% =================================================================
:- pred constr(bool).    
:- mode constr(in).
:- ignore constr/1. 
% =================================================================
% Program
:- pred quicksort(list(int),list(int)).
:- mode quicksort(in,out).

quicksort([H], [H,K]). %error: [H,K] --> [H]
quicksort([], []).
quicksort([X | Xs], ResL) :-
	partition(X, Xs, Smalls, Bigs),   % partition of the tail Xs 
	quicksort(Smalls, Ls),            % with respect to the pivot X.
	quicksort(Bigs, Bs),              % X is NOT in Xs.
  concat4(Ls,X,Bs,ResL).

:- pred partition(int,list(int),list(int),list(int)).
:- mode partition(in,in,out,out).
partition(X, [], [], []).
partition(X, [Y | Ys], [Y | Ls], Bs) :- 
      	constr( (X>Y) ),    
      	partition(X, Ys, Ls, Bs).
partition(X, [Y | Xs], Ls, [Y | Bs]) :-  
				constr( (X=<Y)  ),   
  			partition(X, Xs, Ls, Bs).
  			
:- pred concat4(list(int),int,list(int),list(int)).
:- mode concat4(in,in,in,out).
concat4([],Y,Ys,[Y|Ys]).
concat4([X|Xs],Y,Ys,[X|Zs]) :-
	concat4(Xs,Y,Ys,Zs).

% =================================================================
% catamorphism
:- pred listMax(list(int),bool,int).
:- mode listMax(in,out,out).
:- cata listMax/3-1.

listMax([],IsDef,A) :- constr( ((~IsDef) & (A=0)) ).
listMax([H|T],IsDef,Max) :-
         constr( IsDef & (Max = ite(IsDefT, ite(H>MaxT,H,MaxT), H )) ),
         listMax(T,IsDefT,MaxT).

% =================================================================
% Verification.
% Property:
:- pred ff1.
ff1 :-
   constr(~( (IsDefL = IsDefS) & (IsDefL => (MaxL=MaxS)) )),
   listMax(L,IsDefL,MaxL), listMax(S,IsDefS,MaxS),
   quicksort(L,S).

%:- pred ff2.
%ff2 :-
%   constr( ~(((((    IsDefS &  IsDefB )  => (  IsDefL & ( MLs=Max ) )) &
%                 ((  IsDefS & ~IsDefB )  => (  IsDefL & ( MLs=MSmalls ) ))) &
%                 (( ~IsDefS &  IsDefB )  => (  IsDefL & ( MLs=MBigs ) ))) &
%                 (( ~IsDefS & ~IsDefB )  =  ( ~IsDefL ))
%              ) ),
%   listMax(Smalls,IsDefS,MSmalls), listMax(Bigs,IsDefB,MBigs), listMax(Ls,IsDefL,MLs),
%   constr( Max = ite(MSmalls>MBigs,MSmalls,MBigs) ), % max(MSmalls,MBigs,Max),
%   partition(X,Ls,Smalls,Bigs).
%
%:- pred ff3.
%ff3 :-
%   constr( ~( ((((  IsDefXs &  IsDefYs )  => ( IsDefZs & ( MaxZs=Max3 ) )) &
%               ((   IsDefXs & ~IsDefYs )  => ( IsDefZs & 
%                                                ( MaxZs=ite(MaxXs>Y,MaxXs,Y) ) ))) &
%               ((  ~IsDefXs &  IsDefYs )  => ( IsDefZs & 
%                                                ( MaxZs=ite(MaxYs>Y,MaxYs,Y) ) ))) &
%               ((  ~IsDefXs & ~IsDefYs )  => ( IsDefZs & ( MaxZs=Y )))
%              ) ),
%   listMax(Xs,IsDefXs,MaxXs), listMax(Ys,IsDefYs,MaxYs),
%   listMax(Zs,IsDefZs,MaxZs), 
%   constr( Max2=ite(MaxXs>MaxYs,MaxXs,MaxYs) & Max3=ite(Max2>Y,Max2,Y) ), 
%   concat4(Xs,Y,Ys,Zs).

% =================================================================
:- query ff1/0.
%:- query ff2/0.
%:- query ff3/0.
% =================================================================

%  Catamorphic abstraction

:- cata_abs list(int) ==> listMax(Xs,IsDefXs,MaxXs).

% =================================================================