#include<assert.h>

#pragma CIVL ACSL

$input int N;
$assume(N > 0);
int a[N][N];

void arrayZeroes(int n) {
  int i, j;
  
  /*@ loop invariant 0 <= i && i <= n;
    @ loop invariant \forall int t; 0<=t && t<i ==> (\forall int k;  0<=k && k<n ==>
    @                               a[t][k] == 0);
    @ loop assigns a[0 .. n-1][0 .. n-1], i, j;
    @*/
  for (i = 0; i < n; i++) {
    /*@ loop invariant 0 <= j && j <= n;
      @ loop invariant \forall int k; 0<=k && k<j 
      @                               ==> a[i][k] == 0;
      @ loop assigns a[i][0 .. n-1], j;
      @*/
    for (j = 0; j < n; j++)
      a[i][j] = 1;
  }
}

int main() {
  $havoc(&a);
  arrayZeroes(N);
  $assert($forall (int i : 0 .. N-1) ($forall (int j : 0 .. N-1) a[i][j] == 1));
}