void abort() { }; void assume_abort_if_not(int cond) { if(!cond) {abort();} } /*@ requires ((cond != 0)) && (cond != 0); ensures ((cond != 0)) && (1); @*/ void __VERIFIER_assert(int cond) { if (!(cond)) { ERROR: {/*@ assert(0); */;abort();} } return; } int __VERIFIER_nondet_int(); int main () { int in; int inlen = __VERIFIER_nondet_int(); int bufferlen = __VERIFIER_nondet_int(); int buf; int buflim; if(bufferlen >1);else goto END; if(inlen > 0);else goto END; if(bufferlen < inlen);else goto END; buf = 0; in = 0; buflim = bufferlen - 2; /*@ loop invariant (((((((((long long) 2 + buflim) == bufferlen) && (in == 0)) && (0 <= buflim)) && (buf == 0)) && (((long long) bufferlen + 1) <= inlen)) || ((((((((long long) bufferlen + in) + 1) <= ((long long) buf + inlen)) && (((long long) 2 + buflim) == bufferlen)) && (1 <= in)) && (0 <= buf)) && (buf <= buflim)))); @*/ while (__VERIFIER_nondet_int()) { if (buf == buflim) break; __VERIFIER_assert(0<=buf); __VERIFIER_assert(buf