! ?       !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~                                  ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                    !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~                      !!!!!!!!!!!!!!!!!!!!!!!!!!!""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" " " " " """"""""""""""""""" "!"""#"$"%"&"'"(")"*"+","-"."/"0"1"2"3"4"5"6"7#8#9#:#;#<#=#>#?#@#A#B#C#D#E#F#G#H#I#J#K#L#M#N#O#P#Q#R#S#T#U#V#W#X#Y#Z#[#\#]#^#_#`#a#b#c#d#e#f$g$h$i$j$k$l$m$n$o$p$q$r$s$t$u$v$w$x%y%z%{%|%}%~%%%%%%%%%%%%%%%%%%%&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&''''''((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ((((((((((((((((((( (!("(#($(%(&('((()(*(+(,(-(.(/(0(1(2(3(4(5(6(7(8(9(:(;(<(=(>(?(@(A(B(C(D(E(F(G(H(I(J(K(L(M(N(O(P(Q(R(S(T(U(V(W(X(Y(Z([(\(](^(_(`(a(b(c(d(e(f(g(h(i(j(k(l(m(n(o(p(q(r(s(t(u(v(w(x(y(z({(|(}(~((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ((((((((((((((((((( (!("(#($(%(&('((()(*(+(,(-(.(/(0(1(2(3(4(5(6(7(8(9(:(;(<(=(>(?(@(A(B(C(D(E(F(G(H(I(J(K(L(M(N(O(P(Q(R(S(T(U(V)W)X)Y)Z)[)\)])^)_)`)a)b)c)d)e)f)g)h)i)j)k)l)m)n)o)p)q)r)s)t)u)v)w)x)y)z){)|)})~)))))))))))))))))))********************************************************************++++++++++++++++++++++++,,,,,,,,,,,,,,,,,,,,,,,,,,,, , , , , ,,,,,,,,,,,,,,,,,,, ,!,",#,$,%,&,',(,),*,+,,,-,.,/,0,1,2,3,4,5,6,7,8,9,:,;,<,=,>,?,@,A,B,C,D,E,F,G,H,I,J,K-L-M-N-O-P-Q-R-S-T-U-V-W-X-Y-Z-[-\-]-^-_-`-a-b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r/s/t/u/v/w/x/y/z/{/|/}/~////////////////////////////////////////////////////////////0000000000000000000000000000000000000000000000000000000000000000000000000000000 0 0 0 0 0000000000000000000 0!0"0#0$0%0&0'0(0)0*0+0,0-0.0/000102030405060708090:0;0<0=0>0?0@0A0B0C0D0E0F0G0H0I0J0K0L0M0N0O0P0Q0R0S0T0U0V0W0X0Y0Z0[0\0]0^0_0`0a0b0c0d0e0f0g0h0i0j0k0l0m0n0o0p0q0r0s0t0u0v0w0x0y0z0{0|0}0~0000000000000000000000000000000000000000000000000000000000000000000000000000111122222222222222222223333333333333333333334444444444 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 !4 "4 #4 $4 %4 &4 '4 (4 )4 *4 +4 ,4 -4 .4 /4 04 14 24 34 44 54 64 74 84 94 :4 ;4 <4 =4 >4 ?4 @4 A4 B4 C4 D4 E4 F4 G4 H4 I4 J4 K4 L4 M4 N4 O4 P4 Q4 R4 S4 T4 U4 V4 W4 X4 Y4 Z4 [4 \4 ]4 ^4 _4 `4 a4 b4 c4 d4 e4 f4 g4 h4 i4 j4 k4 l4 m4 n4 o4 p4 q4 r4 s4 t4 u4 v4 w4 x4 y4 z4 {4 |4 }4 ~4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 !7 "7 #7 $7 %8 &8 '8 (8 )8 *8 +8 ,8 -8 .8 /8 08 18 28 38 48 58 68 78 88 98 :8 ;8 <8 =8 >8 ?8 @8 A8 B8 C8 D8 E8 F8 G8 H8 I8 J8 K8 L8 M8 N8 O8 P8 Q8 R8 S8 T8 U8 V8 W8 X8 Y8 Z8 [8 \8 ]8 ^8 _8 `8 a8 b8 c8 d8 e8 f8 g8 h8 i8 j8 k8 l8 m8 n8 o8 p9 q9 r9 s9 t9 u9 v9 w9 x9 y9 z9 {9 |9 }9 ~: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : ; ; ; ; ; ; ; ; ; ; ; ; < < < < < < < < < < < < = = = = = = = = = = = = = = = > > > > > > > > > > > > ? ? ? ? ? ?BTesting abstraction layer(c) Galois Inc, 2020BSD3kquick@galois.comNoneEMSX\, what4This is the generator monad for the Verification proxy tests. The inner monad will be the actual test implementation's monadic generator, and the a9 return type is the type returned by running this monad.Tests should only use the 'Gen TYPE' as an output; the constructors and internals should be used only by the test concretization.what4This is the reader environment for the surface level proxy testing monad. This environment will be provided by the actual test code to map these proxy operations to the specific testing implementation. what49Internal data structure to store the two elements to the  assumption operator.what4QA class specifying things that can be verified by constructing a local Property.what4oLocal definition of a Property: intended to be a proxy for a QuickCheck Property or a Hedgehog Property. The f implementation function converts from these proxy Properties to the native Property implementation.Tests should only use the d type as an output; the constructors and internals should be used only by the test concretization.what42Used by testing code to assert a boolean property.what4The named form of the  assumption operatorwhat4The assumption operator that performs the property test (second element) only when the first argument is true (the assumption guard for the test). This is the analog to the corresponding QuickCheck ==> operator.what4+A test generator that returns True or Falsewhat4!A test generator that returns an  1 value between the specified (inclusive) bounds.what4!A test generator that returns an  1 value between the specified (inclusive) bounds.what4VA test generator that returns the current shrink size of the generator functionality.what4XThis function should be called by the testing code to convert the proxy tests in this module into the native tests (e.g. QuickCheck or Hedgehog). This function is provided with the mapping environment between the proxy tests here and the native equivalents, and a local Generator monad expression, returning a native Generator equivalent.   09This module exports the types used in solver expressions.(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNone&',-.1=>?@AHUVX\kκ+what4?A runtime representation of a solver interface type. Parameter bt has kind H.:what4 Floating-point precision aliases;what4EThis computes the number of bits occupied by a floating-point format.=what4This data kind describes the types of floating-point formats. This consist of the standard IEEE 754-2008 binary floating point formats.Hwhat4uThis data kind enumerates the Crucible solver interface types, which are types that may be represented symbolically. what4 BaseBoolType denotes Boolean values. what4 BaseNatType denotes a natural number. what4BaseIntegerType denotes an integer. what4 BaseRealType denotes a real number. what4 BaseBVType n denotes a bitvector with n-bits. what4BaseFloatType fpp& denotes a floating-point number with fpp precision. what4BaseStringType) denotes a sequence of Unicode codepoints what4BaseComplexType/ denotes a complex number with real components. what4BaseStructType tps) denotes a sequence of values with types tps. what4BaseArrayType itps rtp$ denotes a function mapping indices itps to values of type rtp.It does not have bounds as one would normally expect from an array in a programming language, but the solver does provide operations for doing pointwise updates. what48-bit characters what416-bit characters what4Unicode code-pointsMwhat4+A Context where all the argument types are  instancesNwhat41Return the type of the indices for an array type.Owhat4(Return the result type of an array type.<what4:: @A -> @A -> =.>what4::   H -> H -> H.?what4::   H -> H.@what4:: H.Awhat4:: H.Bwhat4:: = -> H.Cwhat4::   -> H.Dwhat4:: H.Ewhat4:: H.Fwhat4:: H.Gwhat4:: H.Iwhat4:: L.Jwhat4:: L.Kwhat4:: L.                           ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQ/HGFEDACB@?>LKJI=;<:9876+,-./012345)*%&'(NOPQM Declarations for function names.(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNoneM\2uwhat4qFor our purposes, a function name is just unicode text. Individual languages may want to further restrict names.wwhat4(Name of function for starting simulator.uvwxuvxwNone&'.UV\what4IThis represents a concrete index value, and is used for creating arrays. Trustworthy\ܽwhat4 represents an error condition that should only arise due to a programming error. It will exit the program and print a message asking users to open a ticket.what4&Short name of where the error occured what4(More detailed description of the error 8Descriptions of the "features" that can occur in queries(c) Galois, Inc 2016-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNoneM\what4kAllowed features represents features that the constraint solver will need to support to solve the problem.what45Indicates whether the problem uses linear arithmetic.what49Indicates whether the problem uses non-linear arithmetic.what4=Indicates whether the problem uses computable real functions.what41Indicates the problem contains integer variables.what4.Indicates whether the problem uses bitvectors.what4:Indicates whether the problem needs exists-forall support.what4Has general quantifier support.what43Indicates whether the problem uses symbolic arrays.what4*Indicates whether the problem uses structsHStructs are modeled using constructors in CVC4/Z3, and tuples in Yices.what4*Indicates whether the problem uses strings2Strings have some symbolic support in CVC4 and Z3.what41Indicates whether the problem uses floating-point8Floating-point has some symbolic support in CVC4 and Z3.what4IIndicates if the solver is able and configured to compute UNSAT cores.what4OIndicates if the solver is able and configured to compute UNSAT assumptions.'Datatype for handling program locations(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNone456\%what4=A very small type that contains a function and PC identifier.what4*A value with a source position associated.what48A source position containing filename, line, and column.what4>A binary position containing a filename and address in memory.what4RSome unstructured position information that doesn't fit into the other categories.what4<Generated internally by the simulator, or otherwise unknown.what4 Location for initialization codewhat4Make a program loc "Representation for algebraic reals(c) Galois Inc, 2016-2020BSD3jhendrix@galois.comNone456MX\ Cwhat4A polynomial with one variable. Dwhat49Create a polyomial from a map from powers to coefficient. Ewhat4Parse a positive monomial Fwhat47Parses a monomial and returns the coefficient and power Gwhat4(Evaluate polynomial at a specific value._Note that due to rounding, the result may not be exact when using finite precision arithmetic. Hwhat4)Construct a root from a rational constantwhat4mThis either returns the root exactly, or it computes the closest double precision approximation of the root.Underneath the hood, this uses rational arithmetic to guarantee precision, so this operation is relatively slow. However, it is guaranteed to provide an exact answer.LIf performance is a concern, there are faster algorithms for computing this.what4Convert text to a root None\ dwhat4tRead decimal number, returning rational and rest of string, or a failure message if first character is not a digit.3A decimal number has the form (-)([0..9])+([0..9])+ I ([0.9]'*(?)? Jwhat4 Value so farwhat4 String so far Kwhat4Value to divide next digit by. Safe\what44Read next contiguous sequence of numbers or letters.what4A parser for string literals what4A parser for string literals None =?M\g2what4AThe parsed declarations and definitions returned by "(get-model)"what4A line in the model responsewhat44This denotes an SMTLIB term over a fixed vocabulary.what4 IntTerm v denotes the SMTLIB expression v if v >= 0! and @(- `(negate v)) otherwise.what4 RatTerm r denotes the SMTLIB expression !(/ `(numerator r) `(denomator r)).what4StoreTerm a i v denotes the SMTLIB expression  (store a i v).what4IfEqTerm v c t f denotes the SMTLIB expression (ite (= v c) t f).what4 An SMT sort.what4&A named sort with the given arguments.what4!A bitvector with the given width.what4>floating point with exponent bits followed by significand bit.what4 An SMT symbolwhat4*Result of check-sat and check-sat-assuming Lwhat45Defines common operations for parsing SMTLIB results. Mwhat4Parser for values of this type. Nwhat4Read from a handle. Owhat4-A parser monad that just reads from a handle.tWe use our own parser rather than Attoparsec or some other library so that we can incrementally request characters.We likely could replace this with Attoparsec by assuming that SMTLIB solvers always end their output responses with newlines, or feeding output one character at a time. Pwhat4%Peek ahead to get the next character. Qwhat48Drop characters until we get a non-whitespace character. Rwhat4PDrop whitespace, and if next character matches expected return, otherwise fail. Swhat40Drop whitespace until we reach the given string. Twhat4parseUntilCloseParen p+ will drop whitespace characters, and run p Uwhat4takeChars' p prev h prepends characters read from h to prev until p, is false, and returns the resulting string. Vwhat4 takeChars p< returns the bytestring formed by reading characters until p is false. Wwhat4Parse a quoted string.what4Read the results of a  (check-sat) request. Xwhat4LThis skips whitespace than reads in the next alphabetic or dash characters. Ywhat49Read in whitespace, and then if next character is a paren Zwhat4.Parse the next characters as a decimal number.+Note. No whitespace may proceed the number. [what4/Parses 'symbol' ( 'sorted_var'* ) 'sort' 'term'what4;This reads the model response from a "(get-model)" request.$$ None &'.27MUV\_ki what4CThis is a subtype of the type of the same name in Data.SBV.Control.what47This represents a command to be sent to the SMT solver.what4'Denotes an expression in the SMT solverwhat4Sort for SMTLIB expressionswhat4?Identifies the set of predefined sorts and operators available.what4Use the QF_BV logicwhat4&Set the logic to all supported logics.what4 Create a sort from a symbol name what4Booleans!what4)Bitvectors with the given number of bits."what4Integers#what4 Real numbers$what4 arraySort a b# denotes the set of functions from a to be b.%what4FConstruct an expression with the given operator and list of arguments.&what4DConstruct an expression with the given operator and single argument.'what4BConstruct an expression with the given operator and two arguments. \what42Construct a chainable term with the given relationchain_app p [x1, x2, ..., xn] is equivalent to p x1 x2  p x2 x3  ... / p x(n-1) xn. ]what4-Build a term for a left-associative operator.(what4;Append a "name" to a term so that it will be printed when (get-assignment) is called.)what4true Boolean term*what4false Boolean term+what4Complement a Boolean,what4 implies c r is equivalent to c1 => c2 => .. cn => r.-what4Conjunction of all terms.what4Disjunction of all terms/what4Disjunction of all terms0what4#Return true if all terms are equal.1what42Construct a chainable term with the givne relation pairwise_app p [x1, x2, ..., xn]+ is equivalent to forall_{i,j} p x_i x_j@.2what4-Asserts that each term in the list is unique.3what4"Create an if-then-else expression.4what4 forall vars t# denotes a predicate that holds if t* for every valuation of the variables in vars.5what4 exists vars t# denotes a predicate that holds if t) for some valuation of the variables in vars.6what4Create a let binding. NOTE: SMTLib2 defines this to be a "parallel" let, which means that the bound variables are NOT in scope in the right-hand sides of other bindings, even syntactically-later ones.7what4!Negate an integer or real number.8what40Create a numeral literal from the given integer.9what42Create a literal as a real from the given integer.:what4sub x1 [x2, ..., xn] with n >= 1 returns x1 minus  x2 + ... + xn.$The terms are expected to have type Int or Real.;what4add [x1, x2, ..., xn] with n >= 2 returns x1 minus  x2 + ... + xn.$The terms are expected to have type Int or Real.<what4add [x1, x2, ..., xn] with n >= 2 returns x1 minus  x2 + ... + xn.$The terms are expected to have type Int or Real.=what4div x1 [x2, ..., xn] with n >= 1 returns x1 div  x2 * ... * xn.$The terms are expected to have type Int.>what4x1 ./ [x2, ..., xn] with n >= 1 returns x1 /  x2 * ... * xn.?what4 mod x1 x2 returns x1 - x2 * (x1 = [x2])@.$The terms are expected to have type Int.@what4abs x1 returns the absolute value of x1."The term is expected to have type Int.Awhat40Less than or equal over a chained list of terms.le [x1, x2, ..., xn] is equivalent to  x1 <= x2  x2 <= x3  ... / x(n-1) <= xn.lThis is defined in the Reals, Ints, and Reals_Ints theories, and the number of elements must be at least 2.eWith a strict interpretation of the SMTLIB standard, the terms should be all of the same type (i.e. IntG or Real"), but existing solvers appear to implicitly all mixed terms.Bwhat4'Less than over a chained list of terms.lt [x1, x2, ..., xn] is equivalent to x1 < x2  x2 < x3  ... / x(n-1) < xn.eWith a strict interpretation of the SMTLIB standard, the terms should be all of the same type (i.e. IntG or Real"), but existing solvers appear to implicitly all mixed terms.Cwhat43Greater than or equal over a chained list of terms.ge [x1, x2, ..., xn] is equivalent to  x1 >= x2  x2 >= x3  ... / x(n-1) >= xn.eWith a strict interpretation of the SMTLIB standard, the terms should be all of the same type (i.e. IntG or Real"), but existing solvers appear to implicitly all mixed terms.Dwhat4*Greater than over a chained list of terms.gt [x1, x2, ..., xn] is equivalent to x1 > x2  x2 > x3  ... / x(n-1) > xn.eWith a strict interpretation of the SMTLIB standard, the terms should be all of the same type (i.e. IntG or Real"), but existing solvers appear to implicitly all mixed terms.Ewhat4Maps a term with type Int to Real.Fwhat4@Returns the largest integer not larger than the given real term.Gwhat4#Returns true if this is an integer.Hwhat4arrayConst t1 t2 c$ generates an array with index type t1 and value type t2 that always returns c.+This uses the non-standard SMTLIB2 syntax ((as const (Array t1 t2)) c)9 which is supported by CVC4 and Z3 (and perhaps others).Iwhat4 select a i denotes the value of a at i.Jwhat4 store a i v& denotes the array whose valuation is v at index i and  select a j at every other index j.Kwhat4A 1-bit bitvector representing 0.Lwhat4A 1-bit bitvector representing 1.Mwhat4 bvbinary w x( constructs a bitvector term with width w equal to x ? 2^w. The width w must be positive.#The literal uses a binary notation.Nwhat4 bvdecimal x w( constructs a bitvector term with width w equal to x ? 2^w. The width w must be positive.$The literal uses a decimal notation.Owhat4bvhexadecimal x w( constructs a bitvector term with width w equal to x ? 2^w. The width w" must be a positive multiple of 4.The literal uses hex notation.Pwhat4 concat x y( returns the bitvector with the bits of x followed by the bits of y.Qwhat4 extract i j x+ returns the bitvector containing the bits [j..i].Rwhat4Bitwise negation of term.Swhat4Bitwise and of all arguments.Twhat4$Bitwise include or of all arguments.Uwhat4(Bitvector exclusive or of all arguments.Vwhat4Negate the bitvectorWwhat4Bitvector additionXwhat4Bitvector subtractionYwhat4Bitvector multiplicationZwhat4 bvudiv x y returns floor (to_nat x / to_nat y) when y != 0.When y = 0, this returns not (from_nat 0).[what4 bvurem x y returns x - y * bvudiv x y when y != 0.When y = 0, this returns  from_nat 0.\what4 bvshl x y shifts the bits in x to the left by to_nat u bits.The new bits are zeros (false)]what4 bvlshr x y shifts the bits in x to the right by to_nat u bits.The new bits are zeros (false)^what4 bvult x y( returns a Boolean term that is true if to_nat x < to_nat y._what4 bvule x y( returns a Boolean term that is true if to_nat x <= to_nat y.Note. This is in QF_BV, but not the bitvector theory.`what4 bvsle x y( returns a Boolean term that is true if to_int x <= to_int y.Note. This is in QF_BV, but not the bitvector theory.awhat4 bvslt x y( returns a Boolean term that is true if to_int x < to_int y.Note. This is in QF_BV, but not the bitvector theory.bwhat4 bvuge x y( returns a Boolean term that is true if to_nat x <= to_nat y.Note. This is in QF_BV, but not the bitvector theory.cwhat4 bvugt x y( returns a Boolean term that is true if to_nat x < to_nat y.Note. This is in QF_BV, but not the bitvector theory.dwhat4 bvsge x y( returns a Boolean term that is true if to_int x <= to_int y.Note. This is in QF_BV, but not the bitvector theory.ewhat4 bvsgt x y( returns a Boolean term that is true if to_int x < to_int y.Note. This is in QF_BV, but not the bitvector theory.fwhat4 bvashr x y shifts the bits in x to the right by to_nat u bits.9The new bits are the same as the most-significant bit of x.Note. This is in QF_BV, but not the bitvector theory.gwhat4 bvsdiv x y returns #round_to_zero (to_int x / to_int y) when y != 0.When y = 0, this returns not (from_nat 0).Note. This is in QF_BV, but not the bitvector theory.hwhat4 bvsrem x y returns x - y * bvsdiv x y when y != 0.When y = 0, this returns  from_nat 0.Note. This is in QF_BV, but not the bitvector theory.iwhat4bvsignExtend w x adds an additional w' bits to the most significant bits of x by sign extending x.Note. This is in QF_BV, but not the bitvector theory.jwhat4bvzeroExtend w x adds an additional w, zero bits to the most significant bits of x.Note. This is in QF_BV, but not the bitvector theory.kwhat4Set the logic of the SMT solverlwhat4Set an option in the SMT solver6The name should not need to be prefixed with a colon."mwhat4Set option to produce modelsIThis is a widely used option so, we we have a custom command to make it.nwhat4Request the SMT solver to exitowhat4GDeclare an uninterpreted sort with the given number of sort parameters.pwhat4%Define a sort in terms of other sortsqwhat48Declare a constant with the given name and return types.rwhat4IDeclare a function with the given name, argument types, and return type.swhat4IDeclare a function with the given name, argument types, and return type.twhat42Assert the predicate holds in the current context.uwhat4zAssert the predicate holds in the current context, and assign it a name so it can appear in unsatisfiable core results.vwhat42Check the satisfiability of the current assertionswwhat4WCheck the satisfiability of the current assertions and the additional ones in the list.xwhat4LCheck satisfiability of the given atomic assumptions in the current context.RNOTE! The names of variables passed to this function MUST be generated using a  `declare-fun` statement, and NOT a  `define-fun` statement. Thus, if you want to bind an arbitrary term, you must declare a new term and assert that it is equal to it's definition. Yes, this is quite irritating.ywhat4/Get the model associated with the last call to  check-sat.|what4?Get the values associated with the terms from the last call to  check-sat.}what4NEmpties the assertion stack and remove all global assertions and declarations.~what48Push the given number of scope frames to the SMT solver.what47Pop the given number of scope frames to the SMT solver.what4A get-info commandpwhat4Name of new sortwhat4 Parameters for polymorphic sortswhat4 Definitionx   !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~xklm  nopqrsvwxy|~}tuz{ !"#&'%1()*+,-./023456789:;<=>?@ABCDEFGPQRSTUVWXYZ[\]^KLMNOfa`_edcbghij$HIJ@Simple datastructure for capturing the result of a SAT/SMT query(c) Galois, Inc 2015-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalSafe7\_8  ;Definitions related to semiring structures over base types.(c) Galois Inc, 2019-2020BSD3rdockins@galois.comNone &'.HUV\what4The  family counts how many times a term occurs in a product. For most semirings, this is just a natural number representing the exponent. For the boolean ring of bitvectors, however, it is unit because the lattice operations are idempotent.what4$The constant values in the semiring.what4]The subset of semirings that are equipped with an appropriate (order-respecting) total order.what44Data-kind representing the semirings What4 supports.what4Data-kind indicating the two flavors of bitvector semirings. The ordinary arithmetic semiring consists of addition and multiplication, and the "bits" semiring consists of bitwise xor and bitwise and.what4,Compute the base type of the given semiring.what4ACompute the semiring corresponding to the given ordered semiring.what4 ::  ->   -> what4 :: what4 :: what4 :: what4 :: what4 :: ((CDatatype for representing names that can be communicated to solvers(c) Galois Inc, 2015-2020BSD3jhendrix@galois.comNoneM\what4+This represents a name known to the solver.We have three types of symbols:The empty symbol A user symbolA system symbolA user symbol should consist of a letter followed by any combination of letters, digits, and underscore characters. It also cannot be a reserved word in Yices or SMTLIB.A system symbol should start with a letter followed by any number of letter, digit, underscore or an exclamation mark characters. It must contain at least one exclamation mark to distinguish itself from user symbols.what4DThis describes why a given text value was not a valid solver symbol.what4Return the empty symbol.what4MThis returns either a user symbol or the empty symbol if the string is empty.what4Attempts to create a user symbol from the given string. If this fails for some reason, the string is Z-encoded into a system symbol instead with the prefix "zenc!". ^what49This attempts to parse a string as a valid solver symbol. _what4*This is the list of keywords in SMTLIB 2.55A finite map data structure with monoidal annotations(c) Galois Inc, 2019-2020BSD3huffman@galois.comSafe456@AX\what4for keys present in both maps what4for subtrees only in first map what4 for subtrees only in second map `what4for keys present in both maps what4for subtrees only in first map what4 for subtrees only in second map *Utility functions for computing arithmetic(c) Galois, Inc 2015-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalSafe\ what4)Returns true if number is a power of two.what4Returns floor of log base 2.what4)Returns ceil of log base 2. We define  lgCeil 0 = 0what4Count trailing zeroswhat4Count leading zeroswhat4nextMultiple x y computes the next multiple m of x s.t. m >= y. E.g., nextMultiple 4 8 = 8 since 8 is a multiple of 8; nextMultiple 4 7 = 8; nextMultiple 8 6 = 8.what4nextPow2Multiple x n" returns the smallest multiple of 2^n not less than x.what4:This returns the sqrt of an integer if it is well-defined.what4Return the rational sqrt of awhat4;Evaluate a real to an integer with rounding away from zero.what4width what4value to rotate what4amount to rotate what4width what4value to rotate what4amount to rotate  (c) Galois Inc, 2019-2020BSD3huffman@galois.comNone &'.HUVX\kL' awhat4Pairs of nonzero integers (lo, hi) such that  1/lo <= 1/hi8. This pair represents the set of all nonzero integers x such that 1/lo <= 1/x <= 1/hi.what4A value of type BVDomain w* represents a set of bitvectors of width w. Each BVDomain] can represent a single contiguous interval of bitvectors that may wrap around from -1 to 0.what4#The set of all bitvectors of width w. Argument caches 2^w-1.what4;Intervals are represented by a starting value and a size. BVDInterval mask l d+ represents the set of values of the form  x mod 2^w for x such that l <= x <= l + d$. It should satisfy the invariants  0 <= l < 2^w and  0 <= d < 2^w'. The first argument caches the value 2^w-1.what4=Compute how many concrete elements are in the abstract domain what4BTest if the given integer value is a member of the abstract domain what4,Check if the domain satisfies its invariants what40Return the bitvector mask value from this domain what4"Random generator for domain values what4'Generate a random element from a domainwhat4DGenerate a random domain and an element contained in that domain. bwhat4 halfRange n returns 2^(n-1).what4$Return value if this is a singleton.what4"Return unsigned bounds for domain.what4 Return signed bounds for domain.what4 Return the (lo,sz)G, the low bound and size of the given arithmetic interval. A value x0 is in the set defined by this domain iff  (x - lo)  c w <= sz holds. Returns Nothing# if the domain contains all values.what40Return true if domains contain a common element.what4HCheck if all elements in one domain are less than all elements in other.what4HCheck if all elements in one domain are less than all elements in other.what4Represents all valueswhat43Create a bitvector domain representing the integer.what4 range w l u; returns domain containing all bitvectors formed from the w low order bits of some i in [l,u]. Note that per testBit&, the least significant bit has index 0.what4CUnsafe constructor for internal use only. Caller must ensure that mask = maxUnsigned w , and that aw is non-negative.what4gCreate an abstract domain from an ascending list of elements. The elements are assumed to be distinct.what4Return union of two domains.what4 concat a y& returns domain where each element in a+ has been concatenated with an element in y". The most-significant bits are a%, and the least significant bits are y. dwhat4 shrink i a drops the i least significant bits from a. ewhat4 trunc n d selects the n least significant bits from d.what4 select i n a selects n bits starting from index i from a. fwhat4KClamp the given shift amount to the word width indicated by the nat repr gwhat4Choose a representative integer range (positive or negative) for the given bitvector domain such that the endpoints are as close to zero as possible. hwhat4KNonzero signed values in a domain with the least and greatest reciprocals. iwhat4FInterval arithmetic for integer division (rounding towards 0). Given a and b with  al <= a <= ah and 1/bl <= 1/b <= 1/bh, *sdivRange (al, ah) (ReciprocalRange bl bh) returns (ql, qh) such that ql <= a  j b <= qh. kwhat4scaleDownRange (lo, hi) k returns an interval (ql, qh) such that for any x in [lo..hi], x  j k is in [ql..qh].,what4Complement bits in range.-what4{Return bitwise bounds for domain (i.e. logical AND of all possible values, paired with logical OR of all possible values)..what4unknowns lo hin returns a bitmask representing the set of bit positions whose values are not constant throughout the range lo..hi./what4 fillright x rounds up x to the nearest 2^n-1.0what4FCheck that a domain is proper, and that the given value is a memberK      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOK   0-./ !"#$%&'()*+,  123456789:;<=>@ABCDEFG?HIJKLMNO(c) Galois Inc, 2020BSD3huffman@galois.comNone &'.HUVX\k4Qwhat4A bitwise interval domain, defined via a bitwise upper and lower bound. The ordering used here to construct the interval is the pointwise ordering on bits. In particular x [= y iff x .|. y == y, and a value x# is in the set defined by the pair (lo,hi) just when lo [= x && x [= hi.Rwhat4BVDBitInterval mask lo hi. mask caches the value of 2^w - 1Swhat4+Test if the domain satisfies its invariantsTwhat4BTest if the given integer value is a member of the abstract domainUwhat4=Compute how many concrete elements are in the abstract domainWwhat40Return the bitvector mask value from this domainXwhat4RRandom generator for domain values. We always generate nonempty domain values.Zwhat4MGenerate a random nonempty domain and an element contained in that domain.[what4$Unsafe constructor for internal use.\what46Construct a domain from bitwise lower and upper bounds]what4Bitwise lower and upper bounds^what4@Test if this domain contains a single value, and return it if so_what4HReturns true iff there is at least on element in this bitwise domain.`what4/Return a domain containing just the given valueawhat4/Bitwise domain containing every bitvector valuebwhat46Returns true iff the domains have some value in commonfwhat4 concat a y& returns domain where each element in a+ has been concatenated with an element in y". The most-significant bits are a%, and the least significant bits are y. lwhat4 shrink i a drops the i least significant bits from a. mwhat4 trunc n d selects the n least significant bits from d.gwhat4 select i n a selects n bits starting from index i from a.twhat4FCheck that a domain is proper, and that the given value is a member:QRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~:QRVSWTtU^_cb]a`\[edfghijknolmqrspXYZuvwxyz{|}~(c) Galois Inc, 2019-2020BSD3huffman@galois.comNone &'.HUVX\ki what4A value of type BVDomain w* represents a set of bitvectors of width wj. This is an alternate representation of the bitwise domain values, optimized to compute XOR operations.what4BVDXor mask hi unknown% represents a set of values where hi is a bitwise high bound, and unknown? represents the bits whose values are not known. The value mask caches the value 2^w-1.what4+Test if the domain satisfies its invariantswhat4BTest if the given integer value is a member of the abstract domainwhat40Return the bitvector mask value from this domainwhat46Construct a domain from bitwise lower and upper boundswhat4$Unsafe constructor for internal use.what4Bitwise lower and upper boundswhat4@Test if this domain contains a single value, and return it if sowhat4RRandom generator for domain values. We always generate nonempty domain values.what4MGenerate a random nonempty domain and an element contained in that domain.what4/Return a domain containing just the given valuewhat4FCheck that a domain is proper, and that the given value is a memberAbstract domains for bitvectors(c) Galois Inc, 2019-2020BSD3huffman@galois.comNone %&'.HUVX\what4A value of type  w* represents a set of bitvectors of width wN. A BVDomain represents either an arithmetic interval, or a bitwise interval. nwhat40Return the bitvector mask value from this domainwhat4+Test if the domain satisfies its invariantswhat4BTest if the given integer value is a member of the abstract domainwhat4=Compute how many concrete elements are in the abstract domainwhat4!Generate a random nonempty domainwhat4KGenerate a random element from a domain, which is assumed to be nonemptywhat4MGenerate a random nonempty domain and an element contained in that domain.what4$Return value if this is a singleton.what4Precondition:  x <= lomask'. Find the (arithmetically) smallest z above x which is bitwise above lomask%. In other words find the smallest z such that x <= z and lomask .|. z == z.what4Precondition: lomask <= x <= himask and lomask .|. himask == himask&. Find the (arithmetically) smallest z above x which is bitwise between lomask and himask%. In other words, find the smallest z such that x <= z and lomask .|. z = z and z .|. himask == himask. owhat4;Test if an arithmetic domain overlaps with a bitwise domainwhat40Return true if domains contain a common element. pwhat4Return a list of "candidate" overlap elements. If two domains overlap, then they will definitely share one of the given values.what4HCheck if all elements in one domain are less than all elements in other.what4HCheck if all elements in one domain are less than all elements in other.what4Return JustG if every bitvector in the domain has the same bit at the given index.what4Represents all valueswhat43Create a bitvector domain representing the integer.what4 range w l u; returns domain containing all bitvectors formed from the w low order bits of some i in [l,u]. Note that per testBit&, the least significant bit has index 0.what4gCreate an abstract domain from an ascending list of elements. The elements are assumed to be distinct.what4Return union of two domains.what4 concat a y& returns domain where each element in a+ has been concatenated with an element in y". The most-significant bits are a%, and the least significant bits are y.what4 select i n a selects n bits starting from index i from a.what4Complement bits in range. qwhat4FCheck that a domain is proper, and that the given value is a memberwhat4bvmask3, based on the width of the bitvectors in question what4 xwhat4 lomaskwhat4bvmask3, based on the width of the bitvectors in question what4 xwhat4 lomaskwhat4 himaskwhat41Index of bit (least-significant bit has index 0) g]g]]Provides a complex representation that is more generic than Data.Complex.(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalSafe &'4567@A\ what4&A complex pair over an arbitrary type. rwhat45Returns the "complex argument" of the complex number.what4Returns square of magnitude.what4 Sqrt functionwhat47Square-root function defined for non-negative values a.           6Safe\&'(&'(Provides functions for finding an executable, and expanding a path with referenced to environment variables.(c) Galois, Inc 2013-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalSafe\ swhat4zGiven a mapping of variables to values, this replaces substrings of the form $VAR with the associated value in a string.-what4!Find an executable from a string.-what4Path to expand,--,NoneX\.what4QWrapper to help with reading from another process's standard out and stderr.qWe want to be able to read from another process's stderr and stdout without causing the process to stall because stdout or stderr becomes full. This data type will read from either of the handles, and buffer as much data as needed in the queue. It then provides a line-based method for reading that data as strict bytestrings. 8what48Create a new handle reader for reading the given handle.9what42Stop the handle reader; cannot be used afterwards.:what4<Run an execution with a handle reader and stop it wheen down6what4stdin for process what4stdout for process what4stderr for process ./2103456789:;<3456./210789:;<(c) Galois Inc, 2019-2020BSD3rdockins@galois.comSafe\E=>?@=>?@:Datastructure for representing a conjunction of predicates(c) Galois Inc, 2019-2020BSD3rdockins@galois.comNone%-.H\cFwhat4"Represents the state of a bool mapGwhat4RA bool map with no expressions, represents the unit of the corresponding operationHwhat4CAn inconsistent bool map, represents the dual of the operation unitIwhat4CThe terms appearing in the bool map, of which there is at least oneJwhat4This data structure keeps track of a collection of expressions together with their polarities. Such a collection might represent either a conjunction or a disjunction of expressions. The implementation uses a map from expression values to their polarities, and thus automatically implements the associative, commutative and idempotency laws common to both conjunctions and disjunctions. Moreover, if the same expression occurs in the collection with opposite polarities, the entire collection collapses via a resolution step to an "inconsistent" map. For conjunctions this corresponds to a contradiction and represents false; for disjunction, this corresponds to the law of the excluded middle and represents true.Nwhat4VDescribes the occurrence of a variable or expression, whether it is negated or not.Qwhat4Swap a polarity valueRwhat4<Traverse the expressions in a bool map, and rebuild the map.Swhat43Deconstruct the given bool map for later processingTwhat4)Returns true for an inconsistent bool mapUwhat40Returns true for a "null" bool map with no termsVwhat4?Produce a singleton bool map, consisting of just the given termWwhat4FAdd a variable to a bool map, performing a resolution step if possibleXwhat4QGenerate a bool map from a list of terms and polarities by repeatedly calling addVar.Ywhat48Merge two bool maps, performing resolution as necessary.Zwhat4\Test if the bool map contains the given term, and return the polarity of that term if so.[what47Swap the polarities of the terms in the given bool map.\what4pRemove the given term from the bool map. The map is unchanged if inconsistent or if the term does not occur.FGHIJKLMNOPQRSTUVWXYZ[\JVWXYNOPQZTUFGHISR[\KLM(c) Galois, Inc 2015-2020BSD3!Joe Hendrix <jhendrix@galois.com>SafeX\gwhat4Return the empty maprwhat4@Find largest element that is less than or equal to key (if any).swhat43Find largest element that is at least key (if any).twhat46Find less than element that is less than key (if any).uwhat46Find less than element that is less than key (if any). twhat4 lesser hi m returns all entries in m less than hi.what45Create a map from a list of keys in descending order.fghijklmnopqrstuvwxyz{|}~fmlkjgnx|}{vwqrtsuz~hyipo$Typeclass for monads generalizing ST(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalSafe=?@AC\(c) Galois, Inc. 2020BSD3!Joe Hendrix <jhendrix@galois.com>None&'\awhat41This provides a GADT instance used to indicate a H must have value E.IO stream utilities(c) Galois, Inc 2013-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNone\jwhat4.Write from input stream to a logging function.what4Logging function -Utility definitions for wide (2-byte) strings(c) Galois, Inc 2019-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalSafe\  what4RA string of Word16 values, encoded as a bytestring in little endian (LE) order.[We maintain the invariant that Word16Strings are represented by an even number of bytes.what4 Generate a  Word16String_ from a bytestring where the 16bit words are encoded as two bytes in little-endian order.SPRECONDITION: the input bytestring must have a length which is a multiple of 2.what4/Return the underlying little endian bytestring.what4Return the empty stringwhat46Compute the string containing just the given characterwhat4!Test if the given string is emptywhat4 Retrive the nJth character of the string. Out of bounds accesses will cause an error.what4bFind the first index (if it exists) where the first string appears as a substring in the secondwhat4KReturns true if the first string appears somewhere in the second string.!Utility definitions for strings(c) Galois, Inc 2019-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone&'.=?H\ uwhat4<Get the first index of a substring in another string, or  v if the string is not found.Copy/pasted from the old  bytestringE implementation because it was deprecated/removed for some reason. uwhat4String to search for.what4String to seach in."(Abstract domains for term simplification(c) Galois Inc, 2015-2020BSD3jhendrix@galois.comNone-.4=>?HSUVX\=L#what4*Take the union of the two abstract values.what4KReturns true if the abstract values could contain a common concrete value.what4Check equality on two abstract values. Return true or false if we can definitively determine the equality of the two elements, and nothing otherwise.what47A utility class for values that contain abstract valueswhat45An abstract value represents a disjoint st of values.what4TThe string abstract domain tracks an interval range for the length of the string.what4,The length of the string falls in this rangewhat45Describes a range of values in a totally ordered set.what4+Indicates that range denotes a single valuewhat4OIndicates that the number is somewhere between the given upper and lower bound.what4"A lower or upper bound on a value.what4LCompute an abstract range for integer division. We are using the SMTLib division operation, where the division is floor when the divisor is positive and ceiling when the divisor is negative. We compute the ranges assuming that division by 0 doesn't happen, and we are allowed to return nonsense ranges for these cases. wwhat4gReturn 'Just True if the range only contains an integer, 'Just False' if it contains no integers, and  v7 if the range contains both integers and non-integers.what4"Multiply a range by a scalar valuewhat4Multiply two ranges together.what4Return lower bound of range.what4Return upper bound of range.what42Compute the smallest range containing both ranges. xwhat4$Return true if value ranges overlap.what4GReturn maybe Boolean if range is equal, is not equal, or indeterminant.what4 Defines a unbounded value range.what4 Defines a unbounded value range.what42Defines a value range containing a single element.what4*Define a value range with the given boundswhat4(Check if range is just a single element.what49Range accepting everything between lower and upper bound.what4Add two real abstract values. what42Compute the smallest range containing both ranges. ywhat4#Return if nat value ranges overlap.what4EReturn maybe Boolean if nat is equal, is not equal, or indeterminant.what4EReturn maybe Boolean if nat is equal, is not equal, or indeterminant.what4,Clamp an integer range to nonnegative values#what4<Create an abstract value that contains every concrete value.$what4@Create an abstract value that contains the given concrete value.&what4]Returns true if the concrete value is a member of the set represented by the abstract value.what4 Lower boundwhat4 Upper bound_      !"#$%&_     " !#$&%#;Representations for weighted sums and products in semirings(c) Galois Inc, 2015-2020BSD3jhendrix@galois.comNone%&',-.1=>@ACHSUVX\)7what4A product of semiring values.8what47Runtime representation of the semiring for this product9what4yA weighted sum of semiring values. Mathematically, this represents an affine operation on the underlying expressions.:what44Runtime representation of the semiring for this sum. zwhat4~The annotation type used for the annotated map. It consists of the hash value and the abstract domain representation of type d for each submap. {what40Construct the annotation for a single map entry. |what4Return the hash of the  } part of the 9. ~what48Created a weighted sum directly from a map and constant.?Note. When calling this, one should ensure map values equal to '0' have been removed. what40Retrieve the mapping from terms to coefficients.=what41Retrieve the constant addend of the weighted sum.>what4.Attempt to parse a weighted sum as a constant.?what45Return true if a weighted sum is equal to constant 0.@what4YAttempt to parse a weighted sum as a single expression with a coefficient and offset. asAffineVar w = Just (c,r,o) when denotation(w) = c*r + o.Awhat4LAttempt to parse weighted sum as a single expression with a coefficient. asWeightedVar w = Just (c,r) when denotation(w) = c*r.Bwhat4;Attempt to parse a weighted sum as a single expression. asVar w = Just r when denotation(w) = rCwhat4/Create a sum from a constant coefficient value.Dwhat4+Traverse the expressions in a weighted sum.Ewhat4,Traverse the coefficients in a weighted sum.Fwhat4&Traverse the expressions in a product.Gwhat4)This returns a variable times a constant.Hwhat4:Create a weighted sum corresponding to the given variable.Iwhat4^Add two sums, collecting terms as necessary and deleting terms whose coefficients sum to 0.Jwhat4;Create a weighted sum that represents the sum of two terms.Kwhat4Add a variable to the sum.Lwhat4Add a constant to the sum.Mwhat4)Multiply a sum by a constant coefficient.Nwhat4:Produce a weighted sum from a list of terms and an offset.Owhat4GApply update functions to the terms and coefficients of a weighted sum.Pwhat4Evaluate a sum given interpretations of addition, scalar multiplication, and a constant. This evaluation is threaded through a monad. The addition function is associated to the left, as in foldlM.Qwhat4bEvaluate a sum given interpretations of addition, scalar multiplication, and a constant rational.Rwhat4Reduce a weighted sum of integers modulo a concrete integer. This reduces each of the coefficients modulo the given integer, removing any that are congruent to 0; the offset value is also reduced.Swhat4Given two weighted sums x and y, this returns a triple  (z,x',y') where  x = z + x' and  y = z + y' and z! contains the "common" parts of x and y]. We only extract common terms when both terms occur with the same coefficient in each sum.YThis is primarily used to simplify if-then-else expressions to preserve shared subterms.Twhat4;Returns true if the product is trivial (contains no terms).Uwhat46If the product consists of exactly on term, return it.Wwhat4NReturns true if the product contains at least on occurrence of the given term. what4Produce a product map from a raw map of terms to occurrences. PRECONDITION: the occurrence value for each term should be non-zero.Xwhat45Produce a product representing the single given term.Ywhat4?Multiply two products, collecting terms and adding occurrences.Zwhat4eEvaluate a product, given a function representing multiplication and a function to evaluate terms.[what4Evaluate a product, given a function representing multiplication and a function to evaluate terms, where both functions are threaded through a monad.awhat4The annotation type used for the annotated map for products. It consists of the hash value and the abstract domain representation of type d for each submap. NOTE! that the multiplication operation on abstract values is not always associative. This, however, is acceptable because all associative groupings lead to sound (but perhaps not best) approximate values.Pwhat4Addition function what4Scalar multiply what4Constant evaluation Qwhat4Addition function what4Scalar multiply what4Constant evaluation Rwhat4The sum to reduce what4The modulus, must not be 0 Zwhat4multiplication evalation what4term evaluation [what4multiplication evalation what4term evaluation %789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[%;9:=<CHG>BA@?DEIKJLMQPSNOR7FTU8XVYZ[W$DDatastructure for representing a sequence of updates to an SMT array(c) Galois Inc, 2019-2020BSD3rdockins@galois.comNone&'.@AH\mfghijklmnopqrstfgqklnopmhitsjr%Concrete values of base types(c) Galois, Inc 2018-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone&',-.19=>?@AHSUVX\_xwhat4?A data type for representing the concrete values of base types.what45Compute the type representative for a concrete value.what4Pretty-print a concrete valuexyz{|}~xyz{|}~&9Declares attributes for simulator configuration settings.(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone&',-.=?@ACHSUVX\_2@what4A  ConfigValue? bundles together the name of an option with its current value.what4HA utility class for making working with option settings easier. The tp argument is a BaseType , and the a, argument is an associcated Haskell type.what4-Return the current value of the option, as a Maybe value.what4IAttempt to set the value of an option. Return any errors or warnings.what4oSet the value of an option. Return any generated warnings. Throw an exception if a validation error occurs.what4^Get the current value of an option. Throw an exception if the option is not currently set.what4fThe main configuration datatype. It consists of an IORef continaing the actual configuration data. what4xMain configuration data type. It is organized as a trie based on the name segments of the configuration option name.what4A  ConfigDescC describes a configuration option before it is installed into a Config object. It consists of a  ConfigOption name for the option, an  OptionStylen describing the sort of option it is, and an optional help message describing the semantics of this option.what4 An inclusive or exclusive bound.what4An option defines some metadata about how a configuration option behaves. It contains a base type representation, which defines the runtime type that is expected for setting and querying this option at runtime.what4'base type representation of this optionwhat4An operation for validating new option values. This action may also be used to take actions whenever an option setting is changed.The first argument is the current value of the option (if any). The second argument is the new value that is being set. If the validation fails, the operation should return a result describing why validation failed. Optionally, warnings may also be returned.what4$Documentation for the option to be displayed in the event a user asks for information about this option. This message should contain information relevant to all options in this style (e.g., its type and range of expected values), not necessarily information about a specific option.what42This gives a default value for the option, if set.what4An  OptionSettingR gives the direct ability to query or set the current value of an option. The  getOptionh field is an action that, when executed, fetches the current value of the option, if it is set. The  setOptionG method attempts to set the value of the option. If the associated  opt_onset validation method rejects the option, it will retain its previous value; otherwise it will be set to the given value. In either case, the generated OptionSetResult will be returned.what4fWhen setting the value of an option, a validation function is called (as defined by the associated  OptionStyle3). The result of the validation function is an OptionSetResult. If the option value given is invalid for some reason, an error should be returned. Additionally, warning messages may be returned, which will be passed through to the eventuall call site attempting to alter the option setting.what4qA Haskell-land wrapper around the name of a configuration option. Developers are encouraged to define and use  values to avoid two classes of errors: typos in configuration option names; and dynamic type-cast failures. Both classes of errors can be lifted to statically-checkable failures (missing symbols and type-checking, respectively) by consistently using  values.4The following example indicates the suggested useage  asdfFrob :: ConfigOption BaseRealType asdfFrob = configOption BaseRealRepr "asdf.frob" asdfMaxBound :: ConfigOption BaseIntegerType asdfMaxBound = configOption BaseIntegerRepr "asdf.max_bound" what4 Construct a I from a string name. Idomatic useage is to define a single top-level r value in the module where the option is defined to consistently fix its name and type for all subsequent uses. what4,Split a text value on ' characters. Return NothingE if the whole string, or any of its segments, is the empty string.what4>Get the individual dot-separated segments of an option's name.what44Reconstruct the original string name of this option.what44Reconstruct the original string name of this option.what4-Retrieve the run-time type representation of tp.what47Accept the new option value with no errors or warnings.what42Reject the new option value with an error message.what4<Accept the given option value, but report a warning message. what4A basic option style for the given base type. This option style performs no validation, has no help information, and has no default value.what4 Update the  opt_onset field. what4 Update the opt_help field.what4 Update the opt_default_value field.what4>Standard option style for boolean-valued configuration optionswhat4;Standard option style for real-valued configuration optionswhat4?Standard option style for integral-valued configuration optionswhat4@Option style for real-valued options with upper and lower boundswhat47Option style for real-valued options with a lower boundwhat48Option style for real-valued options with an upper boundwhat4COption style for integer-valued options with upper and lower boundswhat4:Option style for integer-valued options with a lower boundwhat4;Option style for integer-valued options with an upper boundwhat4PA configuration style for options that must be one of a fixed set of text valueswhat4A configuration syle for options that must be one of a fixed set of text values. Associated with each string is a validation/callback action that will be run whenever the named string option is selected.what4A configuration style for options that are expected to be paths to an executable image. Configuration options with this style generate a warning message if set to a value that cannot be resolved to an absolute path to an executable file in the current OS environment.what41The most general method for construcing a normal .what4DConstruct an option using a default style with a given initial valuewhat4Construct an option using a default style with a given initial value. Also provide a validation function to check new values as they are set.what4@Construct an option using a default style with no initial value.what4Construct an option using a default style with no initial value. Also provide a validation function to check new values as they are set. what4BThe given list of name segments defines a lens into a config trie. what4yThe given nonempty list of name segments (with the initial segment given as the first argument) defines a lens into a  ConfigMap. what4Traverse an entire  ConfigMap. The first argument is what4Traverse an entire  ConfigTrie. what4Traverse a subtree of a  ConfigMap,. If an empty path is provided, the entire  ConfigMap will be traversed. what4Add an option to the given  ConfigMap.what4KConstruct a new configuration from the given configuration descriptions.what4Extend an existing configuration with new options. An error will be raised if any of the given options clash with options that already exists.what4Verbosity of the simulator. This option controls how much informational and debugging output is generated. 0 yields low information output; 5 is extremely chatty. what4-Built-in options that are installed in every Config object.what4yReturn an operation that will consult the current value of the verbosity option, and will print a string to the given HandleF if the provided int is smaller than the current verbosity setting.what4 Throw an exception if the given OptionSetResultC indidcates an error. Otherwise, return any generated warnings.what4Given a  ConfigOption name, produce an  OptionSetting> object for accessing and setting the value of that option.BAn exception is thrown if the named option cannot be found the Config& object, or if a type mismatch occurs.what4Given a text name, produce an  OptionSetting> object for accessing and setting the value of that option.;An exception is thrown if the named option cannot be found.what4aGiven the name of a subtree, return all the currently-set configurtion values in that subtree.@If the subtree name is empty, the entire tree will be traversed.what4`Given the name of a subtree, compute help text for all the options avaliable in that subtree.@If the subtree name is empty, the entire tree will be traversed. what4*Fixes the name and the type of this optionwhat4Define the style of this optionwhat4 Help textwhat4A default value for this optionwhat4*Fixes the name and the type of this optionwhat4Default value for the optionwhat4/An informational message describing this optionwhat4*Fixes the name and the type of this optionwhat4Default value for the optionwhat4LValidation function. Return `Just err` if the value to set is not valid.what4/An informational message describing this optionwhat4*Fixes the name and the type of this optionwhat4/An informational message describing this optionwhat4+Fixes the name and the type of this option what4JValidation function. Return `Just err` if the value to set is not valid. what40An informational message describing this option what4]A REVERSED LIST of the name segments that represent the context from the root to the current  ConfigMap. what4CAn action to apply to each leaf. The path to the leaf is provided. what4ConfigMap to traverse what4]A REVERSED LIST of the name segments that represent the context from the root to the current  ConfigTrie. what4CAn action to apply to each leaf. The path to the leaf is provided. what4 ConfigTrie to traverse what4(Path indicating the subtree to traverse what4ZAction to apply to each leaf in the indicated subtree. The path to the leaf is provided. what4 ConfigMap to traverse what4Initial value for the  optionwhat4Option descriptions to installBB'None&'.HSUVX\_D4what4Utility function that runs a solver specified by the given config setting within a context. Errors can then be attributed to the solver.what4This runs a given external binary, providing the process handle and handles to input and output to the action. It takes care to terminate the process if any exception is thrown by the action.what4BClose the connected process pipes and wait for the process to exitwhat40Start a process connected to this one via pipes.what4 Filtering function for use with   or  R that filters out asynch exceptions so they are rethrown instead of capturedwhat4Path to processwhat4Arguments to processwhat4Working directory if any.what4SAction to run with process; should wait for process to terminate before returning.what4Path to executable what4Command-line arguments what4Optional working directory what4>process stdin, process stdout, process stderr, process handle (.Main interface for constructing What4 formulae(c) Galois, Inc 2014-2020BSD3!Joe Hendrix <jhendrix@galois.com>None&',-.7=>?@AHRSUVX\_kGVwhat4;Statistics gathered on a running expression builder. See  .what4;The number of times an expression node has been allocated.what4RThe number of non-linear operations, such as multiplications, that have occurred.what4^This provides an interface for converting between Haskell values and a solver representation.what4yThis extends the interface for building expressions with operations for creating new symbolic constants and functions.what40Create a fresh top-level uninterpreted constant.what4Create a fresh latch variable.what4yCreate a fresh bitvector value with optional upper and lower bounds (which bound the unsigned value of the bitvector).what4vCreate a fresh bitvector value with optional upper and lower bounds (which bound the signed value of the bitvector)what4vCreate a fresh natural number constant with optional upper and lower bounds. If provided, the bounds are inclusive.what4oCreate a fresh integer constant with optional upper and lower bounds. If provided, the bounds are inclusive.what4lCreate a fresh real constant with optional upper and lower bounds. If provided, the bounds are inclusive.what4Creates a bound variable.This will be treated as a free constant when appearing inside asserted expressions. These are intended to be bound using quantifiers or symbolic functions.what48Return an expression that references the bound variable.what4forallPred sym v e& returns an expression that repesents  forall v . eJ. Throws a user error if bound var has already been used in a quantifier.what4existsPred sym v e& returns an expression that repesents  exists v . eJ. Throws a user error if bound var has already been used in a quantifier.what4Return a function defined by an expression over bound variables. The predicate argument allows the user to specify when an application of the function should be unfolded and evaluated, e.g. to perform constant folding.what4KReturn a function defined by Haskell computation over symbolic expressions.what4$Create a new uninterpreted function.what40Apply a set of arguments to a symbolic function.what47Describes when we unfold the body of defined functions.what4EWhat4 will not unfold the body of functions when applied to argumentswhat4XThe function will be unfolded into its definition whenever it is applied to argumentswhat4eThe function will be unfolded into its definition only if all the provided arguments are concrete.what4CA class for extracting type representatives from symbolic functionswhat4%Get the argument types of a function.what4"Get the return type of a function.what45A function that can be applied to symbolic arguments.-This type is used by some methods in classes  and .what46Rounding modes for IEEE-754 floating point operations.what4Round to nearest even.what4Round to nearest away.what4Round toward plus Infinity.what4Round toward minus Infinity.what4Round toward zero. what4This newtype is necessary for  bvJoinVector and  bvSplitVector. These both use functions from Data.Parameterized.Vector that that expect a wrapper of kind (Type -> Type), and we can't partially apply the type synonym (e.g. SymBv sym), whereas we can partially apply this newtype.what4>This class allows the simulator to build symbolic expressions.-Methods of this class refer to type families   sym and  sym.Note: Some methods in this class represent operations that are partial functions on their domain (e.g., division by 0). Such functions will have documentation strings indicating that they are undefined under some conditions.The behavior of these functions is generally to throw an error if it is concretely obvious that the function results in an undefined value; but otherwise they will silently produce an unspecified value of the expected type.what4IRetrieve the configuration object corresponding to this solver interface. what4Install an action that will be invoked before and after calls to backend solvers. This action is primarily intended to be used for logging/profiling/debugging purposes. Passing  v& to this function disables logging. what4KGet the currently-installed solver log listener, if one has been installed. what4QProvide the given even to the currently installed solver log listener, if any. what4Get statistics on execution from the initialization of the symbolic interface to this point. May return zeros if gathering statistics isn't supported. what4;Get current location of program for term creation purposes.what4;Set current location of program for term creation purposes.what4QReturn true if two expressions are equal. The default implementation dispatches , @, ", +, , , k, or u, depending on the type.what4QTake the if-then-else of two expressions. The default implementation dispatches , ?, !, *, , , l, or t, depending on the type.what4Given a symbolic expression, annotate it with a unique identifier that can be used to maintain a connection with the given term. The  is intended to be used as the key in a hash table or map to additional data can be maintained alongside the terms. The returned  H has the same semantics as the arugmnent, but has embedded in it the > value so that it can be used later during term traversals.Note, the returned annotation is not necessarily fresh; if an already-annotated term is passed in, the same annotation value will be returned.what4Constant true predicatewhat4Constant false predicatewhat4Boolean negationwhat4Boolean conjunctionwhat4Boolean disjunctionwhat4Boolean implicationwhat4Exclusive-or operationwhat4Equality of boolean valueswhat4If-then-else on a predicate.what4A natural number literal.what4Add two natural numbers.what4!Subtract one number from another.BThe result is undefined if this would result in a negative number.what4Multiply one number by another.what4 sym x y performs division on naturals.The result is undefined if y equals 0. and   satisfy the property that given , d <- natDiv sym x y m <- natMod sym x y and y > 0, we have that  y * d + m = x and m < y. what4  sym x y returns x mod y.See N for a description of the properties the return value is expected to satisfy.!what4(If-then-else applied to natural numbers."what4'Equality predicate for natural numbers.#what4# sym x y returns true if x <= y.$what4$ sym x y returns true if x < y.%what4Create an integer literal.&what4Negate an integer.'what4Add two integers.(what4"Subtract one integer from another.)what4 Multiply one integer by another.*what4!If-then-else applied to integers.+what4Integer equality.,what4Integer less-than-or-equal.-what4Integer less-than..what4)Compute the absolute value of an integer./what4 intDiv x y" computes the integer division of x by yd. This division is interpreted the same way as the SMT-Lib integer theory, which states that div and modR are the unique Eucledian division operations satisfying the following for all y /= 0: x * (div x y) + (mod x y) == x  0 <= mod x y < abs y The value of  intDiv x y is undefined when y = 0.VInteger division requires nonlinear support whenever the divisor is not a constant.Note: div x y is  floor (x/y) when y' is positive (regardless of sign of x) and  ceiling (x/y) when yp is negative. This is neither of the more common "round toward zero" nor "round toward -inf" definitions.HSome useful theorems that are true of this division/modulus pair: * 'mod x y == mod x (- y) == mod x (abs y) * div x (-y) == -(div x y)0what4 intMod x y! computes the integer modulus of x by y. See / for more details. The value of  intMod x y is undefined when y = 0.UInteger modulus requires nonlinear support whenever the divisor is not a constant.1what4intDivisible x k is true whenever x8 is an integer divisible by the known natural number kF. In other words `divisible x k` holds if there exists an integer z such that `x = k*z`.2what42Create a bitvector with the given width and value.3what4Concatenate two bitvectors.4what4&Select a subsequence from a bitvector.5what42's complement negation.6what4Add two bitvectors.7what4$Subtract one bitvector from another.8what4"Multiply one bitvector by another.9what4Unsigned bitvector division.The result of  bvUdiv x y is undefined when y' is zero, but is otherwise equal to floor( x / y ).:what4Unsigned bitvector remainder.The result of  bvUrem x y is undefined when y' is zero, but is otherwise equal to x - (bvUdiv x y) * y.;what4<Signed bitvector division. The result is truncated to zero.The result of  bvSdiv x y is undefined when y is zero, but is equal to  floor(x/y) when x and y% have the same sign, and equal to  ceiling(x/y) when x and y have opposite signs.9NOTE! However, that there is a corner case when dividing MIN_INT by -1K, in which case an overflow condition occurs, and the result is instead MIN_INT.<what4Signed bitvector remainder.The result of  bvSrem x y is undefined when y' is zero, but is otherwise equal to x - (bvSdiv x y) * y.=what4>Returns true if the corresponding bit in the bitvector is set.>what4%Return true if bitvector is negative.?what4#If-then-else applied to bitvectors.@what4$Return true if bitvectors are equal.Awhat4'Return true if bitvectors are distinct.Bwhat4Unsigned less-than.Cwhat4Unsigned less-than-or-equal.Dwhat4Unsigned greater-than-or-equal.Ewhat4Unsigned greater-than.Fwhat4Signed less-than.Gwhat4Signed greater-than.Hwhat4Signed less-than-or-equal.Iwhat4Signed greater-than-or-equal.Jwhat40returns true if the given bitvector is non-zero.Kwhat4>Left shift. The shift amount is treated as an unsigned value.Lwhat4GLogical right shift. The shift amount is treated as an unsigned value.Mwhat4KArithmetic right shift. The shift amount is treated as an unsigned value.Nwhat4@Rotate left. The rotate amount is treated as an unsigned value.Owhat4ARotate right. The rotate amount is treated as an unsigned value.Pwhat4Zero-extend a bitvector.Qwhat4Sign-extend a bitvector.Rwhat4Truncate a bitvector.Swhat4Bitwise logical and.Twhat4Bitwise logical or.Uwhat4Bitwise logical exclusive or.Vwhat4Bitwise complement.Wwhat4bvSet sym v i p returns a bitvector v' where bit i of v' is set to p7, and the bits at the other indices are the same as in v.Xwhat4bvFill sym w p returns a bitvector w?-bits long where every bit is given by the boolean value of p.Ywhat4cReturn the bitvector of the desired width with all 0 bits; this is the minimum unsigned integer.Zwhat4eReturn the bitvector of the desired width with all bits set; this is the maximum unsigned integer.[what4Return the bitvector representing the largest 2's complement signed integer of the given width. This consists of all bits set except the MSB.\what4Return the bitvector representing the smallest 2's complement signed integer of the given width. This consists of all 0 bits except the MSB, which is set.]what4)Return the number of 1 bits in the input.^what4Return the number of consecutive 0 bits in the input, starting from the most significant bit position. If the input is zero, all bits are counted as leading._what4Return the number of consecutive 0 bits in the input, starting from the least significant bit position. If the input is zero, all bits are counted as leading.`what4Unsigned add with overflow bit.awhat4xSigned add with overflow bit. Overflow is true if positive + positive = negative, or if negative + negative = positive.bwhat4?Unsigned subtract with overflow bit. Overflow is true if x < y.cwhat4}Signed subtract with overflow bit. Overflow is true if positive - negative = negative, or if negative - positive = positive.dwhat4 Compute the carryless multiply of the two input bitvectors. This operation is essentially the same as a standard multiply, except that the partial addends are simply XOR'd together instead of using a standard adder. This operation is useful for computing on GF(2^n) polynomials.ewhat4unsignedWideMultiplyBV sym x y multiplies two unsigned w bit numbers x and y.%It returns a pair containing the top w+ bits as the first element, and the lower w bits as the second element.fwhat4>Compute the unsigned multiply of two values with overflow bit.gwhat4signedWideMultiplyBV sym x y multiplies two signed w bit numbers x and y.%It returns a pair containing the top w+ bits as the first element, and the lower w bits as the second element.hwhat4<Compute the signed multiply of two values with overflow bit.iwhat42Create a struct from an assignment of expressions.jwhat4.Get the value of a specific field in a struct.kwhat4Check if two structs are equal.lwhat4(Take the if-then-else of two structures.mwhat46Create an array where each element has the same value.nwhat44Create an array from an arbitrary symbolic function.eArrays created this way can typically not be compared for equality when provided to backend solvers.owhat4GCreate an array by mapping a function over one or more existing arrays.pwhat4'Update an array at a specific location.qwhat4Return element in array.rwhat49Create an array from a map of concrete indices to values.BThis is implemented, but designed to be overridden for efficiency.swhat4-Update an array at specific concrete indices.AThis is implemented, but designed to be overriden for efficiency.twhat4If-then-else applied to arrays.uwhat4$Return true if two arrays are equal.Note that in the backend, arrays do not have a fixed number of elements, so this equality requires that arrays are equal on all elements.vwhat41Return true if all entries in the array are true.wwhat4[Return true if the array has the value true at every index satisfying the given predicate.xwhat4'Convert a natural number to an integer.ywhat4$Convert an integer to a real number.zwhat47Convert the unsigned value of a bitvector to a natural.{what4?Return the unsigned value of the given bitvector as an integer.|what4=Return the signed value of the given bitvector as an integer.}what4Return 1 if the predicate is true; 0 otherwise.~what4*Convert a natural number to a real number.what4/Convert an unsigned bitvector to a real number.what4-Convert an signed bitvector to a real number.what4"Round a real number to an integer.Numbers are rounded to the nearest integer, with rounding away from zero when two integers are equi-distant (e.g., 1.5 rounds to 2).what4"Round a real number to an integer.Numbers are rounded to the neareset integer, with rounding toward even values when two integers are equi-distant (e.g., 2.5 rounds to 2).what4=Round down to the nearest integer that is at most this value.what4<Round up to the nearest integer that is at least this value.what4Round toward zero. This is floor(x) when x is positive and  celing(x) when x is negative.what4Convert an integer to a bitvector. The result is the unique bitvector whose value (signed or unsigned) is congruent to the input integer, modulo 2^w.3This operation has the following properties: * ,bvToInteger (integerToBv x w) == mod x (2^w) * "bvToInteger (integerToBV x w) == x when  0 <= x < 2^w. * CsbvToInteger (integerToBV x w) == mod (x + 2^(w-1)) (2^w) - 2^(w-1) * #sbvToInteger (integerToBV x w) == x when -2^(w-1) <= x < 2^(w-1) * "integerToBV (bvToInteger y) w == y when y is a  SymBV sym w * #integerToBV (sbvToInteger y) w == y when y is a  SymBV sym wwhat4'Convert an integer to a natural number./For negative integers, the result is undefined.what4$Convert a real number to an integer.OThe result is undefined if the given real number does not represent an integer.what4*Convert a real number to a natural number.UThe result is undefined if the given real number does not represent a natural number.what4/Convert a real number to an unsigned bitvector.Numbers are rounded to the nearest representable number, with rounding away from zero when two integers are equi-distant (e.g., 1.5 rounds to 2). When the real is negative the result is zero.what4,Convert a real number to a signed bitvector.Numbers are rounded to the nearest representable number, with rounding away from zero when two integers are equi-distant (e.g., 1.5 rounds to 2).what43Convert an integer to the nearest signed bitvector.8Numbers are rounded to the nearest representable number.what45Convert an integer to the nearest unsigned bitvector.8Numbers are rounded to the nearest representable number.what4Convert a signed bitvector to the nearest signed bitvector with the given width. If the resulting width is smaller, this clamps the value to min-int or max-int when necessary.what4jConvert an unsigned bitvector to the nearest unsigned bitvector with the given width (clamp on overflow).what4hConvert an signed bitvector to the nearest unsigned bitvector with the given width (clamp on overflow).what4hConvert an unsigned bitvector to the nearest signed bitvector with the given width (clamp on overflow).what4Create an empty string literalwhat4 Create a concrete string literalwhat4!Check the equality of two stringswhat4If-then-else on stringswhat4Concatenate two stringswhat4BTest if the first string contains the second string as a substringwhat49Test if the first string is a prefix of the second stringwhat49Test if the first string is a suffix of the second stringwhat4Return the first position at which the second string can be found as a substring in the first string, starting from the given index. If no such position exists, return a negative value.what4Compute the length of a stringwhat4stringSubstring s off len extracts the substring of s starting at index off and having length len0. The result of this operation is undefined if off and len( do not specify a valid substring of s; in particular, we must have off+len <= length(s).what4Return real number 0.what4Create a constant real literal.what4Make a real literal from a scientific value. May be overridden if we want to avoid the overhead of converting scientific value to rational.what4#Check equality of two real numbers.what4'Check non-equality of two real numbers.what4Check <= on two real numbers.what4Check < on two real numbers.what4Check >= on two real numbers.what4Check > on two real numbers.what4If-then-else on real numbers.what4Negate a real number.what4Add two real numbers.what4Multiply two real numbers.what4Subtract one real from another.what4 realSq sym x returns x * x.what4realDiv sym x y returns term equivalent to x/y.The result is undefined when y is zero.what4 realMod x y returns the value of x - y * floor(x / y) when y is not zero and x when y is zero.what4<Predicate that holds if the real number is an exact integer.what4(Return true if the real is non-negative.what4realSqrt sym x+ returns sqrt(x). Result is undefined if x is negative.what4realAtan2 sym y x returns the arctangent of y/x with a range of -pi to piZ; this corresponds to the angle between the positive x-axis and the line from the origin (x,y).When x is 0 this returns  pi/2 * sgn y.When x and y+ are both zero, this function is undefined.what4Return value denoting pi.what4Natural logarithm.  realLog x is undefined for x <= 0.what4Natural exponentiationwhat4Sine trig functionwhat4Cosine trig functionwhat4Tangent trig function.  realTan x is undefined when  cos x = 0, i.e., when x = pi/2 + k*pi for some integer k.what4Hyperbolic sinewhat4Hyperbolic cosinewhat4Hyperbolic tangentwhat4)Return absolute value of the real number.what4 realHypot x y returns sqrt(x^2 + y^2).what4Return floating point number +0.what4Return floating point number -0.what4Return floating point NaN.what4Return floating point  +infinity.what4Return floating point  -infinity.what48Create a floating point literal from a rational literal.what4Negate a floating point number.what45Return the absolute value of a floating point number.what43Compute the square root of a floating point number.what4Add two floating point numbers.what4$Subtract two floating point numbers.what4$Multiply two floating point numbers.what4"Divide two floating point numbers.what4Compute the reminder:  x - y * n, where n in Z is nearest to x / y.what4-Return the min of two floating point numbers.what4-Return the max of two floating point numbers.what4/Compute the fused multiplication and addition:  (x * y) + z.what45Check logical equality of two floating point numbers.NOTE! This does NOT accurately represent the equality test on floating point values typically found in programming languages. See  instead.what49Check logical non-equality of two floating point numbers.NOTE! This does NOT accurately represent the non-equality test on floating point values typically found in programming languages. See  instead.what46Check IEEE-754 equality of two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaNy is not equal to itself! Moreover, positive and negative 0 will compare equal, despite having different bit patterns.This test is most appropriate for interpreting the equality tests of typical languages using floating point. Moreover, not-equal tests are usually the negation of this test, rather than the  test below.what4:Check IEEE-754 non-equality of two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaN is not distinct from any other value! Moreover, positive and negative 0 will not compare distinct, despite having different bit patterns.This test usually does NOT correspond to the not-equal tests found in programming languages. Instead, one generally takes the logical negation of the  test.what4Check IEEE-754 <= on two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaN is not less-than-or-equal-to any other value! Moreover, positive and negative 0 are considered equal, despite having different bit patterns.what4Check IEEE-754 < on two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaN is not less-than any other value! Moreover, positive and negative 0 are considered equal, despite having different bit patterns.what4Check IEEE-754 >= on two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaN is not greater-than-or-equal-to any other value! Moreover, positive and negative 0 are considered equal, despite having different bit patterns.what4Check IEEE-754 > on two floating point numbers.1NOTE! This test returns false if either value is NaN; in particular NaN is not greater-than any other value! Moreover, positive and negative 0 are considered equal, despite having different bit patterns.what4&Test if a floating-point value is NaN.what4BTest if a floating-point value is (positive or negative) infinity.what4=Test if a floaint-point value is (positive or negative) zero.what4eTest if a floaint-point value is positive. NOTE! NaN is considered neither positive nor negative.what4eTest if a floaint-point value is negative. NOTE! NaN is considered neither positive nor negative.what4+Test if a floaint-point value is subnormal.what4(Test if a floaint-point value is normal.what4'If-then-else on floating point numbers.what40Change the precision of a floating point number.what43Round a floating point number to an integral value.what4PConvert from binary representation in IEEE 754-2008 format to floating point.what4YConvert from floating point from to the binary representation in IEEE 754-2008 format.NOTE! NaNN has multiple representations, i.e. all bit patterns where the exponent is 0b1..1 and the significant is not 0b0..0C. This functions returns the representation of positive "quiet" NaN,, i.e. the bit pattern where the sign is 0b0, the exponent is 0b1..1, and the significant is 0b10..0.what48Convert a unsigned bitvector to a floating point number.what46Convert a signed bitvector to a floating point number.what41Convert a real number to a floating point number.what48Convert a floating point number to a unsigned bitvector.what46Convert a floating point number to a signed bitvector.what41Convert a floating point number to a real number.what4,Create a complex from cartesian coordinates.what4 getRealPart x returns the real part of x.what4 getImagPart x returns the imaginary part of x.what4:Convert a complex number into the real and imaginary part.what4"Create a constant complex literal.what4#Create a complex from a real value.what4If-then-else on complex values.what4Negate a complex number.what4!Add two complex numbers together.what4)Subtract one complex number from another.what4&Multiply two complex numbers together.what4*Compute the magnitude of a complex number.what45Return the principal square root of a complex number.what4!Compute sine of a complex number.what4#Compute cosine of a complex number.what4&Compute tangent of a complex number.  cplxTan x is undefined when  cplxCos x is 0H, which occurs only along the real line in the same conditions where  realCos x is 0.what4 hypotCplx x y returns sqrt(abs(x)^2 + abs(y)^2).what4 roundCplx x rounds complex number to nearest integer. Numbers with a fractional part of 0.5 are rounded away from 0. Imaginary and real parts are rounded independently.what4 cplxFloor xh rounds to nearest integer less than or equal to x. Imaginary and real parts are rounded independently.what4 cplxCeil xk rounds to nearest integer greater than or equal to x. Imaginary and real parts are rounded independently.what4 conjReal x, returns the complex conjugate of the input.what4(Returns exponential of a complex number.what4&Check equality of two complex numbers.what4*Check non-equality of two complex numbers.what4LThis datatype describes events that involve interacting with solvers. A  SolverEvent1 will be provided to the action installed via setSolverLogListener) whenever an interesting event occurs. what4This class provides operations for recognizing when symbolic expressions represent concrete values, extracting the type from an expression, and for providing pretty-printed representations of an expression. what4"Evaluate if predicate is constant. what40Return nat if this is a constant natural number. what46Return any bounding information we have about the termwhat4-Return integer if this is a constant integer.what46Return any bounding information we have about the termwhat4,Return rational if this is a constant value.what46Return any bounding information we have about the termwhat4+Return complex if this is a constant value.what43Return a bitvector if this is a constant bitvector.what4aIf we have bounds information about the term, return unsigned upper and lower bounds as integerswhat4_If we have bounds information about the term, return signed upper and lower bounds as integerswhat44Return the string value if this is a constant stringwhat4VReturn the unique element value if this is a constant array, such as one made with m.what46Return the struct fields if this is a concrete struct.what4Get type of expression.what4Get the width of a bitvectorwhat49Print a sym expression for debugging or display purposes.what4DType used to uniquely identify expressions that have been annotated.what46Type of bound variable associated with symbolic state.+This type is used by some methods in class . what4The class for expressions.!what4Symbolic strings."what4Symbolic bitvectors.#what4Symbolic arrays.$what4Symbolic structures.%what4Symbolic complex numbers.&what4 Symbolic floating point numbers.'what4Symbolic real numbers.(what4Symbolic integers.)what4Symbolic natural numbers.+what4%Perform an ite on a predicate lazily.,what4Join a Vector of smaller bitvectors.-what4Split a bitvector to a Vector of smaller bitvectors..what4"Implement LLVM's "bswap" intrinsicSee < 8https://llvm.org/docs/LangRef.html#llvm-bswap-intrinsics the LLVM bswap documentation.>&This is the implementation in SawCore: llvmBSwap :: (n :: Nat) -> bitvector (mulNat n 8) -> bitvector (mulNat n 8); llvmBSwap n x = join n 8 Bool (reverse n (bitvector 8) (split n 8 Bool x));/what4*Swap the order of the bits in a bitvector.0what4Create a literal from an .3what4?This returns true if the value corresponds to a concrete value.5what4)Return predicate equivalent to a Boolean.6what4Create a value from a rational.7what4Create a value from an integer.8what4/Return 1 if the predicate is true; 0 otherwise. what4SExtract the value of a rational expression; fail if the value is not a constant.9what4Extract the value of a complex expression, which is assumed to be a constant real number. Fail if the number has nonzero imaginary component, or if it is not a constant.:what4:Return a complex value as a constant integer if it exists.;what40Return value as a constant integer if it exists.<what40Return value as a constant integer if it exists.=what44Compute the conjunction of a sequence of predicates.>what44Compute the disjunction of a sequence of predicates.?what41Return predicate that holds if value is non-zero.@what4@Return predicate that holds if imaginary part of number is zero.Awhat4Divide one number by another. cplxDiv x y is undefined when y is 0. what4>Helper function that returns the principal logarithm of input.Bwhat43Returns the principal logarithm of the input value. cplxLog x is undefined when x is 0>, and has a cut discontinuity along the negative real line.Cwhat4+Returns logarithm of input at a given base.cplxLogBase b x is undefined when x is 0.Dwhat4BReturn a concrete representation of a value, if it is concrete.Ewhat46Create a literal symbolic value from a concrete value.Fwhat4SThis function is used for selecting a value from among potential values in a range.muxRange p ite f l hB returns an expression denoting the value obtained from the value f i where i$ is the smallest value in the range [l..h] such that p i is true. If p i8 is true for no such value, then this returns the value f h. what4Symbolic interfacewhat40The name to give a function (need not be unique)what41Bound variables to use as arguments for function.what4.Operation defining result of defined function.what4$Policy for unfolding on applicationswhat4Symbolic interfacewhat40The name to give a function (need not be unique)what4 Type signature for the argumentswhat4$Policy for unfolding on applicationswhat4.Operation defining result of defined function.what4Symbolic interfacewhat40The name to give a function (need not be unique)what4'Types of arguments expected by functionwhat4Return type of functionwhat4Symbolic interfacewhat4Function to callwhat4Arguments to function3what4most significant bitswhat4least significant bits4what4/Starting index, from 0 as least significant bitwhat4Number of bits to takewhat4Bitvector to select from=what4-Index of bit (0 is the least significant bit)Kwhat4 Shift this what4Amount to shift by Lwhat4 Shift this what4Amount to shift by Mwhat4 Shift this what4Amount to shift by Nwhat4bitvector to rotate what4amount to rotate by Owhat4bitvector to rotate what4amount to rotate by Wwhat4Symbolic interfacewhat4Bitvector to updatewhat40-based index to setwhat4Predicate to set.Xwhat4symbolic interface what4output bitvector width what4%predicate to fill the bitvector with mwhat4 Index typewhat4Constantrwhat4Types for indiceswhat4Value for known indices.what4Value for other entries.swhat4Value for known indices.what4Value for existing array.wwhat41Predicate that indicates if array should be true..what4Symbolic interfacewhat4Bitvector to swap aroundCwhat4Base for the logarithm Fwhat4Returns predicate that holds if we have found the value we are looking for. It is assumed that the predicate must hold for a unique integer in the range.what4 Ite function what4Function for concrete values what4Lower bound (inclusive) what4Upper bound (inclusive)                            ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQ{|2X?5678@J]^_KLMNO     "+ku!*lt #$%&'(),-./01349:;<=>FABCDEGHIPQRSTUVWYZ[\`abcdefghijmnopqrsvwxyz}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFG{     2{|2X?5678@J]^_KLMNO     "+ku!*lt #$%&'(),-./01349:;<=>FABCDEGHIPQRSTUVWYZ[\`abcdefghijmnopqrsvwxyz}~,-./G*)('&!%$"#0 DE34<;9:5=>+18ABC67?@F)"Dynamically-sized bitvector valuesGalois, Inc. 2018-2020BSD3rdockins@galois.com experimental"non-portable (language extensions)None&',-.456=>?@AHSUVX\_hk"0 what4/type of binary operation that returns a boolean what41type of binary operation that returns a bitvector what4%Type of unary operation on bitvectorsVwhat4EA What4 symbolic bitvector where the size does not appear in the typeYwhat47Return the signed value if this is a constant bitvectorZwhat49Return the unsigned value if this is a constant bitvector]what4VConvert an integer to an unsigned bitvector. The input value is reduced modulo 2^w.^what4/Interpret the bit-vector as an unsigned integer_what4,Interpret the bit-vector as a signed integer`what4Get the width of a bitvectorawhat41Create a bitvector with the given width and valuedwhat4Returns true if the corresponding bit in the bitvector is set. NOTE bits are numbered in big-endian ordering, meaning the most-significant bit is bit 0ewhat4Returns true if the corresponding bit in the bitvector is set. NOTE bits are numbered in little-endian ordering, meaning the least-significant bit is bit 0fwhat4Set the numbered bit in the given bitvector to the given bit value. NOTE bits are numbered in big-endian ordering, meaning the most-significant bit is bit 0gwhat4Set the numbered bit in the given bitvector to the given bit value. NOTE bits are numbered in big-endian ordering, meaning the most-significant bit is bit 0hwhat4Concatenate two bitvectors.iwhat4Select a subsequence from a bitvector, with bits numbered in Big Endian order (most significant bit is 0). This fails if idx + n is >= wjwhat4Select a subsequence from a bitvector, with bits numbered in Little Endian order (least significant bit is 0). This fails if idx + n is >= w what4,Ceiling (log_2 x) adapted from saw-core-sbvsrcVerifierSAWSimulator/SBV.hskwhat4#If-then-else applied to bitvectors.lwhat4aExplode a bitvector into a vector of booleans in Big Endian order (most significant bit first)mwhat4eExplode a bitvector into a vector of booleans in Little Endian order (least significant bit first)nwhat4tconvert a vector of booleans to a bitvector. The input are used in Big Endian order (most significant bit first)owhat4yconvert a vector of booleans to a bitvector. The inputs are used in Little Endian order (least significant bit first) what4IConvert a unary operation on length indexed bvs to a unary operation on V what40convert binary operations that return bitvectors what45convert binary operations that return booleans (Pred)pwhat4Bitwise complementqwhat4Bitwise logical and.rwhat4Bitwise logical or.swhat4Bitwise logical exclusive or.twhat42's complement negation.uwhat4Add two bitvectors.vwhat4$Subtract one bitvector from another.wwhat4"Multiply one bitvector by another.|what4Unsigned bitvector division.The result is undefined when y' is zero, but is otherwise equal to floor( x / y ).}what4Unsigned bitvector remainder.The result is undefined when y' is zero, but is otherwise equal to x - (bvUdiv x y) * y.~what4<Signed bitvector division. The result is truncated to zero.The result of  bvSdiv x y is undefined when y is zero, but is equal to  floor(x/y) when x and y% have the same sign, and equal to  ceiling(x/y) when x and y have opposite signs.9NOTE! However, that there is a corner case when dividing MIN_INT by -1K, in which case an overflow condition occurs, and the result is instead MIN_INT.what4Signed bitvector remainder.The result of  bvSrem x y is undefined when y' is zero, but is otherwise equal to x - (bvSdiv x y) * y.what4$Return true if bitvectors are equal.what4Signed less-than-or-equal.what4Signed less-than.what4Unsigned less-than-or-equal.what4Unsigned less-than.what4Signed greater-than-or-equal.what4Signed greater-than.what4Unsigned greater-than-or-equal.what4Unsigned greater-than.dwhat4-Index of bit (0 is the most significant bit) ewhat4-Index of bit (0 is the most significant bit) fwhat4-Index of bit (0 is the most significant bit) gwhat4-Index of bit (0 is the most significant bit) hwhat4most significant bitswhat4least significant bitsiwhat4.Starting index, from 0 as most significant bitwhat4$Number of bits to take (must be > 0)jwhat4.Starting index, from 0 as most significant bitwhat4$Number of bits to take (must be > 0) what4%answer to give on 0-width bitvectors :VWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~:VWXYZ]^_b`acdefgijhknolm{[\pqrstuvw|}~xyz* Representation of partial values(c) Galois, Inc 2014-2020BSD3&Langston Barrett <langston@galois.com>None&'-.124567>HSUVX\_gk what4@A partial value represents a value that may or may not be valid.The t field represents a predicate (optionally with additional provenance information) embodying the value's partiality.what4/Either a partial value, or a straight-up error. what4 Create a 0 expression from a value that is always defined.what4pA monad transformer which enables symbolic partial computations to run by maintaining a predicate on the value.what4A  is a K that provides no information about what went wrong. Its name is historic.what4=Create a part expression from a value that is always defined.what4,Create a part expression from a maybe value.what4 = BC .what4$If-then-else on partial expressions.what4fMerge a collection of partial values in an if-then-else tree. For example, if we merge a list like [(xp,x),(yp,y),(zp,z)]6, we get a value that is morally equivalent to: Cif xp then x else (if yp then y else (if zp then z else undefined)).what4Run a partial computation.what4AEnd the partial computation and just return the unassigned value.what4Lift a   value to a partial expression.what4Return a partial expression.[This joins the partial expression with the current constraints on the current computation.what4:Add an extra condition to the current partial computation.what4'Operation to combine inner values. The *3 parameter is the if-then-else condition. what4condition to merge on what4'if' value what4'then' value what40Operation to combine inner values. The *) parameter is the if-then-else condition.what4values to merge what4Solver interfacewhat4Initial conditionwhat4Computation to run.+/Predicates with some metadata (a tag or label).(c) Galois, Inc 2019-2020BSD3&Langston Barrett <langston@galois.com> provisionalNone247SX\what48Information about an assertion that was previously made.what4Predicate that was asserted.what41Message added when assumption/assertion was made.what4Predicate that was asserted.what41Message added when assumption/assertion was made.what4TPartition datastructures containing predicates by their possibly concrete values.KThe output format is (constantly true, constantly false, unknown/symbolic).what4TPartition datastructures containing predicates by their possibly concrete values.KThe output format is (constantly true, constantly false, unknown/symbolic).what4?Partition labeled predicates by their possibly concrete values.KThe output format is (constantly true, constantly false, unknown/symbolic).what4'avoid "ambiguous type variable" errors what4'avoid "ambiguous type variable" errors what4'avoid "ambiguous type variable" errors  ,None&'.=?@AHUV\_*2what4AA family of value-level representatives for floating-point types.what4This data kind describes the types of floating-point formats. This consist of the standard IEEE 754-2008 binary floating point formats, as well as the X86 extended 80-bit format and the double-double format.what4UHelper interface for creating new symbolic floating-point constants and variables.what4?Create a fresh top-level floating-point uninterpreted constant.what4-Create a fresh floating-point latch variable.what4(Creates a floating-point bound variable.what4"Abstact floating point operations.what4Return floating point number +0.what4Return floating point number -0.what4Return floating point NaN. what4Return floating point  +infinity. what4Return floating point  -infinity. what48Create a floating point literal from a rational literal. what43Create a (single precision) floating point literal. what43Create a (double precision) floating point literal.what4=Create an (extended double precision) floating point literal.what4Negate a floating point number.what45Return the absolute value of a floating point number.what43Compute the square root of a floating point number.what4Add two floating point numbers.what4$Subtract two floating point numbers.what4$Multiply two floating point numbers.what4"Divide two floating point numbers.what4Compute the reminder:  x - y * n, where n in Z is nearest to x / y.what4-Return the min of two floating point numbers.what4-Return the max of two floating point numbers.what4/Compute the fused multiplication and addition:  (x * y) + z.what45Check logical equality of two floating point numbers.what49Check logical non-equality of two floating point numbers.what42Check IEEE equality of two floating point numbers.what46Check IEEE non-equality of two floating point numbers.what4Check <= on two floating point numbers.what4Check < on two floating point numbers. what4Check >= on two floating point numbers.!what4Check > on two floating point numbers.)what4'If-then-else on floating point numbers.*what40Change the precision of a floating point number.+what43Round a floating point number to an integral value.,what4PConvert from binary representation in IEEE 754-2008 format to floating point.-what4YConvert from floating point from to the binary representation in IEEE 754-2008 format..what48Convert a unsigned bitvector to a floating point number./what46Convert a signed bitvector to a floating point number.0what41Convert a real number to a floating point number.1what48Convert a floating point number to a unsigned bitvector.2what46Convert a floating point number to a signed bitvector.3what41Convert a floating point number to a real number.4what4]The associated BaseType representative of the floating point interpretation for each format.5what4 Symbolic floating point numbers.6what4*Interpretation of the floating point type.7what4ZRepresentation of 80-bit floating values, since there's no native Haskell type for these.what45Two 64-bit floats fused in the "double-double" style.what4X86 80-bit extended floats.what4128 bit binary IEEE754.what464 bit binary IEEE754.what432 bit binary IEEE754.what416 bit binary IEEE754.N      !"#$%&'()*+,-./0123456789:;<=>?@N78?@;:<=9>65      !"#$%&'()*+,-./01234-"A "unary" bitvector representation(c) Galois, Inc 2015-2020BSD3!Joe Hendrix <jhendrix@galois.com>None &'.>HSUVX\5 Kwhat4FA unary bitvector encoding where the map contains predicates such as u^.unaryBVMap^.at i$ holds iff the value represented by u is less than or equal to i. The map stored in the representation should always have a single element, and the largest integer stored in the map should be associated with a predicate representing "true". This means that if the map contains only a single binding, then it represents a constant. what4 splitLeq k m returns a pair (l,h) where l= contains all the bindings with a key less than or equal to k, and h contains the ones greater than k. what4FSplit a map into a lower bound, midpoint, and upperbound if non-empty. what4IThis function eliminates entries where the predicate has the same value.Mwhat49Returns the number of distinct values that this could be.Owhat4.Create a unary bitvector term from a constant.Pwhat4.Create a unary bitvector term from a constant.Qwhat4unsignedRanges vK returns a set of predicates and ranges where we know that for each entry (p,l,h) and each value i : l <= i & i <= h: p iff. v <= iSwhat4FEvaluate a unary bitvector as an integer given an evaluation function.Twhat48Evaluate a unary bitvector given an evaluation function.This function is used to convert a unary bitvector into some other representation such as a binary bitvector or vector of bits.'It is polymorphic over the result type r:, and requires functions for manipulating values of type r to construct it.Uwhat4SThis function instantiates the predicates in a unary predicate with new predicates. The mapping f1 should be monotonic, that is for all predicates p and 'q, such that 'p |- q', f1 should satisfy the constraint that 'f p |- f q'.Vwhat4,Return potential values for abstract domain. what4UThis merges two maps used for a unary bitvector int a single map that combines them./'mergeWithKey sym cfn x y' should return a map z such that for all constants c$, 'z = c' iff 'cfn (x = c) (y = c)'.Wwhat4 mux sym c x y returns value equal to if c then x else y8. The number of entries in the return value is at most size x + size y.Xwhat44Return predicate that holds if bitvectors are equal. what4compareLt sym x y* returns predicate that holds if for any k, x < k & not (y <= k).Ywhat4>Return predicate that holds if first value is less than other.Zwhat4>Return predicate that holds if first value is less than other.[what4Add two bitvectors.lThe number of integers in the result will be at most the product of the sizes of the individual bitvectors.\what4SNegate a bitvector. The size of the result will be equal to the size of the input.]what4Perform a unsigned extension^what4Perform a signed extension_what4Perform a struncation.Twhat4AFunction for mapping an integer to its bitvector representation.what4Function for performing an ite expression on r.what4Unary bitvector to evaluate. what4Map to merge intowhat4&Monotonic function to update keys withwhat4Function on predicate.KLMNOPQRSTUVWXYZ[\]^_KLMNOPRQSTUV[\WXZY]^_./Datastructure for sequences of appended strings(c) Galois Inc, 2019-2020BSD3rdockins@galois.comNone &'.@AHSX\9 what4Annotation value for string sequences. First value is the XOR hash of the sequence Second value is the string abstract domain. bcdefghij bcdefghij/8Low-level support for MATLAB-style arithmetic operations(c) Galois, Inc, 2016-2020BSD3!Joe Hendrix <jhendrix@galois.com>None&'.>HSUVX\P rwhat4BBuiltin functions that can be used to generate symbolic functions.^These functions are expected to be total, but the value returned may not be specified. e.g. zu must return some natural number for every integer, but for negative integers, the particular number is unspecified.what43Compute the clamped negation of a signed bitvector.The only difference between this operation and the usual 2's complement negation function is the handling of MIN_INT. The usual 2's complement negation sends MIN_INT to MIN_INT; however, the clamped version instead sends MIN_INT to MAX_INT.what49Compute the clamped absolute value of a signed bitvector.The only difference between this operation and the usual 2's complement operation is the handling of MIN_INT. The usual 2's complement absolute value function sends MIN_INT to MIN_INT; however, the clamped version instead sends MIN_INT to MAX_INT.what4\This class is provides functions needed to implement the symbolic array intrinsic functionswhat43Create a Matlab solver function from its prototype. what4-Utilities to make a pair with the same value.what4Get arg tpyes of solver fn.what4Get return type of solver fn.what4Test r values for equality.Grstuvwxyz{|}~Grstuvwxyz{|}~D(c) Galois Inc, 2015-2020BSD3jhendrix@galois.comNone!%&'-.7=>?@AHPSUVX\_`fgkwhat4Type  e tp) encodes the top-level application of an Exprb expression. It includes first-order expression forms that do not bind variables (contrast with 5). Parameter eF is used everywhere a recursive sub-expression would go. Uses of the ; type will tie the knot through this parameter. Parameter tp& indicates the type of the expression.+what4AThis represents a symbolic function in the simulator. Parameter t: is a phantom type brand used to track nonces. Parameter e> is used everywhere a recursive sub-expression would go. The args and retO parameters define the types of arguments and the return type of the function.Type + t (Expr t) instantiates the type family  ( ExprBuilder t st).1what4NThis describes information about an undefined or defined function. Parameter t: is a phantom type brand used to track nonces. Parameter e> is used everywhere a recursive sub-expression would go. The args and retO parameters define the types of arguments and the return type of the function.2what4QInformation about the argument type and return type of an uninterpreted function.3what4Information about a defined function. Includes bound variables and an expression associated to a defined function, as well as a policy for when to unfold the body.4what4This is a function that corresponds to a matlab solver function. It includes the definition as a ExprBuilder expr to enable export to other solvers.5what4Type NonceApp t e tp* encodes the top-level application of an ExprC. It includes expression forms that bind variables (contrast with ). Parameter t: is a phantom type brand used to track nonces. Parameter eF is used everywhere a recursive sub-expression would go. Uses of the 5; type will tie the knot through this parameter. Parameter tp& indicates the type of the expression.=what4.Information about bound variables. Parameter t. is a phantom type brand used to track nonces.Type = t instantiates the type family  ( ExprBuilder t st).,Selector functions are provided to destruct =P values, but the constructor is kept hidden. The preferred way to construct a = is to use .Dwhat4The Kind of a bound variable.Ewhat4%A variable appearing in a quantifier.Fwhat4&A variable appearing as a latch input.Gwhat40A variable appearing in a uninterpreted constant what48Return solver function associated with ExprSymFn if any. what4'Return an unconstrained abstract value. what42Return abstract domain associated with a nonce app what4+Used to implement foldMapFc from traversal. what4!Either a argument or text or text what45Pretty print a code to identify the type of constant. what4$Check if two applications are equal. what4Hash an an application. what4Return truel if an app represents a non-linear operation. Controls whether the non-linear counter ticks upward in the .)('&%$#"!      * +,0/.-14325<;:9867= CAB@?>DGFEHI JKL MNOPQ R S 07Main definitions of the What4 expression representation(c) Galois Inc, 2015-2020BSD3jhendrix@galois.comNone%&'-.7=>?@AHPSUVX\_`fgkP what4vThis decomposes A ExprBuilder array expression into a set of indices that have been updated, and an underlying index. what4+Data structure used for caching evaluation. what4rThe CachedSymFn is used during evaluation to store the results of reducing the definitions of symbolic functions.0For each function it stores a pair containing a  p that is true if the function changed as a result of evaluating it, and the reduced function after evaluation.JThe second arguments contains the arguments with the return type appended.Twhat41An IdxCache is used to map expressions with type  Expr t tp& to values with a corresponding type f tp . It is a mutable map using an   hash table. Parameter t/ is a phantom type brand used to track nonces. what4PContains the elements before, the index, doc, and width and the elements after. what4A fixed doc with length. what4A doc that can be let bound. what4 AppPPExpr6 represents a an application, and it may be let bound. what4.Length of AppPPExpr not including parenthesis. what4_ExprAllocator provides an interface for creating expressions from an applications. Parameter t. is a phantom type brand used to track nonces.Uwhat4(Cache for storing dag terms. Parameter t. is a phantom type brand used to track nonces. what4Constant zero. what4.Configuration object for this symbolic backend what4Flag used to tell the backend whether to evaluate ground rational values as double precision floats when a function cannot be evaluated as a rational.Vwhat4XThe maximum number of distinct values a term may have and use the unary representation.Wwhat4?The maximum number of distinct ranges in a BVDomain expression.Xwhat4+The starting size when building a new cacheYwhat4FCounter to generate new unique identifiers for elements and functions. what4/Reference to current allocator for expressions. what4Number of times an o. for a non-linear operation has been created. what4The current program locationZwhat40Additional state maintained by the state manager what4Cache for Matlab functions what4^Flag dictating how floating-point values/operations are translated when passed to the solver.cwhat4>Mode flag for how floating-point values should be interpreted.dwhat4HThis describes what a given SolverSymbol is associated with. Parameter t. is a phantom type brand used to track nonces.ewhat4Solvergwhat4YA bijective map between vars and their canonical name for printing purposes. Parameter t. is a phantom type brand used to track nonces. what4DThis privides a view of a semiring expr as a weighted sum of values.owhat4@The main ExprBuilder expression datastructure. The non-trivial Expr values constructed by this module are uniquely identified by a nonce value that is used to explicitly represent sub-term sharing. When traversing the structure of an Expr it is usually very important to memoize computations based on the values of these identifiers to avoid exponential blowups due to shared term structure.Type parameter t^ is a phantom type brand used to relate nonces to a specific nonce generator (similar to the s parameter of the ST monad). The type index tp of kind HC indicates the type of the values denoted by the given expression.Type o t instantiates the type family   (U t st).vwhat4This type represents o values that were built from an . Parameter t. is a phantom type brand used to track nonces.,Selector functions are provided to destruct vQ values, but the constructor is kept hidden. The preferred way to construct an o from an  is to use .zwhat4This type represents o values that were built from a 5. Parameter t. is a phantom type brand used to track nonces.,Selector functions are provided to destruct zQ values, but the constructor is kept hidden. The preferred way to construct an o from a 5 is to use .~what4Destructor for the v constructor.what4Destructor for the z constructor.what4Empty symbol var bimap what4+Get abstract value associated with element. what4Pretty print a AppPPExpr what4$Get length of Expr including parens. what4Pretty print PPExprwhat4Pretty print an o' using let bindings to create the term.what4(Pretty print the top part of an element. what43Create a new storage that does not do hash consing. what4(Create a storage that does hash consing.what4Create a new IdxCachewhat45Return the value associated to the expr in the index.what4.Bind the value to the given expr in the index.what4 Remove a value from the IdxCachewhat4#Remove all values from the IdxCachewhat4Implements a cached evaluated using the given element. Given an element this function returns the value of the element if bound, and otherwise calls the evaluation function, stores the result in the cache, and returns the value.what4Implements a cached evaluated using the given element. Given an element this function returns the value of the element if bound, and otherwise calls the evaluation function, stores the result in the cache, and returns the value.what4#Create an element from a nonce app. what44Update the binding to point to the current variable. what4Creates a new bound var. what4Create fresh indexwhat45Maximum number of values in unary bitvector encoding..This option is named "backend.unary_threshold" what4^The configuration option for setting the maximum number of values a unary threshold may have.what47Maximum number of ranges in bitvector abstract domains.3This option is named "backend.bvdomain_range_limit"what48Starting size for element cache when caching is enabled./This option is named "backend.cache_start_size" what4]The configuration option for setting the size of the initial hash set used by simple builderwhat4yIndicates if we should cache terms. When enabled, hash-consing is used to find and deduplicate common subexpressions. This option is named "use_cache"what4Get current variable bindings.what4%Stop caching applications in backend.what4RRestart caching applications in backend (clears cache if it is currently caching). what4=This evaluate a symbolic function against a set of arguments. what4This runs one action, and if it returns a value different from the input, then it runs the second. Otherwise it returns the result value passed in.lIt is used when an action may modify a value, and we only want to run a second action if the value changed. what4`This adds a binding from the variable to itself in the hashtable to ensure it can't be rebound. what4Evaluate a simple function.OThis returns whether the function changed as a Boolean and the function itself.what4WThis evaluates the term with the given bound variables rebound to the given arguments.;The algorithm works by traversing the subterms in the term in a bottom-up fashion while using a hash-table to memoize results for shared subterms. The hash-table is pre-populated so that the bound variables map to the element, so we do not need any extra map lookup when checking to see if a variable is bound.NOTE: This function assumes that variables in the substitution are not themselves bound in the term (e.g. in a function definition or quantifier). If this is not respected, then  will call   with an error message. what45This attempts to lookup an entry in a symbolic array.*It patterns maps on the array constructor.what41Evaluate a weighted sum of natural number values.what4*Evaluate a weighted sum of integer values.what4'Evaluate a weighted sum of real values. what4HThis create a unary bitvector representing if the size is not too large. what4 Construct an   for an element. what4 Construct an   for an element. what4MReturn set of addresss in assignment that are written to by at least one expr what4TExamine the list of terms, and determine if any one of them appears in the given BoolMap with the same polarity. what4If tryAndAbsorption x y returns True, that means that y implies x, so that the conjunction  x AND y = y. A False result gives no information. what4If tryOrAbsorption x y returns True, that means that x implies y, so that the disjunction  x OR y = y. A False result gives no information. what4JA slightly more aggressive syntactic equality check than testEquality,  A will recurse through a small collection of known syntax formers.what4KFloat interpretation mode (i.e., how are floats translated for the solver).what4!Current state for simple builder.what4Nonce generator for names what4First action to runwhat4Result if no change.what4Second action to run what4"Simple builder for creating terms.what4Array to lookup value in.what4TA concrete index that corresponds to the index or nothing if the index is symbolic.what4The index to lookup. what4#recursive call for simplifications what4#recursive call for simplifications NOPQ        !"#$%&'()*+,-./0123457689:;<=CBA@?>DEFGHIJKLMNOPQRSTUYZWXV[\]^_`abcdefghijklmnoqrstpuvyxwz}|{~UVXWZYoqrstpu~NOPQvwxyz{|}nmkjlih      !"#$%&'()SQ57689:;<P=>?@ABCDEFGR+,-./01234HIgdefTc[\]^ba`_*NLKMOJ  1?Simplification procedure for distributing operations through ifthenelse(c) Galois, Inc 2016-2020BSD3!Joe Hendrix <jhendrix@galois.com>None %&'->HX\k what47Simplify a Boolean expression by distributing over ite. what4GRecord an element occurs, and return condition indicating if it is new.what4fReturn a map from nonce indices to the number of times an elt with that nonce appears in the subterm.2?Computing ground values for expressions from solver assignments(c) Galois, Inc 2016-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNone-.HSUVX\_;* what4)A representation of a ground-value array.what4%Lookup function for querying by indexwhat42Default value and finite map of particular indiceswhat49A newtype wrapper around ground value for use in a cache.what4Function that calculates upper and lower bounds for real-valued elements. This type is used for solvers (e.g., dReal) that give only approximate solutions.what4\A function that calculates ground values for elements. Clients of solvers should use the  groundEval, function for computing values in models.what4$Look up an index in an ground array. what4-Convert a real standardmodel val to a double.what40Construct a default value for a given base type.what4Helper function for evaluating Expr expressions in a model.@This function is intended for implementers of symbolic backends.what4kEvaluate an element, when given an evaluation function for subelements. Instead of recursing directly, e calls into the given function on sub-elements to allow the caller to cache results if desired.zHowever, sometimes we are unable to compute expressions outside the solver. In these cases, this function will return  v in the `MaybeT IO` monad. In these cases, the caller should instead query the solver directly to evaluate the expression, if possible.what4Helper function for evaluating NonceApp expressions.@This function is intended for implementers of symbolic backends.what4Helper function for evaluating App expressions.@This function is intended for implementers of symbolic backends.3yDefines the low-level interface between a particular solver and the SimpleBuilder family of backends.(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNoneSX\_U^ what4A collection of operations for producing output from solvers. Solvers can produce messages at varying verbosity levels that might be appropriate for user output by using the  operation. If a c is provided, the entire interaction sequence with the solver will be mirrored into that handle.what4&takes a verbosity and a message to logwhat4+the default verbosity; typical default is 2what4'the reason for performing the operationwhat40handle on which to mirror solver input/responseswhat4The main interface for interacting with a solver in an "offline" fashion, which means that a new solver process is started for each query.what45Configuration options relevant to this solver adapterwhat4Operation to check the satisfiability of a formula. The final argument is a callback that calculates the ultimate result from a SatResult and operations for finding model values in the event of a SAT result. Note: the evaluation functions may cease to be avaliable after the callback completes, so any necessary information should be extracted from them before returning.what4Write an SMTLib2 problem instance onto the given handle, incorporating any solver-specific tweaks appropriate to this solverwhat41Default featues to use for writing SMTLIB2 files.what4rTest the ability to interact with a solver by peforming a check-sat query on a trivially unsatisfiable problem.4MInfrastructure for rendering What4 expressions in the language of SMT solvers(c) Galois, Inc 2014-2020.BSD3!Joe Hendrix <jhendrix@galois.com>None&'-.>@AHSUVX\_k Ciwhat48Used when we need two way communication with the solver.what43Get functions for parsing values out of the solver.what4.Parse a set result from the solver's response.what4yParse a list of names of assumptions that form an unsatisfiable core. These correspond to previously-named assertions.what4Parse a list of names of assumptions that form an unsatisfiable core. The boolean indicates the polarity of the atom: true for an ordinary atom, false for a negated atom.what4^Given a SMT term for a Boolean value, this should whether the term is assigned true or false.what4Given a bitwidth, and a SMT term for a bitvector with that bitwidth, this should return an unsigned integer with the value of that bitvector.what4TGiven a SMT term for real value, this should return a rational value for that term. what4Given floating point format, and an SMT term for a floating-point value in that format, this returns an unsigned integer with the bits of the IEEE-754 representation. what4If  O, a function to read arrays whose domain and codomain are both bitvectors. If  vS, signifies that we should fall back to index-selection representation of arrays. what4VGiven a SMT term representing as sequence of bytes, return the value as a bytestring. what4?This generates an error message from a solver and a type error.It issed for error reporting what4=This describes the result that was collected from the solver. what4"Result from sandboxed computation. what4List of bound variables. what4"Constants added during generation. what41List of Boolean predicates asserted by collector. what4The SMT term collector what4#The state of a side collector monad6This has predicate for introducing new bound variables what4I'freshBoundTerm nm args ret_type ret' will record that 'nm(args) = ret' ret_type should be the type of ret. what4HCalled when we need to need to assert a predicate about some variables. what41Function for create a new name given a base type. what4+Typeclass need to generate SMTLIB commands. what4Create a forall expression what4Create an exists expression what4Create a constant arrayGThis may return Nothing if the solver does not support constant arrays. what4Select an element from an array what49'arrayUpdate a i v' returns an array that contains value v at index i, and the same value as in a at every other index. what4-Create a command that just defines a comment. what4(Create a command that asserts a formula. what4Create a command that asserts a formula and attaches the given name to it (primarily for the purposes of later reporting unsatisfiable cores). what4Push 1 new scope what4Pop 1 existing scope what4Pop several scopes. what4CReset the solver state, forgetting all pushed frames and assertions what4Check if the current set of assumption is satisfiable. May require multiple commands. The intial commands require an ack. The last one does not. what4Check if a collection of assumptions is satisfiable in the current context. The assumptions must be given as the names of literals already in scope. what4Ask the solver to return an unsatisfiable core from among the assumptions passed into the previous "check with assumptions" command. what4qAsk the solver to return an unsatisfiable core from among the named assumptions previously asserted using the   after an unsatisfiable  checkCommand. !what4Set an option/parameter. "what4KDeclare a new symbol with the given name, arguments types, and result type. #what4\Define a new symbol with the given name, arguments, result type, and associated expression.EThe argument contains the variable name and the type of the variable. $what4bDeclare a struct datatype if is has not been already given the number of arguments in the struct. %what43Build a struct term with the given types and fields &what42Project a field from a struct with the given types 'what4,Produce a term representing a string literal (what4Compute the length of a term )what4stringIndexOf s t i5 computes the first index following or at i where t appears within s1 as a substring, or -1 if no such index exists *what43Test if the first string contains the second string +what49Test if the first string is a prefix of the second string ,what49Test if the first string is a suffix of the second string -what4stringSubstring s off len extracts the substring of s starting at index off and having length len0. The result of this operation is undefined if off and len( to not specify a valid substring of s; in particular, we must have off+len <= length(s). .what4Append the given strings /what4,Forget all previously-declared struct types. 0what4"Write a command to the connection. what44Status to indicate when term value will be uncached. what4Never delete the term what41Delete the term when the current frame is popped. 2what4sAn action for consuming an acknowledgement message from the solver, if it is configured to produce ack messages. 6what4,Name of writer for error reporting purposes. 7what4Handle to write to 8what4Handle to read responses from. In some contexts, there are no responses expected (e.g., if we are writing a problem directly to a file); in these cases, the input stream might be the trivial stream  nullInput(, which just immediately returns EOF. 9what4UIndicates if the writer can define constants or functions in terms of an expression.^If this is not supported, we can only declare free variables, and assert that they are equal. :what48Functions may be passed as arguments to other functions.KWe currently never allow SMT_FnType to appear in structs or array indices. ;what4;Allow the SMT writer to generate problems with quantifiers. <what4+Indicates features supported by the solver. what4A stack of pairs of hash tables, each stack entry corresponding to a lexical scope induced by frame push/pops. The entire stack is searched top-down when looking up element nonce values. Elements that are to persist across pops are written through the entire stack. what4Reference to current state what4Symbol variables. =what4$The specific connection information. what4JConsume an acknowledgement notifications the solver, if it produces one what4State for writer. what4IAn expresion for the SMT solver together with information about its type. >what4A term in the output language. ?what45A class of values containing rational and operations. Fwhat4"Compare two elements for equality. Gwhat4%Compare two elements for in-equality. Iwhat4Create a let expression. This is a "sequential" let, which is syntactic sugar for a nested series of single let bindings. As a consequence, bound variables are in scope for the right-hand-sides of subsequent bindings. Jwhat4"Create an if-then-else expression. Kwhat4Add a list of values together. Lwhat4(Convert an integer expression to a real. Mwhat4(Convert a real expression to an integer. Nwhat4Convert an integer to a term. Owhat4Convert a rational to a term. Pwhat4Less-then-or-equal Qwhat4 Less-then Rwhat4 Greater then Swhat4Greater then or equal Twhat4Integer theory terms Xwhat4!Create expression from bitvector. lwhat4$Concatenate two bitvectors together. mwhat4bvExtract w i n v extracts bits [i..i+n) from v as a new bitvector. v must contain at least w elements, and i+n must be less than or equal to w. The result has n) elements. The least significant bit of v should have index 0. nwhat4bvTestBit w i x% returns predicate that holds if bit i in x is set to true. w! should be the number of bits in x. what44Predicate that holds if a real number is an integer. what4*Apply the arguments to the given function. what4AUpdate a function value to return a new value at the given point.AThis may be Nothing if solver has no builtin function for update. what4:Function for creating a lambda term if output supports it.iYices support lambda expressions, but SMTLIB2 does not. The function takes arguments and the expression. what4  defines how a given H maps to an SMTLIB type.RIt is necessary as there may be several ways in which a base type can be encoded. what4%Converts an SMT to a base expression. what4@The next index to use in dynamically generating a variable name. what4Last position written to file. what4Position written to file. what4Create a new variablefVariable names have a prefix, an exclamation mark and a unique number. The MSS system ensures that no what4Create a new variablefVariable names have a prefix, an exclamation mark and a unique number. The MSS system ensures that no what4+An acknowledgement action that does nothing what42Clear the entry stack, and start with a fresh one. what4fPop all but the topmost stack entry. Return the number of entries on the stack prior to popping. what4Return the number of pushed stack frames. Note, this is one fewer than the number of entries in the stack beacuse the base entry is the top-level context that is not in the scope of any push. what4?Push a new frame to the stack for maintaining the writer cache. what4Run state with handle. what45Update the current program location to the given one. what4hWrite a command to the connection along with position information if it differs from the last position. what4LWrite a sequence of commands. All but the last should have acknowledgement. what4*Create a new variable with the given name. what4HConsider the bound variable as free within the current assumption frame. what4$Assume that the given formula holds. what4rPerform any necessary declarations to ensure that the mentioned type map sorts exist in the solver environment. what49Create a variable name eqivalent to the given expression. what49Create a variable name eqivalent to the given expression. what4Create a fresh constant what40Given a solver connection and a base type repr,  Y attempts to find the best encoding for a variable of that type supported by teh solver. what4This is a helper function for  I that only returns values that can be passed as arguments to a function. what4FCreate a fresh bound term from the SMT expression with the given name. what4FCreate a fresh bound term from the SMT expression with the given name. what4FCreate a fresh bound term from the SMT expression with the given name. what4=Assert a predicate holds as a side condition to some formula. what4)This runs the collector on the connection what42Create a forall expression from a CollectorResult. what4impliesAllExpr l r9 returns an expression equivalent to forall l implies r. what42Create a forall expression from a CollectorResult. what46This runs the side collector and collects the results. what4=Cache the result of writing an Expr named by the given nonce. what4EAssociate a bound variable with the givne SMT Expression until the a what4'Checks whether a variable is supported.Returns the SMT type of the variable and a predicate (if needed) that the variable should be assumed to hold. This is used for Natural number variables. what40Check that the types can be passed to functions. what44Evaluate a base type repr as a first class SMT type.`First class types are those that can be passed as function arguments and returned by functions. what4Convert structure to list. what4Convert structure to list. what4'Create index arguments with given type..Returns the name of the argument and the type. what4JGet name associated with symbol binding if defined, creating it if needed. !what4='defineSMTFunction conn var action' will introduce a functionIt returns the return type of the value. Note: This function is declared at a global scope. It bypasses any subfunctions. We need to investigate how to support nested functions. "what4,Convert an expression into a SMT Expression. what4(Convert an element to a base expression. #what4Convert structure to list. $what42Create a SMT symbolic function from the ExprSymFn.(Returns the return type of the function.This is only called by  %. %what46Generate a SMTLIB function for a ExprBuilder function.Since SimpleBuilder different simple builder values with the same type may have different SMTLIB types (particularly arrays), getSMTSymFn requires the argument types to call the function with. This is enforced to be compatible with the argument types expected by the simplebuilder. This function caches the result, and we currently generate the function based on the argument types provided the first time getSMTSymFn is called with a particular simple builder function. In subsequent calls, we validate that the same argument types are provided. In principal, a function could be called with one type of arguments, and then be called with a different type and this check would fail. However, due to limitations in the solvers we expect to support, this should never happen as the only time these may differ when arrays are used and one array is encoded using the theory of arrays, while the other uses a defined function. However, SMTLIB2 does not allow functions to be passed to other functions; yices does, but always encodes arrays as functions.<Returns the name of the function and the type of the result. what4Write a expression to SMT what4Write a logical expression. what4>Write assume formula predicates for asserting predicate holds. &what4BReturn the terms associated with the given ground index variables. what4The function creates a function for evaluating elts to concrete values given a connection to an SMT solver along with some functions for evaluating different types of terms to concrete values. #what4Name of variable what4Type for indiceswhat4Type for value.what4Constant to assign all values. what4Stream to write queries ontowhat43Input stream to read responses from (may be the  nullInput% stream if no responses are expected)what45An action to consume solver acknowledgement responseswhat4&Name of solver for reporting purposes.what44Indicates what features are supported by the solver.what4IA bijective mapping between variables and their canonical name (if any).what44State information specific to the type of connection what4XName of variable to define Should not be defined or declared in the current SMT contextwhat4/Names of variables in term and associated type.what4Type of expression. what4/Names of variables in term and associated type.what4Type of expression. what4,The name of the constant based on its reaon.what4Type of the constant. what4 Arguments expected for function.what4Type of resultwhat4Result of function what4&Reason that condition is being added. what4Predicate that should hold. 'what4Name to define. what4Nonce to associate term withwhat4Lifetime of termwhat4Action to create term. what4Variable to bindwhat4SMT Expression to bind to var. !what4Action to generate %what4 Function to what4Connection to SMT solver.              * + , ) ( - &              ! " # $ % ' . / 0 1 2 3 4 5 = 9 : ; < 7 8 6 > ? R E h e f g Y Z [ \ a b c d i j k J T U V W l p q r s t u v w x y z { | } ~  @ A B C D F G H I K L M N O P Q S X ] ^ _ ` m n o ? R E h e f g Y Z [ \ a b c d i j k J T U V W l p q r s t u v w x y z { | } ~  @ A B C D F G H I K L M N O P Q S X ] ^ _ ` m n o    * + , ) ( - &              ! " # $ % ' . / 0     > 5 9 : ; < 7 8 6 = 1   2 3 4       D3 E2 F4 G4 P4 Q4 R4 S45;Identifying the solver theory required by a core expression(c) Galois, Inc 2016-2020BSD3!Joe Hendrix <jhendrix@galois.com> provisionalNone&'\ P what4$The theory that a symbol belongs to. what4PTheory attributed to structs (equivalent to records in CVC4/Z3, tuples in Yices) what4(Theory attributed application functions.  6=Compute the bound and free variables appearing in expressions(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone %&'.HMSX\ s what47Information about bound variables outside this context. (what4$List of errors found during parsing. what4MContains all information about a bound variable appearing in the expression. what45The outer term containing the binding (e.g., Ax.f(x)) what4#The type of quantifier that appears what4BThe variable that is bound Variables may be bound multiple times. what4)The term that appears inside the binding. what4IDescribes types of functionality required by solver based on the problem. what4Expressions appearing in the problem as existentially quantified when the problem is expressed in negation normal form. This is a map from the existential quantifier element to the info. what4Expressions appearing in the problem as existentially quantified when the problem is expressed in negation normal form. This is a map from the existential quantifier element to the info. what48Return variables needed to define element as a predicate )what4<Add the featured expected by a variable with the given type. *what4mRecord a Forall/Exists quantifier is found in a context where it will appear both positively and negatively. +what4GRecord variables in a predicate that we are checking satisfiability of. ,what4/This records asserted variables in an app expr. -what4/This records asserted variables in an app expr. what4#Record the variables in an element. .what4dRecurse through the variables in the element, adding bound variables as both exist and forall vars. /what4dRecurse through the variables in the element, adding bound variables as both exist and forall vars. 0what4Quantifier scopewhat4Polarity of variablewhat4Top termwhat4!Quantifier appearing in top term. 1what4Polarity of formulawhat4Top termwhat4!Quantifier appearing in top term.what4Bound variablewhat4Expression inside quant *what4Scope where binding is seen.what4Top termwhat4!Quantifier appearing in top term.what4Variable that is bound.what4Predicate over bound variable. +what4Scope of assertionwhat4Polarity of this formula.what4Predicate to assertNOP  NOP E:Commonly-used reexports from the expression representation(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com>None\ v9K      !"#$%&'()+,-./0123457689:;<=B@?>DEFGHIU[\]^_`abchijklmnoqrstpuvyxwz}|{ Uc[\]^ba`_nmkjlihoqrstpuvwxy      !"#$%&'()z{|}57689:;<=>?@BDEFG+,-./01234HI9K 7Online solver interactions(c) Galois, Inc 2018-2020BSD3!Rob Dockins <rdockins@galois.com>None &'@AX\_k ¡! what4.A live connection to a running solver process. what4)Writer for sending commands to the solver what4lCallback for regular code paths to gracefully close associated pipes and wait for the process to shutdown what4Handle to the solver process what4#Standard in for the solver process. what4:Wrap the solver's stdout, for easier parsing of responses. what4;Indicate this solver's behavior following an error response what4%Standard error for the solver process what41The functions used to parse values out of models. what4Some solvers will enter an UNSAT state early, if they can easily determine that context is unsatisfiable. If this IORef contains an integer value, it indicates how many "pop" operations need to be performed to return to a potentially satisfiable state. A Just 0f state indicates the special case that the top-level context is unsatisfiable, and must be "reset". what41Some solvers do not have support for the SMTLib2.6 operation (reset-assertions), or an equivalent. For these solvers, we instead make sure to always have at least one assertion frame pushed, and pop all outstanding frames (and push a new top-level one) as a way to mimic the reset behavior. what4DThis datatype describes how a solver will behave following an error. what4BThis indicates the solver will immediately exit following an error what4aThis indicates the solver will remain live and respond to further commmands following an error what4This class provides an API for starting and shutting down connections to various different solvers that support online interaction modes. what41Start a new solver process attached to the given U. what4Shut down a solver process. The process will be asked to shut down in a "polite" way, e.g., by sending an `(exit)` message, or by closing the process's  2. Use  killProcess/ instead to shutdown a process via a signal. what4JSimple data-type encapsulating some implementation of an online solver. what49An impolite way to shut down a solver. Prefer to use  L, unless the solver is unresponsive or in some unrecoverable error state. what4Check if the given formula is satisfiable in the current solver state, without requesting a model. This is done in a fresh frame, which is exited after the check call. what4 Check if the formula is satisifiable in the current solver state. This is done in a fresh frame, which is exited after the continuation complets. The evaluation function can be used to query the model. The model is valid only in the given continuation. what4Pop all assumption frames and remove all top-level asserts from the global scope. Forget all declarations except those in scope at the top level. what4#Push a new solver assumption frame. what4'Pop a previous solver assumption frame. 3what4Pop a previous solver assumption frame, but don't communicate the pop command to the solver. This is really only useful in error recovery code when we know the solver has already exited. what4<Perform an action in the scope of a solver assumption frame. what4Perform an action in the scope of a solver assumption frame, where the given bound variables are considered free within that frame. what4TSend a check command to the solver, and get the SatResult without asking a model. what4QSend a check command to the solver and get the model in the case of a SAT result. !what4Following a successful check-sat command, build a ground evaulation function that will evaluate terms in the context of the current model. "what4MAfter an unsatisfiable check-with-assumptions command, compute a set of the supplied assumptions that (together with previous assertions) form an unsatisfiable core. Note: the returned unsatisfiable set might not be minimal. The boolean value returned along with the name indicates if the assumption was negated or not: True! indidcates a positive atom, and False represents a negated atom. #what4After an unsatisfiable check-sat command, compute a set of the named assertions that (together with all the unnamed assertions) form an unsatisfiable core. Note: the returned unsatisfiable core might not be minimal. $what4/Get the sat result from a previous SAT command.&                           ! " # $&                         ! # " $  8*Interface for solvers that consume SMTLib2(c) Galois, Inc 2014-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone %&'.=?@AHSUVX\_gk i 4what4FThings that can go wrong while checking which solver version we've got -what4Run the solver in a session. 3what41This is an interactive session with an SMT solver 8what4}This class exists so that solvers supporting the SMTLib2 format can support features that go slightly beyond the standard.In particular, there is no standardized syntax for constant arrays (arrays which map every index to the same value). Solvers that support the theory of arrays and have custom syntax for constant arrays should implement  ;. In addition, solvers may override the default representation of complex numbers if necessary. The default is to represent complex numbers as "(Array Bool Real)" and to build instances by updating a constant array. :what4ZReturn a representation of the type associated with a (multi-dimensional) symbolic array.By default, we encode symbolic arrays using a nested representation. If the solver, supports tuples/structs it may wish to change this. Gwhat4/The sort of structs with the given field types.NBy default, this uses SMTLIB2 datatypes and are not primitive to the language. Hwhat44Construct a struct value from the given field values Iwhat4(Construct a struct field projection term 5what4Number of bits in exponent 6what4"Number of bits in the significand. Kwhat4&Set the logic to all supported logics. 7what4#Select a valued from a nested array Qwhat4Write check sat command Wwhat46Set the produce models option (We typically want this) 8what4:Parse an s-expression and return a bitvector and its width 9what49Get a value from a solver (must be called after checkSat) Ywhat4&This function runs a check sat command :what4DCalled when methods in the following instance encounter an exception [what4TA default method for writing SMTLib2 problems without any solver-specific tweaks. ;what49The minimum (inclusive) version bound for a given solver.The keys come from  6 in  5 . See also 0https://github.com/GaloisInc/crucible/issues/194 <what4=The maximum (non-inclusive) version bound for a given solver.The keys come from  6 in  5. `what4!Get the result of a version query awhat4)Query the solver's error behavior setting bwhat4!Get the result of a version query cwhat4<Ensure the solver's version falls within a known-good range. dwhat4<Ensure the solver's version falls within a known-good range. -what4Path to solver executablewhat4 Action to run Iwhat4number of fields in the struct what4"0-based index of the struct field what4struct term to project from Pwhat4Stream to write queries ontowhat43Input stream to read responses from (may be the  nullInput% stream if no responses are expected)what44Action to run for consuming acknowledgement messageswhat4&Name of solver for reporting purposes.what4NFlag indicating if it is permitted to use "define-fun" when generating SMTLIBwhat43Indicates what features are supported by the solverwhat4'Indicates if quantifiers are supported.what4Variable bindings for names. =what4widthwhat4BV value Ywhat4HFunction for evaluating model. The evaluation should be complete before [what4Name of solver for reporting.what4Features supported by solver \what4*Action for acknowledging command responseswhat42Action for setting start-up-time options and logic cwhat4min version bounds (inclusive) what4#max version bounds (non-inclusive) O$ 5 < % ) & ' ( * + , - . / 2 1 0 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c dO 7 8 9 : ; < = > ? @ A B C D E F G H I J P Q R X Y O T U b V ` W K S$ L M N 3 4 5 6 % ) & ' ( * + , - . [ \ ] Z / 2 1 0 ^ _ d c a 5 < 9Solver adapter code for Z3(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone &'=?@A\k  rwhat4 Path to Z3 swhat41Per-check timeout, in milliseconds (zero is none) ywhat4qRun Z3 in a session. Z3 will be configured to produce models, but otherwise left with the default configuration. ywhat4Path to Z3 executablewhat4 Action to run p q r s t u v w x y p q u r s t v x y w:Solver adapter code for Yices(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone%.=?@AHMSUVX\_ K ~what4;Exceptions that can occur when reading responses from Yices >what4This data type bundles a Yices command (as a Text Builder) with an indication as to whether it is safe to issue in an inconsistent context. Unsafe commands are the ones that Yices will complain about to stderr if issued, causing interaction to hang. ?what4Denotes a type in yices. what4&This is a tag used to indicate that a  5. is a connection to a specific Yices process. @what45Attempt to interpret a Config value as a Yices value. Awhat4Tell yices to show a model Bwhat4Create yices set command value. what4Send a check command to Yices. Cwhat4"Print a command to show the model. Dwhat4]Get the sat result from a previous SAT command. Throws an exception if something goes wrong. Ewhat4 Call eval to get a Rational term what4 Call eval to get a Boolean term. Fwhat4&Send eval command and get result back. what4 Path to yices what4Enable the MC-SAT solver what49Enable interactive mode (necessary for per-goal timeouts) what4"Set a per-goal timeout in seconds. Gwhat4This checks that the element is in a logic fragment supported by Yices, and returns whether the exists-forall solver should be used. what4IWrite a yices file that checks the satisfiability of the given predicate. what4"Run writer and get a yices result. what4+Indicates the problem features to support. what4%Builder for getting current bindings.what4 Path to filewhat4Predicate to check.8    ~      .8 ~  ;Solver adapter code for STP(c) Galois, Inc 2015-2020BSD3!Joe Hendrix <rdockins@galois.com> provisionalNone=?@A\ #L what4 Path to stp what4tRun STP in a session. STP will be configured to produce models, buth otherwise left with the default configuration. what4Path to STP executablewhat4 Action to run  <Interface for running dReal(c) Galois, Inc 2014-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone.\ &= what4 Path to dReal what4propositions to check   =Solver adapter code for CVC4(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone &'=?@A\k , what4 Path to cvc4 what41Per-check timeout, in milliseconds (zero is none) what4uRun CVC4 in a session. CVC4 will be configured to produce models, but otherwise left with the default configuration. what4Path to CVC4 executablewhat4 Action to run >Interface for running Boolector(c) Galois, Inc 2014-2020BSD3!Rob Dockins <rdockins@galois.com> provisionalNone &'=?@AX\ 2 what4Path to boolector what4Run Boolector in a session. Boolector will be configured to produce models, but otherwise left with the default configuration. what4Path to Boolector executablewhat4 Action to run  F"Reexports for working with solvers(c) Galois, Inc 2015-2020BSD3!Rob Dockins <rdockins@galois.com>None \_ 4I p q r t u v x y @ p q r u x y t v?.Datastructure for mapping bitvectors to values(c) Galois, Inc 2014-2020BSD3!Rob Dockins <rdockins@galois.com>None.HUV\g ? what4A WordMap: represents a finite partial map from bitvectors of width w to elements of type tp. what43Create a word map where every element is undefined. what4LCompute a pointwise if-then-else operation on the elements of two word maps. what4%Update a word map at the given index. what4+Lookup the value of an index in a word map. what4index what4 new value what4word map to update what4index   HGHIJKLJMNOPPQRSQRTUVVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~                        ! " # $ % & ' ( ) * + + , - . / 0 1 2 3 4 5 6 7 8 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] 0 ^ _ 8 8 ` ; a a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~                                                                                   v      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGH!IJKLMNOPQRSvTUV WXY'Z[\]^}_`abcqdefghijklmnopqrstuvwxyz{|}~FJI!KLMNXWdO VSv'Z[\]^qstughklmnopqrsvFJIKWXdOLMN usgkJI!LMNOSvTUPQV WY'Z[\]^}_`abcqstu>=hijklmnopstuwxz{}~v      !"' !."#$%&'()*+,-./0123345678 9 : ;    < = > ? @ A B C D E F G H I J K!L!M!N!O!P!Q!R!S!T!U!V!W!X!Y!Z![!\!]!^!_!`!a!b!c!d!e!f"g"h"i"j"k"k"l"m"n"n"o"p"q"r"s"t"u"v"w"x"y"z"{"|"}"~"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""#######################_########################$$$$$$$#$$$*$ $"$$$$$$$%%% % % % % %%%%%%%%%%%%%%%%%%& & &!&"&#&$&%&&&'&(&)&&&*&*&+&,&-&.&/&/&0&1&&2&2&3&4&5&6&7&8&9&:&;&<&=&>&?&@&A&B&C&D&E&F&G&H&I&J&K&L&M&N&O&P&Q&R&S&T&U&V&W&X&Y&Z&[&\&]&^&_&`&a'b'c'd'e'f'g(h(h(i(j(k(k(l(m(n(o(p(q(r(s(t(u(v(w(x(y(z({(|(}(~(((((((((C((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ((((((((((((((((((( (!("(#($(%(&('((()(*(+(,(-(.(/(0(1(2(3(4(5(6(7(8(9(:(;(<(=(>(?(@(A(B(C(D(E(F(G(H(I(J(K(L(M(N(O(P(Q(R(S(T(U(V(W(X(Y(Z([(\(](^(_(`(a(b(c(d(e(f(g(h(i(j(k(l(m(n(o(p(q(r(s(t(u(v(w(x(y(z({(|(}(~(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((()))))))) )))))))))))))))))))))))))))))))))))))))))))))))))))********************** * * * * ******************* * *!*"*#*$*%*&*'*(*)***+*,*-*.*/*0*1*2*3*4*5*6+7+7+8+9+:+;+<+=+>+?+@+A+B+C+D+E+F+G+H+I+J+K+L+M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,[,\,],^,_,`,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,{,|,},~,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,---!-----------v-U-T----[---..... .?........../////////////////////////////////////////////////////////////////// / / / / /DDDDDDDDDDDDDDDDDD D!D"D#D$D%D&D'D(D)D*D+D,D-D.D/D0D1D2D3D4D5D6D7D8D9D:D;D<D=D>D?D@DADBDCDDDEDFDGDHDIDJDKDLDMDNDODPDQDRDSDTDUDVDWDXDYDZD[D\D]D^D_D`DaDbDcDdDeDfDgDhDiDjDkDlDmDnDoDpDqDrDsDtDuDvDwDxDyDzD{D|D}D~DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 0 0 0 0 0000000000001111222 2!2"2#2$2%2%2&2'2(2)2*2+2,2-2.2/3030313233343535363738393:3;3<3=3>3?3@3A3B4C4D4E4F4G4H4H4I4J4K4L4M4N4O4O4P4Q4R4R4S4T4U4V4W4X4Y4Z4[4\4]4^44_4`4a4b4c4d4e4f4g4h4i4j4k4l4m4n4o4p4 44444!4q4r4s4\4t4u4v4w4x4y4z4{4|4}4~440444444444444y44444444444444444444444444444444444444B4C4D4E4F4H4I4J4K4L4M4N4O4P4Q4R4S4U4W4X4[4\4]4^4_4`4a4c4d4e4g4h4i4j4k4l4414:4;44=4>4948444444444444444444444b44444444444444444444444444444445555555555555555566666666666666666666666666666777 7 7 7 7 7 7 7 7 7 7 7 7Z7 7 7 7 7 7 7 7 7 7 7 777 7 7 7 7 7 7777 8 8 8 8 88 !8 "8 #8 $8 %8 &8 '8 (8 )8 *8 *8 +8 ,8 -8 .8 /8 08 18 28 38 48 58 68 78 88 98 :8 ;8 <8 =8 >8 ?8 @8 A88^8 B8 C8 D8 E8 F888888 G8 H8 I8 J8 K8 L8 M8 N8 O8 P8 Q8 R8 S8 T8 U8 V8 W8 X8 Y8 Z8 [8 \8 ]8 ^9 _9 _9 `9 a9 b9 c9 d9 e9 f9 g9 h9 i9 j9 k: l: m: n: o: p: q: r: s: t: u: v: w: x:: y: z: {: |: }: ~: : : : : : : : : : : ; ; ; ; ; ; ; ; ; h; ; ; < < < < < < < < < < < < = = = = = = = = = = = = h= = = > > > > > > > > > h> > > ? ? ? ? ? ? G E  Q  G AJ@ J@ J@ J@ J  J  J  J Q  Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q Q  Q  Q  Q  Q  Q  Q  Q  Q  Q  Q Q  Q  Q  Q   ! " # $  %J & ' ( )  * + ,  - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @J A B C D E FJ A G H BK I Jg K L M! NJ O P" Q" R" S# T# U# V# W# X# Y# Z& [& \& ]& ^& _& `& a& b& c& d& eJ f gJ f h( i( j( k) l) m) n) o) p) q) r* sJ O t--- u-.- v- w. x/ yD zD {D |D }D ~D D D D DD D D D D D D D D D D ~D D D D D D D D D D D D 0 0 0 G FG  0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 J & 0 0 0 0 0 0 0 0 0 0 0 1 2 J O 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4p4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 6 6 6 6 6 6 6 6 6 6 J  7 8 8 8 8 8 8 8 8 8 8 : : : : : : : : : :  what4-1.0-IcCGmY3T3YeXUBLCM24PeWhat4.Utils.MonadST What4.PanicWhat4.BaseTypesTest.VerificationWhat4.FunctionNameWhat4.IndexLitWhat4.ProblemFeaturesWhat4.ProgramLocWhat4.Protocol.PolyRootWhat4.Protocol.ReadDecimalWhat4.Protocol.SExpWhat4.Protocol.SMTLib2.ParseWhat4.Protocol.SMTLib2.SyntaxWhat4.SatResultWhat4.SemiRing What4.SymbolWhat4.Utils.AnnotatedMapWhat4.Utils.ArithmeticWhat4.Utils.BVDomain.ArithWhat4.Utils.BVDomain.BitwiseWhat4.Utils.BVDomain.XORWhat4.Utils.BVDomainWhat4.Utils.ComplexWhat4.Utils.EndianWhat4.Utils.EnvironmentWhat4.Utils.HandleReaderWhat4.Utils.IncrHashWhat4.Expr.BoolMapWhat4.Utils.LeqMapWhat4.Utils.OnlyNatReprWhat4.Utils.StreamsWhat4.Utils.Word16StringWhat4.Utils.StringLiteralWhat4.Utils.AbstractDomainsWhat4.Expr.WeightedSumWhat4.Expr.ArrayUpdateMapWhat4.Concrete What4.ConfigWhat4.Utils.ProcessWhat4.Interface What4.SWord What4.PartialWhat4.LabeledPredWhat4.InterpretedFloatingPointWhat4.Expr.UnaryBVWhat4.Expr.StringSeqWhat4.Expr.MATLABWhat4.Expr.BuilderWhat4.Expr.SimplifyWhat4.Expr.GroundEvalWhat4.Solver.AdapterWhat4.Protocol.SMTWriterWhat4.Expr.AppTheoryWhat4.Expr.VarIdentificationWhat4.Protocol.OnlineWhat4.Protocol.SMTLib2What4.Solver.Z3What4.Solver.YicesWhat4.Solver.STPWhat4.Solver.DRealWhat4.Solver.CVC4What4.Solver.Boolector What4.WordMap GHC.TypeNatsNat Data.Maybe fromMaybeWhat4.Expr.App What4.Expr What4.Solverghc-primGHC.Prim RealWorldbaseGHC.STSTGHC.Stack.Types HasCallStack$panic-0.4.0.1-E9mSbJZBlYCDp8i0Bd1wOIPanic0parameterized-utils-2.1.0-JGbtlQrIdl0AngbdJbe72UData.Parameterized.Classes knownRepr KnownReprGenGenEnv genChooseBool genChooseIntgenChooseInteger genGetSize AssumptionAssuming preCondition assumedProp Verifiable verifyingProperty BoolPropertyAssumptionProppropertyassuming==> chooseBool chooseInt chooseIntegergetSizetoNativeProperty$fVerifiableProperty$fVerifiableBool $fMonadGen$fApplicativeGen $fFunctorGen$fShowAssumption$fShowPropertyStringInfoRepr Char8Repr Char16Repr UnicodeReprFloatPrecisionReprFloatingPointPrecisionRepr BaseTypeRepr BaseBoolRepr BaseBVRepr BaseNatReprBaseIntegerRepr BaseRealRepr BaseFloatReprBaseStringReprBaseComplexReprBaseStructRepr BaseArrayReprPrec128Prec80Prec64Prec32Prec16FloatPrecisionBitsFloatingPointPrecisionFloatPrecision BaseArrayTypeBaseStructTypeBaseComplexTypeBaseStringType BaseFloatType BaseBVType BaseRealType BaseNatTypeBaseIntegerType BaseBoolTypeBaseTypeUnicodeChar16Char8 StringInfoKnownCtxarrayTypeIndicesarrayTypeResultfloatPrecisionToBVTypelemmaFloatPrecisionIsPosA$fKnownReprFloatPrecisionFloatPrecisionReprFloatingPointPrecision*$fKnownReprStringInfoStringInfoReprUnicode)$fKnownReprStringInfoStringInfoReprChar16($fKnownReprStringInfoStringInfoReprChar8,$fKnownReprBaseTypeBaseTypeReprBaseArrayType-$fKnownReprBaseTypeBaseTypeReprBaseStructType.$fKnownReprBaseTypeBaseTypeReprBaseComplexType,$fKnownReprBaseTypeBaseTypeReprBaseFloatType)$fKnownReprBaseTypeBaseTypeReprBaseBVType-$fKnownReprBaseTypeBaseTypeReprBaseStringType+$fKnownReprBaseTypeBaseTypeReprBaseRealType*$fKnownReprBaseTypeBaseTypeReprBaseNatType.$fKnownReprBaseTypeBaseTypeReprBaseIntegerType+$fKnownReprBaseTypeBaseTypeReprBaseBoolType$fOrdFStringInfoStringInfoRepr&$fTestEqualityStringInfoStringInfoRepr&$fOrdFFloatPrecisionFloatPrecisionRepr.$fTestEqualityFloatPrecisionFloatPrecisionRepr$fOrdFBaseTypeBaseTypeRepr"$fTestEqualityBaseTypeBaseTypeRepr$fShowFStringInfoStringInfoRepr$fShowStringInfoRepr$fPrettyStringInfoRepr'$fShowFFloatPrecisionFloatPrecisionRepr$fShowFloatPrecisionRepr$fPrettyFloatPrecisionRepr$fShowFBaseTypeBaseTypeRepr$fShowBaseTypeRepr$fPrettyBaseTypeRepr$fHashableStringInfoRepr#$fHashableFStringInfoStringInfoRepr$fHashableFloatPrecisionRepr+$fHashableFFloatPrecisionFloatPrecisionRepr$fHashableBaseTypeRepr$fHashableFBaseTypeBaseTypeRepr FunctionName functionNamestartFunctionNamefunctionNameFromText$fPrettyFunctionName$fShowFunctionName$fIsStringFunctionName$fEqFunctionName$fOrdFunctionName$fHashableFunctionNameIndexLit NatIndexLit BVIndexLit hashIndexLit$fShowFBaseTypeIndexLit$fShowIndexLit$fHashableFBaseTypeIndexLit$fHashableIndexLit$fOrdFBaseTypeIndexLit$fTestEqualityBaseTypeIndexLit $fEqIndexLitWhat4panic$fPanicComponentWhat4ProblemFeatures noFeaturesuseLinearArithmeticuseNonlinearArithmeticuseComputableRealsuseIntegerArithmetic useBitvectorsuseExistForalluseQuantifiersuseSymbolicArrays useStructs useStringsuseFloatingPoint useUnsatCoresuseUnsatAssumptionshasProblemFeature$fEqProblemFeatures$fBitsProblemFeatures HasProgramLoc programLoc ProgramLoc plFunction plSourceLocPosdpospos_valPosition SourcePos BinaryPosOtherPos InternalPos sourcePos startOfFile ppNoFileNameinitializationLoc mkProgramLoc$fPrettyPosition$fNFDataPosition$fShowPosition $fNFDataPosd $fEqPosition $fOrdPosition $fFunctorPosd$fFoldablePosd$fTraversablePosd $fShowPosd$fEqPosd$fShowProgramLoc$fEqProgramLoc$fOrdProgramLocRoot approximateparseYicesRoot fromYicesText$fPrettySingPoly $fPrettyRoot$fFunctorSingPoly$fFoldableSingPoly$fTraversableSingPoly$fShowSingPoly $fShowRoot readDecimalSExpSAtomSStringSAppskipSpaceOrNewline parseNextWord parseSExp stringToSExp asNegAtomList asAtomList$fIsStringSExp$fEqSExp $fOrdSExp $fShowSExpGetModelResponse ModelResponseDeclareSortResponseDefineFunResponse DefineFun funSymbolfunArgs funResultSortfunDefTerm SymbolTermAsConstBVTermIntTermRatTerm StoreTermIfEqTermSortBitVec FloatingPointSymbolCheckSatResponse SatResponse UnsatResponseUnknownResponseCheckSatUnsupported CheckSatErrorArray RoundingModeRealIntBoolreadCheckSatResponsereadGetModelResponse$fIsStringParser$fMonadFailParser $fMonadParser$fCanParseInteger$fCanParseCheckSatResponse$fCanParseSymbol$fIsStringSymbol $fShowSymbol$fCanParseSort$fCanParseTerm$fCanParseModelResponse$fFunctorParser$fApplicativeParser $fEqSymbol SMTInfoFlagNameVersion ErrorBehavior InfoKeywordCommandCmdT renderTermunSortLogic builder_listqf_bv allSupportedvarSortboolSortbvSortintSortrealSort arraySortterm_appun_appbin_app namedTermtruefalsenotimpliesandorxoreq pairwise_appdistinctiteforallexists letBindernegatenumeraldecimalsubaddmuldiv./modabsleltgegttoRealtoIntisInt arrayConstselectstorebit0bit1bvbinary bvdecimal bvhexadecimalconcatextractbvnotbvandbvorbvxorbvnegbvaddbvsubbvmulbvudivbvurembvshlbvlshrbvultbvulebvslebvsltbvugebvugtbvsgebvsgtbvashrbvsdivbvsrem bvsignExtend bvzeroExtendsetLogic setOptionsetProduceModelsexit declareSort defineSort declareConst declareFun defineFunassert assertNamedcheckSatcheckSatAssumingcheckSatWithAssumptionsgetModelgetUnsatAssumptions getUnsatCoregetValueresetAssertionspushpopgetInfo getVersiongetNamegetErrorBehavior$fIsStringTerm $fMonoidTerm$fSemigroupTerm$fDataSMTInfoFlag$fEqSMTInfoFlag$fOrdSMTInfoFlag$fGenericSMTInfoFlag$fShowSMTInfoFlag SatResultSatUnsatUnknowntraverseSatResultisSatisUnsat isUnknownforgetModelAndCore$fShowSatResult$fGenericSatResult Occurrence Coefficient SemiRingBaseOrderedSemiRingReprOrderedSemiRingNatReprOrderedSemiRingIntegerReprOrderedSemiRingRealRepr SemiRingReprSemiRingNatReprSemiRingIntegerReprSemiRingRealReprSemiRingBVRepr BVFlavorRepr BVArithRepr BVBitsRepr SemiRingBV SemiRingRealSemiRingInteger SemiRingNatBVBitsBVArithSemiRingBVFlavor semiRingBaseorderedSemiRing sr_comparesr_hashWithSaltocc_oneocc_add occ_countocc_eqocc_hashWithSalt occ_comparezeroone$fHashableSemiRingRepr$fHashableFSemiRingSemiRingRepr$fHashableOrderedSemiRingRepr&$fHashableFSemiRingOrderedSemiRingRepr$fHashableBVFlavorRepr$fHashableFBVFlavorBVFlavorRepr$fOrdFSemiRingSemiRingRepr!$fOrdFSemiRingOrderedSemiRingRepr$fOrdFBVFlavorBVFlavorRepr"$fTestEqualitySemiRingSemiRingRepr)$fTestEqualitySemiRingOrderedSemiRingRepr"$fTestEqualityBVFlavorBVFlavorRepr SolverSymbolsolverSymbolAsTextSolverSymbolErrorppSolverSymbolError emptySymbol userSymbol systemSymbol safeSymbol$fShowSolverSymbolError$fShowSolverSymbol$fEqSolverSymbol$fOrdSolverSymbol$fHashableSolverSymbol AnnotatedMap annotationtoList fromAscListeqBynullempty singletonsizeinsertlookupdeletealteralterFunion unionWithunionWithKeyMaybefiltermapMaybetraverseMaybeWithKey difference mergeWithKeymergeA mergeWithKeyM $fMonoidTag$fSemigroupTag$fMeasuredTagEntry$fTraversableAnnotatedMap$fFoldableAnnotatedMap$fFunctorAnnotatedMap$fFunctorEntry$fFoldableEntry$fTraversableEntryisPow2lglgCeilctzclz rotateRight rotateLeft nextMultiplenextPow2Multiple tryIntSqrttryRationalSqrt roundAwayDomainBVDAny BVDIntervalmemberproperbvdMask genDomain genElementgenPair asSingletonuboundssboundsarithDomainDatadomainsOverlapsltultanyrangeintervalfromAscEltListzextsextshllshrashrscaleudivuremsdivsrem bitboundsunknowns fillrightpmember correct_anycorrect_uboundscorrect_sboundscorrect_singletoncorrect_overlap correct_unioncorrect_zero_extcorrect_sign_extcorrect_concatcorrect_shrink correct_trunccorrect_select correct_add correct_neg correct_not correct_mul correct_scalecorrect_scale_eq correct_udiv correct_uremcorrect_sdivRange correct_sdiv correct_srem correct_shl correct_lshr correct_ashr correct_eq correct_ult correct_sltcorrect_unknownscorrect_bitbounds $fShowDomain BVBitIntervalbitlenonempty intersectiontestBitrolrorcorrect_intersection correct_rol correct_ror correct_and correct_or correct_xorcorrect_testBitBVDXor and_scalarcorrect_and_scalarBVDomainBVDArith BVDBitwisebitwiseToXorDomainarithToXorDomainxorToBitwiseDomain asXorDomain fromXorDomain asArithDomainasBitwiseDomainbitwiseRoundAbovebitwiseRoundBetweenpopcntcorrect_arithToBitwisecorrect_bitwiseToArithcorrect_bitwiseToXorDomaincorrect_arithToXorDomaincorrect_xorToBitwiseDomaincorrect_asXorDomaincorrect_fromXorDomain correct_bra1 correct_bra2 correct_brb1 correct_brb2precise_overlapcorrect_popcnt correct_ctz correct_clz$fShowBVDomainComplex:+realPartimagPart complexNegate complexAdd complexSub complexMul complexDiv complexRecip magnitude magnitudeSq tryMagnitudetryComplexSqrtcomplexAsRational$fRealFracComplex$fFloatingComplex$fFractionalComplex $fRealComplex $fNumComplex $fShowComplex$fPolyEqComplexComplex$fHashableComplex$fTraversableComplex $fEqComplex $fOrdComplex$fFoldableComplex$fFunctorComplex$fGenericComplexEndian LittleEndian BigEndian $fEqEndian $fShowEndian $fOrdEndianexpandEnvironmentPathfindExecutable HandleReaderhrChanhrHandle hrThreadIdteeInputStreamteeOutputStreamlineBufferedOutputStreamdemuxProcessHandles streamLinesstartHandleReaderstopHandleReaderwithHandleReader readNextLine readAllLinesIncrHash mkIncrHash toIncrHashtoIncrHashWithSalt$fHashableIncrHash$fMonoidIncrHash$fSemigroupIncrHash $fEqIncrHash $fOrdIncrHash BoolMapView BoolMapUnitBoolMapDualUnit BoolMapTermsBoolMapWrapunWrapPolarityPositiveNegativenegatePolarity traverseVars viewBoolMapisInconsistentisNullvaraddVarfromVarscombinecontainsreversePolarities removeVar$fHashablePolarity$fHashableWrap $fOrdWrap$fEqWrap$fHashableBoolMap $fEqBoolMap $fEqPolarity $fOrdPolarity$fShowPolarityLeqMapfindMaxfindMinmapKeysMonotonicsplitLeq splitEntrylookupLElookupGElookupLTlookupGTfilterGtfilterLt foldlWithKey'keysminViewWithKey deleteFindMin deleteFindMax toDescListfromDistinctAscListfromDistinctDescList$fTraversableLeqMap$fFoldableLeqMap$fFunctorLeqMap $fEqLeqMapMonadSTliftST$fMonadSTsWriterT$fMonadSTsWriterT0$fMonadSTsStateT$fMonadSTsStateT0$fMonadSTsReaderT$fMonadSTsContT $fMonadSTsST$fMonadSTRealWorldIO OnlyNatReprtoBaseTypeRepr$fHashableFBaseTypeOnlyNatRepr$fHashableOnlyNatRepr!$fTestEqualityBaseTypeOnlyNatReprlogErrorStream Word16StringfromLEByteStringtoLEByteStringindexdroptakeappendlengthfoldl' findSubstring isInfixOf isPrefixOf isSuffixOf$fHashableWord16String$fShowWord16String$fOrdWord16String$fEqWord16String$fMonoidWord16String$fSemigroupWord16String StringLiteralUnicodeLiteral Char8Literal Char16LiteralstringLiteralInfofromUnicodeLit fromChar8Lit fromChar16LitstringLitLengthstringLitEmpty stringLitNullstringLitContainsstringLitIsPrefixOfstringLitIsSuffixOfstringLitSubstringstringLitIndexOfstringLitBounds$fIsStringStringLiteral$fSemigroupStringLiteral$fHashableStringLiteral"$fHashableFStringInfoStringLiteral$fShowStringLiteral$fShowFStringInfoStringLiteral$fOrdStringLiteral$fOrdFStringInfoStringLiteral$fEqStringLiteral%$fTestEqualityStringInfoStringLiteral AbstractableavJoin avOverlap avCheckEqConcreteValueWrapperunwrapCV ConcreteValueAbstractValueWrapperunwrapAV HasAbsValue getAbsValue AbstractValueStringAbstractValue StringAbs_stringAbsLength NatValueRangeNatSingleRange NatMultiRangeRealAbstractValueRAVravRange ravIsInteger ValueRange SingleRange MultiRange ValueBound Unbounded Inclusive minValueBound maxValueBound intAbsRange intDivRange intModRangeaddRangerangeScalarMul negateRangemulRange rangeLowBound rangeHiBound joinRange rangeCheckEq rangeCheckLeunboundedRange concreteRange singleRange valueRange asSingleRangemapRange ravUnbounded ravSingleravConcreteRangeravAdd ravScalarMulravMulravJoin ravCheckEq ravCheckLeabsAndabsOrasSingleNatRangenatRangenatSingleRange natRangeAddnatRangeScalarMul natRangeMul natRangeDiv natRangeMod natRangeJoin natRangeLow natRangeHigh natCheckEq natCheckLeunboundedNatRangenatRangeToRangeintRangeToNatRange natRangeMin natRangeSub stringAbsTopstringAbsEmpty stringAbsJoinstringAbsSinglestringAbsOverlapstringAbsConcatstringAbsSubstringstringAbsContainsstringAbsIsPrefixOfstringAbsIsSuffixOfstringAbsIndexOfstringAbsLengthavTopavSinglewithAbstractable avContains$fMonadValueBound$fApplicativeValueBound$fAbstractableBaseStructType$fAbstractableBaseArrayType$fAbstractableBaseComplexType$fAbstractableBaseFloatType$fAbstractableBaseBVType$fAbstractableBaseRealType$fAbstractableBaseIntegerType$fAbstractableBaseNatType$fAbstractableBaseStringType$fAbstractableBaseBoolType$fFunctorValueBound$fShowValueBound$fEqValueBound$fOrdValueBoundSemiRingProductprodRepr WeightedSumsumReprTm sumAbsValue sumOffset asConstantisZero asAffineVar asWeightedVarasVarconstanttraverseCoeffstraverseProdVars scaledVaraddVars addConstant fromTerms transformSumevalMevalreduceIntSumMod extractCommonnullProd asProdVar prodAbsValue prodContainsprodVarprodMulprodEval prodEvalM$fSemigroupSRAbsValue$fHashableWrapF $fEqWrapF $fOrdWrapF$fSemigroupNote$fSemigroupProdNote$fHashableWeightedSum!$fTestEqualitySemiRingWeightedSum$fHashableSemiRingProduct%$fTestEqualitySemiRingSemiRingProductArrayUpdateMaparrayUpdateAbstraverseArrayUpdateMapmergeMkeysSettoMap$fSemigroupArrayUpdateNote$fHashableArrayUpdateMap$fEqArrayUpdateMap ConcreteVal ConcreteBool ConcreteNatConcreteInteger ConcreteRealConcreteStringConcreteComplex ConcreteBVConcreteStruct ConcreteArrayfromConcreteBoolfromConcreteNatfromConcreteIntegerfromConcreteRealfromConcreteComplexfromConcreteStringfromConcreteBV concreteType$fShowConcreteVal$fShowFConcreteVal ppConcrete$fOrdConcreteVal$fOrdFBaseTypeConcreteVal$fEqConcreteVal!$fTestEqualityBaseTypeConcreteVal ConfigValueOpt getMaybeOpt trySetOptsetOptgetOptConfig ConfigDescBound Exclusive OptionStyleopt_type opt_onsetopt_helpopt_default_value OptionSettingoptionSettingName getOptionOptionSetResultoptionSetErroroptionSetWarnings ConfigOption configOptionconfigOptionNamePartsconfigOptionNameconfigOptionTextconfigOptionTypeoptOKoptErroptWarn set_opt_onsetset_opt_default boolOptSty realOptSty integerOptSty stringOptStyrealWithRangeOptStyrealWithMinOptStyrealWithMaxOptStyintegerWithRangeOptStyintegerWithMinOptStyintegerWithMaxOptSty enumOptSty listOptStyexecutablePathOptStymkOptoptoptVoptUoptUV initialConfig extendConfig verbosityverbosityLoggercheckOptSetResultgetOptionSettinggetOptionSettingFromTextgetConfigValues configHelp$fShowConfigOption$fMonoidOptionSetResult$fSemigroupOptionSetResult$fOptBaseBoolTypeBool$fOptBaseIntegerTypeInteger$fOptBaseNatTypeNatural$fOptBaseStringTypeTextresolveSolverPathfindSolverPathwithProcessHandlescleanupProcess startProcess filterAsync Statistics statAllocsstatNonLinearOps SymEncodersymEncoderType symFromExpr symToExprIsSymExprBuilder freshConstant freshLatchfreshBoundedBVfreshBoundedSBVfreshBoundedNatfreshBoundedIntfreshBoundedReal freshBoundVarvarExpr forallPred existsPred definedFninlineDefineFunfreshTotalUninterpFn applySymFn UnfoldPolicy NeverUnfold AlwaysUnfoldUnfoldConcreteIsSymFn fnArgTypes fnReturnTypeSymFnRNERNARTPRTNRTZ IsExprBuildergetConfigurationsetSolverLogListenergetSolverLogListenerlogSolverEvent getStatisticsgetCurrentProgramLocsetCurrentProgramLocisEq baseTypeIte annotateTermtruePred falsePrednotPredandPredorPred impliesPredxorPredeqPreditePrednatLitnatAddnatSubnatMulnatDivnatModnatItenatEqnatLenatLtintLitintNegintAddintSubintMulintIteintEqintLeintLtintAbsintDivintMod intDivisiblebvLitbvConcatbvSelectbvNegbvAddbvSubbvMulbvUdivbvUrembvSdivbvSrem testBitBVbvIsNegbvItebvEqbvNebvUltbvUlebvUgebvUgtbvSltbvSgtbvSlebvSge bvIsNonzerobvShlbvLshrbvAshrbvRolbvRorbvZextbvSextbvTrunc bvAndBitsbvOrBits bvXorBits bvNotBitsbvSetbvFill minUnsignedBV maxUnsignedBV maxSignedBV minSignedBV bvPopcountbvCountLeadingZerosbvCountTrailingZeros addUnsignedOF addSignedOF subUnsignedOF subSignedOFcarrylessMultiplyunsignedWideMultiplyBV mulUnsignedOFsignedWideMultiplyBV mulSignedOFmkStruct structFieldstructEq structIte constantArray arrayFromFnarrayMap arrayUpdate arrayLookup arrayFromMaparrayUpdateAtIdxLitsarrayItearrayEqallTrueEntriesarrayTrueOnEntries natToInteger integerToRealbvToNat bvToInteger sbvToIntegerpredToBV natToReal uintToReal sbvToReal realRound realRoundEven realFloorrealCeil realTrunc integerToBV integerToNat realToInteger realToNatrealToBV realToSBVclampedIntToSBVclampedIntToBV intSetWidth uintSetWidth intToUInt uintToInt stringEmpty stringLitstringEq stringIte stringConcatstringContainsstringIsPrefixOfstringIsSuffixOf stringIndexOf stringLengthstringSubstringrealZerorealLitsciLitrealEqrealNerealLerealLtrealGerealGtrealIterealNegrealAddrealMulrealSubrealSqrealDivrealMod isInteger realIsNonNegrealSqrt realAtan2realPirealLogrealExprealSinrealCosrealTanrealSinhrealCoshrealTanhrealAbs realHypot floatPZero floatNZerofloatNaN floatPInf floatNInffloatLitfloatNegfloatAbs floatSqrtfloatAddfloatSubfloatMulfloatDivfloatRemfloatMinfloatMaxfloatFMAfloatEqfloatNe floatFpEq floatFpNefloatLefloatLtfloatGefloatGt floatIsNaN floatIsInf floatIsZero floatIsPos floatIsNegfloatIsSubnorm floatIsNormfloatIte floatCast floatRoundfloatFromBinary floatToBinary bvToFloat sbvToFloat realToFloat floatToBV floatToSBV floatToReal mkComplex getRealPart getImagPart cplxGetParts mkComplexLit cplxFromRealcplxItecplxNegcplxAddcplxSubcplxMulcplxMagcplxSqrtcplxSincplxCoscplxTan cplxHypot cplxRound cplxFloorcplxCeilcplxConjcplxExpcplxEqcplxNe SolverEventSolverStartSATQuerySolverEndSATQuerysatQuerySolverNamesatQueryReasonsatQueryResult satQueryErrorArrayResultWrapperunwrapArrayResultIsExprasConstantPredasNat natBounds asInteger integerBounds asRationalrationalBounds asComplexasBVunsignedBVBoundssignedBVBoundsasString stringInfoasConstantArrayasStructexprTypebvWidth printSymExpr SymAnnotationBoundVarSymExpr SymStringSymBVSymArray SymStructSymCplxSymFloatSymReal SymIntegerSymNatPreditePredM bvJoinVector bvSplitVectorbvSwap bvBitreverseindexLititeM shouldUnfoldbaseIsConcretebaseDefaultValue backendPred mkRationalmkReal predToRealcplxExprAsRationalcplxExprAsIntegerrationalAsIntegerrealExprAsIntegerandAllOforOneOf isNonZeroisRealcplxDivcplxLog cplxLogBase asConcrete concreteToSymmuxRangezeroStatistics%$fHashableFBaseTypeArrayResultWrapper($fTestEqualityBaseTypeArrayResultWrapper$fHashableRoundingMode$fShowSolverEvent$fGenericSolverEvent$fEqRoundingMode$fGenericRoundingMode$fOrdRoundingMode$fShowRoundingMode$fEnumRoundingMode$fEqUnfoldPolicy$fOrdUnfoldPolicy$fShowUnfoldPolicy$fShowStatisticsSWordDBVZBVbvAsSignedIntegerbvAsUnsignedIntegerfreshBVbvAtBEbvAtLEbvSetBEbvSetLEbvJoin bvSliceBE bvSliceLE bvUnpackBE bvUnpackLEbvPackBEbvPackLEbvNotbvAndbvOrbvXorbvForallbvUDivbvURembvSDivbvSRembvLg2 $fShowSWordPartial _partialPred _partialValue $fDataPartial $fEqPartial$fFunctorPartial$fGenericPartial$fGeneric1Partial$fFoldablePartial$fTraversablePartial $fOrdPartial $fShowPartial partialPred partialValue$fBifunctorPartial$fBifoldablePartial$fBitraversablePartial $fEq1Partial $fEq2Partial $fOrd1Partial $fOrd2Partial$fShow1PartialPartialWithErrNoErrErr$fShow2Partial$fDataPartialWithErr$fEqPartialWithErr$fFunctorPartialWithErr$fGenericPartialWithErr$fGeneric1PartialWithErr$fFoldablePartialWithErr$fTraversablePartialWithErr$fOrdPartialWithErr$fShowPartialWithErr$fBifunctorPartialWithErr$fBifoldablePartialWithErr$fBitraversablePartialWithErr$fEq1PartialWithErr$fEq2PartialWithErr$fOrd1PartialWithErr$fOrd2PartialWithErr$fShow1PartialWithErrPartialT unPartialPartExprPE UnassignedmkPE justPartExpr maybePartExpr joinMaybePE mergePartial mergePartials runPartialTreturnUnassigned returnMaybe returnPartial addCondition$fShow2PartialWithErr$fMonadIOPartialT$fMonadTransPartialT$fMonadFailPartialT$fMonadPartialT$fApplicativePartialT$fFunctorPartialT LabeledPred _labeledPred_labeledPredMsg$fEqLabeledPred$fDataLabeledPred$fFunctorLabeledPred$fGenericLabeledPred$fGeneric1LabeledPred$fOrdLabeledPred$fBifunctorLabeledPred$fBifoldableLabeledPred$fBitraversableLabeledPred$fEq1LabeledPred$fEq2LabeledPred$fOrd1LabeledPred$fOrd2LabeledPred$fShow1LabeledPred labeledPredlabeledPredMsgpartitionByPredsMpartitionByPredspartitionLabeledPreds$fShow2LabeledPred FloatInfoRepr HalfFloatReprSingleFloatReprDoubleFloatRepr QuadFloatReprX86_80FloatReprDoubleDoubleFloatReprDoubleDoubleFloat X86_80Float QuadFloat DoubleFloat SingleFloat HalfFloat FloatInfo2$fKnownReprFloatInfoFloatInfoReprDoubleDoubleFloat,$fKnownReprFloatInfoFloatInfoReprX86_80Float*$fKnownReprFloatInfoFloatInfoReprQuadFloat,$fKnownReprFloatInfoFloatInfoReprDoubleFloat,$fKnownReprFloatInfoFloatInfoReprSingleFloat*$fKnownReprFloatInfoFloatInfoReprHalfFloat IsInterpretedFloatSymExprBuilderfreshFloatConstantfreshFloatLatchfreshFloatBoundVarIsInterpretedFloatExprBuilder iFloatPZero iFloatNZero iFloatNaN iFloatPInf iFloatNInf iFloatLitiFloatLitSingleiFloatLitDoubleiFloatLitLongDouble iFloatNeg iFloatAbs iFloatSqrt iFloatAdd iFloatSub iFloatMul iFloatDiv iFloatRem iFloatMin iFloatMax iFloatFMAiFloatEqiFloatNe iFloatFpEq iFloatFpNeiFloatLeiFloatLtiFloatGeiFloatGt iFloatIsNaN iFloatIsInf iFloatIsZero iFloatIsPos iFloatIsNegiFloatIsSubnorm iFloatIsNorm iFloatIte iFloatCast iFloatRoundiFloatFromBinaryiFloatToBinary iBVToFloat iSBVToFloat iRealToFloat iFloatToBV iFloatToSBV iFloatToRealiFloatBaseTypeReprSymInterpretedFloatSymInterpretedFloatType X86_80ValFloatInfoToBitWidthFloatPrecisionToInfoFloatInfoToPrecisionfloatInfoToPrecisionReprfloatPrecisionToInfoReprfloatInfoToBVTypeRepr fp80ToBitsfp80ToRational$fOrdFFloatInfoFloatInfoRepr$$fTestEqualityFloatInfoFloatInfoRepr$fShowFFloatInfoFloatInfoRepr$fShowFloatInfoRepr$fPrettyFloatInfoRepr$fHashableFloatInfoRepr!$fHashableFFloatInfoFloatInfoRepr$fShowX86_80Val $fEqX86_80Val$fOrdX86_80ValUnaryBVwidth traversePredsunsignedRangesunsignedEntriesevaluate sym_evaluate instantiatedomainmuxneguexttrunc$fHashableUnaryBV$fTestEqualityNatUnaryBV StringSeqStringSeqEntryStringSeqLiteral StringSeqTerm stringSeqAbstraverseStringSeq$fMonoidStringSeqNote$fSemigroupStringSeqNote%$fMeasuredStringSeqNoteStringSeqEntry$fHashableStringSeq$fHashableFStringInfoStringSeq $fEqStringSeq!$fTestEqualityStringInfoStringSeqMatlabSolverFnBoolOrFn IsIntegerFnNatLeFnIntLeFn BVToNatFnSBVToIntegerFnNatToIntegerFnIntegerToNatFnIntegerToRealFnRealToIntegerFnPredToIntegerFnNatSeqFn RealSeqFnIndicesInRangeIsEqFn BVIsNonZeroFnClampedIntNegFnClampedIntAbsFnClampedIntAddFnClampedIntSubFnClampedIntMulFnClampedUIntAddFnClampedUIntSubFnClampedUIntMulFn IntSetWidthFnUIntSetWidthFn UIntToIntFn IntToUIntFnRealIsNonZeroFn RealCosFn RealSinFn RealToSBVFn RealToUBVFn PredToBVFnCplxIsNonZeroFn CplxIsRealFnRealToComplexFnRealPartOfCplxFnImagPartOfCplxFn CplxNegFn CplxAddFn CplxSubFn CplxMulFn CplxRoundFn CplxFloorFn CplxCeilFn CplxMagFn CplxSqrtFn CplxExpFn CplxLogFn CplxLogBaseFn CplxSinFn CplxCosFn CplxTanFn clampedIntAdd clampedIntSub clampedIntMul clampedIntNeg clampedIntAbsclampedUIntAddclampedUIntSubclampedUIntMulMatlabSymbolicArrayBuildermkMatlabSolverFntraverseMatlabSolverFnmatlabSolverArgTypesmatlabSolverReturnTypeppMatlabSolverFntestSolverFnEqevalMatlabSolverFn$fHashableMatlabSolverFnAppBaseIteBaseEqNotPredConjPred SemiRingSum SemiRingProd SemiRingLe RealIsIntegerNatDivNatModIntDivIntModIntAbs IntDivisibleRealDivRealSqrtPiRealSinRealCos RealATan2RealSinhRealCoshRealExpRealLog BVTestBitBVSltBVUltBVOrBits BVUnaryTermBVConcatBVSelectBVFillBVUdivBVUremBVSdivBVSremBVShlBVLshrBVAshrBVRolBVRorBVZextBVSext BVPopcountBVCountTrailingZerosBVCountLeadingZeros FloatPZero FloatNZeroFloatNaN FloatPInf FloatNInfFloatNegFloatAbs FloatSqrtFloatAddFloatSubFloatMulFloatDivFloatRemFloatMinFloatMaxFloatFMA FloatFpEq FloatFpNeFloatLeFloatLt FloatIsNaN FloatIsInf FloatIsZero FloatIsPos FloatIsNegFloatIsSubnorm FloatIsNorm FloatCast FloatRoundFloatFromBinary FloatToBinary BVToFloat SBVToFloat RealToFloat FloatToBV FloatToSBV FloatToRealArrayMap ConstantArray UpdateArray SelectArray NatToInteger IntegerToNat IntegerToReal RealToIntegerBVToNat BVToInteger SBVToInteger IntegerToBV RoundReal RoundEvenReal FloorRealCeilRealCplxRealPartImagPartStringContainsStringIsPrefixOfStringIsSuffixOf StringIndexOfStringSubstring StringAppend StringLength StructCtor StructFieldBVOrSet ExprSymFnsymFnId symFnName symFnInfosymFnLoc SymFnInfoUninterpFnInfo DefinedFnInfoMatlabSolverFnInfoNonceApp AnnotationForallExists ArrayFromFn MapOverArraysArrayTrueOnEntriesFnApp ExprBoundVarbvarIdbvarLocbvarNamebvarTypebvarKindbvarAbstractValueVarKindQuantifierVarKind LatchVarKindUninterpVarKind symFnArgTypessymFnReturnTypetraverseBVOrSet bvOrInsert bvOrSingleton bvOrUnion bvOrToListbvOrAbs nonceAppTypeappType ppBoundVar traverseAppIdxCache ExprBuildersbUnaryThresholdsbBVDomainRangeLimitsbCacheStartSize exprCountersbStateManager FloatModeRepr FloatIEEEReprFloatUninterpretedRepr FloatRealReprFlags FloatRealFloatUninterpreted FloatIEEE FloatMode SymbolBindingVarSymbolBindingFnSymbolBindingSymbolVarBimap StringExprCplxExprRealExpr IntegerExprBVExprNatExprBoolExprExprSemiRingLiteralAppExpr NonceAppExpr BoundVarExpr appExprId appExprLoc appExprApp nonceExprId nonceExprLoc nonceExprAppasApp asNonceAppexprLociteSize asConjunction asDisjunctionemptySymbolVarBimaplookupBindingOfSymbollookupSymbolOfBinding boundVarsppExpr ppExprTop newIdxCachelookupIdxValue lookupIdxinsertIdxValuedeleteIdxValue clearIdxCache exprMaybeId idxCacheEval idxCacheEval' curProgramLoc sbNonceExpr sbMakeExprunaryThresholdOptionbvdomainRangeLimitOptioncacheStartSizeOption cacheTermsnewExprBuildergetSymbolVarBimap stopCaching startCaching evalBoundVarsnatSumintSumrealSumbvSumbvUnary scalarMul$fPolyEqExprExpr$fShowFBaseTypeExpr $fPrettyExpr $fShowExpr$fHashableFBaseTypeExpr$fHashableExpr $fOrdExpr$fEqExpr$fOrdFBaseTypeExpr$fTestEqualityBaseTypeExpr$fOrdNonceAppExpr$fEqNonceAppExpr$fOrdFBaseTypeNonceAppExpr"$fTestEqualityBaseTypeNonceAppExpr$fHasAbsValueExpr $fIsExprExpr$fOrdSymbolBinding$fEqSymbolBinding$fHashableFCtxMatlabFnWrapper $fTestEqualityCtxMatlabFnWrapper$$fTestEqualityFloatModeFloatModeRepr*$fKnownReprFloatModeFloatModeReprFloatReal3$fKnownReprFloatModeFloatModeReprFloatUninterpreted*$fKnownReprFloatModeFloatModeReprFloatIEEE$fShowFFloatModeFloatModeRepr$fShowFloatModeRepr'$fMatlabSymbolicArrayBuilderExprBuilder-$fIsInterpretedFloatSymExprBuilderExprBuilder$fIsSymExprBuilderExprBuilder*$fIsInterpretedFloatExprBuilderExprBuilder+$fIsInterpretedFloatExprBuilderExprBuilder0+$fIsInterpretedFloatExprBuilderExprBuilder1$fHashablePPIndex$fIsExprBuilderExprBuilder $fEqPPIndex $fOrdPPIndex$fGenericPPIndexsimplifycount_subterms$fApplicativeOr $fFunctorOr GroundArray ArrayMapping ArrayConcreteGroundValueWrapperGVWunGVWExprRangeBindings GroundEvalFn groundEval GroundValue lookupArraydefaultValueForTypeevalGroundExprtryEvalGroundExprevalGroundNonceApp evalGroundApp$fApplicativeMAnd $fFunctorMAndLogDatalogCallbackVerbose logVerbosity logReason logHandle SolverAdaptersolver_adapter_namesolver_adapter_config_optionssolver_adapter_check_satsolver_adapter_write_smt2 logCallbackdefaultLogDatadefaultWriteSMTLIB2FeaturesdefaultSolverAdaptersolverAdapterOptions smokeTest$fOrdSolverAdapter$fEqSolverAdapter$fShowSolverAdapter SMTReadWriter smtEvalFuns smtSatResultsmtUnsatCoreResultsmtUnsatAssumptionsResultSMTEvalFunctions smtEvalBool smtEvalBV smtEvalReal smtEvalFloatsmtEvalBvArray smtEvalStringSMTEvalBVArrayWrapperunEvalBVArrayWrapperSMTEvalBVArrayFnCollectorResultscrResult crBindingscrFreeConstants crSideConds DefineStyleFunctionDefinitionEqualityDefinition SMTWriter forallExpr existsExpr arrayConstant arraySelectcommentCommand assertCommandassertNamedCommand pushCommand popCommandpopManyCommands resetCommand checkCommandscheckWithAssumptionsCommandsgetUnsatAssumptionsCommandgetUnsatCoreCommand setOptCommanddeclareCommand defineCommanddeclareStructDatatype structCtor structProj stringTerm stringAppendresetDeclaredStructs writeCommandAcknowledgementAction AckAction runAckAction WriterConn smtWriterName connHandleconnInputHandlesupportFunctionDefssupportFunctionArgumentssupportQuantifierssupportedFeatures connStateSupportTermOpsboolExprnotExprandAllorAll.&&.||.==./= impliesExprletExprsumExprtermIntegerToRealtermRealToInteger integerTerm rationalTerm.<=.<.>.>=bvTermbvSLebvULebvSLtbvULt bvExtract bvTestBit bvSumExpr realIsInteger realATan2smtFnApp smtFnUpdate lambdaTermfromTextArrayConstantFnTypeMap BoolTypeMap NatTypeMapIntegerTypeMap RealTypeMap BVTypeMap FloatTypeMap Char8TypeMapComplexToStructTypeMapComplexToArrayTypeMapPrimArrayTypeMapFnArrayTypeMap StructTypeMapappapp_listnullAcknowledgementActionresetEntryStackpopEntryStackToTopentryStackHeightpushEntryStack popEntryStack newWriterConn addCommandaddCommandNoAck addCommands mkFreeVar bindVarAsFree assumeFormulaassumeFormulaWithNameassumeFormulaWithFreshNamefreshBoundVarNametypeMap runInSandbox mkBaseExpr mkSMTTerm mkFormulamkAtomicFormulaassumesmtExprGroundEvalFn$fTestEqualityBaseTypeTypeMap $fEqTypeMap $fShowTypeMap$fShowFBaseTypeTypeMap$fEqTermLifetime$fEqDefineStyle$fShowDefineStyle AppTheory BoolTheoryLinearArithTheoryNonlinearArithTheoryComputableArithTheoryBitvectorTheoryQuantifierTheory StringTheoryFloatingPointTheory ArrayTheory StructTheoryFnTheory quantTheory typeTheory appTheory $fEqAppTheory$fOrdAppTheoryScope ExistsOnly ExistsForall VarRecorderCollectedVarInfoQuantifierInfoMapQuantifierInfoBVI boundTopTerm boundQuantboundVarboundInnerTerm BoundQuant ForallBound ExistBoundproblemFeaturesuninterpConstantsexistQuantifiersforallQuantifierslatches varErrorspredicateVarInfocollectVarInforecordExprVars$fFunctorVarRecorder$fApplicativeVarRecorder$fMonadVarRecorder$fMonadFailVarRecorder$fMonadSTVarRecorder SolverProcess solverConnsolverCleanupCallback solverHandle solverStdinsolverResponsesolverErrorBehavior solverStderrsolverEvalFuns solverLogFn solverNamesolverEarlyUnsatsolverSupportsResetAssertions ImmediateExitContinueOnError OnlineSolverstartSolverProcessshutdownSolverProcessAnOnlineSolver killSolvercheckSatisfiablecheckSatisfiableWithModelreset inNewFrameinNewFrameWithVarscheckWithAssumptionscheckWithAssumptionsAndModelcheckcheckAndGetModel getSatResultSMTLib2GenericSolverdefaultSolverPathdefaultSolverArgsdefaultFeaturessupportsResetAssertionssetDefaultLogicAndOptionsnewDefaultWriter withSolverrunSolverInOverrideSMTLib2ExceptionSMTLib2Unsupported SMTLib2ErrorSMTLib2ParseErrorSession sessionWritersessionResponseWriter SMTLib2Tweaks smtlib2tweakssmtlib2arrayTypesmtlib2arrayConstantsmtlib2arraySelectsmtlib2arrayUpdatesmtlib2StringSortsmtlib2StringTermsmtlib2StringLengthsmtlib2StringAppendsmtlib2StringContainssmtlib2StringIndexOfsmtlib2StringIsPrefixOfsmtlib2StringIsSuffixOfsmtlib2StringSubstringsmtlib2StructSortsmtlib2StructCtorsmtlib2StructProjsmtlib2declareStructCmd all_supported arrayStore asSMT2Type newWriter writeCheckSat writeExit writeGetValue runCheckSat smtAckResultwriteDefaultSMT2 startSolvershutdownSolverppSolverVersionCheckErrorppSolverVersionError nameResultqueryErrorBehavior versionResultcheckSolverVersion'checkSolverVersion$fSupportTermOpsTerm $fNumTerm$fSMTLib2Tweaks()$fSMTWriterWriter$fExceptionSMTLib2Exception$fShowSMTLib2Exception$fSMTReadWriterWriter$fEqSMTFloatPrecision$fOrdSMTFloatPrecision$fEqSolverVersionError$fOrdSolverVersionErrorZ3z3Path z3Timeout z3Options z3Adapter z3FeatureswriteZ3SMT2FilerunZ3InOverridewithZ3$fOnlineSolverWriter$fSMTLib2GenericSolverZ3$fSMTLib2TweaksZ3$fShowZ3YicesExceptionYicesUnsupported YicesErrorYicesParseError Connection yicesTypeefSolveCommand newConnection sendChecksendCheckExistsForall assertForallsetParamsetYicesParams yicesEvalBoolyicesDefaultFeatures yicesAdapter yicesPathyicesEnableMCSatyicesEnableInteractiveyicesGoalTimeout yicesOptionswriteYicesFilerunYicesInOverride$fOnlineSolverConnection$fSupportTermOpsYicesTerm$fNumYicesTerm$fSMTWriterConnection$fExceptionYicesException$fShowYicesException$fSMTReadWriterConnectionSTPstpPath stpOptions stpAdapter stpFeaturesrunSTPInOverridewithSTP$fSMTLib2GenericSolverSTP$fSMTLib2TweaksSTP $fShowSTP DRealBindingsDReal drealPath drealOptions drealAdapterwriteDRealSMT2FilegetAvgBindingsgetBoundBindingsrunDRealInOverride$fSMTLib2TweaksDReal $fShowDRealCVC4cvc4Path cvc4Timeout cvc4Options cvc4Adapter cvc4FeatureswriteMultiAsmpCVC4SMT2FilewriteCVC4SMT2FilerunCVC4InOverridewithCVC4$fSMTLib2GenericSolverCVC4$fSMTLib2TweaksCVC4 $fShowCVC4 Boolector boolectorPathboolectorOptionsboolectorAdapterrunBoolectorInOverride withBoolectorboolectorFeatures$fSMTLib2GenericSolverBoolector$fSMTLib2TweaksBoolector$fShowBoolectorWordMap SimpleWordMap emptyWordMap muxWordMap insertWordMap lookupWordMap GHC.Types integer-gmpGHC.Integer.TypeIntegerData.Parameterized.CtxCtx+*-<=Data.Type.Equality:~:Refl TestEquality testEquality#Data.Parameterized.NatRepr.InternalNatReprnatValueknownNatData.Parameterized.NatReprlemmaMul mulCancelR natRecBounded natRecStrongnatRec natFromZero natForEach withAddLeqwithAddPrefixLeq addIsLeqLeft1 dblPosIsPosaddPrefixIsLeqaddIsLeqleqSub leqAddPosleqAdd leqMulMono leqMulPos leqMulCongrisPosNat withLeqProofleqProofleqSub2leqAdd2leqTransleqRefltestLeqlessThanAsymmetriclessThanIrreflexive testNatCases testStrictLeq decideLeqwithSubMulDistribRightwithAddMulDistribRightaddMulDistribRightminusPlusCancelplusMinusCancelmul2PlusmulComm plusAssocplusCommmaxNat mkNatReprsomeNat signedClamp unsignedClamptoSigned toUnsigned maxSigned minSigned maxUnsigned minUnsigned natMultiply withDivModNatdivNatsubNataddNathalfNatincNatpredNatdecNat isZeroOrGT1 isZeroNat withKnownNatwidthValintValue IsZeroNatZeroNat NonZeroNatLeqProofNatCases NatCaseLT NatCaseEQ NatCaseGTData.Parameterized.SomeSome compareNat NatComparisonNatLTNatEQNatGTSingPolyfromMappos_monomonorootFromRationalGHC.Base. readDecimal' readDigitsCanParseparsereadFromHandleParserpeekChardropWhitespace matchChar matchStringparseUntilCloseParen takeChars' takeCharsparseQuotedStringmatchApp checkParen parseDecimalparseDefineFun chain_app assoc_appparseAnySymbolsmtlibKeywords mergeGenericReciprocalRange halfRangeGHC.Realshrinkclampzboundsrbounds sdivRangequotscaleDownRangemixedDomainsOverlapoverlapCandidatesphase expandVarslesserbsFindSubstring GHC.MaybeNothingrangeIsInteger rangeOverlapnatRangeOverlapNotemkNote sumMapHashSumMap unfilteredSumsumMapmkProd ConfigTrie splitPath defaultOpt set_opt_helpadjustConfigTrieadjustConfigMaptraverseConfigMaptraverseConfigTrietraverseSubtree insertOption builtInOptsControl.Exception.Base catchJusttryJustSymBV'realExprAsRationalcplxLog'PredBinSWordBinSWordUnw_bvLg2bvUnbvBin bvBinPredtotalMaybestripDuplicatePreds compareLt completeList StringSeqNotebinCtxasMatlabSolverFnunconstrainedAbsValue quantAbsEvalDummy PrettyArg ppVarTypeCodeappEqFhashAppisNonLinearAppBVOrNoteBVartestExprSymFnEq bvOrContains abstractEval reduceApp PrettyApp PrettyFunc PrettyTextppVar exprPrettyArgexprPrettyIndicesstringPrettyArg showPrettyArg prettyApp ppNonceAppppApp'traverseArrayResultWrapper$traverseArrayResultWrapperAssignmenttraverseSymFnInfotraverseExprSymFn ArrayMapViewEvalHashTables CachedSymFnIOSplitPPExprList FixedPPExpr AppPPExpr apeLength ExprAllocatorsbZerosbConfiguration sbFloatReduce curAllocatorsbNonLinearOps sbProgramLocsbMatlabFnCache sbFloatMode SemiRingView exprAbsValueapeDoc ppExprLength ppExprDoc newStoragenewCachedStorageupdateVarBindingsbMakeBoundVar sbFreshIndexunaryThresholdDesccacheStartSizeDesc betaReduce runIfChangedrecordBoundVar evalSimpleFnfailsbConcreteLookupsbTryUnaryTerm viewArrayMapunderlyingArrayMapExprconcreteArrayEntriescheckAbsorptiontryAndAbsorptiontryOrAbsorptionsameTerm semiRingLe semiRingEq recordExprtoDoubleJust SMTSource SMTCollectorSMTCollectorStatefreshBoundTermFnrecordSideCondFn FreshVarFn TermLifetime DeleteNever DeleteOnPop entryStackstateRef varBindingsconsumeAcknowledgement WriterStateSMTExprasBase nextTermIdx lastPositionposition freshVarName freshVarName'withWriterStateupdateProgramLoc declareTypes defineSMTVartypeMapFirstClass freshBoundFnfreshBoundTermfreshBoundTerm'addSideConditionrunOnLiveConnection forallResultimpliesAllExpr existsResultcacheWriterResultbindVarcheckVarTypeSupportcheckArgumentTypesevalFirstClassTypeReprmkIndexLitTermmkIndexLitTermscreateTypeMapArgsForArray getSymbolNamedefineSMTFunctionmkExprmkIndicesTerms mkSMTSymFn getSMTSymFnsmtIndicesTermsfreshSandboxBoundTerm _varErrorsaddFeaturesForVarType addBothVarrecordAssertionVarsrecurseAssertedNonceAppExprVarsrecurseAssertedAppExprVarsrecurseNonceAppVarsrecurseExprVars addExistVar addForallVarGHC.IO.Handle.FDstdin popStackOnlySolverVersionCheckErrorsmtFloatExponentBitssmtFloatSignificandBitsnestedArrayUpdateparseBVLitHelper runGetValuethrowSMTLib2ParseErrorsolverMinVersionssolverMaxVersionsnatBV YicesCommand YicesTypeasYicesConfigValueshowModelCommandsetParamCommand sendShowModelgetSatResponse yicesEvalReal yicesEvalBVcheckSupportedByYices