% ================================================================= :- pred constr(bool). :- mode constr(in). :- ignore constr/1. % ==================================================== % Program. :- pred perm(list(int),list(int)). :- mode perm(in,in). % in,in: perm is not functional perm([],[]). perm([X|Xs],[H|Perm]):- % a permutation cons(X,Xs,XXs), delete(X,XXs,Rest), %error: X --> H perm(Rest,Perm). :- pred delete(int,list(int),list(int)). :- mode delete(in,in,in). % delete is not total delete(X,[Y|T],T) :- constr(X=Y). % Taking X away from [Y|T]. Deleting exactly one copy of X. delete(X,[Y|T],[Y|TD]) :- % The list need not be ordered. Element X need not be the minimum. constr(~(X=Y)), % delete(X,L,LD) succeeds **IFF** X is a member of L. delete(X,T,TD). :- pred cons(int,list(int),list(int)). :- mode cons(in,in,out). cons(H,T,[H|T]). % ==================================================== % catamorphisms %----- listsum --- sum of integers in nodes of the given list. :- pred listsum(list(int),int). :- mode listsum(in,out). :- cata listsum/2-1. listsum([],S) :- S=0. listsum([H|T],S) :- S=(H+ST), listsum(T,ST). % ==================================================== % verification. % Property: :- pred ff1. ff1 :- constr( ~(LS=LPS)), listsum(L,LS), listsum(LP,LPS), perm(L,LP). %% contracts (postcondition: true) % %:- spec delete(H,L,LD) ==> listsum(L,SL), listsum(LD,SLD). % %:- spec cons(H,T,HT) ==> listsum(T,ST), listsum(HT,SHT). % ==================================================== :- query ff1/0. % ==================================================== % Catamorphic abstraction :- cata_abs list(int) ==> listsum(T,ST). % ======================================================