ing and using (L-unif) we have that any two lambdas that are everywhere undefined are equivalent. The classic example of an everywhere undefined lambda is Bot 4 = x:app(x:app(x; x); x:app(x; x)) In f , another example of an everywhere undefined lambda is the "do-forever" loop. Do 4 = f:Yv(Dox:Do(f(x)) By the recursive definition, for any lambda ' and value v Do(')(v) \Gamma!Ø Do(')('(v)) Reasoning about Functions with Effects 21 In f , either '(v) \Gamma!Ø v 0 for some v 0 or '(v) is undefined. In the latter case the computation is undefined since the redex is undefined. In the former case, the computation reduces to Do(')(v 0 ) and on we go. The argument for undefinedness of Bot relies only on the (app) rule and will be valid in any uniform semantics. In contrast the argument for undefinedness of Do(') relies on the (fred.isdef) property of f . Functional Streams We now illustrate the use of (L-unif-sim) computation to reason about streams represented as functions ...

. In a simply-typed, call-by-value (CBV) language with first-class continuations, the usual CBV fixpoint operator can be defined in terms of a simple, infinitelylooping iteration primitive. We first consider a natural but flawed definition, based on exceptions and "iterative deepening" of finite unfoldings, and point out some of its shortcomings. Then we present the proper construction using full first-class continuations, with both an informal derivation and a proof that the behavior of the defined operator faithfully mimics a "built-in" recursion primitive. In fact, given an additional uniformity assumption, the construction is a two-sided inverse of the usual definition of iteration from recursion. Continuing, we show that the CBV looping primitive is in fact the direct-style equivalent of a continuation-passing-style fixpoint, and that this correspondence extends all the way to traditional definitions of these operators in terms of reflexive types. 1. Introduction 1.1. Background ...

Constructive type theory as conceived by Per Martin-Löf has a very rich type system, but partial functions cannot be typed. This also makes it impossible to directly write recursive programs. In this paper a constructive type theory Red is defined which includes a partial type constructor A; objects in the type A may diverge, but if they converge, they must be members of A. A fixed point typing principle is given to allow typing of recursive functions. The extraction paradigm of type theory, whereby programs are automatically extracted from constructive proofs, is extended to allow extraction of fixed points. There is a Scott fixed point induction principle for reasoning about these functions. Soundness of the theory is proven. Type theory becomes a more expressive programming logic as a result.

We give a canonical program refinement calculus based on the lambda calculus and classical first-order predicate logic, and study its proof theory and semantics. The intention is to construct a metalanguage for refinement in which basic principles of program development can be studied. The idea is that it should be possible to induce a refinement calculus in a generic manner from a programming language and a program logic. For concreteness, we adopt the simply-typed lambda calculus augmented with primitive recursion as a paradigmatic typed functional programming language, and use classical first-order logic as a simple program logic. A key feature is the construction of the refinement calculus in a modular fashion, as the combination of two orthogonal extensions to the underlying programming language (in this case, the simply-typed lambda calculus). The crucial observation is that a refinement calculus is given by extending a programming language to allow indeterminate expressions (or ‘stubs’) involving the construction ‘some program x such that P ’. Factoring this into ‘some x...’

In this paper we describe some of our progress towards an operational implementation of a modern programming logic. The logic is inspired by the variable type systems of Feferman, and is designed for reasoning about imperative functional programs. The logic goes well beyond traditional programming logics, such as Hoare's logic and Dynamic logic in its expressibility, yet is less problematic to encode into higher order logics. The main focus of the paper is too present an axiomatization of the base first order theory. 1 Introduction VTLoE [34, 23, 35, 37, 24] is a logic for reasoning about imperative functional programs, inspired by the variable type systems of Feferman. These systems are two sorted theories of operations and classes initially developed for the formalization of constructive mathematics [12, 13] and later applied to the study of purely functional languages [14, 15]. VTLoE builds upon recent advances in the semantics of languages with effects [16, 19, 28, 32, 33] and go...

We formalize a partial evaluator for Eugenio Moggi's computational metalanguage. This formalization gives an evaluation-order independent view of binding-time analysis and program specialization, including a proper treatment of call unfolding, and enables us to express the essence of "control-based binding-time improvements" for let expressions. Specifically,

We introduce a coinductive logical system à la Gentzen for establishing bisimulation equivalences on circular non-wellfounded regular objects, inspired by work of Coquand, and of Brandt and Henglein. In order to describe circular objects, we utilize a typed language, whose coinductive types involve disjoint sum, cartesian product, and finite powerset constructors. Our system is shown to be complete with respect to a maximal fixed point semantics. It is shown to be complete also with respect to an equivalent final semantics. In this latter semantics, terms are viewed as points of a coalgebra for a suitable endofunctor on the category Set of non-wellfounded sets. Our system subsumes an axiomatization of regular processes, alternative to the classical one given by Milner.

Syntax. Proving properties of programming languages, for example type soundness, can involve enormous amounts of detailed formal reasoning. Theorem provers can be advantageous for this kind of task. Properties like these involve formalizing the abstract syntax of the programming language in the logic of the prover. Conventional formalizations of variablebinding have turned out to be unwieldy in practice, and so there has been a great deal of interest in a higher order representation of syntax [8], where functions in the logic are used to represent binding. It is currently an open problem to find a tractable way to do this that also allows structural induction over abstract syntax. We will investigate using a logic like IOC for this. We will exploit the idea of parametricity and will adapt ideas from, e.g. [4]. Reflection. Reflecting the logic of a theorem prover in itself has appealing applications to automated reasoning. Some of these are outlined in [1], where we describe a useful r...