// verifast_options{disable_overflow_check target:ILP32}
extern void abort(void);
//@ requires true;
//@ ensures true;
void reach_error()
//@ requires false;
//@ ensures true;
{}
/*
 * Implementation the Ackermann function.
 * http://en.wikipedia.org/wiki/Ackermann_function
 * 
 * Author: Matthias Heizmann
 * Date: 2013-07-13
 * 
 */

extern int __VERIFIER_nondet_int(void);
//@ requires true;
//@ ensures true;

int ackermann(int m, int n) 
//@ requires true;
//@ ensures (((((((((((((((((result == 5) && (n == 3)) || (((result == 3) && (n == 1)) && (m == 1))) || (m == 0)) || (((2 <= m) && (3 <= n)) && (5 <= result))) || (((n == 0) && (result == 2)) && (m == 1))) || (((2 <= m) && (2 <= n)) && (result == 7))) || ((result == 5) && (n == 1))) || (((result == 7) && (5 <= n)) && (m == 1))) || (((n == 0) && (2 <= m)) && (result == 3))) || ((result == 6) && (n == 4))) || (((5 <= result) && (6 <= n)) && (m == 1))) || (((result == 4) && (n == 2)) && (m == 1))) || ((3 <= m) && (3 <= result))) && ((0 < m) || (result == (n + 1)))) && (((((result == 3) && (m == 1)) || (1 < m)) || (result == 2)) || (n != 1))) && (((m == 0) || (n == 0)) || (0 < n)));
{    if (m==0) {
        return n+1;
    }
    if (n==0) {
        return ackermann(m-1,1);
    }
    return ackermann(m-1,ackermann(m,n-1));
}


int main() 
//@ requires module(Ackermann03__verifast_instrumented, true);
//@ ensures junk();
{
    //@ open_module(); 
    int m = __VERIFIER_nondet_int();
    if (m < 0 || m > 3) {
        // additional branch to avoid undefined behavior 
        // (because of signed integer overflow)
        return 0;
    }
    int n = __VERIFIER_nondet_int();
    if (n < 0 || n > 23) {
        // additional branch to avoid undefined behavior 
        // (because of signed integer overflow)
        // 
        return 0;
    }
    int result = ackermann(m,n);
    if (m != 2 || n != 2 || result == 7) {
        return 0;
    } else {
        ERROR: {reach_error();abort();}
    }
 return 0; }