// verifast_options{disable_overflow_check target:ILP32}
/* program computing a divisor for factorisation, by Knuth 4.5.4 Alg C ? */

extern void abort(void);
//@ requires true;
//@ ensures true;
void reach_error()
//@ requires false;
//@ ensures true;
{}extern int __VERIFIER_nondet_int(void);
//@ requires true;
//@ ensures true;
void assume_abort_if_not(int cond) 
//@ requires true;
//@ ensures true;
{  if(!cond) {abort();}
}
void __VERIFIER_assert(int cond) 
//@ requires (1 <= cond);
//@ ensures (1 <= cond);
{    if (!(cond)) {
    ERROR:
        {reach_error();}
    }
    return;
}

int main() 
//@ requires module(fermat1_ll_valuebound2__verifast_instrumented, true);
//@ ensures junk();
{
    //@ open_module(); 
    int A, R;
    long long u, v, r;
    A = __VERIFIER_nondet_int();
    assume_abort_if_not(A>=0 && A<=2);
    R = __VERIFIER_nondet_int();
    assume_abort_if_not(R>=0 && R<=2);
    assume_abort_if_not((((long long) R - 1) * ((long long) R - 1)) < A);
    //assume_abort_if_not(A <= R * R);
    assume_abort_if_not(A % 2 == 1);

    u = ((long long) 2 * R) + 1;
    v = 1;
    r = ((long long) R * R) - A;


while (1)
//@ invariant (((v * 2) + (u * u)) == ((((v * v) + (u * 2)) + (A * 4)) + (r * 4)));
    {
        __VERIFIER_assert(4*(A+r) == u*u - v*v - 2*u + 2*v);
        if (!(r != 0))
            break;

while (1)
//@ invariant (((v * 2) + (u * u)) == ((((v * v) + (u * 2)) + (A * 4)) + (r * 4)));
    {
	    __VERIFIER_assert(4*(A+r) == u*u - v*v - 2*u + 2*v);
            if (!(r > 0))
                break;
            r = r - v;
            v = v + 2;
        }

while (1)
//@ invariant (((v * 2) + (u * u)) == ((((v * v) + (u * 2)) + (A * 4)) + (r * 4)));
    {
	    __VERIFIER_assert(4*(A+r) == u*u - v*v - 2*u + 2*v);
            if (!(r < 0))
                break;
            r = r + u;
            u = u + 2;
        }
    }

    __VERIFIER_assert(((long long) 4*A) == u*u - v*v - 2*u + 2*v);
    return 0;
}