% ================================================================= :- pred constr(bool). :- mode constr(in). :- ignore constr/1. % =========================================================== %Program :- pred revacc(list(int),list(int)). :- mode revacc(in,out). revacc(L,R) :- reva(L,EL,R), emptylist(EL). :- pred reva(list(int),list(int),list(int)). % reva([1,2], [7,9,8], F). F=[2,1, 7,9,8]. :- mode reva(in,in,out). % the accumulator remains "as is" at the right end % of the reversed list. reva([],A,A). reva([H|T],A,R) :- cons(H,A,HA), reva(T,HA,R). :- pred emptylist(list(int)). :- mode emptylist(in). emptylist([]). :- pred cons(int,list(int),list(int)). :- mode cons(in,in,out). cons(H,T,[H|T]). % =========================================================== % Catamorphisms %----- listsum --- sum of integers in nodes of the given list. :- pred listsum(list(int),int). :- mode listsum(in,out). :- cata listsum/2-1. listsum([],S) :- S=0. listsum([H|T],S) :- S=(H+ST), listsum(T,ST). % =========================================================== % Property to verify :- pred ff1. ff1 :- constr( ~( (LS=RS) ) ), listsum(L,LS), listsum(R,RS), revacc(L,R). % contracts (postcondition: true) :- spec reva(L,Acc,RL) ==> listsum(L,SL), listsum(Acc,SAcc), listsum(RL,SRL). :- spec emptylist(L) ==> listsum(L,SL). :- spec cons(H,T,HT) ==> listsum(T,ST), listsum(HT,SHT). % =========================================================== :- query ff1/0. % ===========================================================