// verifast_options{disable_overflow_check target:ILP32}

/*
  hardware integer division program, by Manna
  returns q==A//B
  */

extern void abort(void);//@ requires true; 
//@ ensures true;

extern void __assert_fail(const char *, const char *, unsigned int, const char *) __attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__noreturn__));
void reach_error() //@ requires false; 
//@ ensures true;
{ __assert_fail("0", "hard2.c", 8, "reach_error"); }
extern int __VERIFIER_nondet_int(void);//@ requires true; 
//@ ensures true;

extern void abort(void);
void assume_abort_if_not(int cond) //@ requires true; 
//@ ensures (cond != 0);
{
  if(!cond) {abort();}
}
void __VERIFIER_assert(int cond) //@ requires (cond != 0); 
//@ ensures (cond != 0);
{
    if (!(cond)) {
    ERROR:
        {reach_error();}
    }
    return;
}

int main() //@ requires module(hard2_valuebound2__verifast_instrumented_modified, true); 
//@ ensures junk();
{
    int A, B;
    int r, d, p, q;
    A = __VERIFIER_nondet_int();
    assume_abort_if_not(A>=0 && A<=2);
    B = 1;

    r = A;
    d = B;
    p = 1;
    q = 0;

    while (1)//@ invariant (((((((((A == r) && (p == 2)) && (1 <= r)) && (d == 2)) && (r <= 2)) && (q == 0)) && (B == 1)) || (((((((0 <= A) && (A == r)) && (d == 1)) && (r <= 2)) && (q == 0)) && (B == 1)) && (p == 1))) || ((((((A == 2) && (r == 2)) && (d == 4)) && (q == 0)) && (B == 1)) && (p == 4)));
 {
        __VERIFIER_assert(q == 0);
        __VERIFIER_assert(r == A);
        __VERIFIER_assert(d == B * p);
        if (!(r >= d)) break;

        d = 2 * d;
        p = 2 * p;
    }

    while (1)//@ invariant (((((((((((r == 0) && (A == 2)) && (q == 2)) && (d == 1)) && (B == 1)) && (p == 1)) || (((((A == r) && (p == 2)) && (d == 2)) && (q == 0)) && (B == 1))) || ((((((r == 0) && (A == 2)) && (q == 2)) && (p == 2)) && (d == 2)) && (B == 1))) || (((((A == (r + 1)) && (d == 1)) && (B == 1)) && (q == 1)) && (p == 1))) || (((((A == r) && (d == 1)) && (q == 0)) && (B == 1)) && (p == 1))) || ((((((A == 2) && (r == 2)) && (d == 4)) && (q == 0)) && (B == 1)) && (p == 4)));
 {
        __VERIFIER_assert(A == q*B + r);
        __VERIFIER_assert(d == B*p);

        if (!(p != 1)) break;

        d = d / 2;
        p = p / 2;
        if (r >= d) {
            r = r - d;
            q = q + p;
        }
    }

    __VERIFIER_assert(A == d*q + r);
    __VERIFIER_assert(B == d);    
    return 0;
}