of types and names. Although this theory is prooftheoretically weak, it allows to prove many properties of programs written in Featherweight Java. This underpins Feferman's thesis that impredicative assumptions are not needed for computational practice.

Every "practical" programming language supplies the programmer with at least one nonstrict construct, such as the ALGOL60 arithmetic `ifthen -else' and the LISP `cond'. Many programming languages also enable the user to define nonstrict functions. In some languages, this is accomplished through the lazy evaluation of procedure parameters, as realized, for example, by the call-by-name devices of ALGOL60 and SIMULA67 and the call-by-need mechanism of Haskell. In other languages, such as Common LISP, a macro definition facility can serve a similar purpose. Programming languages that provide a mechanism for the user to define nonstrict functions are nonstrict languages, and we call the natural underlying logic of these languages nonstrict positive free logic. In this paper, we present the definition theory of nonstrict positive free logic. Suitable transformations of sentences in standard logic into sentences in nonstrict positive free logic preserve many properties of definitions in stand...

The system EMU of explicit mathematics incorporates the uniform construction of universes. In this paper we give a proof-theoretic treatment of EMU and show that it corresponds to transfinite hierarchies of fixed points of positive arithmetic operators, where the length of these fixed point hierarchies is bounded by # 0 . 1 Introduction Metapredicativity is a new general term in proof theory which describes the analysis and study of formal systems whose proof-theoretic strength is beyond the Feferman-Schutte ordinal # 0 but which are nevertheless amenable to purely predicative methods. Typical examples of formal systems which are apt for scaling the initial part of metapredicativity are the transfinitely iterated fixed point theories # ID # whose detailed proof-theoretic analysis is given by Jager, Kahle, Setzer and Strahm in [18]. In this paper we assume familiarity with [18]. For natural extensions of Friedman's ATR that can be measured against transfinitely iterated fixed point ...

. We present the theoretical foundations of LPTP, a logic program theorem prover implemented in Prolog by the author. LPTP is an interactive theorem prover in which one can prove termination and correctness properties of pure Prolog programs that contain negation and built-in predicates like is/2 and call/n. The largest program that has been verified using LPTP is 635 lines long including its specification. The full formal correctness proof is 13128 lines long (133 pages). The formal theory underlying LPTP is the inductive extension of pure Prolog programs. This is a first-order theory that contains induction principles corresponding to the definition of the predicates in the program plus appropriate axioms for built-in predicates. 1