// verifast_options{disable_overflow_check target:ILP32}
/*
Geometric Series
computes x = sum(z^k)[k=0..k-1], y = z^(k-1)
*/

extern void abort(void);
//@ requires true;
//@ ensures true;
void reach_error()
//@ requires false;
//@ ensures true;
{}extern int __VERIFIER_nondet_int(void);
//@ requires true;
//@ ensures true;
void assume_abort_if_not(int cond) 
//@ requires true;
//@ ensures (cond != 0);
{  if(!cond) {abort();}
}
void __VERIFIER_assert(int cond) 
//@ requires (1 <= cond);
//@ ensures (1 <= cond);
{    if (!(cond)) {
    ERROR:
        {reach_error();}
    }
    return;
}
int main() 
//@ requires module(geo3_ll_valuebound20__verifast_instrumented, true);
//@ ensures junk();
{
    //@ open_module(); 
    int z, a, k;
    unsigned long long x, y, c, az;
    z = __VERIFIER_nondet_int();
    assume_abort_if_not(z>=0 && z<=20);
    a = __VERIFIER_nondet_int();
    assume_abort_if_not(a>=0 && a<=20);
    k = __VERIFIER_nondet_int();
    assume_abort_if_not(k>=0 && k<=20);

    x = a;
    y = 1;
    c = 1;
    az = (long long) a * z;

while (1)
//@ invariant ((((((a <= 20) && (z <= 20)) && ((((((a * z) + ((z * z) * x)) + (((18446744073709551615U * z) * y) * az)) + (( 18446744073709551615U * z) * x)) % ( 1 <  < 64)) == 0)) && (0 <= a)) && ((((((z * x) + ((18446744073709551615U * y) * az)) + a) + ( 18446744073709551615U * x)) % ( 1 <  < 64)) == 0)) && (0 <= z));
    {
        __VERIFIER_assert(z*x - x + a - az*y == 0);

        if (!(c < k))
            break;

        c = c + 1;
        x = x * z + a;
        y = y * z;
    }
    __VERIFIER_assert(z*x - x + a - az*y == 0);
    return x;
}