% =================================================================
:- pred constr(bool).    
:- mode constr(in).
:- ignore constr/1.

% =================================================================
% Program
:- pred quicksort(list(int),list(int)).
:- mode quicksort(in,out).
quicksort([], []).
quicksort([X | Xs], ResL) :-
	partition(X, Xs, Smalls, Bigs),   % partition of the tail Xs 
	quicksort(Smalls, Ls),            % with respect to the pivot X.
	quicksort(Bigs, Bs),              % X is NOT in Xs.
  cons(X,Bs,XBs),
	append(Ls, XBs, ResL).

:- pred partition(int,list(int),list(int),list(int)).
:- mode partition(in,in,out,out).
partition(X, [], [], []).
partition(X, [Y | Ys], [Y | Ls], Bs) :- 
      	constr( (X>Y) ),    
      	partition(X, Ys, Ls, Bs).
partition(X, [Y | Xs], Ls, [Y | Bs]) :-  
				constr( (X=<Y)  ),   
  			partition(X, Xs, Ls, Bs).

:- pred append(list(int),list(int),list(int)).
:- mode append(in,in,out).
append([],Y,Y). % :- X=Y.
append([X|Xs],Ys,[X|Zs]) :- append(Xs,Ys,Zs).

:- pred cons(int,list(int),list(int)).
:- mode cons(in,in,out).
cons(H,T,[H|T]).

% =================================================================
% catamorphism
:- pred count(int,list(int),int).
:- mode count(in,in,out).
:- cata count/3-2.

count(X,[],Res) :- constr( Res=0 ).
count(X,[Y|Ys],Res) :- 
    constr( Res=ite(X=Y,ResT+1,ResT) ),
    count(X,Ys,ResT).   

% =================================================================
% Contract on quicksort:
:- spec quicksort(L,S) ==>
       count(X,L,CL), count(X,S,CS) =>
       constr( CL=CS ).

% Contract on partition:    Y is existentially quantified in the premise
:- spec partition(X,Ls,Smalls,Bigs) ==>
        count(Y,Smalls,CSmalls), count(Y,Bigs,CBigs), count(Y,Ls,CLs)  =>
        constr( CLs = (CSmalls+CBigs) ).

% Contract on append:
:- spec append(Xs,Ys,Zs) ==>
        count(X,Xs,NXs), count(X,Ys,NYs), count(X,Zs,NZs)  =>
        constr( NZs = (NXs+NYs) ).

% =================================================================
% verification. 
% Property:
:- pred ff1.
ff1 :- 
   constr(~(CL=CS)), 
   count(X,L,CL), count(X,S,CS),  
   quicksort(L,S).

:- pred ff2.
ff2 :- 
   constr( ~(CLs = (CSmalls+CBigs)) ), 
   count(Y,Smalls,CSmalls), count(Y,Bigs,CBigs), count(Y,Ls,CLs), 
   partition(X,Ls,Smalls,Bigs).

:- pred ff3.
ff3 :- 
   constr( ~(NZs = (NXs+NYs)) ), 
   count(X,Xs,NXs),  count(X,Ys,NYs), count(X,Zs,NZs), 
   append(Xs,Ys,Zs).

% --------------------------------------------------
% NON-CATA predicates: append cons constr partition quicksort