// verifast_options{disable_overflow_check target:ILP32}
/* 
Geometric Series
computes x = sum(z^k)[k=0..k-1], y = z^(k-1)
*/

extern void abort(void);
//@ requires integer(&counter, ?veri_req_counter) &*& true;
//@ ensures integer(&counter, ?veri_ens_counter) &*& true;
void reach_error()
//@ requires false;
//@ ensures true;
{}extern int __VERIFIER_nondet_int(void);
//@ requires integer(&counter, ?veri_req_counter) &*& true;
//@ ensures integer(&counter, ?veri_ens_counter) &*& true;
void assume_abort_if_not(int cond) 
//@ requires integer(&counter, ?veri_req_counter) &*& true;
//@ ensures integer(&counter, ?veri_ens_counter) &*& true;
{  if(!cond) {abort();}
}
void __VERIFIER_assert(int cond) 
//@ requires integer(&counter, ?veri_req_counter) &*& (1 <= cond);
//@ ensures integer(&counter, ?veri_ens_counter) &*& (1 <= cond);
{    if (!(cond)) {
    ERROR:
        {reach_error();}
    }
    return;
}


int counter = 0;
int main() 
//@ requires module(geo2_ll_unwindbound1__verifast_instrumented, true) &*& (counter == 0);
//@ ensures (counter == 0) &*& junk();
{
    //@ open_module(); 
    int z, k;
    unsigned long long x, y, c;
    z = __VERIFIER_nondet_int();
    k = __VERIFIER_nondet_int();

    x = 1;
    y = 1;
    c = 1;

while (counter++<1)
//@ invariant integer(&counter, ?veri_inv_counter) &*& (((((y == 1) && (x == 1)) && (veri_inv_counter == 0)) || (((z == y) && (1 <= veri_inv_counter)) && (x == (z + 1)))) && (veri_req_counter == 0));
    {
        __VERIFIER_assert(1 + x*z - x - z*y == 0);

        if (!(c < k))
            break;

        c = c + 1;
        x = x * z + 1;
        y = y * z;
    }
    __VERIFIER_assert(1 + x*z - x - z*y == 0);
    return 0;
}