diff --git a/tools/db/drop_my_tables.sh b/tools/db/drop_my_tables.sh
index af88d2ed2416a030c2651b44f265cf828ed92607..17078d9462096e52156d752a62d7c4da05752d04 100755
--- a/tools/db/drop_my_tables.sh
+++ b/tools/db/drop_my_tables.sh
@@ -29,7 +29,7 @@ do
 	if [ $dropcnt -gt 1000 ]; then
 		echo --------------------------------------------------------------------------
 		echo issuing command
-		psql -t -q -c "$droptabs"
+		psql -t -q -c "$droptabs" || true
 		echo Done.
 		echo --------------------------------------------------------------------------
 		dropcnt=0
@@ -37,4 +37,4 @@ do
 	fi
 done
 echo dropping bonus tabs
-psql -t -q -c "$droptabs"
+psql -t -q -c "$droptabs" || true
diff --git a/tools/do_idapro.sh b/tools/do_idapro.sh
index b0741b5621cfe49ec19e73513b9496e507795e7c..e24880f1e81ab2e2794ee4d540ff644b5185e676 100755
--- a/tools/do_idapro.sh
+++ b/tools/do_idapro.sh
@@ -28,7 +28,13 @@ analyze_file()
 	#
 	if [ $lines -lt 10 ]; then
 		echo Failed to produce a valid annotations file for $file.
-		exit -1 
+		exit 1 
+	fi
+	# better test
+	grep "ANALYSISCOMPLETED" $file.infoannot > /dev/null 2>&1
+	if [ $? != 0 ]; then
+		echo MEDS Failed to produce successful exit code for $file.
+		exit 2 
 	fi
 
 }
diff --git a/tools/do_integertransform.sh b/tools/do_integertransform.sh
index 77eab76b94f6a5a9e00d9810b0882688963bd255..de85474cbc325e43c5c51422beb35f89bf2c606a 100755
--- a/tools/do_integertransform.sh
+++ b/tools/do_integertransform.sh
@@ -12,8 +12,9 @@ CONCOLIC_DIR=$3
 TIMEOUT=$4
 WARNINGS_ONLY=$5     # 0 or 1
 BENIGN_FP_DETECT=$6  # 0 or 1
+INSTRUMENT_IDIOMS=$7  # 0 or 1
 
-echo "intxform: cloneID=$CLONE_ID identifiedProg=$IDENTIFIED_PROG concolicDir=$CONCOLIC_DIR timeout=$TIMEOUT warningsOnly=$WARNINGS_ONLY benignFpDetect=$BENIGN_FP_DETECT"
+echo "intxform: cloneID=$CLONE_ID identifiedProg=$IDENTIFIED_PROG concolicDir=$CONCOLIC_DIR timeout=$TIMEOUT warningsOnly=$WARNINGS_ONLY benignFpDetect=$BENIGN_FP_DETECT instrumentIdioms=$INSTRUMENT_IDIOMS"
 
 # configuration variables
 LIBC_FILTER=$PEASOUP_HOME/tools/libc_functions.txt   # libc and other system library functions
@@ -89,6 +90,12 @@ if [ "$WARNINGS_ONLY" != "0" ]; then
   timeout $TIMEOUT $SECURITY_TRANSFORMS_HOME/tools/transforms/integertransformdriver.exe $CLONE_ID $LIBC_FILTER $INTEGER_WARNINGS_FILE --warning
 else
   echo "intxform: saturating arithmetic is enabled"
-  timeout $TIMEOUT $SECURITY_TRANSFORMS_HOME/tools/transforms/integertransformdriver.exe $CLONE_ID $LIBC_FILTER $INTEGER_WARNINGS_FILE --saturating-arithmetic 
+
+  if [ "$INSTRUMENT_IDIOMS" != "0" ]; then
+    echo "intxform: instrument idioms"
+    timeout $TIMEOUT $SECURITY_TRANSFORMS_HOME/tools/transforms/integertransformdriver.exe $CLONE_ID $LIBC_FILTER $INTEGER_WARNINGS_FILE --saturating-arithmetic --instrument-idioms
+  else
+    timeout $TIMEOUT $SECURITY_TRANSFORMS_HOME/tools/transforms/integertransformdriver.exe $CLONE_ID $LIBC_FILTER $INTEGER_WARNINGS_FILE --saturating-arithmetic 
+  fi
 fi
 
diff --git a/tools/do_makepeasoupbinary.sh b/tools/do_makepeasoupbinary.sh
index a7660ade56c8256385ef8ae338c119820a9c3be7..ab916bc53488e4c7b0a20d90c152bd198cc632fb 100755
--- a/tools/do_makepeasoupbinary.sh
+++ b/tools/do_makepeasoupbinary.sh
@@ -19,10 +19,12 @@ echo "datapath=$current_dir" >> $peasoup_binary
 cat >> $peasoup_binary <<"EOF"
 
 if [ -f $datapath/diagnostics.out ]; then
-	len=`cat $datapath/diagnostics.out | wc -l` 
+	len=`/bin/cat $datapath/diagnostics.out | wc -l` 
 	if [ $len -gt 0 ]; then 
 
-	    head $datapath/diagnostics.out 
+        	# make output more concise
+	    	/bin/cat $datapath/diagnostics.out | uniq > tmp.$$
+		mv tmp.$$ $datapath/diagnostics.out
 	fi
 fi
 
diff --git a/tools/do_p1transform.sh b/tools/do_p1transform.sh
index a2e1b79806b3765aee65c1a1c4771b084e8970d7..3f4d593268832013a94223603c8fd2e71cc9c3ee 100755
--- a/tools/do_p1transform.sh
+++ b/tools/do_p1transform.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash -x
 #
 # do_p1transform.sh <originalBinary> <MEDS annotationFile> <cloneId> <BED_script>
 #
@@ -261,7 +261,8 @@ touch $EXECUTED_ADDRESSES_CONCOLIC
 cat $EXECUTED_ADDRESSES_CONCOLIC >> $EXECUTED_ADDRESSES_FINAL
 
 # sanity filter, keep only well formed addresses
-cat $EXECUTED_ADDRESSES_FINAL | sed 's/\(.*0x.*\)/\1/' >tmp
+# also change a.stratafied to a.ncexe, which is the name for the main executable in IRDB
+cat $EXECUTED_ADDRESSES_FINAL | sed -e 's/\(.*0x.*\)/\1/' -e 's/^a\.stratafied+/a.ncexe+/' >tmp
 mv tmp $EXECUTED_ADDRESSES_FINAL
 
 sort $EXECUTED_ADDRESSES_FINAL | uniq > tmp
@@ -276,13 +277,15 @@ $SECURITY_TRANSFORMS_HOME/tools/cover/cover $CLONE_ID $EXECUTED_ADDRESSES_FINAL
 
 touch $COVERAGE_FILE
 
-echo "$PEASOUP_HOME/tools/my_timeout.sh $TIMEOUT_VALUE $PN_BINARY --variant_id=$CLONE_ID --bed_script=$BED_SCRIPT --coverage_file=$COVERAGE_FILE --pn_threshold=$P1THRESHOLD --canaries=$DO_CANARIES --blacklist=$LIBC_FILTER  --shared_object_protection   --no_p1_validate --align_stack"
 
+command="$PEASOUP_HOME/tools/my_timeout.sh $TIMEOUT_VALUE $PN_BINARY --variant_id=$CLONE_ID --bed_script=$BED_SCRIPT \
+		--coverage_file=$COVERAGE_FILE --pn_threshold=$P1THRESHOLD \
+		--canaries=$DO_CANARIES --blacklist=$LIBC_FILTER  --shared_object_protection   --no_p1_validate --align_stack"
 
 if [ ! -z $DEBUG_P1 ]; then
-	gdb --args $PN_BINARY --variant_id=$CLONE_ID --bed_script=$BED_SCRIPT --coverage_file=$COVERAGE_FILE --pn_threshold=$P1THRESHOLD --canaries=$DO_CANARIES --blacklist=$LIBC_FILTER  --shared_object_protection   --no_p1_validate --align_stack
+	gdb --args                                      $command
 else
-	$PEASOUP_HOME/tools/my_timeout.sh $TIMEOUT_VALUE $PN_BINARY --variant_id=$CLONE_ID --bed_script=$BED_SCRIPT --coverage_file=$COVERAGE_FILE --pn_threshold=$P1THRESHOLD --canaries=$DO_CANARIES --blacklist=$LIBC_FILTER  --shared_object_protection   --no_p1_validate --align_stack
+	$command
 fi
 
 
diff --git a/tools/intxform_detect_benign_fp.sh b/tools/intxform_detect_benign_fp.sh
index 6824c0f4ed511360ccb7b9156e36ea00db36edac..ac23960be76850e3ec53695fadd894c14395610a 100755
--- a/tools/intxform_detect_benign_fp.sh
+++ b/tools/intxform_detect_benign_fp.sh
@@ -32,7 +32,7 @@ echo "intxform(detect-benign-fp): transforming binary: cloneid=$CLONE_ID identif
 if [ -f $REGRESSION_TESTS ]; then
 	echo "intxform(detect-benign-fp): manual regression tests detected for $IDENTIFIED_PROG"
 else
-	echo "intxform(detect-benign-fp): no manual regression tests detected for $IDENTIFIED_PROG"
+	echo "intxform(detect-benign-fp): no manual regression tests detected for $IDENTIFIED_PROG in $REGRESSION_TESTS"
 	exit 1
 fi
 
diff --git a/tools/ps_analyze.sh b/tools/ps_analyze.sh
index 0d14716a5a6cb4627bfc0eb5fb67f1f0a91eadce..13520a6669b603bee6929dbbdaae5b68d76d3817 100755
--- a/tools/ps_analyze.sh
+++ b/tools/ps_analyze.sh
@@ -1,4 +1,4 @@
-#!/bin/bash   
+#!/bin/bash    
 #
 # ps_analyze.sh - analyze a program and transform it for peasoupification to prevent exploit.
 #
@@ -39,8 +39,7 @@ CONCOLIC_DIR=concolic.files_a.stratafied_0001
 intxform_warnings_only=0  # default: integer warnings only mode is off
 intxform_detect_fp=1      # default: detect benign false positives is on
                           #   but if determine_program is off, it's a no-op
-
-
+intxform_instrument_idioms=0  # default: do not instrument instructions marked as IDIOM by STARS
 
 
 # 
@@ -164,10 +163,18 @@ check_options()
 	# Note that we use `"$@"' to let each command-line parameter expand to a 
 	# separate word. The quotes around `$@' are essential!
 	# We need TEMP as the `eval set --' would nuke the return value of getopt.
-	TEMP=`getopt s:t:w: "$@"`
 
-# solaris does not support long option names
-# --long step-option: --long integer_warnings_only --long integer_detect_fp --long no_integer_detect_fp --long step: --long timeout: --long manual_test_script: --long manual_test_coverage_file: --long watchdog: 
+	short_opts="s:t:w:"
+	long_opts="--long step-option: --long integer_warnings_only --long integer_instrument_idioms --long integer_detect_fp --long no_integer_detect_fp --long step: --long timeout: --long manual_test_script: --long manual_test_coverage_file: --long watchdog: "
+
+
+	# solaris does not support long option names
+	if [ `uname -s` = "SunOS" ]; then
+		TEMP=`getopt $short_opts "$@"`
+	else
+		TEMP=`getopt -o $short_opts $long_opts -n 'ps_analyze.sh' -- "$@"`
+	fi
+
 
 	# error check #
 	if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit -1 ; fi
@@ -214,6 +221,11 @@ check_options()
 			intxform_detect_fp=1
 			shift 
 			;;
+		--integer_instrument_idioms)
+			echo "integer transform: instrument idioms"
+			intxform_instrument_idioms=1
+			shift 
+			;;
 		-t|--timeout) 
 			set_timer $2 & TIMER_PID=$!
 			shift 2 
@@ -617,11 +629,11 @@ perform_step create_binary_script 	mandatory $PEASOUP_HOME/tools/do_makepeasoupb
 perform_step heaprand 	 		pc_confine,double_free $PEASOUP_HOME/tools/update_env_var.sh STRATA_HEAPRAND 1
 perform_step controlled_exit none 		 	 $PEASOUP_HOME/tools/update_env_var.sh STRATA_CONTROLLED_EXIT 1
 perform_step detect_server  pc_confine  $PEASOUP_HOME/tools/update_env_var.sh STRATA_DETECT_SERVERS 1
-perform_step ibtc  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_IBTC 0
+#perform_step ibtc  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_IBTC 0
+#perform_step sieve  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_SIEVE 1
+#perform_step return_cache  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_RC 1
+#perform_step partial_inlining  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_PARTIAL_INLINING 0
 perform_step rekey  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_REKEY_AFTER 5000
-perform_step sieve  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_SIEVE 1
-perform_step return_cache  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_RC 1
-perform_step partial_inlining  none  $PEASOUP_HOME/tools/update_env_var.sh STRATA_PARTIAL_INLINING 0
 perform_step double_free heaprand $PEASOUP_HOME/tools/update_env_var.sh STRATA_DOUBLE_FREE 1
 perform_step pc_confine  none $PEASOUP_HOME/tools/update_env_var.sh STRATA_PC_CONFINE 1
 perform_step isr 	 pc_confine $PEASOUP_HOME/tools/update_env_var.sh STRATA_PC_CONFINE_XOR 1
@@ -782,6 +794,9 @@ if [ -z "$program" ]; then
    program="unknown"
 fi
 
+perform_step integertransform none $PEASOUP_HOME/tools/do_integertransform.sh $cloneid $program $CONCOLIC_DIR $INTEGER_TRANSFORM_TIMEOUT_VALUE $intxform_warnings_only $intxform_detect_fp $intxform_instrument_idioms
+#perform_step calc_conflicts none $SECURITY_TRANSFORMS_HOME/libIRDB/test/calc_conflicts.exe $cloneid a.ncexe
+
 perform_step integertransform meds_static,clone $PEASOUP_HOME/tools/do_integertransform.sh $cloneid $program $CONCOLIC_DIR $INTEGER_TRANSFORM_TIMEOUT_VALUE $intxform_warnings_only $intxform_detect_fp $intxform_instrument_idioms
 
 
@@ -812,6 +827,14 @@ perform_step fast_spri spasm $PEASOUP_HOME/tools/fast_spri.sh a.irdb.bspri a.ird
 perform_step preLoaded_ILR1 fast_spri $STRATA_HOME/tools/preLoaded_ILR/generate_hashfiles.exe a.irdb.fbspri 
 perform_step preLoaded_ILR2 preLoaded_ILR1 $PEASOUP_HOME/tools/generate_relocfile.sh a.irdb.fbspri
 
+# copy TOCTOU tool here if it exists
+is_step_on toctou
+if [[ $? -eq 1 && -e $GRACE_HOME/ps_concurrency/toctou_tool/libtoctou_tool.so ]];
+then
+    cp $GRACE_HOME/ps_concurrency/toctou_tool/libtoctou_tool.so libtoctou_tool.so
+    $PEASOUP_HOME/tools/update_env_var.sh DO_TOCTOU 1
+fi
+
 #
 # create a report for all of ps_analyze.
 #
diff --git a/tools/ps_analyze64.sh b/tools/ps_analyze64.sh
index 137eb1bd51e20ec2eacaa8854a2ab70451e534cd..4567a3e691cc5fa994ba35e443645d780a4f6f17 100755
--- a/tools/ps_analyze64.sh
+++ b/tools/ps_analyze64.sh
@@ -2,12 +2,12 @@
 
 $PEASOUP_HOME/tools/ps_analyze.sh $* 	\
 	--step concolic=off 		\
-	--step integertransform=off 	\
-	--step ibtc=off 		\
-	--step sieve=off 		\
-	--step partial_inlining=off 	\
-	--step return_cache=off	 	\
 
+#	--step integertransform=off 	\
+#	--step ibtc=off 		\
+#	--step sieve=off 		\
+#	--step partial_inlining=off 	\
+#	--step return_cache=off	 	\
 #	--step rekey=off	 	\
 #	--step p1transform=off 		\
 #	--step fast_annot=off 		\
diff --git a/tools/ps_release.sh b/tools/ps_release.sh
index 28e605240afb8027dc4a47948e824d7c032642b4..067798f5aa7878c354dd31708c40b9e50baa4511 100755
--- a/tools/ps_release.sh
+++ b/tools/ps_release.sh
@@ -76,7 +76,7 @@ if [ -d $1 ]; then
   verify_peasoup_dir $peasoup_dir
 else
   verify_peasoup_app $1
-  peasoup_dir=`grep ps_run $1 | cut -d' ' -f3`
+  peasoup_dir=`grep ps_run $1 | cut -d' ' -f2`
   verify_peasoup_dir $peasoup_dir
 fi
 
@@ -86,7 +86,7 @@ echo "Preparing directory for release: $peasoup_dir"
 cd $peasoup_dir
 
 files_to_keep="a.ncexe.annot 
-a.ncexe.sigs
+a.ncexe.sigs.orig
 a.stratafied 
 a.irdb.fbspri.reloc
 a.stratafied
@@ -118,10 +118,10 @@ remove_rest $files_to_keep
 #
 
 # directory has rwx for user only 
-chmod 700 .
+chmod 700 . a.ncexe.sigs.orig
 
 # non-executable files are read-only 
-chmod 400 a.irdb.fbspri.reloc a.ncexe.annot a.stratafied.data_dataListFile a.stratafied.data_hashFile a.stratafied.data_hash.ini a.stratafied.data_keyValueFile a.stratafied.data_libListFile a.stratafied.map_hashFile a.stratafied.map_hash.ini a.stratafied.map_keyValueFile a.stratafied.map_libListFile a.stratafied.term_map_hashFile a.stratafied.term_map_hash.ini a.stratafied.term_map_keyValueFile a.ncexe.sigs
+chmod 400 a.irdb.fbspri.reloc a.ncexe.annot a.stratafied.data_dataListFile a.stratafied.data_hashFile a.stratafied.data_hash.ini a.stratafied.data_keyValueFile a.stratafied.data_libListFile a.stratafied.map_hashFile a.stratafied.map_hash.ini a.stratafied.map_keyValueFile a.stratafied.map_libListFile a.stratafied.term_map_hashFile a.stratafied.term_map_hash.ini a.stratafied.term_map_keyValueFile 
 
 # executable files are r-x for user only 
 chmod 500 libappfw.so a.stratafied libstrata.so ps_run.sh
diff --git a/tools/ps_run.sh b/tools/ps_run.sh
index 0c4ad6804a87672a8e779997b7a2e7409e17706f..0f93175144c90416f8713a3d813c6a9617d635a9 100755
--- a/tools/ps_run.sh
+++ b/tools/ps_run.sh
@@ -39,14 +39,27 @@ if [ "$DO_APPFW" = "1" ]; then
 		APPFW_DB=$datapath/appfw.db
 		APPFW_SIGNATURE_FILE=$datapath/a.ncexe.sigs.$$
 	"
-	APP_LD_PRELOAD="$datapath/libappfw.so $APP_LD_PRELOAD"
+	APP_LD_PRELOAD="$datapath/libappfw.so:$APP_LD_PRELOAD"
 fi
 
 DO_TWITCHER=0
 if [ "$DO_TWITCHER" = "1" ]; then
-	LD_PRELOAD=$BOOST_HOME/lib/libboost_system.so:$BOOST_HOME/lib/libboost_thread.so:$datapath/libtwitcher_malloc.so:$APP_LD_PRELOAD
+	APP_LD_PRELOAD=$BOOST_HOME/lib/libboost_system.so:$BOOST_HOME/lib/libboost_thread.so:$datapath/libtwitcher_malloc.so:$APP_LD_PRELOAD
 fi
 
+DO_TOCTOU=0
+if [ "$DO_TOCTOU" = "1" ]; then
+	APP_LD_PRELOAD="$datapath/libtoctou_tool.so:$APP_LD_PRELOAD"
+fi
+
+
+# these are now defaulted nicely by strata for x86-32 and x86-64.
+#STRATA_IBTC=1					 
+#STRATA_IBTC_SHARED=1
+#STRATA_SIEVE=0					
+#STRATA_RC=0					
+#STRATA_PARTIAL_INLINING=1			
+
 command="$command
 LD_PRELOAD=$datapath/libstrata.so:$APP_LD_PRELOAD
 LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$datapath
@@ -62,11 +75,6 @@ STRATA_REKEY_AFTER=0
 STRATA_PC_CONFINE_XOR_KEY_LENGTH=1024		
 STRATA_ANNOT_FILE=$datapath/a.ncexe.annot 
 STRATA_IS_SO=0
-STRATA_IBTC=1					
-STRATA_IBTC_SHARED=1
-STRATA_SIEVE=0					
-STRATA_RC=0					
-STRATA_PARTIAL_INLINING=1			
 STRATA_EXE_FILE=$datapath/a.ncexe
 STRATA_MAX_WARNINGS=500000
 	exec -a $origbinpath $datapath/a.ncexe \"\$@\""