% =================================================================
:- pred constr(bool).
:- mode constr(in).
:- ignore constr/1.
% =================================================================
% Program. 
% Delete all multiple copies on lists leaving one copy only.
:- pred list_deletecopies(list(int),list(int)).
:- mode list_deletecopies(in,out).

list_deletecopies([],[]).
list_deletecopies([X],[X]). 
list_deletecopies([X,X|T], ResT) :- cons(X,T,XT), list_deletecopies(XT,ResT).
list_deletecopies([X,Y|T], [X|ResT]) :- constr(~(X=Y)), cons(Y,T,YT),
      list_deletecopies(YT,ResT1), deleteall(X,ResT1,ResT).

% all elements X are deleted from a list, producing a new list.
:- pred deleteall(int,list(int),list(int)).
:- mode deleteall(in,in,out).

deleteall(X,[],[]).
deleteall(X,[X|T],Res) :- deleteall(X,T,Res).
deleteall(X,[H|T],[H|ResT]) :- constr(~(X=H)), deleteall(X,T,ResT).

:- pred cons(int,list(int),list(int)).
:- mode cons(in,in,out).
cons(H,T,[H|T]).

% =================================================================
% catamorphism
:- pred listsum(list(int),int).
:- mode listsum(in,out).
:- cata listsum/2-1.

listsum([],S) :- S=0.
listsum([H|T],S) :-
  S=(H+ST),
  listsum(T,ST).
  
:- pred allpos(list(int),bool).
:- mode allpos(in,out).
:- cata allpos/2-1.

allpos([],S) :- constr(S).
allpos([H|T],S) :-
  constr(S = (ST &(H>0))),
  allpos(T,ST).

% =================================================================
% Verification.
% Property:
:- pred ff1.
ff1 :- 
     constr(~(PL => (SL >= SS) )), 
     allpos(L,PL), allpos(S,PS),
     listsum(L,SL), listsum(S,SS),  
     list_deletecopies(L,S).

:- spec deleteall(X,L,L1) ==>  allpos(L,PL), allpos(L1,PL1), 
                    listsum(L,LS), listsum(L1,L1S) => constr(true).

:- spec cons(H,T,HT) ==> allpos(T,PT), allpos(HT,PHT),
                   listsum(T,TS), listsum(HT,HTS) => constr(true).

% =================================================================
:- query ff1/0.
% =================================================================