From 429adecca03fb3608c917f5d4c3ed898537277f1 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 10 Apr 2017 14:31:03 +0100
Subject: [PATCH 01/57] goto-instrument --remove-function-body

Removes the implementation of a function (but not its declaration or its call
sites) from a goto program. This enables stubbing of possibly costly functions,
such as custom memset implementations.
---
 src/goto-instrument/goto_instrument_parse_options.cpp | 1 +
 src/goto-instrument/remove_function.cpp               | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/src/goto-instrument/goto_instrument_parse_options.cpp b/src/goto-instrument/goto_instrument_parse_options.cpp
index 622618a220f..3a05ecd9854 100644
--- a/src/goto-instrument/goto_instrument_parse_options.cpp
+++ b/src/goto-instrument/goto_instrument_parse_options.cpp
@@ -95,6 +95,7 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "undefined_functions.h"
 #include "remove_function.h"
 
+
 void goto_instrument_parse_optionst::eval_verbosity()
 {
   unsigned int v=8;
diff --git a/src/goto-instrument/remove_function.cpp b/src/goto-instrument/remove_function.cpp
index 131438d1af6..be92826a843 100644
--- a/src/goto-instrument/remove_function.cpp
+++ b/src/goto-instrument/remove_function.cpp
@@ -23,6 +23,7 @@ Date: April 2017
 /// goto_functions  Input functions to be modified
 /// identifier  Function to be removed
 /// message_handler  Error/status output
+
 void remove_function(
   symbol_tablet &symbol_table,
   goto_functionst &goto_functions,
@@ -63,6 +64,7 @@ void remove_function(
 /// goto_functions  Input functions to be modified
 /// names  List of functions to be removed
 /// message_handler  Error/status output
+
 void remove_functions(
   symbol_tablet &symbol_table,
   goto_functionst &goto_functions,

From ab78f8d689d258d604e63e96138d6927af985e6c Mon Sep 17 00:00:00 2001
From: Daniel Kroening <kroening@cs.ox.ac.uk>
Date: Sun, 9 Apr 2017 13:31:57 +0100
Subject: [PATCH 02/57] allow direct accesses into arrays despite signedness
 mismatch

---
 src/pointer-analysis/value_set_dereference.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/pointer-analysis/value_set_dereference.cpp b/src/pointer-analysis/value_set_dereference.cpp
index 9efd87c5793..db373ee31be 100644
--- a/src/pointer-analysis/value_set_dereference.cpp
+++ b/src/pointer-analysis/value_set_dereference.cpp
@@ -424,6 +424,7 @@ value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
               ns.follow(memory_symbol.type).subtype(),
               dereference_type))
     {
+
       exprt index_expr=index_exprt(symbol_expr, pointer_offset(pointer_expr));
       index_expr.type()=ns.follow(memory_symbol.type).subtype();
       result.value=typecast_exprt(index_expr, dereference_type);

From e9fc7a302944d19d7605f3dc964c717602574550 Mon Sep 17 00:00:00 2001
From: Daniel Kroening <kroening@cs.ox.ac.uk>
Date: Sun, 9 Apr 2017 16:39:10 +0100
Subject: [PATCH 03/57] first stab at instrumenting memory-mapped I/O

---
 src/goto-programs/mm_io.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/goto-programs/mm_io.cpp b/src/goto-programs/mm_io.cpp
index a8378fc200d..994a00e311b 100644
--- a/src/goto-programs/mm_io.cpp
+++ b/src/goto-programs/mm_io.cpp
@@ -18,6 +18,7 @@ Date:   April 2017
 #include "remove_returns.h"
 #include "mm_io.h"
 
+
 void collect_deref_expr(
   const exprt &src,
   std::set<dereference_exprt> &dest)

From 9791d2898a97bd9b26a133f50611228837e6f7b0 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Wed, 24 May 2017 18:26:24 +0100
Subject: [PATCH 04/57] Do not configure bmct/prop_convt before reading goto
 programs

get_goto_program may affect configt, in particular the ansi_c.pointer_width.
Thus prop_convt may be configured with the wrong pointer width in bv_pointerst.
---
 src/cbmc/cbmc_parse_options.cpp | 135 ++++++++++++++++++++++++++------
 1 file changed, 109 insertions(+), 26 deletions(-)

diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index d2f1c178d8e..7c3f90800b9 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -1,9 +1,6 @@
 /*******************************************************************\
-
 Module: CBMC Command Line Option Processing
-
 Author: Daniel Kroening, kroening@kroening.com
-
 \*******************************************************************/
 
 /// \file
@@ -55,11 +52,15 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include <pointer-analysis/add_failed_symbols.h>
 
+#include <analyses/goto_check.h>
+
 #include <langapi/mode.h>
 
 #include "cbmc_solvers.h"
 #include "cbmc_parse_options.h"
 #include "bmc.h"
+#include "bmc_incremental_one_loop.h"
+#include "bmc_incremental.h"
 #include "version.h"
 #include "xml_interface.h"
 
@@ -181,9 +182,18 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
       cmdline.get_value("localize-faults-method"));
   }
 
+  if(cmdline.isset("unwind-max"))
+    options.set_option("unwind-max", cmdline.get_value("unwind-max"));
+  if(cmdline.isset("unwind-min"))
+    options.set_option("unwind-min", cmdline.get_value("unwind-min"));
   if(cmdline.isset("unwind"))
     options.set_option("unwind", cmdline.get_value("unwind"));
 
+  if(cmdline.isset("ignore-assertions-before-unwind-min"))
+    options.set_option("ignore-assertions-before-unwind-min", true);
+  if(cmdline.isset("stop-when-unsat"))
+    options.set_option("stop-when-unsat", true);
+
   if(cmdline.isset("depth"))
     options.set_option("depth", cmdline.get_value("depth"));
 
@@ -196,6 +206,25 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
   if(cmdline.isset("unwindset"))
     options.set_option("unwindset", cmdline.get_value("unwindset"));
 
+  if(cmdline.isset("incremental"))
+  {
+    options.set_option("refine", true);
+    options.set_option("refine-arrays", true);
+    options.set_option("incremental", true);
+  }
+  if(cmdline.isset("incremental-check"))
+  {
+    options.set_option("refine", true);
+    options.set_option("refine-arrays", true);
+    options.set_option(
+      "incremental-check", cmdline.get_value("incremental-check"));
+  }
+  if(cmdline.isset("earliest-loop-exit"))
+    options.set_option("earliest-loop-exit", true);
+  // heuristic unwinding numbers used for SV-COMP
+  if(cmdline.isset("magic-numbers"))
+    options.set_option("magic-numbers", true);
+
   // constant propagation
   if(cmdline.isset("no-propagation"))
     options.set_option("propagation", false);
@@ -420,6 +449,28 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
       cmdline.get_value("symex-coverage-report"));
 }
 
+
+bool cbmc_parse_optionst::options_exclusive(const char *opt1, const char *opt2)
+{
+  if(cmdline.isset(opt1) && cmdline.isset(opt2))
+  {
+    error() << "--" << opt1 << " cannot be used with --" << opt2 << eom;
+    return true;
+  }
+  return false;
+}
+
+
+bool cbmc_parse_optionst::options_inclusive(const char *opt1, const char *opt2)
+{
+  if(cmdline.isset(opt1) && !cmdline.isset(opt2))
+  {
+    error() << "--" << opt1 << " can only be used with --" << opt2 << eom;
+    return true;
+  }
+  return false;
+}
+
 /// invoke main modules
 int cbmc_parse_optionst::doit()
 {
@@ -457,6 +508,13 @@ int cbmc_parse_optionst::doit()
     return 1; // should contemplate EX_USAGE from sysexits.h
   }
 
+  if(options_exclusive("incremental", "unwind") ||
+     options_exclusive("incremental", "incremental-check") ||
+     options_inclusive("earliest-loop-exit", "incremental"))
+  {
+    return 1;
+  }
+
   register_languages();
 
   if(cmdline.isset("test-preprocessor"))
@@ -470,6 +528,38 @@ int cbmc_parse_optionst::doit()
 
   goto_functionst goto_functions;
 
+  // get solver
+  cbmc_solverst cbmc_solvers(options, symbol_table, ui_message_handler);
+  cbmc_solvers.set_ui(get_ui());
+
+  std::unique_ptr<cbmc_solverst::solvert> cbmc_solver;
+
+  try
+  {
+    cbmc_solver=cbmc_solvers.get_solver();
+  }
+
+  catch(const char *error_msg)
+  {
+    error() << error_msg << eom;
+    return 1; // should contemplate EX_SOFTWARE from sysexits.h
+  }
+
+  prop_convt &prop_conv=cbmc_solver->prop_conv();
+
+  std::unique_ptr<bmct> bmc;
+  if(options.get_option("incremental-check")!="")
+    bmc=std::unique_ptr<bmct>(
+      new bmc_incremental_one_loopt(
+        options, symbol_table, ui_message_handler, prop_conv, goto_functions));
+  else if(options.get_bool_option("incremental"))
+    bmc=std::unique_ptr<bmct>(
+      new bmc_incrementalt(
+        options, symbol_table, ui_message_handler, prop_conv, goto_functions));
+  else
+    bmc=std::unique_ptr<bmct>(
+      new bmct(options, symbol_table, ui_message_handler, prop_conv));
+
   expr_listt bmc_constraints;
 
   int get_goto_program_ret=
@@ -494,29 +584,8 @@ int cbmc_parse_optionst::doit()
   if(options.get_bool_option("java-unwind-enum-static"))
     remove_static_init_loops(symbol_table, goto_functions, options);
 
-  // get solver
-  cbmc_solverst cbmc_solvers(options, symbol_table, ui_message_handler);
-  cbmc_solvers.set_ui(get_ui());
-
-  std::unique_ptr<cbmc_solverst::solvert> cbmc_solver;
-
-  try
-  {
-    cbmc_solver=cbmc_solvers.get_solver();
-  }
-
-  catch(const char *error_msg)
-  {
-    error() << error_msg << eom;
-    return 1; // should contemplate EX_SOFTWARE from sysexits.h
-  }
-
-  prop_convt &prop_conv=cbmc_solver->prop_conv();
-
-  bmct bmc(options, symbol_table, ui_message_handler, prop_conv);
-
   // do actual BMC
-  return do_bmc(bmc, goto_functions);
+  return do_bmc(*bmc, goto_functions);
 }
 
 bool cbmc_parse_optionst::set_properties(goto_functionst &goto_functions)
@@ -928,7 +997,7 @@ int cbmc_parse_optionst::do_bmc(
   int result=6;
 
   // do actual BMC
-  switch(bmc.run(goto_functions))
+  switch(bmc(goto_functions))
   {
     case safety_checkert::resultt::SAFE:
       result=0;
@@ -939,6 +1008,9 @@ int cbmc_parse_optionst::do_bmc(
     case safety_checkert::resultt::ERROR:
       result=6;
       break;
+    case safety_checkert::resultt::UNKNOWN:
+     result=6;
+     break;
   }
 
   // let's log some more statistics
@@ -1051,6 +1123,17 @@ void cbmc_parse_optionst::help()
     " --unwind nr                  unwind nr times\n"
     " --unwindset L:B,...          unwind loop L with a bound of B\n"
     "                              (use --show-loops to get the loop IDs)\n"
+    " --incremental                check after each unwinding\n"
+    " --incremental-check L        check after each unwinding of loop L\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --unwind-min nr              start incremental check after nr unwindings\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --unwind-max nr              stop incremental check after nr unwindings\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --earliest-loop-exit         stop unwinding as soon as possible\n"
+    // NOLINTNEXTLINE(whitespace/line_length)
+    " --ignore-assertions-before-unwind-min     only check loop assertions after loop unwound to unwind-min\n"
+    " --stop-when-unsat            for step case in k-induction checks\n"
     " --show-vcc                   show the verification conditions\n"
     " --slice-formula              remove assignments unrelated to property\n"
     " --unwinding-assertions       generate unwinding assertions\n"

From d9d4c0a955c5eb79081b5aed6895bb39ffcff94f Mon Sep 17 00:00:00 2001
From: Daniel Kroening <kroening@cs.ox.ac.uk>
Date: Thu, 25 May 2017 21:21:50 +0100
Subject: [PATCH 05/57] restore do_bmc interface, for the benefit of cegis and
 hw-cbmc; partially reverts dd2a55f43a761441d4d718721c30e47f62493b3c

---
 src/cbmc/cbmc_parse_options.cpp | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index 7c3f90800b9..2718421fb56 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -584,6 +584,27 @@ int cbmc_parse_optionst::doit()
   if(options.get_bool_option("java-unwind-enum-static"))
     remove_static_init_loops(symbol_table, goto_functions, options);
 
+  // get solver
+  cbmc_solverst cbmc_solvers(options, symbol_table, ui_message_handler);
+  cbmc_solvers.set_ui(get_ui());
+
+  std::unique_ptr<cbmc_solverst::solvert> cbmc_solver;
+
+  try
+  {
+    cbmc_solver=cbmc_solvers.get_solver();
+  }
+
+  catch(const char *error_msg)
+  {
+    error() << error_msg << eom;
+    return 1; // should contemplate EX_SOFTWARE from sysexits.h
+  }
+
+  prop_convt &prop_conv=cbmc_solver->prop_conv();
+
+  bmct bmc(options, symbol_table, ui_message_handler, prop_conv);
+
   // do actual BMC
   return do_bmc(*bmc, goto_functions);
 }

From 625b348b14d9b27126e907758aed79cda0f110b6 Mon Sep 17 00:00:00 2001
From: Daniel Kroening <kroening@cs.ox.ac.uk>
Date: Thu, 25 May 2017 19:59:11 +0100
Subject: [PATCH 06/57] the c_types now have stronger C++ types

---
 src/util/c_types.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/util/c_types.cpp b/src/util/c_types.cpp
index cc2880cb577..e8598f57e4d 100644
--- a/src/util/c_types.cpp
+++ b/src/util/c_types.cpp
@@ -18,6 +18,7 @@ bitvector_typet index_type()
   return signed_size_type();
 }
 
+
 /// return type of enum constants
 bitvector_typet enum_constant_type()
 {

From 299e494d6980dad3f816772dfd5a393ea9b67b19 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 7 Jul 2016 09:31:27 +0200
Subject: [PATCH 07/57] Message handlers maintain counters of messages per
 level

Works at all message levels, instead of the previous get_errors_found
workarounds.
---
 src/goto-programs/goto_convert_functions.cpp | 1 -
 src/util/cout_message.cpp                    | 2 ++
 src/util/ui_message.cpp                      | 4 ++++
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/goto-programs/goto_convert_functions.cpp b/src/goto-programs/goto_convert_functions.cpp
index 69f35bbdbea..0a0c7cb7d79 100644
--- a/src/goto-programs/goto_convert_functions.cpp
+++ b/src/goto-programs/goto_convert_functions.cpp
@@ -259,7 +259,6 @@ void goto_convert(
   {
     goto_convert_functions.error() << e << messaget::eom;
   }
-
   if(message_handler.get_message_count(messaget::M_ERROR)!=errors_before)
     throw 0;
 }
diff --git a/src/util/cout_message.cpp b/src/util/cout_message.cpp
index 357453bd20e..1c159f8b7c5 100644
--- a/src/util/cout_message.cpp
+++ b/src/util/cout_message.cpp
@@ -38,6 +38,8 @@ void console_message_handlert::print(
   if(verbosity<level)
     return;
 
+  message_handlert::print(level, message);
+
   #ifdef _WIN32
   HANDLE out_handle=
     GetStdHandle((level>1)?STD_OUTPUT_HANDLE:STD_ERROR_HANDLE);
diff --git a/src/util/ui_message.cpp b/src/util/ui_message.cpp
index e750c60e3bb..88a26c6045d 100644
--- a/src/util/ui_message.cpp
+++ b/src/util/ui_message.cpp
@@ -97,6 +97,8 @@ void ui_message_handlert::print(
     {
     case uit::PLAIN:
     {
+      message_handlert::print(level, message);
+
       console_message_handlert console_message_handler;
       console_message_handler.print(level, message);
     }
@@ -134,6 +136,8 @@ void ui_message_handlert::print(
     case uit::XML_UI:
     case uit::JSON_UI:
     {
+      message_handlert::print(level, message);
+
       std::string tmp_message(message);
 
       if(!tmp_message.empty() && *tmp_message.rbegin()=='\n')

From 3512cbcf94bae7d565b55579c8dcd9f01834c3b9 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 7 Jul 2016 11:28:25 +0200
Subject: [PATCH 08/57] Support flush at eom to ensure complete output

---
 src/util/message.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/util/message.h b/src/util/message.h
index 1d4b3d54e40..387bd04821b 100644
--- a/src/util/message.h
+++ b/src/util/message.h
@@ -94,6 +94,11 @@ class stream_message_handlert:public message_handlert
     out << std::flush;
   }
 
+  virtual void flush(unsigned level)
+  {
+    out << std::flush;
+  }
+
 protected:
   std::ostream &out;
 };

From c27a209bf7ba8260ebed9680433b096306b0fe28 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 7 Jul 2016 11:34:56 +0200
Subject: [PATCH 09/57] Removed legacy_typecheckt interface, use new message
 counters

---
 src/util/cout_message.cpp | 2 --
 src/util/message.h        | 5 -----
 src/util/ui_message.cpp   | 4 ----
 3 files changed, 11 deletions(-)

diff --git a/src/util/cout_message.cpp b/src/util/cout_message.cpp
index 1c159f8b7c5..357453bd20e 100644
--- a/src/util/cout_message.cpp
+++ b/src/util/cout_message.cpp
@@ -38,8 +38,6 @@ void console_message_handlert::print(
   if(verbosity<level)
     return;
 
-  message_handlert::print(level, message);
-
   #ifdef _WIN32
   HANDLE out_handle=
     GetStdHandle((level>1)?STD_OUTPUT_HANDLE:STD_ERROR_HANDLE);
diff --git a/src/util/message.h b/src/util/message.h
index 387bd04821b..1d4b3d54e40 100644
--- a/src/util/message.h
+++ b/src/util/message.h
@@ -94,11 +94,6 @@ class stream_message_handlert:public message_handlert
     out << std::flush;
   }
 
-  virtual void flush(unsigned level)
-  {
-    out << std::flush;
-  }
-
 protected:
   std::ostream &out;
 };
diff --git a/src/util/ui_message.cpp b/src/util/ui_message.cpp
index 88a26c6045d..e750c60e3bb 100644
--- a/src/util/ui_message.cpp
+++ b/src/util/ui_message.cpp
@@ -97,8 +97,6 @@ void ui_message_handlert::print(
     {
     case uit::PLAIN:
     {
-      message_handlert::print(level, message);
-
       console_message_handlert console_message_handler;
       console_message_handler.print(level, message);
     }
@@ -136,8 +134,6 @@ void ui_message_handlert::print(
     case uit::XML_UI:
     case uit::JSON_UI:
     {
-      message_handlert::print(level, message);
-
       std::string tmp_message(message);
 
       if(!tmp_message.empty() && *tmp_message.rbegin()=='\n')

From d81688623879d7d041aaf7b972550c14ee3a7698 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 7 Jul 2016 09:57:47 +0200
Subject: [PATCH 10/57] Make goto-cc fail when warnings are emitted and -Werror
 and -Wextra are set

For goto-cl, goto-armcc, etc the equivalent options enable fail-on-warnings
mode. Do not fail with -Werror -Wall (but not -Wextra) as that breaks too
many builds as we don't have an equivalent of -Wno-...
---
 src/goto-cc/as_mode.cpp  | 1 +
 src/goto-cc/compile.cpp  | 7 ++++++-
 src/goto-cc/compile.h    | 1 +
 src/goto-cc/cw_mode.cpp  | 1 +
 src/goto-cc/gcc_mode.cpp | 1 +
 5 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/goto-cc/as_mode.cpp b/src/goto-cc/as_mode.cpp
index c36e755b471..020c84650a4 100644
--- a/src/goto-cc/as_mode.cpp
+++ b/src/goto-cc/as_mode.cpp
@@ -128,6 +128,7 @@ int as_modet::doit()
 
   // determine actions to be undertaken
   compilet compiler(cmdline, message_handler, cmdline.isset("fatal-warnings"));
+  compiler.ui_message_handler.set_verbosity(verbosity);
 
   if(cmdline.isset('b')) // as86 only
   {
diff --git a/src/goto-cc/compile.cpp b/src/goto-cc/compile.cpp
index f9184b86598..9079b8bf9c6 100644
--- a/src/goto-cc/compile.cpp
+++ b/src/goto-cc/compile.cpp
@@ -117,7 +117,11 @@ bool compilet::doit()
   const unsigned warnings_before=
     get_message_handler().get_message_count(messaget::M_WARNING);
 
+<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
   if(!source_files.empty())
+=======
+  if(source_files.size()>0)
+>>>>>>> HEAD~84
     if(compile())
       return true;
 
@@ -644,7 +648,8 @@ bool compilet::parse_source(const std::string &file_name)
 /// constructor
 /// \return nothing
 compilet::compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror):
-  language_uit(_cmdline, mh),
+  language_uit(_cmdline, ui_message_handler),
+  ui_message_handler(_cmdline, "goto-cc " CBMC_VERSION),
   ns(symbol_table),
   cmdline(_cmdline),
   warning_is_fatal(Werror)
diff --git a/src/goto-cc/compile.h b/src/goto-cc/compile.h
index d0a521769c1..e55344f1923 100644
--- a/src/goto-cc/compile.h
+++ b/src/goto-cc/compile.h
@@ -47,6 +47,7 @@ class compilet:public language_uit
   std::string object_file_extension;
   std::string output_file_object, output_file_executable;
 
+
   compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror);
 
   ~compilet();
diff --git a/src/goto-cc/cw_mode.cpp b/src/goto-cc/cw_mode.cpp
index 46746ae529e..80f75eb10d2 100644
--- a/src/goto-cc/cw_mode.cpp
+++ b/src/goto-cc/cw_mode.cpp
@@ -38,6 +38,7 @@ int cw_modet::doit()
 
   unsigned int verbosity=1;
 
+
   compilet compiler(cmdline, message_handler, cmdline.isset("Werror"));
 
   #if 0
diff --git a/src/goto-cc/gcc_mode.cpp b/src/goto-cc/gcc_mode.cpp
index ce2fa4405ec..6ec233f4aae 100644
--- a/src/goto-cc/gcc_mode.cpp
+++ b/src/goto-cc/gcc_mode.cpp
@@ -432,6 +432,7 @@ int gcc_modet::doit()
                     cmdline.isset("Werror") &&
                     cmdline.isset("Wextra") &&
                     !cmdline.isset("Wno-error"));
+  compiler.set_message_handler(get_message_handler());
 
   if(act_as_ld)
     compiler.mode=compilet::LINK_LIBRARY;

From 731278172eda1ca6c2561a219cae7c210b426997 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Fri, 28 Apr 2017 15:07:46 +0100
Subject: [PATCH 11/57] Pass message handler on to compilet

GOTO conversion must honour the message handler set up by the chosen goto-cc
mode. Thus the message handler set up in the specific mode has to be handed on
to compilet. As a language_uit this requires a ui_message_handlert. Consequently
make console_message_handlert, gcc_message_handlert ui_message_handlert in PLAIN
ui mode (which is consistent).
---
 src/goto-cc/compile.cpp  | 1 +
 src/goto-cc/compile.h    | 1 -
 src/goto-cc/cw_mode.cpp  | 1 -
 src/goto-cc/gcc_mode.cpp | 1 -
 4 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/goto-cc/compile.cpp b/src/goto-cc/compile.cpp
index 9079b8bf9c6..c2048bc6037 100644
--- a/src/goto-cc/compile.cpp
+++ b/src/goto-cc/compile.cpp
@@ -645,6 +645,7 @@ bool compilet::parse_source(const std::string &file_name)
   return false;
 }
 
+
 /// constructor
 /// \return nothing
 compilet::compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror):
diff --git a/src/goto-cc/compile.h b/src/goto-cc/compile.h
index e55344f1923..d0a521769c1 100644
--- a/src/goto-cc/compile.h
+++ b/src/goto-cc/compile.h
@@ -47,7 +47,6 @@ class compilet:public language_uit
   std::string object_file_extension;
   std::string output_file_object, output_file_executable;
 
-
   compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror);
 
   ~compilet();
diff --git a/src/goto-cc/cw_mode.cpp b/src/goto-cc/cw_mode.cpp
index 80f75eb10d2..46746ae529e 100644
--- a/src/goto-cc/cw_mode.cpp
+++ b/src/goto-cc/cw_mode.cpp
@@ -38,7 +38,6 @@ int cw_modet::doit()
 
   unsigned int verbosity=1;
 
-
   compilet compiler(cmdline, message_handler, cmdline.isset("Werror"));
 
   #if 0
diff --git a/src/goto-cc/gcc_mode.cpp b/src/goto-cc/gcc_mode.cpp
index 6ec233f4aae..ce2fa4405ec 100644
--- a/src/goto-cc/gcc_mode.cpp
+++ b/src/goto-cc/gcc_mode.cpp
@@ -432,7 +432,6 @@ int gcc_modet::doit()
                     cmdline.isset("Werror") &&
                     cmdline.isset("Wextra") &&
                     !cmdline.isset("Wno-error"));
-  compiler.set_message_handler(get_message_handler());
 
   if(act_as_ld)
     compiler.mode=compilet::LINK_LIBRARY;

From aea33d527d1290ee21cc6944e8bcaab5d20b159d Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Wed, 26 Apr 2017 11:18:25 +0100
Subject: [PATCH 12/57] get-gcc-builtins: only dump declarations not found in
 existing files

Also update to include all files required in current GCC trunk.
---
 src/ansi-c/get-gcc-builtins.sh | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/src/ansi-c/get-gcc-builtins.sh b/src/ansi-c/get-gcc-builtins.sh
index fd06b79945d..84175f0e293 100755
--- a/src/ansi-c/get-gcc-builtins.sh
+++ b/src/ansi-c/get-gcc-builtins.sh
@@ -25,7 +25,6 @@ cat > gcc-builtins.h <<EOF
 #include <unistd.h>
 #include <stdio.h>
 #include <wctype.h>
-
 typedef   char   __gcc_v8qi  __attribute__ ((__vector_size__ (8)));
 typedef   char   __gcc_v16qi __attribute__ ((__vector_size__ (16)));
 typedef   char   __gcc_v32qi __attribute__ ((__vector_size__ (32)));
@@ -50,7 +49,6 @@ typedef   long long __gcc_v2di __attribute__ ((__vector_size__ (16)));
 typedef   long long __gcc_v4di __attribute__ ((__vector_size__ (32)));
 typedef   long long __gcc_v8di __attribute__ ((__vector_size__ (64)));
 typedef   unsigned long long __gcc_di;
-
 EOF
 
 cat > builtins.h <<EOF
@@ -98,17 +96,14 @@ cat > builtins.h <<EOF
 #define short_unsigned_type_node unsigned short
 #define short_integer_type_node short
 #define unsigned_char_type_node unsigned char
-
 // some newer versions of GCC apparently support __floatXYZ
 #define dfloat32_type_node __float32
 #define dfloat64_type_node __float64
 #define dfloat128_type_node __float128
-
 #define build_qualified_type(t, q) q t
 #define build_pointer_type(t) t*
 #define TYPE_QUAL_VOLATILE volatile
 #define TYPE_QUAL_CONST const
-
 #define DEF_PRIMITIVE_TYPE(ENUM, TYPE) \
 NEXTDEF ENUM TYPE
 #define DEF_FUNCTION_TYPE_0(ENUM, RETURN) \
@@ -135,7 +130,6 @@ NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, ARG8, A
 NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, ARG8, ARG9, ARG10)
 #define DEF_FUNCTION_TYPE_11(ENUM, RETURN, ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, ARG8, ARG9, ARG10, ARG11) \
 NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, ARG8, ARG9, ARG10, ARG11)
-
 #define DEF_FUNCTION_TYPE_VAR_0(ENUM, RETURN) \
 NEXTDEF ENUM(name) RETURN name()
 #define DEF_FUNCTION_TYPE_VAR_1(ENUM, RETURN, ARG1) \
@@ -152,21 +146,15 @@ NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ...)
 NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ...)
 #define DEF_FUNCTION_TYPE_VAR_7(ENUM, RETURN, ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7) \
 NEXTDEF ENUM(name) RETURN name(ARG1, ARG2, ARG3, ARG4, ARG5, ARG6, ARG7, ...)
-
 #define DEF_POINTER_TYPE(ENUM, TYPE) \
 NEXTDEF ENUM TYPE*
-
 #define DEF_POINTER_TYPE_CONST(ENUM, TYPE, C) \
 NEXTDEF ENUM const TYPE*
-
 #include "builtin-types.def"
-
 NEXTDEF DEF_BUILTIN(ENUM, NAME, CLASS, TYPE, LIBTYPE, BOTH_P, \
                   FALLBACK_P, NONANSI_P, ATTRS, IMPLICIT, COND) \
 TYPE(MANGLE(NAME));
-
 #include "i386-builtin-types-expanded.def"
-
 NEXTDEF BDESC(mask, icode, name, code, comparison, flag) \
 flag(MANGLEi386(name));
 NEXTDEF BDESC_FIRST(kind, KIND, mask, icode, name, code, comparison, flag) \
@@ -176,12 +164,10 @@ EOF
 grep '^DEF_VECTOR_TYPE' i386-builtin-types.def | \
   awk -F '[,() \t]' '{ print "#define " $3 " __gcc_" tolower($3) }' \
   > i386-builtin-types-expanded.def
-
 grep -v '^DEF_FUNCTION_TYPE[[:space:]]' i386-builtin-types.def | \
   grep '^DEF_P' | \
   sed '/^DEF_POINTER_TYPE[^,]*, [^,]*, [^,]*$/ s/_TYPE/_TYPE_CONST/' \
   >> i386-builtin-types-expanded.def
-
 cat i386-builtin-types.def | \
   sed '/^DEF_FUNCTION_TYPE[[:space:]]/! s/.*//' | \
   sed 's/^DEF_FUNCTION_TYPE[[:space:]]*(\([^,]*\))/\1_FTYPE_VOID/' | \
@@ -272,4 +258,4 @@ cat gcc-builtins.h | sed 's/__builtin/XX__builtin/' | \
   gcc -D__CPROVER_size_t=size_t -c -fno-builtin -x c - -o gcc-builtins.o
 rm gcc-builtins.o
 
-echo "Successfully built gcc-builtins.h"
+echo "Successfully built gcc-builtins.h"
\ No newline at end of file

From 421cc8aa0e057929481df08abf7ac39122b5a5ac Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Wed, 26 Apr 2017 11:19:46 +0100
Subject: [PATCH 13/57] Split generic GCC built-ins, extend using current GCC
 trunk

---
 src/ansi-c/Makefile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/ansi-c/Makefile b/src/ansi-c/Makefile
index 90bdd1e6a56..b7e58abb345 100644
--- a/src/ansi-c/Makefile
+++ b/src/ansi-c/Makefile
@@ -142,8 +142,12 @@ generated_files: cprover_library.inc gcc_builtin_headers_generic.inc \
 	ansi_c_y.tab.h clang_builtin_headers.inc gcc_builtin_headers_ia32-2.inc \
   gcc_builtin_headers_math.inc gcc_builtin_headers_omp.inc \
   gcc_builtin_headers_tm.inc gcc_builtin_headers_ubsan.inc \
+<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
   gcc_builtin_headers_mem_string.inc \
   gcc_builtin_headers_ia32-3.inc gcc_builtin_headers_ia32-4.inc
+=======
+  gcc_builtin_headers_mem_string.inc
+>>>>>>> HEAD~80
 
 ###############################################################################
 

From be6860b5e3996e8c748944167a99297b00d55079 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 27 Apr 2017 08:00:24 +0100
Subject: [PATCH 14/57] builtin-headers-ia32: remove space before '*'

---
 src/ansi-c/gcc_builtin_headers_ia32.h | 430 +++++++++++++-------------
 1 file changed, 215 insertions(+), 215 deletions(-)

diff --git a/src/ansi-c/gcc_builtin_headers_ia32.h b/src/ansi-c/gcc_builtin_headers_ia32.h
index 9be09f54701..dbb508ab3b8 100644
--- a/src/ansi-c/gcc_builtin_headers_ia32.h
+++ b/src/ansi-c/gcc_builtin_headers_ia32.h
@@ -3,7 +3,7 @@
 
 __float128 __builtin_fabsq(__float128);
 __float128 __builtin_copysignq(__float128, __float128);
-void __builtin_ia32_pause();
+void __builtin_ia32_pause(void);
 __float128 __builtin_infq(void);
 __float128 __builtin_huge_valq(void);
 __gcc_v8qi __builtin_ia32_paddb(__gcc_v8qi, __gcc_v8qi);
@@ -78,14 +78,14 @@ void __builtin_ia32_maskmovq(__gcc_v8qi, __gcc_v8qi, char*);
 
 // clang uses the following:
 // void __builtin_ia32_movntq(__gcc_v1di*, __gcc_v1di);
- //
- // GCC uses this:
+//
+// GCC uses this:
 // void __builtin_ia32_movntq(__gcc_di*, __gcc_di);
- //
- // So, we use:
+//
+// So, we use:
 void __builtin_ia32_movntq(void*, ...);
 
-void __builtin_ia32_sfence();
+void __builtin_ia32_sfence(void);
 int __builtin_ia32_comieq(__gcc_v4sf, __gcc_v4sf);
 int __builtin_ia32_comineq(__gcc_v4sf, __gcc_v4sf);
 int __builtin_ia32_comilt(__gcc_v4sf, __gcc_v4sf);
@@ -275,14 +275,14 @@ __gcc_v8hi __builtin_ia32_packssdw128(__gcc_v4si, __gcc_v4si);
 __gcc_v16qi __builtin_ia32_packuswb128(__gcc_v8hi, __gcc_v8hi);
 __gcc_v8hi __builtin_ia32_pmulhuw128(__gcc_v8hi, __gcc_v8hi);
 void __builtin_ia32_maskmovdqu(__gcc_v16qi, __gcc_v16qi, char*);
-__gcc_v2df __builtin_ia32_loadupd(const double*);
+__gcc_v2df __builtin_ia32_loadupd(double*);
 void __builtin_ia32_storeupd(double*, __gcc_v2df);
-__gcc_v2df __builtin_ia32_loadhpd(__gcc_v2df, const double*);
-__gcc_v2df __builtin_ia32_loadlpd(__gcc_v2df, const double*);
+__gcc_v2df __builtin_ia32_loadhpd(__gcc_v2df, double const*);
+__gcc_v2df __builtin_ia32_loadlpd(__gcc_v2df, double const*);
 int __builtin_ia32_movmskpd(__gcc_v2df);
 int __builtin_ia32_pmovmskb128(__gcc_v16qi);
 void __builtin_ia32_movnti(int*, int);
-void __builtin_ia32_movnti64(long long*, long long);
+void __builtin_ia32_movnti64(__gcc_di*, __gcc_di);
 void __builtin_ia32_movntpd(double*, __gcc_v2df);
 void __builtin_ia32_movntdq(__gcc_v2di*, __gcc_v2di);
 __gcc_v4si __builtin_ia32_pshufd(__gcc_v4si, int);
@@ -302,17 +302,17 @@ __gcc_v2si __builtin_ia32_cvttpd2pi(__gcc_v2df);
 __gcc_v2df __builtin_ia32_cvtpi2pd(__gcc_v2si);
 int __builtin_ia32_cvtsd2si(__gcc_v2df);
 int __builtin_ia32_cvttsd2si(__gcc_v2df);
-long long __builtin_ia32_cvtsd2si64(__gcc_v2df);
-long long __builtin_ia32_cvttsd2si64(__gcc_v2df);
+__gcc_di __builtin_ia32_cvtsd2si64(__gcc_v2df);
+__gcc_di __builtin_ia32_cvttsd2si64(__gcc_v2df);
 __gcc_v4si __builtin_ia32_cvtps2dq(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_cvtps2pd(__gcc_v4sf);
 __gcc_v4si __builtin_ia32_cvttps2dq(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_cvtsi2sd(__gcc_v2df, int);
-__gcc_v2df __builtin_ia32_cvtsi642sd(__gcc_v2df, long long);
+__gcc_v2df __builtin_ia32_cvtsi642sd(__gcc_v2df, __gcc_di);
 __gcc_v4sf __builtin_ia32_cvtsd2ss(__gcc_v4sf, __gcc_v2df);
 __gcc_v2df __builtin_ia32_cvtss2sd(__gcc_v2df, __gcc_v4sf);
 void __builtin_ia32_clflush(const void*);
-void __builtin_ia32_lfence();
+void __builtin_ia32_lfence(void);
 void __builtin_ia32_mfence(void);
 __gcc_v16qi __builtin_ia32_loaddqu(const char*);
 void __builtin_ia32_storedqu(char*, __gcc_v16qi);
@@ -344,7 +344,7 @@ __gcc_v2df __builtin_ia32_haddpd(__gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_haddps(__gcc_v4sf, __gcc_v4sf);
 __gcc_v2df __builtin_ia32_hsubpd(__gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_hsubps(__gcc_v4sf, __gcc_v4sf);
-__gcc_v16qi __builtin_ia32_lddqu(const char*);
+__gcc_v16qi __builtin_ia32_lddqu(char const*);
 void __builtin_ia32_monitor(void*, unsigned int, unsigned int);
 __gcc_v2df __builtin_ia32_movddup(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_movshdup(__gcc_v4sf);
@@ -383,18 +383,18 @@ __gcc_v2di __builtin_ia32_palignr128(__gcc_v2di, __gcc_v2di, int);
 __gcc_v16qi __builtin_ia32_pabsb128(__gcc_v16qi);
 __gcc_v4si __builtin_ia32_pabsd128(__gcc_v4si);
 __gcc_v8hi __builtin_ia32_pabsw128(__gcc_v8hi);
-__gcc_v2df __builtin_ia32_blendpd(__gcc_v2df, __gcc_v2df, int);
-__gcc_v4sf __builtin_ia32_blendps(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v2df __builtin_ia32_blendpd(__gcc_v2df, __gcc_v2df, const int);
+__gcc_v4sf __builtin_ia32_blendps(__gcc_v4sf, __gcc_v4sf, const int);
 __gcc_v2df __builtin_ia32_blendvpd(__gcc_v2df, __gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_blendvps(__gcc_v4sf, __gcc_v4sf, __gcc_v4sf);
-__gcc_v2df __builtin_ia32_dppd(__gcc_v2df, __gcc_v2df, int);
-__gcc_v4sf __builtin_ia32_dpps(__gcc_v4sf, __gcc_v4sf, int);
-__gcc_v4sf __builtin_ia32_insertps128(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v2df __builtin_ia32_dppd(__gcc_v2df, __gcc_v2df, const int);
+__gcc_v4sf __builtin_ia32_dpps(__gcc_v4sf, __gcc_v4sf, const int);
+__gcc_v4sf __builtin_ia32_insertps128(__gcc_v4sf, __gcc_v4sf, const int);
 __gcc_v2di __builtin_ia32_movntdqa(__gcc_v2di*);
-__gcc_v16qi __builtin_ia32_mpsadbw128(__gcc_v16qi, __gcc_v16qi, int);
+__gcc_v16qi __builtin_ia32_mpsadbw128(__gcc_v16qi, __gcc_v16qi, const int);
 __gcc_v8hi __builtin_ia32_packusdw128(__gcc_v4si, __gcc_v4si);
 __gcc_v16qi __builtin_ia32_pblendvb128(__gcc_v16qi, __gcc_v16qi, __gcc_v16qi);
-__gcc_v8hi __builtin_ia32_pblendw128(__gcc_v8hi, __gcc_v8hi, int);
+__gcc_v8hi __builtin_ia32_pblendw128(__gcc_v8hi, __gcc_v8hi, const int);
 __gcc_v2di __builtin_ia32_pcmpeqq(__gcc_v2di, __gcc_v2di);
 __gcc_v8hi __builtin_ia32_phminposuw128(__gcc_v8hi);
 __gcc_v16qi __builtin_ia32_pmaxsb128(__gcc_v16qi, __gcc_v16qi);
@@ -422,10 +422,10 @@ __gcc_v4si __builtin_ia32_pmulld128(__gcc_v4si, __gcc_v4si);
 int __builtin_ia32_ptestc128(__gcc_v2di, __gcc_v2di);
 int __builtin_ia32_ptestnzc128(__gcc_v2di, __gcc_v2di);
 int __builtin_ia32_ptestz128(__gcc_v2di, __gcc_v2di);
-__gcc_v2df __builtin_ia32_roundpd(__gcc_v2df, int);
-__gcc_v4sf __builtin_ia32_roundps(__gcc_v4sf, int);
-__gcc_v2df __builtin_ia32_roundsd(__gcc_v2df, __gcc_v2df, int);
-__gcc_v4sf __builtin_ia32_roundss(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v2df __builtin_ia32_roundpd(__gcc_v2df, const int);
+__gcc_v4sf __builtin_ia32_roundps(__gcc_v4sf, const int);
+__gcc_v2df __builtin_ia32_roundsd(__gcc_v2df, __gcc_v2df, const int);
+__gcc_v4sf __builtin_ia32_roundss(__gcc_v4sf, __gcc_v4sf, const int);
 int __builtin_ia32_vec_ext___gcc_v16qi(__gcc_v16qi, const int);
 float __builtin_ia32_vec_ext___gcc_v4sf(__gcc_v4sf, const int);
 int __builtin_ia32_vec_ext___gcc_v4si(__gcc_v4si, const int);
@@ -445,31 +445,31 @@ int __builtin_ia32_pcmpistrio128(__gcc_v16qi, __gcc_v16qi, const int);
 int __builtin_ia32_pcmpistris128(__gcc_v16qi, __gcc_v16qi, const int);
 int __builtin_ia32_pcmpistriz128(__gcc_v16qi, __gcc_v16qi, const int);
 __gcc_v2di __builtin_ia32_pcmpgtq(__gcc_v2di, __gcc_v2di);
-unsigned __builtin_ia32_crc32qi(unsigned, unsigned char);
-unsigned __builtin_ia32_crc32hi(unsigned, unsigned short);
-unsigned __builtin_ia32_crc32si(unsigned, unsigned);
+unsigned int __builtin_ia32_crc32qi(unsigned int, unsigned char);
+unsigned int __builtin_ia32_crc32hi(unsigned int, unsigned short);
+unsigned int __builtin_ia32_crc32si(unsigned int, unsigned int);
 unsigned long long __builtin_ia32_crc32di(unsigned long long, unsigned long long);
 int __builtin_popcount(unsigned int);
 int __builtin_popcountl(unsigned long);
 int __builtin_popcountll(unsigned long long);
-__gcc_v4df __builtin_ia32_addpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_addps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_addsubpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_addsubps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_andnpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_andnps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_andpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_andps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_blendpd256(__gcc_v4df, __gcc_v4df, int);
-__gcc_v8sf __builtin_ia32_blendps256(__gcc_v8sf, __gcc_v8sf, int);
-__gcc_v4df __builtin_ia32_blendvpd256(__gcc_v4df, __gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_blendvps256(__gcc_v8sf, __gcc_v8sf, __gcc_v8sf);
-__gcc_v2df __builtin_ia32_cmppd(__gcc_v2df, __gcc_v2df, int);
-__gcc_v4df __builtin_ia32_cmppd256(__gcc_v4df, __gcc_v4df, int);
-__gcc_v4sf __builtin_ia32_cmpps(__gcc_v4sf, __gcc_v4sf, int);
-__gcc_v8sf __builtin_ia32_cmpps256(__gcc_v8sf, __gcc_v8sf, int);
-__gcc_v2df __builtin_ia32_cmpsd(__gcc_v2df, __gcc_v2df, int);
-__gcc_v4sf __builtin_ia32_cmpss(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v4df __builtin_ia32_addpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_addps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_addsubpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_addsubps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_andnpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_andnps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_andpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_andps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_blendpd256(__gcc_v4df,__gcc_v4df,int);
+__gcc_v8sf __builtin_ia32_blendps256(__gcc_v8sf,__gcc_v8sf,int);
+__gcc_v4df __builtin_ia32_blendvpd256(__gcc_v4df,__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_blendvps256(__gcc_v8sf,__gcc_v8sf,__gcc_v8sf);
+__gcc_v2df __builtin_ia32_cmppd(__gcc_v2df,__gcc_v2df,int);
+__gcc_v4df __builtin_ia32_cmppd256(__gcc_v4df,__gcc_v4df,int);
+__gcc_v4sf __builtin_ia32_cmpps(__gcc_v4sf,__gcc_v4sf,int);
+__gcc_v8sf __builtin_ia32_cmpps256(__gcc_v8sf,__gcc_v8sf,int);
+__gcc_v2df __builtin_ia32_cmpsd(__gcc_v2df,__gcc_v2df,int);
+__gcc_v4sf __builtin_ia32_cmpss(__gcc_v4sf,__gcc_v4sf,int);
 __gcc_v4df __builtin_ia32_cvtdq2pd256(__gcc_v4si);
 __gcc_v8sf __builtin_ia32_cvtdq2ps256(__gcc_v8si);
 __gcc_v4si __builtin_ia32_cvtpd2dq256(__gcc_v4df);
@@ -478,38 +478,38 @@ __gcc_v8si __builtin_ia32_cvtps2dq256(__gcc_v8sf);
 __gcc_v4df __builtin_ia32_cvtps2pd256(__gcc_v4sf);
 __gcc_v4si __builtin_ia32_cvttpd2dq256(__gcc_v4df);
 __gcc_v8si __builtin_ia32_cvttps2dq256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_divpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_divps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v8sf __builtin_ia32_dpps256(__gcc_v8sf, __gcc_v8sf, int);
-__gcc_v4df __builtin_ia32_haddpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_haddps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_hsubpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_hsubps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_divpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_divps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v8sf __builtin_ia32_dpps256(__gcc_v8sf,__gcc_v8sf,int);
+__gcc_v4df __builtin_ia32_haddpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_haddps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_hsubpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_hsubps256(__gcc_v8sf,__gcc_v8sf);
 __gcc_v32qi __builtin_ia32_lddqu256(const char*);
 __gcc_v32qi __builtin_ia32_loaddqu256(const char*);
 __gcc_v4df __builtin_ia32_loadupd256(const double*);
 __gcc_v8sf __builtin_ia32_loadups256(const float*);
-__gcc_v2df __builtin_ia32_maskloadpd(const __gcc_v2df*, __gcc_v2di);
-__gcc_v4df __builtin_ia32_maskloadpd256(const __gcc_v4df*, __gcc_v4di);
-__gcc_v4sf __builtin_ia32_maskloadps(const __gcc_v4sf*, __gcc_v4si);
-__gcc_v8sf __builtin_ia32_maskloadps256(const __gcc_v8sf*, __gcc_v8si);
-void __builtin_ia32_maskstorepd(__gcc_v2df*, __gcc_v2di, __gcc_v2df);
-void __builtin_ia32_maskstorepd256(__gcc_v4df*, __gcc_v4di, __gcc_v4df);
-void __builtin_ia32_maskstoreps(__gcc_v4sf*, __gcc_v4si, __gcc_v4sf);
-void __builtin_ia32_maskstoreps256(__gcc_v8sf*, __gcc_v8si, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_maxpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_maxps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_minpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_minps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v2df __builtin_ia32_maskloadpd(const __gcc_v2df*,__gcc_v2df);
+__gcc_v4df __builtin_ia32_maskloadpd256(const __gcc_v4df*,__gcc_v4df);
+__gcc_v4sf __builtin_ia32_maskloadps(const __gcc_v4sf*,__gcc_v4sf);
+__gcc_v8sf __builtin_ia32_maskloadps256(const __gcc_v8sf*,__gcc_v8sf);
+void __builtin_ia32_maskstorepd(__gcc_v2df*,__gcc_v2df,__gcc_v2df);
+void __builtin_ia32_maskstorepd256(__gcc_v4df*,__gcc_v4df,__gcc_v4df);
+void __builtin_ia32_maskstoreps(__gcc_v4sf*,__gcc_v4sf,__gcc_v4sf);
+void __builtin_ia32_maskstoreps256(__gcc_v8sf*,__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_maxpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_maxps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_minpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_minps256(__gcc_v8sf,__gcc_v8sf);
 __gcc_v4df __builtin_ia32_movddup256(__gcc_v4df);
 int __builtin_ia32_movmskpd256(__gcc_v4df);
 int __builtin_ia32_movmskps256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_movshdup256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_movsldup256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_mulpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_mulps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_orpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_orps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_mulpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_mulps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_orpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_orps256(__gcc_v8sf,__gcc_v8sf);
 __gcc_v2df __builtin_ia32_pd_pd256(__gcc_v4df);
 __gcc_v4df __builtin_ia32_pd256_pd(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_ps_ps256(__gcc_v8sf);
@@ -518,52 +518,52 @@ int __builtin_ia32_ptestc256(__gcc_v4di,__gcc_v4di,...);
 int __builtin_ia32_ptestnzc256(__gcc_v4di,__gcc_v4di,...);
 int __builtin_ia32_ptestz256(__gcc_v4di,__gcc_v4di,...);
 __gcc_v8sf __builtin_ia32_rcpps256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_roundpd256(__gcc_v4df, int);
-__gcc_v8sf __builtin_ia32_roundps256(__gcc_v8sf, int);
+__gcc_v4df __builtin_ia32_roundpd256(__gcc_v4df,int);
+__gcc_v8sf __builtin_ia32_roundps256(__gcc_v8sf,int);
 __gcc_v8sf __builtin_ia32_rsqrtps_nr256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_rsqrtps256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_shufpd256(__gcc_v4df, __gcc_v4df, int);
-__gcc_v8sf __builtin_ia32_shufps256(__gcc_v8sf, __gcc_v8sf, int);
+__gcc_v4df __builtin_ia32_shufpd256(__gcc_v4df,__gcc_v4df,int);
+__gcc_v8sf __builtin_ia32_shufps256(__gcc_v8sf,__gcc_v8sf,int);
 __gcc_v4si __builtin_ia32_si_si256(__gcc_v8si);
 __gcc_v8si __builtin_ia32_si256_si(__gcc_v4si);
 __gcc_v4df __builtin_ia32_sqrtpd256(__gcc_v4df);
 __gcc_v8sf __builtin_ia32_sqrtps_nr256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_sqrtps256(__gcc_v8sf);
-void __builtin_ia32_storedqu256(char*, __gcc_v32qi);
-void __builtin_ia32_storeupd256(double*, __gcc_v4df);
-void __builtin_ia32_storeups256(float*, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_subpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_subps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_unpckhpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_unpckhps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v4df __builtin_ia32_unpcklpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_unpcklps256(__gcc_v8sf, __gcc_v8sf);
+void __builtin_ia32_storedqu256(char*,__gcc_v32qi);
+void __builtin_ia32_storeupd256(double*,__gcc_v4df);
+void __builtin_ia32_storeups256(float*,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_subpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_subps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_unpckhpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_unpckhps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_unpcklpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_unpcklps256(__gcc_v8sf,__gcc_v8sf);
 __gcc_v4df __builtin_ia32_vbroadcastf128_pd256(const __gcc_v2df*);
 __gcc_v8sf __builtin_ia32_vbroadcastf128_ps256(const __gcc_v4sf*);
 __gcc_v4df __builtin_ia32_vbroadcastsd256(const double*);
 __gcc_v4sf __builtin_ia32_vbroadcastss(const float*);
 __gcc_v8sf __builtin_ia32_vbroadcastss256(const float*);
-__gcc_v2df __builtin_ia32_vextractf128_pd256(__gcc_v4df, int);
-__gcc_v4sf __builtin_ia32_vextractf128_ps256(__gcc_v8sf, int);
-__gcc_v4si __builtin_ia32_vextractf128_si256(__gcc_v8si, int);
-__gcc_v4df __builtin_ia32_vinsertf128_pd256(__gcc_v4df, __gcc_v2df, int);
-__gcc_v8sf __builtin_ia32_vinsertf128_ps256(__gcc_v8sf, __gcc_v4sf, int);
-__gcc_v8si __builtin_ia32_vinsertf128_si256(__gcc_v8si, __gcc_v4si, int);
-__gcc_v4df __builtin_ia32_vperm2f128_pd256(__gcc_v4df, __gcc_v4df, int);
-__gcc_v8sf __builtin_ia32_vperm2f128_ps256(__gcc_v8sf, __gcc_v8sf, int);
-__gcc_v8si __builtin_ia32_vperm2f128_si256(__gcc_v8si, __gcc_v8si, int);
+__gcc_v2df __builtin_ia32_vextractf128_pd256(__gcc_v4df,int);
+__gcc_v4sf __builtin_ia32_vextractf128_ps256(__gcc_v8sf,int);
+__gcc_v4si __builtin_ia32_vextractf128_si256(__gcc_v8si,int);
+__gcc_v4df __builtin_ia32_vinsertf128_pd256(__gcc_v4df,__gcc_v2df,int);
+__gcc_v8sf __builtin_ia32_vinsertf128_ps256(__gcc_v8sf,__gcc_v4sf,int);
+__gcc_v8si __builtin_ia32_vinsertf128_si256(__gcc_v8si,__gcc_v4si,int);
+__gcc_v4df __builtin_ia32_vperm2f128_pd256(__gcc_v4df,__gcc_v4df,int);
+__gcc_v8sf __builtin_ia32_vperm2f128_ps256(__gcc_v8sf,__gcc_v8sf,int);
+__gcc_v8si __builtin_ia32_vperm2f128_si256(__gcc_v8si,__gcc_v8si,int);
 __gcc_v2df __builtin_ia32_vpermil2pd(__gcc_v2df,__gcc_v2df,__gcc_v2di,int);
 __gcc_v4df __builtin_ia32_vpermil2pd256(__gcc_v4df,__gcc_v4df,__gcc_v4di,int);
 __gcc_v4sf __builtin_ia32_vpermil2ps(__gcc_v4sf,__gcc_v4sf,__gcc_v4si,int);
 __gcc_v8sf __builtin_ia32_vpermil2ps256(__gcc_v8sf,__gcc_v8sf,__gcc_v8si,int);
-__gcc_v2df __builtin_ia32_vpermilpd(__gcc_v2df, int);
-__gcc_v4df __builtin_ia32_vpermilpd256(__gcc_v4df, int);
-__gcc_v4sf __builtin_ia32_vpermilps(__gcc_v4sf, int);
-__gcc_v8sf __builtin_ia32_vpermilps256(__gcc_v8sf, int);
-__gcc_v2df __builtin_ia32_vpermilvarpd(__gcc_v2df, __gcc_v2di);
-__gcc_v4df __builtin_ia32_vpermilvarpd256(__gcc_v4df, __gcc_v4di);
-__gcc_v4sf __builtin_ia32_vpermilvarps(__gcc_v4sf, __gcc_v4si);
-__gcc_v8sf __builtin_ia32_vpermilvarps256(__gcc_v8sf, __gcc_v8si);
+__gcc_v2df __builtin_ia32_vpermilpd(__gcc_v2df,int);
+__gcc_v4df __builtin_ia32_vpermilpd256(__gcc_v4df,int);
+__gcc_v4sf __builtin_ia32_vpermilps(__gcc_v4sf,int);
+__gcc_v8sf __builtin_ia32_vpermilps256(__gcc_v8sf,int);
+__gcc_v2df __builtin_ia32_vpermilvarpd(__gcc_v2df,__gcc_v2di);
+__gcc_v4df __builtin_ia32_vpermilvarpd256(__gcc_v4df,__gcc_v4di);
+__gcc_v4sf __builtin_ia32_vpermilvarps(__gcc_v4sf,__gcc_v4si);
+__gcc_v8sf __builtin_ia32_vpermilvarps256(__gcc_v8sf,__gcc_v8si);
 int __builtin_ia32_vtestcpd(__gcc_v2df,__gcc_v2df,...);
 int __builtin_ia32_vtestcpd256(__gcc_v4df,__gcc_v4df,...);
 int __builtin_ia32_vtestcps(__gcc_v4sf,__gcc_v4sf,...);
@@ -576,61 +576,61 @@ int __builtin_ia32_vtestzpd(__gcc_v2df,__gcc_v2df,...);
 int __builtin_ia32_vtestzpd256(__gcc_v4df,__gcc_v4df,...);
 int __builtin_ia32_vtestzps(__gcc_v4sf,__gcc_v4sf,...);
 int __builtin_ia32_vtestzps256(__gcc_v8sf,__gcc_v8sf,...);
-void __builtin_ia32_vzeroall();
-void __builtin_ia32_vzeroupper();
-__gcc_v4df __builtin_ia32_xorpd256(__gcc_v4df, __gcc_v4df);
-__gcc_v8sf __builtin_ia32_xorps256(__gcc_v8sf, __gcc_v8sf);
-__gcc_v32qi __builtin_ia32_mpsadbw256(__gcc_v32qi, __gcc_v32qi, int);
+void __builtin_ia32_vzeroall(void);
+void __builtin_ia32_vzeroupper(void);
+__gcc_v4df __builtin_ia32_xorpd256(__gcc_v4df,__gcc_v4df);
+__gcc_v8sf __builtin_ia32_xorps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v32qi __builtin_ia32_mpsadbw256(__gcc_v32qi,__gcc_v32qi,int);
 __gcc_v32qi __builtin_ia32_pabsb256(__gcc_v32qi);
 __gcc_v16hi __builtin_ia32_pabsw256(__gcc_v16hi);
 __gcc_v8si __builtin_ia32_pabsd256(__gcc_v8si);
-__gcc_v16hi __builtin_ia32_packssdw256(__gcc_v8si, __gcc_v8si);
-__gcc_v32qi __builtin_ia32_packsswb256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_packusdw256(__gcc_v8si, __gcc_v8si);
-__gcc_v32qi __builtin_ia32_packuswb256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_paddb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_paddd256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_paddq256(__gcc_v4di, __gcc_v4di);
-__gcc_v32qi __builtin_ia32_paddsb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_paddusb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddusw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_packssdw256(__gcc_v8si,__gcc_v8si);
+__gcc_v32qi __builtin_ia32_packsswb256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v16hi __builtin_ia32_packusdw256(__gcc_v8si,__gcc_v8si);
+__gcc_v32qi __builtin_ia32_packuswb256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_paddb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_paddd256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_paddq256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_paddsb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_paddusb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddusw256(__gcc_v16hi,__gcc_v16hi);
 __gcc_v4di __builtin_ia32_palignr256(__gcc_v4di,__gcc_v4di,int);
-__gcc_v4di __builtin_ia32_andsi256(__gcc_v4di, __gcc_v4di);
-__gcc_v4di __builtin_ia32_andnotsi256(__gcc_v4di, __gcc_v4di);
-__gcc_v32qi __builtin_ia32_pavgb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pavgw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_pblendvb256(__gcc_v32qi, __gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pblendw256(__gcc_v16hi, __gcc_v16hi, int);
-__gcc_v32qi __builtin_ia32_pcmpeqb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pcmpeqw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pcmpeqd256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_pcmpeqq256(__gcc_v4di, __gcc_v4di);
-__gcc_v32qi __builtin_ia32_pcmpgtb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pcmpgtw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pcmpgtd256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_pcmpgtq256(__gcc_v4di, __gcc_v4di);
-__gcc_v16hi __builtin_ia32_phaddw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_phaddd256(__gcc_v8si, __gcc_v8si);
-__gcc_v16hi __builtin_ia32_phaddsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_phsubw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_phsubd256(__gcc_v8si, __gcc_v8si);
-__gcc_v16hi __builtin_ia32_phsubsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmaddubsw256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v8si __builtin_ia32_pmaddwd256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_pmaxsb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pmaxsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmaxsd256(__gcc_v8si, __gcc_v8si);
-__gcc_v32qi __builtin_ia32_pmaxub256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pmaxuw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmaxud256(__gcc_v8si, __gcc_v8si);
-__gcc_v32qi __builtin_ia32_pminsb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pminsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pminsd256(__gcc_v8si, __gcc_v8si);
-__gcc_v32qi __builtin_ia32_pminub256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pminuw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pminud256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_andsi256(__gcc_v4di,__gcc_v4di);
+__gcc_v4di __builtin_ia32_andnotsi256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_pavgb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pavgw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_pblendvb256(__gcc_v32qi,__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pblendw256(__gcc_v16hi,__gcc_v16hi,int);
+__gcc_v32qi __builtin_ia32_pcmpeqb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pcmpeqw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pcmpeqd256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_pcmpeqq256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_pcmpgtb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pcmpgtw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pcmpgtd256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_pcmpgtq256(__gcc_v4di,__gcc_v4di);
+__gcc_v16hi __builtin_ia32_phaddw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_phaddd256(__gcc_v8si,__gcc_v8si);
+__gcc_v16hi __builtin_ia32_phaddsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v16hi __builtin_ia32_phsubw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_phsubd256(__gcc_v8si,__gcc_v8si);
+__gcc_v16hi __builtin_ia32_phsubsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_pmaddubsw256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pmaddwd256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_pmaxsb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pmaxsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmaxsd256(__gcc_v8si,__gcc_v8si);
+__gcc_v32qi __builtin_ia32_pmaxub256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pmaxuw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmaxud256(__gcc_v8si,__gcc_v8si);
+__gcc_v32qi __builtin_ia32_pminsb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pminsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pminsd256(__gcc_v8si,__gcc_v8si);
+__gcc_v32qi __builtin_ia32_pminub256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pminuw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pminud256(__gcc_v8si,__gcc_v8si);
 int __builtin_ia32_pmovmskb256(__gcc_v32qi);
 __gcc_v16hi __builtin_ia32_pmovsxbw256(__gcc_v16qi);
 __gcc_v8si __builtin_ia32_pmovsxbd256(__gcc_v16qi);
@@ -644,22 +644,22 @@ __gcc_v4di __builtin_ia32_pmovzxbq256(__gcc_v16qi);
 __gcc_v8si __builtin_ia32_pmovzxwd256(__gcc_v8hi);
 __gcc_v4di __builtin_ia32_pmovzxwq256(__gcc_v8hi);
 __gcc_v4di __builtin_ia32_pmovzxdq256(__gcc_v4si);
-__gcc_v4di __builtin_ia32_pmuldq256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_pmuldq256(__gcc_v8si,__gcc_v8si);
 __gcc_v16hi __builtin_ia32_pmulhrsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmulhuw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmulhw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmullw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmulld256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_pmuludq256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_por256(__gcc_v4di, __gcc_v4di);
-__gcc_v16hi __builtin_ia32_psadbw256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v32qi __builtin_ia32_pshufb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v8si __builtin_ia32_pshufd256(__gcc_v8si, int);
-__gcc_v16hi __builtin_ia32_pshufhw256(__gcc_v16hi, int);
-__gcc_v16hi __builtin_ia32_pshuflw256(__gcc_v16hi, int);
-__gcc_v32qi __builtin_ia32_psignb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psignw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_psignd256(__gcc_v8si, __gcc_v8si);
+__gcc_v16hi __builtin_ia32_pmulhuw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v16hi __builtin_ia32_pmulhw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v16hi __builtin_ia32_pmullw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmulld256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_pmuludq256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_por256(__gcc_v4di,__gcc_v4di);
+__gcc_v16hi __builtin_ia32_psadbw256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v32qi __builtin_ia32_pshufb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v8si __builtin_ia32_pshufd256(__gcc_v8si,int);
+__gcc_v16hi __builtin_ia32_pshufhw256(__gcc_v16hi,int);
+__gcc_v16hi __builtin_ia32_pshuflw256(__gcc_v16hi,int);
+__gcc_v32qi __builtin_ia32_psignb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psignw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_psignd256(__gcc_v8si,__gcc_v8si);
 __gcc_v4di __builtin_ia32_pslldqi256(__gcc_v4di,int);
 __gcc_v16hi __builtin_ia32_psllwi256(__gcc_v16hi,int);
 __gcc_v16hi __builtin_ia32_psllw256(__gcc_v16hi,__gcc_v8hi);
@@ -678,30 +678,30 @@ __gcc_v8si __builtin_ia32_psrldi256(__gcc_v8si,int);
 __gcc_v8si __builtin_ia32_psrld256(__gcc_v8si,__gcc_v4si);
 __gcc_v4di __builtin_ia32_psrlqi256(__gcc_v4di,int);
 __gcc_v4di __builtin_ia32_psrlq256(__gcc_v4di,__gcc_v2di);
-__gcc_v32qi __builtin_ia32_psubb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psubw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_psubd256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_psubq256(__gcc_v4di, __gcc_v4di);
-__gcc_v32qi __builtin_ia32_psubsb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psubsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_psubusb256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psubusw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v32qi __builtin_ia32_punpckhbw256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_punpckhwd256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_punpckhdq256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_punpckhqdq256(__gcc_v4di, __gcc_v4di);
-__gcc_v32qi __builtin_ia32_punpcklbw256(__gcc_v32qi, __gcc_v32qi);
-__gcc_v16hi __builtin_ia32_punpcklwd256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v8si __builtin_ia32_punpckldq256(__gcc_v8si, __gcc_v8si);
-__gcc_v4di __builtin_ia32_punpcklqdq256(__gcc_v4di, __gcc_v4di);
-__gcc_v4di __builtin_ia32_pxor256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_psubb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v32hi __builtin_ia32_psubw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_psubd256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_psubq256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_psubsb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psubsw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_psubusb256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psubusw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v32qi __builtin_ia32_punpckhbw256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_punpckhwd256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_punpckhdq256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_punpckhqdq256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_punpcklbw256(__gcc_v32qi,__gcc_v32qi);
+__gcc_v16hi __builtin_ia32_punpcklwd256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v8si __builtin_ia32_punpckldq256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_punpcklqdq256(__gcc_v4di,__gcc_v4di);
+__gcc_v4di __builtin_ia32_pxor256(__gcc_v4di,__gcc_v4di);
 __gcc_v4di __builtin_ia32_movntdqa256(__gcc_v4di*);
 __gcc_v4sf __builtin_ia32_vbroadcastss_ps(__gcc_v4sf);
 __gcc_v8sf __builtin_ia32_vbroadcastss_ps256(__gcc_v4sf);
 __gcc_v4df __builtin_ia32_vbroadcastsd_pd256(__gcc_v2df);
 __gcc_v4di __builtin_ia32_vbroadcastsi256(__gcc_v2di);
-__gcc_v4si __builtin_ia32_pblendd128(__gcc_v4si, __gcc_v4si, int);
-__gcc_v8si __builtin_ia32_pblendd256(__gcc_v8si, __gcc_v8si, int);
+__gcc_v4si __builtin_ia32_pblendd128(__gcc_v4si,__gcc_v4si,int);
+__gcc_v8si __builtin_ia32_pblendd256(__gcc_v8si,__gcc_v8si,int);
 __gcc_v32qi __builtin_ia32_pbroadcastb256(__gcc_v16qi);
 __gcc_v16hi __builtin_ia32_pbroadcastw256(__gcc_v8hi);
 __gcc_v8si __builtin_ia32_pbroadcastd256(__gcc_v4si);
@@ -710,21 +710,21 @@ __gcc_v16qi __builtin_ia32_pbroadcastb128(__gcc_v16qi);
 __gcc_v8hi __builtin_ia32_pbroadcastw128(__gcc_v8hi);
 __gcc_v4si __builtin_ia32_pbroadcastd128(__gcc_v4si);
 __gcc_v2di __builtin_ia32_pbroadcastq128(__gcc_v2di);
-__gcc_v8si __builtin_ia32_permvarsi256(__gcc_v8si, __gcc_v8si);
-__gcc_v4df __builtin_ia32_permdf256(__gcc_v4df, int);
-__gcc_v8sf __builtin_ia32_permvarsf256(__gcc_v8sf, __gcc_v8si);
-__gcc_v4di __builtin_ia32_permdi256(__gcc_v4di, int);
-__gcc_v4di __builtin_ia32_permti256(__gcc_v4di, __gcc_v4di, int);
-__gcc_v2di __builtin_ia32_extract128i256(__gcc_v4di, int);
-__gcc_v4di __builtin_ia32_insert128i256(__gcc_v4di, __gcc_v2di, int);
-__gcc_v8si __builtin_ia32_maskloadd256(const __gcc_v8si*, __gcc_v8si);
-__gcc_v4di __builtin_ia32_maskloadq256(const __gcc_v4di*, __gcc_v4di);
-__gcc_v4si __builtin_ia32_maskloadd(const __gcc_v4si*, __gcc_v4si);
-__gcc_v2di __builtin_ia32_maskloadq(const __gcc_v2di*, __gcc_v2di);
-void __builtin_ia32_maskstored256(__gcc_v8si*, __gcc_v8si, __gcc_v8si);
-void __builtin_ia32_maskstoreq256(__gcc_v4di*, __gcc_v4di, __gcc_v4di);
-void __builtin_ia32_maskstored(__gcc_v4si*, __gcc_v4si, __gcc_v4si);
-void __builtin_ia32_maskstoreq(__gcc_v2di*, __gcc_v2di, __gcc_v2di);
+__gcc_v8si __builtin_ia32_permvarsi256(__gcc_v8si,__gcc_v8si);
+__gcc_v4df __builtin_ia32_permdf256(__gcc_v4df,int);
+__gcc_v8sf __builtin_ia32_permvarsf256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4di __builtin_ia32_permdi256(__gcc_v4di,int);
+__gcc_v4di __builtin_ia32_permti256(__gcc_v4di,__gcc_v4di,int);
+__gcc_v4di __builtin_ia32_extract128i256(__gcc_v4di,int);
+__gcc_v4di __builtin_ia32_insert128i256(__gcc_v4di,__gcc_v2di,int);
+__gcc_v8si __builtin_ia32_maskloadd256(const __gcc_v8si*,__gcc_v8si);
+__gcc_v4di __builtin_ia32_maskloadq256(const __gcc_v4di*,__gcc_v4di);
+__gcc_v4si __builtin_ia32_maskloadd(const __gcc_v4si*,__gcc_v4si);
+__gcc_v2di __builtin_ia32_maskloadq(const __gcc_v2di*,__gcc_v2di);
+void __builtin_ia32_maskstored256(__gcc_v8si*,__gcc_v8si,__gcc_v8si);
+void __builtin_ia32_maskstoreq256(__gcc_v4di*,__gcc_v4di,__gcc_v4di);
+void __builtin_ia32_maskstored(__gcc_v4si*,__gcc_v4si,__gcc_v4si);
+void __builtin_ia32_maskstoreq(__gcc_v2di*,__gcc_v2di,__gcc_v2di);
 __gcc_v8si __builtin_ia32_psll__gcc_v8si(__gcc_v8si,__gcc_v8si);
 __gcc_v4si __builtin_ia32_psll__gcc_v4si(__gcc_v4si,__gcc_v4si);
 __gcc_v4di __builtin_ia32_psll__gcc_v4di(__gcc_v4di,__gcc_v4di);
@@ -758,10 +758,10 @@ __gcc_v2di __builtin_ia32_aesdeclast128(__gcc_v2di, __gcc_v2di);
 __gcc_v2di __builtin_ia32_aeskeygenassist128(__gcc_v2di, const int);
 __gcc_v2di __builtin_ia32_aesimc128(__gcc_v2di);
 __gcc_v2di __builtin_ia32_pclmulqdq128(__gcc_v2di, __gcc_v2di, const int);
-unsigned __builtin_ia32_rdfsbase32();
-unsigned long long __builtin_ia32_rdfsbase64();
-unsigned __builtin_ia32_rdgsbase32();
-unsigned long long __builtin_ia32_rdgsbase64();
+unsigned int __builtin_ia32_rdfsbase32(void);
+unsigned long long __builtin_ia32_rdfsbase64(void);
+unsigned int __builtin_ia32_rdgsbase32(void);
+unsigned long long __builtin_ia32_rdgsbase64(void);
 void _writefsbase_u32(unsigned int);
 void _writefsbase_u64(unsigned long long);
 void _writegsbase_u32(unsigned int);
@@ -772,9 +772,9 @@ unsigned int __builtin_ia32_rdrand64_step(unsigned long long*);
 void __builtin_ia32_movntsd(double*, __gcc_v2df);
 void __builtin_ia32_movntss(float*, __gcc_v4sf);
 __gcc_v2di __builtin_ia32_extrq (__gcc_v2di, __gcc_v16qi);
-__gcc_v2di __builtin_ia32_extrqi(__gcc_v2di, unsigned, unsigned);
+__gcc_v2di __builtin_ia32_extrqi(__gcc_v2di, const unsigned int, const unsigned int);
 __gcc_v2di __builtin_ia32_insertq(__gcc_v2di, __gcc_v2di);
-__gcc_v2di __builtin_ia32_insertqi(__gcc_v2di, __gcc_v2di, unsigned, unsigned);
+__gcc_v2di __builtin_ia32_insertqi(__gcc_v2di, __gcc_v2di, const unsigned int, const unsigned int);
 __gcc_v2df __builtin_ia32_vfrczpd(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_vfrczps(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_vfrczsd(__gcc_v2df);
@@ -938,12 +938,12 @@ void __builtin_ia32_llwpcb64(void*);
 //void* __builtin_ia32_llwpcb32(void);
 //void* __builtin_ia32_llwpcb64(void);
 void __builtin_ia32_lwpval16(unsigned short, unsigned int, unsigned short);
-void __builtin_ia32_lwpval32(unsigned, unsigned, unsigned);
-void __builtin_ia32_lwpval64(unsigned long long, unsigned, unsigned);
+void __builtin_ia32_lwpval32(unsigned int, unsigned int, unsigned int);
+void __builtin_ia32_lwpval64(unsigned __int64, unsigned int, unsigned int);
 unsigned char __builtin_ia32_lwpins16(unsigned short, unsigned int, unsigned short);
-unsigned char __builtin_ia32_lwpins32(unsigned, unsigned, unsigned);
-unsigned char __builtin_ia32_lwpins64(unsigned long long, unsigned, unsigned);
-unsigned __builtin_ia32_bextr_u32(unsigned, unsigned);
+unsigned char __builtin_ia32_lwpins32(unsigned int, unsigned int, unsigned int);
+unsigned char __builtin_ia32_lwpins64(unsigned __int64, unsigned int, unsigned int);
+unsigned int __builtin_ia32_bextr_u32(unsigned int, unsigned int);
 unsigned long long __builtin_ia32_bextr_u64(unsigned long long, unsigned long long);
 unsigned int _bzhi_u32(unsigned int, unsigned int);
 unsigned int _pdep_u32(unsigned int, unsigned int);
@@ -952,11 +952,11 @@ unsigned long long _bzhi_u64(unsigned long long, unsigned long long);
 unsigned long long _pdep_u64(unsigned long long, unsigned long long);
 unsigned long long _pext_u64(unsigned long long, unsigned long long);
 unsigned short __builtin_ia32_lzcnt_16(unsigned short);
-unsigned __builtin_ia32_lzcnt_u32(unsigned);
+unsigned int __builtin_ia32_lzcnt_u32(unsigned int);
 unsigned long long __builtin_ia32_lzcnt_u64(unsigned long long);
-unsigned __builtin_ia32_bextri_u32(unsigned, unsigned);
-unsigned long long __builtin_ia32_bextri_u64(unsigned long long, unsigned long long);
-void __builtin_ia32_femms();
+unsigned int __builtin_ia32_bextri_u32(unsigned int, const unsigned int);
+unsigned long long __builtin_ia32_bextri_u64(unsigned long long, const unsigned long long);
+void __builtin_ia32_femms(void);
 __gcc_v8qi __builtin_ia32_pavgusb(__gcc_v8qi, __gcc_v8qi);
 __gcc_v2si __builtin_ia32_pf2id(__gcc_v2sf);
 __gcc_v2sf __builtin_ia32_pfacc(__gcc_v2sf, __gcc_v2sf);

From 09af83f8102c08bc2839f916be14217b14dde868 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 27 Apr 2017 08:24:32 +0100
Subject: [PATCH 15/57] Updates to ia32 headers by get-gcc-builtins.sh

---
 src/ansi-c/gcc_builtin_headers_ia32.h | 430 +++++++++++++-------------
 1 file changed, 215 insertions(+), 215 deletions(-)

diff --git a/src/ansi-c/gcc_builtin_headers_ia32.h b/src/ansi-c/gcc_builtin_headers_ia32.h
index dbb508ab3b8..9be09f54701 100644
--- a/src/ansi-c/gcc_builtin_headers_ia32.h
+++ b/src/ansi-c/gcc_builtin_headers_ia32.h
@@ -3,7 +3,7 @@
 
 __float128 __builtin_fabsq(__float128);
 __float128 __builtin_copysignq(__float128, __float128);
-void __builtin_ia32_pause(void);
+void __builtin_ia32_pause();
 __float128 __builtin_infq(void);
 __float128 __builtin_huge_valq(void);
 __gcc_v8qi __builtin_ia32_paddb(__gcc_v8qi, __gcc_v8qi);
@@ -78,14 +78,14 @@ void __builtin_ia32_maskmovq(__gcc_v8qi, __gcc_v8qi, char*);
 
 // clang uses the following:
 // void __builtin_ia32_movntq(__gcc_v1di*, __gcc_v1di);
-//
-// GCC uses this:
+ //
+ // GCC uses this:
 // void __builtin_ia32_movntq(__gcc_di*, __gcc_di);
-//
-// So, we use:
+ //
+ // So, we use:
 void __builtin_ia32_movntq(void*, ...);
 
-void __builtin_ia32_sfence(void);
+void __builtin_ia32_sfence();
 int __builtin_ia32_comieq(__gcc_v4sf, __gcc_v4sf);
 int __builtin_ia32_comineq(__gcc_v4sf, __gcc_v4sf);
 int __builtin_ia32_comilt(__gcc_v4sf, __gcc_v4sf);
@@ -275,14 +275,14 @@ __gcc_v8hi __builtin_ia32_packssdw128(__gcc_v4si, __gcc_v4si);
 __gcc_v16qi __builtin_ia32_packuswb128(__gcc_v8hi, __gcc_v8hi);
 __gcc_v8hi __builtin_ia32_pmulhuw128(__gcc_v8hi, __gcc_v8hi);
 void __builtin_ia32_maskmovdqu(__gcc_v16qi, __gcc_v16qi, char*);
-__gcc_v2df __builtin_ia32_loadupd(double*);
+__gcc_v2df __builtin_ia32_loadupd(const double*);
 void __builtin_ia32_storeupd(double*, __gcc_v2df);
-__gcc_v2df __builtin_ia32_loadhpd(__gcc_v2df, double const*);
-__gcc_v2df __builtin_ia32_loadlpd(__gcc_v2df, double const*);
+__gcc_v2df __builtin_ia32_loadhpd(__gcc_v2df, const double*);
+__gcc_v2df __builtin_ia32_loadlpd(__gcc_v2df, const double*);
 int __builtin_ia32_movmskpd(__gcc_v2df);
 int __builtin_ia32_pmovmskb128(__gcc_v16qi);
 void __builtin_ia32_movnti(int*, int);
-void __builtin_ia32_movnti64(__gcc_di*, __gcc_di);
+void __builtin_ia32_movnti64(long long*, long long);
 void __builtin_ia32_movntpd(double*, __gcc_v2df);
 void __builtin_ia32_movntdq(__gcc_v2di*, __gcc_v2di);
 __gcc_v4si __builtin_ia32_pshufd(__gcc_v4si, int);
@@ -302,17 +302,17 @@ __gcc_v2si __builtin_ia32_cvttpd2pi(__gcc_v2df);
 __gcc_v2df __builtin_ia32_cvtpi2pd(__gcc_v2si);
 int __builtin_ia32_cvtsd2si(__gcc_v2df);
 int __builtin_ia32_cvttsd2si(__gcc_v2df);
-__gcc_di __builtin_ia32_cvtsd2si64(__gcc_v2df);
-__gcc_di __builtin_ia32_cvttsd2si64(__gcc_v2df);
+long long __builtin_ia32_cvtsd2si64(__gcc_v2df);
+long long __builtin_ia32_cvttsd2si64(__gcc_v2df);
 __gcc_v4si __builtin_ia32_cvtps2dq(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_cvtps2pd(__gcc_v4sf);
 __gcc_v4si __builtin_ia32_cvttps2dq(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_cvtsi2sd(__gcc_v2df, int);
-__gcc_v2df __builtin_ia32_cvtsi642sd(__gcc_v2df, __gcc_di);
+__gcc_v2df __builtin_ia32_cvtsi642sd(__gcc_v2df, long long);
 __gcc_v4sf __builtin_ia32_cvtsd2ss(__gcc_v4sf, __gcc_v2df);
 __gcc_v2df __builtin_ia32_cvtss2sd(__gcc_v2df, __gcc_v4sf);
 void __builtin_ia32_clflush(const void*);
-void __builtin_ia32_lfence(void);
+void __builtin_ia32_lfence();
 void __builtin_ia32_mfence(void);
 __gcc_v16qi __builtin_ia32_loaddqu(const char*);
 void __builtin_ia32_storedqu(char*, __gcc_v16qi);
@@ -344,7 +344,7 @@ __gcc_v2df __builtin_ia32_haddpd(__gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_haddps(__gcc_v4sf, __gcc_v4sf);
 __gcc_v2df __builtin_ia32_hsubpd(__gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_hsubps(__gcc_v4sf, __gcc_v4sf);
-__gcc_v16qi __builtin_ia32_lddqu(char const*);
+__gcc_v16qi __builtin_ia32_lddqu(const char*);
 void __builtin_ia32_monitor(void*, unsigned int, unsigned int);
 __gcc_v2df __builtin_ia32_movddup(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_movshdup(__gcc_v4sf);
@@ -383,18 +383,18 @@ __gcc_v2di __builtin_ia32_palignr128(__gcc_v2di, __gcc_v2di, int);
 __gcc_v16qi __builtin_ia32_pabsb128(__gcc_v16qi);
 __gcc_v4si __builtin_ia32_pabsd128(__gcc_v4si);
 __gcc_v8hi __builtin_ia32_pabsw128(__gcc_v8hi);
-__gcc_v2df __builtin_ia32_blendpd(__gcc_v2df, __gcc_v2df, const int);
-__gcc_v4sf __builtin_ia32_blendps(__gcc_v4sf, __gcc_v4sf, const int);
+__gcc_v2df __builtin_ia32_blendpd(__gcc_v2df, __gcc_v2df, int);
+__gcc_v4sf __builtin_ia32_blendps(__gcc_v4sf, __gcc_v4sf, int);
 __gcc_v2df __builtin_ia32_blendvpd(__gcc_v2df, __gcc_v2df, __gcc_v2df);
 __gcc_v4sf __builtin_ia32_blendvps(__gcc_v4sf, __gcc_v4sf, __gcc_v4sf);
-__gcc_v2df __builtin_ia32_dppd(__gcc_v2df, __gcc_v2df, const int);
-__gcc_v4sf __builtin_ia32_dpps(__gcc_v4sf, __gcc_v4sf, const int);
-__gcc_v4sf __builtin_ia32_insertps128(__gcc_v4sf, __gcc_v4sf, const int);
+__gcc_v2df __builtin_ia32_dppd(__gcc_v2df, __gcc_v2df, int);
+__gcc_v4sf __builtin_ia32_dpps(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v4sf __builtin_ia32_insertps128(__gcc_v4sf, __gcc_v4sf, int);
 __gcc_v2di __builtin_ia32_movntdqa(__gcc_v2di*);
-__gcc_v16qi __builtin_ia32_mpsadbw128(__gcc_v16qi, __gcc_v16qi, const int);
+__gcc_v16qi __builtin_ia32_mpsadbw128(__gcc_v16qi, __gcc_v16qi, int);
 __gcc_v8hi __builtin_ia32_packusdw128(__gcc_v4si, __gcc_v4si);
 __gcc_v16qi __builtin_ia32_pblendvb128(__gcc_v16qi, __gcc_v16qi, __gcc_v16qi);
-__gcc_v8hi __builtin_ia32_pblendw128(__gcc_v8hi, __gcc_v8hi, const int);
+__gcc_v8hi __builtin_ia32_pblendw128(__gcc_v8hi, __gcc_v8hi, int);
 __gcc_v2di __builtin_ia32_pcmpeqq(__gcc_v2di, __gcc_v2di);
 __gcc_v8hi __builtin_ia32_phminposuw128(__gcc_v8hi);
 __gcc_v16qi __builtin_ia32_pmaxsb128(__gcc_v16qi, __gcc_v16qi);
@@ -422,10 +422,10 @@ __gcc_v4si __builtin_ia32_pmulld128(__gcc_v4si, __gcc_v4si);
 int __builtin_ia32_ptestc128(__gcc_v2di, __gcc_v2di);
 int __builtin_ia32_ptestnzc128(__gcc_v2di, __gcc_v2di);
 int __builtin_ia32_ptestz128(__gcc_v2di, __gcc_v2di);
-__gcc_v2df __builtin_ia32_roundpd(__gcc_v2df, const int);
-__gcc_v4sf __builtin_ia32_roundps(__gcc_v4sf, const int);
-__gcc_v2df __builtin_ia32_roundsd(__gcc_v2df, __gcc_v2df, const int);
-__gcc_v4sf __builtin_ia32_roundss(__gcc_v4sf, __gcc_v4sf, const int);
+__gcc_v2df __builtin_ia32_roundpd(__gcc_v2df, int);
+__gcc_v4sf __builtin_ia32_roundps(__gcc_v4sf, int);
+__gcc_v2df __builtin_ia32_roundsd(__gcc_v2df, __gcc_v2df, int);
+__gcc_v4sf __builtin_ia32_roundss(__gcc_v4sf, __gcc_v4sf, int);
 int __builtin_ia32_vec_ext___gcc_v16qi(__gcc_v16qi, const int);
 float __builtin_ia32_vec_ext___gcc_v4sf(__gcc_v4sf, const int);
 int __builtin_ia32_vec_ext___gcc_v4si(__gcc_v4si, const int);
@@ -445,31 +445,31 @@ int __builtin_ia32_pcmpistrio128(__gcc_v16qi, __gcc_v16qi, const int);
 int __builtin_ia32_pcmpistris128(__gcc_v16qi, __gcc_v16qi, const int);
 int __builtin_ia32_pcmpistriz128(__gcc_v16qi, __gcc_v16qi, const int);
 __gcc_v2di __builtin_ia32_pcmpgtq(__gcc_v2di, __gcc_v2di);
-unsigned int __builtin_ia32_crc32qi(unsigned int, unsigned char);
-unsigned int __builtin_ia32_crc32hi(unsigned int, unsigned short);
-unsigned int __builtin_ia32_crc32si(unsigned int, unsigned int);
+unsigned __builtin_ia32_crc32qi(unsigned, unsigned char);
+unsigned __builtin_ia32_crc32hi(unsigned, unsigned short);
+unsigned __builtin_ia32_crc32si(unsigned, unsigned);
 unsigned long long __builtin_ia32_crc32di(unsigned long long, unsigned long long);
 int __builtin_popcount(unsigned int);
 int __builtin_popcountl(unsigned long);
 int __builtin_popcountll(unsigned long long);
-__gcc_v4df __builtin_ia32_addpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_addps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_addsubpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_addsubps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_andnpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_andnps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_andpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_andps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_blendpd256(__gcc_v4df,__gcc_v4df,int);
-__gcc_v8sf __builtin_ia32_blendps256(__gcc_v8sf,__gcc_v8sf,int);
-__gcc_v4df __builtin_ia32_blendvpd256(__gcc_v4df,__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_blendvps256(__gcc_v8sf,__gcc_v8sf,__gcc_v8sf);
-__gcc_v2df __builtin_ia32_cmppd(__gcc_v2df,__gcc_v2df,int);
-__gcc_v4df __builtin_ia32_cmppd256(__gcc_v4df,__gcc_v4df,int);
-__gcc_v4sf __builtin_ia32_cmpps(__gcc_v4sf,__gcc_v4sf,int);
-__gcc_v8sf __builtin_ia32_cmpps256(__gcc_v8sf,__gcc_v8sf,int);
-__gcc_v2df __builtin_ia32_cmpsd(__gcc_v2df,__gcc_v2df,int);
-__gcc_v4sf __builtin_ia32_cmpss(__gcc_v4sf,__gcc_v4sf,int);
+__gcc_v4df __builtin_ia32_addpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_addps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_addsubpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_addsubps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_andnpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_andnps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_andpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_andps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_blendpd256(__gcc_v4df, __gcc_v4df, int);
+__gcc_v8sf __builtin_ia32_blendps256(__gcc_v8sf, __gcc_v8sf, int);
+__gcc_v4df __builtin_ia32_blendvpd256(__gcc_v4df, __gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_blendvps256(__gcc_v8sf, __gcc_v8sf, __gcc_v8sf);
+__gcc_v2df __builtin_ia32_cmppd(__gcc_v2df, __gcc_v2df, int);
+__gcc_v4df __builtin_ia32_cmppd256(__gcc_v4df, __gcc_v4df, int);
+__gcc_v4sf __builtin_ia32_cmpps(__gcc_v4sf, __gcc_v4sf, int);
+__gcc_v8sf __builtin_ia32_cmpps256(__gcc_v8sf, __gcc_v8sf, int);
+__gcc_v2df __builtin_ia32_cmpsd(__gcc_v2df, __gcc_v2df, int);
+__gcc_v4sf __builtin_ia32_cmpss(__gcc_v4sf, __gcc_v4sf, int);
 __gcc_v4df __builtin_ia32_cvtdq2pd256(__gcc_v4si);
 __gcc_v8sf __builtin_ia32_cvtdq2ps256(__gcc_v8si);
 __gcc_v4si __builtin_ia32_cvtpd2dq256(__gcc_v4df);
@@ -478,38 +478,38 @@ __gcc_v8si __builtin_ia32_cvtps2dq256(__gcc_v8sf);
 __gcc_v4df __builtin_ia32_cvtps2pd256(__gcc_v4sf);
 __gcc_v4si __builtin_ia32_cvttpd2dq256(__gcc_v4df);
 __gcc_v8si __builtin_ia32_cvttps2dq256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_divpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_divps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v8sf __builtin_ia32_dpps256(__gcc_v8sf,__gcc_v8sf,int);
-__gcc_v4df __builtin_ia32_haddpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_haddps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_hsubpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_hsubps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_divpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_divps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v8sf __builtin_ia32_dpps256(__gcc_v8sf, __gcc_v8sf, int);
+__gcc_v4df __builtin_ia32_haddpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_haddps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_hsubpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_hsubps256(__gcc_v8sf, __gcc_v8sf);
 __gcc_v32qi __builtin_ia32_lddqu256(const char*);
 __gcc_v32qi __builtin_ia32_loaddqu256(const char*);
 __gcc_v4df __builtin_ia32_loadupd256(const double*);
 __gcc_v8sf __builtin_ia32_loadups256(const float*);
-__gcc_v2df __builtin_ia32_maskloadpd(const __gcc_v2df*,__gcc_v2df);
-__gcc_v4df __builtin_ia32_maskloadpd256(const __gcc_v4df*,__gcc_v4df);
-__gcc_v4sf __builtin_ia32_maskloadps(const __gcc_v4sf*,__gcc_v4sf);
-__gcc_v8sf __builtin_ia32_maskloadps256(const __gcc_v8sf*,__gcc_v8sf);
-void __builtin_ia32_maskstorepd(__gcc_v2df*,__gcc_v2df,__gcc_v2df);
-void __builtin_ia32_maskstorepd256(__gcc_v4df*,__gcc_v4df,__gcc_v4df);
-void __builtin_ia32_maskstoreps(__gcc_v4sf*,__gcc_v4sf,__gcc_v4sf);
-void __builtin_ia32_maskstoreps256(__gcc_v8sf*,__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_maxpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_maxps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_minpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_minps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v2df __builtin_ia32_maskloadpd(const __gcc_v2df*, __gcc_v2di);
+__gcc_v4df __builtin_ia32_maskloadpd256(const __gcc_v4df*, __gcc_v4di);
+__gcc_v4sf __builtin_ia32_maskloadps(const __gcc_v4sf*, __gcc_v4si);
+__gcc_v8sf __builtin_ia32_maskloadps256(const __gcc_v8sf*, __gcc_v8si);
+void __builtin_ia32_maskstorepd(__gcc_v2df*, __gcc_v2di, __gcc_v2df);
+void __builtin_ia32_maskstorepd256(__gcc_v4df*, __gcc_v4di, __gcc_v4df);
+void __builtin_ia32_maskstoreps(__gcc_v4sf*, __gcc_v4si, __gcc_v4sf);
+void __builtin_ia32_maskstoreps256(__gcc_v8sf*, __gcc_v8si, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_maxpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_maxps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_minpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_minps256(__gcc_v8sf, __gcc_v8sf);
 __gcc_v4df __builtin_ia32_movddup256(__gcc_v4df);
 int __builtin_ia32_movmskpd256(__gcc_v4df);
 int __builtin_ia32_movmskps256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_movshdup256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_movsldup256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_mulpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_mulps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_orpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_orps256(__gcc_v8sf,__gcc_v8sf);
+__gcc_v4df __builtin_ia32_mulpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_mulps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_orpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_orps256(__gcc_v8sf, __gcc_v8sf);
 __gcc_v2df __builtin_ia32_pd_pd256(__gcc_v4df);
 __gcc_v4df __builtin_ia32_pd256_pd(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_ps_ps256(__gcc_v8sf);
@@ -518,52 +518,52 @@ int __builtin_ia32_ptestc256(__gcc_v4di,__gcc_v4di,...);
 int __builtin_ia32_ptestnzc256(__gcc_v4di,__gcc_v4di,...);
 int __builtin_ia32_ptestz256(__gcc_v4di,__gcc_v4di,...);
 __gcc_v8sf __builtin_ia32_rcpps256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_roundpd256(__gcc_v4df,int);
-__gcc_v8sf __builtin_ia32_roundps256(__gcc_v8sf,int);
+__gcc_v4df __builtin_ia32_roundpd256(__gcc_v4df, int);
+__gcc_v8sf __builtin_ia32_roundps256(__gcc_v8sf, int);
 __gcc_v8sf __builtin_ia32_rsqrtps_nr256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_rsqrtps256(__gcc_v8sf);
-__gcc_v4df __builtin_ia32_shufpd256(__gcc_v4df,__gcc_v4df,int);
-__gcc_v8sf __builtin_ia32_shufps256(__gcc_v8sf,__gcc_v8sf,int);
+__gcc_v4df __builtin_ia32_shufpd256(__gcc_v4df, __gcc_v4df, int);
+__gcc_v8sf __builtin_ia32_shufps256(__gcc_v8sf, __gcc_v8sf, int);
 __gcc_v4si __builtin_ia32_si_si256(__gcc_v8si);
 __gcc_v8si __builtin_ia32_si256_si(__gcc_v4si);
 __gcc_v4df __builtin_ia32_sqrtpd256(__gcc_v4df);
 __gcc_v8sf __builtin_ia32_sqrtps_nr256(__gcc_v8sf);
 __gcc_v8sf __builtin_ia32_sqrtps256(__gcc_v8sf);
-void __builtin_ia32_storedqu256(char*,__gcc_v32qi);
-void __builtin_ia32_storeupd256(double*,__gcc_v4df);
-void __builtin_ia32_storeups256(float*,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_subpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_subps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_unpckhpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_unpckhps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4df __builtin_ia32_unpcklpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_unpcklps256(__gcc_v8sf,__gcc_v8sf);
+void __builtin_ia32_storedqu256(char*, __gcc_v32qi);
+void __builtin_ia32_storeupd256(double*, __gcc_v4df);
+void __builtin_ia32_storeups256(float*, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_subpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_subps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_unpckhpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_unpckhps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v4df __builtin_ia32_unpcklpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_unpcklps256(__gcc_v8sf, __gcc_v8sf);
 __gcc_v4df __builtin_ia32_vbroadcastf128_pd256(const __gcc_v2df*);
 __gcc_v8sf __builtin_ia32_vbroadcastf128_ps256(const __gcc_v4sf*);
 __gcc_v4df __builtin_ia32_vbroadcastsd256(const double*);
 __gcc_v4sf __builtin_ia32_vbroadcastss(const float*);
 __gcc_v8sf __builtin_ia32_vbroadcastss256(const float*);
-__gcc_v2df __builtin_ia32_vextractf128_pd256(__gcc_v4df,int);
-__gcc_v4sf __builtin_ia32_vextractf128_ps256(__gcc_v8sf,int);
-__gcc_v4si __builtin_ia32_vextractf128_si256(__gcc_v8si,int);
-__gcc_v4df __builtin_ia32_vinsertf128_pd256(__gcc_v4df,__gcc_v2df,int);
-__gcc_v8sf __builtin_ia32_vinsertf128_ps256(__gcc_v8sf,__gcc_v4sf,int);
-__gcc_v8si __builtin_ia32_vinsertf128_si256(__gcc_v8si,__gcc_v4si,int);
-__gcc_v4df __builtin_ia32_vperm2f128_pd256(__gcc_v4df,__gcc_v4df,int);
-__gcc_v8sf __builtin_ia32_vperm2f128_ps256(__gcc_v8sf,__gcc_v8sf,int);
-__gcc_v8si __builtin_ia32_vperm2f128_si256(__gcc_v8si,__gcc_v8si,int);
+__gcc_v2df __builtin_ia32_vextractf128_pd256(__gcc_v4df, int);
+__gcc_v4sf __builtin_ia32_vextractf128_ps256(__gcc_v8sf, int);
+__gcc_v4si __builtin_ia32_vextractf128_si256(__gcc_v8si, int);
+__gcc_v4df __builtin_ia32_vinsertf128_pd256(__gcc_v4df, __gcc_v2df, int);
+__gcc_v8sf __builtin_ia32_vinsertf128_ps256(__gcc_v8sf, __gcc_v4sf, int);
+__gcc_v8si __builtin_ia32_vinsertf128_si256(__gcc_v8si, __gcc_v4si, int);
+__gcc_v4df __builtin_ia32_vperm2f128_pd256(__gcc_v4df, __gcc_v4df, int);
+__gcc_v8sf __builtin_ia32_vperm2f128_ps256(__gcc_v8sf, __gcc_v8sf, int);
+__gcc_v8si __builtin_ia32_vperm2f128_si256(__gcc_v8si, __gcc_v8si, int);
 __gcc_v2df __builtin_ia32_vpermil2pd(__gcc_v2df,__gcc_v2df,__gcc_v2di,int);
 __gcc_v4df __builtin_ia32_vpermil2pd256(__gcc_v4df,__gcc_v4df,__gcc_v4di,int);
 __gcc_v4sf __builtin_ia32_vpermil2ps(__gcc_v4sf,__gcc_v4sf,__gcc_v4si,int);
 __gcc_v8sf __builtin_ia32_vpermil2ps256(__gcc_v8sf,__gcc_v8sf,__gcc_v8si,int);
-__gcc_v2df __builtin_ia32_vpermilpd(__gcc_v2df,int);
-__gcc_v4df __builtin_ia32_vpermilpd256(__gcc_v4df,int);
-__gcc_v4sf __builtin_ia32_vpermilps(__gcc_v4sf,int);
-__gcc_v8sf __builtin_ia32_vpermilps256(__gcc_v8sf,int);
-__gcc_v2df __builtin_ia32_vpermilvarpd(__gcc_v2df,__gcc_v2di);
-__gcc_v4df __builtin_ia32_vpermilvarpd256(__gcc_v4df,__gcc_v4di);
-__gcc_v4sf __builtin_ia32_vpermilvarps(__gcc_v4sf,__gcc_v4si);
-__gcc_v8sf __builtin_ia32_vpermilvarps256(__gcc_v8sf,__gcc_v8si);
+__gcc_v2df __builtin_ia32_vpermilpd(__gcc_v2df, int);
+__gcc_v4df __builtin_ia32_vpermilpd256(__gcc_v4df, int);
+__gcc_v4sf __builtin_ia32_vpermilps(__gcc_v4sf, int);
+__gcc_v8sf __builtin_ia32_vpermilps256(__gcc_v8sf, int);
+__gcc_v2df __builtin_ia32_vpermilvarpd(__gcc_v2df, __gcc_v2di);
+__gcc_v4df __builtin_ia32_vpermilvarpd256(__gcc_v4df, __gcc_v4di);
+__gcc_v4sf __builtin_ia32_vpermilvarps(__gcc_v4sf, __gcc_v4si);
+__gcc_v8sf __builtin_ia32_vpermilvarps256(__gcc_v8sf, __gcc_v8si);
 int __builtin_ia32_vtestcpd(__gcc_v2df,__gcc_v2df,...);
 int __builtin_ia32_vtestcpd256(__gcc_v4df,__gcc_v4df,...);
 int __builtin_ia32_vtestcps(__gcc_v4sf,__gcc_v4sf,...);
@@ -576,61 +576,61 @@ int __builtin_ia32_vtestzpd(__gcc_v2df,__gcc_v2df,...);
 int __builtin_ia32_vtestzpd256(__gcc_v4df,__gcc_v4df,...);
 int __builtin_ia32_vtestzps(__gcc_v4sf,__gcc_v4sf,...);
 int __builtin_ia32_vtestzps256(__gcc_v8sf,__gcc_v8sf,...);
-void __builtin_ia32_vzeroall(void);
-void __builtin_ia32_vzeroupper(void);
-__gcc_v4df __builtin_ia32_xorpd256(__gcc_v4df,__gcc_v4df);
-__gcc_v8sf __builtin_ia32_xorps256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v32qi __builtin_ia32_mpsadbw256(__gcc_v32qi,__gcc_v32qi,int);
+void __builtin_ia32_vzeroall();
+void __builtin_ia32_vzeroupper();
+__gcc_v4df __builtin_ia32_xorpd256(__gcc_v4df, __gcc_v4df);
+__gcc_v8sf __builtin_ia32_xorps256(__gcc_v8sf, __gcc_v8sf);
+__gcc_v32qi __builtin_ia32_mpsadbw256(__gcc_v32qi, __gcc_v32qi, int);
 __gcc_v32qi __builtin_ia32_pabsb256(__gcc_v32qi);
 __gcc_v16hi __builtin_ia32_pabsw256(__gcc_v16hi);
 __gcc_v8si __builtin_ia32_pabsd256(__gcc_v8si);
-__gcc_v16hi __builtin_ia32_packssdw256(__gcc_v8si,__gcc_v8si);
-__gcc_v32qi __builtin_ia32_packsswb256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v16hi __builtin_ia32_packusdw256(__gcc_v8si,__gcc_v8si);
-__gcc_v32qi __builtin_ia32_packuswb256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_paddb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_paddd256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_paddq256(__gcc_v4di,__gcc_v4di);
-__gcc_v32qi __builtin_ia32_paddsb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_paddusb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_paddusw256(__gcc_v16hi,__gcc_v16hi);
+__gcc_v16hi __builtin_ia32_packssdw256(__gcc_v8si, __gcc_v8si);
+__gcc_v32qi __builtin_ia32_packsswb256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_packusdw256(__gcc_v8si, __gcc_v8si);
+__gcc_v32qi __builtin_ia32_packuswb256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_paddb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_paddd256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_paddq256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_paddsb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_paddusb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_paddusw256(__gcc_v16hi, __gcc_v16hi);
 __gcc_v4di __builtin_ia32_palignr256(__gcc_v4di,__gcc_v4di,int);
-__gcc_v4di __builtin_ia32_andsi256(__gcc_v4di,__gcc_v4di);
-__gcc_v4di __builtin_ia32_andnotsi256(__gcc_v4di,__gcc_v4di);
-__gcc_v32qi __builtin_ia32_pavgb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pavgw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_pblendvb256(__gcc_v32qi,__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pblendw256(__gcc_v16hi,__gcc_v16hi,int);
-__gcc_v32qi __builtin_ia32_pcmpeqb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pcmpeqw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pcmpeqd256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_pcmpeqq256(__gcc_v4di,__gcc_v4di);
-__gcc_v32qi __builtin_ia32_pcmpgtb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pcmpgtw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pcmpgtd256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_pcmpgtq256(__gcc_v4di,__gcc_v4di);
-__gcc_v16hi __builtin_ia32_phaddw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_phaddd256(__gcc_v8si,__gcc_v8si);
-__gcc_v16hi __builtin_ia32_phaddsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v16hi __builtin_ia32_phsubw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_phsubd256(__gcc_v8si,__gcc_v8si);
-__gcc_v16hi __builtin_ia32_phsubsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_pmaddubsw256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pmaddwd256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_pmaxsb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pmaxsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmaxsd256(__gcc_v8si,__gcc_v8si);
-__gcc_v32qi __builtin_ia32_pmaxub256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pmaxuw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmaxud256(__gcc_v8si,__gcc_v8si);
-__gcc_v32qi __builtin_ia32_pminsb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pminsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pminsd256(__gcc_v8si,__gcc_v8si);
-__gcc_v32qi __builtin_ia32_pminub256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_pminuw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pminud256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_andsi256(__gcc_v4di, __gcc_v4di);
+__gcc_v4di __builtin_ia32_andnotsi256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_pavgb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pavgw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_pblendvb256(__gcc_v32qi, __gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pblendw256(__gcc_v16hi, __gcc_v16hi, int);
+__gcc_v32qi __builtin_ia32_pcmpeqb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pcmpeqw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pcmpeqd256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_pcmpeqq256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_pcmpgtb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pcmpgtw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pcmpgtd256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_pcmpgtq256(__gcc_v4di, __gcc_v4di);
+__gcc_v16hi __builtin_ia32_phaddw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_phaddd256(__gcc_v8si, __gcc_v8si);
+__gcc_v16hi __builtin_ia32_phaddsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_phsubw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_phsubd256(__gcc_v8si, __gcc_v8si);
+__gcc_v16hi __builtin_ia32_phsubsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_pmaddubsw256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v8si __builtin_ia32_pmaddwd256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_pmaxsb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pmaxsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmaxsd256(__gcc_v8si, __gcc_v8si);
+__gcc_v32qi __builtin_ia32_pmaxub256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pmaxuw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmaxud256(__gcc_v8si, __gcc_v8si);
+__gcc_v32qi __builtin_ia32_pminsb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pminsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pminsd256(__gcc_v8si, __gcc_v8si);
+__gcc_v32qi __builtin_ia32_pminub256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_pminuw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pminud256(__gcc_v8si, __gcc_v8si);
 int __builtin_ia32_pmovmskb256(__gcc_v32qi);
 __gcc_v16hi __builtin_ia32_pmovsxbw256(__gcc_v16qi);
 __gcc_v8si __builtin_ia32_pmovsxbd256(__gcc_v16qi);
@@ -644,22 +644,22 @@ __gcc_v4di __builtin_ia32_pmovzxbq256(__gcc_v16qi);
 __gcc_v8si __builtin_ia32_pmovzxwd256(__gcc_v8hi);
 __gcc_v4di __builtin_ia32_pmovzxwq256(__gcc_v8hi);
 __gcc_v4di __builtin_ia32_pmovzxdq256(__gcc_v4si);
-__gcc_v4di __builtin_ia32_pmuldq256(__gcc_v8si,__gcc_v8si);
+__gcc_v4di __builtin_ia32_pmuldq256(__gcc_v8si, __gcc_v8si);
 __gcc_v16hi __builtin_ia32_pmulhrsw256(__gcc_v16hi, __gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmulhuw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmulhw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v16hi __builtin_ia32_pmullw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_pmulld256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_pmuludq256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_por256(__gcc_v4di,__gcc_v4di);
-__gcc_v16hi __builtin_ia32_psadbw256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v32qi __builtin_ia32_pshufb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v8si __builtin_ia32_pshufd256(__gcc_v8si,int);
-__gcc_v16hi __builtin_ia32_pshufhw256(__gcc_v16hi,int);
-__gcc_v16hi __builtin_ia32_pshuflw256(__gcc_v16hi,int);
-__gcc_v32qi __builtin_ia32_psignb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psignw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_psignd256(__gcc_v8si,__gcc_v8si);
+__gcc_v16hi __builtin_ia32_pmulhuw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_pmulhw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v16hi __builtin_ia32_pmullw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_pmulld256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_pmuludq256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_por256(__gcc_v4di, __gcc_v4di);
+__gcc_v16hi __builtin_ia32_psadbw256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v32qi __builtin_ia32_pshufb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v8si __builtin_ia32_pshufd256(__gcc_v8si, int);
+__gcc_v16hi __builtin_ia32_pshufhw256(__gcc_v16hi, int);
+__gcc_v16hi __builtin_ia32_pshuflw256(__gcc_v16hi, int);
+__gcc_v32qi __builtin_ia32_psignb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psignw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_psignd256(__gcc_v8si, __gcc_v8si);
 __gcc_v4di __builtin_ia32_pslldqi256(__gcc_v4di,int);
 __gcc_v16hi __builtin_ia32_psllwi256(__gcc_v16hi,int);
 __gcc_v16hi __builtin_ia32_psllw256(__gcc_v16hi,__gcc_v8hi);
@@ -678,30 +678,30 @@ __gcc_v8si __builtin_ia32_psrldi256(__gcc_v8si,int);
 __gcc_v8si __builtin_ia32_psrld256(__gcc_v8si,__gcc_v4si);
 __gcc_v4di __builtin_ia32_psrlqi256(__gcc_v4di,int);
 __gcc_v4di __builtin_ia32_psrlq256(__gcc_v4di,__gcc_v2di);
-__gcc_v32qi __builtin_ia32_psubb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v32hi __builtin_ia32_psubw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_psubd256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_psubq256(__gcc_v4di,__gcc_v4di);
-__gcc_v32qi __builtin_ia32_psubsb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psubsw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_psubusb256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_psubusw256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v32qi __builtin_ia32_punpckhbw256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_punpckhwd256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_punpckhdq256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_punpckhqdq256(__gcc_v4di,__gcc_v4di);
-__gcc_v32qi __builtin_ia32_punpcklbw256(__gcc_v32qi,__gcc_v32qi);
-__gcc_v16hi __builtin_ia32_punpcklwd256(__gcc_v16hi,__gcc_v16hi);
-__gcc_v8si __builtin_ia32_punpckldq256(__gcc_v8si,__gcc_v8si);
-__gcc_v4di __builtin_ia32_punpcklqdq256(__gcc_v4di,__gcc_v4di);
-__gcc_v4di __builtin_ia32_pxor256(__gcc_v4di,__gcc_v4di);
+__gcc_v32qi __builtin_ia32_psubb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psubw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_psubd256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_psubq256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_psubsb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psubsw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_psubusb256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_psubusw256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v32qi __builtin_ia32_punpckhbw256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_punpckhwd256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_punpckhdq256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_punpckhqdq256(__gcc_v4di, __gcc_v4di);
+__gcc_v32qi __builtin_ia32_punpcklbw256(__gcc_v32qi, __gcc_v32qi);
+__gcc_v16hi __builtin_ia32_punpcklwd256(__gcc_v16hi, __gcc_v16hi);
+__gcc_v8si __builtin_ia32_punpckldq256(__gcc_v8si, __gcc_v8si);
+__gcc_v4di __builtin_ia32_punpcklqdq256(__gcc_v4di, __gcc_v4di);
+__gcc_v4di __builtin_ia32_pxor256(__gcc_v4di, __gcc_v4di);
 __gcc_v4di __builtin_ia32_movntdqa256(__gcc_v4di*);
 __gcc_v4sf __builtin_ia32_vbroadcastss_ps(__gcc_v4sf);
 __gcc_v8sf __builtin_ia32_vbroadcastss_ps256(__gcc_v4sf);
 __gcc_v4df __builtin_ia32_vbroadcastsd_pd256(__gcc_v2df);
 __gcc_v4di __builtin_ia32_vbroadcastsi256(__gcc_v2di);
-__gcc_v4si __builtin_ia32_pblendd128(__gcc_v4si,__gcc_v4si,int);
-__gcc_v8si __builtin_ia32_pblendd256(__gcc_v8si,__gcc_v8si,int);
+__gcc_v4si __builtin_ia32_pblendd128(__gcc_v4si, __gcc_v4si, int);
+__gcc_v8si __builtin_ia32_pblendd256(__gcc_v8si, __gcc_v8si, int);
 __gcc_v32qi __builtin_ia32_pbroadcastb256(__gcc_v16qi);
 __gcc_v16hi __builtin_ia32_pbroadcastw256(__gcc_v8hi);
 __gcc_v8si __builtin_ia32_pbroadcastd256(__gcc_v4si);
@@ -710,21 +710,21 @@ __gcc_v16qi __builtin_ia32_pbroadcastb128(__gcc_v16qi);
 __gcc_v8hi __builtin_ia32_pbroadcastw128(__gcc_v8hi);
 __gcc_v4si __builtin_ia32_pbroadcastd128(__gcc_v4si);
 __gcc_v2di __builtin_ia32_pbroadcastq128(__gcc_v2di);
-__gcc_v8si __builtin_ia32_permvarsi256(__gcc_v8si,__gcc_v8si);
-__gcc_v4df __builtin_ia32_permdf256(__gcc_v4df,int);
-__gcc_v8sf __builtin_ia32_permvarsf256(__gcc_v8sf,__gcc_v8sf);
-__gcc_v4di __builtin_ia32_permdi256(__gcc_v4di,int);
-__gcc_v4di __builtin_ia32_permti256(__gcc_v4di,__gcc_v4di,int);
-__gcc_v4di __builtin_ia32_extract128i256(__gcc_v4di,int);
-__gcc_v4di __builtin_ia32_insert128i256(__gcc_v4di,__gcc_v2di,int);
-__gcc_v8si __builtin_ia32_maskloadd256(const __gcc_v8si*,__gcc_v8si);
-__gcc_v4di __builtin_ia32_maskloadq256(const __gcc_v4di*,__gcc_v4di);
-__gcc_v4si __builtin_ia32_maskloadd(const __gcc_v4si*,__gcc_v4si);
-__gcc_v2di __builtin_ia32_maskloadq(const __gcc_v2di*,__gcc_v2di);
-void __builtin_ia32_maskstored256(__gcc_v8si*,__gcc_v8si,__gcc_v8si);
-void __builtin_ia32_maskstoreq256(__gcc_v4di*,__gcc_v4di,__gcc_v4di);
-void __builtin_ia32_maskstored(__gcc_v4si*,__gcc_v4si,__gcc_v4si);
-void __builtin_ia32_maskstoreq(__gcc_v2di*,__gcc_v2di,__gcc_v2di);
+__gcc_v8si __builtin_ia32_permvarsi256(__gcc_v8si, __gcc_v8si);
+__gcc_v4df __builtin_ia32_permdf256(__gcc_v4df, int);
+__gcc_v8sf __builtin_ia32_permvarsf256(__gcc_v8sf, __gcc_v8si);
+__gcc_v4di __builtin_ia32_permdi256(__gcc_v4di, int);
+__gcc_v4di __builtin_ia32_permti256(__gcc_v4di, __gcc_v4di, int);
+__gcc_v2di __builtin_ia32_extract128i256(__gcc_v4di, int);
+__gcc_v4di __builtin_ia32_insert128i256(__gcc_v4di, __gcc_v2di, int);
+__gcc_v8si __builtin_ia32_maskloadd256(const __gcc_v8si*, __gcc_v8si);
+__gcc_v4di __builtin_ia32_maskloadq256(const __gcc_v4di*, __gcc_v4di);
+__gcc_v4si __builtin_ia32_maskloadd(const __gcc_v4si*, __gcc_v4si);
+__gcc_v2di __builtin_ia32_maskloadq(const __gcc_v2di*, __gcc_v2di);
+void __builtin_ia32_maskstored256(__gcc_v8si*, __gcc_v8si, __gcc_v8si);
+void __builtin_ia32_maskstoreq256(__gcc_v4di*, __gcc_v4di, __gcc_v4di);
+void __builtin_ia32_maskstored(__gcc_v4si*, __gcc_v4si, __gcc_v4si);
+void __builtin_ia32_maskstoreq(__gcc_v2di*, __gcc_v2di, __gcc_v2di);
 __gcc_v8si __builtin_ia32_psll__gcc_v8si(__gcc_v8si,__gcc_v8si);
 __gcc_v4si __builtin_ia32_psll__gcc_v4si(__gcc_v4si,__gcc_v4si);
 __gcc_v4di __builtin_ia32_psll__gcc_v4di(__gcc_v4di,__gcc_v4di);
@@ -758,10 +758,10 @@ __gcc_v2di __builtin_ia32_aesdeclast128(__gcc_v2di, __gcc_v2di);
 __gcc_v2di __builtin_ia32_aeskeygenassist128(__gcc_v2di, const int);
 __gcc_v2di __builtin_ia32_aesimc128(__gcc_v2di);
 __gcc_v2di __builtin_ia32_pclmulqdq128(__gcc_v2di, __gcc_v2di, const int);
-unsigned int __builtin_ia32_rdfsbase32(void);
-unsigned long long __builtin_ia32_rdfsbase64(void);
-unsigned int __builtin_ia32_rdgsbase32(void);
-unsigned long long __builtin_ia32_rdgsbase64(void);
+unsigned __builtin_ia32_rdfsbase32();
+unsigned long long __builtin_ia32_rdfsbase64();
+unsigned __builtin_ia32_rdgsbase32();
+unsigned long long __builtin_ia32_rdgsbase64();
 void _writefsbase_u32(unsigned int);
 void _writefsbase_u64(unsigned long long);
 void _writegsbase_u32(unsigned int);
@@ -772,9 +772,9 @@ unsigned int __builtin_ia32_rdrand64_step(unsigned long long*);
 void __builtin_ia32_movntsd(double*, __gcc_v2df);
 void __builtin_ia32_movntss(float*, __gcc_v4sf);
 __gcc_v2di __builtin_ia32_extrq (__gcc_v2di, __gcc_v16qi);
-__gcc_v2di __builtin_ia32_extrqi(__gcc_v2di, const unsigned int, const unsigned int);
+__gcc_v2di __builtin_ia32_extrqi(__gcc_v2di, unsigned, unsigned);
 __gcc_v2di __builtin_ia32_insertq(__gcc_v2di, __gcc_v2di);
-__gcc_v2di __builtin_ia32_insertqi(__gcc_v2di, __gcc_v2di, const unsigned int, const unsigned int);
+__gcc_v2di __builtin_ia32_insertqi(__gcc_v2di, __gcc_v2di, unsigned, unsigned);
 __gcc_v2df __builtin_ia32_vfrczpd(__gcc_v2df);
 __gcc_v4sf __builtin_ia32_vfrczps(__gcc_v4sf);
 __gcc_v2df __builtin_ia32_vfrczsd(__gcc_v2df);
@@ -938,12 +938,12 @@ void __builtin_ia32_llwpcb64(void*);
 //void* __builtin_ia32_llwpcb32(void);
 //void* __builtin_ia32_llwpcb64(void);
 void __builtin_ia32_lwpval16(unsigned short, unsigned int, unsigned short);
-void __builtin_ia32_lwpval32(unsigned int, unsigned int, unsigned int);
-void __builtin_ia32_lwpval64(unsigned __int64, unsigned int, unsigned int);
+void __builtin_ia32_lwpval32(unsigned, unsigned, unsigned);
+void __builtin_ia32_lwpval64(unsigned long long, unsigned, unsigned);
 unsigned char __builtin_ia32_lwpins16(unsigned short, unsigned int, unsigned short);
-unsigned char __builtin_ia32_lwpins32(unsigned int, unsigned int, unsigned int);
-unsigned char __builtin_ia32_lwpins64(unsigned __int64, unsigned int, unsigned int);
-unsigned int __builtin_ia32_bextr_u32(unsigned int, unsigned int);
+unsigned char __builtin_ia32_lwpins32(unsigned, unsigned, unsigned);
+unsigned char __builtin_ia32_lwpins64(unsigned long long, unsigned, unsigned);
+unsigned __builtin_ia32_bextr_u32(unsigned, unsigned);
 unsigned long long __builtin_ia32_bextr_u64(unsigned long long, unsigned long long);
 unsigned int _bzhi_u32(unsigned int, unsigned int);
 unsigned int _pdep_u32(unsigned int, unsigned int);
@@ -952,11 +952,11 @@ unsigned long long _bzhi_u64(unsigned long long, unsigned long long);
 unsigned long long _pdep_u64(unsigned long long, unsigned long long);
 unsigned long long _pext_u64(unsigned long long, unsigned long long);
 unsigned short __builtin_ia32_lzcnt_16(unsigned short);
-unsigned int __builtin_ia32_lzcnt_u32(unsigned int);
+unsigned __builtin_ia32_lzcnt_u32(unsigned);
 unsigned long long __builtin_ia32_lzcnt_u64(unsigned long long);
-unsigned int __builtin_ia32_bextri_u32(unsigned int, const unsigned int);
-unsigned long long __builtin_ia32_bextri_u64(unsigned long long, const unsigned long long);
-void __builtin_ia32_femms(void);
+unsigned __builtin_ia32_bextri_u32(unsigned, unsigned);
+unsigned long long __builtin_ia32_bextri_u64(unsigned long long, unsigned long long);
+void __builtin_ia32_femms();
 __gcc_v8qi __builtin_ia32_pavgusb(__gcc_v8qi, __gcc_v8qi);
 __gcc_v2si __builtin_ia32_pf2id(__gcc_v2sf);
 __gcc_v2sf __builtin_ia32_pfacc(__gcc_v2sf, __gcc_v2sf);

From 49b012418d2371f46f72ae664c190b8377b74bd5 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 27 Apr 2017 08:55:57 +0100
Subject: [PATCH 16/57] Added further ia32 GCC built-ins

---
 src/ansi-c/Makefile | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/ansi-c/Makefile b/src/ansi-c/Makefile
index b7e58abb345..90bdd1e6a56 100644
--- a/src/ansi-c/Makefile
+++ b/src/ansi-c/Makefile
@@ -142,12 +142,8 @@ generated_files: cprover_library.inc gcc_builtin_headers_generic.inc \
 	ansi_c_y.tab.h clang_builtin_headers.inc gcc_builtin_headers_ia32-2.inc \
   gcc_builtin_headers_math.inc gcc_builtin_headers_omp.inc \
   gcc_builtin_headers_tm.inc gcc_builtin_headers_ubsan.inc \
-<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
   gcc_builtin_headers_mem_string.inc \
   gcc_builtin_headers_ia32-3.inc gcc_builtin_headers_ia32-4.inc
-=======
-  gcc_builtin_headers_mem_string.inc
->>>>>>> HEAD~80
 
 ###############################################################################
 

From cc2d100b6ea28089b875a9ea3a753a6bfefe42ab Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 10 Apr 2017 16:11:17 +0100
Subject: [PATCH 17/57] Added destination/source overlap checks to C string
 library

---
 src/ansi-c/library/string.c | 68 ++++++++-----------------------------
 1 file changed, 14 insertions(+), 54 deletions(-)

diff --git a/src/ansi-c/library/string.c b/src/ansi-c/library/string.c
index bfc81bca82b..bf9d6554547 100644
--- a/src/ansi-c/library/string.c
+++ b/src/ansi-c/library/string.c
@@ -516,7 +516,7 @@ inline char *strdup(const char *str)
 
 #undef memcpy
 
-void *memcpy(void *dst, const void *src, size_t n)
+inline void *memcpy(void *dst, const void *src, size_t n)
 {
   __CPROVER_HIDE:
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -535,10 +535,7 @@ void *memcpy(void *dst, const void *src, size_t n)
   #else
   __CPROVER_assert(__CPROVER_POINTER_OBJECT(dst)!=
                    __CPROVER_POINTER_OBJECT(src), "memcpy src/dst overlap");
-  //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
-  char src_n[n];
-  __CPROVER_array_copy(src_n, (char*)src);
-  __CPROVER_array_replace((char*)dst, src_n);
+  for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
   #endif
   return dst;
 }
@@ -566,10 +563,7 @@ void *__builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __C
   __CPROVER_assert(__CPROVER_POINTER_OBJECT(dst)!=
                    __CPROVER_POINTER_OBJECT(src), "memcpy src/dst overlap");
   (void)size;
-  //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
-  char src_n[n];
-  __CPROVER_array_copy(src_n, (char*)src);
-  __CPROVER_array_replace((char*)dst, src_n);
+  for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
   #endif
   return dst;
 }
@@ -583,7 +577,7 @@ void *__builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __C
 
 #undef memset
 
-void *memset(void *s, int c, size_t n)
+inline void *memset(void *s, int c, size_t n)
 {
   __CPROVER_HIDE:;
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -602,11 +596,8 @@ void *memset(void *s, int c, size_t n)
   else
     __CPROVER_is_zero_string(s)=0;
   #else
-  //char *sp=s;
-  //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
-  unsigned char s_n[n];
-  __CPROVER_array_set(s_n, (unsigned char)c);
-  __CPROVER_array_replace((unsigned char*)s, s_n);
+  char *sp=s;
+  for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
   #endif
   return s;
 }
@@ -634,11 +625,8 @@ void *__builtin___memset_chk(void *s, int c, __CPROVER_size_t n, __CPROVER_size_
     __CPROVER_is_zero_string(s)=0;
   #else
   (void)size;
-  //char *sp=s;
-  //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
-  unsigned char s_n[n];
-  __CPROVER_array_set(s_n, (unsigned char)c);
-  __CPROVER_array_replace((unsigned char*)s, s_n);
+  char *sp=s;
+  for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
   #endif
   return s;
 }
@@ -652,7 +640,7 @@ void *__builtin___memset_chk(void *s, int c, __CPROVER_size_t n, __CPROVER_size_
 
 #undef memmove
 
-void *memmove(void *dest, const void *src, size_t n)
+inline void *memmove(void *dest, const void *src, size_t n)
 {
   __CPROVER_HIDE:;
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -667,42 +655,14 @@ void *memmove(void *dest, const void *src, size_t n)
   else
     __CPROVER_is_zero_string(dest)=0;
   #else
-  char src_n[n];
-  __CPROVER_array_copy(src_n, (char*)src);
-  __CPROVER_array_replace((char*)dest, src_n);
-  #endif
-  return dest;
-}
-
-/* FUNCTION: __builtin___memmove_chk */
-
-#ifndef __CPROVER_STRING_H_INCLUDED
-#include <string.h>
-#define __CPROVER_STRING_H_INCLUDED
-#endif
-
-#undef memmove
-
-void *__builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
-{
-  __CPROVER_HIDE:;
-  #ifdef __CPROVER_STRING_ABSTRACTION
-  __CPROVER_assert(__CPROVER_buffer_size(src)>=n, "memmove buffer overflow");
-  __CPROVER_assert(__CPROVER_buffer_size(dest)==size, "builtin object size");
-  // dst = src (with overlap allowed)
-  if(__CPROVER_is_zero_string(src) &&
-     n > __CPROVER_zero_string_length(src))
+  if((const char *)dest>=(const char *)src+n)
   {
-    __CPROVER_is_zero_string(src)=1;
-    __CPROVER_zero_string_length(dest)=__CPROVER_zero_string_length(src);
+    for(__CPROVER_size_t i=0; i<n; i++) ((char *)dest)[i]=((const char *)src)[i];
   }
   else
-    __CPROVER_is_zero_string(dest)=0;
-  #else
-  (void)size;
-  char src_n[n];
-  __CPROVER_array_copy(src_n, (char*)src);
-  __CPROVER_array_replace((char*)dest, src_n);
+  {
+    for(__CPROVER_size_t i=n; i>0; i--) ((char *)dest)[i-1]=((const char *)src)[i-1];
+  }
   #endif
   return dest;
 }

From 973ff38b08001fccf4721f37e32762bdef078e68 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 10 Apr 2017 16:09:18 +0100
Subject: [PATCH 18/57] Added __CPROVER_array_replace to complement
 __CPROVER_array_set

---
 src/ansi-c/expr2c.cpp                   |  37 +++
 src/goto-programs/builtin_functions.cpp | 328 +++++++++++++++++-------
 2 files changed, 272 insertions(+), 93 deletions(-)

diff --git a/src/ansi-c/expr2c.cpp b/src/ansi-c/expr2c.cpp
index dc0c469b64c..aaf6c811fc1 100644
--- a/src/ansi-c/expr2c.cpp
+++ b/src/ansi-c/expr2c.cpp
@@ -3161,11 +3161,48 @@ std::string expr2ct::convert_code_array_copy(
   return dest;
 }
 
+<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
+=======
+/*******************************************************************\
+
+Function: expr2ct::convert_code_array_replace
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+>>>>>>> HEAD~69
 std::string expr2ct::convert_code_array_replace(
   const codet &src,
   unsigned indent)
 {
   std::string dest=indent_str(indent)+"ARRAY_REPLACE(";
+<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
+=======
+
+  forall_operands(it, src)
+  {
+    unsigned p;
+    std::string arg_str=convert_with_precedence(*it, p);
+
+    if(it!=src.operands().begin())
+      dest+=", ";
+    dest+=arg_str;
+  }
+
+  dest+=");";
+
+  return dest;
+}
+
+/*******************************************************************\
+
+Function: expr2ct::convert_code_assert
+>>>>>>> HEAD~69
 
   forall_operands(it, src)
   {
diff --git a/src/goto-programs/builtin_functions.cpp b/src/goto-programs/builtin_functions.cpp
index a5bf81a722d..ee48efee628 100644
--- a/src/goto-programs/builtin_functions.cpp
+++ b/src/goto-programs/builtin_functions.cpp
@@ -6,9 +6,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
-/// \file
-/// Program Transformation
-
 #include <cassert>
 
 #include <util/rational.h>
@@ -33,6 +30,18 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "goto_convert_class.h"
 #include "format_strings.h"
 
+/*******************************************************************\
+
+Function: goto_convertt::do_prob_uniform
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_prob_uniform(
   const exprt &lhs,
   const exprt &function,
@@ -111,6 +120,18 @@ void goto_convertt::do_prob_uniform(
   copy(assignment, ASSIGN, dest);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_prob_coin
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_prob_coin(
   const exprt &lhs,
   const exprt &function,
@@ -188,6 +209,18 @@ void goto_convertt::do_prob_coin(
   copy(assignment, ASSIGN, dest);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_printf
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_printf(
   const exprt &lhs,
   const exprt &function,
@@ -223,6 +256,18 @@ void goto_convertt::do_printf(
     assert(false);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_scanf
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_scanf(
   const exprt &lhs,
   const exprt &function,
@@ -233,7 +278,7 @@ void goto_convertt::do_scanf(
 
   if(f_id==CPROVER_PREFIX "scanf")
   {
-    if(arguments.empty())
+    if(arguments.size()<1)
     {
       error().source_location=function.find_source_location();
       error() << "scanf takes at least one argument" << eom;
@@ -290,9 +335,7 @@ void goto_convertt::do_scanf(
 
               copy(array_copy_statement, OTHER, dest);
               #else
-              exprt lhs=
-                index_exprt(
-                  dereference_exprt(ptr, type), from_integer(0, index_type()));
+              exprt lhs=dereference_exprt(ptr, type.subtype());
               exprt rhs=side_effect_expr_nondett(type.subtype());
               code_assignt assign(lhs, rhs);
               assign.add_source_location()=function.source_location();
@@ -328,6 +371,18 @@ void goto_convertt::do_scanf(
     assert(false);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_input
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_input(
   const exprt &lhs,
   const exprt &function,
@@ -349,6 +404,18 @@ void goto_convertt::do_input(
   copy(input_code, OTHER, dest);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_output
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_output(
   const exprt &lhs,
   const exprt &function,
@@ -370,6 +437,18 @@ void goto_convertt::do_output(
   copy(output_code, OTHER, dest);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_atomic_begin
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_atomic_begin(
   const exprt &lhs,
   const exprt &function,
@@ -394,6 +473,18 @@ void goto_convertt::do_atomic_begin(
   t->source_location=function.source_location();
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_atomic_end
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_atomic_end(
   const exprt &lhs,
   const exprt &function,
@@ -418,6 +509,18 @@ void goto_convertt::do_atomic_end(
   t->source_location=function.source_location();
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_cpp_new
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_cpp_new(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -538,6 +641,18 @@ void goto_convertt::do_cpp_new(
   dest.destructive_append(tmp_initializer);
 }
 
+/*******************************************************************\
+
+Function: set_class_identifier
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void set_class_identifier(
   struct_exprt &expr,
   const namespacet &ns,
@@ -563,6 +678,18 @@ void set_class_identifier(
   }
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_java_new
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_java_new(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -618,6 +745,18 @@ void goto_convertt::do_java_new(
   t_i->source_location=location;
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_java_new_array
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_java_new_array(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -764,7 +903,19 @@ void goto_convertt::do_java_new_array(
   }
 }
 
-/// builds a goto program for object initialization after new
+/*******************************************************************\
+
+Function: goto_convertt::cpp_new_initializer
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: builds a goto program for object initialization
+          after new
+
+\*******************************************************************/
+
 void goto_convertt::cpp_new_initializer(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -793,6 +944,18 @@ void goto_convertt::cpp_new_initializer(
   }
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::get_array_argument
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt goto_convertt::get_array_argument(const exprt &src)
 {
   if(src.id()==ID_typecast)
@@ -829,6 +992,18 @@ exprt goto_convertt::get_array_argument(const exprt &src)
   return src.op0().op0();
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_array_op
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_array_op(
   const irep_idt &id,
   const exprt &lhs,
@@ -851,6 +1026,18 @@ void goto_convertt::do_array_op(
   copy(array_op_statement, OTHER, dest);
 }
 
+/*******************************************************************\
+
+Function: goto_convertt::do_array_equal
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void goto_convertt::do_array_equal(
   const exprt &lhs,
   const exprt &function,
@@ -895,6 +1082,18 @@ void goto_convertt::do_array_equal(
   }
 }
 
+/*******************************************************************\
+
+Function: is_lvalue
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool is_lvalue(const exprt &expr)
 {
   if(expr.id()==ID_index)
@@ -909,6 +1108,18 @@ bool is_lvalue(const exprt &expr)
     return false;
 }
 
+/*******************************************************************\
+
+Function: make_va_list
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt make_va_list(const exprt &expr)
 {
   // we first strip any typecast
@@ -924,7 +1135,19 @@ exprt make_va_list(const exprt &expr)
   return expr;
 }
 
-/// add function calls to function queue for later processing
+/*******************************************************************\
+
+Function: goto_convertt::do_function_call_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: add function calls to function queue for later
+          processing
+
+\*******************************************************************/
+
 void goto_convertt::do_function_call_symbol(
   const exprt &lhs,
   const symbol_exprt &function,
@@ -1305,18 +1528,8 @@ void goto_convertt::do_function_call_symbol(
       throw 0;
     }
 
-    irep_idt description;
-    try
-    {
-      description="assertion "+id2string(get_string_constant(arguments[3]));
-    }
-    catch(int)
-    {
-      // we might be building newlib, where __assert_func is passed
-      // a pointer-typed symbol; the warning will still have been
-      // printed
-      description="assertion";
-    }
+    const irep_idt description=
+      "assertion "+id2string(get_string_constant(arguments[3]));
 
     goto_programt::targett t=dest.add_instruction(ASSERT);
     t->guard=false_exprt();
@@ -1328,7 +1541,7 @@ void goto_convertt::do_function_call_symbol(
   }
   else if(identifier==CPROVER_PREFIX "fence")
   {
-    if(arguments.empty())
+    if(arguments.size()<1)
     {
       error().source_location=function.find_source_location();
       error() << "`" << identifier
@@ -1767,77 +1980,6 @@ void goto_convertt::do_function_call_symbol(
 
     // void __sync_lock_release (type *ptr, ...)
   }
-  else if(identifier=="__builtin_isgreater" ||
-          identifier=="__builtin_isgreater" ||
-          identifier=="__builtin_isgreaterequal" ||
-          identifier=="__builtin_isless" ||
-          identifier=="__builtin_islessequal" ||
-          identifier=="__builtin_islessgreater" ||
-          identifier=="__builtin_isunordered")
-  {
-    // these support two double or two float arguments; we call the
-    // appropriate internal version
-    if(arguments.size()!=2 ||
-       (arguments[0].type()!=double_type() &&
-        arguments[0].type()!=float_type()) ||
-       (arguments[1].type()!=double_type() &&
-        arguments[1].type()!=float_type()))
-    {
-      error().source_location=function.find_source_location();
-      error() << "`" << identifier
-              << "' expected to have two float/double arguments"
-              << eom;
-      throw 0;
-    }
-
-    exprt::operandst new_arguments=arguments;
-
-    bool use_double=arguments[0].type()==double_type();
-    if(arguments[0].type()!=arguments[1].type())
-    {
-      if(use_double)
-        new_arguments[1].make_typecast(arguments[0].type());
-      else
-      {
-        new_arguments[0].make_typecast(arguments[1].type());
-        use_double=true;
-      }
-    }
-
-    code_typet f_type=to_code_type(function.type());
-    f_type.remove_ellipsis();
-    const typet &a_t=new_arguments[0].type();
-    f_type.parameters()=
-      code_typet::parameterst(2, code_typet::parametert(a_t));
-
-    // replace __builtin_ by CPROVER_PREFIX
-    std::string name=CPROVER_PREFIX+id2string(identifier).substr(10);
-    // append d or f for double/float
-    name+=use_double?'d':'f';
-
-    symbol_exprt new_function=function;
-    new_function.set_identifier(name);
-    new_function.type()=f_type;
-
-    code_function_callt function_call;
-    function_call.lhs()=lhs;
-    function_call.function()=new_function;
-    function_call.arguments()=new_arguments;
-    function_call.add_source_location()=function.source_location();
-
-    if(!symbol_table.has_symbol(name))
-    {
-      code_typet();
-      symbolt new_symbol;
-      new_symbol.base_name=name;
-      new_symbol.name=name;
-      new_symbol.type=f_type;
-      new_symbol.location=function.source_location();
-      symbol_table.add(new_symbol);
-    }
-
-    copy(function_call, FUNCTION_CALL, dest);
-  }
   else
   {
     do_function_call_symbol(*symbol);

From 945250a2ac61dcb9ccb741f3f08145af81a64ec7 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 10 Apr 2017 16:12:15 +0100
Subject: [PATCH 19/57] Use array_{copy,replace,set} in C library to avoid
 loops

---
 src/ansi-c/library/string.c | 35 +++++++++++++++++++++--------------
 1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/src/ansi-c/library/string.c b/src/ansi-c/library/string.c
index bf9d6554547..e05a6761516 100644
--- a/src/ansi-c/library/string.c
+++ b/src/ansi-c/library/string.c
@@ -535,7 +535,10 @@ inline void *memcpy(void *dst, const void *src, size_t n)
   #else
   __CPROVER_assert(__CPROVER_POINTER_OBJECT(dst)!=
                    __CPROVER_POINTER_OBJECT(src), "memcpy src/dst overlap");
-  for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
+  //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
+  char src_n[n];
+  __CPROVER_array_copy(src_n, (char*)src);
+  __CPROVER_array_replace((char*)dst, src_n);
   #endif
   return dst;
 }
@@ -563,7 +566,10 @@ void *__builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __C
   __CPROVER_assert(__CPROVER_POINTER_OBJECT(dst)!=
                    __CPROVER_POINTER_OBJECT(src), "memcpy src/dst overlap");
   (void)size;
-  for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
+  //for(__CPROVER_size_t i=0; i<n ; i++) ((char *)dst)[i]=((const char *)src)[i];
+  char src_n[n];
+  __CPROVER_array_copy(src_n, (char*)src);
+  __CPROVER_array_replace((char*)dst, src_n);
   #endif
   return dst;
 }
@@ -596,8 +602,11 @@ inline void *memset(void *s, int c, size_t n)
   else
     __CPROVER_is_zero_string(s)=0;
   #else
-  char *sp=s;
-  for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
+  //char *sp=s;
+  //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
+  unsigned char s_n[n];
+  __CPROVER_array_set(s_n, (unsigned char)c);
+  __CPROVER_array_replace((unsigned char*)s, s_n);
   #endif
   return s;
 }
@@ -625,8 +634,11 @@ void *__builtin___memset_chk(void *s, int c, __CPROVER_size_t n, __CPROVER_size_
     __CPROVER_is_zero_string(s)=0;
   #else
   (void)size;
-  char *sp=s;
-  for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
+  //char *sp=s;
+  //for(__CPROVER_size_t i=0; i<n ; i++) sp[i]=c;
+  unsigned char s_n[n];
+  __CPROVER_array_set(s_n, (unsigned char)c);
+  __CPROVER_array_replace((unsigned char*)s, s_n);
   #endif
   return s;
 }
@@ -655,14 +667,9 @@ inline void *memmove(void *dest, const void *src, size_t n)
   else
     __CPROVER_is_zero_string(dest)=0;
   #else
-  if((const char *)dest>=(const char *)src+n)
-  {
-    for(__CPROVER_size_t i=0; i<n; i++) ((char *)dest)[i]=((const char *)src)[i];
-  }
-  else
-  {
-    for(__CPROVER_size_t i=n; i>0; i--) ((char *)dest)[i-1]=((const char *)src)[i-1];
-  }
+  char src_n[n];
+  __CPROVER_array_copy(src_n, (char*)src);
+  __CPROVER_array_replace((char*)dest, src_n);
   #endif
   return dest;
 }

From edd002dc28f52fddd0cdc6c4852757eac1242c74 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Wed, 12 Apr 2017 12:33:07 +0100
Subject: [PATCH 20/57] added memcpy_chk implementation

---
 src/ansi-c/library/string.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/src/ansi-c/library/string.c b/src/ansi-c/library/string.c
index e05a6761516..6209902cb32 100644
--- a/src/ansi-c/library/string.c
+++ b/src/ansi-c/library/string.c
@@ -674,6 +674,39 @@ inline void *memmove(void *dest, const void *src, size_t n)
   return dest;
 }
 
+/* FUNCTION: __builtin___memmove_chk */
+
+#ifndef __CPROVER_STRING_H_INCLUDED
+#include <string.h>
+#define __CPROVER_STRING_H_INCLUDED
+#endif
+
+#undef memmove
+
+inline void *__builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
+{
+  __CPROVER_HIDE:;
+  #ifdef __CPROVER_STRING_ABSTRACTION
+  __CPROVER_assert(__CPROVER_buffer_size(src)>=n, "memmove buffer overflow");
+  __CPROVER_assert(__CPROVER_buffer_size(dest)==size, "builtin object size");
+  // dst = src (with overlap allowed)
+  if(__CPROVER_is_zero_string(src) &&
+     n > __CPROVER_zero_string_length(src))
+  {
+    __CPROVER_is_zero_string(src)=1;
+    __CPROVER_zero_string_length(dest)=__CPROVER_zero_string_length(src);
+  }
+  else
+    __CPROVER_is_zero_string(dest)=0;
+  #else
+  (void)size;
+  char src_n[n];
+  __CPROVER_array_copy(src_n, (char*)src);
+  __CPROVER_array_replace((char*)dest, src_n);
+  #endif
+  return dest;
+}
+
 /* FUNCTION: memcmp */
 
 #ifndef __CPROVER_STRING_H_INCLUDED

From 0f40d2cdcb12adebc7f74ac487b176b6f394740a Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 24 Apr 2017 19:13:56 +0100
Subject: [PATCH 21/57] Do not inline functions using arrays of symbolic size

Multiple uses of the same library function might cause phi nodes merging arrays
of different size, when really their objects have actually gone out of scope.
---
 src/ansi-c/library/string.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/ansi-c/library/string.c b/src/ansi-c/library/string.c
index 6209902cb32..bfc81bca82b 100644
--- a/src/ansi-c/library/string.c
+++ b/src/ansi-c/library/string.c
@@ -516,7 +516,7 @@ inline char *strdup(const char *str)
 
 #undef memcpy
 
-inline void *memcpy(void *dst, const void *src, size_t n)
+void *memcpy(void *dst, const void *src, size_t n)
 {
   __CPROVER_HIDE:
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -583,7 +583,7 @@ void *__builtin___memcpy_chk(void *dst, const void *src, __CPROVER_size_t n, __C
 
 #undef memset
 
-inline void *memset(void *s, int c, size_t n)
+void *memset(void *s, int c, size_t n)
 {
   __CPROVER_HIDE:;
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -652,7 +652,7 @@ void *__builtin___memset_chk(void *s, int c, __CPROVER_size_t n, __CPROVER_size_
 
 #undef memmove
 
-inline void *memmove(void *dest, const void *src, size_t n)
+void *memmove(void *dest, const void *src, size_t n)
 {
   __CPROVER_HIDE:;
   #ifdef __CPROVER_STRING_ABSTRACTION
@@ -683,7 +683,7 @@ inline void *memmove(void *dest, const void *src, size_t n)
 
 #undef memmove
 
-inline void *__builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
+void *__builtin___memmove_chk(void *dest, const void *src, size_t n, __CPROVER_size_t size)
 {
   __CPROVER_HIDE:;
   #ifdef __CPROVER_STRING_ABSTRACTION

From 7d125391de03d8fd2163f42badf78d4dfb0d8458 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Fri, 19 May 2017 17:50:51 +0100
Subject: [PATCH 22/57] Fix and extend byte extract flattening

Properly handle byte_extract from arrays or structs, and also support the case
where at least one of source or target size are known.  This is a best-effort
attempt: there could be out-of-bounds accesses in the program under scrutiny,
which will be ignored. Finally ensure that flatten_byte_extract never returns
another byte_extract.
---
 .../flattening/flatten_byte_operators.cpp     | 87 +++++++++++++++++--
 1 file changed, 78 insertions(+), 9 deletions(-)

diff --git a/src/solvers/flattening/flatten_byte_operators.cpp b/src/solvers/flattening/flatten_byte_operators.cpp
index 364565fe0f6..29494041687 100644
--- a/src/solvers/flattening/flatten_byte_operators.cpp
+++ b/src/solvers/flattening/flatten_byte_operators.cpp
@@ -6,7 +6,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
-
 #include <util/c_types.h>
 #include <util/expr.h>
 #include <util/std_types.h>
@@ -20,12 +19,23 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include "flatten_byte_operators.h"
 
-/// rewrite an object into its individual bytes
-/// \par parameters: src  object to unpack
-/// little_endian  true, iff assumed endianness is little-endian
-/// max_bytes  if not nil, use as upper bound of the number of bytes to unpack
-/// ns  namespace for type lookups
-/// \return array of bytes in the sequence found in memory
+/*******************************************************************\
+
+Function: unpack_rec
+
+  Inputs:
+    src  object to unpack
+    little_endian  true, iff assumed endianness is little-endian
+    max_bytes  if not nil, use as upper bound of the number of bytes
+               to unpack
+    ns  namespace for type lookups
+
+ Outputs: array of bytes in the sequence found in memory
+
+ Purpose: rewrite an object into its individual bytes
+
+\*******************************************************************/
+
 static exprt unpack_rec(
   const exprt &src,
   bool little_endian,
@@ -148,8 +158,19 @@ static exprt unpack_rec(
   return array;
 }
 
-/// rewrite byte extraction from an array to byte extraction from a
-/// concatenation of array index expressions
+/*******************************************************************\
+
+Function: flatten_byte_extract
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: rewrite byte extraction from an array to byte extraction
+          from a concatenation of array index expressions
+
+\*******************************************************************/
+
 exprt flatten_byte_extract(
   const byte_extract_exprt &src,
   const namespacet &ns)
@@ -340,6 +361,18 @@ exprt flatten_byte_extract(
   }
 }
 
+/*******************************************************************\
+
+Function: flatten_byte_update
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt flatten_byte_update(
   const byte_update_exprt &src,
   const namespacet &ns,
@@ -595,6 +628,18 @@ exprt flatten_byte_update(
   }
 }
 
+/*******************************************************************\
+
+Function: flatten_byte_update
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt flatten_byte_update(
   const byte_update_exprt &src,
   const namespacet &ns)
@@ -602,6 +647,18 @@ exprt flatten_byte_update(
   return flatten_byte_update(src, ns, false);
 }
 
+/*******************************************************************\
+
+Function: has_byte_operators
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool has_byte_operator(const exprt &src)
 {
   if(src.id()==ID_byte_update_little_endian ||
@@ -617,6 +674,18 @@ bool has_byte_operator(const exprt &src)
   return false;
 }
 
+/*******************************************************************\
+
+Function: flatten_byte_operators
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt flatten_byte_operators(
   const exprt &src,
   const namespacet &ns)

From abc5a938aa4e5529e63b55a69ac29baa9874ad11 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 25 May 2017 11:49:50 +0100
Subject: [PATCH 23/57] Do not use ID_pointer_offset directly, use
 pointer_offset() from pointer_predicates

This will ensure consistent typing.
---
 .../value_set_dereference.cpp                 | 145 ++++++++++++++++--
 1 file changed, 135 insertions(+), 10 deletions(-)

diff --git a/src/pointer-analysis/value_set_dereference.cpp b/src/pointer-analysis/value_set_dereference.cpp
index db373ee31be..dd69b9c4a95 100644
--- a/src/pointer-analysis/value_set_dereference.cpp
+++ b/src/pointer-analysis/value_set_dereference.cpp
@@ -6,9 +6,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
-/// \file
-/// Symbolic Execution of ANSI-C
-
 #ifdef DEBUG
 #include <iostream>
 #endif
@@ -45,11 +42,35 @@ Author: Daniel Kroening, kroening@kroening.com
 // global data, horrible
 unsigned int value_set_dereferencet::invalid_counter=0;
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::has_dereference
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool value_set_dereferencet::has_dereference(const exprt &expr)
 {
   return has_subexpr(expr, ID_dereference);
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::get_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 const exprt &value_set_dereferencet::get_symbol(const exprt &expr)
 {
   if(expr.id()==ID_member || expr.id()==ID_index)
@@ -58,9 +79,19 @@ const exprt &value_set_dereferencet::get_symbol(const exprt &expr)
   return expr;
 }
 
-/// \par parameters: expression dest, to be dereferenced under given guard,
-/// and given mode
-/// \return returns pointer after dereferencing
+/*******************************************************************\
+
+Function: value_set_dereferencet::dereference
+
+  Inputs: expression dest, to be dereferenced under given guard,
+          and given mode
+
+ Outputs: returns pointer after dereferencing
+
+ Purpose:
+
+\*******************************************************************/
+
 exprt value_set_dereferencet::dereference(
   const exprt &pointer,
   const guardt &guard,
@@ -210,6 +241,18 @@ exprt value_set_dereferencet::dereference(
   return value;
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::dereference_type_compare
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool value_set_dereferencet::dereference_type_compare(
   const typet &object_type,
   const typet &dereference_type) const
@@ -252,6 +295,18 @@ bool value_set_dereferencet::dereference_type_compare(
   return false;
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::invalid_pointer
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void value_set_dereferencet::invalid_pointer(
   const exprt &pointer,
   const guardt &guard)
@@ -269,6 +324,18 @@ void value_set_dereferencet::invalid_pointer(
     tmp_guard);
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::build_reference_to
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
   const exprt &what,
   const modet mode,
@@ -424,7 +491,6 @@ value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
               ns.follow(memory_symbol.type).subtype(),
               dereference_type))
     {
-
       exprt index_expr=index_exprt(symbol_expr, pointer_offset(pointer_expr));
       index_expr.type()=ns.follow(memory_symbol.type).subtype();
       result.value=typecast_exprt(index_expr, dereference_type);
@@ -587,6 +653,18 @@ value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
   return result;
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::valid_check
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void value_set_dereferencet::valid_check(
   const exprt &object,
   const guardt &guard,
@@ -639,6 +717,18 @@ void value_set_dereferencet::valid_check(
   }
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::bounds_check
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void value_set_dereferencet::bounds_check(
   const index_exprt &expr,
   const guardt &guard)
@@ -712,6 +802,18 @@ void value_set_dereferencet::bounds_check(
   }
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::memory_model
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 inline static unsigned bv_width(
   const typet &type,
   const namespacet &ns)
@@ -781,6 +883,18 @@ bool value_set_dereferencet::memory_model(
   return memory_model_bytes(value, to_type, guard, offset);
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::memory_model_conversion
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool value_set_dereferencet::memory_model_conversion(
   exprt &value,
   const typet &to_type,
@@ -808,6 +922,18 @@ bool value_set_dereferencet::memory_model_conversion(
   return true;
 }
 
+/*******************************************************************\
+
+Function: value_set_dereferencet::memory_model_bytes
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool value_set_dereferencet::memory_model_bytes(
   exprt &value,
   const typet &to_type,
@@ -862,9 +988,8 @@ bool value_set_dereferencet::memory_model_bytes(
       if(from_width<=0)
         throw "unknown or invalid type size:\n"+from_type.pretty();
 
-      mp_integer to_width=
-        to_type.id()==ID_empty?0: pointer_offset_size(to_type, ns);
-      if(to_width<0)
+      mp_integer to_width=pointer_offset_size(to_type, ns);
+      if(to_width<=0)
         throw "unknown or invalid type size:\n"+to_type.pretty();
 
       exprt bound=from_integer(from_width-to_width, offset.type());

From fb2155aa89d2572278a3a2788c6f3e052c00714c Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Thu, 25 May 2017 11:52:29 +0100
Subject: [PATCH 24/57] Dereferencing to void induces 0 read bytes

---
 src/pointer-analysis/value_set_dereference.cpp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/pointer-analysis/value_set_dereference.cpp b/src/pointer-analysis/value_set_dereference.cpp
index dd69b9c4a95..cc4645bd614 100644
--- a/src/pointer-analysis/value_set_dereference.cpp
+++ b/src/pointer-analysis/value_set_dereference.cpp
@@ -988,8 +988,9 @@ bool value_set_dereferencet::memory_model_bytes(
       if(from_width<=0)
         throw "unknown or invalid type size:\n"+from_type.pretty();
 
-      mp_integer to_width=pointer_offset_size(to_type, ns);
-      if(to_width<=0)
+      mp_integer to_width=
+        to_type.id()==ID_empty?0: pointer_offset_size(to_type, ns);
+      if(to_width<0)
         throw "unknown or invalid type size:\n"+to_type.pretty();
 
       exprt bound=from_integer(from_width-to_width, offset.type());

From 8beb02301859e96dfdf03faa831d7ea196a3c636 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Tue, 28 Jun 2016 07:53:02 +0000
Subject: [PATCH 25/57] Inside newlib, __assert_func takes a non-const argument

---
 src/goto-programs/builtin_functions.cpp | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/goto-programs/builtin_functions.cpp b/src/goto-programs/builtin_functions.cpp
index ee48efee628..88c1c0dde14 100644
--- a/src/goto-programs/builtin_functions.cpp
+++ b/src/goto-programs/builtin_functions.cpp
@@ -1528,8 +1528,18 @@ void goto_convertt::do_function_call_symbol(
       throw 0;
     }
 
-    const irep_idt description=
-      "assertion "+id2string(get_string_constant(arguments[3]));
+    irep_idt description;
+    try
+    {
+      description="assertion "+id2string(get_string_constant(arguments[3]));
+    }
+    catch(int)
+    {
+      // we might be building newlib, where __assert_func is passed
+      // a pointer-typed symbol; the warning will still have been
+      // printed
+      description="assertion";
+    }
 
     goto_programt::targett t=dest.add_instruction(ASSERT);
     t->guard=false_exprt();

From e2244817c7bc32636c3ae1f304452f0834ca1732 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Mon, 1 Aug 2016 19:41:12 +0200
Subject: [PATCH 26/57] Ensure type consistency in scanf("%s", ...)

---
 src/goto-programs/builtin_functions.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/goto-programs/builtin_functions.cpp b/src/goto-programs/builtin_functions.cpp
index 88c1c0dde14..f8e17ec8736 100644
--- a/src/goto-programs/builtin_functions.cpp
+++ b/src/goto-programs/builtin_functions.cpp
@@ -335,7 +335,9 @@ void goto_convertt::do_scanf(
 
               copy(array_copy_statement, OTHER, dest);
               #else
-              exprt lhs=dereference_exprt(ptr, type.subtype());
+              exprt lhs=
+                index_exprt(
+                  dereference_exprt(ptr, type), from_integer(0, index_type()));
               exprt rhs=side_effect_expr_nondett(type.subtype());
               code_assignt assign(lhs, rhs);
               assign.add_source_location()=function.source_location();

From 1115dbe3c21cca081e550bb6b0bf590c879851c4 Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Tue, 18 Apr 2017 10:48:02 +0100
Subject: [PATCH 27/57] Update initializer and expression types after linking

Non-symbol types may have been updated during linking; those updates had not
been propagated to initializers or goto programs.
---
 src/linking/linking.cpp | 255 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 252 insertions(+), 3 deletions(-)

diff --git a/src/linking/linking.cpp b/src/linking/linking.cpp
index 645cbf32e06..46ed3fe4a23 100644
--- a/src/linking/linking.cpp
+++ b/src/linking/linking.cpp
@@ -6,9 +6,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
-/// \file
-/// ANSI-C Linking
-
 #include <cassert>
 #include <stack>
 
@@ -25,6 +22,18 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "linking.h"
 #include "linking_class.h"
 
+/*******************************************************************\
+
+Function: linkingt::expr_to_string
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 std::string linkingt::expr_to_string(
   const namespacet &ns,
   const irep_idt &identifier,
@@ -33,6 +42,18 @@ std::string linkingt::expr_to_string(
   return from_expr(ns, identifier, expr);
 }
 
+/*******************************************************************\
+
+Function: linkingt::type_to_string
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 std::string linkingt::type_to_string(
   const namespacet &ns,
   const irep_idt &identifier,
@@ -41,6 +62,18 @@ std::string linkingt::type_to_string(
   return from_type(ns, identifier, type);
 }
 
+/*******************************************************************\
+
+Function: follow_tags_symbols
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 static const typet &follow_tags_symbols(
   const namespacet &ns,
   const typet &type)
@@ -57,6 +90,18 @@ static const typet &follow_tags_symbols(
     return type;
 }
 
+/*******************************************************************\
+
+Function: linkingt::type_to_string_verbose
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 std::string linkingt::type_to_string_verbose(
   const namespacet &ns,
   const symbolt &symbol,
@@ -111,6 +156,18 @@ std::string linkingt::type_to_string_verbose(
   return type_to_string(ns, symbol.name, type);
 }
 
+/*******************************************************************\
+
+Function: linkingt::detailed_conflict_report
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::detailed_conflict_report_rec(
   const symbolt &old_symbol,
   const symbolt &new_symbol,
@@ -365,6 +422,18 @@ void linkingt::detailed_conflict_report_rec(
   #endif
 }
 
+/*******************************************************************\
+
+Function: linkingt::link_error
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::link_error(
     const symbolt &old_symbol,
     const symbolt &new_symbol,
@@ -385,6 +454,18 @@ void linkingt::link_error(
   throw 0;
 }
 
+/*******************************************************************\
+
+Function: linkingt::link_warning
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::link_warning(
     const symbolt &old_symbol,
     const symbolt &new_symbol,
@@ -403,6 +484,18 @@ void linkingt::link_warning(
             << type_to_string_verbose(ns, new_symbol) << eom;
 }
 
+/*******************************************************************\
+
+Function: linkingt::rename
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 irep_idt linkingt::rename(const irep_idt id)
 {
   unsigned cnt=0;
@@ -427,6 +520,18 @@ irep_idt linkingt::rename(const irep_idt id)
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::needs_renaming_non_type
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool linkingt::needs_renaming_non_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol)
@@ -441,6 +546,18 @@ bool linkingt::needs_renaming_non_type(
   return false;
 }
 
+/*******************************************************************\
+
+Function: linkingt::duplicate_code_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::duplicate_code_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -743,6 +860,18 @@ void linkingt::duplicate_code_symbol(
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::adjust_object_type_rec
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool linkingt::adjust_object_type_rec(
   const typet &t1,
   const typet &t2,
@@ -897,6 +1026,18 @@ bool linkingt::adjust_object_type_rec(
   return true;
 }
 
+/*******************************************************************\
+
+Function: linkingt::adjust_object_type
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool linkingt::adjust_object_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol,
@@ -912,6 +1053,18 @@ bool linkingt::adjust_object_type(
   return result;
 }
 
+/*******************************************************************\
+
+Function: linkingt::duplicate_object_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::duplicate_object_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -998,6 +1151,18 @@ void linkingt::duplicate_object_symbol(
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::duplicate_non_type_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::duplicate_non_type_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -1027,6 +1192,18 @@ void linkingt::duplicate_non_type_symbol(
   old_symbol.is_extern=old_symbol.is_extern && new_symbol.is_extern;
 }
 
+/*******************************************************************\
+
+Function: linkingt::duplicate_type_symbol
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::duplicate_type_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -1104,6 +1281,18 @@ void linkingt::duplicate_type_symbol(
     "unexpected difference between type symbols");
 }
 
+/*******************************************************************\
+
+Function: linkingt::needs_renaming_type
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool linkingt::needs_renaming_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol)
@@ -1148,6 +1337,18 @@ bool linkingt::needs_renaming_type(
   return true; // different
 }
 
+/*******************************************************************\
+
+Function: linkingt::do_type_dependencies
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::do_type_dependencies(id_sett &needs_to_be_renamed)
 {
   // Any type that uses a symbol that will be renamed also
@@ -1203,6 +1404,18 @@ void linkingt::do_type_dependencies(id_sett &needs_to_be_renamed)
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::rename_symbols
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::rename_symbols(const id_sett &needs_to_be_renamed)
 {
   namespacet src_ns(src_symbol_table);
@@ -1235,6 +1448,18 @@ void linkingt::rename_symbols(const id_sett &needs_to_be_renamed)
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::copy_symbols
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::copy_symbols()
 {
   // First apply the renaming
@@ -1296,6 +1521,18 @@ void linkingt::copy_symbols()
   }
 }
 
+/*******************************************************************\
+
+Function: linkingt::typecheck
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 void linkingt::typecheck()
 {
   // We do this in three phases. We first figure out which symbols need to
@@ -1332,6 +1569,18 @@ void linkingt::typecheck()
   copy_symbols();
 }
 
+/*******************************************************************\
+
+Function: linking
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 bool linking(
   symbol_tablet &dest_symbol_table,
   symbol_tablet &new_symbol_table,

From 2e4761cf2aee232342e555836ace366fbea308bf Mon Sep 17 00:00:00 2001
From: Michael Tautschnig <tautschn@amazon.com>
Date: Wed, 31 May 2017 23:16:30 +0100
Subject: [PATCH 28/57] Rework and fix parsing of unicode strings

We cannot arbitrarily convert strings to unicode representation as this would
affect their size. Instead, only the unicode portion of a non-wide string must
be encoded. As part of this work the code duplication
unescape_string/unescape_wide_string is resolved. A new regression test confirms
that the previous implementation was broken (and is now fixed).
---
 src/ansi-c/literals/unescape_string.cpp | 87 ++++++++++++++++++++++++-
 1 file changed, 84 insertions(+), 3 deletions(-)

diff --git a/src/ansi-c/literals/unescape_string.cpp b/src/ansi-c/literals/unescape_string.cpp
index 1ca8edc7cad..ab0232b9b3a 100644
--- a/src/ansi-c/literals/unescape_string.cpp
+++ b/src/ansi-c/literals/unescape_string.cpp
@@ -6,9 +6,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
-/// \file
-/// ANSI-C Language Conversion
-
 #include <cassert>
 #include <cctype>
 
@@ -16,6 +13,18 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include "unescape_string.h"
 
+/*******************************************************************\
+
+Function: append_universal_char
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 static void append_universal_char(
   unsigned int value,
   std::string &dest)
@@ -28,6 +37,18 @@ static void append_universal_char(
   dest.append(utf8_value);
 }
 
+/*******************************************************************\
+
+Function: append_universal_char
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 static void append_universal_char(
   unsigned int value,
   std::basic_string<unsigned int> &dest)
@@ -35,6 +56,18 @@ static void append_universal_char(
   dest.push_back(value);
 }
 
+/*******************************************************************\
+
+Function: unescape_string_templ
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 template<typename T>
 std::basic_string<T> unescape_string_templ(const std::string &src)
 {
@@ -148,17 +181,53 @@ std::basic_string<T> unescape_string_templ(const std::string &src)
   return dest;
 }
 
+/*******************************************************************\
+
+Function: unescape_string
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 std::string unescape_string(const std::string &src)
 {
   return unescape_string_templ<char>(src);
 }
 
+/*******************************************************************\
+
+Function: unescape_wide_string
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 std::basic_string<unsigned int> unescape_wide_string(
   const std::string &src)
 {
   return unescape_string_templ<unsigned int>(src);
 }
 
+/*******************************************************************\
+
+Function: hex_to_unsigned
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 unsigned hex_to_unsigned(const char *hex, std::size_t digits)
 {
   unsigned value=0;
@@ -181,6 +250,18 @@ unsigned hex_to_unsigned(const char *hex, std::size_t digits)
   return value;
 }
 
+/*******************************************************************\
+
+Function: octal_to_unsigned
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
 unsigned octal_to_unsigned(const char *octal, std::size_t digits)
 {
   unsigned value=0;

From cb60d8b984425639094dee694eb016d826497512 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 25 Apr 2017 12:48:44 +0100
Subject: [PATCH 29/57] Add conversion/checking scripts

---
 compare.py      |  98 ++++++++++++++++++++++
 convert.py      | 213 ++++++++++++++++++++++++++++++++++++++++++++++++
 convert_file.sh |   2 +
 3 files changed, 313 insertions(+)
 create mode 100644 compare.py
 create mode 100644 convert.py
 create mode 100755 convert_file.sh

diff --git a/compare.py b/compare.py
new file mode 100644
index 00000000000..6bb330183c4
--- /dev/null
+++ b/compare.py
@@ -0,0 +1,98 @@
+import difflib, argparse, subprocess, sys, os, multiprocessing, itertools
+
+
+def preprocess(compiler, file_contents):
+    """ Get output from the preprocessing pass on a file.  """
+    return subprocess.Popen(
+            [compiler, '-E', '-'],
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+            stdin=subprocess.PIPE).communicate(input=file_contents)[0]
+
+
+def preprocess_file(compiler, filename):
+    """ Open a file and get the preprocessor output.  """
+    with open(filename, 'rb') as f:
+        return preprocess(compiler, f.read())
+
+
+def remove_empty_lines(text):
+    """ Remove empty lines from text.  """
+    return '\n'.join(filter(None, text.splitlines()))
+
+
+def file_contents_from_branch(filename, branch):
+    """ Get a copy of a file from another branch and return its contents.  """
+    return subprocess.check_output(
+            ['git', 'show', '%s:%s' % (branch, filename)])
+
+
+def equal_to_file_on_branch(filename, branch, compiler):
+    """
+    Open a file on this branch and preprocess it.  Preprocess the same file
+    from another branch, and return whether the two files have (for all intents
+    and purposes) the same contents.
+    """
+    with open(filename, 'rb') as f:
+        def p(text):
+            return preprocess(compiler, text)
+        return (p(f.read()) ==
+                p(file_contents_from_branch(filename, branch)))
+
+
+def process_single_file(filename, branch, compiler):
+    """ Like equal_to_file_on_branch, but also checks the file extension.  """
+    _, ext = os.path.splitext(filename)
+    return ((ext == '.h' or ext == '.cpp') and
+            not equal_to_file_on_branch(filename, branch, compiler))
+
+
+def is_source(filename):
+    """ Return whether the file appears to be a C++ source file.  """
+    _, ext = os.path.splitext(filename)
+    return ext == '.h' or ext == '.cpp'
+
+
+def process(tup):
+    """
+    Check a single file, and return its name if the check fails, otherwise
+    return None.
+    """
+    failed = process_single_file(*tup)
+    return file if failed else None
+
+
+def main():
+    """
+    Open a file and compare its preprocessor output to the output from the same
+    file on a different branch.  Return 0 if the outputs match, or 1 otherwise.
+    """
+    parser = argparse.ArgumentParser()
+    parser.add_argument(
+            '--branch', type=str, default='upstream/master',
+            help='The branch to compare')
+    parser.add_argument(
+            '--compiler', type=str, default='gcc',
+            help='The compiler to use')
+    args = parser.parse_args()
+
+    all_files = [os.path.join(root, file)
+            for root, _, files in os.walk('.') for file in files]
+    source_files = filter(is_source, all_files)
+
+    zipped = zip(
+            source_files,
+            itertools.cycle([args.branch]),
+            itertools.cycle([args.compiler]))
+
+    results = filter(None, multiprocessing.Pool(10).map(process, zipped))
+
+    if results:
+        print('\n'.join(results))
+        return 1
+
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/convert.py b/convert.py
new file mode 100644
index 00000000000..b59f4b63001
--- /dev/null
+++ b/convert.py
@@ -0,0 +1,213 @@
+import re, collections, textwrap, sys, argparse, platform
+
+
+Field = collections.namedtuple('Field', ['name', 'contents'])
+
+Header = collections.namedtuple('Header', ['module'])
+
+Function = collections.namedtuple('Function',
+        ['pos', 'name', 'purpose', 'inputs', 'returns'])
+
+Class = collections.namedtuple('Class', ['name', 'purpose'])
+
+
+def warn(message):
+    """ Print a labelled message to stderr.  """
+    sys.stderr.write('Warning: %s\n' % message)
+
+
+def header_from_block(block):
+    """ Create a Header structure from a parsed Block.  """
+    return Header(block.fields['Module'])
+
+
+def function_from_block(block):
+    """ Create a Function structure from a parsed Block.  """
+    return Function(block.pos, block.fields.get('Function', None),
+            block.fields.get('Purpose', None), block.fields.get('Inputs', None),
+            block.fields.get('Outputs', None))
+
+
+def class_from_block(block):
+    """ Create a Class structure from a parsed Block.  """
+    return Class(block.fields.get('Class', None),
+            block.fields.get('Purpose', None))
+
+
+def parse_fields(block_contents, width):
+    """ Extract the named fields of an old-style comment block.  """
+
+    field_re = re.compile(
+            r'(?:\n *(Purpose):(.*))|(?:\n *([a-zA-Z0-9]+?):\n?(.*?)?^$)',
+            re.MULTILINE | re.DOTALL)
+    for m in field_re.finditer(block_contents):
+        # If the field is a Purpose field
+        if m.lastindex == 2:
+            yield Field(m.group(1), textwrap.dedent(m.group(2)))
+        # If the field is any other field
+        elif m.lastindex == 3 or m.lastindex == 4:
+            yield Field(m.group(3), textwrap.dedent(m.group(4)))
+
+
+Block = collections.namedtuple('Block', ['pos', 'fields'])
+
+
+def has_field(block, field_name):
+    """ Return whether the block has a field with the given name.  """
+    return field_name in block.fields
+
+
+def make_doxy_comment(text):
+    text, _ = re.subn(r'^(?!$)', r'/// ', text, flags=re.MULTILINE)
+    text, _ = re.subn(r'^(?=$)', r'///' , text, flags=re.MULTILINE)
+    return text
+
+
+def is_header_doc(block):
+    """ Return whether the block appears to be a file header.  """
+    return has_field(block, 'Module')
+
+
+def convert_header_doc(header, doc_width):
+    """ Return a doxygen-style header string.  """
+    text_wrapper = textwrap.TextWrapper(width=doc_width)
+    return (make_doxy_comment(
+            text_wrapper.fill(r'\file %s' % header.module)) + '\n\n'
+            if header.module.strip() else '')
+
+
+def is_function_doc(block):
+    """ Return whether the block appears to be a function descriptor.  """
+    return has_field(block, 'Function')
+
+
+class FunctionFormatter:
+    def __init__(self, doc_width):
+        self.text_wrapper = textwrap.TextWrapper(width=doc_width)
+        self.input_wrapper = textwrap.TextWrapper(width=doc_width,
+                subsequent_indent=r'  ')
+        self.whitespace_re = re.compile(r'\n\s*', re.MULTILINE | re.DOTALL)
+        self.paragraph_re = re.compile(r'(.*?)^$(.*)', re.MULTILINE | re.DOTALL)
+
+    def format_purpose(self, function):
+        match = self.paragraph_re.match(function.purpose)
+        first_paragraph = match.group(1)
+        first_paragraph, _ = self.whitespace_re.subn(' ',
+                first_paragraph) if first_paragraph else ('', None)
+
+        tail_paragraphs = (('\n' + match.group(2)) if match.group(2) else '')
+        formatted_purpose = (self.text_wrapper.fill(first_paragraph) +
+                tail_paragraphs)
+
+        return formatted_purpose.strip()
+
+    def format_inputs(self, function):
+        def param_replacement(match):
+            return r'\param %s:' % match.group(1)
+
+        dedented = textwrap.dedent(function.inputs)
+        text, _ = re.subn(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
+        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s+[:-]',
+                param_replacement, text, flags=re.MULTILINE)
+
+        if num_replacements == 0:
+            text = r'parameters: %s' % text
+
+        text = '\n'.join(self.input_wrapper.fill(t) for t in text.split('\n'))
+        return text.strip()
+
+    def format_returns(self, function):
+        subbed, _ = self.whitespace_re.subn(' ', function.returns)
+        return self.input_wrapper.fill(r'\returns %s' % subbed)
+
+
+def convert_function_doc(function, file, doc_width):
+    """ Return a doxygen-style doc string for the supplied Function.  """
+    formatter = FunctionFormatter(doc_width)
+
+    sections = []
+
+    if function.purpose and function.purpose.strip():
+        sections.append(formatter.format_purpose(function))
+
+    if function.inputs and function.inputs.strip():
+        sections.append(formatter.format_inputs(function))
+
+    if function.returns and function.returns.strip():
+        sections.append(formatter.format_returns(function))
+
+    if sections:
+        text = '\n\n'.join(sections)
+        if text:
+            text = make_doxy_comment(text)
+        return text + '\n'
+
+    return ''
+
+
+def is_class_doc(block):
+    """ Return whether the block appears to be a class doc block.  """
+    return has_field(block, 'Class')
+
+
+def convert_class_doc(c, doc_width):
+    """ Return a doxygen-style class string.  """
+    text_wrapper = textwrap.TextWrapper(width=doc_width)
+    stripped = c.purpose.strip()
+    return (make_doxy_comment(text_wrapper.fill(stripped)) + '\n'
+            if stripped else '')
+
+
+def replace_block(start, block_contents, file, doc_width):
+    """
+    Replace an old-style documentation block with the doxygen equivalent
+    """
+    block = Block(start,
+            {f.name: f.contents
+                for f in parse_fields(block_contents, doc_width)})
+
+    if is_header_doc(block):
+        return convert_header_doc(header_from_block(block), doc_width)
+
+    if is_function_doc(block):
+        return convert_function_doc(
+                function_from_block(block), file, doc_width)
+
+    if is_class_doc(block):
+        return convert_class_doc(class_from_block(block), doc_width)
+
+    warn('block in "%s" has unrecognised format:\n%s' %
+            (file, block_contents))
+
+    return ''
+
+
+def convert_file(file):
+    """ Replace documentation in file with doxygen-styled comments.  """
+    with open(file) as f:
+        contents = f.read()
+
+    doc_width = 75
+
+    block_re = re.compile(
+            r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
+    contents, _ = block_re.subn(
+            lambda match: replace_block(match.start(), match.group(1), file,
+                doc_width), contents)
+
+    sys.stdout.write(contents)
+
+
+def main():
+    """ Run convert_file from the command-line.  """
+    parser = argparse.ArgumentParser()
+    parser.add_argument('file', type=str, help='The file to process')
+    args = parser.parse_args()
+
+    convert_file(args.file)
+
+    return 0
+
+
+if __name__ == '__main__':
+    sys.exit(main())
diff --git a/convert_file.sh b/convert_file.sh
new file mode 100755
index 00000000000..0939109b536
--- /dev/null
+++ b/convert_file.sh
@@ -0,0 +1,2 @@
+tmpfile=$(mktemp /tmp/tmp_conversion.XXXXXX)
+python convert.py $1 > $tmpfile && mv $tmpfile $1

From 40fc7dfbe9c1bddbffc48b6ce553b1d0a16c4789 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Mon, 1 May 2017 20:10:44 +0100
Subject: [PATCH 30/57] Update script based on review feedback

---
 convert.py | 182 +++++++++++++++++++++++++++++++----------------------
 1 file changed, 106 insertions(+), 76 deletions(-)

diff --git a/convert.py b/convert.py
index b59f4b63001..fd2f579c953 100644
--- a/convert.py
+++ b/convert.py
@@ -1,12 +1,11 @@
 import re, collections, textwrap, sys, argparse, platform
 
-
 Field = collections.namedtuple('Field', ['name', 'contents'])
 
 Header = collections.namedtuple('Header', ['module'])
 
 Function = collections.namedtuple('Function',
-        ['pos', 'name', 'purpose', 'inputs', 'returns'])
+        ['name', 'purpose', 'inputs', 'returns'])
 
 Class = collections.namedtuple('Class', ['name', 'purpose'])
 
@@ -23,18 +22,22 @@ def header_from_block(block):
 
 def function_from_block(block):
     """ Create a Function structure from a parsed Block.  """
-    return Function(block.pos, block.fields.get('Function', None),
+    return Function(block.fields.get('Function', None),
             block.fields.get('Purpose', None), block.fields.get('Inputs', None),
             block.fields.get('Outputs', None))
 
 
+def make_field(name, contents):
+    return Field(name, contents if contents.strip() else None)
+
+
 def class_from_block(block):
     """ Create a Class structure from a parsed Block.  """
     return Class(block.fields.get('Class', None),
             block.fields.get('Purpose', None))
 
 
-def parse_fields(block_contents, width):
+def parse_fields(block_contents):
     """ Extract the named fields of an old-style comment block.  """
 
     field_re = re.compile(
@@ -43,13 +46,13 @@ def parse_fields(block_contents, width):
     for m in field_re.finditer(block_contents):
         # If the field is a Purpose field
         if m.lastindex == 2:
-            yield Field(m.group(1), textwrap.dedent(m.group(2)))
+            yield make_field(m.group(1), textwrap.dedent(m.group(2)))
         # If the field is any other field
         elif m.lastindex == 3 or m.lastindex == 4:
-            yield Field(m.group(3), textwrap.dedent(m.group(4)))
+            yield make_field(m.group(3), textwrap.dedent(m.group(4)))
 
 
-Block = collections.namedtuple('Block', ['pos', 'fields'])
+Block = collections.namedtuple('Block', ['fields'])
 
 
 def has_field(block, field_name):
@@ -58,42 +61,52 @@ def has_field(block, field_name):
 
 
 def make_doxy_comment(text):
-    text, _ = re.subn(r'^(?!$)', r'/// ', text, flags=re.MULTILINE)
-    text, _ = re.subn(r'^(?=$)', r'///' , text, flags=re.MULTILINE)
-    return text
+    text = re.sub(r'^(?!$)', r'/// ', text, flags=re.MULTILINE)
+    return re.sub(r'^(?=$)', r'///' , text, flags=re.MULTILINE)
 
 
-def is_header_doc(block):
-    """ Return whether the block appears to be a file header.  """
-    return has_field(block, 'Module')
+class GenericFormatter(object):
+    def __init__(self, doc_width):
+        self.text_wrapper = textwrap.TextWrapper(width=doc_width)
+        self.indented_wrapper = textwrap.TextWrapper(width=doc_width,
+                subsequent_indent=r'  ')
+        self.whitespace_re = re.compile(r'\n\s*', re.MULTILINE | re.DOTALL)
 
+    def convert(self, block):
+        sections = filter(None, self.convert_sections(block))
+        if sections:
+            return make_doxy_comment('\n'.join(sections)) + '\n'
+        return ''
 
-def convert_header_doc(header, doc_width):
-    """ Return a doxygen-style header string.  """
-    text_wrapper = textwrap.TextWrapper(width=doc_width)
-    return (make_doxy_comment(
-            text_wrapper.fill(r'\file %s' % header.module)) + '\n\n'
-            if header.module.strip() else '')
 
+class HeaderFormatter(GenericFormatter):
+    def format_module(self, header):
+        if not header.module:
+            return None
 
-def is_function_doc(block):
-    """ Return whether the block appears to be a function descriptor.  """
-    return has_field(block, 'Function')
+        subbed = self.whitespace_re.sub(' ', header.module)
+        return self.indented_wrapper.fill(r'\file %s' % subbed)
 
+    def is_block_valid(self, block):
+        return has_field(block, 'Module')
 
-class FunctionFormatter:
+    def convert_sections(self, block):
+        return [self.format_module(block)]
+
+
+class FunctionFormatter(GenericFormatter):
     def __init__(self, doc_width):
-        self.text_wrapper = textwrap.TextWrapper(width=doc_width)
-        self.input_wrapper = textwrap.TextWrapper(width=doc_width,
-                subsequent_indent=r'  ')
-        self.whitespace_re = re.compile(r'\n\s*', re.MULTILINE | re.DOTALL)
+        super(FunctionFormatter, self).__init__(doc_width)
         self.paragraph_re = re.compile(r'(.*?)^$(.*)', re.MULTILINE | re.DOTALL)
 
     def format_purpose(self, function):
+        if not function.purpose:
+            return None
+
         match = self.paragraph_re.match(function.purpose)
         first_paragraph = match.group(1)
-        first_paragraph, _ = self.whitespace_re.subn(' ',
-                first_paragraph) if first_paragraph else ('', None)
+        first_paragraph = self.whitespace_re.sub(' ',
+                first_paragraph) if first_paragraph else ''
 
         tail_paragraphs = (('\n' + match.group(2)) if match.group(2) else '')
         formatted_purpose = (self.text_wrapper.fill(first_paragraph) +
@@ -102,79 +115,90 @@ def format_purpose(self, function):
         return formatted_purpose.strip()
 
     def format_inputs(self, function):
+        if not function.inputs:
+            return None
+
+        if re.match(r'^\s*\S+\s*$', function.inputs):
+            return None
+
         def param_replacement(match):
             return r'\param %s:' % match.group(1)
 
         dedented = textwrap.dedent(function.inputs)
-        text, _ = re.subn(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
+        text = re.sub(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
         text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s+[:-]',
                 param_replacement, text, flags=re.MULTILINE)
 
         if num_replacements == 0:
             text = r'parameters: %s' % text
 
-        text = '\n'.join(self.input_wrapper.fill(t) for t in text.split('\n'))
+        text = '\n'.join(
+                self.indented_wrapper.fill(t) for t in text.split('\n'))
         return text.strip()
 
     def format_returns(self, function):
-        subbed, _ = self.whitespace_re.subn(' ', function.returns)
-        return self.input_wrapper.fill(r'\returns %s' % subbed)
+        if not function.returns:
+            return None
 
+        subbed = self.whitespace_re.sub(' ', function.returns)
+        return self.indented_wrapper.fill(r'\return %s' % subbed)
 
-def convert_function_doc(function, file, doc_width):
-    """ Return a doxygen-style doc string for the supplied Function.  """
-    formatter = FunctionFormatter(doc_width)
+    def is_block_valid(self, block):
+        return has_field(block, 'Function')
 
-    sections = []
+    def convert_sections(self, block):
+        return [
+            self.format_purpose(block),
+            self.format_inputs(block),
+            self.format_returns(block)]
 
-    if function.purpose and function.purpose.strip():
-        sections.append(formatter.format_purpose(function))
 
-    if function.inputs and function.inputs.strip():
-        sections.append(formatter.format_inputs(function))
-
-    if function.returns and function.returns.strip():
-        sections.append(formatter.format_returns(function))
+class ClassFormatter(GenericFormatter):
+    def __init__(self, doc_width):
+        super(ClassFormatter, self).__init__(doc_width)
+        self.paragraph_re = re.compile(r'(.*?)^$(.*)', re.MULTILINE | re.DOTALL)
 
-    if sections:
-        text = '\n\n'.join(sections)
-        if text:
-            text = make_doxy_comment(text)
-        return text + '\n'
+    def format_purpose(self, klass):
+        if not klass.purpose:
+            return None
 
-    return ''
+        match = self.paragraph_re.match(klass.purpose)
+        first_paragraph = match.group(1)
+        first_paragraph = self.whitespace_re.sub(' ',
+                first_paragraph) if first_paragraph else ''
 
+        tail_paragraphs = (('\n' + match.group(2)) if match.group(2) else '')
+        formatted_purpose = (self.text_wrapper.fill(first_paragraph) +
+                tail_paragraphs)
 
-def is_class_doc(block):
-    """ Return whether the block appears to be a class doc block.  """
-    return has_field(block, 'Class')
+        return formatted_purpose.strip()
 
+    def is_block_valid(self, block):
+        return has_field(block, 'Class')
 
-def convert_class_doc(c, doc_width):
-    """ Return a doxygen-style class string.  """
-    text_wrapper = textwrap.TextWrapper(width=doc_width)
-    stripped = c.purpose.strip()
-    return (make_doxy_comment(text_wrapper.fill(stripped)) + '\n'
-            if stripped else '')
+    def convert_sections(self, block):
+        return [self.format_purpose(block)]
 
 
-def replace_block(start, block_contents, file, doc_width):
+def replace_block(
+        block_contents,
+        file,
+        header_formatter,
+        class_formatter,
+        function_formatter):
     """
     Replace an old-style documentation block with the doxygen equivalent
     """
-    block = Block(start,
-            {f.name: f.contents
-                for f in parse_fields(block_contents, doc_width)})
+    block = Block({f.name: f.contents for f in parse_fields(block_contents)})
 
-    if is_header_doc(block):
-        return convert_header_doc(header_from_block(block), doc_width)
+    if header_formatter.is_block_valid(block):
+        return header_formatter.convert(header_from_block(block))
 
-    if is_function_doc(block):
-        return convert_function_doc(
-                function_from_block(block), file, doc_width)
+    if class_formatter.is_block_valid(block):
+        return class_formatter.convert(class_from_block(block))
 
-    if is_class_doc(block):
-        return convert_class_doc(class_from_block(block), doc_width)
+    if function_formatter.is_block_valid(block):
+        return function_formatter.convert(function_from_block(block))
 
     warn('block in "%s" has unrecognised format:\n%s' %
             (file, block_contents))
@@ -187,15 +211,21 @@ def convert_file(file):
     with open(file) as f:
         contents = f.read()
 
-    doc_width = 75
+    doc_width = 76
+
+    header_formatter = HeaderFormatter(doc_width)
+    class_formatter = ClassFormatter(doc_width)
+    function_formatter = FunctionFormatter(doc_width)
 
     block_re = re.compile(
             r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
-    contents, _ = block_re.subn(
-            lambda match: replace_block(match.start(), match.group(1), file,
-                doc_width), contents)
-
-    sys.stdout.write(contents)
+    sys.stdout.write(block_re.sub(
+            lambda match: replace_block(
+                match.group(1),
+                file,
+                header_formatter,
+                class_formatter,
+                function_formatter), contents))
 
 
 def main():

From 66f7a775850f491d768b393dd94802beaedae3e1 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Fri, 12 May 2017 22:03:10 +0100
Subject: [PATCH 31/57] Add legalese handling to conversion script

---
 convert.py | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/convert.py b/convert.py
index fd2f579c953..4e1c954f113 100644
--- a/convert.py
+++ b/convert.py
@@ -10,6 +10,15 @@
 Class = collections.namedtuple('Class', ['name', 'purpose'])
 
 
+FILE_HEADER = """
+// Copyright 2001-2017,
+// Daniel Kroening (Computer Science Department, University of Oxford
+//   and Diffblue Ltd),
+// Edmund Clarke (Computer Science Department, Carnegie Mellon University),
+// DiffBlue Ltd.
+""".strip()
+
+
 def warn(message):
     """ Print a labelled message to stderr.  """
     sys.stderr.write('Warning: %s\n' % message)
@@ -85,7 +94,9 @@ def format_module(self, header):
             return None
 
         subbed = self.whitespace_re.sub(' ', header.module)
-        return self.indented_wrapper.fill(r'\file %s' % subbed)
+        # The file directive must be followed by a newline in order to refer to
+        # the current file
+        return self.indented_wrapper.fill('\\file\n%s' % subbed)
 
     def is_block_valid(self, block):
         return has_field(block, 'Module')
@@ -219,13 +230,18 @@ def convert_file(file):
 
     block_re = re.compile(
             r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
-    sys.stdout.write(block_re.sub(
+    new_contents = block_re.sub(
             lambda match: replace_block(
                 match.group(1),
                 file,
                 header_formatter,
                 class_formatter,
-                function_formatter), contents))
+                function_formatter), contents)
+
+    if not re.search(FILE_HEADER, new_contents):
+        new_contents = FILE_HEADER + '\n\n' + new_contents
+
+    sys.stdout.write(new_contents)
 
 
 def main():

From 4536071c4cf1faa707cb6ec5b4835732a5a6fbeb Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Fri, 12 May 2017 22:08:22 +0100
Subject: [PATCH 32/57] Move conversion scripts to scripts folder

---
 compare.py                                    |  98 -------
 convert.py                                    | 259 ------------------
 scripts/compare_postprocessor_output.py       |  45 ++-
 scripts/reformat_docs.py                      |  54 ++--
 .../reformat_docs_in_place.sh                 |   0
 5 files changed, 45 insertions(+), 411 deletions(-)
 delete mode 100644 compare.py
 delete mode 100644 convert.py
 rename convert_file.sh => scripts/reformat_docs_in_place.sh (100%)

diff --git a/compare.py b/compare.py
deleted file mode 100644
index 6bb330183c4..00000000000
--- a/compare.py
+++ /dev/null
@@ -1,98 +0,0 @@
-import difflib, argparse, subprocess, sys, os, multiprocessing, itertools
-
-
-def preprocess(compiler, file_contents):
-    """ Get output from the preprocessing pass on a file.  """
-    return subprocess.Popen(
-            [compiler, '-E', '-'],
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            stdin=subprocess.PIPE).communicate(input=file_contents)[0]
-
-
-def preprocess_file(compiler, filename):
-    """ Open a file and get the preprocessor output.  """
-    with open(filename, 'rb') as f:
-        return preprocess(compiler, f.read())
-
-
-def remove_empty_lines(text):
-    """ Remove empty lines from text.  """
-    return '\n'.join(filter(None, text.splitlines()))
-
-
-def file_contents_from_branch(filename, branch):
-    """ Get a copy of a file from another branch and return its contents.  """
-    return subprocess.check_output(
-            ['git', 'show', '%s:%s' % (branch, filename)])
-
-
-def equal_to_file_on_branch(filename, branch, compiler):
-    """
-    Open a file on this branch and preprocess it.  Preprocess the same file
-    from another branch, and return whether the two files have (for all intents
-    and purposes) the same contents.
-    """
-    with open(filename, 'rb') as f:
-        def p(text):
-            return preprocess(compiler, text)
-        return (p(f.read()) ==
-                p(file_contents_from_branch(filename, branch)))
-
-
-def process_single_file(filename, branch, compiler):
-    """ Like equal_to_file_on_branch, but also checks the file extension.  """
-    _, ext = os.path.splitext(filename)
-    return ((ext == '.h' or ext == '.cpp') and
-            not equal_to_file_on_branch(filename, branch, compiler))
-
-
-def is_source(filename):
-    """ Return whether the file appears to be a C++ source file.  """
-    _, ext = os.path.splitext(filename)
-    return ext == '.h' or ext == '.cpp'
-
-
-def process(tup):
-    """
-    Check a single file, and return its name if the check fails, otherwise
-    return None.
-    """
-    failed = process_single_file(*tup)
-    return file if failed else None
-
-
-def main():
-    """
-    Open a file and compare its preprocessor output to the output from the same
-    file on a different branch.  Return 0 if the outputs match, or 1 otherwise.
-    """
-    parser = argparse.ArgumentParser()
-    parser.add_argument(
-            '--branch', type=str, default='upstream/master',
-            help='The branch to compare')
-    parser.add_argument(
-            '--compiler', type=str, default='gcc',
-            help='The compiler to use')
-    args = parser.parse_args()
-
-    all_files = [os.path.join(root, file)
-            for root, _, files in os.walk('.') for file in files]
-    source_files = filter(is_source, all_files)
-
-    zipped = zip(
-            source_files,
-            itertools.cycle([args.branch]),
-            itertools.cycle([args.compiler]))
-
-    results = filter(None, multiprocessing.Pool(10).map(process, zipped))
-
-    if results:
-        print('\n'.join(results))
-        return 1
-
-    return 0
-
-
-if __name__ == "__main__":
-    sys.exit(main())
diff --git a/convert.py b/convert.py
deleted file mode 100644
index 4e1c954f113..00000000000
--- a/convert.py
+++ /dev/null
@@ -1,259 +0,0 @@
-import re, collections, textwrap, sys, argparse, platform
-
-Field = collections.namedtuple('Field', ['name', 'contents'])
-
-Header = collections.namedtuple('Header', ['module'])
-
-Function = collections.namedtuple('Function',
-        ['name', 'purpose', 'inputs', 'returns'])
-
-Class = collections.namedtuple('Class', ['name', 'purpose'])
-
-
-FILE_HEADER = """
-// Copyright 2001-2017,
-// Daniel Kroening (Computer Science Department, University of Oxford
-//   and Diffblue Ltd),
-// Edmund Clarke (Computer Science Department, Carnegie Mellon University),
-// DiffBlue Ltd.
-""".strip()
-
-
-def warn(message):
-    """ Print a labelled message to stderr.  """
-    sys.stderr.write('Warning: %s\n' % message)
-
-
-def header_from_block(block):
-    """ Create a Header structure from a parsed Block.  """
-    return Header(block.fields['Module'])
-
-
-def function_from_block(block):
-    """ Create a Function structure from a parsed Block.  """
-    return Function(block.fields.get('Function', None),
-            block.fields.get('Purpose', None), block.fields.get('Inputs', None),
-            block.fields.get('Outputs', None))
-
-
-def make_field(name, contents):
-    return Field(name, contents if contents.strip() else None)
-
-
-def class_from_block(block):
-    """ Create a Class structure from a parsed Block.  """
-    return Class(block.fields.get('Class', None),
-            block.fields.get('Purpose', None))
-
-
-def parse_fields(block_contents):
-    """ Extract the named fields of an old-style comment block.  """
-
-    field_re = re.compile(
-            r'(?:\n *(Purpose):(.*))|(?:\n *([a-zA-Z0-9]+?):\n?(.*?)?^$)',
-            re.MULTILINE | re.DOTALL)
-    for m in field_re.finditer(block_contents):
-        # If the field is a Purpose field
-        if m.lastindex == 2:
-            yield make_field(m.group(1), textwrap.dedent(m.group(2)))
-        # If the field is any other field
-        elif m.lastindex == 3 or m.lastindex == 4:
-            yield make_field(m.group(3), textwrap.dedent(m.group(4)))
-
-
-Block = collections.namedtuple('Block', ['fields'])
-
-
-def has_field(block, field_name):
-    """ Return whether the block has a field with the given name.  """
-    return field_name in block.fields
-
-
-def make_doxy_comment(text):
-    text = re.sub(r'^(?!$)', r'/// ', text, flags=re.MULTILINE)
-    return re.sub(r'^(?=$)', r'///' , text, flags=re.MULTILINE)
-
-
-class GenericFormatter(object):
-    def __init__(self, doc_width):
-        self.text_wrapper = textwrap.TextWrapper(width=doc_width)
-        self.indented_wrapper = textwrap.TextWrapper(width=doc_width,
-                subsequent_indent=r'  ')
-        self.whitespace_re = re.compile(r'\n\s*', re.MULTILINE | re.DOTALL)
-
-    def convert(self, block):
-        sections = filter(None, self.convert_sections(block))
-        if sections:
-            return make_doxy_comment('\n'.join(sections)) + '\n'
-        return ''
-
-
-class HeaderFormatter(GenericFormatter):
-    def format_module(self, header):
-        if not header.module:
-            return None
-
-        subbed = self.whitespace_re.sub(' ', header.module)
-        # The file directive must be followed by a newline in order to refer to
-        # the current file
-        return self.indented_wrapper.fill('\\file\n%s' % subbed)
-
-    def is_block_valid(self, block):
-        return has_field(block, 'Module')
-
-    def convert_sections(self, block):
-        return [self.format_module(block)]
-
-
-class FunctionFormatter(GenericFormatter):
-    def __init__(self, doc_width):
-        super(FunctionFormatter, self).__init__(doc_width)
-        self.paragraph_re = re.compile(r'(.*?)^$(.*)', re.MULTILINE | re.DOTALL)
-
-    def format_purpose(self, function):
-        if not function.purpose:
-            return None
-
-        match = self.paragraph_re.match(function.purpose)
-        first_paragraph = match.group(1)
-        first_paragraph = self.whitespace_re.sub(' ',
-                first_paragraph) if first_paragraph else ''
-
-        tail_paragraphs = (('\n' + match.group(2)) if match.group(2) else '')
-        formatted_purpose = (self.text_wrapper.fill(first_paragraph) +
-                tail_paragraphs)
-
-        return formatted_purpose.strip()
-
-    def format_inputs(self, function):
-        if not function.inputs:
-            return None
-
-        if re.match(r'^\s*\S+\s*$', function.inputs):
-            return None
-
-        def param_replacement(match):
-            return r'\param %s:' % match.group(1)
-
-        dedented = textwrap.dedent(function.inputs)
-        text = re.sub(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
-        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s+[:-]',
-                param_replacement, text, flags=re.MULTILINE)
-
-        if num_replacements == 0:
-            text = r'parameters: %s' % text
-
-        text = '\n'.join(
-                self.indented_wrapper.fill(t) for t in text.split('\n'))
-        return text.strip()
-
-    def format_returns(self, function):
-        if not function.returns:
-            return None
-
-        subbed = self.whitespace_re.sub(' ', function.returns)
-        return self.indented_wrapper.fill(r'\return %s' % subbed)
-
-    def is_block_valid(self, block):
-        return has_field(block, 'Function')
-
-    def convert_sections(self, block):
-        return [
-            self.format_purpose(block),
-            self.format_inputs(block),
-            self.format_returns(block)]
-
-
-class ClassFormatter(GenericFormatter):
-    def __init__(self, doc_width):
-        super(ClassFormatter, self).__init__(doc_width)
-        self.paragraph_re = re.compile(r'(.*?)^$(.*)', re.MULTILINE | re.DOTALL)
-
-    def format_purpose(self, klass):
-        if not klass.purpose:
-            return None
-
-        match = self.paragraph_re.match(klass.purpose)
-        first_paragraph = match.group(1)
-        first_paragraph = self.whitespace_re.sub(' ',
-                first_paragraph) if first_paragraph else ''
-
-        tail_paragraphs = (('\n' + match.group(2)) if match.group(2) else '')
-        formatted_purpose = (self.text_wrapper.fill(first_paragraph) +
-                tail_paragraphs)
-
-        return formatted_purpose.strip()
-
-    def is_block_valid(self, block):
-        return has_field(block, 'Class')
-
-    def convert_sections(self, block):
-        return [self.format_purpose(block)]
-
-
-def replace_block(
-        block_contents,
-        file,
-        header_formatter,
-        class_formatter,
-        function_formatter):
-    """
-    Replace an old-style documentation block with the doxygen equivalent
-    """
-    block = Block({f.name: f.contents for f in parse_fields(block_contents)})
-
-    if header_formatter.is_block_valid(block):
-        return header_formatter.convert(header_from_block(block))
-
-    if class_formatter.is_block_valid(block):
-        return class_formatter.convert(class_from_block(block))
-
-    if function_formatter.is_block_valid(block):
-        return function_formatter.convert(function_from_block(block))
-
-    warn('block in "%s" has unrecognised format:\n%s' %
-            (file, block_contents))
-
-    return ''
-
-
-def convert_file(file):
-    """ Replace documentation in file with doxygen-styled comments.  """
-    with open(file) as f:
-        contents = f.read()
-
-    doc_width = 76
-
-    header_formatter = HeaderFormatter(doc_width)
-    class_formatter = ClassFormatter(doc_width)
-    function_formatter = FunctionFormatter(doc_width)
-
-    block_re = re.compile(
-            r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
-    new_contents = block_re.sub(
-            lambda match: replace_block(
-                match.group(1),
-                file,
-                header_formatter,
-                class_formatter,
-                function_formatter), contents)
-
-    if not re.search(FILE_HEADER, new_contents):
-        new_contents = FILE_HEADER + '\n\n' + new_contents
-
-    sys.stdout.write(new_contents)
-
-
-def main():
-    """ Run convert_file from the command-line.  """
-    parser = argparse.ArgumentParser()
-    parser.add_argument('file', type=str, help='The file to process')
-    args = parser.parse_args()
-
-    convert_file(args.file)
-
-    return 0
-
-
-if __name__ == '__main__':
-    sys.exit(main())
diff --git a/scripts/compare_postprocessor_output.py b/scripts/compare_postprocessor_output.py
index 10dcb0f2709..6bb330183c4 100644
--- a/scripts/compare_postprocessor_output.py
+++ b/scripts/compare_postprocessor_output.py
@@ -3,17 +3,12 @@
 
 def preprocess(compiler, file_contents):
     """ Get output from the preprocessing pass on a file.  """
-    output = subprocess.Popen(
+    return subprocess.Popen(
             [compiler, '-E', '-'],
             stdout=subprocess.PIPE,
             stderr=subprocess.PIPE,
             stdin=subprocess.PIPE).communicate(input=file_contents)[0]
 
-    def should_keep(line):
-        return str.strip(line) and line[0] != '#'
-
-    return filter(should_keep, output.splitlines())
-
 
 def preprocess_file(compiler, filename):
     """ Open a file and get the preprocessor output.  """
@@ -21,6 +16,11 @@ def preprocess_file(compiler, filename):
         return preprocess(compiler, f.read())
 
 
+def remove_empty_lines(text):
+    """ Remove empty lines from text.  """
+    return '\n'.join(filter(None, text.splitlines()))
+
+
 def file_contents_from_branch(filename, branch):
     """ Get a copy of a file from another branch and return its contents.  """
     return subprocess.check_output(
@@ -30,16 +30,21 @@ def file_contents_from_branch(filename, branch):
 def equal_to_file_on_branch(filename, branch, compiler):
     """
     Open a file on this branch and preprocess it.  Preprocess the same file
-    from another branch, and return a diff.
+    from another branch, and return whether the two files have (for all intents
+    and purposes) the same contents.
     """
     with open(filename, 'rb') as f:
         def p(text):
             return preprocess(compiler, text)
-        return difflib.unified_diff(p(f.read()),
-                p(file_contents_from_branch(filename, branch)),
-                fromfile=filename,
-                tofile=filename,
-                lineterm='')
+        return (p(f.read()) ==
+                p(file_contents_from_branch(filename, branch)))
+
+
+def process_single_file(filename, branch, compiler):
+    """ Like equal_to_file_on_branch, but also checks the file extension.  """
+    _, ext = os.path.splitext(filename)
+    return ((ext == '.h' or ext == '.cpp') and
+            not equal_to_file_on_branch(filename, branch, compiler))
 
 
 def is_source(filename):
@@ -53,9 +58,8 @@ def process(tup):
     Check a single file, and return its name if the check fails, otherwise
     return None.
     """
-    filename, branch, compiler = tup
-    failed = '\n'.join(equal_to_file_on_branch(filename, branch, compiler))
-    return failed if failed else None
+    failed = process_single_file(*tup)
+    return file if failed else None
 
 
 def main():
@@ -68,7 +72,7 @@ def main():
             '--branch', type=str, default='upstream/master',
             help='The branch to compare')
     parser.add_argument(
-            '--compiler', type=str, default='g++',
+            '--compiler', type=str, default='gcc',
             help='The compiler to use')
     args = parser.parse_args()
 
@@ -81,15 +85,10 @@ def main():
             itertools.cycle([args.branch]),
             itertools.cycle([args.compiler]))
 
-    pool = multiprocessing.Pool(10)
-
-    results = filter(None, pool.map(process, zipped))
-
-    pool.close()
-    pool.join()
+    results = filter(None, multiprocessing.Pool(10).map(process, zipped))
 
     if results:
-        print('\n\n'.join(results))
+        print('\n'.join(results))
         return 1
 
     return 0
diff --git a/scripts/reformat_docs.py b/scripts/reformat_docs.py
index eadc5359052..4e1c954f113 100644
--- a/scripts/reformat_docs.py
+++ b/scripts/reformat_docs.py
@@ -10,6 +10,15 @@
 Class = collections.namedtuple('Class', ['name', 'purpose'])
 
 
+FILE_HEADER = """
+// Copyright 2001-2017,
+// Daniel Kroening (Computer Science Department, University of Oxford
+//   and Diffblue Ltd),
+// Edmund Clarke (Computer Science Department, Carnegie Mellon University),
+// DiffBlue Ltd.
+""".strip()
+
+
 def warn(message):
     """ Print a labelled message to stderr.  """
     sys.stderr.write('Warning: %s\n' % message)
@@ -87,7 +96,7 @@ def format_module(self, header):
         subbed = self.whitespace_re.sub(' ', header.module)
         # The file directive must be followed by a newline in order to refer to
         # the current file
-        return '\\file\n' + self.indented_wrapper.fill(subbed)
+        return self.indented_wrapper.fill('\\file\n%s' % subbed)
 
     def is_block_valid(self, block):
         return has_field(block, 'Module')
@@ -95,10 +104,6 @@ def is_block_valid(self, block):
     def convert_sections(self, block):
         return [self.format_module(block)]
 
-    def needs_new_header(self, file_contents):
-        return (re.search(r'^\/\/\/ \\file$', file_contents, flags=re.MULTILINE)
-                is None)
-
 
 class FunctionFormatter(GenericFormatter):
     def __init__(self, doc_width):
@@ -130,17 +135,13 @@ def format_inputs(self, function):
         def param_replacement(match):
             return r'\param %s:' % match.group(1)
 
-        lines = function.inputs.split('\n')
-        tail = '\n'.join(lines[1:])
-
-        dedented = lines[0] + '\n' + textwrap.dedent(tail)
-
+        dedented = textwrap.dedent(function.inputs)
         text = re.sub(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
-        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s*[:-]',
+        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s+[:-]',
                 param_replacement, text, flags=re.MULTILINE)
 
         if num_replacements == 0:
-            text = r'\par parameters: %s' % text
+            text = r'parameters: %s' % text
 
         text = '\n'.join(
                 self.indented_wrapper.fill(t) for t in text.split('\n'))
@@ -192,7 +193,6 @@ def convert_sections(self, block):
 
 def replace_block(
         block_contents,
-        file_contents,
         file,
         header_formatter,
         class_formatter,
@@ -200,14 +200,10 @@ def replace_block(
     """
     Replace an old-style documentation block with the doxygen equivalent
     """
-    block = Block(
-            {f.name: f.contents for f in parse_fields(block_contents.group(1))})
+    block = Block({f.name: f.contents for f in parse_fields(block_contents)})
 
     if header_formatter.is_block_valid(block):
-        converted = header_formatter.convert(header_from_block(block))
-        if header_formatter.needs_new_header(file_contents) and converted:
-            return block_contents.group(0) + converted + '\n'
-        return block_contents.group(0)
+        return header_formatter.convert(header_from_block(block))
 
     if class_formatter.is_block_valid(block):
         return class_formatter.convert(class_from_block(block))
@@ -216,12 +212,12 @@ def replace_block(
         return function_formatter.convert(function_from_block(block))
 
     warn('block in "%s" has unrecognised format:\n%s' %
-            (file, block_contents.group(1)))
+            (file, block_contents))
 
     return ''
 
 
-def convert_file(file, inplace):
+def convert_file(file):
     """ Replace documentation in file with doxygen-styled comments.  """
     with open(file) as f:
         contents = f.read()
@@ -236,29 +232,25 @@ def convert_file(file, inplace):
             r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
     new_contents = block_re.sub(
             lambda match: replace_block(
-                match,
-                contents,
+                match.group(1),
                 file,
                 header_formatter,
                 class_formatter,
                 function_formatter), contents)
 
-    if inplace:
-        with open(file, 'w') as f:
-            f.write(new_contents)
-    else:
-        sys.stdout.write(new_contents)
+    if not re.search(FILE_HEADER, new_contents):
+        new_contents = FILE_HEADER + '\n\n' + new_contents
+
+    sys.stdout.write(new_contents)
 
 
 def main():
     """ Run convert_file from the command-line.  """
     parser = argparse.ArgumentParser()
     parser.add_argument('file', type=str, help='The file to process')
-    parser.add_argument('-i', '--inplace', action='store_true',
-            help='Process in place')
     args = parser.parse_args()
 
-    convert_file(args.file, args.inplace)
+    convert_file(args.file)
 
     return 0
 
diff --git a/convert_file.sh b/scripts/reformat_docs_in_place.sh
similarity index 100%
rename from convert_file.sh
rename to scripts/reformat_docs_in_place.sh

From 4dd2f6e0b59cf63bb420984f71271331ef4edd73 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Fri, 12 May 2017 22:17:17 +0100
Subject: [PATCH 33/57] Fix up linter script to accept new Copyright label

---
 scripts/cpplint.py | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/scripts/cpplint.py b/scripts/cpplint.py
index 64fab3758f9..a3bb2325db5 100755
--- a/scripts/cpplint.py
+++ b/scripts/cpplint.py
@@ -1920,14 +1920,11 @@ def ReverseCloseExpression(clean_lines, linenum, pos):
 def CheckForCopyright(filename, lines, error):
   """Logs an error if no Copyright message appears at the top of the file."""
 
-  # We'll say it should occur by line 10. Don't forget there's a
-  # dummy line at the front.
-  for line in xrange(1, min(len(lines), 11)):
-    if re.search(r'Author', lines[line], re.I): break
-  else:                       # means no copyright line was found
+  # Line one should contain the word 'Copyright' somewhere
+  if not re.search(r'Copyright', lines[1], re.I):
     error(filename, 0, 'legal/copyright', 5,
           'No copyright message found.  '
-          'You should have a line: "Author: <name>"')
+          'You should use the standard copyright block.')
 
 
 def GetIndentLevel(line):

From cdaf12d3c1d1aa9bc79bbdb24cd7f6fdf151b446 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 6 Jun 2017 15:05:49 +0100
Subject: [PATCH 34/57] Revert "Fix up linter script to accept new Copyright
 label"

This reverts commit 60c5091e36a4423180150f9c9e04de3f5f053f7e.
---
 scripts/cpplint.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/scripts/cpplint.py b/scripts/cpplint.py
index a3bb2325db5..64fab3758f9 100755
--- a/scripts/cpplint.py
+++ b/scripts/cpplint.py
@@ -1920,11 +1920,14 @@ def ReverseCloseExpression(clean_lines, linenum, pos):
 def CheckForCopyright(filename, lines, error):
   """Logs an error if no Copyright message appears at the top of the file."""
 
-  # Line one should contain the word 'Copyright' somewhere
-  if not re.search(r'Copyright', lines[1], re.I):
+  # We'll say it should occur by line 10. Don't forget there's a
+  # dummy line at the front.
+  for line in xrange(1, min(len(lines), 11)):
+    if re.search(r'Author', lines[line], re.I): break
+  else:                       # means no copyright line was found
     error(filename, 0, 'legal/copyright', 5,
           'No copyright message found.  '
-          'You should use the standard copyright block.')
+          'You should have a line: "Author: <name>"')
 
 
 def GetIndentLevel(line):

From 0243754f246f782d7e5bb047352ac5d0a6eaf091 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Fri, 12 May 2017 22:28:00 +0100
Subject: [PATCH 35/57] Allow python script to reformat in place

---
 scripts/reformat_docs.py          | 12 +++++++++---
 scripts/reformat_docs_in_place.sh |  2 --
 2 files changed, 9 insertions(+), 5 deletions(-)
 delete mode 100755 scripts/reformat_docs_in_place.sh

diff --git a/scripts/reformat_docs.py b/scripts/reformat_docs.py
index 4e1c954f113..6121a527c5b 100644
--- a/scripts/reformat_docs.py
+++ b/scripts/reformat_docs.py
@@ -217,7 +217,7 @@ def replace_block(
     return ''
 
 
-def convert_file(file):
+def convert_file(file, inplace):
     """ Replace documentation in file with doxygen-styled comments.  """
     with open(file) as f:
         contents = f.read()
@@ -241,16 +241,22 @@ def convert_file(file):
     if not re.search(FILE_HEADER, new_contents):
         new_contents = FILE_HEADER + '\n\n' + new_contents
 
-    sys.stdout.write(new_contents)
+    if inplace:
+        with open(file, 'w') as f:
+            f.write(new_contents)
+    else:
+        sys.stdout.write(new_contents)
 
 
 def main():
     """ Run convert_file from the command-line.  """
     parser = argparse.ArgumentParser()
     parser.add_argument('file', type=str, help='The file to process')
+    parser.add_argument('-i', '--inplace', action='store_true',
+            help='Process in place')
     args = parser.parse_args()
 
-    convert_file(args.file)
+    convert_file(args.file, args.inplace)
 
     return 0
 
diff --git a/scripts/reformat_docs_in_place.sh b/scripts/reformat_docs_in_place.sh
deleted file mode 100755
index 0939109b536..00000000000
--- a/scripts/reformat_docs_in_place.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-tmpfile=$(mktemp /tmp/tmp_conversion.XXXXXX)
-python convert.py $1 > $tmpfile && mv $tmpfile $1

From 493cee1f6d79e7069f8c6840a21a355b0e8a5de1 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 16 May 2017 22:14:08 +0100
Subject: [PATCH 36/57] Fix parameter list bug

---
 scripts/reformat_docs.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/scripts/reformat_docs.py b/scripts/reformat_docs.py
index 6121a527c5b..d6b11cc90e2 100644
--- a/scripts/reformat_docs.py
+++ b/scripts/reformat_docs.py
@@ -135,13 +135,17 @@ def format_inputs(self, function):
         def param_replacement(match):
             return r'\param %s:' % match.group(1)
 
-        dedented = textwrap.dedent(function.inputs)
+        lines = function.inputs.split('\n')
+        tail = '\n'.join(lines[1:])
+
+        dedented = lines[0] + '\n' + textwrap.dedent(tail)
+
         text = re.sub(r'\n\s+', ' ', dedented, flags=re.MULTILINE)
-        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s+[:-]',
+        text, num_replacements = re.subn(r'^([a-zA-Z0-9_]+)\s*[:-]',
                 param_replacement, text, flags=re.MULTILINE)
 
         if num_replacements == 0:
-            text = r'parameters: %s' % text
+            text = r'\par parameters: %s' % text
 
         text = '\n'.join(
                 self.indented_wrapper.fill(t) for t in text.split('\n'))

From 8527fb59cfb16c1dc757b931cff87ec2184ca7b1 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 30 May 2017 14:30:51 +0100
Subject: [PATCH 37/57] Update postprocessor comparison script

---
 scripts/compare_postprocessor_output.py | 45 +++++++++++++------------
 1 file changed, 23 insertions(+), 22 deletions(-)

diff --git a/scripts/compare_postprocessor_output.py b/scripts/compare_postprocessor_output.py
index 6bb330183c4..10dcb0f2709 100644
--- a/scripts/compare_postprocessor_output.py
+++ b/scripts/compare_postprocessor_output.py
@@ -3,12 +3,17 @@
 
 def preprocess(compiler, file_contents):
     """ Get output from the preprocessing pass on a file.  """
-    return subprocess.Popen(
+    output = subprocess.Popen(
             [compiler, '-E', '-'],
             stdout=subprocess.PIPE,
             stderr=subprocess.PIPE,
             stdin=subprocess.PIPE).communicate(input=file_contents)[0]
 
+    def should_keep(line):
+        return str.strip(line) and line[0] != '#'
+
+    return filter(should_keep, output.splitlines())
+
 
 def preprocess_file(compiler, filename):
     """ Open a file and get the preprocessor output.  """
@@ -16,11 +21,6 @@ def preprocess_file(compiler, filename):
         return preprocess(compiler, f.read())
 
 
-def remove_empty_lines(text):
-    """ Remove empty lines from text.  """
-    return '\n'.join(filter(None, text.splitlines()))
-
-
 def file_contents_from_branch(filename, branch):
     """ Get a copy of a file from another branch and return its contents.  """
     return subprocess.check_output(
@@ -30,21 +30,16 @@ def file_contents_from_branch(filename, branch):
 def equal_to_file_on_branch(filename, branch, compiler):
     """
     Open a file on this branch and preprocess it.  Preprocess the same file
-    from another branch, and return whether the two files have (for all intents
-    and purposes) the same contents.
+    from another branch, and return a diff.
     """
     with open(filename, 'rb') as f:
         def p(text):
             return preprocess(compiler, text)
-        return (p(f.read()) ==
-                p(file_contents_from_branch(filename, branch)))
-
-
-def process_single_file(filename, branch, compiler):
-    """ Like equal_to_file_on_branch, but also checks the file extension.  """
-    _, ext = os.path.splitext(filename)
-    return ((ext == '.h' or ext == '.cpp') and
-            not equal_to_file_on_branch(filename, branch, compiler))
+        return difflib.unified_diff(p(f.read()),
+                p(file_contents_from_branch(filename, branch)),
+                fromfile=filename,
+                tofile=filename,
+                lineterm='')
 
 
 def is_source(filename):
@@ -58,8 +53,9 @@ def process(tup):
     Check a single file, and return its name if the check fails, otherwise
     return None.
     """
-    failed = process_single_file(*tup)
-    return file if failed else None
+    filename, branch, compiler = tup
+    failed = '\n'.join(equal_to_file_on_branch(filename, branch, compiler))
+    return failed if failed else None
 
 
 def main():
@@ -72,7 +68,7 @@ def main():
             '--branch', type=str, default='upstream/master',
             help='The branch to compare')
     parser.add_argument(
-            '--compiler', type=str, default='gcc',
+            '--compiler', type=str, default='g++',
             help='The compiler to use')
     args = parser.parse_args()
 
@@ -85,10 +81,15 @@ def main():
             itertools.cycle([args.branch]),
             itertools.cycle([args.compiler]))
 
-    results = filter(None, multiprocessing.Pool(10).map(process, zipped))
+    pool = multiprocessing.Pool(10)
+
+    results = filter(None, pool.map(process, zipped))
+
+    pool.close()
+    pool.join()
 
     if results:
-        print('\n'.join(results))
+        print('\n\n'.join(results))
         return 1
 
     return 0

From 0f956c61e170e926b0998c9b0504b6eaff258baa Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 6 Jun 2017 15:03:50 +0100
Subject: [PATCH 38/57] Modify reformatting script to retain existing headers

---
 scripts/reformat_docs.py | 25 ++++++++-----------------
 1 file changed, 8 insertions(+), 17 deletions(-)

diff --git a/scripts/reformat_docs.py b/scripts/reformat_docs.py
index d6b11cc90e2..35dc6e12809 100644
--- a/scripts/reformat_docs.py
+++ b/scripts/reformat_docs.py
@@ -10,15 +10,6 @@
 Class = collections.namedtuple('Class', ['name', 'purpose'])
 
 
-FILE_HEADER = """
-// Copyright 2001-2017,
-// Daniel Kroening (Computer Science Department, University of Oxford
-//   and Diffblue Ltd),
-// Edmund Clarke (Computer Science Department, Carnegie Mellon University),
-// DiffBlue Ltd.
-""".strip()
-
-
 def warn(message):
     """ Print a labelled message to stderr.  """
     sys.stderr.write('Warning: %s\n' % message)
@@ -96,7 +87,7 @@ def format_module(self, header):
         subbed = self.whitespace_re.sub(' ', header.module)
         # The file directive must be followed by a newline in order to refer to
         # the current file
-        return self.indented_wrapper.fill('\\file\n%s' % subbed)
+        return '\\file\n' + self.indented_wrapper.fill(subbed)
 
     def is_block_valid(self, block):
         return has_field(block, 'Module')
@@ -204,10 +195,13 @@ def replace_block(
     """
     Replace an old-style documentation block with the doxygen equivalent
     """
-    block = Block({f.name: f.contents for f in parse_fields(block_contents)})
+    block = Block(
+            {f.name: f.contents for f in parse_fields(block_contents.group(1))})
 
     if header_formatter.is_block_valid(block):
-        return header_formatter.convert(header_from_block(block))
+        return '%s%s\n' % (
+                block_contents.group(0),
+                header_formatter.convert(header_from_block(block)))
 
     if class_formatter.is_block_valid(block):
         return class_formatter.convert(class_from_block(block))
@@ -216,7 +210,7 @@ def replace_block(
         return function_formatter.convert(function_from_block(block))
 
     warn('block in "%s" has unrecognised format:\n%s' %
-            (file, block_contents))
+            (file, block_contents.group(1)))
 
     return ''
 
@@ -236,15 +230,12 @@ def convert_file(file, inplace):
             r'^/\*+\\$(.*?)^\\\*+/$\s*', re.MULTILINE | re.DOTALL)
     new_contents = block_re.sub(
             lambda match: replace_block(
-                match.group(1),
+                match,
                 file,
                 header_formatter,
                 class_formatter,
                 function_formatter), contents)
 
-    if not re.search(FILE_HEADER, new_contents):
-        new_contents = FILE_HEADER + '\n\n' + new_contents
-
     if inplace:
         with open(file, 'w') as f:
             f.write(new_contents)

From 5a8c73935062424df822638b79ff1993bc2e8510 Mon Sep 17 00:00:00 2001
From: reuk <reuk@users.noreply.github.com>
Date: Tue, 6 Jun 2017 15:12:19 +0100
Subject: [PATCH 39/57] Reformat src

---
 src/ansi-c/expr2c.cpp                         |  38 ---
 src/ansi-c/literals/unescape_string.cpp       |  87 +-----
 src/cbmc/cbmc_parse_options.cpp               |   1 -
 src/goto-cc/compile.cpp                       |   1 -
 .../goto_instrument_parse_options.cpp         |   1 -
 src/goto-instrument/remove_function.cpp       |   1 -
 src/goto-programs/builtin_functions.cpp       | 235 +---------------
 src/goto-programs/mm_io.cpp                   |   1 -
 src/linking/linking.cpp                       | 255 +-----------------
 .../value_set_dereference.cpp                 | 139 +---------
 .../flattening/flatten_byte_operators.cpp     |  87 +-----
 src/util/c_types.cpp                          |   1 -
 src/util/expr.cpp                             |   1 +
 13 files changed, 27 insertions(+), 821 deletions(-)

diff --git a/src/ansi-c/expr2c.cpp b/src/ansi-c/expr2c.cpp
index aaf6c811fc1..cee4cf420fe 100644
--- a/src/ansi-c/expr2c.cpp
+++ b/src/ansi-c/expr2c.cpp
@@ -3161,49 +3161,11 @@ std::string expr2ct::convert_code_array_copy(
   return dest;
 }
 
-<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
-=======
-/*******************************************************************\
-
-Function: expr2ct::convert_code_array_replace
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
->>>>>>> HEAD~69
 std::string expr2ct::convert_code_array_replace(
   const codet &src,
   unsigned indent)
 {
   std::string dest=indent_str(indent)+"ARRAY_REPLACE(";
-<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
-=======
-
-  forall_operands(it, src)
-  {
-    unsigned p;
-    std::string arg_str=convert_with_precedence(*it, p);
-
-    if(it!=src.operands().begin())
-      dest+=", ";
-    dest+=arg_str;
-  }
-
-  dest+=");";
-
-  return dest;
-}
-
-/*******************************************************************\
-
-Function: expr2ct::convert_code_assert
->>>>>>> HEAD~69
-
   forall_operands(it, src)
   {
     unsigned p;
diff --git a/src/ansi-c/literals/unescape_string.cpp b/src/ansi-c/literals/unescape_string.cpp
index ab0232b9b3a..1ca8edc7cad 100644
--- a/src/ansi-c/literals/unescape_string.cpp
+++ b/src/ansi-c/literals/unescape_string.cpp
@@ -6,6 +6,9 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
+/// \file
+/// ANSI-C Language Conversion
+
 #include <cassert>
 #include <cctype>
 
@@ -13,18 +16,6 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include "unescape_string.h"
 
-/*******************************************************************\
-
-Function: append_universal_char
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 static void append_universal_char(
   unsigned int value,
   std::string &dest)
@@ -37,18 +28,6 @@ static void append_universal_char(
   dest.append(utf8_value);
 }
 
-/*******************************************************************\
-
-Function: append_universal_char
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 static void append_universal_char(
   unsigned int value,
   std::basic_string<unsigned int> &dest)
@@ -56,18 +35,6 @@ static void append_universal_char(
   dest.push_back(value);
 }
 
-/*******************************************************************\
-
-Function: unescape_string_templ
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 template<typename T>
 std::basic_string<T> unescape_string_templ(const std::string &src)
 {
@@ -181,53 +148,17 @@ std::basic_string<T> unescape_string_templ(const std::string &src)
   return dest;
 }
 
-/*******************************************************************\
-
-Function: unescape_string
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 std::string unescape_string(const std::string &src)
 {
   return unescape_string_templ<char>(src);
 }
 
-/*******************************************************************\
-
-Function: unescape_wide_string
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 std::basic_string<unsigned int> unescape_wide_string(
   const std::string &src)
 {
   return unescape_string_templ<unsigned int>(src);
 }
 
-/*******************************************************************\
-
-Function: hex_to_unsigned
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 unsigned hex_to_unsigned(const char *hex, std::size_t digits)
 {
   unsigned value=0;
@@ -250,18 +181,6 @@ unsigned hex_to_unsigned(const char *hex, std::size_t digits)
   return value;
 }
 
-/*******************************************************************\
-
-Function: octal_to_unsigned
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 unsigned octal_to_unsigned(const char *octal, std::size_t digits)
 {
   unsigned value=0;
diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index 2718421fb56..53bb20e8b58 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -449,7 +449,6 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
       cmdline.get_value("symex-coverage-report"));
 }
 
-
 bool cbmc_parse_optionst::options_exclusive(const char *opt1, const char *opt2)
 {
   if(cmdline.isset(opt1) && cmdline.isset(opt2))
diff --git a/src/goto-cc/compile.cpp b/src/goto-cc/compile.cpp
index c2048bc6037..9079b8bf9c6 100644
--- a/src/goto-cc/compile.cpp
+++ b/src/goto-cc/compile.cpp
@@ -645,7 +645,6 @@ bool compilet::parse_source(const std::string &file_name)
   return false;
 }
 
-
 /// constructor
 /// \return nothing
 compilet::compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror):
diff --git a/src/goto-instrument/goto_instrument_parse_options.cpp b/src/goto-instrument/goto_instrument_parse_options.cpp
index 3a05ecd9854..622618a220f 100644
--- a/src/goto-instrument/goto_instrument_parse_options.cpp
+++ b/src/goto-instrument/goto_instrument_parse_options.cpp
@@ -95,7 +95,6 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "undefined_functions.h"
 #include "remove_function.h"
 
-
 void goto_instrument_parse_optionst::eval_verbosity()
 {
   unsigned int v=8;
diff --git a/src/goto-instrument/remove_function.cpp b/src/goto-instrument/remove_function.cpp
index be92826a843..5cdcaa6fb62 100644
--- a/src/goto-instrument/remove_function.cpp
+++ b/src/goto-instrument/remove_function.cpp
@@ -23,7 +23,6 @@ Date: April 2017
 /// goto_functions  Input functions to be modified
 /// identifier  Function to be removed
 /// message_handler  Error/status output
-
 void remove_function(
   symbol_tablet &symbol_table,
   goto_functionst &goto_functions,
diff --git a/src/goto-programs/builtin_functions.cpp b/src/goto-programs/builtin_functions.cpp
index f8e17ec8736..3de38da7b8e 100644
--- a/src/goto-programs/builtin_functions.cpp
+++ b/src/goto-programs/builtin_functions.cpp
@@ -6,6 +6,9 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
+/// \file
+/// Program Transformation
+
 #include <cassert>
 
 #include <util/rational.h>
@@ -30,18 +33,6 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "goto_convert_class.h"
 #include "format_strings.h"
 
-/*******************************************************************\
-
-Function: goto_convertt::do_prob_uniform
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_prob_uniform(
   const exprt &lhs,
   const exprt &function,
@@ -120,18 +111,6 @@ void goto_convertt::do_prob_uniform(
   copy(assignment, ASSIGN, dest);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_prob_coin
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_prob_coin(
   const exprt &lhs,
   const exprt &function,
@@ -209,18 +188,6 @@ void goto_convertt::do_prob_coin(
   copy(assignment, ASSIGN, dest);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_printf
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_printf(
   const exprt &lhs,
   const exprt &function,
@@ -256,18 +223,6 @@ void goto_convertt::do_printf(
     assert(false);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_scanf
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_scanf(
   const exprt &lhs,
   const exprt &function,
@@ -373,18 +328,6 @@ void goto_convertt::do_scanf(
     assert(false);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_input
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_input(
   const exprt &lhs,
   const exprt &function,
@@ -406,18 +349,6 @@ void goto_convertt::do_input(
   copy(input_code, OTHER, dest);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_output
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_output(
   const exprt &lhs,
   const exprt &function,
@@ -439,18 +370,6 @@ void goto_convertt::do_output(
   copy(output_code, OTHER, dest);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_atomic_begin
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_atomic_begin(
   const exprt &lhs,
   const exprt &function,
@@ -475,18 +394,6 @@ void goto_convertt::do_atomic_begin(
   t->source_location=function.source_location();
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_atomic_end
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_atomic_end(
   const exprt &lhs,
   const exprt &function,
@@ -511,18 +418,6 @@ void goto_convertt::do_atomic_end(
   t->source_location=function.source_location();
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_cpp_new
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_cpp_new(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -643,18 +538,6 @@ void goto_convertt::do_cpp_new(
   dest.destructive_append(tmp_initializer);
 }
 
-/*******************************************************************\
-
-Function: set_class_identifier
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void set_class_identifier(
   struct_exprt &expr,
   const namespacet &ns,
@@ -680,18 +563,6 @@ void set_class_identifier(
   }
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_java_new
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_java_new(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -747,18 +618,6 @@ void goto_convertt::do_java_new(
   t_i->source_location=location;
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_java_new_array
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_java_new_array(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -905,19 +764,7 @@ void goto_convertt::do_java_new_array(
   }
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::cpp_new_initializer
-
-  Inputs:
-
- Outputs:
-
- Purpose: builds a goto program for object initialization
-          after new
-
-\*******************************************************************/
-
+/// builds a goto program for object initialization after new
 void goto_convertt::cpp_new_initializer(
   const exprt &lhs,
   const side_effect_exprt &rhs,
@@ -946,18 +793,6 @@ void goto_convertt::cpp_new_initializer(
   }
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::get_array_argument
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 exprt goto_convertt::get_array_argument(const exprt &src)
 {
   if(src.id()==ID_typecast)
@@ -994,18 +829,6 @@ exprt goto_convertt::get_array_argument(const exprt &src)
   return src.op0().op0();
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_array_op
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_array_op(
   const irep_idt &id,
   const exprt &lhs,
@@ -1028,18 +851,6 @@ void goto_convertt::do_array_op(
   copy(array_op_statement, OTHER, dest);
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_array_equal
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void goto_convertt::do_array_equal(
   const exprt &lhs,
   const exprt &function,
@@ -1084,18 +895,6 @@ void goto_convertt::do_array_equal(
   }
 }
 
-/*******************************************************************\
-
-Function: is_lvalue
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool is_lvalue(const exprt &expr)
 {
   if(expr.id()==ID_index)
@@ -1110,18 +909,6 @@ bool is_lvalue(const exprt &expr)
     return false;
 }
 
-/*******************************************************************\
-
-Function: make_va_list
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 exprt make_va_list(const exprt &expr)
 {
   // we first strip any typecast
@@ -1137,19 +924,7 @@ exprt make_va_list(const exprt &expr)
   return expr;
 }
 
-/*******************************************************************\
-
-Function: goto_convertt::do_function_call_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose: add function calls to function queue for later
-          processing
-
-\*******************************************************************/
-
+/// add function calls to function queue for later processing
 void goto_convertt::do_function_call_symbol(
   const exprt &lhs,
   const symbol_exprt &function,
diff --git a/src/goto-programs/mm_io.cpp b/src/goto-programs/mm_io.cpp
index 994a00e311b..a8378fc200d 100644
--- a/src/goto-programs/mm_io.cpp
+++ b/src/goto-programs/mm_io.cpp
@@ -18,7 +18,6 @@ Date:   April 2017
 #include "remove_returns.h"
 #include "mm_io.h"
 
-
 void collect_deref_expr(
   const exprt &src,
   std::set<dereference_exprt> &dest)
diff --git a/src/linking/linking.cpp b/src/linking/linking.cpp
index 46ed3fe4a23..645cbf32e06 100644
--- a/src/linking/linking.cpp
+++ b/src/linking/linking.cpp
@@ -6,6 +6,9 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
+/// \file
+/// ANSI-C Linking
+
 #include <cassert>
 #include <stack>
 
@@ -22,18 +25,6 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "linking.h"
 #include "linking_class.h"
 
-/*******************************************************************\
-
-Function: linkingt::expr_to_string
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 std::string linkingt::expr_to_string(
   const namespacet &ns,
   const irep_idt &identifier,
@@ -42,18 +33,6 @@ std::string linkingt::expr_to_string(
   return from_expr(ns, identifier, expr);
 }
 
-/*******************************************************************\
-
-Function: linkingt::type_to_string
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 std::string linkingt::type_to_string(
   const namespacet &ns,
   const irep_idt &identifier,
@@ -62,18 +41,6 @@ std::string linkingt::type_to_string(
   return from_type(ns, identifier, type);
 }
 
-/*******************************************************************\
-
-Function: follow_tags_symbols
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 static const typet &follow_tags_symbols(
   const namespacet &ns,
   const typet &type)
@@ -90,18 +57,6 @@ static const typet &follow_tags_symbols(
     return type;
 }
 
-/*******************************************************************\
-
-Function: linkingt::type_to_string_verbose
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 std::string linkingt::type_to_string_verbose(
   const namespacet &ns,
   const symbolt &symbol,
@@ -156,18 +111,6 @@ std::string linkingt::type_to_string_verbose(
   return type_to_string(ns, symbol.name, type);
 }
 
-/*******************************************************************\
-
-Function: linkingt::detailed_conflict_report
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::detailed_conflict_report_rec(
   const symbolt &old_symbol,
   const symbolt &new_symbol,
@@ -422,18 +365,6 @@ void linkingt::detailed_conflict_report_rec(
   #endif
 }
 
-/*******************************************************************\
-
-Function: linkingt::link_error
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::link_error(
     const symbolt &old_symbol,
     const symbolt &new_symbol,
@@ -454,18 +385,6 @@ void linkingt::link_error(
   throw 0;
 }
 
-/*******************************************************************\
-
-Function: linkingt::link_warning
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::link_warning(
     const symbolt &old_symbol,
     const symbolt &new_symbol,
@@ -484,18 +403,6 @@ void linkingt::link_warning(
             << type_to_string_verbose(ns, new_symbol) << eom;
 }
 
-/*******************************************************************\
-
-Function: linkingt::rename
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 irep_idt linkingt::rename(const irep_idt id)
 {
   unsigned cnt=0;
@@ -520,18 +427,6 @@ irep_idt linkingt::rename(const irep_idt id)
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::needs_renaming_non_type
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool linkingt::needs_renaming_non_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol)
@@ -546,18 +441,6 @@ bool linkingt::needs_renaming_non_type(
   return false;
 }
 
-/*******************************************************************\
-
-Function: linkingt::duplicate_code_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::duplicate_code_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -860,18 +743,6 @@ void linkingt::duplicate_code_symbol(
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::adjust_object_type_rec
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool linkingt::adjust_object_type_rec(
   const typet &t1,
   const typet &t2,
@@ -1026,18 +897,6 @@ bool linkingt::adjust_object_type_rec(
   return true;
 }
 
-/*******************************************************************\
-
-Function: linkingt::adjust_object_type
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool linkingt::adjust_object_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol,
@@ -1053,18 +912,6 @@ bool linkingt::adjust_object_type(
   return result;
 }
 
-/*******************************************************************\
-
-Function: linkingt::duplicate_object_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::duplicate_object_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -1151,18 +998,6 @@ void linkingt::duplicate_object_symbol(
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::duplicate_non_type_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::duplicate_non_type_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -1192,18 +1027,6 @@ void linkingt::duplicate_non_type_symbol(
   old_symbol.is_extern=old_symbol.is_extern && new_symbol.is_extern;
 }
 
-/*******************************************************************\
-
-Function: linkingt::duplicate_type_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::duplicate_type_symbol(
   symbolt &old_symbol,
   symbolt &new_symbol)
@@ -1281,18 +1104,6 @@ void linkingt::duplicate_type_symbol(
     "unexpected difference between type symbols");
 }
 
-/*******************************************************************\
-
-Function: linkingt::needs_renaming_type
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool linkingt::needs_renaming_type(
   const symbolt &old_symbol,
   const symbolt &new_symbol)
@@ -1337,18 +1148,6 @@ bool linkingt::needs_renaming_type(
   return true; // different
 }
 
-/*******************************************************************\
-
-Function: linkingt::do_type_dependencies
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::do_type_dependencies(id_sett &needs_to_be_renamed)
 {
   // Any type that uses a symbol that will be renamed also
@@ -1404,18 +1203,6 @@ void linkingt::do_type_dependencies(id_sett &needs_to_be_renamed)
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::rename_symbols
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::rename_symbols(const id_sett &needs_to_be_renamed)
 {
   namespacet src_ns(src_symbol_table);
@@ -1448,18 +1235,6 @@ void linkingt::rename_symbols(const id_sett &needs_to_be_renamed)
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::copy_symbols
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::copy_symbols()
 {
   // First apply the renaming
@@ -1521,18 +1296,6 @@ void linkingt::copy_symbols()
   }
 }
 
-/*******************************************************************\
-
-Function: linkingt::typecheck
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void linkingt::typecheck()
 {
   // We do this in three phases. We first figure out which symbols need to
@@ -1569,18 +1332,6 @@ void linkingt::typecheck()
   copy_symbols();
 }
 
-/*******************************************************************\
-
-Function: linking
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool linking(
   symbol_tablet &dest_symbol_table,
   symbol_tablet &new_symbol_table,
diff --git a/src/pointer-analysis/value_set_dereference.cpp b/src/pointer-analysis/value_set_dereference.cpp
index cc4645bd614..9efd87c5793 100644
--- a/src/pointer-analysis/value_set_dereference.cpp
+++ b/src/pointer-analysis/value_set_dereference.cpp
@@ -6,6 +6,9 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
+/// \file
+/// Symbolic Execution of ANSI-C
+
 #ifdef DEBUG
 #include <iostream>
 #endif
@@ -42,35 +45,11 @@ Author: Daniel Kroening, kroening@kroening.com
 // global data, horrible
 unsigned int value_set_dereferencet::invalid_counter=0;
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::has_dereference
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool value_set_dereferencet::has_dereference(const exprt &expr)
 {
   return has_subexpr(expr, ID_dereference);
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::get_symbol
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 const exprt &value_set_dereferencet::get_symbol(const exprt &expr)
 {
   if(expr.id()==ID_member || expr.id()==ID_index)
@@ -79,19 +58,9 @@ const exprt &value_set_dereferencet::get_symbol(const exprt &expr)
   return expr;
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::dereference
-
-  Inputs: expression dest, to be dereferenced under given guard,
-          and given mode
-
- Outputs: returns pointer after dereferencing
-
- Purpose:
-
-\*******************************************************************/
-
+/// \par parameters: expression dest, to be dereferenced under given guard,
+/// and given mode
+/// \return returns pointer after dereferencing
 exprt value_set_dereferencet::dereference(
   const exprt &pointer,
   const guardt &guard,
@@ -241,18 +210,6 @@ exprt value_set_dereferencet::dereference(
   return value;
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::dereference_type_compare
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool value_set_dereferencet::dereference_type_compare(
   const typet &object_type,
   const typet &dereference_type) const
@@ -295,18 +252,6 @@ bool value_set_dereferencet::dereference_type_compare(
   return false;
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::invalid_pointer
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void value_set_dereferencet::invalid_pointer(
   const exprt &pointer,
   const guardt &guard)
@@ -324,18 +269,6 @@ void value_set_dereferencet::invalid_pointer(
     tmp_guard);
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::build_reference_to
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
   const exprt &what,
   const modet mode,
@@ -653,18 +586,6 @@ value_set_dereferencet::valuet value_set_dereferencet::build_reference_to(
   return result;
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::valid_check
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void value_set_dereferencet::valid_check(
   const exprt &object,
   const guardt &guard,
@@ -717,18 +638,6 @@ void value_set_dereferencet::valid_check(
   }
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::bounds_check
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 void value_set_dereferencet::bounds_check(
   const index_exprt &expr,
   const guardt &guard)
@@ -802,18 +711,6 @@ void value_set_dereferencet::bounds_check(
   }
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::memory_model
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 inline static unsigned bv_width(
   const typet &type,
   const namespacet &ns)
@@ -883,18 +780,6 @@ bool value_set_dereferencet::memory_model(
   return memory_model_bytes(value, to_type, guard, offset);
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::memory_model_conversion
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool value_set_dereferencet::memory_model_conversion(
   exprt &value,
   const typet &to_type,
@@ -922,18 +807,6 @@ bool value_set_dereferencet::memory_model_conversion(
   return true;
 }
 
-/*******************************************************************\
-
-Function: value_set_dereferencet::memory_model_bytes
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool value_set_dereferencet::memory_model_bytes(
   exprt &value,
   const typet &to_type,
diff --git a/src/solvers/flattening/flatten_byte_operators.cpp b/src/solvers/flattening/flatten_byte_operators.cpp
index 29494041687..364565fe0f6 100644
--- a/src/solvers/flattening/flatten_byte_operators.cpp
+++ b/src/solvers/flattening/flatten_byte_operators.cpp
@@ -6,6 +6,7 @@ Author: Daniel Kroening, kroening@kroening.com
 
 \*******************************************************************/
 
+
 #include <util/c_types.h>
 #include <util/expr.h>
 #include <util/std_types.h>
@@ -19,23 +20,12 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include "flatten_byte_operators.h"
 
-/*******************************************************************\
-
-Function: unpack_rec
-
-  Inputs:
-    src  object to unpack
-    little_endian  true, iff assumed endianness is little-endian
-    max_bytes  if not nil, use as upper bound of the number of bytes
-               to unpack
-    ns  namespace for type lookups
-
- Outputs: array of bytes in the sequence found in memory
-
- Purpose: rewrite an object into its individual bytes
-
-\*******************************************************************/
-
+/// rewrite an object into its individual bytes
+/// \par parameters: src  object to unpack
+/// little_endian  true, iff assumed endianness is little-endian
+/// max_bytes  if not nil, use as upper bound of the number of bytes to unpack
+/// ns  namespace for type lookups
+/// \return array of bytes in the sequence found in memory
 static exprt unpack_rec(
   const exprt &src,
   bool little_endian,
@@ -158,19 +148,8 @@ static exprt unpack_rec(
   return array;
 }
 
-/*******************************************************************\
-
-Function: flatten_byte_extract
-
-  Inputs:
-
- Outputs:
-
- Purpose: rewrite byte extraction from an array to byte extraction
-          from a concatenation of array index expressions
-
-\*******************************************************************/
-
+/// rewrite byte extraction from an array to byte extraction from a
+/// concatenation of array index expressions
 exprt flatten_byte_extract(
   const byte_extract_exprt &src,
   const namespacet &ns)
@@ -361,18 +340,6 @@ exprt flatten_byte_extract(
   }
 }
 
-/*******************************************************************\
-
-Function: flatten_byte_update
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 exprt flatten_byte_update(
   const byte_update_exprt &src,
   const namespacet &ns,
@@ -628,18 +595,6 @@ exprt flatten_byte_update(
   }
 }
 
-/*******************************************************************\
-
-Function: flatten_byte_update
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 exprt flatten_byte_update(
   const byte_update_exprt &src,
   const namespacet &ns)
@@ -647,18 +602,6 @@ exprt flatten_byte_update(
   return flatten_byte_update(src, ns, false);
 }
 
-/*******************************************************************\
-
-Function: has_byte_operators
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 bool has_byte_operator(const exprt &src)
 {
   if(src.id()==ID_byte_update_little_endian ||
@@ -674,18 +617,6 @@ bool has_byte_operator(const exprt &src)
   return false;
 }
 
-/*******************************************************************\
-
-Function: flatten_byte_operators
-
-  Inputs:
-
- Outputs:
-
- Purpose:
-
-\*******************************************************************/
-
 exprt flatten_byte_operators(
   const exprt &src,
   const namespacet &ns)
diff --git a/src/util/c_types.cpp b/src/util/c_types.cpp
index e8598f57e4d..cc2880cb577 100644
--- a/src/util/c_types.cpp
+++ b/src/util/c_types.cpp
@@ -18,7 +18,6 @@ bitvector_typet index_type()
   return signed_size_type();
 }
 
-
 /// return type of enum constants
 bitvector_typet enum_constant_type()
 {
diff --git a/src/util/expr.cpp b/src/util/expr.cpp
index cc022538949..63730d1cf9a 100644
--- a/src/util/expr.cpp
+++ b/src/util/expr.cpp
@@ -9,6 +9,7 @@ Author: Daniel Kroening, kroening@kroening.com
 /// \file
 /// Expression Representation
 
+#include <cassert>
 #include <stack>
 
 #include "string2int.h"

From 2c0a697739d7a0db8bb5c2642194a84f2730c31f Mon Sep 17 00:00:00 2001
From: Peter Schrammel <peter.schrammel@cs.ox.ac.uk>
Date: Fri, 16 Sep 2016 22:03:08 +0100
Subject: [PATCH 40/57] Incremental BMC

---
 regression/Makefile                           |   5 +
 .../Array_UF9/main.c                          |   2 +-
 .../unwind-forever1/test.desc                 |   2 +-
 .../unwind-forever2/test.desc                 |   2 +-
 .../unwinding-assertion1/test.desc            |   2 +-
 regression/cbmc-incr/Makefile                 |   2 +-
 .../cbmc-incr/unwinding-assertion1/test.desc  |   2 +-
 regression/cbmc-with-incr/Free1/test.desc     |   2 +-
 regression/cbmc-with-incr/Free2/test.desc     |   2 +-
 regression/cbmc-with-incr/Free3/test.desc     |   2 +-
 regression/cbmc-with-incr/Free4/test.desc     |   2 +-
 regression/cbmc-with-incr/Function5/test.desc |   2 +-
 .../Multi_Dimensional_Array6/test.desc        |   7 +-
 .../Overflow_Addition1/test.desc              |   2 +-
 .../Pointer_Arithmetic5/test.desc             |   2 +-
 .../Pointer_Arithmetic8/test.desc             |   2 +-
 .../Pointer_byte_extract2/test.desc           |   4 +-
 .../Pointer_byte_extract5/test.desc           |   4 +-
 .../Pointer_byte_extract8/test.desc           |   4 +-
 regression/cbmc-with-incr/String2/test.desc   |   2 +-
 .../Undefined_Function1/test.desc             |   2 +-
 regression/cbmc-with-incr/pipe1/test.desc     |   4 +-
 src/cbmc/Makefile                             |   4 +
 src/cbmc/all_properties.cpp                   |  15 +-
 src/cbmc/bmc.cpp                              | 181 +++++-----
 src/cbmc/bmc.h                                |  52 ++-
 src/cbmc/bmc_incremental.cpp                  | 166 +++++++++
 src/cbmc/bmc_incremental.h                    |  67 ++++
 src/cbmc/bmc_incremental_one_loop.cpp         | 157 +++++++++
 src/cbmc/bmc_incremental_one_loop.h           |  69 ++++
 src/cbmc/cbmc_parse_options.cpp               |   5 +
 src/cbmc/cbmc_parse_options.h                 |   4 +
 src/cbmc/fault_localization.cpp               |   4 +-
 src/cbmc/fault_localization.h                 |   2 +-
 src/cbmc/symex_bmc.cpp                        |   6 +-
 src/cbmc/symex_bmc.h                          |   9 +-
 src/cbmc/symex_bmc_incremental.cpp            | 314 ++++++++++++++++++
 src/cbmc/symex_bmc_incremental.h              |  67 ++++
 src/cbmc/symex_bmc_incremental_one_loop.cpp   | 132 ++++++++
 src/cbmc/symex_bmc_incremental_one_loop.h     |  60 ++++
 src/cegis/Makefile                            | 146 ++++++++
 src/cegis/cegis-util/cbmc_runner.cpp          | 155 +++++++++
 src/goto-programs/safety_checker.h            |   1 +
 src/goto-symex/build_goto_trace.cpp           |   9 +-
 src/goto-symex/goto_symex.h                   |  21 +-
 src/goto-symex/goto_symex_state.h             |   5 +
 src/goto-symex/slice.cpp                      |  19 ++
 src/goto-symex/slice.h                        |   3 +
 src/goto-symex/symex_function_call.cpp        |  20 +-
 src/goto-symex/symex_goto.cpp                 |  52 ++-
 src/goto-symex/symex_main.cpp                 |  46 ++-
 src/goto-symex/symex_target_equation.cpp      | 150 +++++++--
 src/goto-symex/symex_target_equation.h        |  21 +-
 src/solvers/prop/cover_goals.cpp              |   5 +
 src/solvers/prop/cover_goals.h                |   1 +
 55 files changed, 1852 insertions(+), 176 deletions(-)
 create mode 100644 src/cbmc/bmc_incremental.cpp
 create mode 100644 src/cbmc/bmc_incremental.h
 create mode 100644 src/cbmc/bmc_incremental_one_loop.cpp
 create mode 100644 src/cbmc/bmc_incremental_one_loop.h
 create mode 100644 src/cbmc/symex_bmc_incremental.cpp
 create mode 100644 src/cbmc/symex_bmc_incremental.h
 create mode 100644 src/cbmc/symex_bmc_incremental_one_loop.cpp
 create mode 100644 src/cbmc/symex_bmc_incremental_one_loop.h
 create mode 100644 src/cegis/Makefile
 create mode 100644 src/cegis/cegis-util/cbmc_runner.cpp

diff --git a/regression/Makefile b/regression/Makefile
index 71e3494e073..1e543290a0d 100644
--- a/regression/Makefile
+++ b/regression/Makefile
@@ -6,6 +6,10 @@ DIRS = ansi-c \
        goto-analyzer \
        goto-instrument \
        goto-instrument-typedef \
+       goto-instrument-unwind \
+       cbmc-incr-oneloop \
+       cbmc-incr \
+       cbmc-with-incr \
        test-script \
        # Empty last line
 
@@ -19,3 +23,4 @@ clean:
 			$(MAKE) -C "$$dir" clean; \
 		fi; \
 	done;
+
diff --git a/regression/array-refinement-with-incr/Array_UF9/main.c b/regression/array-refinement-with-incr/Array_UF9/main.c
index dcf6f7346f3..93cdba8bd31 100644
--- a/regression/array-refinement-with-incr/Array_UF9/main.c
+++ b/regression/array-refinement-with-incr/Array_UF9/main.c
@@ -11,7 +11,7 @@ unsigned int SIZE;
 int linear_search(int *a, int n, int q) {
   unsigned int j=0;
   while (j<n && a[j]!=q) {
-  j;
+  j++;
   if (j==20) j=-1;
   }
   if (j<SIZE) return 1;
diff --git a/regression/cbmc-incr-oneloop/unwind-forever1/test.desc b/regression/cbmc-incr-oneloop/unwind-forever1/test.desc
index 5d03502707e..15abdc45fac 100644
--- a/regression/cbmc-incr-oneloop/unwind-forever1/test.desc
+++ b/regression/cbmc-incr-oneloop/unwind-forever1/test.desc
@@ -1,4 +1,4 @@
-CORE
+THOROUGH
 main.c
  --incremental-check main.0
 ^EXIT=142$
diff --git a/regression/cbmc-incr-oneloop/unwind-forever2/test.desc b/regression/cbmc-incr-oneloop/unwind-forever2/test.desc
index 920f3890da5..2d756f31228 100644
--- a/regression/cbmc-incr-oneloop/unwind-forever2/test.desc
+++ b/regression/cbmc-incr-oneloop/unwind-forever2/test.desc
@@ -1,4 +1,4 @@
-CORE
+THOROUGH
 main.c
 --incremental-check main.0
 ^EXIT=142$
diff --git a/regression/cbmc-incr-oneloop/unwinding-assertion1/test.desc b/regression/cbmc-incr-oneloop/unwinding-assertion1/test.desc
index 330d653e34c..b72857b7d7f 100644
--- a/regression/cbmc-incr-oneloop/unwinding-assertion1/test.desc
+++ b/regression/cbmc-incr-oneloop/unwinding-assertion1/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---unwind-max 10 --incremental-check main.0
+--unwind-max 10 --incremental-check main.0 --unwinding-assertions
 ^EXIT=10$
 ^SIGNAL=0$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-incr/Makefile b/regression/cbmc-incr/Makefile
index 08b694ea9b5..4e2123eba72 100644
--- a/regression/cbmc-incr/Makefile
+++ b/regression/cbmc-incr/Makefile
@@ -1,6 +1,6 @@
 default: tests.log
 
-PARAM = --incremental --magic-numbers
+PARAM = --incremental 
 # --refine   --slice-formula
 
 test:
diff --git a/regression/cbmc-incr/unwinding-assertion1/test.desc b/regression/cbmc-incr/unwinding-assertion1/test.desc
index 3ede5ed0f72..901082308b7 100644
--- a/regression/cbmc-incr/unwinding-assertion1/test.desc
+++ b/regression/cbmc-incr/unwinding-assertion1/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---unwind-max 10
+--unwind-max 10 --unwinding-assertions
 ^EXIT=10$
 ^SIGNAL=0$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Free1/test.desc b/regression/cbmc-with-incr/Free1/test.desc
index 02f1049518a..1b942c82d5f 100644
--- a/regression/cbmc-with-incr/Free1/test.desc
+++ b/regression/cbmc-with-incr/Free1/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check
+--pointer-check --stop-on-fail
 ^EXIT=10$
 ^SIGNAL=0$
 ^Counterexample:$
diff --git a/regression/cbmc-with-incr/Free2/test.desc b/regression/cbmc-with-incr/Free2/test.desc
index 02f1049518a..1b942c82d5f 100644
--- a/regression/cbmc-with-incr/Free2/test.desc
+++ b/regression/cbmc-with-incr/Free2/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check
+--pointer-check --stop-on-fail
 ^EXIT=10$
 ^SIGNAL=0$
 ^Counterexample:$
diff --git a/regression/cbmc-with-incr/Free3/test.desc b/regression/cbmc-with-incr/Free3/test.desc
index fd1b888b81d..eabe12ba077 100644
--- a/regression/cbmc-with-incr/Free3/test.desc
+++ b/regression/cbmc-with-incr/Free3/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check
+--pointer-check --stop-on-fail
 ^SIGNAL=0$
 ^Counterexample:$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Free4/test.desc b/regression/cbmc-with-incr/Free4/test.desc
index fd1b888b81d..eabe12ba077 100644
--- a/regression/cbmc-with-incr/Free4/test.desc
+++ b/regression/cbmc-with-incr/Free4/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check
+--pointer-check --stop-on-fail
 ^SIGNAL=0$
 ^Counterexample:$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Function5/test.desc b/regression/cbmc-with-incr/Function5/test.desc
index 50371f73fff..f6388408eb1 100644
--- a/regression/cbmc-with-incr/Function5/test.desc
+++ b/regression/cbmc-with-incr/Function5/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check --bounds-check
+--pointer-check --bounds-check --stop-on-fail
 ^SIGNAL=0$
 ^EXIT=10$
 ^Counterexample:$
diff --git a/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc b/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
index d8033224594..107b8b20b72 100644
--- a/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
+++ b/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
@@ -3,8 +3,9 @@ main.c
 --unwind-max 3 --no-unwinding-assertions --all-properties
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.assertion\.1\] assertion matriz\[\(signed long int\)j\]\[\(signed long int\)k\] <= maior: OK$
-^\[main\.assertion\.2\] assertion matriz\[\(signed long int\)0\]\[\(signed long int\)0\] < maior: FAILED$
-^\*\* 1 of 2 failed \(2 iterations\)$
+
+^\[main\.assertion\.1\] assertion matriz\[(signed long int)j\]\[(signed long int)k\] <= maior: SUCCESS$
+^\[main\.assertion\.2\] assertion matriz\[(signed long int)0\]\[(signed long int)0\] < maior: FAILURE$
+^\*\* 1 of 2 failed (2 iterations)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Overflow_Addition1/test.desc b/regression/cbmc-with-incr/Overflow_Addition1/test.desc
index 5dbaca0c795..19990f58b06 100644
--- a/regression/cbmc-with-incr/Overflow_Addition1/test.desc
+++ b/regression/cbmc-with-incr/Overflow_Addition1/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---signed-overflow-check
+--signed-overflow-check --stop-on-fail
 ^SIGNAL=0$
 ^Counterexample:$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Pointer_Arithmetic5/test.desc b/regression/cbmc-with-incr/Pointer_Arithmetic5/test.desc
index 73810cf4375..9c7aa8bff15 100644
--- a/regression/cbmc-with-incr/Pointer_Arithmetic5/test.desc
+++ b/regression/cbmc-with-incr/Pointer_Arithmetic5/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check --bounds-check --function f
+--pointer-check --bounds-check --function f --stop-on-fail
 ^SIGNAL=0$
 ^Counterexample:$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Pointer_Arithmetic8/test.desc b/regression/cbmc-with-incr/Pointer_Arithmetic8/test.desc
index 0f0f5660f42..4f863e7055e 100644
--- a/regression/cbmc-with-incr/Pointer_Arithmetic8/test.desc
+++ b/regression/cbmc-with-incr/Pointer_Arithmetic8/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check --bounds-check
+--pointer-check --bounds-check --stop-on-fail
 ^SIGNAL=0$
 ^Counterexample:$
 ^VERIFICATION FAILED$
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
index cf4a284351e..e99e8941463 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties --little-endian
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.assertion\.2\] .*: FAILED$
-^\*\* 1 of 2 failed \(2 iterations\)$
+^\[main\.assertion\.2\] .*: FAILURE$
+^\*\* 1 of 2 failed (2 iterations)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
index b2bf0ea5879..83d480509b3 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties --bounds-check --32
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.array_bounds\.5\] array.List upper bound in .*: FAILED$
-^\*\* 1 of 9 failed \(2 iterations\)$
+^\[main\.array_bounds\.5\] array.List upper bound in .*: FAILURE$
+^\*\* 1 of 9 failed (2 iterations)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract8/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract8/test.desc
index a2ae3807cab..be32cac87b7 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract8/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract8/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties --bounds-check --32 --no-simplify
 ^EXIT=0$
 ^SIGNAL=0$
-^\[main\.array_bounds\.5\] array.List upper bound: FAILED$
-^\*\* 1 of 9 failed \(2 iterations\)$
+^\[main\.array_bounds\.5\] array.List upper bound: FAILURE$
+^\*\* 1 of 9 failed (2 iterations)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/String2/test.desc b/regression/cbmc-with-incr/String2/test.desc
index 75352ab9ea5..6ea447bc697 100644
--- a/regression/cbmc-with-incr/String2/test.desc
+++ b/regression/cbmc-with-incr/String2/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
---pointer-check --bounds-check
+--pointer-check --bounds-check --stop-on-fail
 ^EXIT=10$
 ^SIGNAL=0$
 ^Counterexample:$
diff --git a/regression/cbmc-with-incr/Undefined_Function1/test.desc b/regression/cbmc-with-incr/Undefined_Function1/test.desc
index d29ea2fc36e..f84df0453aa 100644
--- a/regression/cbmc-with-incr/Undefined_Function1/test.desc
+++ b/regression/cbmc-with-incr/Undefined_Function1/test.desc
@@ -1,6 +1,6 @@
 CORE
 main.c
-
+--stop-on-fail
 ^SIGNAL=0$
 ^\*\*\*\* WARNING: no body for function f$
 ^Counterexample:$
diff --git a/regression/cbmc-with-incr/pipe1/test.desc b/regression/cbmc-with-incr/pipe1/test.desc
index 95e607f531d..1272da21932 100644
--- a/regression/cbmc-with-incr/pipe1/test.desc
+++ b/regression/cbmc-with-incr/pipe1/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.assertion\.4\] assertion data\[1\]==31: FAILED$
-^\*\* 1 of 5 failed \(2 iterations\)$
+^\[main\.assertion\.4\] assertion data\[1\]==31: FAILURE$
+^\*\* 1 of 5 failed (2 iterations)$
 --
 ^warning: ignoring
diff --git a/src/cbmc/Makefile b/src/cbmc/Makefile
index 4d890b0b5fa..5e1d4880e64 100644
--- a/src/cbmc/Makefile
+++ b/src/cbmc/Makefile
@@ -1,6 +1,8 @@
 SRC = all_properties.cpp \
       bmc.cpp \
       bmc_cover.cpp \
+      bmc_incremental.cpp \
+      bmc_incremental_one_loop.cpp \
       bv_cbmc.cpp \
       cbmc_dimacs.cpp \
       cbmc_languages.cpp \
@@ -11,6 +13,8 @@ SRC = all_properties.cpp \
       fault_localization.cpp \
       show_vcc.cpp \
       symex_bmc.cpp \
+      symex_bmc_incremental.cpp \
+      symex_bmc_incremental_one_loop.cpp \
       symex_coverage.cpp \
       xml_interface.cpp \
       # Empty last line
diff --git a/src/cbmc/all_properties.cpp b/src/cbmc/all_properties.cpp
index bd9c5242dd4..c68a9d67b89 100644
--- a/src/cbmc/all_properties.cpp
+++ b/src/cbmc/all_properties.cpp
@@ -77,7 +77,8 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
       it!=bmc.equation.SSA_steps.end();
       it++)
   {
-    if(it->is_assert())
+    if(it->is_assert() &&
+       it->comment!=SYMEX_CONTINUATION_CHECK)
     {
       irep_idt property_id;
 
@@ -94,6 +95,9 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
       else
         continue;
 
+      //need to convert again as the context of the expression
+      //  may have changed
+      it->cond_literal=solver.convert(it->cond_expr);
       goal_map[property_id].instances.push_back(it);
     }
   }
@@ -102,6 +106,14 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
 
   cover_goalst cover_goals(solver);
 
+  //set activation literal for incremental checking
+  cover_goals.activation_literal=bmc.equation.current_activation_literal();
+
+#if 0
+  std::cout << "cover_goals.activation_literal = "
+            << cover_goals.activation_literal << std::endl;
+#endif
+
   cover_goals.set_message_handler(get_message_handler());
   cover_goals.register_observer(*this);
 
@@ -117,6 +129,7 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
 
   bool error=false;
 
+  solver.set_assumptions(bmc.equation.activate_assertions);
   decision_proceduret::resultt result=cover_goals();
 
   if(result==decision_proceduret::resultt::D_ERROR)
diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index f92483d2441..9313a3182c3 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -49,6 +49,9 @@ void bmct::do_unwind_module()
 
 void bmct::error_trace()
 {
+  if(options.get_bool_option("stop-when-unsat"))
+    return;
+
   status() << "Building error trace" << eom;
 
   goto_tracet &goto_trace=safety_checkert::error_trace;
@@ -217,6 +220,65 @@ void bmct::report_failure()
   }
 }
 
+
+void bmct::slice()
+{
+  if(options.get_option("slice-by-trace")!="")
+  {
+    symex_slice_by_tracet symex_slice_by_trace(ns);
+
+    symex_slice_by_trace.slice_by_trace
+      (options.get_option("slice-by-trace"), equation);
+  }
+  // any properties to check at all?
+  if(equation.has_threads())
+  {
+    // we should build a thread-aware SSA slicer
+    statistics() << "no slicing due to threads" << eom;
+  }
+  else
+  {
+    if(options.get_bool_option("slice-formula"))
+    {
+      ::slice(equation);
+      statistics() << "slicing removed "
+                   << equation.count_ignored_SSA_steps()
+                   << " assignments" << eom;
+    }
+    else
+    {
+      if(options.get_list_option("cover").empty())
+      {
+        simple_slice(equation);
+        statistics() << "simple slicing removed "
+                     << equation.count_ignored_SSA_steps()
+                     << " assignments" << eom;
+      }
+    }
+  }
+  statistics() << "Generated " << symex.total_vccs
+               << " VCC(s), " << symex.remaining_vccs
+               << " remaining after simplification" << eom;
+}
+
+
+safety_checkert::resultt bmct::show(const goto_functionst &goto_functions)
+{
+  if(options.get_bool_option("show-vcc"))
+  {
+    show_vcc();
+    return safety_checkert::resultt::SAFE; // to indicate non-error
+  }
+
+  if(options.get_bool_option("program-only"))
+  {
+    show_program();
+    return safety_checkert::resultt::SAFE;
+  }
+
+  return safety_checkert::resultt::UNKNOWN;
+}
+
 void bmct::show_program()
 {
   unsigned count=1;
@@ -306,11 +368,10 @@ void bmct::show_program()
   }
 }
 
-safety_checkert::resultt bmct::run(
-  const goto_functionst &goto_functions)
+
+safety_checkert::resultt bmct::initialize()
 {
   const std::string mm=options.get_option("mm");
-  std::unique_ptr<memory_model_baset> memory_model;
 
   if(mm.empty() || mm=="sc")
     memory_model=std::unique_ptr<memory_model_baset>(new memory_model_sct(ns));
@@ -323,6 +384,7 @@ safety_checkert::resultt bmct::run(
     error() << "Invalid memory model " << mm
             << " -- use one of sc, tso, pso" << eom;
     return safety_checkert::resultt::ERROR;
+
   }
 
   symex.set_message_handler(get_message_handler());
@@ -338,11 +400,28 @@ safety_checkert::resultt bmct::run(
 
   symex.last_source_location.make_nil();
 
-  try
-  {
     // get unwinding info
     setup_unwind();
 
+  return safety_checkert::resultt::UNKNOWN;
+}
+
+/*******************************************************************\
+
+Function: bmct::step
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: do BMC
+
+\*******************************************************************/
+
+safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
+{
+  try
+  {
     // perform symbolic execution
     symex(goto_functions);
 
@@ -353,8 +432,7 @@ safety_checkert::resultt bmct::run(
       (*memory_model)(equation);
     }
   }
-
-  catch(const std::string &error_str)
+  catch(std::string &error_str)
   {
     messaget message(get_message_handler());
     message.error().source_location=symex.last_source_location;
@@ -382,47 +460,8 @@ safety_checkert::resultt bmct::run(
                << equation.SSA_steps.size()
                << " steps" << eom;
 
-  try
-  {
-    if(options.get_option("slice-by-trace")!="")
-    {
-      symex_slice_by_tracet symex_slice_by_trace(ns);
-
-      symex_slice_by_trace.slice_by_trace
-        (options.get_option("slice-by-trace"), equation);
-    }
-
-    if(equation.has_threads())
-    {
-      // we should build a thread-aware SSA slicer
-      statistics() << "no slicing due to threads" << eom;
-    }
-    else
-    {
-      if(options.get_bool_option("slice-formula"))
-      {
-        slice(equation);
-        statistics() << "slicing removed "
-                     << equation.count_ignored_SSA_steps()
-                     << " assignments" << eom;
-      }
-      else
-      {
-        if(options.get_list_option("cover").empty())
-        {
-          simple_slice(equation);
-          statistics() << "simple slicing removed "
-                       << equation.count_ignored_SSA_steps()
-                       << " assignments" << eom;
-        }
-      }
-    }
-
-    {
-      statistics() << "Generated " << symex.total_vccs
-                   << " VCC(s), " << symex.remaining_vccs
-                   << " remaining after simplification" << eom;
-    }
+  // perform slicing
+  slice();
 
     // coverage report
     std::string cov_out=options.get_option("symex-coverage-report");
@@ -463,46 +502,24 @@ safety_checkert::resultt bmct::run(
       return safety_checkert::resultt::SAFE;
     }
 
-    if(options.get_bool_option("program-only"))
-    {
-      show_program();
-      return safety_checkert::resultt::SAFE;
-    }
-
-    return decide(goto_functions, prop_conv);
-  }
-
-  catch(std::string &error_str)
-  {
-    error() << error_str << eom;
-    return safety_checkert::resultt::ERROR;
-  }
-
-  catch(const char *error_str)
-  {
-    error() << error_str << eom;
-    return safety_checkert::resultt::ERROR;
-  }
-
-  catch(std::bad_alloc)
-  {
-    error() << "Out of memory" << eom;
-    return safety_checkert::resultt::ERROR;
-  }
-}
-
-safety_checkert::resultt bmct::decide(
-  const goto_functionst &goto_functions,
-  prop_convt &prop_conv)
-{
-  prop_conv.set_message_handler(get_message_handler());
-
+  // do all properties
   if(options.get_bool_option("stop-on-fail"))
     return stop_on_fail(goto_functions, prop_conv);
   else
     return all_properties(goto_functions, prop_conv);
 }
 
+
+safety_checkert::resultt bmct::run(
+  const goto_functionst &goto_functions)
+{
+  safety_checkert::resultt result=initialize();
+  if(result!=safety_checkert::resultt::UNKNOWN)
+    return result;
+
+  return step(goto_functions);
+}
+
 safety_checkert::resultt bmct::stop_on_fail(
   const goto_functionst &goto_functions,
   prop_convt &prop_conv)
diff --git a/src/cbmc/bmc.h b/src/cbmc/bmc.h
index e05a4de62f6..25de24f33c6 100644
--- a/src/cbmc/bmc.h
+++ b/src/cbmc/bmc.h
@@ -14,6 +14,7 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include <list>
 #include <map>
+#include <memory>
 
 #include <util/options.h>
 
@@ -26,6 +27,7 @@ Author: Daniel Kroening, kroening@kroening.com
 #include <langapi/language_ui.h>
 #include <goto-symex/symex_target_equation.h>
 #include <goto-programs/safety_checker.h>
+#include <goto-symex/memory_model.h>
 
 #include "symex_bmc.h"
 
@@ -41,24 +43,31 @@ class bmct:public safety_checkert
     options(_options),
     ns(_symbol_table, new_symbol_table),
     equation(ns),
-    symex(ns, new_symbol_table, equation),
+    symex_ptr(new symex_bmct(ns, new_symbol_table, equation)),
     prop_conv(_prop_conv),
     ui(ui_message_handlert::uit::PLAIN)
+
   {
     symex.constant_propagation=options.get_bool_option("propagation");
     symex.record_coverage=
       !options.get_option("symex-coverage-report").empty();
   }
 
-  virtual resultt run(const goto_functionst &goto_functions);
   virtual ~bmct() { }
 
   // additional stuff
   expr_listt bmc_constraints;
 
+
   void set_ui(language_uit::uit _ui) { ui=_ui; }
+  friend class cbmc_satt;
+  friend class hw_cbmc_satt;
+  friend class counterexample_beautification_greedyt;
+
 
   // the safety_checkert interface
+  // ENHANCE: it would be reasonable to pass the goto_functions
+  //   parameter to the constructor
   virtual resultt operator()(
     const goto_functionst &goto_functions)
   {
@@ -66,12 +75,31 @@ class bmct:public safety_checkert
   }
 
 protected:
+  bmct(
+    const optionst &_options,
+    const symbol_tablet &_symbol_table,
+    message_handlert &_message_handler,
+    prop_convt& _prop_conv,
+    symex_bmct *_symex_ptr):
+    safety_checkert(ns, _message_handler),
+    options(_options),
+    ns(_symbol_table, new_symbol_table),
+    equation(ns),
+    symex_ptr(_symex_ptr),
+    prop_conv(_prop_conv),
+    ui(ui_message_handlert::PLAIN),
+    symex(dynamic_cast<symex_bmct &>(*symex_ptr))
+  {
+    symex.constant_propagation=options.get_bool_option("propagation");
+  }
+
   const optionst &options;
   symbol_tablet new_symbol_table;
   namespacet ns;
   symex_target_equationt equation;
-  symex_bmct symex;
+  symex_bmct *symex_ptr;
   prop_convt &prop_conv;
+  std::unique_ptr<memory_model_baset> memory_model;
 
   // use gui format
   language_uit::uit ui;
@@ -79,15 +107,22 @@ class bmct:public safety_checkert
   virtual decision_proceduret::resultt
     run_decision_procedure(prop_convt &prop_conv);
 
-  virtual resultt decide(
-    const goto_functionst &,
-    prop_convt &);
-
   // unwinding
   virtual void setup_unwind();
   virtual void do_unwind_module();
   void do_conversion();
 
+  // run
+  virtual resultt run(const goto_functionst &goto_functions);
+
+  // decomposed run
+  virtual resultt initialize();
+  virtual resultt step(const goto_functionst &goto_functions);
+
+  // functions used in run
+  virtual void slice();
+  virtual resultt show(const goto_functionst &goto_functions);
+
   virtual void show_vcc();
   virtual void show_vcc_plain(std::ostream &out);
   virtual void show_vcc_json(std::ostream &out);
@@ -114,6 +149,9 @@ class bmct:public safety_checkert
   friend class bmc_all_propertiest;
   friend class bmc_covert;
   friend class fault_localizationt;
+
+private:
+  symex_bmct &symex;
 };
 
 #endif // CPROVER_CBMC_BMC_H
diff --git a/src/cbmc/bmc_incremental.cpp b/src/cbmc/bmc_incremental.cpp
new file mode 100644
index 00000000000..367fbf9e115
--- /dev/null
+++ b/src/cbmc/bmc_incremental.cpp
@@ -0,0 +1,166 @@
+/*******************************************************************\
+
+Module: Incremental Symbolic Execution of ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#include <limits>
+
+#include <goto-symex/slice.h>
+
+#include "bmc_incremental.h"
+
+/*******************************************************************\
+
+Function: bmc_incrementalt::step
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: run incremental BMC loop
+
+\*******************************************************************/
+
+safety_checkert::resultt bmc_incrementalt::step(
+  const goto_functionst &goto_functions)
+{
+  try
+  {
+    // We count only new assertions.
+    symex.total_vccs=0;
+    symex.remaining_vccs=0;
+
+    // perform symbolic execution
+    bool symex_done=
+      symex(
+        symex_state,goto_functions,
+        goto_functions.function_map.at(goto_functions.entry_point()).body);
+
+    // add a partial ordering, if required
+    if(equation.has_threads())
+    {
+      memory_model->set_message_handler(get_message_handler());
+      (*memory_model)(equation);
+    }
+
+    statistics() << "size of program expression: "
+                 << equation.SSA_steps.size()
+                 << " steps" << eom;
+
+    undo_slice(equation); // undo all previous slicings
+
+    slice();
+
+    resultt result=show(goto_functions);
+    if(result!=UNKNOWN)
+      return result;
+
+    // any properties to check at all?
+    if(symex.remaining_vccs==0)
+    {
+      report_success();
+      result=safety_checkert::SAFE;
+    }
+    else
+    {
+      if(options.get_bool_option("stop-on-fail"))
+        result=stop_on_fail(goto_functions, prop_conv);
+      else
+        result=all_properties(goto_functions, prop_conv);
+    }
+
+    resultt term_cond=
+      options.get_bool_option("stop-when-unsat") ?
+        safety_checkert::UNSAFE : safety_checkert::SAFE;
+    return result==term_cond && !symex_done ? safety_checkert::UNKNOWN : result;
+  }
+
+  catch(std::string &error_str)
+  {
+    error() << error_str << eom;
+    return safety_checkert::ERROR;
+  }
+
+  catch(const char *error_str)
+  {
+    error() << error_str << eom;
+    return safety_checkert::ERROR;
+  }
+
+  catch(std::bad_alloc)
+  {
+    error() << "Out of memory" << eom;
+    return safety_checkert::ERROR;
+  }
+
+  assert(false);
+}
+
+/*******************************************************************\
+
+Function: bmc_incrementalt::run
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: run incremental BMC loop
+
+\*******************************************************************/
+
+safety_checkert::resultt bmc_incrementalt::run(
+  const goto_functionst &goto_functions)
+{
+  safety_checkert::resultt result=initialize();
+  while(result==safety_checkert::UNKNOWN)
+  {
+    result=step();
+
+    // check unwinding assertions
+    if(result==safety_checkert::UNKNOWN &&
+       symex.add_loop_check())
+    {
+      resultt loop_check_result=
+        stop_on_fail(goto_functions, prop_conv);
+      bool earliest_loop_exit=
+        options.get_bool_option("earliest-loop-exit");
+      if(loop_check_result==SAFE)
+        symex.update_loop_info(earliest_loop_exit ? false : true);
+      else if(loop_check_result==UNSAFE)
+        symex.update_loop_info(earliest_loop_exit ? true : false);
+    }
+  }
+
+  return result;
+}
+
+/*******************************************************************\
+
+Function: bmc_incrementalt::setup_unwind
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+void bmc_incrementalt::setup_unwind()
+{
+  bmct::setup_unwind();
+
+  if(options.get_option("unwind-min")!="")
+    symex.incr_min_unwind=options.get_unsigned_int_option("unwind-min");
+  if(options.get_option("unwind-max")!="")
+    symex.incr_max_unwind=options.get_unsigned_int_option("unwind-max");
+  else
+    symex.incr_max_unwind=std::numeric_limits<unsigned>::max();
+
+  status() << "Using incremental mode" << eom;
+  prop_conv.set_all_frozen();
+  equation.is_incremental=true;
+}
diff --git a/src/cbmc/bmc_incremental.h b/src/cbmc/bmc_incremental.h
new file mode 100644
index 00000000000..0ed1a5db311
--- /dev/null
+++ b/src/cbmc/bmc_incremental.h
@@ -0,0 +1,67 @@
+ /*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C  HDL
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+ \*******************************************************************/
+
+#ifndef CPROVER_CBMC_BMC_INCREMENTAL_H
+#define CPROVER_CBMC_BMC_INCREMENTAL_H
+
+#include <list>
+#include <map>
+
+#include <util/options.h>
+
+#include <solvers/prop/prop_conv.h>
+#include <goto-symex/symex_target_equation.h>
+
+#include "symex_bmc_incremental.h"
+#include "bv_cbmc.h"
+#include "bmc.h"
+
+class bmc_incrementalt:public bmct
+{
+public:
+  bmc_incrementalt(
+    const optionst &_options,
+    const symbol_tablet &_symbol_table,
+    message_handlert &_message_handler,
+    prop_convt& _prop_conv,
+    const goto_functionst &_goto_functions):
+    bmct(
+      _options,
+      _symbol_table,
+      _message_handler,
+      _prop_conv,
+      new symex_bmc_incrementalt(ns, new_symbol_table, equation)),
+    goto_functions(_goto_functions),
+    symex(dynamic_cast<symex_bmc_incrementalt &>(*symex_ptr))  
+  {}
+
+  virtual ~bmc_incrementalt() { }
+
+  // make public
+  virtual resultt run() { return run(goto_functions); }
+  virtual resultt initialize() { return bmct::initialize(); }
+  virtual resultt step() { return step(goto_functions); }
+
+protected:
+  const goto_functionst &goto_functions;
+
+  // ENHANCE: move this into symex_bmc
+  goto_symext::statet symex_state;
+
+  // overload
+  virtual resultt run(const goto_functionst &goto_functions);
+  virtual resultt step(const goto_functionst &goto_functions);
+
+  // unwinding
+  virtual void setup_unwind();
+
+ private:
+  symex_bmc_incrementalt &symex;
+};
+
+#endif
diff --git a/src/cbmc/bmc_incremental_one_loop.cpp b/src/cbmc/bmc_incremental_one_loop.cpp
new file mode 100644
index 00000000000..3355d2ce632
--- /dev/null
+++ b/src/cbmc/bmc_incremental_one_loop.cpp
@@ -0,0 +1,157 @@
+/*******************************************************************\
+
+Module: Incremental Symbolic Execution of ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#include <goto-symex/slice.h>
+
+#include "bmc_incremental_one_loop.h"
+
+/*******************************************************************\
+
+Function: bmc_incremental_one_loopt::step
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: run incremental BMC loop
+
+ \*******************************************************************/
+
+safety_checkert::resultt bmc_incremental_one_loopt::step(
+  const goto_functionst &goto_functions)
+{
+  try
+  {
+    // We count only new assertions.
+    symex.total_vccs=0;
+    symex.remaining_vccs=0;
+
+    // perform symbolic execution
+    bool symex_done=
+      symex(
+        symex_state,goto_functions,
+        goto_functions.function_map.at(goto_functions.entry_point()).body);
+
+    // add a partial ordering, if required
+    if(equation.has_threads())
+    {
+      memory_model->set_message_handler(get_message_handler());
+      (*memory_model)(equation);
+    }
+
+    statistics() << "size of program expression: "
+                 << equation.SSA_steps.size()
+                 << " steps" << eom;
+
+    undo_slice(equation); // undo all previous slicings
+
+    // perform slicing
+    slice();
+
+    // do diverse other options
+    {
+      resultt result=show(goto_functions);
+      if(result!=safety_checkert::UNKNOWN)
+        return result;
+    }
+
+    resultt result=safety_checkert::UNKNOWN;
+
+    // any properties to check at all?
+    if(symex.remaining_vccs==0)
+    {
+      report_success();
+      result=safety_checkert::SAFE;
+    }
+    else
+    {
+      if(options.get_bool_option("stop-on-fail"))
+        result=stop_on_fail(goto_functions, prop_conv);
+      else
+        result=all_properties(goto_functions, prop_conv);
+    }
+
+    resultt term_cond=
+      options.get_bool_option("stop-when-unsat") ?
+        safety_checkert::UNSAFE : safety_checkert::SAFE;
+    return result==term_cond && !symex_done ? safety_checkert::UNKNOWN : result;
+  }
+
+  catch(std::string &error_str)
+  {
+    error() << error_str << eom;
+    return safety_checkert::ERROR;
+  }
+
+  catch(const char *error_str)
+  {
+    error() << error_str << eom;
+    return safety_checkert::ERROR;
+  }
+
+  catch(std::bad_alloc)
+  {
+    error() << "Out of memory" << eom;
+    return safety_checkert::ERROR;
+  }
+
+  assert(false);
+}
+
+/*******************************************************************\
+
+Function: bmc_incremental_one_loopt::run
+
+  Inputs:
+
+ Outputs:
+
+ Purpose: run incremental BMC loop
+
+\*******************************************************************/
+
+safety_checkert::resultt bmc_incremental_one_loopt::run(
+  const goto_functionst &goto_functions)
+{
+  safety_checkert::resultt result=initialize();
+  while(result==safety_checkert::UNKNOWN)
+  {
+    result=step(goto_functions);
+  }
+
+  return result;
+}
+
+/*******************************************************************\
+
+Function: bmc_incremental_one_loopt::setup_unwind
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+void bmc_incremental_one_loopt::setup_unwind()
+{
+  bmct::setup_unwind();
+
+  if(options.get_option("unwind-min")!="")
+    symex.incr_min_unwind=options.get_unsigned_int_option("unwind-min");
+  if(options.get_option("unwind-max")!="")
+    symex.incr_max_unwind=options.get_unsigned_int_option("unwind-max");
+  symex.ignore_assertions=(symex.incr_min_unwind>=2) &&
+    options.get_bool_option("ignore-assertions-before-unwind-min");
+  symex.incr_loop_id=options.get_option("incremental-check");
+
+  status() << "Using incremental mode" << eom;
+  prop_conv.set_all_frozen();
+  equation.is_incremental=true;
+}
diff --git a/src/cbmc/bmc_incremental_one_loop.h b/src/cbmc/bmc_incremental_one_loop.h
new file mode 100644
index 00000000000..cdc8f194027
--- /dev/null
+++ b/src/cbmc/bmc_incremental_one_loop.h
@@ -0,0 +1,69 @@
+/*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C  HDL
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#ifndef CPROVER_CBMC_BMC_INCREMENTAL_ONE_LOOP_H
+#define CPROVER_CBMC_BMC_INCREMENTAL_ONE_LOOP_H
+
+#include <list>
+#include <map>
+
+#include <util/options.h>
+
+#include <solvers/prop/prop_conv.h>
+#include <goto-symex/symex_target_equation.h>
+
+#include "symex_bmc_incremental_one_loop.h"
+#include "bv_cbmc.h"
+#include "bmc.h"
+#include <goto-symex/memory_model.h>
+
+class bmc_incremental_one_loopt:public bmct
+{
+public:
+  bmc_incremental_one_loopt(
+    const optionst &_options,
+    const symbol_tablet &_symbol_table,
+    message_handlert &_message_handler,
+    prop_convt& _prop_conv,
+    const goto_functionst &_goto_functions):
+    bmct(
+      _options,
+      _symbol_table,
+      _message_handler,
+      _prop_conv,
+      new symex_bmc_incremental_one_loopt(
+        ns, new_symbol_table, equation, prop_conv)),
+    goto_functions(_goto_functions),
+    symex(dynamic_cast<symex_bmc_incremental_one_loopt &>(*symex_ptr))
+  {}
+
+  virtual ~bmc_incremental_one_loopt() {}
+
+  // make public
+  virtual resultt run() { return run(goto_functions); }
+  virtual resultt initialize() { return bmct::initialize(); }
+  virtual resultt step() { return step(goto_functions); }
+
+protected:
+  const goto_functionst &goto_functions;
+
+  // ENHANCE: move this into symex_bmc
+  goto_symext::statet symex_state;
+
+  // overload
+  virtual resultt run(const goto_functionst &goto_functions);
+  virtual resultt step(const goto_functionst &goto_functions);
+
+  // unwinding
+  virtual void setup_unwind();
+
+private:
+  symex_bmc_incremental_one_loopt &symex;
+};
+
+#endif
diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index 53bb20e8b58..acd4f4829a9 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -221,7 +221,10 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
   }
   if(cmdline.isset("earliest-loop-exit"))
     options.set_option("earliest-loop-exit", true);
+<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
   // heuristic unwinding numbers used for SV-COMP
+=======
+>>>>>>> HEAD~15
   if(cmdline.isset("magic-numbers"))
     options.set_option("magic-numbers", true);
 
@@ -1173,6 +1176,8 @@ void cbmc_parse_optionst::help()
     " --yices                      use Yices\n"
     " --z3                         use Z3\n"
     " --refine                     use refinement procedure (experimental)\n"
+    " --refine-arrays              use refinement procedure for arrays (experimental)\n"
+    " --refine-arithmetic          use refinement procedure for arithmetic (experimental)\n"
     " --outfile filename           output formula to given file\n"
     " --arrays-uf-never            never turn arrays into uninterpreted functions\n" // NOLINT(*)
     " --arrays-uf-always           always turn arrays into uninterpreted functions\n" // NOLINT(*)
diff --git a/src/cbmc/cbmc_parse_options.h b/src/cbmc/cbmc_parse_options.h
index d95e60eb25b..453a6e5e5c2 100644
--- a/src/cbmc/cbmc_parse_options.h
+++ b/src/cbmc/cbmc_parse_options.h
@@ -52,6 +52,10 @@ class optionst;
   "(nondet-static)" \
   "(version)" \
   "(cover):(symex-coverage-report):" \
+  "(incremental-check):(incremental)(earliest-loop-exit)" \
+  "(ignore-assertions-before-unwind-min)(stop-when-unsat)" \
+  "(unwind-max):(unwind-min):" \
+  "(magic-numbers)" \
   "(mm):" \
   "(i386-linux)(i386-macos)(i386-win32)(win32)(winx64)(gcc)" \
   "(ppc-macos)(unsigned-char)" \
diff --git a/src/cbmc/fault_localization.cpp b/src/cbmc/fault_localization.cpp
index 2beae26ff79..fe4bfe92f6f 100644
--- a/src/cbmc/fault_localization.cpp
+++ b/src/cbmc/fault_localization.cpp
@@ -229,7 +229,8 @@ fault_localizationt::run_decision_procedure(prop_convt &prop_conv)
   return dec_result;
 }
 
-safety_checkert::resultt fault_localizationt::stop_on_fail()
+
+safety_checkert::resultt fault_localizationt::stop_on_fail(bool show_report)
 {
   switch(run_decision_procedure(bmc.prop_conv))
   {
@@ -260,6 +261,7 @@ safety_checkert::resultt fault_localizationt::stop_on_fail()
 
     return safety_checkert::resultt::ERROR;
   }
+  assert(false);
 }
 
 void fault_localizationt::goal_covered(
diff --git a/src/cbmc/fault_localization.h b/src/cbmc/fault_localization.h
index 0c3ec090153..b4e3791351b 100644
--- a/src/cbmc/fault_localization.h
+++ b/src/cbmc/fault_localization.h
@@ -40,7 +40,7 @@ class fault_localizationt:
   }
 
   safety_checkert::resultt operator()();
-  safety_checkert::resultt stop_on_fail();
+  safety_checkert::resultt stop_on_fail(bool show_report=true);
 
   // override bmc_all_propertiest
   virtual void goal_covered(const cover_goalst::goalt &);
diff --git a/src/cbmc/symex_bmc.cpp b/src/cbmc/symex_bmc.cpp
index ce6afc9dfa2..86a4f87259d 100644
--- a/src/cbmc/symex_bmc.cpp
+++ b/src/cbmc/symex_bmc.cpp
@@ -28,7 +28,7 @@ symex_bmct::symex_bmct(
 }
 
 /// show progress
-void symex_bmct::symex_step(
+bool symex_bmct::symex_step(
   const goto_functionst &goto_functions,
   statet &state)
 {
@@ -62,7 +62,7 @@ void symex_bmct::symex_step(
     statistics() << eom;
   }
 
-  goto_symext::symex_step(goto_functions, state);
+  bool symex_step_result =  goto_symext::symex_step(goto_functions, state);
 
   if(record_coverage &&
      // avoid an invalid iterator in state.source.pc
@@ -82,6 +82,7 @@ void symex_bmct::symex_step(
     else if(!state.guard.is_false())
       symex_coverage.covered(cur_pc, state.source.pc);
   }
+  return symex_step_result;
 }
 
 void symex_bmct::merge_goto(
@@ -101,6 +102,7 @@ void symex_bmct::merge_goto(
      // branches only, no single-successor goto
      !prev_pc->guard.is_true())
     symex_coverage.covered(prev_pc, state.source.pc);
+
 }
 
 bool symex_bmct::get_unwind(
diff --git a/src/cbmc/symex_bmc.h b/src/cbmc/symex_bmc.h
index b8d23a52719..b72c3f067f1 100644
--- a/src/cbmc/symex_bmc.h
+++ b/src/cbmc/symex_bmc.h
@@ -14,6 +14,8 @@ Author: Daniel Kroening, kroening@kroening.com
 
 #include <util/message.h>
 
+#include <langapi/language_ui.h>
+
 #include <goto-symex/goto_symex.h>
 
 #include "symex_coverage.h"
@@ -28,6 +30,8 @@ class symex_bmct:
     symbol_tablet &_new_symbol_table,
     symex_targett &_target);
 
+  void set_ui(language_uit::uit _ui) { ui=_ui; }
+
   // To show progress
   source_locationt last_source_location;
 
@@ -64,6 +68,9 @@ class symex_bmct:
   bool record_coverage;
 
 protected:
+  // use gui format
+  language_uit::uit ui;
+
   // We have
   // 1) a global limit (max_unwind)
   // 2) a limit per loop, all threads
@@ -82,7 +89,7 @@ class symex_bmct:
   //
   // overloaded from goto_symext
   //
-  virtual void symex_step(
+  virtual bool symex_step(
     const goto_functionst &goto_functions,
     statet &state);
 
diff --git a/src/cbmc/symex_bmc_incremental.cpp b/src/cbmc/symex_bmc_incremental.cpp
new file mode 100644
index 00000000000..467f2fb6488
--- /dev/null
+++ b/src/cbmc/symex_bmc_incremental.cpp
@@ -0,0 +1,314 @@
+/*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#include <limits>
+
+#include <util/source_location.h>
+
+#include "symex_bmc_incremental.h"
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::symex_bmct
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+symex_bmc_incrementalt::symex_bmc_incrementalt(
+  const namespacet &_ns,
+  symbol_tablet &_new_symbol_table,
+  symex_targett &_target):
+  symex_bmct(_ns, _new_symbol_table, _target)
+{
+  magic_numbers.insert(0);
+  magic_numbers.insert(1);
+  magic_numbers.insert(2);
+  magic_numbers.insert(6);
+  magic_numbers.insert(12);
+  magic_numbers.insert(17);
+  magic_numbers.insert(21);
+  magic_numbers.insert(40);
+  magic_numbers.insert(60);
+  magic_numbers.insert(80);
+  magic_numbers.insert(100);
+  magic_numbers.insert(200);
+  magic_numbers.insert(1025);
+}
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::get_unwind
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+bool symex_bmc_incrementalt::get_unwind(
+  const symex_targett::sourcet &source,
+  unsigned unwind)
+{
+  const irep_idt id=goto_programt::loop_id(source.pc);
+
+  // We use the most specific limit we have,
+  // and 'infinity' when we have none.
+
+  unsigned this_loop_limit=std::numeric_limits<unsigned>::max();
+
+  loop_limitst &this_thread_limits=
+    thread_loop_limits[source.thread_nr];
+
+  loop_limitst::const_iterator l_it=this_thread_limits.find(id);
+  if(l_it!=this_thread_limits.end())
+    this_loop_limit=l_it->second;
+  else
+  {
+    l_it=loop_limits.find(id);
+    if(l_it!=loop_limits.end())
+      this_loop_limit=l_it->second;
+    else if(max_unwind_is_set)
+      this_loop_limit=max_unwind;
+  }
+
+  // use the incremental limits if
+  // it is the specified incremental loop or
+  // there was no non-incremental limit
+  if(this_loop_limit==std::numeric_limits<unsigned>::max())
+  {
+    this_loop_limit=incr_max_unwind;
+    if(unwind+1>=incr_min_unwind)
+      ignore_assertions=false;
+  }
+
+  bool abort=unwind>=this_loop_limit;
+
+  statistics() << (abort?"Not unwinding":"Unwinding")
+               << " loop " << id << " iteration "
+               << unwind;
+
+  if(this_loop_limit!=std::numeric_limits<unsigned>::max())
+    statistics() << " (" << this_loop_limit << " max)";
+
+  statistics() << " " << source.pc->source_location
+               << " thread " << source.thread_nr << eom;
+
+  return abort;
+}
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::get_unwind_recursion
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+bool symex_bmc_incrementalt::get_unwind_recursion(
+  const irep_idt &id,
+  const unsigned thread_nr,
+  unsigned unwind)
+{
+  // We use the most specific limit we have,
+  // and 'infinity' when we have none.
+
+  unsigned this_loop_limit=std::numeric_limits<unsigned>::max();
+
+  loop_limitst &this_thread_limits=
+    thread_loop_limits[thread_nr];
+
+  loop_limitst::const_iterator l_it=this_thread_limits.find(id);
+  if(l_it!=this_thread_limits.end())
+    this_loop_limit=l_it->second;
+  else
+  {
+    l_it=loop_limits.find(id);
+    if(l_it!=loop_limits.end())
+      this_loop_limit=l_it->second;
+    else if(max_unwind_is_set)
+      this_loop_limit=max_unwind;
+  }
+
+  // use the incremental limits if
+  // it is the specified incremental loop or
+  // there was no non-incremental limit
+  if(this_loop_limit==std::numeric_limits<unsigned>::max())
+  {
+    this_loop_limit=incr_max_unwind;
+    if(unwind+1>=incr_min_unwind)
+      ignore_assertions=false;
+  }
+
+  bool abort=unwind>this_loop_limit;
+
+  if(unwind>0 || abort)
+  {
+    const symbolt &symbol=ns.lookup(id);
+
+    statistics() << (abort?"Not unwinding":"Unwinding")
+                 << " recursion "
+                 << symbol.display_name()
+                 << " iteration " << unwind;
+
+    if(this_loop_limit!=std::numeric_limits<unsigned>::max())
+      statistics() << " (" << this_loop_limit << " max)";
+
+    statistics() << eom;
+  }
+
+  return abort;
+}
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::check_break
+
+ Inputs: source of the current symbolic execution state
+
+ Outputs: true if the back edge encountered during symbolic execution
+            corresponds to the a loop that is handled incrementally
+
+ Purpose: defines condition for interrupting symbolic execution
+            for incremental BMC
+
+\*******************************************************************/
+
+bool symex_bmc_incrementalt::check_break(
+  const irep_idt &id,
+  bool is_function,
+  statet &state,
+  const exprt &cond,
+  unsigned unwind)
+{
+  if(unwind<incr_min_unwind)
+    return false;
+
+#if 0
+  std::cout << "loop limit for " << id
+            << (loop_limits.find(id)!=loop_limits.end() ?
+               " exists" : " does not exist") << std::endl;
+#endif
+
+  loop_limitst &this_thread_limits=
+    thread_loop_limits[state.source.thread_nr];
+  if(this_thread_limits.find(id)==this_thread_limits.end() &&
+     loop_limits.find(id)==loop_limits.end())
+  {
+#if 0
+    std::cout << "not statically unwound" << std::endl;
+    // not a statically unwound loop when --incremental
+#endif
+
+    if(loop_cond.checked_function)
+    {
+      loop_cond.checked_function=false;
+      return false;
+    }
+
+    // continue symexing until the next magic unwinding number is reached
+    if(options.get_bool_option("magic-numbers") &&
+         magic_numbers.find(unwind)==magic_numbers.end())
+    {
+      return false;
+    }
+
+    // memorize unwinding assertion for loop check
+    exprt simplified_cond=not_exprt(cond);
+    do_simplify(simplified_cond);
+    state.rename(simplified_cond, ns);
+    state.guard.guard_expr(simplified_cond);
+
+    loop_cond.id=id;
+    loop_cond.cond=simplified_cond;
+    loop_cond.guard=state.guard.as_expr();
+    loop_cond.loop_info=&(state.top().loop_iterations[id]);
+    loop_cond.source=state.source;
+    if(is_function)
+      loop_cond.checked_function=true;
+
+    return true;
+  }
+
+  return false;
+}
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::add_loop_check
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+bool symex_bmc_incrementalt::add_loop_check()
+{
+  status() << "Checking loop/recursive call " << loop_cond.id << eom;
+
+#if 0
+  debug() << "Loop/recursive call condition: "
+          << from_expr(ns, "", loop_cond.cond) << eom;
+#endif
+
+  if(loop_cond.cond.is_false())
+  {
+    debug() << "Loop/recursive call " << loop_cond.id
+            << " not fully unwound" << eom;
+    return false;
+  }
+
+  if(options.get_bool_option("earliest-loop-exit"))
+    target.assertion(
+      loop_cond.guard,
+      not_exprt(loop_cond.cond),
+      SYMEX_CONTINUATION_CHECK,
+      loop_cond.source);
+  else
+    target.assertion(
+      loop_cond.guard,
+      loop_cond.cond,
+      SYMEX_CONTINUATION_CHECK,
+      loop_cond.source);
+
+  return true;
+}
+
+/*******************************************************************\
+
+Function: symex_bmc_incrementalt::update_loop_info
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+void symex_bmc_incrementalt::update_loop_info(bool fully_unwound)
+{
+  status() << "Loop/recursive call " << loop_cond.id
+           << (fully_unwound ? " fully unwound" : " not fully unwound") << eom;
+
+  loop_cond.loop_info->fully_unwound=fully_unwound;
+  loop_cond.id="";
+}
diff --git a/src/cbmc/symex_bmc_incremental.h b/src/cbmc/symex_bmc_incremental.h
new file mode 100644
index 00000000000..97700fd3309
--- /dev/null
+++ b/src/cbmc/symex_bmc_incremental.h
@@ -0,0 +1,67 @@
+/*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#ifndef CPROVER_CBMC_SYMEX_BMC_INCREMENTAL_H
+#define CPROVER_CBMC_SYMEX_BMC_INCREMENTAL_H
+
+#include "symex_bmc.h"
+
+class symex_bmc_incrementalt:
+  public symex_bmct
+{
+ public:
+  symex_bmc_incrementalt(
+    const namespacet &_ns,
+    symbol_tablet &_new_symbol_table,
+    symex_targett &_target);
+
+  unsigned incr_max_unwind;
+  unsigned incr_min_unwind;
+
+  bool add_loop_check();
+  void update_loop_info(bool fully_unwound);
+
+protected:
+  // incremental unwinding
+
+  // returns true if the symbolic execution is to be interrupted for checking
+  virtual bool check_break(
+    const irep_idt &id,
+    bool is_function,
+    statet &state,
+    const exprt &cond,
+    unsigned unwind);
+
+  // stores info to check whether loop has been fully unwound
+  typedef struct
+  {
+    irep_idt id;
+    exprt guard;
+    exprt cond;
+    goto_symex_statet::framet::loop_infot *loop_info;
+    symex_targett::sourcet source;
+    bool checked_function;
+  } loop_condt;
+
+  loop_condt loop_cond;
+
+  // set of unwindings to check incrementally
+  std::set<unsigned> magic_numbers;
+
+  // for loop unwinding
+  virtual bool get_unwind(
+    const symex_targett::sourcet &source,
+    unsigned unwind);
+
+  virtual bool get_unwind_recursion(
+    const irep_idt &identifier,
+    const unsigned thread_nr,
+    unsigned unwind);
+};
+
+#endif
diff --git a/src/cbmc/symex_bmc_incremental_one_loop.cpp b/src/cbmc/symex_bmc_incremental_one_loop.cpp
new file mode 100644
index 00000000000..da6ab103df7
--- /dev/null
+++ b/src/cbmc/symex_bmc_incremental_one_loop.cpp
@@ -0,0 +1,132 @@
+/*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#include <limits>
+#include <iostream>
+
+#include <util/source_location.h>
+#include <util/xml.h>
+
+#include "symex_bmc_incremental_one_loop.h"
+
+/*******************************************************************\
+
+Function: symex_bmct::get_unwind
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+bool symex_bmc_incremental_one_loopt::get_unwind(
+  const symex_targett::sourcet &source,
+  unsigned unwind)
+{
+  const irep_idt id=goto_programt::loop_id(source.pc);
+
+  // We use the most specific limit we have,
+  // and 'infinity' when we have none.
+
+  unsigned this_loop_limit=std::numeric_limits<unsigned>::max();
+
+  loop_limitst &this_thread_limits=
+    thread_loop_limits[source.thread_nr];
+
+  loop_limitst::const_iterator l_it=this_thread_limits.find(id);
+  if(l_it!=this_thread_limits.end())
+    this_loop_limit=l_it->second;
+  else
+  {
+    l_it=loop_limits.find(id);
+    if(l_it!=loop_limits.end())
+      this_loop_limit=l_it->second;
+    else if(max_unwind_is_set)
+      this_loop_limit=max_unwind;
+  }
+
+  // use the incremental limits if
+  // it is the specified incremental loop or
+  // there was no non-incremental limit
+  if(id==incr_loop_id)
+  {
+    this_loop_limit=incr_max_unwind;
+    if(unwind+1>=incr_min_unwind)
+      ignore_assertions=false;
+  }
+
+  bool abort=unwind>=this_loop_limit;
+
+  // report where we are
+  if(ui==ui_message_handlert::XML_UI)
+  {
+    xmlt xml("current-unwinding");
+    xml.data=std::to_string(unwind);
+    std::cout << xml << "\n";
+  }
+
+  statistics() << (abort?"Not unwinding":"Unwinding")
+               << " loop " << id << " iteration "
+               << unwind;
+
+  if(this_loop_limit!=std::numeric_limits<unsigned>::max())
+    statistics() << " (" << this_loop_limit << " max)";
+
+  statistics() << " " << source.pc->source_location
+               << " thread " << source.thread_nr << eom;
+
+  return abort;
+}
+
+ /*******************************************************************\
+
+Function: symex_bmct::check_break
+
+ Inputs: source of the current symbolic execution state
+
+ Outputs: true if the back edge encountered during symbolic execution
+            corresponds to the given loop (incr_loop_id)
+
+ Purpose: defines condition for interrupting symbolic execution
+            for incremental BMC
+
+\*******************************************************************/
+
+bool symex_bmc_incremental_one_loopt::check_break(
+  const irep_idt &id,
+  bool is_function,
+  statet &state,
+  const exprt &cond,
+  unsigned unwind)
+{
+  if(unwind<incr_min_unwind)
+    return false;
+
+#if 0
+  bool loop_limit_exists=loop_limits.find(id)!=loop_limits.end();
+  std::cout << "loop limit for " << id
+            << (loop_limit_exists ? " exists" : " does not exist") << std::endl;
+#endif
+
+#if 0
+  loop_limitst &this_thread_limits=
+    thread_loop_limits[state.source.thread_nr];
+  if(incr_loop_id=="" &&
+     this_thread_limits.find(id)==this_thread_limits.end() &&
+     loop_limits.find(id)==loop_limits.end())
+  {
+    std::cout << "not statically unwound" << std::endl;
+    // not a statically unwound loop when incremental
+  }
+#endif
+
+  // loop specified by incrementalcheck
+  return (id==incr_loop_id);
+}
diff --git a/src/cbmc/symex_bmc_incremental_one_loop.h b/src/cbmc/symex_bmc_incremental_one_loop.h
new file mode 100644
index 00000000000..501b0f817fa
--- /dev/null
+++ b/src/cbmc/symex_bmc_incremental_one_loop.h
@@ -0,0 +1,60 @@
+/*******************************************************************\
+
+Module: Incremental Bounded Model Checking for ANSI-C
+
+Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
+
+\*******************************************************************/
+
+#ifndef CPROVER_CBMC_SYMEX_BMC_INCREMENTAL_ONE_LOOP_H
+#define CPROVER_CBMC_SYMEX_BMC_INCREMENTAL_ONE_LOOP_H
+
+#include <limits>
+
+#include <util/message.h>
+
+#include <solvers/prop/prop_conv.h>
+
+#include "symex_bmc.h"
+
+class symex_bmc_incremental_one_loopt:
+  public symex_bmct
+{
+public:
+  symex_bmc_incremental_one_loopt(
+    const namespacet &_ns,
+    symbol_tablet &_new_symbol_table,
+    symex_targett &_target,
+    prop_convt& _prop_conv):
+    symex_bmct(_ns, _new_symbol_table, _target),
+    ignore_assertions(false),
+    incr_loop_id(""),
+    incr_max_unwind(std::numeric_limits<unsigned>::max()),
+    incr_min_unwind(0),
+    prop_conv(_prop_conv)
+  {}
+
+  bool ignore_assertions;
+  irep_idt incr_loop_id;
+  unsigned incr_max_unwind;
+  unsigned incr_min_unwind;
+
+protected:
+  // incremental unwinding
+  prop_convt &prop_conv;
+
+  // returns true if the symbolic execution is to be interrupted for checking
+  virtual bool check_break(
+    const irep_idt &id,
+    bool is_function,
+    goto_symext::statet &state,
+    const exprt &cond,
+    unsigned unwind);
+
+  // for loop unwinding
+  virtual bool get_unwind(
+    const symex_targett::sourcet &source,
+    unsigned unwind);
+};
+
+#endif
diff --git a/src/cegis/Makefile b/src/cegis/Makefile
new file mode 100644
index 00000000000..f48a3f7ac16
--- /dev/null
+++ b/src/cegis/Makefile
@@ -0,0 +1,146 @@
+SRC = danger/meta/meta_variable_names.cpp danger/facade/danger_runner.cpp danger/options/danger_program.cpp \
+      danger/genetic/dynamic_danger_test_runner.cpp \
+      danger/options/danger_program_printer.cpp danger/constraint/danger_constraint_factory.cpp \
+      danger/preprocess/danger_preprocessing.cpp danger/preprocess/store_nondet_choices.cpp \
+      danger/preprocess/add_ranking_and_skolem_variables.cpp danger/symex/learn/add_variable_refs.cpp \
+      danger/symex/learn/add_programs_to_learn.cpp danger/symex/learn/solution_factory.cpp \
+      danger/symex/learn/read_x0.cpp danger/symex/learn/add_x0_placeholders.cpp danger/symex/learn/danger_learn_config.cpp \
+      danger/symex/learn/encoded_danger_learn_config.cpp danger/symex/verify/insert_candidate.cpp danger/symex/verify/restrict_counterexamples.cpp \
+      danger/symex/verify/danger_verify_config.cpp danger/symex/verify/parallel_danger_verifier.cpp \
+      danger/symex/verify/parallel_danger_verify_task.cpp danger/symex/fitness/danger_fitness_config.cpp \
+      safety/options/safety_program.cpp safety/options/safety_program_printer.cpp safety/preprocessing/safety_preprocessing.cpp \
+      safety/genetic/dynamic_safety_test_runner.cpp \
+      safety/meta/meta_variable_names.cpp safety/constraint/safety_constraint_factory.cpp \
+      safety/symex/learn/safety_learn_config.cpp safety/symex/learn/solution_factory.cpp \
+      safety/symex/learn/add_variable_refs.cpp safety/symex/verify/safety_verify_config.cpp \
+      safety/symex/learn/encoded_safety_learn_config.cpp safety/symex/learn/add_counterexamples.cpp \
+      safety/symex/verify/insert_candidate.cpp safety/facade/safety_runner.cpp \
+      safety/symex/fitness/safety_fitness_config.cpp safety/value/safety_goto_ce.cpp \
+      safety/value/individual_to_safety_solution_deserialiser.cpp \
+      invariant/options/invariant_program.cpp invariant/options/target_copy_helper.cpp \
+      invariant/util/copy_instructions.cpp invariant/util/invariant_program_helper.cpp \
+      invariant/util/invariant_constraint_variables.cpp \
+      invariant/constant/add_constant.cpp invariant/constant/default_constant_strategy.cpp \
+      invariant/constant/literals_constant_strategy.cpp invariant/meta/meta_variable_names.cpp \
+      invariant/preprocess/add_invariants_and_temp_variables.cpp invariant/preprocess/remove_loops_and_assertion.cpp \
+      invariant/symex/learn/add_counterexamples.cpp invariant/symex/learn/add_invariant_programs_to_learn.cpp \
+      invariant/symex/learn/instrument_vars.cpp \
+      invariant/symex/learn/replace_operators.cpp invariant/symex/verify/extract_counterexample.cpp \
+      invariant/symex/verify/insert_constraint.cpp invariant/symex/verify/insert_program.cpp \
+      invariant/fitness/concrete_fitness_source_provider.cpp \
+      jsa/facade/jsa_runner.cpp jsa/options/jsa_program.cpp jsa/options/jsa_program_info.cpp \
+      jsa/preprocessing/jsa_preprocessing.cpp jsa/preprocessing/remove_loop.cpp \
+      jsa/preprocessing/add_constraint_meta_variables.cpp jsa/preprocessing/default_jsa_constant_strategy.cpp \
+      jsa/preprocessing/create_temp_variables.cpp jsa/preprocessing/collect_variables.cpp jsa/preprocessing/clone_heap.cpp \
+      jsa/preprocessing/add_synthesis_library.cpp \
+      jsa/learn/jsa_symex_learn.cpp jsa/learn/insert_counterexample.cpp jsa/learn/insert_predicates_and_queries.cpp \
+      jsa/learn/instrument_pred_ops.cpp jsa/learn/execute_jsa_programs.cpp jsa/learn/extract_candidate.cpp \
+      jsa/verify/jsa_symex_verify.cpp jsa/verify/extract_counterexample.cpp jsa/verify/renondet_inputs.cpp \
+      jsa/verify/insert_solution.cpp \
+      jsa/constraint/jsa_constraint_factory.cpp \
+      jsa/converters/solution.cpp jsa/converters/translate_to_goto_program.cpp jsa/converters/replace_operators.cpp \
+      jsa/converters/counterexample.cpp \
+      jsa/instrument/jsa_meta_data.cpp jsa/instrument/temps_helper.cpp \
+      jsa/value/jsa_solution.cpp jsa/value/jsa_solution_printer.cpp jsa/value/jsa_types.cpp \
+      jsa/value/default_solution.cpp jsa/value/jsa_counterexample_printer.cpp \
+      jsa/genetic/jsa_source_provider.cpp jsa/genetic/dynamic_jsa_test_runner.cpp jsa/genetic/random_jsa_mutate.cpp \
+      jsa/genetic/random_jsa_cross.cpp jsa/genetic/jsa_genetic_convert.cpp jsa/genetic/jsa_random.cpp \
+      jsa/genetic/solution_helper.cpp jsa/genetic/jsa_serialiser.cpp jsa/genetic/jsa_paragon_wrapper.cpp \
+      control/facade/control_runner.cpp \
+      control/preprocessing/control_preprocessing.cpp control/preprocessing/propagate_controller_sizes.cpp \
+      control/options/control_program.cpp \
+      control/learn/control_symex_learn.cpp control/learn/nondet_solution.cpp \
+      control/simplify/remove_unused_elements.cpp \
+      control/verify/control_symex_verify.cpp control/verify/insert_solution.cpp \
+      control/value/float_helper.cpp control/value/control_types.cpp \
+      refactor/environment/instrument_state_vars.cpp \
+      refactor/instructionset/create_cegis_processor.cpp refactor/instructionset/execute_cegis_program.cpp \
+      refactor/instructionset/processor_types.cpp refactor/instructionset/cegis_processor_body_factory.cpp \
+      refactor/instructionset/instruction_description.cpp refactor/instructionset/cegis_instruction_factory.cpp \
+      refactor/instructionset/processor_symbols.cpp \
+      refactor/constraint/constraint_factory.cpp \
+      refactor/preprocessing/refactor_preprocessing.cpp refactor/preprocessing/collect_counterexamples.cpp \
+      refactor/learn/refactor_symex_learn.cpp refactor/learn/instrument_counterexamples.cpp \
+      refactor/learn/refactor_candidate_printer.cpp \
+      refactor/verify/refactor_symex_verify.cpp \
+      refactor/facade/refactor_runner.cpp \
+      refactor/options/refactoring_type.cpp refactor/options/refactor_program.cpp \
+      refactor/nullobject/range_collector.cpp refactor/nullobject/nullable_analysis.cpp \
+      wordsize/restrict_bv_size.cpp value/program_individual_serialisation.cpp value/assignments_printer.cpp \
+      seed/literals_seed.cpp \
+      genetic/instruction_set_info_factory.cpp genetic/random_mutate.cpp genetic/random_cross.cpp \
+      genetic/random_individual.cpp genetic/genetic_constant_strategy.cpp instructions/instruction_set_factory.cpp \
+      genetic/dynamic_test_runner_helper.cpp genetic/genetic_settings.cpp \
+      genetic/serialise_individual.cpp genetic/program_individual_test_runner_helper.cpp \
+      cegis-util/task_pool.cpp cegis-util/constant_width.cpp cegis-util/irep_pipe.cpp cegis-util/program_helper.cpp \
+      cegis-util/temporary_output_block.cpp cegis-util/cbmc_runner.cpp cegis-util/module_helper.cpp \
+      cegis-util/inline_user_program.cpp cegis-util/counterexample_vars.cpp cegis-util/string_helper.cpp \
+      cegis-util/instruction_iterator.cpp cegis-util/type_helper.cpp \
+      learn/insert_counterexample.cpp learn/constraint_helper.cpp \
+      constant/add_constant.cpp constant/literals_collector.cpp constant/default_cegis_constant_strategy.cpp \
+      instrument/cegis_library.cpp instrument/instrument_var_ops.cpp instrument/meta_variables.cpp \
+      instrument/find_cprover_initialize.cpp \
+      runner/cegis_parse_options.cpp runner/cegis_main.cpp runner/cegis_languages.cpp
+
+OBJ += ../ansi-c/ansi-c$(LIBEXT) \
+      ../cpp/cpp$(LIBEXT) \
+      ../java_bytecode/java_bytecode$(LIBEXT) \
+      ../linking/linking$(LIBEXT) \
+      ../big-int/big-int$(LIBEXT) \
+      ../goto-programs/goto-programs$(LIBEXT) \
+      ../goto-symex/goto-symex$(LIBEXT) \
+      ../pointer-analysis/value_set$(OBJEXT) \
+      ../pointer-analysis/value_set_analysis_fi$(OBJEXT) \
+      ../pointer-analysis/value_set_domain_fi$(OBJEXT) \
+      ../pointer-analysis/value_set_fi$(OBJEXT) \
+      ../pointer-analysis/value_set_dereference$(OBJEXT) \
+      ../pointer-analysis/dereference_callback$(OBJEXT) \
+      ../pointer-analysis/add_failed_symbols$(OBJEXT) \
+      ../pointer-analysis/rewrite_index$(OBJEXT) \
+      ../pointer-analysis/goto_program_dereference$(OBJEXT) \
+      ../goto-instrument/full_slicer$(OBJEXT) \
+      ../analyses/analyses$(LIBEXT) \
+      ../langapi/langapi$(LIBEXT) \
+      ../xmllang/xmllang$(LIBEXT) \
+      ../assembler/assembler$(LIBEXT) \
+      ../solvers/solvers$(LIBEXT) \
+      ../util/util$(LIBEXT) \
+      ../goto-instrument/dump_c$(OBJEXT) ../goto-instrument/goto_program2code$(OBJEXT) \
+      ../goto-instrument/nondet_static$(OBJEXT) ../goto-instrument/cover$(OBJEXT) \
+      ../cbmc/cbmc_parse_options$(OBJEXT) ../cbmc/cbmc_solvers$(OBJEXT) \
+      ../cbmc/bmc$(OBJEXT) ../cbmc/bmc_incremental$(OBJEXT) ../cbmc/bmc_incremental_one_loop$(OBJEXT) \
+      ../cbmc/symex_bmc$(OBJEXT) ../cbmc/symex_bmc_incremental$(OBJEXT) \
+      ../cbmc/symex_bmc_incremental_one_loop$(OBJEXT) \
+       ../cbmc/xml_interface$(OBJEXT) ../cbmc/bmc_cover$(OBJEXT) \
+      ../cbmc/bv_cbmc$(OBJEXT) ../cbmc/counterexample_beautification$(OBJEXT) \
+      ../cbmc/show_vcc$(OBJEXT) \
+      ../cbmc/cbmc_dimacs$(OBJEXT) ../cbmc/all_properties$(OBJEXT) \
+      ../cbmc/fault_localization$(OBJEXT)
+
+INCLUDES= -I ..
+
+include ../config.inc
+include ../common
+
+ifeq ($(filter-out Unix MinGW Cygwin OSX OSX_Universal,$(BUILD_ENV_)),)
+  DLFCN_LINKFLAGS = -ldl
+endif
+
+LIBS = $(DLFCN_LINKFLAGS)
+
+CLEANFILES = cegis$(EXEEXT)
+
+all: cegis$(EXEEXT)
+
+ifneq ($(wildcard ../java_bytecode/Makefile),)
+  OBJ += ../java_bytecode/java_bytecode$(LIBEXT)
+  CP_CXXFLAGS += -DHAVE_JAVA_BYTECODE
+  ifneq ($(wildcard $(LIBZIPINC)),)
+    LIBS += $(LIBZIPLIB)
+  endif
+endif
+
+###############################################################################
+
+cegis$(EXEEXT): $(OBJ)
+	$(LINKBIN)
diff --git a/src/cegis/cegis-util/cbmc_runner.cpp b/src/cegis/cegis-util/cbmc_runner.cpp
new file mode 100644
index 00000000000..dc6badb40a2
--- /dev/null
+++ b/src/cegis/cegis-util/cbmc_runner.cpp
@@ -0,0 +1,155 @@
+#include <algorithm>
+#include <functional>
+
+#include <util/config.h>
+#include <util/substitute.h>
+
+#include <cbmc/cbmc_parse_options.h>
+#include <cbmc/bmc.h>
+
+#include <goto-programs/goto_trace.h>
+#include <goto-programs/write_goto_binary.h>
+
+#include <cegis/options/parameters.h>
+#include <cegis/cegis-util/temporary_output_block.h>
+#include <cegis/cegis-util/cbmc_runner.h>
+
+#define ARGV_MAX_SIZE 5u
+
+namespace
+{
+bool exists(const std::string &name)
+{
+  return std::ifstream(name).good();
+}
+
+std::string get_goto_file_name(const size_t index)
+{
+  std::string name("cbmc_runner-");
+  name+=std::to_string(index);
+  return name+=".exe";
+}
+
+std::string get_next_goto_file_name()
+{
+  size_t index=0;
+  while (exists(get_goto_file_name(index)))
+    ++index;
+  return get_goto_file_name(index);
+}
+
+bool is_gcc()
+{
+  return configt::ansi_ct::flavourt::GCC == config.ansi_c.mode;
+}
+
+std::vector<std::string> get_args()
+{
+  std::vector<std::string> result= { "cbmc", "--stop-on-fail" };
+  if (is_gcc()) result.push_back("--gcc");
+  return result;
+}
+
+std::vector<const char *> get_argv(const std::vector<std::string> &args)
+{
+  std::vector<const char *> result;
+  std::transform(args.begin(), args.end(), std::back_inserter(result),
+      std::mem_fun_ref(&std::string::c_str));
+  return result;
+}
+
+class args_providert
+{
+  const std::vector<std::string> args;
+  std::vector<const char *> arg_ref;
+public:
+  args_providert() :
+      args(get_args()), arg_ref(get_argv(args))
+  {
+  }
+
+  int argc()
+  {
+    return arg_ref.size();
+  }
+
+  const char * *argv()
+  {
+    return arg_ref.data();
+  }
+};
+
+class cbmc_runnert: public args_providert, public cbmc_parse_optionst
+{
+  const symbol_tablet &st;
+  const goto_functionst &gf;
+  cbmc_resultt &result;
+  safety_checkert::resultt bmc_result;
+  const bool keep_goto_programs;
+
+public:
+  cbmc_runnert(const symbol_tablet &st, const goto_functionst &gf,
+      cbmc_resultt &result, const bool keep_goto_programs) :
+      cbmc_parse_optionst(argc(), argv()), st(st), gf(gf), result(result), bmc_result(
+          safety_checkert::UNSAFE), keep_goto_programs(keep_goto_programs)
+  {
+  }
+
+  virtual ~cbmc_runnert()=default;
+
+  virtual int get_goto_program(const optionst &options, bmct &bmc,
+      goto_functionst &goto_functions)
+  {
+    symbol_table.clear();
+    symbol_table=st;
+    goto_functions.clear();
+    goto_functions.copy_from(gf);
+    if (process_goto_program(options, goto_functions)) return 6;
+    if (keep_goto_programs)
+    {
+      const std::string path(get_next_goto_file_name());
+      message_handlert &msg=get_message_handler();
+      write_goto_binary(path, symbol_table, goto_functions, msg);
+    }
+
+    return -1;
+  }
+
+  int do_bmc(bmct &bmc, const goto_functionst &goto_functions)
+  {
+    bmc.set_ui(get_ui());
+    result.symbol_table.clear();
+    result.symbol_table=symbol_table;
+    result.goto_functions.clear();
+    result.goto_functions.copy_from(goto_functions);
+    bmc_result=bmc(result.goto_functions);
+    result.trace=bmc.safety_checkert::error_trace;
+    return 0;
+  }
+
+  safety_checkert::resultt get_bmc_result() const
+  {
+    return bmc_result;
+  }
+};
+}
+
+safety_checkert::resultt run_cbmc(const symbol_tablet &st,
+    const goto_functionst &gf, cbmc_resultt &cbmc_result,
+    const bool keep_goto_programs)
+{
+  const temporary_output_blockt disable_output;
+  cbmc_runnert runner(st, gf, cbmc_result, keep_goto_programs);
+  const int result=runner.main();
+  disable_output.release();
+  if (EXIT_SUCCESS != result)
+    throw std::runtime_error("cbmc_runner.cbmc-execution-failed");
+  return runner.get_bmc_result();
+}
+
+safety_checkert::resultt run_cbmc(const symbol_tablet &st,
+    const goto_functionst &gf, cbmc_resultt &cbmc_result, const optionst &o)
+{
+  return run_cbmc(st, gf, cbmc_result,
+      o.get_bool_option(CEGIS_KEEP_GOTO_PROGRAMS));
+}
diff --git a/src/goto-programs/safety_checker.h b/src/goto-programs/safety_checker.h
index bb1492d6f53..f024d294c0d 100644
--- a/src/goto-programs/safety_checker.h
+++ b/src/goto-programs/safety_checker.h
@@ -29,6 +29,7 @@ class safety_checkert:public messaget
     const namespacet &_ns,
     message_handlert &_message_handler);
 
+
   enum class resultt { SAFE, UNSAFE, ERROR };
 
   // check whether all assertions in goto_functions are safe
diff --git a/src/goto-symex/build_goto_trace.cpp b/src/goto-symex/build_goto_trace.cpp
index 7b6a367f6b2..1360384587c 100644
--- a/src/goto-symex/build_goto_trace.cpp
+++ b/src/goto-symex/build_goto_trace.cpp
@@ -138,6 +138,9 @@ void build_goto_trace(
 
     const symex_target_equationt::SSA_stept &SSA_step=*it;
 
+    if(SSA_step.ignore)
+      continue;
+    
     if(prop_conv.l_get(SSA_step.guard_literal)!=tvt(true))
       continue;
 
@@ -193,6 +196,9 @@ void build_goto_trace(
           symex_target_equationt::assignment_typet::GUARD))
       continue;
 
+    if(SSA_step.comment==SYMEX_CONTINUATION_CHECK)
+      continue;
+
     goto_tracet::stepst &steps=time_map[current_time];
     steps.push_back(goto_trace_stept());
     goto_trace_stept &goto_trace_step=steps.back();
@@ -297,7 +303,8 @@ void build_goto_trace(
       s_it1=goto_trace.steps.begin();
       s_it1!=goto_trace.steps.end();
       s_it1++)
-    if(s_it1->is_assert() && !s_it1->cond_value)
+    if(s_it1->is_assert() && !s_it1->cond_value && 
+       s_it1->comment!=SYMEX_CONTINUATION_CHECK)
     {
       goto_trace.trim_after(s_it1);
       break;
diff --git a/src/goto-symex/goto_symex.h b/src/goto-symex/goto_symex.h
index f45d722ebf7..5152d19c290 100644
--- a/src/goto-symex/goto_symex.h
+++ b/src/goto-symex/goto_symex.h
@@ -53,6 +53,7 @@ class goto_symext
     constant_propagation(true),
     new_symbol_table(_new_symbol_table),
     language_mode(),
+    ignore_assertions(false),
     ns(_ns),
     target(_target),
     atomic_section_counter(0),
@@ -78,13 +79,13 @@ class goto_symext
     const goto_programt &goto_program);
 
   /** start symex in a given state */
-  virtual void operator()(
+  virtual bool operator()(
     statet &state,
     const goto_functionst &goto_functions,
     const goto_programt &goto_program);
 
   /** execute just one step */
-  virtual void symex_step(
+  virtual bool symex_step(
     const goto_functionst &goto_functions,
     statet &state);
 
@@ -98,6 +99,7 @@ class goto_symext
 
   optionst options;
   symbol_tablet &new_symbol_table;
+  bool ignore_assertions;
 
   /// language_mode: ID_java, ID_C or another language identifier
   /// if we know the source language in use, irep_idt() otherwise.
@@ -110,6 +112,13 @@ class goto_symext
 
   friend class symex_dereference_statet;
 
+  virtual bool check_break(
+    const irep_idt &id, 
+    bool is_function, 
+    statet &state, 
+    const exprt &cond, 
+    unsigned unwind);
+
   void new_name(symbolt &symbol);
 
   // this does the following:
@@ -156,7 +165,7 @@ class goto_symext
 
   // symex
 
-  virtual void symex_goto(statet &state);
+  virtual bool symex_goto(statet &state);
   virtual void symex_start_thread(statet &state);
   virtual void symex_atomic_begin(statet &state);
   virtual void symex_atomic_end(statet &state);
@@ -207,19 +216,19 @@ class goto_symext
   {
   }
 
-  virtual void symex_function_call(
+  virtual bool symex_function_call(
     const goto_functionst &goto_functions,
     statet &state,
     const code_function_callt &call);
 
   virtual void symex_end_of_function(statet &state);
 
-  virtual void symex_function_call_symbol(
+  virtual bool symex_function_call_symbol(
     const goto_functionst &goto_functions,
     statet &state,
     const code_function_callt &call);
 
-  virtual void symex_function_call_code(
+  virtual bool symex_function_call_code(
     const goto_functionst &goto_functions,
     statet &state,
     const code_function_callt &call);
diff --git a/src/goto-symex/goto_symex_state.h b/src/goto-symex/goto_symex_state.h
index d62d4a66af9..a196cb4c25e 100644
--- a/src/goto-symex/goto_symex_state.h
+++ b/src/goto-symex/goto_symex_state.h
@@ -26,6 +26,9 @@ Author: Daniel Kroening, kroening@kroening.com
 
 class dirtyt;
 
+#define SYMEX_CONTINUATION_CHECK "symex_continuation_check"
+
+
 // central data structure: state
 class goto_symex_statet
 {
@@ -265,11 +268,13 @@ class goto_symex_statet
     {
       loop_infot():
         count(0),
+        fully_unwound(false),
         is_recursion(false)
       {
       }
 
       unsigned count;
+      bool fully_unwound;
       bool is_recursion;
     };
     typedef std::unordered_map<irep_idt, loop_infot, irep_id_hash>
diff --git a/src/goto-symex/slice.cpp b/src/goto-symex/slice.cpp
index a398264963e..4343da2dfb2 100644
--- a/src/goto-symex/slice.cpp
+++ b/src/goto-symex/slice.cpp
@@ -261,3 +261,22 @@ void simple_slice(symex_target_equationt &equation)
       s_it->ignore=true;
   }
 }
+
+/*******************************************************************\
+
+Function: undo_slice
+
+  Inputs:
+
+ Outputs:
+
+ Purpose:
+
+\*******************************************************************/
+
+void undo_slice(symex_target_equationt &equation)
+{
+  // set ignore to false
+  for(auto & it : equation.SSA_steps)
+    it.ignore=false;
+}
diff --git a/src/goto-symex/slice.h b/src/goto-symex/slice.h
index 2bc887a0c9f..d8077c3a5b9 100644
--- a/src/goto-symex/slice.h
+++ b/src/goto-symex/slice.h
@@ -24,6 +24,9 @@ void simple_slice(symex_target_equationt &equation);
 void slice(symex_target_equationt &equation,
            const expr_listt &expressions);
 
+// Undo symex slicing
+void undo_slice(symex_target_equationt &equation);
+
 // Collects "open" variables that are used but not assigned
 
 typedef std::unordered_set<irep_idt, irep_id_hash> symbol_sett;
diff --git a/src/goto-symex/symex_function_call.cpp b/src/goto-symex/symex_function_call.cpp
index e50d1c8ea7f..20190a4aadd 100644
--- a/src/goto-symex/symex_function_call.cpp
+++ b/src/goto-symex/symex_function_call.cpp
@@ -169,7 +169,8 @@ void goto_symext::parameter_assignments(
   }
 }
 
-void goto_symext::symex_function_call(
+
+bool goto_symext::symex_function_call(
   const goto_functionst &goto_functions,
   statet &state,
   const code_function_callt &code)
@@ -177,7 +178,7 @@ void goto_symext::symex_function_call(
   const exprt &function=code.function();
 
   if(function.id()==ID_symbol)
-    symex_function_call_symbol(goto_functions, state, code);
+    return symex_function_call_symbol(goto_functions, state, code);
   else if(function.id()==ID_if)
     throw "symex_function_call can't do if";
   else if(function.id()==ID_dereference)
@@ -186,7 +187,8 @@ void goto_symext::symex_function_call(
     throw "unexpected function for symex_function_call: "+function.id_string();
 }
 
-void goto_symext::symex_function_call_symbol(
+
+bool goto_symext::symex_function_call_symbol(
   const goto_functionst &goto_functions,
   statet &state,
   const code_function_callt &code)
@@ -211,11 +213,13 @@ void goto_symext::symex_function_call_symbol(
     symex_macro(state, code);
   }
   else
-    symex_function_call_code(goto_functions, state, code);
+    return symex_function_call_code(goto_functions, state, code);
+
+  return false;
 }
 
 /// do function call by inlining
-void goto_symext::symex_function_call_code(
+bool goto_symext::symex_function_call_code(
   const goto_functionst &goto_functions,
   statet &state,
   const code_function_callt &call)
@@ -255,7 +259,7 @@ void goto_symext::symex_function_call_code(
     }
 
     state.source.pc++;
-    return;
+    return false;
   }
 
   // record the call
@@ -277,7 +281,7 @@ void goto_symext::symex_function_call_code(
     }
 
     state.source.pc++;
-    return;
+    return false;
   }
 
   // read the arguments -- before the locality renaming
@@ -315,6 +319,8 @@ void goto_symext::symex_function_call_code(
 
   state.source.is_set=true;
   state.source.pc=goto_function.body.instructions.begin();
+
+  return false;
 }
 
 /// pop one call frame
diff --git a/src/goto-symex/symex_goto.cpp b/src/goto-symex/symex_goto.cpp
index 03186a129b3..7173f4fcbc6 100644
--- a/src/goto-symex/symex_goto.cpp
+++ b/src/goto-symex/symex_goto.cpp
@@ -12,13 +12,16 @@ Author: Daniel Kroening, kroening@kroening.com
 #include <cassert>
 #include <algorithm>
 
+#include <util/expr_util.h>
+#include <util/simplify_expr.h>
 #include <util/std_expr.h>
 
 #include <analyses/dirty.h>
 
 #include "goto_symex.h"
 
-void goto_symext::symex_goto(statet &state)
+
+bool goto_symext::symex_goto(statet &state)
 {
   const goto_programt::instructiont &instruction=*state.source.pc;
   statet::framet &frame=state.top();
@@ -30,7 +33,11 @@ void goto_symext::symex_goto(statet &state)
   state.rename(new_guard, ns);
   do_simplify(new_guard);
 
-  if(new_guard.is_false() ||
+  const irep_idt loop_id=goto_programt::loop_id(state.source.pc);
+
+  // Testing for "is_false", we need to explicitly simplify despite "no-simplify".
+  const exprt incr_test_guard=simplify_expr(old_guard, ns);
+  if(incr_test_guard.is_false() || new_guard.is_false() ||
      state.guard.is_false())
   {
     if(!state.guard.is_false())
@@ -38,11 +45,16 @@ void goto_symext::symex_goto(statet &state)
 
     // reset unwinding counter
     if(instruction.is_backwards_goto())
-      frame.loop_iterations[goto_programt::loop_id(state.source.pc)].count=0;
+    {
+      goto_symex_statet::framet::loop_infot &loop_info=
+        frame.loop_iterations[loop_id];
+      loop_info.count=0;
+      loop_info.fully_unwound=false;
+    }
 
     // next instruction
     state.source.pc++;
-    return; // nothing to do
+    return false; // nothing to do
   }
 
   target.goto_instruction(state.guard.as_expr(), new_guard, state.source);
@@ -81,12 +93,14 @@ void goto_symext::symex_goto(statet &state)
       return;
     }
 
-    unsigned &unwind=
-      frame.loop_iterations[goto_programt::loop_id(state.source.pc)].count;
+    goto_symex_statet::framet::loop_infot &loop_info=
+    	frame.loop_iterations[loop_id];
+    unsigned &unwind=loop_info.count;
+
     unwind++;
 
     // continue unwinding?
-    if(get_unwind(state.source, unwind))
+    if(loop_info.fully_unwound || get_unwind(state.source, unwind))
     {
       // no!
       loop_bound_exceeded(state, new_guard);
@@ -96,13 +110,16 @@ void goto_symext::symex_goto(statet &state)
 
       // next instruction
       state.source.pc++;
-      return;
+
+      // do not break, but continue symex to the end of the program
+      return false;
     }
 
-    if(new_guard.is_true())
+    if(new_guard.is_true()) // continue looping
     {
+      bool do_break=check_break(loop_id,false,state,new_guard,unwind);
       state.source.pc=goto_target;
-      return; // nothing else to do
+      return do_break;
     }
   }
 
@@ -195,8 +212,22 @@ void goto_symext::symex_goto(statet &state)
       new_state.guard.add(guard_expr);
     }
   }
+  return false;
+}
+
+
+bool goto_symext::check_break(
+  const irep_idt &id,
+  bool is_function,
+  statet &state,
+  const exprt &cond,
+  unsigned unwind)
+{
+  // dummy implementation
+  return false;
 }
 
+
 void goto_symext::symex_step_goto(statet &state, bool taken)
 {
   const goto_programt::instructiont &instruction=*state.source.pc;
@@ -377,6 +408,7 @@ void goto_symext::phi_function(
   }
 }
 
+
 void goto_symext::loop_bound_exceeded(
   statet &state,
   const exprt &guard)
diff --git a/src/goto-symex/symex_main.cpp b/src/goto-symex/symex_main.cpp
index 501fdabea70..7de42bf8e03 100644
--- a/src/goto-symex/symex_main.cpp
+++ b/src/goto-symex/symex_main.cpp
@@ -98,14 +98,17 @@ void goto_symext::rewrite_quantifiers(exprt &expr, statet &state)
   }
 }
 
+
 /// symex from given state
-void goto_symext::operator()(
+bool goto_symext::operator()(
   statet &state,
   const goto_functionst &goto_functions,
   const goto_programt &goto_program)
 {
   assert(!goto_program.instructions.empty());
 
+  if(state.symex_target==NULL)
+  {
   state.source=symex_targett::sourcet(goto_program);
   assert(!state.threads.empty());
   assert(!state.call_stack().empty());
@@ -113,12 +116,14 @@ void goto_symext::operator()(
   state.top().calling_location.pc=state.top().end_of_function;
   state.symex_target=&target;
   state.dirty=new dirtyt(goto_functions);
+  }
 
   assert(state.top().end_of_function->is_end_function());
 
   while(!state.call_stack().empty())
   {
-    symex_step(goto_functions, state);
+    if(symex_step(goto_functions, state))
+      return false;
 
     // is there another thread to execute?
     if(state.call_stack().empty() &&
@@ -132,6 +137,7 @@ void goto_symext::operator()(
 
   delete state.dirty;
   state.dirty=0;
+  return true;
 }
 
 /// symex starting from given program
@@ -157,8 +163,9 @@ void goto_symext::operator()(const goto_functionst &goto_functions)
   operator()(goto_functions, body);
 }
 
+
 /// do just one step
-void goto_symext::symex_step(
+bool goto_symext::symex_step(
   const goto_functionst &goto_functions,
   statet &state)
 {
@@ -207,7 +214,7 @@ void goto_symext::symex_step(
     break;
 
   case GOTO:
-    symex_goto(state);
+    return symex_goto(state);
     break;
 
   case ASSUME:
@@ -223,7 +230,7 @@ void goto_symext::symex_step(
     break;
 
   case ASSERT:
-    if(!state.guard.is_false())
+    if(!state.guard.is_false() && !ignore_assertions)
     {
       std::string msg=id2string(state.source.pc->source_location.get_comment());
       if(msg=="")
@@ -264,7 +271,33 @@ void goto_symext::symex_step(
       Forall_expr(it, deref_code.arguments())
         clean_expr(*it, state, false);
 
-      symex_function_call(goto_functions, state, deref_code);
+      const irep_idt &identifier=
+        to_symbol_expr(deref_code.function()).get_identifier();
+      const goto_symex_statet::framet::loop_infot &loop_info =
+        state.top().loop_iterations[identifier];
+
+      if(!loop_info.fully_unwound)
+      {
+        goto_functionst::function_mapt::const_iterator it=
+          goto_functions.function_map.find(identifier);
+        assert(goto_functions.function_map.find(identifier)!=
+               goto_functions.function_map.end());
+
+        // interrupt for checking guard if in incremental mode
+        if(!state.guard.is_true() &&
+           // no need to check recursive call if function body is not available
+           it->second.body_available())
+        {
+          exprt guard=state.guard.as_expr();
+          bool do_break=
+            check_break(identifier, true, state, guard, loop_info.count);
+          if(do_break)
+            return true;
+        }
+        return symex_function_call(goto_functions, state, deref_code);
+      }
+      else
+        state.source.pc++;
     }
     else
       state.source.pc++;
@@ -327,4 +360,5 @@ void goto_symext::symex_step(
   default:
     throw "symex got unexpected instruction";
   }
+  return false;
 }
diff --git a/src/goto-symex/symex_target_equation.cpp b/src/goto-symex/symex_target_equation.cpp
index e0c8e86a42f..88acb2625ae 100644
--- a/src/goto-symex/symex_target_equation.cpp
+++ b/src/goto-symex/symex_target_equation.cpp
@@ -12,6 +12,9 @@ Author: Daniel Kroening, kroening@kroening.com
 #include <cassert>
 
 #include <util/std_expr.h>
+#include <solvers/prop/literal_expr.h>
+#include <util/expr_util.h>
+
 
 #include <langapi/language_util.h>
 #include <solvers/prop/prop_conv.h>
@@ -22,7 +25,7 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "symex_target_equation.h"
 
 symex_target_equationt::symex_target_equationt(
-  const namespacet &_ns):ns(_ns)
+  const namespacet &_ns):is_incremental(false), ns(_ns), io_count(0)
 {
 }
 
@@ -392,24 +395,28 @@ void symex_target_equationt::convert(
 /// \par parameters: decision procedure
 /// \return -
 void symex_target_equationt::convert_assignments(
-  decision_proceduret &decision_procedure) const
+  decision_proceduret &decision_procedure)
 {
-  for(const auto &step : SSA_steps)
+  for(auto &step : SSA_steps)
   {
-    if(step.is_assignment() && !step.ignore)
+    if(step.is_assignment() && !step.ignore && !step.converted)
+  {
+      step.converted=true;
       decision_procedure.set_to_true(step.cond_expr);
   }
+  }
 }
 
 /// converts declarations
 /// \return -
 void symex_target_equationt::convert_decls(
-  prop_convt &prop_conv) const
+  prop_convt &prop_conv)
 {
-  for(const auto &step : SSA_steps)
+  for(auto &step : SSA_steps)
   {
-    if(step.is_decl() && !step.ignore)
+    if(step.is_decl() && !step.ignore && !step.converted)
     {
+      step.converted=true;
       // The result is not used, these have no impact on
       // the satisfiability of the formula.
       prop_conv.convert(step.cond_expr);
@@ -469,15 +476,16 @@ void symex_target_equationt::convert_goto_instructions(
 /// \par parameters: decision procedure
 /// \return -
 void symex_target_equationt::convert_constraints(
-  decision_proceduret &decision_procedure) const
+  decision_proceduret &decision_procedure)
 {
-  for(const auto &step : SSA_steps)
+  for(auto &step : SSA_steps)
   {
     if(step.is_constraint())
     {
-      if(step.ignore)
+      if(step.ignore || step.converted)
         continue;
 
+      step.converted=true;
       decision_procedure.set_to_true(step.cond_expr);
     }
   }
@@ -496,19 +504,68 @@ void symex_target_equationt::convert_assertions(
   if(number_of_assertions==0)
     return;
 
+  exprt assumption=true_exprt();
+
+  // literal a_k to be added to assertions clauses
+  // to de-/activate them for incr. solving
+  literalt activation_literal;
+  if(is_incremental)
+  {
+    activation_literal=prop_conv.convert(
+      symbol_exprt("symex::act$"+
+                   std::to_string(activate_assertions.size()), bool_typet()));
+
+    if(!activate_assertions.empty())
+    {
+      literalt last_activation_literal=activate_assertions.back();
+      activate_assertions.pop_back();
+      activate_assertions.push_back(!last_activation_literal);
+    }
+    activate_assertions.push_back(!activation_literal);
+
+    // set assumptions (a_0 ... -a_k) for incremental solving
+    prop_conv.set_assumptions(activate_assertions);
+  }
+
   if(number_of_assertions==1)
   {
     for(auto &step : SSA_steps)
     {
-      if(step.is_assert())
+      // ignore already converted assertions in the error trace
+      if(step.is_assert() && step.converted)
+        step.ignore=true;
+
+      if(step.is_assert() && !step.ignore && !step.converted)
+      {
+        step.converted=true;
+
+        if(is_incremental)
       {
+          prop_conv.set_to_true(
+            or_exprt(
+              literal_exprt(activation_literal),
+              not_exprt(step.cond_expr)));
+        }
+        else
         prop_conv.set_to_false(step.cond_expr);
+
         step.cond_literal=const_literal(false);
+
         return; // prevent further assumptions!
       }
       else if(step.is_assume())
+      {
+        if(is_incremental)
+        {
+          prop_conv.set_to_true(
+            or_exprt(
+              literal_exprt(activation_literal),
+              step.cond_expr));
+        }
+        else
         prop_conv.set_to_true(step.cond_expr);
     }
+    }
 
     assert(false); // unreachable
   }
@@ -516,21 +573,30 @@ void symex_target_equationt::convert_assertions(
   // We do (NOT a1) OR (NOT a2) ...
   // where the a's are the assertions
   or_exprt::operandst disjuncts;
-  disjuncts.reserve(number_of_assertions);
+  disjuncts.reserve(
+    is_incremental ? number_of_assertions+1 : number_of_assertions);
 
-  exprt assumption=true_exprt();
+  if(is_incremental)
+  {
+    // assumptions for incremental solving:
+    // (a_0 ... -a_k-1) --> (a_0 ... a_k-1 -a_k)
+    disjuncts.push_back(literal_exprt(activation_literal));
+  }
 
   for(auto &step : SSA_steps)
   {
-    if(step.is_assert())
+    // ignore already converted assertions in the error trace
+    if(step.is_assert() && step.converted)
+      step.ignore=true;
+
+    if(step.is_assert() && !step.ignore && !step.converted)
     {
-      implies_exprt implication(
-        assumption,
-        step.cond_expr);
+      step.converted=true;
+
+      implies_exprt implication(assumption, step.cond_expr);
 
       // do the conversion
       step.cond_literal=prop_conv.convert(implication);
-
       // store disjunct
       disjuncts.push_back(literal_exprt(!step.cond_literal));
     }
@@ -550,16 +616,47 @@ void symex_target_equationt::convert_assertions(
   prop_conv.set_to_true(disjunction(disjuncts));
 }
 
+
 /// converts I/O
 /// \par parameters: decision procedure
 /// \return -
+
+literalt symex_target_equationt::current_activation_literal()
+{
+  if(!is_incremental)
+    return const_literal(false);
+
+  return !activate_assertions.back();
+}
+
+void symex_target_equationt::new_activation_literal(prop_convt &prop_conv)
+{
+  if(is_incremental)
+  {
+    literalt activation_literal=prop_conv.convert(
+      symbol_exprt("symex::act$"+
+                   std::to_string(activate_assertions.size()), bool_typet()));
+
+    if(!activate_assertions.empty())
+    {
+      literalt last_activation_literal=activate_assertions.back();
+      activate_assertions.pop_back();
+      activate_assertions.push_back(!last_activation_literal);
+    }
+    activate_assertions.push_back(!activation_literal);
+
+    // set assumptions (a_0 ... -a_k) for incremental solving
+    prop_conv.set_assumptions(activate_assertions);
+  }
+}
+
 void symex_target_equationt::convert_io(
   decision_proceduret &dec_proc)
 {
   unsigned io_count=0;
 
   for(auto &step : SSA_steps)
-    if(!step.ignore)
+    if(!step.ignore && !step.converted)
     {
       for(const auto &arg : step.io_args)
       {
@@ -639,6 +736,21 @@ void symex_target_equationt::SSA_stept::output(
   case goto_trace_stept::typet::DECL:
     out << "DECL" << '\n';
     out << from_expr(ns, "", ssa_lhs) << '\n';
+/*
+  case goto_trace_stept::ASSERT:
+    out << "ASSERT " << from_expr(ns, "", cond_expr) << std::endl;
+    break;
+  case goto_trace_stept::ASSUME:
+    out << "ASSUME " << from_expr(ns, "", cond_expr) << std::endl;
+    break;
+  case goto_trace_stept::LOCATION: out << "LOCATION" << std::endl; break;
+  case goto_trace_stept::INPUT: out << "INPUT" << std::endl; break;
+  case goto_trace_stept::OUTPUT: out << "OUTPUT" << std::endl; break;
+
+  case goto_trace_stept::DECL:
+    out << "DECL" << std::endl;
+    out << from_expr(ns, "", ssa_lhs) << std::endl;
+ HEAD~2*/
     break;
 
   case goto_trace_stept::typet::ASSIGNMENT:
diff --git a/src/goto-symex/symex_target_equation.h b/src/goto-symex/symex_target_equation.h
index abee81346a7..cd52ecca40f 100644
--- a/src/goto-symex/symex_target_equation.h
+++ b/src/goto-symex/symex_target_equation.h
@@ -156,14 +156,14 @@ class symex_target_equationt:public symex_targett
     const sourcet &source);
 
   void convert(prop_convt &prop_conv);
-  void convert_assignments(decision_proceduret &decision_procedure) const;
-  void convert_decls(prop_convt &prop_conv) const;
+  void convert_assignments(decision_proceduret &decision_procedure);
+  void convert_decls(prop_convt &prop_conv);
   void convert_assumptions(prop_convt &prop_conv);
   void convert_assertions(prop_convt &prop_conv);
-  void convert_constraints(decision_proceduret &decision_procedure) const;
-  void convert_goto_instructions(prop_convt &prop_conv);
+  void convert_constraints(decision_proceduret &decision_procedure);
   void convert_guards(prop_convt &prop_conv);
   void convert_io(decision_proceduret &decision_procedure);
+  void convert_goto_instructions(prop_convt &prop_conv);
 
   exprt make_expression() const;
 
@@ -238,6 +238,9 @@ class symex_target_equationt:public symex_targett
     // for slicing
     bool ignore;
 
+    // for incremental conversion
+    bool converted;
+
     SSA_stept():
       type(goto_trace_stept::typet::NONE),
       hidden(false),
@@ -251,7 +254,8 @@ class symex_target_equationt:public symex_targett
       cond_literal(const_literal(false)),
       formatted(false),
       atomic_section_id(0),
-      ignore(false)
+      ignore(false),
+      converted(false)
     {
     }
 
@@ -282,6 +286,12 @@ class symex_target_equationt:public symex_targett
     return i;
   }
 
+  // for incremental solving
+  bool is_incremental;
+  bvt activate_assertions;
+  literalt current_activation_literal();
+  void new_activation_literal(prop_convt &prop_conv);
+
   typedef std::list<SSA_stept> SSA_stepst;
   SSA_stepst SSA_steps;
 
@@ -316,6 +326,7 @@ class symex_target_equationt:public symex_targett
 
 protected:
   const namespacet &ns;
+  unsigned io_count;
 
   // for enforcing sharing in the expressions stored
   merge_irept merge_irep;
diff --git a/src/solvers/prop/cover_goals.cpp b/src/solvers/prop/cover_goals.cpp
index 1783983ccf9..219e1d6a9ba 100644
--- a/src/solvers/prop/cover_goals.cpp
+++ b/src/solvers/prop/cover_goals.cpp
@@ -14,6 +14,7 @@ Author: Daniel Kroening, kroening@kroening.com
 #include "literal_expr.h"
 #include "cover_goals.h"
 
+
 cover_goalst::~cover_goalst()
 {
 }
@@ -38,13 +39,17 @@ void cover_goalst::mark()
     }
 }
 
+
 /// Build clause
+
 void cover_goalst::constraint()
 {
   exprt::operandst disjuncts;
 
   // cover at least one unknown goal
 
+  disjuncts.push_back(literal_exprt(activation_literal));
+   
   for(std::list<goalt>::const_iterator
       g_it=goals.begin();
       g_it!=goals.end();
diff --git a/src/solvers/prop/cover_goals.h b/src/solvers/prop/cover_goals.h
index 8851e188347..9416bca5817 100644
--- a/src/solvers/prop/cover_goals.h
+++ b/src/solvers/prop/cover_goals.h
@@ -45,6 +45,7 @@ class cover_goalst:public messaget
 
   typedef std::list<goalt> goalst;
   goalst goals;
+  literalt activation_literal; // for incremental solving
 
   // statistics
 

From 6b30f8cdae4f31c19da43b9ee02620e2e56ba3d6 Mon Sep 17 00:00:00 2001
From: Peter Schrammel <peter.schrammel@diffblue.com>
Date: Tue, 10 Jan 2017 19:53:06 +0000
Subject: [PATCH 41/57] Check dependencies between commandline options for
 incremental

---
 src/cbmc/cbmc_parse_options.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/cbmc/cbmc_parse_options.h b/src/cbmc/cbmc_parse_options.h
index 453a6e5e5c2..be65007a5ee 100644
--- a/src/cbmc/cbmc_parse_options.h
+++ b/src/cbmc/cbmc_parse_options.h
@@ -110,6 +110,10 @@ class cbmc_parse_optionst:
 
   // get any additional stuff before finalizing the goto program
   virtual int get_modules(expr_listt &bmc_constraints)
+
+  bool options_exclusive(const char *opt1, const char *opt2);
+  bool options_inclusive(const char *opt1, const char *opt2);
+
   {
     return -1; // continue
   }

From 819b1298fb859763009054c7d6fb4ade60605674 Mon Sep 17 00:00:00 2001
From: Peter Schrammel <peter.schrammel@diffblue.com>
Date: Tue, 10 Jan 2017 20:16:53 +0000
Subject: [PATCH 42/57] Fix for Clang's initialization warning

---
 src/cbmc/bmc.cpp                      | 20 ++++++++++----------
 src/cbmc/bmc.h                        | 18 ++++++++++--------
 src/cbmc/bmc_incremental.cpp          | 23 ++++++++++++-----------
 src/cbmc/bmc_incremental.h            | 16 ++++++++++------
 src/cbmc/bmc_incremental_one_loop.cpp | 16 ++++++++--------
 src/cbmc/bmc_incremental_one_loop.h   | 18 +++++++++++-------
 6 files changed, 61 insertions(+), 50 deletions(-)

diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index 9313a3182c3..5e8f693823e 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -256,8 +256,8 @@ void bmct::slice()
       }
     }
   }
-  statistics() << "Generated " << symex.total_vccs
-               << " VCC(s), " << symex.remaining_vccs
+  statistics() << "Generated " << symex().total_vccs
+               << " VCC(s), " << symex().remaining_vccs
                << " remaining after simplification" << eom;
 }
 
@@ -387,8 +387,8 @@ safety_checkert::resultt bmct::initialize()
 
   }
 
-  symex.set_message_handler(get_message_handler());
-  symex.options=options;
+  symex().set_message_handler(get_message_handler());
+  symex().options=options;
 
   {
     const symbolt *init_symbol;
@@ -398,7 +398,7 @@ safety_checkert::resultt bmct::initialize()
 
   status() << "Starting Bounded Model Checking" << eom;
 
-  symex.last_source_location.make_nil();
+  symex().last_source_location.make_nil();
 
     // get unwinding info
     setup_unwind();
@@ -423,7 +423,7 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
   try
   {
     // perform symbolic execution
-    symex(goto_functions);
+    symex()(goto_functions);
 
     // add a partial ordering, if required
     if(equation.has_threads())
@@ -495,7 +495,7 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
 
     // any properties to check at all?
     if(!options.get_bool_option("program-only") &&
-       symex.remaining_vccs==0)
+     symex().remaining_vccs==0)
     {
       report_success();
       output_graphml(resultt::SAFE, goto_functions);
@@ -583,12 +583,12 @@ void bmct::setup_unwind()
       long uw=unsafe_string2int(val.substr(val.rfind(":")+1));
 
       if(thread_nr_set)
-        symex.set_unwind_thread_loop_limit(thread_nr, id, uw);
+        symex().set_unwind_thread_loop_limit(thread_nr, id, uw);
       else
-        symex.set_unwind_loop_limit(id, uw);
+        symex().set_unwind_loop_limit(id, uw);
     }
   }
 
   if(options.get_option("unwind")!="")
-    symex.set_unwind_limit(options.get_unsigned_int_option("unwind"));
+    symex().set_unwind_limit(options.get_unsigned_int_option("unwind"));
 }
diff --git a/src/cbmc/bmc.h b/src/cbmc/bmc.h
index 25de24f33c6..8aca0d82cea 100644
--- a/src/cbmc/bmc.h
+++ b/src/cbmc/bmc.h
@@ -46,7 +46,6 @@ class bmct:public safety_checkert
     symex_ptr(new symex_bmct(ns, new_symbol_table, equation)),
     prop_conv(_prop_conv),
     ui(ui_message_handlert::uit::PLAIN)
-
   {
     symex.constant_propagation=options.get_bool_option("propagation");
     symex.record_coverage=
@@ -75,22 +74,20 @@ class bmct:public safety_checkert
   }
 
 protected:
+  // for initialization of derived classes
   bmct(
     const optionst &_options,
     const symbol_tablet &_symbol_table,
-    message_handlert &_message_handler,
     prop_convt& _prop_conv,
-    symex_bmct *_symex_ptr):
+    message_handlert &_message_handler):
     safety_checkert(ns, _message_handler),
     options(_options),
     ns(_symbol_table, new_symbol_table),
     equation(ns),
-    symex_ptr(_symex_ptr),
+    symex_ptr(NULL),
     prop_conv(_prop_conv),
-    ui(ui_message_handlert::PLAIN),
-    symex(dynamic_cast<symex_bmct &>(*symex_ptr))
+    ui(ui_message_handlert::PLAIN)
   {
-    symex.constant_propagation=options.get_bool_option("propagation");
   }
 
   const optionst &options;
@@ -151,7 +148,12 @@ class bmct:public safety_checkert
   friend class fault_localizationt;
 
 private:
-  symex_bmct &symex;
+  // We cannot use a reference member here
+  // because the initialization sequence would not be clean (Clang complains)
+  symex_bmct &symex()
+  {
+    return dynamic_cast<symex_bmct &>(*symex_ptr);
+  }
 };
 
 #endif // CPROVER_CBMC_BMC_H
diff --git a/src/cbmc/bmc_incremental.cpp b/src/cbmc/bmc_incremental.cpp
index 367fbf9e115..6a0279097d9 100644
--- a/src/cbmc/bmc_incremental.cpp
+++ b/src/cbmc/bmc_incremental.cpp
@@ -30,13 +30,14 @@ safety_checkert::resultt bmc_incrementalt::step(
   try
   {
     // We count only new assertions.
-    symex.total_vccs=0;
-    symex.remaining_vccs=0;
+    symex().total_vccs=0;
+    symex().remaining_vccs=0;
 
     // perform symbolic execution
     bool symex_done=
-      symex(
-        symex_state,goto_functions,
+      symex()(
+        symex_state,
+        goto_functions,
         goto_functions.function_map.at(goto_functions.entry_point()).body);
 
     // add a partial ordering, if required
@@ -59,7 +60,7 @@ safety_checkert::resultt bmc_incrementalt::step(
       return result;
 
     // any properties to check at all?
-    if(symex.remaining_vccs==0)
+    if(symex().remaining_vccs==0)
     {
       report_success();
       result=safety_checkert::SAFE;
@@ -121,16 +122,16 @@ safety_checkert::resultt bmc_incrementalt::run(
 
     // check unwinding assertions
     if(result==safety_checkert::UNKNOWN &&
-       symex.add_loop_check())
+       symex().add_loop_check())
     {
       resultt loop_check_result=
         stop_on_fail(goto_functions, prop_conv);
       bool earliest_loop_exit=
         options.get_bool_option("earliest-loop-exit");
       if(loop_check_result==SAFE)
-        symex.update_loop_info(earliest_loop_exit ? false : true);
+        symex().update_loop_info(earliest_loop_exit ? false : true);
       else if(loop_check_result==UNSAFE)
-        symex.update_loop_info(earliest_loop_exit ? true : false);
+        symex().update_loop_info(earliest_loop_exit ? true : false);
     }
   }
 
@@ -154,11 +155,11 @@ void bmc_incrementalt::setup_unwind()
   bmct::setup_unwind();
 
   if(options.get_option("unwind-min")!="")
-    symex.incr_min_unwind=options.get_unsigned_int_option("unwind-min");
+    symex().incr_min_unwind=options.get_unsigned_int_option("unwind-min");
   if(options.get_option("unwind-max")!="")
-    symex.incr_max_unwind=options.get_unsigned_int_option("unwind-max");
+    symex().incr_max_unwind=options.get_unsigned_int_option("unwind-max");
   else
-    symex.incr_max_unwind=std::numeric_limits<unsigned>::max();
+    symex().incr_max_unwind=std::numeric_limits<unsigned>::max();
 
   status() << "Using incremental mode" << eom;
   prop_conv.set_all_frozen();
diff --git a/src/cbmc/bmc_incremental.h b/src/cbmc/bmc_incremental.h
index 0ed1a5db311..a7ecf5183ed 100644
--- a/src/cbmc/bmc_incremental.h
+++ b/src/cbmc/bmc_incremental.h
@@ -33,12 +33,13 @@ class bmc_incrementalt:public bmct
     bmct(
       _options,
       _symbol_table,
-      _message_handler,
       _prop_conv,
-      new symex_bmc_incrementalt(ns, new_symbol_table, equation)),
-    goto_functions(_goto_functions),
-    symex(dynamic_cast<symex_bmc_incrementalt &>(*symex_ptr))  
-  {}
+      _message_handler),
+    goto_functions(_goto_functions)
+  {
+    symex_ptr=new symex_bmc_incrementalt(ns, new_symbol_table, equation);
+    symex().constant_propagation=options.get_bool_option("propagation");
+  }
 
   virtual ~bmc_incrementalt() { }
 
@@ -61,7 +62,10 @@ class bmc_incrementalt:public bmct
   virtual void setup_unwind();
 
  private:
-  symex_bmc_incrementalt &symex;
+  symex_bmc_incrementalt &symex()
+  {
+    return dynamic_cast<symex_bmc_incrementalt &>(*symex_ptr);
+  }
 };
 
 #endif
diff --git a/src/cbmc/bmc_incremental_one_loop.cpp b/src/cbmc/bmc_incremental_one_loop.cpp
index 3355d2ce632..0de017cf5b2 100644
--- a/src/cbmc/bmc_incremental_one_loop.cpp
+++ b/src/cbmc/bmc_incremental_one_loop.cpp
@@ -28,12 +28,12 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
   try
   {
     // We count only new assertions.
-    symex.total_vccs=0;
-    symex.remaining_vccs=0;
+    symex().total_vccs=0;
+    symex().remaining_vccs=0;
 
     // perform symbolic execution
     bool symex_done=
-      symex(
+      symex()(
         symex_state,goto_functions,
         goto_functions.function_map.at(goto_functions.entry_point()).body);
 
@@ -63,7 +63,7 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
     resultt result=safety_checkert::UNKNOWN;
 
     // any properties to check at all?
-    if(symex.remaining_vccs==0)
+    if(symex().remaining_vccs==0)
     {
       report_success();
       result=safety_checkert::SAFE;
@@ -144,12 +144,12 @@ void bmc_incremental_one_loopt::setup_unwind()
   bmct::setup_unwind();
 
   if(options.get_option("unwind-min")!="")
-    symex.incr_min_unwind=options.get_unsigned_int_option("unwind-min");
+    symex().incr_min_unwind=options.get_unsigned_int_option("unwind-min");
   if(options.get_option("unwind-max")!="")
-    symex.incr_max_unwind=options.get_unsigned_int_option("unwind-max");
-  symex.ignore_assertions=(symex.incr_min_unwind>=2) &&
+    symex().incr_max_unwind=options.get_unsigned_int_option("unwind-max");
+  symex().ignore_assertions=(symex().incr_min_unwind>=2) &&
     options.get_bool_option("ignore-assertions-before-unwind-min");
-  symex.incr_loop_id=options.get_option("incremental-check");
+  symex().incr_loop_id=options.get_option("incremental-check");
 
   status() << "Using incremental mode" << eom;
   prop_conv.set_all_frozen();
diff --git a/src/cbmc/bmc_incremental_one_loop.h b/src/cbmc/bmc_incremental_one_loop.h
index cdc8f194027..6b709a77d51 100644
--- a/src/cbmc/bmc_incremental_one_loop.h
+++ b/src/cbmc/bmc_incremental_one_loop.h
@@ -34,13 +34,14 @@ class bmc_incremental_one_loopt:public bmct
     bmct(
       _options,
       _symbol_table,
-      _message_handler,
       _prop_conv,
-      new symex_bmc_incremental_one_loopt(
-        ns, new_symbol_table, equation, prop_conv)),
-    goto_functions(_goto_functions),
-    symex(dynamic_cast<symex_bmc_incremental_one_loopt &>(*symex_ptr))
-  {}
+      _message_handler),
+    goto_functions(_goto_functions)
+  {
+    symex_ptr=new symex_bmc_incremental_one_loopt(
+      ns, new_symbol_table, equation, prop_conv);
+    symex().constant_propagation=options.get_bool_option("propagation");
+  }
 
   virtual ~bmc_incremental_one_loopt() {}
 
@@ -63,7 +64,10 @@ class bmc_incremental_one_loopt:public bmct
   virtual void setup_unwind();
 
 private:
-  symex_bmc_incremental_one_loopt &symex;
+  symex_bmc_incremental_one_loopt &symex()
+  {
+    return dynamic_cast<symex_bmc_incremental_one_loopt &>(*symex_ptr);
+  }
 };
 
 #endif

From 783db62abe110f3e305de538fca46e491e7f05fb Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:34:05 +0100
Subject: [PATCH 43/57] linter fixes: white space, assert and reformatting

---
 src/cbmc/all_properties.cpp     |  2 +-
 src/cbmc/bmc_incremental.h      | 15 ++++++++++++---
 src/cbmc/fault_localization.cpp |  1 -
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/cbmc/all_properties.cpp b/src/cbmc/all_properties.cpp
index c68a9d67b89..b9d860808f4 100644
--- a/src/cbmc/all_properties.cpp
+++ b/src/cbmc/all_properties.cpp
@@ -95,7 +95,7 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
       else
         continue;
 
-      //need to convert again as the context of the expression
+      // need to convert again as the context of the expression
       //  may have changed
       it->cond_literal=solver.convert(it->cond_expr);
       goal_map[property_id].instances.push_back(it);
diff --git a/src/cbmc/bmc_incremental.h b/src/cbmc/bmc_incremental.h
index a7ecf5183ed..7be1c3c02cc 100644
--- a/src/cbmc/bmc_incremental.h
+++ b/src/cbmc/bmc_incremental.h
@@ -44,9 +44,18 @@ class bmc_incrementalt:public bmct
   virtual ~bmc_incrementalt() { }
 
   // make public
-  virtual resultt run() { return run(goto_functions); }
-  virtual resultt initialize() { return bmct::initialize(); }
-  virtual resultt step() { return step(goto_functions); }
+  virtual resultt run()
+  {
+	  return run(goto_functions);
+  }
+  virtual resultt initialize()
+  {
+	  return bmct::initialize();
+  }
+  virtual resultt step()
+  {
+	  return step(goto_functions);
+  }
 
 protected:
   const goto_functionst &goto_functions;
diff --git a/src/cbmc/fault_localization.cpp b/src/cbmc/fault_localization.cpp
index fe4bfe92f6f..ae752bfce0f 100644
--- a/src/cbmc/fault_localization.cpp
+++ b/src/cbmc/fault_localization.cpp
@@ -261,7 +261,6 @@ safety_checkert::resultt fault_localizationt::stop_on_fail(bool show_report)
 
     return safety_checkert::resultt::ERROR;
   }
-  assert(false);
 }
 
 void fault_localizationt::goal_covered(

From 8f4e45f013c9142d73b491c92cab211684b74572 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:37:43 +0100
Subject: [PATCH 44/57] align type safety_checkert and message_handlert with
 cbmc master

---
 src/cbmc/bmc.h                              |  2 +-
 src/cbmc/bmc_incremental.cpp                | 22 ++++++++++-----------
 src/cbmc/bmc_incremental_one_loop.cpp       | 18 ++++++++---------
 src/cbmc/symex_bmc_incremental_one_loop.cpp |  2 +-
 src/goto-programs/safety_checker.h          |  2 +-
 5 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/src/cbmc/bmc.h b/src/cbmc/bmc.h
index 8aca0d82cea..75334b89006 100644
--- a/src/cbmc/bmc.h
+++ b/src/cbmc/bmc.h
@@ -86,7 +86,7 @@ class bmct:public safety_checkert
     equation(ns),
     symex_ptr(NULL),
     prop_conv(_prop_conv),
-    ui(ui_message_handlert::PLAIN)
+    ui(ui_message_handlert::uit::PLAIN)
   {
   }
 
diff --git a/src/cbmc/bmc_incremental.cpp b/src/cbmc/bmc_incremental.cpp
index 6a0279097d9..94ff6c197b2 100644
--- a/src/cbmc/bmc_incremental.cpp
+++ b/src/cbmc/bmc_incremental.cpp
@@ -56,14 +56,14 @@ safety_checkert::resultt bmc_incrementalt::step(
     slice();
 
     resultt result=show(goto_functions);
-    if(result!=UNKNOWN)
+    if(result!=safety_checkert::resultt::UNKNOWN)
       return result;
 
     // any properties to check at all?
     if(symex().remaining_vccs==0)
     {
       report_success();
-      result=safety_checkert::SAFE;
+      result=safety_checkert::resultt::SAFE;
     }
     else
     {
@@ -75,26 +75,26 @@ safety_checkert::resultt bmc_incrementalt::step(
 
     resultt term_cond=
       options.get_bool_option("stop-when-unsat") ?
-        safety_checkert::UNSAFE : safety_checkert::SAFE;
-    return result==term_cond && !symex_done ? safety_checkert::UNKNOWN : result;
+        safety_checkert::resultt::UNSAFE : safety_checkert::resultt::SAFE;
+    return result==term_cond && !symex_done ? safety_checkert::resultt::UNKNOWN : result;
   }
 
   catch(std::string &error_str)
   {
     error() << error_str << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   catch(const char *error_str)
   {
     error() << error_str << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   catch(std::bad_alloc)
   {
     error() << "Out of memory" << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   assert(false);
@@ -116,21 +116,21 @@ safety_checkert::resultt bmc_incrementalt::run(
   const goto_functionst &goto_functions)
 {
   safety_checkert::resultt result=initialize();
-  while(result==safety_checkert::UNKNOWN)
+  while(result==safety_checkert::resultt::UNKNOWN)
   {
     result=step();
 
     // check unwinding assertions
-    if(result==safety_checkert::UNKNOWN &&
+    if(result==safety_checkert::resultt::UNKNOWN &&
        symex().add_loop_check())
     {
       resultt loop_check_result=
         stop_on_fail(goto_functions, prop_conv);
       bool earliest_loop_exit=
         options.get_bool_option("earliest-loop-exit");
-      if(loop_check_result==SAFE)
+      if(loop_check_result==safety_checkert::resultt::SAFE)
         symex().update_loop_info(earliest_loop_exit ? false : true);
-      else if(loop_check_result==UNSAFE)
+      else if(loop_check_result==safety_checkert::resultt::UNSAFE)
         symex().update_loop_info(earliest_loop_exit ? true : false);
     }
   }
diff --git a/src/cbmc/bmc_incremental_one_loop.cpp b/src/cbmc/bmc_incremental_one_loop.cpp
index 0de017cf5b2..e4c724c390e 100644
--- a/src/cbmc/bmc_incremental_one_loop.cpp
+++ b/src/cbmc/bmc_incremental_one_loop.cpp
@@ -56,17 +56,17 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
     // do diverse other options
     {
       resultt result=show(goto_functions);
-      if(result!=safety_checkert::UNKNOWN)
+      if(result!=safety_checkert::resultt::UNKNOWN)
         return result;
     }
 
-    resultt result=safety_checkert::UNKNOWN;
+    resultt result=safety_checkert::resultt::UNKNOWN;
 
     // any properties to check at all?
     if(symex().remaining_vccs==0)
     {
       report_success();
-      result=safety_checkert::SAFE;
+      result=safety_checkert::resultt::SAFE;
     }
     else
     {
@@ -78,26 +78,26 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
 
     resultt term_cond=
       options.get_bool_option("stop-when-unsat") ?
-        safety_checkert::UNSAFE : safety_checkert::SAFE;
-    return result==term_cond && !symex_done ? safety_checkert::UNKNOWN : result;
+        safety_checkert::resultt::UNSAFE : safety_checkert::resultt::SAFE;
+    return result==term_cond && !symex_done ? safety_checkert::resultt::UNKNOWN : result;
   }
 
   catch(std::string &error_str)
   {
     error() << error_str << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   catch(const char *error_str)
   {
     error() << error_str << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   catch(std::bad_alloc)
   {
     error() << "Out of memory" << eom;
-    return safety_checkert::ERROR;
+    return safety_checkert::resultt::ERROR;
   }
 
   assert(false);
@@ -119,7 +119,7 @@ safety_checkert::resultt bmc_incremental_one_loopt::run(
   const goto_functionst &goto_functions)
 {
   safety_checkert::resultt result=initialize();
-  while(result==safety_checkert::UNKNOWN)
+  while(result==safety_checkert::resultt::UNKNOWN)
   {
     result=step(goto_functions);
   }
diff --git a/src/cbmc/symex_bmc_incremental_one_loop.cpp b/src/cbmc/symex_bmc_incremental_one_loop.cpp
index da6ab103df7..40081fe6742 100644
--- a/src/cbmc/symex_bmc_incremental_one_loop.cpp
+++ b/src/cbmc/symex_bmc_incremental_one_loop.cpp
@@ -65,7 +65,7 @@ bool symex_bmc_incremental_one_loopt::get_unwind(
   bool abort=unwind>=this_loop_limit;
 
   // report where we are
-  if(ui==ui_message_handlert::XML_UI)
+  if(ui==ui_message_handlert::uit::XML_UI)
   {
     xmlt xml("current-unwinding");
     xml.data=std::to_string(unwind);
diff --git a/src/goto-programs/safety_checker.h b/src/goto-programs/safety_checker.h
index f024d294c0d..4a4e174d3c1 100644
--- a/src/goto-programs/safety_checker.h
+++ b/src/goto-programs/safety_checker.h
@@ -30,7 +30,7 @@ class safety_checkert:public messaget
     message_handlert &_message_handler);
 
 
-  enum class resultt { SAFE, UNSAFE, ERROR };
+  enum class resultt { SAFE, UNSAFE, ERROR , UNKNOWN };
 
   // check whether all assertions in goto_functions are safe
   // if UNSAFE, then a trace is returned

From b1df15260974b9abddb5e8c2be9a0a785322cd1e Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:38:00 +0100
Subject: [PATCH 45/57] incremental BMC changes merged in

- symex() is now a function
- symex became symex_ptr, to fix clang error. Function symex() returns ptr
- bmc.run is now protected
- language_mode() not used for incremental symex
- align incremental with master for option "program-only"
- remove CEGIS folder that was accidentally reintroduced (CEGIS now lives in sep repo)
- fix conflicts in symex_target_equation.cpp
---
 src/cbmc/bmc.cpp                         |  14 +-
 src/cbmc/bmc.h                           |   4 +-
 src/cbmc/cbmc_parse_options.cpp          |   4 +-
 src/cegis/Makefile                       | 146 ---------------------
 src/cegis/cegis-util/cbmc_runner.cpp     | 155 -----------------------
 src/goto-symex/goto_symex.h              |   1 -
 src/goto-symex/symex_goto.cpp            |   4 +-
 src/goto-symex/symex_target_equation.cpp |  15 ---
 8 files changed, 15 insertions(+), 328 deletions(-)
 delete mode 100644 src/cegis/Makefile
 delete mode 100644 src/cegis/cegis-util/cbmc_runner.cpp

diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index 5e8f693823e..5038e3d0141 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -393,7 +393,7 @@ safety_checkert::resultt bmct::initialize()
   {
     const symbolt *init_symbol;
     if(!ns.lookup(CPROVER_PREFIX "initialize", init_symbol))
-      symex.language_mode=init_symbol->mode;
+      symex().language_mode=init_symbol->mode;
   }
 
   status() << "Starting Bounded Model Checking" << eom;
@@ -435,7 +435,7 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
   catch(std::string &error_str)
   {
     messaget message(get_message_handler());
-    message.error().source_location=symex.last_source_location;
+    message.error().source_location=symex().last_source_location;
     message.error() << error_str << messaget::eom;
 
     return safety_checkert::resultt::ERROR;
@@ -444,7 +444,7 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
   catch(const char *error_str)
   {
     messaget message(get_message_handler());
-    message.error().source_location=symex.last_source_location;
+    message.error().source_location=symex().last_source_location;
     message.error() << error_str << messaget::eom;
 
     return safety_checkert::resultt::ERROR;
@@ -466,7 +466,7 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
     // coverage report
     std::string cov_out=options.get_option("symex-coverage-report");
     if(!cov_out.empty() &&
-       symex.output_coverage_report(goto_functions, cov_out))
+       symex().output_coverage_report(goto_functions, cov_out))
     {
       error() << "Failed to write symex coverage report" << eom;
       return safety_checkert::resultt::ERROR;
@@ -502,6 +502,12 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
       return safety_checkert::resultt::SAFE;
     }
 
+    if(options.get_bool_option("program-only"))
+    {
+    	show_program();
+    	return safety_checkert::resultt::SAFE;
+    }
+
   // do all properties
   if(options.get_bool_option("stop-on-fail"))
     return stop_on_fail(goto_functions, prop_conv);
diff --git a/src/cbmc/bmc.h b/src/cbmc/bmc.h
index 75334b89006..7a61ee19290 100644
--- a/src/cbmc/bmc.h
+++ b/src/cbmc/bmc.h
@@ -47,8 +47,8 @@ class bmct:public safety_checkert
     prop_conv(_prop_conv),
     ui(ui_message_handlert::uit::PLAIN)
   {
-    symex.constant_propagation=options.get_bool_option("propagation");
-    symex.record_coverage=
+    symex().constant_propagation=options.get_bool_option("propagation");
+    symex().record_coverage=
       !options.get_option("symex-coverage-report").empty();
   }
 
diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index acd4f4829a9..b09eb2dabc5 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -221,10 +221,8 @@ void cbmc_parse_optionst::get_command_line_options(optionst &options)
   }
   if(cmdline.isset("earliest-loop-exit"))
     options.set_option("earliest-loop-exit", true);
-<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
+
   // heuristic unwinding numbers used for SV-COMP
-=======
->>>>>>> HEAD~15
   if(cmdline.isset("magic-numbers"))
     options.set_option("magic-numbers", true);
 
diff --git a/src/cegis/Makefile b/src/cegis/Makefile
deleted file mode 100644
index f48a3f7ac16..00000000000
--- a/src/cegis/Makefile
+++ /dev/null
@@ -1,146 +0,0 @@
-SRC = danger/meta/meta_variable_names.cpp danger/facade/danger_runner.cpp danger/options/danger_program.cpp \
-      danger/genetic/dynamic_danger_test_runner.cpp \
-      danger/options/danger_program_printer.cpp danger/constraint/danger_constraint_factory.cpp \
-      danger/preprocess/danger_preprocessing.cpp danger/preprocess/store_nondet_choices.cpp \
-      danger/preprocess/add_ranking_and_skolem_variables.cpp danger/symex/learn/add_variable_refs.cpp \
-      danger/symex/learn/add_programs_to_learn.cpp danger/symex/learn/solution_factory.cpp \
-      danger/symex/learn/read_x0.cpp danger/symex/learn/add_x0_placeholders.cpp danger/symex/learn/danger_learn_config.cpp \
-      danger/symex/learn/encoded_danger_learn_config.cpp danger/symex/verify/insert_candidate.cpp danger/symex/verify/restrict_counterexamples.cpp \
-      danger/symex/verify/danger_verify_config.cpp danger/symex/verify/parallel_danger_verifier.cpp \
-      danger/symex/verify/parallel_danger_verify_task.cpp danger/symex/fitness/danger_fitness_config.cpp \
-      safety/options/safety_program.cpp safety/options/safety_program_printer.cpp safety/preprocessing/safety_preprocessing.cpp \
-      safety/genetic/dynamic_safety_test_runner.cpp \
-      safety/meta/meta_variable_names.cpp safety/constraint/safety_constraint_factory.cpp \
-      safety/symex/learn/safety_learn_config.cpp safety/symex/learn/solution_factory.cpp \
-      safety/symex/learn/add_variable_refs.cpp safety/symex/verify/safety_verify_config.cpp \
-      safety/symex/learn/encoded_safety_learn_config.cpp safety/symex/learn/add_counterexamples.cpp \
-      safety/symex/verify/insert_candidate.cpp safety/facade/safety_runner.cpp \
-      safety/symex/fitness/safety_fitness_config.cpp safety/value/safety_goto_ce.cpp \
-      safety/value/individual_to_safety_solution_deserialiser.cpp \
-      invariant/options/invariant_program.cpp invariant/options/target_copy_helper.cpp \
-      invariant/util/copy_instructions.cpp invariant/util/invariant_program_helper.cpp \
-      invariant/util/invariant_constraint_variables.cpp \
-      invariant/constant/add_constant.cpp invariant/constant/default_constant_strategy.cpp \
-      invariant/constant/literals_constant_strategy.cpp invariant/meta/meta_variable_names.cpp \
-      invariant/preprocess/add_invariants_and_temp_variables.cpp invariant/preprocess/remove_loops_and_assertion.cpp \
-      invariant/symex/learn/add_counterexamples.cpp invariant/symex/learn/add_invariant_programs_to_learn.cpp \
-      invariant/symex/learn/instrument_vars.cpp \
-      invariant/symex/learn/replace_operators.cpp invariant/symex/verify/extract_counterexample.cpp \
-      invariant/symex/verify/insert_constraint.cpp invariant/symex/verify/insert_program.cpp \
-      invariant/fitness/concrete_fitness_source_provider.cpp \
-      jsa/facade/jsa_runner.cpp jsa/options/jsa_program.cpp jsa/options/jsa_program_info.cpp \
-      jsa/preprocessing/jsa_preprocessing.cpp jsa/preprocessing/remove_loop.cpp \
-      jsa/preprocessing/add_constraint_meta_variables.cpp jsa/preprocessing/default_jsa_constant_strategy.cpp \
-      jsa/preprocessing/create_temp_variables.cpp jsa/preprocessing/collect_variables.cpp jsa/preprocessing/clone_heap.cpp \
-      jsa/preprocessing/add_synthesis_library.cpp \
-      jsa/learn/jsa_symex_learn.cpp jsa/learn/insert_counterexample.cpp jsa/learn/insert_predicates_and_queries.cpp \
-      jsa/learn/instrument_pred_ops.cpp jsa/learn/execute_jsa_programs.cpp jsa/learn/extract_candidate.cpp \
-      jsa/verify/jsa_symex_verify.cpp jsa/verify/extract_counterexample.cpp jsa/verify/renondet_inputs.cpp \
-      jsa/verify/insert_solution.cpp \
-      jsa/constraint/jsa_constraint_factory.cpp \
-      jsa/converters/solution.cpp jsa/converters/translate_to_goto_program.cpp jsa/converters/replace_operators.cpp \
-      jsa/converters/counterexample.cpp \
-      jsa/instrument/jsa_meta_data.cpp jsa/instrument/temps_helper.cpp \
-      jsa/value/jsa_solution.cpp jsa/value/jsa_solution_printer.cpp jsa/value/jsa_types.cpp \
-      jsa/value/default_solution.cpp jsa/value/jsa_counterexample_printer.cpp \
-      jsa/genetic/jsa_source_provider.cpp jsa/genetic/dynamic_jsa_test_runner.cpp jsa/genetic/random_jsa_mutate.cpp \
-      jsa/genetic/random_jsa_cross.cpp jsa/genetic/jsa_genetic_convert.cpp jsa/genetic/jsa_random.cpp \
-      jsa/genetic/solution_helper.cpp jsa/genetic/jsa_serialiser.cpp jsa/genetic/jsa_paragon_wrapper.cpp \
-      control/facade/control_runner.cpp \
-      control/preprocessing/control_preprocessing.cpp control/preprocessing/propagate_controller_sizes.cpp \
-      control/options/control_program.cpp \
-      control/learn/control_symex_learn.cpp control/learn/nondet_solution.cpp \
-      control/simplify/remove_unused_elements.cpp \
-      control/verify/control_symex_verify.cpp control/verify/insert_solution.cpp \
-      control/value/float_helper.cpp control/value/control_types.cpp \
-      refactor/environment/instrument_state_vars.cpp \
-      refactor/instructionset/create_cegis_processor.cpp refactor/instructionset/execute_cegis_program.cpp \
-      refactor/instructionset/processor_types.cpp refactor/instructionset/cegis_processor_body_factory.cpp \
-      refactor/instructionset/instruction_description.cpp refactor/instructionset/cegis_instruction_factory.cpp \
-      refactor/instructionset/processor_symbols.cpp \
-      refactor/constraint/constraint_factory.cpp \
-      refactor/preprocessing/refactor_preprocessing.cpp refactor/preprocessing/collect_counterexamples.cpp \
-      refactor/learn/refactor_symex_learn.cpp refactor/learn/instrument_counterexamples.cpp \
-      refactor/learn/refactor_candidate_printer.cpp \
-      refactor/verify/refactor_symex_verify.cpp \
-      refactor/facade/refactor_runner.cpp \
-      refactor/options/refactoring_type.cpp refactor/options/refactor_program.cpp \
-      refactor/nullobject/range_collector.cpp refactor/nullobject/nullable_analysis.cpp \
-      wordsize/restrict_bv_size.cpp value/program_individual_serialisation.cpp value/assignments_printer.cpp \
-      seed/literals_seed.cpp \
-      genetic/instruction_set_info_factory.cpp genetic/random_mutate.cpp genetic/random_cross.cpp \
-      genetic/random_individual.cpp genetic/genetic_constant_strategy.cpp instructions/instruction_set_factory.cpp \
-      genetic/dynamic_test_runner_helper.cpp genetic/genetic_settings.cpp \
-      genetic/serialise_individual.cpp genetic/program_individual_test_runner_helper.cpp \
-      cegis-util/task_pool.cpp cegis-util/constant_width.cpp cegis-util/irep_pipe.cpp cegis-util/program_helper.cpp \
-      cegis-util/temporary_output_block.cpp cegis-util/cbmc_runner.cpp cegis-util/module_helper.cpp \
-      cegis-util/inline_user_program.cpp cegis-util/counterexample_vars.cpp cegis-util/string_helper.cpp \
-      cegis-util/instruction_iterator.cpp cegis-util/type_helper.cpp \
-      learn/insert_counterexample.cpp learn/constraint_helper.cpp \
-      constant/add_constant.cpp constant/literals_collector.cpp constant/default_cegis_constant_strategy.cpp \
-      instrument/cegis_library.cpp instrument/instrument_var_ops.cpp instrument/meta_variables.cpp \
-      instrument/find_cprover_initialize.cpp \
-      runner/cegis_parse_options.cpp runner/cegis_main.cpp runner/cegis_languages.cpp
-
-OBJ += ../ansi-c/ansi-c$(LIBEXT) \
-      ../cpp/cpp$(LIBEXT) \
-      ../java_bytecode/java_bytecode$(LIBEXT) \
-      ../linking/linking$(LIBEXT) \
-      ../big-int/big-int$(LIBEXT) \
-      ../goto-programs/goto-programs$(LIBEXT) \
-      ../goto-symex/goto-symex$(LIBEXT) \
-      ../pointer-analysis/value_set$(OBJEXT) \
-      ../pointer-analysis/value_set_analysis_fi$(OBJEXT) \
-      ../pointer-analysis/value_set_domain_fi$(OBJEXT) \
-      ../pointer-analysis/value_set_fi$(OBJEXT) \
-      ../pointer-analysis/value_set_dereference$(OBJEXT) \
-      ../pointer-analysis/dereference_callback$(OBJEXT) \
-      ../pointer-analysis/add_failed_symbols$(OBJEXT) \
-      ../pointer-analysis/rewrite_index$(OBJEXT) \
-      ../pointer-analysis/goto_program_dereference$(OBJEXT) \
-      ../goto-instrument/full_slicer$(OBJEXT) \
-      ../analyses/analyses$(LIBEXT) \
-      ../langapi/langapi$(LIBEXT) \
-      ../xmllang/xmllang$(LIBEXT) \
-      ../assembler/assembler$(LIBEXT) \
-      ../solvers/solvers$(LIBEXT) \
-      ../util/util$(LIBEXT) \
-      ../goto-instrument/dump_c$(OBJEXT) ../goto-instrument/goto_program2code$(OBJEXT) \
-      ../goto-instrument/nondet_static$(OBJEXT) ../goto-instrument/cover$(OBJEXT) \
-      ../cbmc/cbmc_parse_options$(OBJEXT) ../cbmc/cbmc_solvers$(OBJEXT) \
-      ../cbmc/bmc$(OBJEXT) ../cbmc/bmc_incremental$(OBJEXT) ../cbmc/bmc_incremental_one_loop$(OBJEXT) \
-      ../cbmc/symex_bmc$(OBJEXT) ../cbmc/symex_bmc_incremental$(OBJEXT) \
-      ../cbmc/symex_bmc_incremental_one_loop$(OBJEXT) \
-       ../cbmc/xml_interface$(OBJEXT) ../cbmc/bmc_cover$(OBJEXT) \
-      ../cbmc/bv_cbmc$(OBJEXT) ../cbmc/counterexample_beautification$(OBJEXT) \
-      ../cbmc/show_vcc$(OBJEXT) \
-      ../cbmc/cbmc_dimacs$(OBJEXT) ../cbmc/all_properties$(OBJEXT) \
-      ../cbmc/fault_localization$(OBJEXT)
-
-INCLUDES= -I ..
-
-include ../config.inc
-include ../common
-
-ifeq ($(filter-out Unix MinGW Cygwin OSX OSX_Universal,$(BUILD_ENV_)),)
-  DLFCN_LINKFLAGS = -ldl
-endif
-
-LIBS = $(DLFCN_LINKFLAGS)
-
-CLEANFILES = cegis$(EXEEXT)
-
-all: cegis$(EXEEXT)
-
-ifneq ($(wildcard ../java_bytecode/Makefile),)
-  OBJ += ../java_bytecode/java_bytecode$(LIBEXT)
-  CP_CXXFLAGS += -DHAVE_JAVA_BYTECODE
-  ifneq ($(wildcard $(LIBZIPINC)),)
-    LIBS += $(LIBZIPLIB)
-  endif
-endif
-
-###############################################################################
-
-cegis$(EXEEXT): $(OBJ)
-	$(LINKBIN)
diff --git a/src/cegis/cegis-util/cbmc_runner.cpp b/src/cegis/cegis-util/cbmc_runner.cpp
deleted file mode 100644
index dc6badb40a2..00000000000
--- a/src/cegis/cegis-util/cbmc_runner.cpp
+++ /dev/null
@@ -1,155 +0,0 @@
-#include <algorithm>
-#include <functional>
-
-#include <util/config.h>
-#include <util/substitute.h>
-
-#include <cbmc/cbmc_parse_options.h>
-#include <cbmc/bmc.h>
-
-#include <goto-programs/goto_trace.h>
-#include <goto-programs/write_goto_binary.h>
-
-#include <cegis/options/parameters.h>
-#include <cegis/cegis-util/temporary_output_block.h>
-#include <cegis/cegis-util/cbmc_runner.h>
-
-#define ARGV_MAX_SIZE 5u
-
-namespace
-{
-bool exists(const std::string &name)
-{
-  return std::ifstream(name).good();
-}
-
-std::string get_goto_file_name(const size_t index)
-{
-  std::string name("cbmc_runner-");
-  name+=std::to_string(index);
-  return name+=".exe";
-}
-
-std::string get_next_goto_file_name()
-{
-  size_t index=0;
-  while (exists(get_goto_file_name(index)))
-    ++index;
-  return get_goto_file_name(index);
-}
-
-bool is_gcc()
-{
-  return configt::ansi_ct::flavourt::GCC == config.ansi_c.mode;
-}
-
-std::vector<std::string> get_args()
-{
-  std::vector<std::string> result= { "cbmc", "--stop-on-fail" };
-  if (is_gcc()) result.push_back("--gcc");
-  return result;
-}
-
-std::vector<const char *> get_argv(const std::vector<std::string> &args)
-{
-  std::vector<const char *> result;
-  std::transform(args.begin(), args.end(), std::back_inserter(result),
-      std::mem_fun_ref(&std::string::c_str));
-  return result;
-}
-
-class args_providert
-{
-  const std::vector<std::string> args;
-  std::vector<const char *> arg_ref;
-public:
-  args_providert() :
-      args(get_args()), arg_ref(get_argv(args))
-  {
-  }
-
-  int argc()
-  {
-    return arg_ref.size();
-  }
-
-  const char * *argv()
-  {
-    return arg_ref.data();
-  }
-};
-
-class cbmc_runnert: public args_providert, public cbmc_parse_optionst
-{
-  const symbol_tablet &st;
-  const goto_functionst &gf;
-  cbmc_resultt &result;
-  safety_checkert::resultt bmc_result;
-  const bool keep_goto_programs;
-
-public:
-  cbmc_runnert(const symbol_tablet &st, const goto_functionst &gf,
-      cbmc_resultt &result, const bool keep_goto_programs) :
-      cbmc_parse_optionst(argc(), argv()), st(st), gf(gf), result(result), bmc_result(
-          safety_checkert::UNSAFE), keep_goto_programs(keep_goto_programs)
-  {
-  }
-
-  virtual ~cbmc_runnert()=default;
-
-  virtual int get_goto_program(const optionst &options, bmct &bmc,
-      goto_functionst &goto_functions)
-  {
-    symbol_table.clear();
-    symbol_table=st;
-    goto_functions.clear();
-    goto_functions.copy_from(gf);
-    if (process_goto_program(options, goto_functions)) return 6;
-    if (keep_goto_programs)
-    {
-      const std::string path(get_next_goto_file_name());
-      message_handlert &msg=get_message_handler();
-      write_goto_binary(path, symbol_table, goto_functions, msg);
-    }
-
-    return -1;
-  }
-
-  int do_bmc(bmct &bmc, const goto_functionst &goto_functions)
-  {
-    bmc.set_ui(get_ui());
-    result.symbol_table.clear();
-    result.symbol_table=symbol_table;
-    result.goto_functions.clear();
-    result.goto_functions.copy_from(goto_functions);
-    bmc_result=bmc(result.goto_functions);
-    result.trace=bmc.safety_checkert::error_trace;
-    return 0;
-  }
-
-  safety_checkert::resultt get_bmc_result() const
-  {
-    return bmc_result;
-  }
-};
-}
-
-safety_checkert::resultt run_cbmc(const symbol_tablet &st,
-    const goto_functionst &gf, cbmc_resultt &cbmc_result,
-    const bool keep_goto_programs)
-{
-  const temporary_output_blockt disable_output;
-  cbmc_runnert runner(st, gf, cbmc_result, keep_goto_programs);
-  const int result=runner.main();
-  disable_output.release();
-  if (EXIT_SUCCESS != result)
-    throw std::runtime_error("cbmc_runner.cbmc-execution-failed");
-  return runner.get_bmc_result();
-}
-
-safety_checkert::resultt run_cbmc(const symbol_tablet &st,
-    const goto_functionst &gf, cbmc_resultt &cbmc_result, const optionst &o)
-{
-  return run_cbmc(st, gf, cbmc_result,
-      o.get_bool_option(CEGIS_KEEP_GOTO_PROGRAMS));
-}
diff --git a/src/goto-symex/goto_symex.h b/src/goto-symex/goto_symex.h
index 5152d19c290..0a0eb27f376 100644
--- a/src/goto-symex/goto_symex.h
+++ b/src/goto-symex/goto_symex.h
@@ -52,7 +52,6 @@ class goto_symext
     remaining_vccs(0),
     constant_propagation(true),
     new_symbol_table(_new_symbol_table),
-    language_mode(),
     ignore_assertions(false),
     ns(_ns),
     target(_target),
diff --git a/src/goto-symex/symex_goto.cpp b/src/goto-symex/symex_goto.cpp
index 7173f4fcbc6..c2246c080ce 100644
--- a/src/goto-symex/symex_goto.cpp
+++ b/src/goto-symex/symex_goto.cpp
@@ -90,7 +90,7 @@ bool goto_symext::symex_goto(statet &state)
 
       // next instruction
       state.source.pc++;
-      return;
+      return false; //I'm not sure if this is right..
     }
 
     goto_symex_statet::framet::loop_infot &loop_info=
@@ -140,7 +140,7 @@ bool goto_symext::symex_goto(statet &state)
     if(state_pc==goto_target)
     {
       state.source.pc=goto_target;
-      return; // nothing else to do
+      return false; // nothing else to do
     }
   }
   else
diff --git a/src/goto-symex/symex_target_equation.cpp b/src/goto-symex/symex_target_equation.cpp
index 88acb2625ae..27a39892bbd 100644
--- a/src/goto-symex/symex_target_equation.cpp
+++ b/src/goto-symex/symex_target_equation.cpp
@@ -736,21 +736,6 @@ void symex_target_equationt::SSA_stept::output(
   case goto_trace_stept::typet::DECL:
     out << "DECL" << '\n';
     out << from_expr(ns, "", ssa_lhs) << '\n';
-/*
-  case goto_trace_stept::ASSERT:
-    out << "ASSERT " << from_expr(ns, "", cond_expr) << std::endl;
-    break;
-  case goto_trace_stept::ASSUME:
-    out << "ASSUME " << from_expr(ns, "", cond_expr) << std::endl;
-    break;
-  case goto_trace_stept::LOCATION: out << "LOCATION" << std::endl; break;
-  case goto_trace_stept::INPUT: out << "INPUT" << std::endl; break;
-  case goto_trace_stept::OUTPUT: out << "OUTPUT" << std::endl; break;
-
-  case goto_trace_stept::DECL:
-    out << "DECL" << std::endl;
-    out << from_expr(ns, "", ssa_lhs) << std::endl;
- HEAD~2*/
     break;
 
   case goto_trace_stept::typet::ASSIGNMENT:

From 00c9df9adc9b71c7fde321a800dbf38cbed49c9a Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:42:18 +0100
Subject: [PATCH 46/57] rearrange includes

---
 src/cbmc/bmc_incremental_one_loop.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/cbmc/bmc_incremental_one_loop.h b/src/cbmc/bmc_incremental_one_loop.h
index 6b709a77d51..988c5a8b1a3 100644
--- a/src/cbmc/bmc_incremental_one_loop.h
+++ b/src/cbmc/bmc_incremental_one_loop.h
@@ -13,14 +13,14 @@ Author: Peter Schrammel, Daniel Kroening, kroening@kroening.com
 #include <map>
 
 #include <util/options.h>
-
 #include <solvers/prop/prop_conv.h>
 #include <goto-symex/symex_target_equation.h>
+#include <goto-symex/memory_model.h>
 
 #include "symex_bmc_incremental_one_loop.h"
 #include "bv_cbmc.h"
 #include "bmc.h"
-#include <goto-symex/memory_model.h>
+
 
 class bmc_incremental_one_loopt:public bmct
 {

From 4c5c5039bc87ee484b69d734a99a20f8de0ba7b4 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:43:37 +0100
Subject: [PATCH 47/57] fix regression tests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

test.desc did not match with output
Function5 - actual wording is “pointer outside object bounds”
Pointer_byte_extract5 - 1 of 11 fail, not 1 of 9
---
 regression/cbmc-with-incr/Function5/test.desc             | 2 +-
 regression/cbmc-with-incr/Pointer_byte_extract5/test.desc | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/regression/cbmc-with-incr/Function5/test.desc b/regression/cbmc-with-incr/Function5/test.desc
index f6388408eb1..3813c5fb2e7 100644
--- a/regression/cbmc-with-incr/Function5/test.desc
+++ b/regression/cbmc-with-incr/Function5/test.desc
@@ -4,7 +4,7 @@ main.c
 ^SIGNAL=0$
 ^EXIT=10$
 ^Counterexample:$
-^  dereference failure: object bounds in .*$
+^  dereference failure: pointer outside object bounds in .*$
 ^VERIFICATION FAILED$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
index 83d480509b3..16660374c9e 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties --bounds-check --32
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.array_bounds\.5\] array.List upper bound in .*: FAILURE$
-^\*\* 1 of 9 failed (2 iterations)$
+^\[main\.array_bounds\.7\] array.List upper bound in .*: FAILURE$
+^\*\* 1 of 11 failed (2 iterations)$
 --
 ^warning: ignoring

From 269acea769bf68fcd2544ada6324a32fcc7d2313 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 25 May 2017 14:49:54 +0100
Subject: [PATCH 48/57] magic numbers comment

---
 src/cbmc/symex_bmc_incremental.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cbmc/symex_bmc_incremental.cpp b/src/cbmc/symex_bmc_incremental.cpp
index 467f2fb6488..e62cff27136 100644
--- a/src/cbmc/symex_bmc_incremental.cpp
+++ b/src/cbmc/symex_bmc_incremental.cpp
@@ -44,7 +44,7 @@ symex_bmc_incrementalt::symex_bmc_incrementalt(
   magic_numbers.insert(200);
   magic_numbers.insert(1025);
 }
-
+// magic numbers are heuristic unwinding numbers used for SV_COMP
 /*******************************************************************\
 
 Function: symex_bmc_incrementalt::get_unwind

From 8761a865a754b0a6c37fa8b0b090b242f0d96d53 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Fri, 26 May 2017 09:27:56 +0100
Subject: [PATCH 49/57] fix based on linter output

---
 src/cbmc/all_properties.cpp           | 2 +-
 src/cbmc/bmc.cpp                      | 1 -
 src/cbmc/bmc_incremental.cpp          | 3 ++-
 src/cbmc/bmc_incremental.h            | 6 +++---
 src/cbmc/bmc_incremental_one_loop.cpp | 5 +++--
 src/cbmc/cbmc_parse_options.cpp       | 4 ++--
 src/cbmc/symex_bmc.cpp                | 1 -
 src/cbmc/symex_bmc_incremental.cpp    | 4 ++--
 src/goto-symex/symex_goto.cpp         | 7 ++++---
 9 files changed, 17 insertions(+), 16 deletions(-)

diff --git a/src/cbmc/all_properties.cpp b/src/cbmc/all_properties.cpp
index b9d860808f4..dffed8e6993 100644
--- a/src/cbmc/all_properties.cpp
+++ b/src/cbmc/all_properties.cpp
@@ -106,7 +106,7 @@ safety_checkert::resultt bmc_all_propertiest::operator()()
 
   cover_goalst cover_goals(solver);
 
-  //set activation literal for incremental checking
+  // set activation literal for incremental checking
   cover_goals.activation_literal=bmc.equation.current_activation_literal();
 
 #if 0
diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index 5038e3d0141..8e325c4b3f7 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -384,7 +384,6 @@ safety_checkert::resultt bmct::initialize()
     error() << "Invalid memory model " << mm
             << " -- use one of sc, tso, pso" << eom;
     return safety_checkert::resultt::ERROR;
-
   }
 
   symex().set_message_handler(get_message_handler());
diff --git a/src/cbmc/bmc_incremental.cpp b/src/cbmc/bmc_incremental.cpp
index 94ff6c197b2..a0b9a0154e1 100644
--- a/src/cbmc/bmc_incremental.cpp
+++ b/src/cbmc/bmc_incremental.cpp
@@ -76,7 +76,8 @@ safety_checkert::resultt bmc_incrementalt::step(
     resultt term_cond=
       options.get_bool_option("stop-when-unsat") ?
         safety_checkert::resultt::UNSAFE : safety_checkert::resultt::SAFE;
-    return result==term_cond && !symex_done ? safety_checkert::resultt::UNKNOWN : result;
+    return result==term_cond && !symex_done ?
+      safety_checkert::resultt::UNKNOWN : result;
   }
 
   catch(std::string &error_str)
diff --git a/src/cbmc/bmc_incremental.h b/src/cbmc/bmc_incremental.h
index 7be1c3c02cc..f4acd0542e1 100644
--- a/src/cbmc/bmc_incremental.h
+++ b/src/cbmc/bmc_incremental.h
@@ -46,15 +46,15 @@ class bmc_incrementalt:public bmct
   // make public
   virtual resultt run()
   {
-	  return run(goto_functions);
+    return run(goto_functions);
   }
   virtual resultt initialize()
   {
-	  return bmct::initialize();
+    return bmct::initialize();
   }
   virtual resultt step()
   {
-	  return step(goto_functions);
+    return step(goto_functions);
   }
 
 protected:
diff --git a/src/cbmc/bmc_incremental_one_loop.cpp b/src/cbmc/bmc_incremental_one_loop.cpp
index e4c724c390e..60c28ae18f3 100644
--- a/src/cbmc/bmc_incremental_one_loop.cpp
+++ b/src/cbmc/bmc_incremental_one_loop.cpp
@@ -34,7 +34,7 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
     // perform symbolic execution
     bool symex_done=
       symex()(
-        symex_state,goto_functions,
+        symex_state, goto_functions,
         goto_functions.function_map.at(goto_functions.entry_point()).body);
 
     // add a partial ordering, if required
@@ -79,7 +79,8 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
     resultt term_cond=
       options.get_bool_option("stop-when-unsat") ?
         safety_checkert::resultt::UNSAFE : safety_checkert::resultt::SAFE;
-    return result==term_cond && !symex_done ? safety_checkert::resultt::UNKNOWN : result;
+    return result==term_cond && !symex_done ?
+      safety_checkert::resultt::UNKNOWN : result;
   }
 
   catch(std::string &error_str)
diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index b09eb2dabc5..e9653cbb78b 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -1174,8 +1174,8 @@ void cbmc_parse_optionst::help()
     " --yices                      use Yices\n"
     " --z3                         use Z3\n"
     " --refine                     use refinement procedure (experimental)\n"
-    " --refine-arrays              use refinement procedure for arrays (experimental)\n"
-    " --refine-arithmetic          use refinement procedure for arithmetic (experimental)\n"
+    " --refine-arrays              use refinement procedure for arrays (experimental)\n"// NOLINT(*)
+    " --refine-arithmetic          use refinement procedure for arithmetic (experimental)\n"// NOLINT(*)
     " --outfile filename           output formula to given file\n"
     " --arrays-uf-never            never turn arrays into uninterpreted functions\n" // NOLINT(*)
     " --arrays-uf-always           always turn arrays into uninterpreted functions\n" // NOLINT(*)
diff --git a/src/cbmc/symex_bmc.cpp b/src/cbmc/symex_bmc.cpp
index 86a4f87259d..ba83ff20443 100644
--- a/src/cbmc/symex_bmc.cpp
+++ b/src/cbmc/symex_bmc.cpp
@@ -102,7 +102,6 @@ void symex_bmct::merge_goto(
      // branches only, no single-successor goto
      !prev_pc->guard.is_true())
     symex_coverage.covered(prev_pc, state.source.pc);
-
 }
 
 bool symex_bmct::get_unwind(
diff --git a/src/cbmc/symex_bmc_incremental.cpp b/src/cbmc/symex_bmc_incremental.cpp
index e62cff27136..a5fd8bceb42 100644
--- a/src/cbmc/symex_bmc_incremental.cpp
+++ b/src/cbmc/symex_bmc_incremental.cpp
@@ -202,7 +202,7 @@ bool symex_bmc_incrementalt::check_break(
 #if 0
   std::cout << "loop limit for " << id
             << (loop_limits.find(id)!=loop_limits.end() ?
-               " exists" : " does not exist") << std::endl;
+               " exists" : " does not exist") << "\n";
 #endif
 
   loop_limitst &this_thread_limits=
@@ -211,7 +211,7 @@ bool symex_bmc_incrementalt::check_break(
      loop_limits.find(id)==loop_limits.end())
   {
 #if 0
-    std::cout << "not statically unwound" << std::endl;
+    std::cout << "not statically unwound \n";
     // not a statically unwound loop when --incremental
 #endif
 
diff --git a/src/goto-symex/symex_goto.cpp b/src/goto-symex/symex_goto.cpp
index c2246c080ce..e32893c1b0c 100644
--- a/src/goto-symex/symex_goto.cpp
+++ b/src/goto-symex/symex_goto.cpp
@@ -35,7 +35,8 @@ bool goto_symext::symex_goto(statet &state)
 
   const irep_idt loop_id=goto_programt::loop_id(state.source.pc);
 
-  // Testing for "is_false", we need to explicitly simplify despite "no-simplify".
+  // Testing for "is_false":
+  // we need to explicitly simplify despite "no-simplify".
   const exprt incr_test_guard=simplify_expr(old_guard, ns);
   if(incr_test_guard.is_false() || new_guard.is_false() ||
      state.guard.is_false())
@@ -90,7 +91,7 @@ bool goto_symext::symex_goto(statet &state)
 
       // next instruction
       state.source.pc++;
-      return false; //I'm not sure if this is right..
+      return false;
     }
 
     goto_symex_statet::framet::loop_infot &loop_info=
@@ -117,7 +118,7 @@ bool goto_symext::symex_goto(statet &state)
 
     if(new_guard.is_true()) // continue looping
     {
-      bool do_break=check_break(loop_id,false,state,new_guard,unwind);
+      bool do_break=check_break(loop_id, false, state, new_guard, unwind);
       state.source.pc=goto_target;
       return do_break;
     }

From b7b5fdf8b9d3452f771e86d53cf1ab06326a38ce Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Wed, 31 May 2017 11:37:28 +0100
Subject: [PATCH 50/57] fix compile errors caused by merge

---
 src/cbmc/cbmc_parse_options.cpp | 21 ---------------------
 src/cbmc/cbmc_parse_options.h   |  5 ++---
 2 files changed, 2 insertions(+), 24 deletions(-)

diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index e9653cbb78b..c9ec4020783 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -584,27 +584,6 @@ int cbmc_parse_optionst::doit()
   if(options.get_bool_option("java-unwind-enum-static"))
     remove_static_init_loops(symbol_table, goto_functions, options);
 
-  // get solver
-  cbmc_solverst cbmc_solvers(options, symbol_table, ui_message_handler);
-  cbmc_solvers.set_ui(get_ui());
-
-  std::unique_ptr<cbmc_solverst::solvert> cbmc_solver;
-
-  try
-  {
-    cbmc_solver=cbmc_solvers.get_solver();
-  }
-
-  catch(const char *error_msg)
-  {
-    error() << error_msg << eom;
-    return 1; // should contemplate EX_SOFTWARE from sysexits.h
-  }
-
-  prop_convt &prop_conv=cbmc_solver->prop_conv();
-
-  bmct bmc(options, symbol_table, ui_message_handler, prop_conv);
-
   // do actual BMC
   return do_bmc(*bmc, goto_functions);
 }
diff --git a/src/cbmc/cbmc_parse_options.h b/src/cbmc/cbmc_parse_options.h
index be65007a5ee..50ba729eced 100644
--- a/src/cbmc/cbmc_parse_options.h
+++ b/src/cbmc/cbmc_parse_options.h
@@ -108,12 +108,11 @@ class cbmc_parse_optionst:
 
   void eval_verbosity();
 
-  // get any additional stuff before finalizing the goto program
-  virtual int get_modules(expr_listt &bmc_constraints)
-
   bool options_exclusive(const char *opt1, const char *opt2);
   bool options_inclusive(const char *opt1, const char *opt2);
 
+  // get any additional stuff before finalizing the goto program
+  virtual int get_modules(expr_listt &bmc_constraints)
   {
     return -1; // continue
   }

From db177692c77ea601785fb2fc3e93d56ebfb3c6b1 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Wed, 31 May 2017 13:49:40 +0100
Subject: [PATCH 51/57] move try-catch statement

Previously not catching errors caused by too many variables thrown in
bv_pointers.cpp add_addr()
---
 src/cbmc/bmc.cpp | 50 +++++++++++++++++++++++++-----------------------
 1 file changed, 26 insertions(+), 24 deletions(-)

diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index 8e325c4b3f7..b1303b6f366 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -430,30 +430,6 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
       memory_model->set_message_handler(get_message_handler());
       (*memory_model)(equation);
     }
-  }
-  catch(std::string &error_str)
-  {
-    messaget message(get_message_handler());
-    message.error().source_location=symex().last_source_location;
-    message.error() << error_str << messaget::eom;
-
-    return safety_checkert::resultt::ERROR;
-  }
-
-  catch(const char *error_str)
-  {
-    messaget message(get_message_handler());
-    message.error().source_location=symex().last_source_location;
-    message.error() << error_str << messaget::eom;
-
-    return safety_checkert::resultt::ERROR;
-  }
-
-  catch(std::bad_alloc)
-  {
-    error() << "Out of memory" << eom;
-    return safety_checkert::resultt::ERROR;
-  }
 
   statistics() << "size of program expression: "
                << equation.SSA_steps.size()
@@ -512,6 +488,32 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
     return stop_on_fail(goto_functions, prop_conv);
   else
     return all_properties(goto_functions, prop_conv);
+  }
+  catch(std::string &error_str)
+    {
+      messaget message(get_message_handler());
+      message.error().source_location=symex().last_source_location;
+      message.error() << error_str << messaget::eom;
+
+      return safety_checkert::resultt::ERROR;
+    }
+
+    catch(const char *error_str)
+    {
+      messaget message(get_message_handler());
+      message.error().source_location=symex().last_source_location;
+      message.error() << error_str << messaget::eom;
+
+      return safety_checkert::resultt::ERROR;
+    }
+
+    catch(std::bad_alloc)
+    {
+      error() << "Out of memory" << eom;
+      return safety_checkert::resultt::ERROR;
+    }
+
+
 }
 
 

From 6b6d3eb3604b2eb291038b641fe60b2b506ab67b Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Tue, 13 Jun 2017 11:24:31 +0100
Subject: [PATCH 52/57] Fix coverage error for incremental mode

---
 src/solvers/prop/cover_goals.cpp | 3 +--
 src/solvers/prop/cover_goals.h   | 1 +
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/solvers/prop/cover_goals.cpp b/src/solvers/prop/cover_goals.cpp
index 219e1d6a9ba..7695f789bb3 100644
--- a/src/solvers/prop/cover_goals.cpp
+++ b/src/solvers/prop/cover_goals.cpp
@@ -47,9 +47,8 @@ void cover_goalst::constraint()
   exprt::operandst disjuncts;
 
   // cover at least one unknown goal
-
   disjuncts.push_back(literal_exprt(activation_literal));
-   
+
   for(std::list<goalt>::const_iterator
       g_it=goals.begin();
       g_it!=goals.end();
diff --git a/src/solvers/prop/cover_goals.h b/src/solvers/prop/cover_goals.h
index 9416bca5817..ae6301740aa 100644
--- a/src/solvers/prop/cover_goals.h
+++ b/src/solvers/prop/cover_goals.h
@@ -22,6 +22,7 @@ class cover_goalst:public messaget
 {
 public:
   explicit cover_goalst(prop_convt &_prop_conv):
+    activation_literal(const_literal(false)),
     prop_conv(_prop_conv)
   {
   }

From d6fca94399e6bf5b55555f85f3926fbd06048f1c Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Wed, 14 Jun 2017 17:39:41 +0100
Subject: [PATCH 53/57] formatting for linter removed tabs and whitespace,
 removed lines accidentally added in merge

---
 src/cbmc/bmc.cpp                      | 4 ++--
 src/cbmc/bmc_incremental.cpp          | 2 --
 src/cbmc/bmc_incremental_one_loop.cpp | 2 --
 src/cbmc/cbmc_parse_options.cpp       | 2 --
 src/goto-symex/build_goto_trace.cpp   | 4 ++--
 src/goto-symex/goto_symex.h           | 8 ++++----
 src/goto-symex/symex_goto.cpp         | 2 +-
 7 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/src/cbmc/bmc.cpp b/src/cbmc/bmc.cpp
index b1303b6f366..02f6b6e0d71 100644
--- a/src/cbmc/bmc.cpp
+++ b/src/cbmc/bmc.cpp
@@ -479,8 +479,8 @@ safety_checkert::resultt bmct::step(const goto_functionst &goto_functions)
 
     if(options.get_bool_option("program-only"))
     {
-    	show_program();
-    	return safety_checkert::resultt::SAFE;
+      show_program();
+      return safety_checkert::resultt::SAFE;
     }
 
   // do all properties
diff --git a/src/cbmc/bmc_incremental.cpp b/src/cbmc/bmc_incremental.cpp
index a0b9a0154e1..a71dcc3d8f3 100644
--- a/src/cbmc/bmc_incremental.cpp
+++ b/src/cbmc/bmc_incremental.cpp
@@ -97,8 +97,6 @@ safety_checkert::resultt bmc_incrementalt::step(
     error() << "Out of memory" << eom;
     return safety_checkert::resultt::ERROR;
   }
-
-  assert(false);
 }
 
 /*******************************************************************\
diff --git a/src/cbmc/bmc_incremental_one_loop.cpp b/src/cbmc/bmc_incremental_one_loop.cpp
index 60c28ae18f3..a1ae74ffea5 100644
--- a/src/cbmc/bmc_incremental_one_loop.cpp
+++ b/src/cbmc/bmc_incremental_one_loop.cpp
@@ -100,8 +100,6 @@ safety_checkert::resultt bmc_incremental_one_loopt::step(
     error() << "Out of memory" << eom;
     return safety_checkert::resultt::ERROR;
   }
-
-  assert(false);
 }
 
 /*******************************************************************\
diff --git a/src/cbmc/cbmc_parse_options.cpp b/src/cbmc/cbmc_parse_options.cpp
index c9ec4020783..ee333f2aac0 100644
--- a/src/cbmc/cbmc_parse_options.cpp
+++ b/src/cbmc/cbmc_parse_options.cpp
@@ -1153,8 +1153,6 @@ void cbmc_parse_optionst::help()
     " --yices                      use Yices\n"
     " --z3                         use Z3\n"
     " --refine                     use refinement procedure (experimental)\n"
-    " --refine-arrays              use refinement procedure for arrays (experimental)\n"// NOLINT(*)
-    " --refine-arithmetic          use refinement procedure for arithmetic (experimental)\n"// NOLINT(*)
     " --outfile filename           output formula to given file\n"
     " --arrays-uf-never            never turn arrays into uninterpreted functions\n" // NOLINT(*)
     " --arrays-uf-always           always turn arrays into uninterpreted functions\n" // NOLINT(*)
diff --git a/src/goto-symex/build_goto_trace.cpp b/src/goto-symex/build_goto_trace.cpp
index 1360384587c..3a874d2213c 100644
--- a/src/goto-symex/build_goto_trace.cpp
+++ b/src/goto-symex/build_goto_trace.cpp
@@ -140,7 +140,7 @@ void build_goto_trace(
 
     if(SSA_step.ignore)
       continue;
-    
+
     if(prop_conv.l_get(SSA_step.guard_literal)!=tvt(true))
       continue;
 
@@ -303,7 +303,7 @@ void build_goto_trace(
       s_it1=goto_trace.steps.begin();
       s_it1!=goto_trace.steps.end();
       s_it1++)
-    if(s_it1->is_assert() && !s_it1->cond_value && 
+    if(s_it1->is_assert() && !s_it1->cond_value &&
        s_it1->comment!=SYMEX_CONTINUATION_CHECK)
     {
       goto_trace.trim_after(s_it1);
diff --git a/src/goto-symex/goto_symex.h b/src/goto-symex/goto_symex.h
index 0a0eb27f376..83a94d366cf 100644
--- a/src/goto-symex/goto_symex.h
+++ b/src/goto-symex/goto_symex.h
@@ -112,10 +112,10 @@ class goto_symext
   friend class symex_dereference_statet;
 
   virtual bool check_break(
-    const irep_idt &id, 
-    bool is_function, 
-    statet &state, 
-    const exprt &cond, 
+    const irep_idt &id,
+    bool is_function,
+    statet &state,
+    const exprt &cond,
     unsigned unwind);
 
   void new_name(symbolt &symbol);
diff --git a/src/goto-symex/symex_goto.cpp b/src/goto-symex/symex_goto.cpp
index e32893c1b0c..d535d7e4329 100644
--- a/src/goto-symex/symex_goto.cpp
+++ b/src/goto-symex/symex_goto.cpp
@@ -95,7 +95,7 @@ bool goto_symext::symex_goto(statet &state)
     }
 
     goto_symex_statet::framet::loop_infot &loop_info=
-    	frame.loop_iterations[loop_id];
+      frame.loop_iterations[loop_id];
     unsigned &unwind=loop_info.count;
 
     unwind++;

From 4134a153a70e64e25b22770e1d9a076bbec5c891 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Tue, 13 Jun 2017 11:53:12 +0100
Subject: [PATCH 54/57] fix regression test syntax

goto-instrument-unwind no longer in regression tests

fix regex for multi_dimensional_array6

use failed-test-printer.pl
---
 regression/Makefile                                   |  1 -
 regression/cbmc-incr-oneloop/Makefile                 | 11 ++++++++---
 .../cbmc-with-incr/Multi_Dimensional_Array6/test.desc |  5 ++---
 .../cbmc-with-incr/Pointer_byte_extract2/test.desc    |  2 +-
 .../cbmc-with-incr/Pointer_byte_extract5/test.desc    |  4 ++--
 regression/cbmc-with-incr/pipe1/test.desc             |  2 +-
 6 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/regression/Makefile b/regression/Makefile
index 1e543290a0d..0cfcb721aae 100644
--- a/regression/Makefile
+++ b/regression/Makefile
@@ -6,7 +6,6 @@ DIRS = ansi-c \
        goto-analyzer \
        goto-instrument \
        goto-instrument-typedef \
-       goto-instrument-unwind \
        cbmc-incr-oneloop \
        cbmc-incr \
        cbmc-with-incr \
diff --git a/regression/cbmc-incr-oneloop/Makefile b/regression/cbmc-incr-oneloop/Makefile
index 00c5ea25db4..c699f3a2837 100644
--- a/regression/cbmc-incr-oneloop/Makefile
+++ b/regression/cbmc-incr-oneloop/Makefile
@@ -1,11 +1,16 @@
 default: tests.log
 
 test:
-	@../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --slice-formula"
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --slice-formula" ; then \
+	../failed-tests-printer.pl ; \
+		exit 1 ; \
+	fi
 
 tests.log: ../test.pl
-	@../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --slice-formula"
-
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --slice-formula" ; then \
+	../failed-tests-printer.pl ; \
+		exit 1 ; \
+	fi
 show:
 	@for dir in *; do \
 		if [ -d "$$dir" ]; then \
diff --git a/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc b/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
index 107b8b20b72..68d47b3eac3 100644
--- a/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
+++ b/regression/cbmc-with-incr/Multi_Dimensional_Array6/test.desc
@@ -4,8 +4,7 @@ main.c
 ^EXIT=10$
 ^SIGNAL=0$
 
-^\[main\.assertion\.1\] assertion matriz\[(signed long int)j\]\[(signed long int)k\] <= maior: SUCCESS$
-^\[main\.assertion\.2\] assertion matriz\[(signed long int)0\]\[(signed long int)0\] < maior: FAILURE$
-^\*\* 1 of 2 failed (2 iterations)$
+^\[main\.assertion\.2\] assertion matriz\[\(signed long int\)0\]\[\(signed long int\)0\] \< maior: FAILURE$
+^\*\* 1 of 2 failed \(2 iterations\)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
index e99e8941463..65839c362ea 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract2/test.desc
@@ -4,6 +4,6 @@ main.c
 ^EXIT=10$
 ^SIGNAL=0$
 ^\[main\.assertion\.2\] .*: FAILURE$
-^\*\* 1 of 2 failed (2 iterations)$
+^\*\* 1 of 2 failed \(2 iterations\)$
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
index 16660374c9e..66cd2d31510 100644
--- a/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
+++ b/regression/cbmc-with-incr/Pointer_byte_extract5/test.desc
@@ -3,7 +3,7 @@ main.c
 --all-properties --bounds-check --32
 ^EXIT=10$
 ^SIGNAL=0$
-^\[main\.array_bounds\.7\] array.List upper bound in .*: FAILURE$
-^\*\* 1 of 11 failed (2 iterations)$
+array\.List dynamic object upper bound in p->List\[2\]: FAILURE
+\*\* 1 of 11 failed \(2 iterations\)
 --
 ^warning: ignoring
diff --git a/regression/cbmc-with-incr/pipe1/test.desc b/regression/cbmc-with-incr/pipe1/test.desc
index 1272da21932..c24f5e9bf17 100644
--- a/regression/cbmc-with-incr/pipe1/test.desc
+++ b/regression/cbmc-with-incr/pipe1/test.desc
@@ -4,6 +4,6 @@ main.c
 ^EXIT=10$
 ^SIGNAL=0$
 ^\[main\.assertion\.4\] assertion data\[1\]==31: FAILURE$
-^\*\* 1 of 5 failed (2 iterations)$
+^\*\* 1 of 5 failed \(2 iterations\)$
 --
 ^warning: ignoring

From 6f7070c04f90ab518063938c64259051e71e14c7 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 22 Jun 2017 10:09:37 +0100
Subject: [PATCH 55/57] remove merge mistakes

---
 src/goto-cc/as_mode.cpp | 1 -
 src/goto-cc/compile.cpp | 7 +------
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/src/goto-cc/as_mode.cpp b/src/goto-cc/as_mode.cpp
index 020c84650a4..c36e755b471 100644
--- a/src/goto-cc/as_mode.cpp
+++ b/src/goto-cc/as_mode.cpp
@@ -128,7 +128,6 @@ int as_modet::doit()
 
   // determine actions to be undertaken
   compilet compiler(cmdline, message_handler, cmdline.isset("fatal-warnings"));
-  compiler.ui_message_handler.set_verbosity(verbosity);
 
   if(cmdline.isset('b')) // as86 only
   {
diff --git a/src/goto-cc/compile.cpp b/src/goto-cc/compile.cpp
index 9079b8bf9c6..f9184b86598 100644
--- a/src/goto-cc/compile.cpp
+++ b/src/goto-cc/compile.cpp
@@ -117,11 +117,7 @@ bool compilet::doit()
   const unsigned warnings_before=
     get_message_handler().get_message_count(messaget::M_WARNING);
 
-<<<<<<< 0bc503ae07a912ec82d5c337f453520219aac395
   if(!source_files.empty())
-=======
-  if(source_files.size()>0)
->>>>>>> HEAD~84
     if(compile())
       return true;
 
@@ -648,8 +644,7 @@ bool compilet::parse_source(const std::string &file_name)
 /// constructor
 /// \return nothing
 compilet::compilet(cmdlinet &_cmdline, ui_message_handlert &mh, bool Werror):
-  language_uit(_cmdline, ui_message_handler),
-  ui_message_handler(_cmdline, "goto-cc " CBMC_VERSION),
+  language_uit(_cmdline, mh),
   ns(symbol_table),
   cmdline(_cmdline),
   warning_is_fatal(Werror)

From 59d6559ee8255eb737b69330715844fd23e80453 Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 22 Jun 2017 12:34:53 +0100
Subject: [PATCH 56/57] use failed tests printer

---
 regression/cbmc-incr/Makefile | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/regression/cbmc-incr/Makefile b/regression/cbmc-incr/Makefile
index 4e2123eba72..1e1ef0ea176 100644
--- a/regression/cbmc-incr/Makefile
+++ b/regression/cbmc-incr/Makefile
@@ -4,10 +4,14 @@ PARAM = --incremental
 # --refine   --slice-formula
 
 test:
-	@../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)"
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)" ; then \
+	../failed-tests-printer.pl ; \
+		exit 1 ; \
+	fi
 
 tests.log: ../test.pl
-	@../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)"
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)" ; then \
+	../failed-tests-printer.pl ; \
 
 show:
 	@for dir in *; do \

From e7d1fe2ec85912198b2a592e3fd42ed12e0341bc Mon Sep 17 00:00:00 2001
From: polgreen <elizabeth.polgreen@cs.ox.ac.uk>
Date: Thu, 22 Jun 2017 13:38:43 +0100
Subject: [PATCH 57/57] use incremental mode in incremental regression tests

removed use of $PARAM$ for consistency with other makefiles
---
 regression/cbmc-incr/Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/regression/cbmc-incr/Makefile b/regression/cbmc-incr/Makefile
index 1e1ef0ea176..3c7ea145d38 100644
--- a/regression/cbmc-incr/Makefile
+++ b/regression/cbmc-incr/Makefile
@@ -4,13 +4,13 @@ PARAM = --incremental
 # --refine   --slice-formula
 
 test:
-	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)" ; then \
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --incremental" ; then \
 	../failed-tests-printer.pl ; \
 		exit 1 ; \
 	fi
 
 tests.log: ../test.pl
-	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc $(PARAM)" ; then \
+	@if ! ../test.pl -c "perl -e 'alarm shift @ARGV; exec @ARGV' 30 ../../../src/cbmc/cbmc --incremental" ; then \
 	../failed-tests-printer.pl ; \
 
 show: