% =================================================================
:- pred constr(bool).
:- mode constr(in).
:- ignore constr/1.
% =================================================================
% Program

% rev(L,R): 
% list R is the reversal of list L
:- pred rev(list(int),list(int)).
:- mode rev(in,out).

rev([],[]).
rev([H|T],R) :-
  rev(T,S),
  snoc(S,H,R).

% snoc(L,X,S): 
% list S is obtained by adding element X at the end of list L
:- pred snoc(list(int),int,list(int)).
:- mode snoc(in,in,out).

snoc([],X,[Y]).  % error: second [Y] --> [X]
snoc([X|Xs],Y,[X|Zs]) :-
  snoc(Xs,Y,Zs).

% =================================================================
% Catamorphisms
% ------ hd(L,IsDef,Hd): IsDef is true iff L is a nonempty list and
% if IsDef=true then Hd is the head of L
:- pred hd(list(int),bool,int).   
:- mode hd(in,out,out).
:- cata hd/3-1.

hd([],IsDef,Hd) :- constr((~IsDef) & Hd=0).   % 0 can be any int.
hd([H|T],IsDef,Hd) :- constr(IsDef & Hd=H). 

% ------ isASorted(L,Res):  
% Res= true iff L is weakly-ascending.
:- pred isASorted(list(int),bool).   
:- mode isASorted(in,out). 
:- cata isASorted/2-1.

isASorted([],Res) :- constr(Res).
isASorted([H|T],Res) :-
    hd(T,IsDefT,HdT), 
    isASorted(T,ResT),
    constr(Res = (IsDefT => (H=<HdT & ResT))).
    
% ------ isDSorted(L,Res): 
% Res= true iff L is weakly-descending.
:- pred isDSorted(list(int),bool).   
:- mode isDSorted(in,out). 
:- cata isDSorted/2-1.

isDSorted([],Res) :- constr(Res).
isDSorted([H|T],Res) :-
    hd(T,IsDefT,HdT), 
    isDSorted(T,ResT),
    constr(Res = (IsDefT => (H>=HdT & ResT))).

% ------ listMax(L,IsDef,Max):  IsDef=true iff L is a nonempty list and
% if IsDef then Max is the maximum element on the list L
:- pred listMax(list(int),bool,int).  
:- mode listMax(in,out,out).  
:- cata listMax/3-1.

listMax([],IsDef,Max) :- constr( (~IsDef) & Max=0 ).    % 0 can be any int.
listMax([H|T],IsDef,Max) :-  
     listMax(T,IsDefT,MaxT),  
     constr( (IsDef & (Max = ite(IsDefT, ite(H>MaxT, H, MaxT), H ) ) ) ).   

% =================================================================
% ------ Verification of contract on rev:  
% If list R is the reverse of list L then 
% L is weakly-ascending iff R is weakly-descending    
% weakly-ascending sequence:  1=<2=<3=<...
% weakly-descending sequence: 9>=8>=7>=...
% negation of constr( BL=BR ) in contract                      
:- pred ff1.
ff1 :-
  constr( ~(BL=BR) ), 
  isDSorted(L,BL),
  rev(L,R),
  isASorted(R,BR).

% ------ Verification of contract on snoc: 
% isASorted over snoc     
:- pred ff2.
ff2 :- 
  constr(BC=(IsDef & ~(BA & X>=Max))),
  snoc(A,X,C),
  isASorted(A,BA), 
  listMax(A,IsDef,Max), 
  isASorted(C,BC). 

% ==========================================================
:- query ff1/0.
:- query ff2/0.
% ==========================================================