% syntax of constr? "," vs "&". & parentheses? NO; boolean vars % which constraints in constr? OUTPUT % mode of constr % goal for lemma? % linear heads? % ================================================================= :- pred constr(bool). :- mode constr(in). :- ignore constr/1. % ================================================================= % Program % rev(L,R): % list R is the reversal of list L :- pred rev(list(int),list(int)). :- mode rev(in,out). rev([X],[]). % rev([X],[]). ---> rev([],[]). rev([H|T],R) :- rev(T,S), snoc(S,H,R). % snoc(L,X,S): % list S is obtained by adding element X at the end of list L :- pred snoc(list(int),int,list(int)). :- mode snoc(in,in,out). snoc([],X,[X]). snoc([X|Xs],Y,[X|Zs]) :- snoc(Xs,Y,Zs). % ================================================================= % Catamorphisms % ------ hd(L,IsDef,Hd): IsDef is true iff L is a nonempty list and % if IsDef=true then Hd is the head of L :- pred hd(list(int),bool,int). :- mode hd(in,out,out). :- cata hd/3-1. hd([],IsDef,Hd) :- constr((~IsDef) & Hd=0). % 0 can be any int. hd([H|T],IsDef,Hd) :- constr(IsDef & Hd=H). % ------ isASorted(L,Res): % Res= true iff L is weakly-ascending. :- pred isASorted(list(int),bool). :- mode isASorted(in,out). :- cata isASorted/2-1. isASorted([],Res) :- constr(Res). isASorted([H|T],Res) :- hd(T,IsDefT,HdT), isASorted(T,ResT), constr(Res = (IsDefT => (H= (H>=HdT & ResT))). % ------ listMax(L,IsDef,Max): IsDef=true iff L is a nonempty list and % if IsDef then Max is the maximum element on the list L :- pred listMax(list(int),bool,int). :- mode listMax(in,out,out). :- cata listMax/3-1. listMax([],IsDef,Max) :- constr( (~IsDef) & Max=0 ). % 0 can be any int. listMax([H|T],IsDef,Max) :- listMax(T,IsDefT,MaxT), constr( (IsDef & (Max = ite(IsDefT, ite(H>MaxT, H, MaxT), H ) ) ) ). % ================================================================= % ------ Verification of contract on rev: :- pred ff1. ff1 :- constr( ~(BL=BR) ), isDSorted(L,BL), isASorted(R,BR), rev(L,R). %% ------ Verification of contract on snoc: %:- pred ff2. %ff2 :- % constr(BC=(IsDef & ~(BA & X>=Max))), % isASorted(A,BA), % listMax(A,IsDef,Max), % isASorted(C,BC), % snoc(A,X,C). % ================================================================= :- query ff1/0. %:- query ff2/0. % ================================================================= % Catamorphic Abstraction :- cata_abs list(int) ==> isASorted(L,B1), isDSorted(L,B2), listMax(L,IsDef,Min). % =================================================================