NEWS

Release 3.13.0 (?? ????????? 201?)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--
Release 3.13.0 is under development, not yet released.

3.13.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM32/Linux,
ARM64/Linux, PPC32/Linux, PPC64BE/Linux, PPC64LE/Linux, S390X/Linux,
MIPS32/Linux, MIPS64/Linux, ARM/Android, ARM64/Android,
MIPS32/Android, X86/Android, X86/Solaris, AMD64/Solaris, X86/MacOSX
10.10 and AMD64/MacOSX 10.10.  There is also preliminary support for
X86/MacOSX 10.11/12, AMD64/MacOSX 10.11/12 and TILEGX/Linux.

* The 'xtree concept' was added in 3.13:
   An xtree is a tree of stacktraces with data associated to the stacktraces.
   This xtree is used by various tools (memcheck, helgrind, massif) to
   report the heap consumption of your program. The xtree reporting
   is controlled by the new options --xtree-memory=none|allocs|full and
   --xtree-memory-file=<file>.
   An heap xtree memory profiling can also be produced on demand using
   the gdbserver monitor command 'xtmemory [<filename>]>'.
   The xtree can be output in 2 formats: 'callgrind format'
   and 'massif format. The existing visualisers for these formats (e.g.
   callgrind_annotate, kcachegrind, ms_print) can be used to visualise
   and analyse these reports.
   For more details, read the user manual.

* ================== PLATFORM CHANGES =================

  - Support for demangling Rust symbols (n-i-bz)
  
  - On linux, clone handling was improved to honour the CLONE_VFORK flag
    and setting a child stack. Note however that CLONE_VFORK | CLONE_VM
    is handled like CLONE_VFORK (so removing CLONE_VM flag).
    Applications that depends on CLONE_VM exact semantic will (still) not work.

* ==================== TOOL CHANGES ====================

* Memcheck:

  - Support for --xtree-memory and 'xtmemory [<filename>]>'.

* Massif:

  - Support for --xtree-memory and 'xtmemory [<filename>]>'.

  - For some workloads (typically, for big applications), Massif
    memory consumption and CPU consumption decreases significantly.

* Helgrind:

  - Support for --xtree-memory and 'xtmemory [<filename>]>'.

  - addition of client request VALGRIND_HG_GNAT_DEPENDENT_MASTER_JOIN,
    useful for Ada gnat compiled applications.

* ==================== OTHER CHANGES ====================

* For Valgrind developers: in an outer/inner setup, the outer Valgrind
  will append the inner guest stacktrace to the inner host stacktrace.
  This helps to investigate the errors reported by the outer, when they
  are caused by the inner guest program (such as an inner regtest).
  See README_DEVELOPERS for more info.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

342040  Valgrind mishandles clone with CLONE_VFORK | CLONE_VM that clones
        to a different stack.
348616  Wine/valgrind: noted but unhandled ioctl 0x5390 [..] (DVD_READ_STRUCT)
352395  Please provide SVN revision info in --version -v
352767  Wine/valgrind: noted but unhandled ioctl 0x5307 [..] (CDROMSTOP)
358213  helgrind/drd bar_bad testcase hangs or crashes with new glibc pthread
        barrier implementation
371412  Rename wrap_sys_shmat to sys_shmat like other wrappers
371869  support '%' in symbol Z-encoding
371916  execution tree xtree concept
372120  c++ demangler demangles symbols which are not c++
372504  Hanging on exit_group
372600  process loops forever when fatal signals are arriving quickly
373046  Stacks registered by core are never deregistered
373192  Calling posix_spawn in glibc 2.24 completely broken

Release 3.12.0 (20 October 2016)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3.12.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM32/Linux,
ARM64/Linux, PPC32/Linux, PPC64BE/Linux, PPC64LE/Linux, S390X/Linux,
MIPS32/Linux, MIPS64/Linux, ARM/Android, ARM64/Android,
MIPS32/Android, X86/Android, X86/Solaris, AMD64/Solaris, X86/MacOSX
10.10 and AMD64/MacOSX 10.10.  There is also preliminary support for
X86/MacOSX 10.11/12, AMD64/MacOSX 10.11/12 and TILEGX/Linux.

* ================== PLATFORM CHANGES =================

* POWER: Support for ISA 3.0 has been added

* mips: support for O32 FPXX ABI has been added.
* mips: improved recognition of different processors
* mips: determination of page size now done at run time

* amd64: Partial support for AMD FMA4 instructions.

* arm, arm64: Support for v8 crypto and CRC instructions.

* Improvements and robustification of the Solaris port.

* Preliminary support for MacOS 10.12 (Sierra) has been added.

Whilst 3.12.0 continues to support the 32-bit x86 instruction set, we
would prefer users to migrate to 64-bit x86 (a.k.a amd64 or x86_64)
where possible.  Valgrind's support for 32-bit x86 has stagnated in
recent years and has fallen far behind that for 64-bit x86
instructions.  By contrast 64-bit x86 is well supported, up to and
including AVX2.

* ==================== TOOL CHANGES ====================

* Memcheck:

  - Added meta mempool support for describing a custom allocator which:
     - Auto-frees all chunks assuming that destroying a pool destroys all
       objects in the pool
     - Uses itself to allocate other memory blocks

  - New flag --ignore-range-below-sp to ignore memory accesses below
    the stack pointer, if you really have to.  The related flag
    --workaround-gcc296-bugs=yes is now deprecated.  Use
    --ignore-range-below-sp=1024-1 as a replacement.

* DRD:

  - Improved thread startup time significantly on non-Linux platforms.

* DHAT

  - Added collection of the metric "tot-blocks-allocd"

* ==================== OTHER CHANGES ====================

* Replacement/wrapping of malloc/new related functions is now done not just
  for system libraries by default, but for any globally defined malloc/new
  related function (both in shared libraries and statically linked alternative
  malloc implementations).  The dynamic (runtime) linker is excluded, though.
  To only intercept malloc/new related functions in
  system libraries use --soname-synonyms=somalloc=nouserintercepts (where
  "nouserintercepts" can be any non-existing library name).
  This new functionality is not implemented for MacOS X.

* The maximum number of callers in a suppression entry is now equal to
  the maximum size for --num-callers (500).
  Note that --gen-suppressions=yes|all similarly generates suppressions
  containing up to --num-callers frames.

* New and modified GDB server monitor features:

  - Valgrind's gdbserver now accepts the command 'catch syscall'.
    Note that you must have GDB >= 7.11 to use 'catch syscall' with
    gdbserver.

* New option --run-cxx-freeres=<yes|no> can be used to change whether
  __gnu_cxx::__freeres() cleanup function is called or not. Default is
  'yes'.

* Valgrind is able to read compressed debuginfo sections in two formats:
  - zlib ELF gABI format with SHF_COMPRESSED flag (gcc option -gz=zlib)
  - zlib GNU format with .zdebug sections (gcc option -gz=zlib-gnu)

* Modest JIT-cost improvements: the cost of instrumenting code blocks
  for the most common use case (x86_64-linux, Memcheck) has been
  reduced by 10%-15%.

* Improved performance for programs that do a lot of discarding of
  instruction address ranges of 8KB or less.

* The C++ symbol demangler has been updated.

* More robustness against invalid syscall parameters on Linux.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

191069  Exiting due to signal not reported in XML output
199468  Suppressions: stack size limited to 25
        while --num-callers allows more frames
212352  vex amd64 unhandled opc_aux = 0x 2, first_opcode == 0xDC (FCOM)
278744  cvtps2pd with redundant RexW
303877  valgrind doesn't support compressed debuginfo sections.
345307  Warning about "still reachable" memory when using libstdc++ from gcc 5
348345  Assertion fails for negative lineno
351282  V 3.10.1 MIPS softfloat build broken with GCC 4.9.3 / binutils 2.25.1
351692  Dumps created by valgrind are not readable by gdb (mips32 specific)
351804  Crash on generating suppressions for "printf" call on OS X 10.10
352197  mips: mmap2() not wrapped correctly for page size > 4096
353083  arm64 doesn't implement various xattr system calls
353084  arm64 doesn't support sigpending system call
353137  www: update info for Supported Platforms
353138  www: update "The Valgrind Developers" page
353370  don't advertise RDRAND in cpuid for Core-i7-4910-like avx2 machine
        == 365325
        == 357873
353384  amd64->IR: 0x66 0xF 0x3A 0x62 0xD1 0x62 (pcmpXstrX $0x62)
353398  WARNING: unhandled amd64-solaris syscall: 207
353660  XML in auxwhat tag not escaping reserved symbols properly
353680  s390x: Crash with certain glibc versions due to non-implemented TBEGIN
353727  amd64->IR: 0x66 0xF 0x3A 0x62 0xD1 0x72 (pcmpXstrX $0x72)
353802  ELF debug info reader confused with multiple .rodata sections
353891  Assert 'bad_scanned_addr < VG_ROUNDDN(start+len, sizeof(Addr))' failed
353917  unhandled amd64-solaris syscall fchdir(120)
353920  unhandled amd64-solaris syscall: 170
354274  arm: unhandled instruction: 0xEBAD 0x0AC1 (sub.w sl, sp, r1, lsl #3)
354392  unhandled amd64-solaris syscall: 171
354797  Vbit test does not include Iops for Power 8 instruction support
354883  tst->os_state.pthread - magic_delta assertion failure on OSX 10.11
        == 361351
        == 362920
        == 366222
354933  Fix documentation of --kernel-variant=android-no-hw-tls option
355188  valgrind should intercept all malloc related global functions
355454  do not intercept malloc related symbols from the runtime linker
355455  stderr.exp of test cases wrapmalloc and wrapmallocstatic overconstrained
356044  Dwarf line info reader misinterprets is_stmt register
356112  mips: replace addi with addiu
356393  valgrind (vex) crashes because isZeroU happened
        == 363497
        == 364497
356676  arm64-linux: unhandled syscalls 125, 126 (sched_get_priority_max/min)
356678  arm64-linux: unhandled syscall 232 (mincore)
356817  valgrind.h triggers compiler errors on MSVC when defining NVALGRIND
356823  Unsupported ARM instruction: stlex
357059  x86/amd64: SSE cvtpi2ps with memory source does transition to MMX state
357338  Unhandled instruction for SHA instructions libcrypto Boring SSL
357673  crash if I try to run valgrind with a binary link with libcurl
357833  Setting RLIMIT_DATA to zero breaks with linux 4.5+
357871  pthread_spin_destroy not properly wrapped
357887  Calls to VG_(fclose) do not close the file descriptor
357932  amd64->IR: accept redundant REX prefixes for {minsd,maxsd} m128, xmm.
358030  support direct socket calls on x86 32bit (new in linux 4.3)
358478  drd/tests/std_thread.cpp doesn't build with GCC6
359133  Assertion 'eltSzB <= ddpa->poolSzB' failed
359181  Buffer Overflow during Demangling
359201  futex syscall "skips" argument 5 if op is FUTEX_WAIT_BITSET
359289  s390x: popcnt (B9E1) not implemented
359472  The Power PC vsubuqm instruction doesn't always give the correct result
359503  Add missing syscalls for aarch64 (arm64)
359645  "You need libc6-dbg" help message could be more helpful
359703  s390: wire up separate socketcalls system calls
359724  getsockname might crash - deref_UInt should call safe_to_deref
359733  amd64 implement ld.so strchr/index override like x86
359767  Valgrind does not support the IBM POWER ISA 3.0 instructions, part 1/5
359829  Power PC test suite none/tests/ppc64/test_isa_2_07.c uses
        uninitialized data
359838  arm64: Unhandled instruction 0xD5033F5F (clrex)
359871  Incorrect mask handling in ppoll
359952  Unrecognised PCMPESTRM variants (0x70, 0x19)
360008  Contents of Power vr registers contents is not printed correctly when
        the --vgdb-shadow-registers=yes option is used
360035  POWER PC instruction bcdadd and bcdsubtract generate result with
        non-zero shadow bits
360378  arm64: Unhandled instruction 0x5E280844 (sha1h  s4, s2)
360425  arm64 unsupported instruction ldpsw
        == 364435
360519  none/tests/arm64/memory.vgtest might fail with newer gcc
360571  Error about the Android Runtime reading below the stack pointer on ARM
360574  Wrong parameter type for an ashmem ioctl() call on Android and ARM64
360749  kludge for multiple .rodata sections on Solaris no longer needed
360752  raise the number of reserved fds in m_main.c from 10 to 12
361207  Valgrind does not support the IBM POWER ISA 3.0 instructions, part 2/5
361226  s390x: risbgn (EC59) not implemented
361253  [s390x] ex_clone.c:42: undefined reference to `pthread_create'
361354  ppc64[le]: wire up separate socketcalls system calls
361615  Inconsistent termination for multithreaded process terminated by signal
361926  Unhandled Solaris syscall: sysfs(84)
362009  V dumps core on unimplemented functionality before threads are created
362329  Valgrind does not support the IBM POWER ISA 3.0 instructions, part 3/5
362894  missing (broken) support for wbit field on mtfsfi instruction (ppc64)
362935  [AsusWRT] Assertion 'sizeof(TTEntryC) <= 88' failed
362953  Request for an update to the Valgrind Developers page
363680  add renameat2() support
363705  arm64 missing syscall name_to_handle_at and open_by_handle_at
363714  ppc64 missing syscalls sync, waitid and name_to/open_by_handle_at
363858  Valgrind does not support the IBM POWER ISA 3.0 instructions, part 4/5
364058  clarify in manual limitations of array overruns detections
364413  pselect sycallwrapper mishandles NULL sigmask
364728  Power PC, missing support for several HW registers in
        get_otrack_shadow_offset_wrk()
364948  Valgrind does not support the IBM POWER ISA 3.0 instructions, part 5/5
365273  Invalid write to stack location reported after signal handler runs
365912  ppc64BE segfault during jm-insns test (RELRO)
366079  FPXX Support for MIPS32 Valgrind
366138  Fix configure errors out when using Xcode 8 (clang 8.0.0)
366344  Multiple unhandled instruction for Aarch64
        (0x0EE0E020, 0x1AC15800, 0x4E284801, 0x5E040023, 0x5E056060)
367995  Integration of memcheck with custom memory allocator
368120  x86_linux asm _start functions do not keep 16-byte aligned stack pointer
368412  False positive result for altivec capability check
368416  Add tc06_two_races_xml.exp output for ppc64
368419  Perf Events ioctls not implemented
368461  mmapunmap test fails on ppc64
368823  run_a_thread_NORETURN assembly code typo for VGP_arm64_linux target
369000  AMD64 fma4 instructions unsupported.
369169  ppc64 fails jm_int_isa_2_07 test
369175  jm_vec_isa_2_07 test crashes on ppc64
369209  valgrind loops and eats up all memory if cwd doesn't exist.
369356  pre_mem_read_sockaddr syscall wrapper can crash with bad sockaddr
369359  msghdr_foreachfield can crash when handling bad iovec
369360  Bad sigprocmask old or new sets can crash valgrind
369361  vmsplice syscall wrapper crashes on bad iovec
369362  Bad sigaction arguments crash valgrind
369383  x86 sys_modify_ldt wrapper crashes on bad ptr
369402  Bad set/get_thread_area pointer crashes valgrind
369441  bad lvec argument crashes process_vm_readv/writev syscall wrappers
369446  valgrind crashes on unknown fcntl command
369439  S390x: Unhandled insns RISBLG/RISBHG and LDE/LDER 
369468  Remove quadratic metapool algorithm using VG_(HT_remove_at_Iter)
370265  ISA 3.0 HW cap stuff needs updating
371128  BCD add and subtract instructions on Power BE in 32-bit mode do not work
372195  Power PC, xxsel instruction is not always recognized

n-i-bz  Fix incorrect (or infinite loop) unwind on RHEL7 x86 and amd64
n-i-bz  massif --pages-as-heap=yes does not report peak caused by mmap+munmap
n-i-bz  false positive leaks due to aspacemgr merging heap & non heap segments
n-i-bz  Fix ppoll_alarm exclusion on OS X
n-i-bz  Document brk segment limitation, reference manual in limit reached msg.
n-i-bz  Fix clobber list in none/tests/amd64/xacq_xrel.c [valgrind r15737]
n-i-bz  Bump allowed shift value for "add.w reg, sp, reg, lsl #N" [vex r3206]
n-i-bz  amd64: memcheck false positive with shr %edx
n-i-bz  arm3: Allow early writeback of SP base register in "strd rD, [sp, #-16]"
n-i-bz  ppc: Fix two cases of PPCAvFpOp vs PPCFpOp enum confusion
n-i-bz  arm: Fix incorrect register-number constraint check for LDAEX{,B,H,D}
n-i-bz  DHAT: added collection of the metric "tot-blocks-allocd" 

(3.12.0.RC1:  20 October 2016, vex r3282, valgrind r16094)
(3.12.0.RC2:  20 October 2016, vex r3282, valgrind r16096)
(3.12.0:      21 October 2016, vex r3282, valgrind r16098)



Release 3.11.0 (22 September 2015)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3.11.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM32/Linux,
ARM64/Linux, PPC32/Linux, PPC64BE/Linux, PPC64LE/Linux, S390X/Linux,
MIPS32/Linux, MIPS64/Linux, ARM/Android, ARM64/Android,
MIPS32/Android, X86/Android, X86/Solaris, AMD64/Solaris, X86/MacOSX
10.10 and AMD64/MacOSX 10.10.  There is also preliminary support for
X86/MacOSX 10.11, AMD64/MacOSX 10.11 and TILEGX/Linux.

* ================== PLATFORM CHANGES =================

* Support for Solaris/x86 and Solaris/amd64 has been added.

* Preliminary support for Mac OS X 10.11 (El Capitan) has been added.

* Preliminary support for the Tilera TileGX architecture has been added.

* s390x: It is now required for the host to have the "long displacement"
  facility.  The oldest supported machine model is z990.

* x86: on an SSE2 only host, Valgrind in 32 bit mode now claims to be a
  Pentium 4.  3.10.1 wrongly claimed to be a Core 2, which is SSSE3.

* The JIT's register allocator is significantly faster, making the JIT
  as a whole somewhat faster, so JIT-intensive activities, for example
  program startup, are modestly faster, around 5%.

* There have been changes to the default settings of several command
  line flags, as detailed below.

* Intel AVX2 support is more complete (64 bit targets only).  On AVX2
  capable hosts, the simulated CPUID will now indicate AVX2 support.

* ==================== TOOL CHANGES ====================

* Memcheck:

  - The default value for --leak-check-heuristics has been changed from
    "none" to "all". This helps to reduce the number of possibly
    lost blocks, in particular for C++ applications.

  - The default value for --keep-stacktraces has been changed from
    "malloc-then-free" to "malloc-and-free".  This has a small cost in
    memory (one word per malloc-ed block) but allows Memcheck to show the
    3 stacktraces of a dangling reference: where the block was allocated,
    where it was freed, and where it is acccessed after being freed.

  - The default value for --partial-loads-ok has been changed from "no" to 
    "yes", so as to avoid false positive errors resulting from some kinds
    of vectorised loops.

  - A new monitor command 'xb <addr> <len>' shows the validity bits of
    <len> bytes at <addr>.  The monitor command 'xb' is easier to use
    than get_vbits when you need to associate byte data value with
    their corresponding validity bits.

  - The 'block_list' monitor command has been enhanced:
      o it can print a range of loss records
      o it now accepts an optional argument 'limited <max_blocks>'
        to control the number of blocks printed.
      o if a block has been found using a heuristic, then
        'block_list' now shows the heuristic after the block size.
      o the loss records/blocks to print can be limited to the blocks
        found via specified heuristics.

  - The C helper functions used to instrument loads on
    x86-{linux,solaris} and arm-linux (both 32-bit only) have been
    replaced by handwritten assembly sequences.  This gives speedups
    in the region of 0% to 7% for those targets only.

  - A new command line option, --expensive-definedness-checks=yes|no,
    has been added.  This is useful for avoiding occasional invalid
    uninitialised-value errors in optimised code.  Watch out for
    runtime degradation, as this can be up to 25%.  As always, though,
    the slowdown is highly application specific.  The default setting
    is "no".

* Massif:

  - A new monitor command 'all_snapshots <filename>' dumps all
    snapshots taken so far.

* Helgrind:

  - Significant memory reduction and moderate speedups for
    --history-level=full for applications accessing a lot of memory
    with many different stacktraces.

  - The default value for --conflict-cache-size=N has been doubled to
    2000000.  Users that were not using the default value should
    preferably also double the value they give.

    The default was changed due to the changes in the "full history"
    implementation.  Doubling the value gives on average a slightly more
    complete history and uses similar memory (or significantly less memory
    in the worst case) than the previous implementation.
    
  - The Helgrind monitor command 'info locks' now accepts an optional
    argument 'lock_addr', which shows information about the lock at the
    given address only.

  - When using --history-level=full, the new Helgrind monitor command
    'accesshistory <addr> [<len>]' will show the recorded accesses for
    <len> (or 1) bytes at <addr>.

* ==================== OTHER CHANGES ====================

* The default value for the --smc-check option has been changed from
  "stack" to "all-non-file" on targets that provide automatic D-I
  cache coherence (x86, amd64 and s390x).  The result is to provide,
  by default, transparent support for JIT generated and self-modifying
  code on all targets.

* Mac OS X only: the default value for the --dsymutil option has been
  changed from "no" to "yes", since any serious usage on Mac OS X
  always required it to be "yes".

* The command line options --db-attach and --db-command have been removed.
  They were deprecated in 3.10.0.

* When a process dies due to a signal, Valgrind now shows the signal
  and the stacktrace at default verbosity (i.e. verbosity 1).

* The address description logic used by Memcheck and Helgrind now
  describes addresses in anonymous segments, file mmap-ed segments,
  shared memory segments and the brk data segment.

* The new option --error-markers=<begin>,<end> can be used to mark the
  begin/end of errors in textual output mode, to facilitate
  searching/extracting errors in output files that mix valgrind errors
  with program output.

* The new option --max-threads=<number> can be used to change the number
  of threads valgrind can handle.  The default is 500 threads which
  should be more than enough for most applications.

* The new option --valgrind-stacksize=<number> can be used to change the
  size of the private thread stacks used by Valgrind.  This is useful
  for reducing memory use or increasing the stack size if Valgrind
  segfaults due to stack overflow.

* The new option --avg-transtab-entry-size=<number> can be used to specify
  the expected instrumented block size, either to reduce memory use or
  to avoid excessive retranslation.

* Valgrind can be built with Intel's ICC compiler, version 14.0 or later.

* New and modified GDB server monitor features:

  - When a signal is reported in GDB, you can now use the GDB convenience
    variable $_siginfo to examine detailed signal information.
 
  - Valgrind's gdbserver now allows the user to change the signal
    to deliver to the process.  So, use 'signal SIGNAL' to continue execution
    with SIGNAL instead of the signal reported to GDB. Use 'signal 0' to
    continue without passing the signal to the process.

  - With GDB >= 7.10, the command 'target remote'
    will automatically load the executable file of the process running
    under Valgrind. This means you do not need to specify the executable
    file yourself, GDB will discover it itself.  See GDB documentation about
    'qXfer:exec-file:read' packet for more info.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

116002  VG_(printf): Problems with justification of strings and integers
155125  avoid cutting away file:lineno after long function name
197259  Unsupported arch_prtctl PR_SET_GS option
201152  ppc64: Assertion in ppc32g_dirtyhelper_MFSPR_268_269
201216  Fix Valgrind does not support pthread_sigmask() on OS X
201435  Fix Darwin: -v does not show kernel version
208217  "Warning: noted but unhandled ioctl 0x2000747b" on Mac OS X
211256  Fixed an outdated comment regarding the default platform.
211529  Incomplete call stacks for code compiled by newer versions of MSVC
211926  Avoid compilation warnings in valgrind.h with -pedantic
212291  Fix unhandled syscall: unix:132 (mkfifo) on OS X
        == 263119
226609  Crediting upstream authors in man page
231257  Valgrind omits path when executing script from shebang line
254164  OS X task_info: UNKNOWN task message [id 3405, to mach_task_self() [..]
294065  Improve the pdb file reader by avoiding hardwired absolute pathnames
269360  s390x: Fix addressing mode selection for compare-and-swap
302630  Memcheck: Assertion failed: 'sizeof(UWord) == sizeof(UInt)'
        == 326797
312989  ioctl handling needs to do POST handling on generic ioctls and [..]
319274  Fix unhandled syscall: unix:410 (sigsuspend_nocancel) on OS X
324181  mmap does not handle MAP_32BIT (handle it now, rather than fail it)
327745  Fix valgrind 3.9.0 build fails on Mac OS X 10.6.8
330147  libmpiwrap PMPI_Get_count returns undefined value
333051  mmap of huge pages fails due to incorrect alignment
        == 339163
334802  valgrind does not always explain why a given option is bad
335618  mov.w rN, pc/sp (ARM32)
335785  amd64->IR 0xC4 0xE2 0x75 0x2F (vmaskmovpd)
        == 307399
        == 343175
        == 342740
        == 346912
335907  segfault when running wine's ddrawex/tests/surface.c under valgrind
338602  AVX2 bit in CPUID missing
338606  Strange message for scripts with invalid interpreter
338731  ppc: Fix testuite build for toolchains not supporting -maltivec
338995  shmat with hugepages (SHM_HUGETLB) fails with EINVAL
339045  Getting valgrind to compile and run on OS X Yosemite (10.10)
        == 340252
339156  gdbsrv not called for fatal signal
339215  Valgrind 3.10.0 contain 2013 in copyrights notice
339288  support Cavium Octeon MIPS specific BBIT*32 instructions
339636  Use fxsave64 and fxrstor64 mnemonics instead of old-school rex64 prefix
339442  Fix testsuite build failure on OS X 10.9
339542  Enable compilation with Intel's ICC compiler
339563  The DVB demux DMX_STOP ioctl doesn't have a wrapper
339688  Mac-specific ASM does not support .version directive (cpuid,
        tronical and pushfpopf tests)
339745  Valgrind crash when check Marmalade app (partial fix)
339755  Fix known deliberate memory leak in setenv() on Mac OS X 10.9
339778  Linux/TileGx platform support for Valgrind
339780  Fix known uninitialised read in pthread_rwlock_init() on Mac OS X 10.9 
339789  Fix none/tests/execve test on Mac OS X 10.9
339808  Fix none/tests/rlimit64_nofile test on Mac OS X 10.9
339820  vex amd64->IR: 0x66 0xF 0x3A 0x63 0xA 0x42 0x74 0x9 (pcmpistri $0x42)
340115  Fix none/tests/cmdline[1|2] tests on systems which define TMPDIR
340392  Allow user to select more accurate definedness checking in memcheck
        to avoid invalid complaints on optimised code
340430  Fix some grammatical weirdness in the manual.
341238  Recognize GCC5/DWARFv5 DW_LANG constants (Go, C11, C++11, C++14)
341419  Signal handler ucontext_t not filled out correctly on OS X
341539  VG_(describe_addr) should not describe address as belonging to client
        segment if it is past the heap end
341613  Enable building of manythreads and thread-exits tests on Mac OS X
341615  Fix none/tests/darwin/access_extended test on Mac OS X
341698  Valgrind's AESKEYGENASSIST gives wrong result in words 0 and 2 [..]
341789  aarch64: shmat fails with valgrind on ARMv8
341997  MIPS64: Cavium OCTEON insns - immediate operand handled incorrectly
342008  valgrind.h needs type cast [..] for clang/llvm in 64-bit mode
342038  Unhandled syscalls on aarch64 (mbind/get/set_mempolicy)
342063  wrong format specifier for test mcblocklistsearch in gdbserver_tests
342117  Hang when loading PDB file for MSVC compiled Firefox under Wine
342221  socket connect false positive uninit memory for unknown af family
342353  Allow dumping full massif output while valgrind is still running
342571  Valgrind chokes on AVX compare intrinsic with _CMP_GE_QS
        == 346476
        == 348387
        == 350593
342603  Add I2C_SMBUS ioctl support
342635  OS X 10.10 (Yosemite) - missing system calls and fcntl code
342683  Mark memory past the initial brk limit as unaddressable
342783  arm: unhandled instruction 0xEEFE1ACA = "vcvt.s32.f32 s3, s3, #12"
342795  Internal glibc __GI_mempcpy call should be intercepted
342841  s390x: Support instructions fiebr(a) and fidbr(a)
343012  Unhandled syscall 319 (memfd_create)
343069  Patch updating v4l2 API support
343173  helgrind crash during stack unwind
343219  fix GET_STARTREGS for arm
343303  Fix known deliberate memory leak in setenv() on Mac OS X 10.10
343306  OS X 10.10: UNKNOWN mach_msg unhandled MACH_SEND_TRAILER option
343332  Unhandled instruction 0x9E310021 (fcvtmu) on aarch64
343335  unhandled instruction 0x1E638400 (fccmp) aarch64
343523  OS X mach_ports_register: UNKNOWN task message [id 3403, to [..]
343525  OS X host_get_special_port: UNKNOWN host message [id 412, to [..]
343597  ppc64le: incorrect use of offseof macro
343649  OS X host_create_mach_voucher: UNKNOWN host message [id 222, to [..]
343663  OS X 10.10  Memchecj always reports a leak regardless of [..]
343732  Unhandled syscall 144 (setgid) on aarch64
343733  Unhandled syscall 187 (msgctl and related) on aarch64
343802  s390x: False positive "conditional jump or move depends on [..]
343902  --vgdb=yes doesn't break when --xml=yes is used
343967  Don't warn about setuid/setgid/setcap executable for directories
343978  Recognize DWARF5/GCC5 DW_LANG_Fortran 2003 and 2008 constants
344007  accept4 syscall unhandled on arm64 (242) and ppc64 (344)
344033  Helgrind on ARM32 loses track of mutex state in pthread_cond_wait
344054  www - update info for Solaris/illumos
344416  'make regtest' does not work cleanly on OS X
344235  Remove duplicate include of pub_core_aspacemgr.h
344279  syscall sendmmsg on arm64 (269) and ppc32/64 (349) unhandled
344295  syscall recvmmsg on arm64 (243) and ppc32/64 (343) unhandled
344307  2 unhandled syscalls on aarch64/arm64: umount2(39), mount (40)
344314  callgrind_annotate ... warnings about commands containing newlines
344318  socketcall should wrap recvmmsg and sendmmsg
344337  Fix unhandled syscall: mach:41 (_kernelrpc_mach_port_guard_trap)
344416  Fix 'make regtest' does not work cleanly on OS X
344499  Fix compilation for Linux kernel >= 4.0.0
344512  OS X: unhandled syscall: unix:348 (__pthread_chdir), 
        unix:349 (__pthread_fchdir)
344559  Garbage collection of unused segment names in address space manager
344560  Fix stack traces missing penultimate frame on OS X
344621  Fix memcheck/tests/err_disable4 test on OS X
344686  Fix suppression for pthread_rwlock_init on OS X 10.10
344702  Fix missing libobjc suppressions on OS X 10.10
        == 344543
344936  Fix unhandled syscall: unix:473 (readlinkat) on OS X 10.10
344939  Fix memcheck/tests/xml1 on OS X 10.10
345016  helgrind/tests/locked_vs_unlocked2 is failing sometimes
345079  Fix build problems in VEX/useful/test_main.c
345126  Incorrect handling of VIDIOC_G_AUDIO and G_AUDOUT
345177  arm64: prfm (reg) not implemented
345215  Performance improvements for the register allocator
345248  add support for Solaris OS in valgrind
345338  TIOCGSERIAL and TIOCSSERIAL ioctl support on Linux
345394  Fix memcheck/tests/strchr on OS X
345637  Fix memcheck/tests/sendmsg on OS X
345695  Add POWERPC support for AT_DCACHESIZE and HWCAP2
345824  Fix aspacem segment mismatch: seen with none/tests/bigcode
345887  Fix an assertion in the address space manager
345928  amd64: callstack only contains current function for small stacks
345984  disInstr(arm): unhandled instruction: 0xEE193F1E
345987  MIPS64: Implement cavium LHX instruction
346031  MIPS: Implement support for the CvmCount register (rhwr %0, 31)
346185  Fix typo saving altivec register v24
346267  Compiler warnings for PPC64 code on call to LibVEX_GuestPPC64_get_XER()
        and LibVEX_GuestPPC64_get_CR()
346270  Regression tests none/tests/jm_vec/isa_2_07 and
        none/tests/test_isa_2_07_part2 have failures on PPC64 little endian
346307  fuse filesystem syscall deadlocks
346324  PPC64 missing support for lbarx, lharx, stbcx and sthcx instructions
346411  MIPS: SysRes::_valEx handling is incorrect
346416  Add support for LL_IOC_PATH2FID and LL_IOC_GETPARENT Lustre ioctls
346474  PPC64 Power 8, spr TEXASRU register not supported
346487  Compiler generates "note" about a future ABI change for PPC64
346562  MIPS64: lwl/lwr instructions are performing 64bit loads
        and causing spurious "invalid read of size 8" warnings
346801  Fix link error on OS X: _vgModuleLocal_sf_maybe_extend_stack
347151  Fix suppression for pthread_rwlock_init on OS X 10.8
347233  Fix memcheck/tests/strchr on OS X 10.10 (Haswell) 
347322  Power PC regression test cleanup
347379  valgrind --leak-check=full leak errors from system libs on OS X 10.8
        == 217236
347389  unhandled syscall: 373 (Linux ARM syncfs)
347686  Patch set to cleanup PPC64 regtests
347978  Remove bash dependencies where not needed
347982  OS X: undefined symbols for architecture x86_64: "_global" [..]
347988  Memcheck: the 'impossible' happened: unexpected size for Addr (OSX/wine)
        == 345929
348102  Patch updating v4l2 API support
348247  amd64 front end: jno jumps wrongly when overflow is not set
348269  Improve mmap MAP_HUGETLB support.
348334  (ppc) valgrind does not simulate dcbfl - then my program terminates
348345  Assertion fails for negative lineno
348377  Unsupported ARM instruction: yield
348565  Fix detection of command line option availability for clang
348574  vex amd64->IR pcmpistri SSE4.2 unsupported (pcmpistri $0x18)
348728  Fix broken check for VIDIOC_G_ENC_INDEX
348748  Fix redundant condition
348890  Fix clang warning about unsupported --param inline-unit-growth=900
348949  Bogus "ERROR: --ignore-ranges: suspiciously large range"
349034  Add Lustre ioctls LL_IOC_GROUP_LOCK and LL_IOC_GROUP_UNLOCK
349086  Fix UNKNOWN task message [id 3406, to mach_task_self(), [..]
349087  Fix UNKNOWN task message [id 3410, to mach_task_self(), [..]
349626  Implemented additional Xen hypercalls
349769  Clang/osx: ld: warning: -read_only_relocs cannot be used with x86_64
349790  Clean up of the hardware capability checking utilities.
349828  memcpy intercepts memmove causing src/dst overlap error (ppc64 ld.so)
349874  Fix typos in source code
349879  memcheck: add handwritten assembly for helperc_LOADV*
349941  di_notify_mmap might create wrong start/size DebugInfoMapping
350062  vex x86->IR: 0x66 0xF 0x3A 0xB (ROUNDSD) on OS X
350202  Add limited param to 'monitor block_list'
350290  s390x: Support instructions fixbr(a)
350359  memcheck/tests/x86/fxsave hangs indefinetely on OS X
350809  Fix none/tests/async-sigs for Solaris
350811  Remove reference to --db-attach which has been removed.
350813  Memcheck/x86: enable handwritten assembly helpers for x86/Solaris too
350854  hard-to-understand code in VG_(load_ELF)()
351140  arm64 syscalls setuid (146) and setresgid (149) not implemented
351386  Solaris: Cannot run ld.so.1 under Valgrind
351474  Fix VG_(iseqsigset) as obvious
351531  Typo in /include/vki/vki-xen-physdev.h header guard
351756  Intercept platform_memchr$VARIANT$Haswell on OS X
351858  ldsoexec support on Solaris
351873  Newer gcc doesn't allow __builtin_tabortdc[i] in ppc32 mode
352130  helgrind reports false races for printfs using mempcpy on FILE* state
352284  s390: Conditional jump depends on uninitialised value(s) in vfprintf 
352320  arm64 crash on none/tests/nestedfs
352765  Vbit test fails on Power 6
352768  The mbar instruction is missing from the Power PC support
352769  Power PC program priority register (PPR) is not supported
n-i-bz  Provide implementations of certain compiler builtins to support
        compilers that may not provide those
n-i-bz  Old STABS code is still being compiled, but never used. Remove it.
n-i-bz  Fix compilation on distros with glibc < 2.5
n-i-bz  (vex 3098) Avoid generation of Neon insns on non-Neon hosts
n-i-bz  Enable rt_sigpending syscall on ppc64 linux.
n-i-bz  mremap did not work properly on shared memory
n-i-bz  Fix incorrect sizeof expression in syswrap-xen.c reported by Coverity
n-i-bz  In VALGRIND_PRINTF write out thread name, if any, to xml

(3.11.0.TEST1:  8 September 2015, vex r3187, valgrind r15646)
(3.11.0.TEST2: 21 September 2015, vex r3193, valgrind r15667)
(3.11.0:       22 September 2015, vex r3195, valgrind r15674)



Release 3.10.1 (25 November 2014)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.10.1 is a bug fix release.  It fixes various bugs reported in 3.10.0
and backports fixes for all reported missing AArch64 ARMv8 instructions
and syscalls from the trunk.  If you package or deliver 3.10.0 for others
to use, you might want to consider upgrading to 3.10.1 instead.

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

335440  arm64: ld1 (single structure) is not implemented
335713  arm64: unhanded instruction: prfm (immediate)
339020  ppc64: memcheck/tests/ppc64/power_ISA2_05 failing in nightly build
339182  ppc64: AvSplat ought to load destination vector register with [..]
339336  PPC64 store quad instruction (stq) is not supposed to change [..]
339433  ppc64 lxvw4x instruction uses four 32-byte loads
339645  Use correct tag names in sys_getdents/64 wrappers
339706  Fix false positive for ioctl(TIOCSIG) on linux
339721  assertion 'check_sibling == sibling' failed in readdwarf3.c ...
339853  arm64 times syscall unknown
339855  arm64 unhandled getsid/setsid syscalls
339858  arm64 dmb sy not implemented
339926  Unhandled instruction 0x1E674001 (frintx) on aarm64
339927  Unhandled instruction 0x9E7100C6 (fcvtmu) on aarch64
339938  disInstr(arm64): unhandled instruction 0x4F8010A4 (fmla)
        == 339950
339940  arm64: unhandled syscall: 83 (sys_fdatasync) + patch
340033  arm64: unhandled insn dmb ishld and some other isb-dmb-dsb variants
340028  unhandled syscalls for arm64 (msync, pread64, setreuid and setregid)
340036  arm64: Unhandled instruction ld4 (multiple structures, no offset)
340236  arm64: unhandled syscalls: mknodat, fchdir, chroot, fchownat
340509  arm64: unhandled instruction fcvtas
340630  arm64: fchmod (52) and fchown (55) syscalls not recognized
340632  arm64: unhandled instruction fcvtas
340722  Resolve "UNKNOWN attrlist flags 0:0x10000000"
340725  AVX2: Incorrect decoding of vpbroadcast{b,w} reg,reg forms
340788  warning: unhandled syscall: 318 (getrandom)
340807  disInstr(arm): unhandled instruction: 0xEE989B20
340856  disInstr(arm64): unhandled instruction 0x1E634C45 (fcsel)
340922  arm64: unhandled getgroups/setgroups syscalls
350251  Fix typo in VEX utility program (test_main.c).
350407  arm64: unhandled instruction ucvtf (vector, integer)
350809  none/tests/async-sigs breaks when run under cron on Solaris
350811  update README.solaris after r15445
350813  Use handwritten memcheck assembly helpers on x86/Solaris [..]
350854  strange code in VG_(load_ELF)()
351140  arm64 syscalls setuid (146) and setresgid (149) not implemented
n-i-bz  DRD and Helgrind: Handle Imbe_CancelReservation (clrex on ARM)
n-i-bz  Add missing ]] to terminate CDATA.
n-i-bz  Glibc versions prior to 2.5 do not define PTRACE_GETSIGINFO
n-i-bz  Enable sys_fadvise64_64 on arm32.
n-i-bz  Add test cases for all remaining AArch64 SIMD, FP and memory insns.
n-i-bz  Add test cases for all known arm64 load/store instructions.
n-i-bz  PRE(sys_openat): when checking whether ARG1 == VKI_AT_FDCWD [..]
n-i-bz  Add detection of old ppc32 magic instructions from bug 278808.
n-i-bz  exp-dhat: Implement missing function "dh_malloc_usable_size".
n-i-bz  arm64: Implement "fcvtpu w, s".
n-i-bz  arm64: implement ADDP and various others
n-i-bz  arm64: Implement {S,U}CVTF (scalar, fixedpt).
n-i-bz  arm64: enable FCVT{A,N}S X,S.

(3.10.1: 25 November 2014, vex r3026, valgrind r14785)



Release 3.10.0 (10 September 2014)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3.10.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM32/Linux, ARM64/Linux,
PPC32/Linux, PPC64BE/Linux, PPC64LE/Linux, S390X/Linux, MIPS32/Linux,
MIPS64/Linux, ARM/Android, MIPS32/Android, X86/Android, X86/MacOSX 10.9
and AMD64/MacOSX 10.9.  Support for MacOSX 10.8 and 10.9 is
significantly improved relative to the 3.9.0 release.

* ================== PLATFORM CHANGES =================

* Support for the 64-bit ARM Architecture (AArch64 ARMv8).  This port
  is mostly complete, and is usable, but some SIMD instructions are as
  yet unsupported.

* Support for little-endian variant of the 64-bit POWER architecture.

* Support for Android on MIPS32.

* Support for 64bit FPU on MIPS32 platforms.

* Both 32- and 64-bit executables are supported on MacOSX 10.8 and 10.9.

* Configuration for and running on Android targets has changed.
  See README.android in the source tree for details.

* ================== DEPRECATED FEATURES =================

* --db-attach is now deprecated and will be removed in the next
  valgrind feature release.  The built-in GDB server capabilities are
  superior and should be used instead. Learn more here:
  http://valgrind.org/docs/manual/manual-core-adv.html#manual-core-adv.gdbserver

* ==================== TOOL CHANGES ====================

* Memcheck:

  - Client code can now selectively disable and re-enable reporting of
    invalid address errors in specific ranges using the new client
    requests VALGRIND_DISABLE_ADDR_ERROR_REPORTING_IN_RANGE and
    VALGRIND_ENABLE_ADDR_ERROR_REPORTING_IN_RANGE.

  - Leak checker: there is a new leak check heuristic called
    "length64".  This is used to detect interior pointers pointing 8
    bytes inside a block, on the assumption that the first 8 bytes
    holds the value "block size - 8".  This is used by
    sqlite3MemMalloc, for example.

  - Checking of system call parameters: if a syscall parameter
    (e.g. bind struct sockaddr, sendmsg struct msghdr, ...) has
    several fields not initialised, an error is now reported for each
    field. Previously, an error was reported only for the first
    uninitialised field.

  - Mismatched alloc/free checking: a new flag
    --show-mismatched-frees=no|yes [yes] makes it possible to turn off
    such checks if necessary.

* Helgrind:

  - Improvements to error messages:

    o Race condition error message involving heap allocated blocks also
      show the thread number that allocated the raced-on block.

    o All locks referenced by an error message are now announced.
      Previously, some error messages only showed the lock addresses.

    o The message indicating where a lock was first observed now also
      describes the address/location of the lock.

  - Helgrind now understands the Ada task termination rules and
    creates a happens-before relationship between a terminated task
    and its master.  This avoids some false positives and avoids a big
    memory leak when a lot of Ada tasks are created and terminated.
    The interceptions are only activated with forthcoming releases of
    gnatpro >= 7.3.0w-20140611 and gcc >= 5.0.

  - A new GDB server monitor command "info locks" giving the list of
    locks, their location, and their status.

* Callgrind:

  - callgrind_control now supports the --vgdb-prefix argument,
    which is needed if valgrind was started with this same argument.

* ==================== OTHER CHANGES ====================

* Unwinding through inlined function calls.  Stack unwinding can now
  make use of Dwarf3 inlined-unwind information if it is available.
  The practical effect is that inlined calls become visible in stack
  traces.  The suppression matching machinery has been adjusted
  accordingly.  This is controlled by the new option
  --read-inline-info=yes|no.  Currently this is enabled by default
  only on Linux and Android targets and only for the tools Memcheck,
  Helgrind and DRD.

* Valgrind can now read EXIDX unwind information on 32-bit ARM
  targets.  If an object contains both CFI and EXIDX unwind
  information, Valgrind will prefer the CFI over the EXIDX.  This
  facilitates unwinding through system libraries on arm-android
  targets.

* Address description logic has been improved and is now common
  between Memcheck and Helgrind, resulting in better address
  descriptions for some kinds of error messages.

* Error messages about dubious arguments (eg, to malloc or calloc) are
  output like other errors.  This means that they can be suppressed
  and they have a stack trace.

* The C++ demangler has been updated for better C++11 support.

* New and modified GDB server monitor features:

  - Thread local variables/storage (__thread) can now be displayed.

  - The GDB server monitor command "v.info location <address>"
    displays information about an address.  The information produced
    depends on the tool and on the options given to valgrind.
    Possibly, the following are described: global variables, local
    (stack) variables, allocated or freed blocks, ...

  - The option "--vgdb-stop-at=event1,event2,..." allows the user to
    ask the GDB server to stop at the start of program execution, at
    the end of the program execution and on Valgrind internal errors.

  - A new monitor command "v.info stats" shows various Valgrind core
    and tool statistics.

  - A new monitor command "v.set hostvisibility" allows the GDB server
    to provide access to Valgrind internal host status/memory.

* A new option "--aspace-minaddr=<address>" can in some situations
  allow the use of more memory by decreasing the address above which
  Valgrind maps memory.  It can also be used to solve address
  conflicts with system libraries by increasing the default value.
  See user manual for details.

* The amount of memory used by Valgrind to store debug info (unwind
  info, line number information and symbol data) has been
  significantly reduced, even though Valgrind now reads more
  information in order to support unwinding of inlined function calls.

* Dwarf3 handling with --read-var-info=yes has been improved:

  - Ada and C struct containing VLAs no longer cause a "bad DIE" error

  - Code compiled with
    -ffunction-sections -fdata-sections -Wl,--gc-sections
    no longer causes assertion failures.

* Improved checking for the --sim-hints= and --kernel-variant=
  options.  Unknown strings are now detected and reported to the user
  as a usage error.

* The semantics of stack start/end boundaries in the valgrind.h
  VALGRIND_STACK_REGISTER client request has been clarified and
  documented.  The convention is that start and end are respectively
  the lowest and highest addressable bytes of the stack.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

175819  Support for ipv6 socket reporting with --track-fds
232510  make distcheck fails
249435  Analyzing wine programs with callgrind triggers a crash
278972  support for inlined function calls in stacktraces and suppression
        == 199144
291310  FXSAVE instruction marks memory as undefined on amd64
303536  ioctl for SIOCETHTOOL (ethtool(8)) isn't wrapped
308729  vex x86->IR: unhandled instruction bytes 0xf 0x5 (syscall) 
315199  vgcore file for threaded app does not show which thread crashed
315952  tun/tap ioctls are not supported
323178  Unhandled instruction: PLDW register (ARM) 
323179  Unhandled instruction: PLDW immediate (ARM)
324050  Helgrind: SEGV because of unaligned stack when using movdqa
325110  Add test-cases for Power ISA 2.06 insns: divdo/divdo. and divduo/divduo.
325124  [MIPSEL] Compilation error
325477  Phase 4 support for IBM Power ISA 2.07
325538  cavium octeon mips64, valgrind reported "dumping core" [...]
325628  Phase 5 support for IBM Power ISA 2.07
325714  Empty vgcore but RLIMIT_CORE is big enough (too big) 
325751  Missing the two privileged Power PC Transactional Memory Instructions
325816  Phase 6 support for IBM Power ISA 2.07
325856  Make SGCheck fail gracefully on unsupported platforms
326026  Iop names for count leading zeros/sign bits incorrectly imply [..]
326436  DRD: False positive in libstdc++ std::list::push_back
326444  Cavium MIPS Octeon Specific Load Indexed Instructions
326462  Refactor vgdb to isolate invoker stuff into separate module
326469  amd64->IR: 0x66 0xF 0x3A 0x63 0xC1 0xE (pcmpistri 0x0E)
326623  DRD: false positive conflict report in a field assignment
326724  Valgrind does not compile on OSX 1.9 Mavericks
326816  Intercept for __strncpy_sse2_unaligned missing?
326921  coregrind fails to compile m_trampoline.S with MIPS/Linux port of V
326983  Clear direction flag after tests on amd64.
327212  Do not prepend the current directory to absolute path names.
327223  Support for Cavium MIPS Octeon Atomic and Count Instructions
327238  Callgrind Assertion 'passed <= last_bb->cjmp_count' failed
327284  s390x: Fix translation of the risbg instruction
327639  vex amd64->IR pcmpestri SSE4.2 instruction is unsupported 0x34
327837  dwz compressed alternate .debug_info and .debug_str not read correctly
327916  DW_TAG_typedef may have no name
327943  s390x: add a redirection for the 'index' function
328100  XABORT not implemented
328205  Implement additional Xen hypercalls
328454  add support Backtraces with ARM unwind tables (EXIDX)
328455  s390x: SIGILL after emitting wrong register pair for ldxbr
328711  valgrind.1 manpage "memcheck options" section is badly generated
328878  vex amd64->IR pcmpestri SSE4.2 instruction is unsupported 0x14
329612  Incorrect handling of AT_BASE for image execution 
329694  clang warns about using uninitialized variable 
329956  valgrind crashes when lmw/stmw instructions are used on ppc64
330228  mmap must align to VKI_SHMLBA on mips32
330257  LLVM does not support `-mno-dynamic-no-pic` option
330319  amd64->IR: unhandled instruction bytes: 0xF 0x1 0xD5 (xend)
330459  --track-fds=yes doesn't track eventfds
330469  Add clock_adjtime syscall support
330594  Missing sysalls on PowerPC / uClibc
330622  Add test to regression suite for POWER instruction: dcbzl
330939  Support for AMD's syscall instruction on x86
        == 308729
330941  Typo in PRE(poll) syscall wrapper
331057  unhandled instruction: 0xEEE01B20 (vfma.f64) (has patch)
331254  Fix expected output for memcheck/tests/dw4
331255  Fix race condition in test none/tests/coolo_sigaction
331257  Fix type of jump buffer in test none/tests/faultstatus
331305  configure uses bash specific syntax
331337  s390x WARNING: unhandled syscall: 326 (dup3)
331380  Syscall param timer_create(evp) points to uninitialised byte(s)
331476  Patch to handle ioctl 0x5422 on Linux (x86 and amd64)
331829  Unexpected ioctl opcode sign extension
331830  ppc64: WARNING: unhandled syscall: 96/97
331839  drd/tests/sem_open specifies invalid semaphore name 
331847  outcome of drd/tests/thread_name is nondeterministic
332037  Valgrind cannot handle Thumb "add pc, reg"
332055  drd asserts on platforms with VG_STACK_REDZONE_SZB == 0 and
        consistency checks enabled
332263  intercepts for pthread_rwlock_timedrdlock and
        pthread_rwlock_timedwrlock are incorrect
332265  drd could do with post-rwlock_init and pre-rwlock_destroy
        client requests
332276  Implement additional Xen hypercalls
332658  ldrd.w r1, r2, [PC, #imm] does not adjust for 32bit alignment
332765  Fix ms_print to create temporary files in a proper directory
333072  drd: Add semaphore annotations
333145  Tests for missaligned PC+#imm access for arm
333228  AAarch64 Missing instruction encoding: mrs %[reg], ctr_el0
333230  AAarch64 missing instruction encodings: dc, ic, dsb.
333248  WARNING: unhandled syscall: unix:443
333428  ldr.w pc [rD, #imm] instruction leads to assertion
333501  cachegrind: assertion: Cache set count is not a power of two.
        == 336577
        == 292281
333666  Recognize MPX instructions and bnd prefix.
333788  Valgrind does not support the CDROM_DISC_STATUS ioctl (has patch)
333817  Valgrind reports the memory areas written to by the SG_IO
        ioctl as untouched
334049  lzcnt fails silently (x86_32)
334384  Valgrind does not have support Little Endian support for
        IBM POWER PPC 64
334585  recvmmsg unhandled (+patch) (arm)
334705  sendmsg and recvmsg should guard against bogus msghdr fields.
334727  Build fails with -Werror=format-security
334788  clarify doc about --log-file initial program directory
334834  PPC64 Little Endian support, patch 2
334836  PPC64 Little Endian support, patch 3 testcase fixes
334936  patch to fix false positives on alsa SNDRV_CTL_* ioctls
335034  Unhandled ioctl: HCIGETDEVLIST
335155  vgdb, fix error print statement.
335262  arm64: movi 8bit version is not supported
335263  arm64: dmb instruction is not implemented
335441  unhandled ioctl 0x8905 (SIOCATMARK) when running wine under valgrind
335496  arm64: sbc/abc instructions are not implemented
335554  arm64: unhandled instruction: abs
335564  arm64: unhandled instruction: fcvtpu  Xn, Sn
335735  arm64: unhandled instruction: cnt
335736  arm64: unhandled instruction: uaddlv
335848  arm64: unhandled instruction: {s,u}cvtf
335902  arm64: unhandled instruction: sli
335903  arm64: unhandled instruction: umull (vector)
336055  arm64: unhandled instruction: mov (element)
336062  arm64: unhandled instruction: shrn{,2}
336139  mip64: [...] valgrind hangs and spins on a single core [...]
336189  arm64: unhandled Instruction: mvn
336435  Valgrind hangs in pthread_spin_lock consuming 100% CPU
336619  valgrind --read-var-info=yes doesn't handle DW_TAG_restrict_type
336772  Make moans about unknown ioctls more informative
336957  Add a section about the Solaris/illumos port on the webpage
337094  ifunc wrapper is broken on ppc64
337285  fcntl commands F_OFD_SETLK, F_OFD_SETLKW, and F_OFD_GETLK not supported
337528  leak check heuristic for block prefixed by length as 64bit number
337740  Implement additional Xen hypercalls
337762  guest_arm64_toIR.c:4166 (dis_ARM64_load_store): Assertion `0' failed.
337766  arm64-linux: unhandled syscalls mlock (228) and mlockall (230)
337871  deprecate --db-attach
338023  Add support for all V4L2/media ioctls
338024  inlined functions are not shown if DW_AT_ranges is used
338106  Add support for 'kcmp' syscall
338115  DRD: computed conflict set differs from actual after fork
338160  implement display of thread local storage in gdbsrv
338205  configure.ac and check for -Wno-tautological-compare
338300  coredumps are missing one byte of every segment
338445  amd64 vbit-test fails with unknown opcodes used by arm64 VEX
338499  --sim-hints parsing broken due to wrong order in tokens
338615  suppress glibc 2.20 optimized strcmp implementation for ARMv7
338681  Unable to unwind through clone thread created on i386-linux
338698  race condition between gdbsrv and vgdb on startup
338703  helgrind on arm-linux gets false positives in dynamic loader
338791  alt dwz files can be relative of debug/main file
338878  on MacOS: assertion 'VG_IS_PAGE_ALIGNED(clstack_end+1)' failed
338932  build V-trunk with gcc-trunk
338974  glibc 2.20 changed size of struct sigaction sa_flags field on s390
345079  Fix build problems in VEX/useful/test_main.c
n-i-bz  Fix KVM_CREATE_IRQCHIP ioctl handling
n-i-bz  s390x: Fix memory corruption for multithreaded applications
n-i-bz  vex arm->IR: allow PC as basereg in some LDRD cases
n-i-bz  internal error in Valgrind if vgdb transmit signals when ptrace invoked
n-i-bz  Fix mingw64 support in valgrind.h (dev@, 9 May 2014)
n-i-bz  drd manual: Document how to C++11 programs that use class "std::thread"
n-i-bz  Add command-line option --default-suppressions
n-i-bz  Add support for BLKDISCARDZEROES ioctl
n-i-bz  ppc32/64: fix a regression with the mtfsb0/mtfsb1 instructions
n-i-bz  Add support for	sys_pivot_root and sys_unshare

(3.10.0.BETA1:  2 September 2014, vex r2940, valgrind r14428)
(3.10.0.BETA2:  8 September 2014, vex r2950, valgrind r14503)
(3.10.0:       10 September 2014, vex r2950, valgrind r14514)



Release 3.9.0 (31 October 2013)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.9.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, MIPS32/Linux, MIPS64/Linux, ARM/Android,
X86/Android, X86/MacOSX 10.7 and AMD64/MacOSX 10.7.  Support for
MacOSX 10.8 is significantly improved relative to the 3.8.0 release.

* ================== PLATFORM CHANGES =================

* Support for MIPS64 LE and BE running Linux.  Valgrind has been
  tested on MIPS64 Debian Squeeze and Debian Wheezy distributions.

* Support for MIPS DSP ASE on MIPS32 platforms.

* Support for s390x Decimal Floating Point instructions on hosts that
  have the DFP facility installed.

* Support for POWER8 (Power ISA 2.07) instructions

* Support for Intel AVX2 instructions.  This is available only on 64
  bit code.

* Initial support for Intel Transactional Synchronization Extensions,
  both RTM and HLE.

* Initial support for Hardware Transactional Memory on POWER.

* Improved support for MacOSX 10.8 (64-bit only).  Memcheck can now
  run large GUI apps tolerably well.

* ==================== TOOL CHANGES ====================

* Memcheck:

  - Improvements in handling of vectorised code, leading to
    significantly fewer false error reports.  You need to use the flag
    --partial-loads-ok=yes to get the benefits of these changes.

  - Better control over the leak checker.  It is now possible to
    specify which leak kinds (definite/indirect/possible/reachable)
    should be displayed, which should be regarded as errors, and which
    should be suppressed by a given leak suppression.  This is done
    using the options --show-leak-kinds=kind1,kind2,..,
    --errors-for-leak-kinds=kind1,kind2,.. and an optional
    "match-leak-kinds:" line in suppression entries, respectively.

    Note that generated leak suppressions contain this new line and
    are therefore more specific than in previous releases.  To get the
    same behaviour as previous releases, remove the "match-leak-kinds:"
    line from generated suppressions before using them.

  - Reduced "possible leak" reports from the leak checker by the use
    of better heuristics.  The available heuristics provide detection
    of valid interior pointers to std::stdstring, to new[] allocated
    arrays with elements having destructors and to interior pointers
    pointing to an inner part of a C++ object using multiple
    inheritance.  They can be selected individually using the
    option --leak-check-heuristics=heur1,heur2,...

  - Better control of stacktrace acquisition for heap-allocated
    blocks.  Using the --keep-stacktraces option, it is possible to
    control independently whether a stack trace is acquired for each
    allocation and deallocation.  This can be used to create better
    "use after free" errors or to decrease Valgrind's resource
    consumption by recording less information.

  - Better reporting of leak suppression usage.  The list of used
    suppressions (shown when the -v option is given) now shows, for
    each leak suppressions, how many blocks and bytes it suppressed
    during the last leak search.

* Helgrind:

  - False errors resulting from the use of statically initialised
    mutexes and condition variables (PTHREAD_MUTEX_INITIALISER, etc)
    have been removed.

  - False errors resulting from the use of pthread_cond_waits that
    timeout, have been removed.

* ==================== OTHER CHANGES ====================

* Some attempt to tune Valgrind's space requirements to the expected
  capabilities of the target:

  - The default size of the translation cache has been reduced from 8
    sectors to 6 on Android platforms, since each sector occupies
    about 40MB when using Memcheck.

  - The default size of the translation cache has been increased to 16
    sectors on all other platforms, reflecting the fact that large
    applications require instrumentation and storage of huge amounts
    of code.  For similar reasons, the number of memory mapped
    segments that can be tracked has been increased by a factor of 6.

  - In all cases, the maximum number of sectors in the translation
    cache can be controlled by the new flag --num-transtab-sectors.

* Changes in how debug info (line numbers, etc) is read:

  - Valgrind no longer temporarily mmaps the entire object to read
    from it.  Instead, reading is done through a small fixed sized
    buffer.  This avoids virtual memory usage spikes when Valgrind
    reads debuginfo from large shared objects.

  - A new experimental remote debug info server.  Valgrind can read
    debug info from a different machine (typically, a build host)
    where debuginfo objects are stored.  This can save a lot of time
    and hassle when running Valgrind on resource-constrained targets
    (phones, tablets) when the full debuginfo objects are stored
    somewhere else.  This is enabled by the --debuginfo-server=
    option.

  - Consistency checking between main and debug objects can be
    disabled using the --allow-mismatched-debuginfo option.

* Stack unwinding by stack scanning, on ARM.  Unwinding by stack
  scanning can recover stack traces in some cases when the normal
  unwind mechanisms fail.  Stack scanning is best described as "a
  nasty, dangerous and misleading hack" and so is disabled by default.
  Use --unw-stack-scan-thresh and --unw-stack-scan-frames to enable
  and control it.

* Detection and merging of recursive stack frame cycles.  When your
  program has recursive algorithms, this limits the memory used by
  Valgrind for recorded stack traces and avoids recording
  uninteresting repeated calls.  This is controlled by the command
  line option --merge-recursive-frame and by the monitor command
  "v.set merge-recursive-frames".

* File name and line numbers for used suppressions.  The list of used
  suppressions (shown when the -v option is given) now shows, for each
  used suppression, the file name and line number where the suppression
  is defined.

* New and modified GDB server monitor features:

  - valgrind.h has a new client request, VALGRIND_MONITOR_COMMAND,
    that can be used to execute gdbserver monitor commands from the
    client program.

  - A new monitor command, "v.info open_fds", that gives the list of
    open file descriptors and additional details.

  - An optional message in the "v.info n_errs_found" monitor command,
    for example "v.info n_errs_found test 1234 finished", allowing a
    comment string to be added to the process output, perhaps for the
    purpose of separating errors of different tests or test phases.

  - A new monitor command "v.info execontext" that shows information
    about the stack traces recorded by Valgrind.

  - A new monitor command "v.do expensive_sanity_check_general" to run
    some internal consistency checks.

* New flag --sigill-diagnostics to control whether a diagnostic
  message is printed when the JIT encounters an instruction it can't
  translate.  The actual behavior -- delivery of SIGILL to the
  application -- is unchanged.

* The maximum amount of memory that Valgrind can use on 64 bit targets
  has been increased from 32GB to 64GB.  This should make it possible
  to run applications on Memcheck that natively require up to about 35GB.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

123837  system call: 4th argument is optional, depending on cmd
135425  memcheck should tell you where Freed blocks were Mallocd
164485  VG_N_SEGNAMES and VG_N_SEGMENTS are (still) too small
207815  Adds some of the drm ioctls to syswrap-linux.c 
251569  vex amd64->IR: 0xF 0x1 0xF9 0xBF 0x90 0xD0 0x3 0x0 (RDTSCP)
252955  Impossible to compile with ccache
253519  Memcheck reports auxv pointer accesses as invalid reads.
263034  Crash when loading some PPC64 binaries
269599  Increase deepest backtrace
274695  s390x: Support "compare to/from logical" instructions (z196)
275800  s390x: Autodetect cache info (part 2)
280271  Valgrind reports possible memory leaks on still-reachable std::string
284540  Memcheck shouldn't count suppressions matching still-reachable [..]
289578  Backtraces with ARM unwind tables (stack scan flags)
296311  Wrong stack traces due to -fomit-frame-pointer (x86) 
304832  ppc32: build failure
305431  Use find_buildid shdr fallback for separate .debug files
305728  Add support for AVX2 instructions
305948  ppc64: code generation for ShlD64 / ShrD64 asserts
306035  s390x: Fix IR generation for LAAG and friends
306054  s390x: Condition code computation for convert-to-int/logical
306098  s390x: alternate opcode form for convert to/from fixed
306587  Fix cache line detection from auxiliary vector for PPC.
306783  Mips unhandled syscall :  4025  /  4079  / 4182
307038  DWARF2 CFI reader: unhandled DW_OP_ opcode 0x8 (DW_OP_const1u et al)
307082  HG false positive: pthread_cond_destroy: destruction of unknown CV
307101  sys_capget second argument can be NULL
307103  sys_openat: If pathname is absolute, then dirfd is ignored.
307106  amd64->IR: f0 0f c0 02 (lock xadd byte)
307113  s390x: DFP support
307141  valgrind does't work in mips-linux system
307155  filter_gdb should filter out syscall-template.S T_PSEUDO
307285  x86_amd64 feature test for avx in test suite is wrong
307290  memcheck overlap testcase needs memcpy version filter
307463  Please add "&limit=0" to the "all open bugs" link
307465  --show-possibly-lost=no should reduce the error count / exit code
307557  Leaks on Mac OS X 10.7.5 libraries at ImageLoader::recursiveInit[..]
307729  pkgconfig support broken valgrind.pc
307828  Memcheck false errors SSE optimized wcscpy, wcscmp, wcsrchr, wcschr
307955  Building valgrind 3.7.0-r4 fails in Gentoo AMD64 when using clang
308089  Unhandled syscall on ppc64: prctl
308135  PPC32 MPC8xx has 16 bytes cache size
308321  testsuite memcheck filter interferes with gdb_filter 
308333 == 307106
308341  vgdb should report process exit (or fatal signal)
308427  s390 memcheck reports tsearch cjump/cmove depends on uninit
308495  Remove build dependency on installed Xen headers
308573  Internal error on 64-bit instruction executed in 32-bit mode
308626  == 308627
308627  pmovmskb validity bit propagation is imprecise
308644  vgdb command for having the info for the track-fds option
308711  give more info about aspacemgr and arenas in out_of_memory
308717  ARM: implement fixed-point VCVT.F64.[SU]32
308718  ARM implement SMLALBB family of instructions
308886  Missing support for PTRACE_SET/GETREGSET 
308930  syscall name_to_handle_at (303 on amd64) not handled
309229  V-bit tester does not report number of tests generated
309323  print unrecognized instuction on MIPS
309425  Provide a --sigill-diagnostics flag to suppress illegal [..]
309427  SSE optimized stpncpy trigger uninitialised value [..] errors
309430  Self hosting ppc64 encounters a vassert error on operand type
309600  valgrind is a bit confused about 0-sized sections
309823  Generate errors for still reachable blocks
309921  PCMPISTRI validity bit propagation is imprecise
309922  none/tests/ppc64/test_dfp5 sometimes fails
310169  The Iop_CmpORD class of Iops is not supported by the vbit checker.
310424  --read-var-info does not properly describe static variables 
310792  search additional path for debug symbols
310931  s390x: Message-security assist (MSA) instruction extension [..]
311100  PPC DFP implementation of the integer operands is inconsistent [..]
311318  ARM: "128-bit constant is not implemented" error message
311407  ssse3 bcopy (actually converted memcpy) causes invalid read [..]
311690  V crashes because it redirects branches inside of a redirected function
311880  x86_64: make regtest hangs at shell_valid1
311922  WARNING: unhandled syscall: 170
311933  == 251569
312171  ppc: insn selection for DFP
312571  Rounding mode call wrong for the DFP Iops [..]
312620  Change to Iop_D32toD64 [..] for s390 DFP support broke ppc [..]
312913  Dangling pointers error should also report the alloc stack trace
312980  Building on Mountain Lion generates some compiler warnings
313267  Adding MIPS64/Linux port to Valgrind
313348  == 251569
313354  == 251569
313811  Buffer overflow in assert_fail
314099  coverity pointed out error in VEX guest_ppc_toIR.c insn_suffix
314269  ppc: dead code in insn selection
314718  ARM: implement integer divide instruction (sdiv and udiv)
315345  cl-format.xml and callgrind/dump.c don't agree on using cfl= or cfi=
315441  sendmsg syscall should ignore unset msghdr msg_flags
315534  msgrcv inside a thread causes valgrind to hang (block)
315545  Assertion '(UChar*)sec->tt[tteNo].tcptr <= (UChar*)hcode' failed
315689  disInstr(thumb): unhandled instruction: 0xF852 0x0E10 (LDRT)
315738  disInstr(arm): unhandled instruction: 0xEEBE0BEE (vcvt.s32.f64)
315959  valgrind man page has bogus SGCHECK (and no BBV) OPTIONS section
316144  valgrind.1 manpage contains unknown ??? strings [..]
316145  callgrind command line options in manpage reference (unknown) [..]
316145  callgrind command line options in manpage reference [..]
316181  drd: Fixed a 4x slowdown for certain applications
316503  Valgrind does not support SSE4 "movntdqa" instruction
316535  Use of |signed int| instead of |size_t| in valgrind messages
316696   fluidanimate program of parsec 2.1 stuck 
316761  syscall open_by_handle_at (304 on amd64, 342 on x86) not handled
317091  Use -Wl,-Ttext-segment when static linking if possible [..]
317186  "Impossible happens" when occurs VCVT instruction on ARM
317318  Support for Threading Building Blocks "scalable_malloc"
317444  amd64->IR: 0xC4 0x41 0x2C 0xC2 0xD2 0x8 (vcmpeq_uqps)
317461  Fix BMI assembler configure check and avx2/bmi/fma vgtest prereqs
317463  bmi testcase IR SANITY CHECK FAILURE
317506  memcheck/tests/vbit-test fails with unknown opcode after [..]
318050  libmpiwrap fails to compile with out-of-source build
318203  setsockopt handling needs to handle SOL_SOCKET/SO_ATTACH_FILTER
318643  annotate_trace_memory tests infinite loop on arm and ppc [..]
318773  amd64->IR: 0xF3 0x48 0x0F 0xBC 0xC2 0xC3 0x66 0x0F
318929  Crash with: disInstr(thumb): 0xF321 0x0001 (ssat16)
318932  Add missing PPC64 and PPC32 system call support
319235  --db-attach=yes is broken with Yama (ptrace scoping) enabled
319395  Crash with unhandled instruction on STRT (Thumb) instructions
319494  VEX Makefile-gcc standalone build update after r2702
319505  [MIPSEL] Crash: unhandled UNRAY operator.
319858  disInstr(thumb): unhandled instruction on instruction STRBT
319932  disInstr(thumb): unhandled instruction on instruction STRHT
320057  Problems when we try to mmap more than 12 memory pages on MIPS32
320063  Memory from PTRACE_GET_THREAD_AREA is reported uninitialised
320083  disInstr(thumb): unhandled instruction on instruction LDRBT
320116  bind on AF_BLUETOOTH produces warnings because of sockaddr_rc padding
320131  WARNING: unhandled syscall: 369 on ARM (prlimit64)
320211  Stack buffer overflow in ./coregrind/m_main.c with huge TMPDIR
320661  vgModuleLocal_read_elf_debug_info(): "Assertion '!di->soname'
320895  add fanotify support (patch included)
320998  vex amd64->IR pcmpestri and pcmpestrm SSE4.2 instruction
321065  Valgrind updates for Xen 4.3
321148  Unhandled instruction: PLI (Thumb 1, 2, 3)
321363  Unhandled instruction: SSAX (ARM + Thumb)
321364  Unhandled instruction: SXTAB16 (ARM + Thumb)
321466  Unhandled instruction: SHASX (ARM + Thumb)
321467  Unhandled instruction: SHSAX (ARM + Thumb)
321468  Unhandled instruction: SHSUB16 (ARM + Thumb)
321619  Unhandled instruction: SHSUB8 (ARM + Thumb)
321620  Unhandled instruction: UASX (ARM + Thumb)
321621  Unhandled instruction: USAX (ARM + Thumb)
321692  Unhandled instruction: UQADD16 (ARM + Thumb)
321693  Unhandled instruction: LDRSBT (Thumb)
321694  Unhandled instruction: UQASX (ARM + Thumb)
321696  Unhandled instruction: UQSAX (Thumb + ARM)
321697  Unhandled instruction: UHASX (ARM + Thumb)
321703  Unhandled instruction: UHSAX (ARM + Thumb)
321704  Unhandled instruction: REVSH (ARM + Thumb)
321730  Add cg_diff and cg_merge man pages
321738  Add vgdb and valgrind-listener man pages
321814  == 315545
321891  Unhandled instruction: LDRHT (Thumb)
321960  pthread_create() then alloca() causing invalid stack write errors
321969  ppc32 and ppc64 don't support [lf]setxattr
322254  Show threadname together with tid if set by application
322294  Add initial support for IBM Power ISA 2.07
322368  Assertion failure in wqthread_hijack under OS X 10.8
322563  vex mips->IR: 0x70 0x83 0xF0 0x3A
322807  VALGRIND_PRINTF_BACKTRACE writes callstack to xml and text to stderr
322851  0bXXX binary literal syntax is not standard 
323035  Unhandled instruction: LDRSHT(Thumb)
323036  Unhandled instruction: SMMLS (ARM and Thumb)
323116  The memcheck/tests/ppc64/power_ISA2_05.c fails to build [..]
323175  Unhandled instruction: SMLALD (ARM + Thumb)
323177  Unhandled instruction: SMLSLD (ARM + Thumb)
323432  Calling pthread_cond_destroy() or pthread_mutex_destroy() [..]
323437  Phase 2 support for IBM Power ISA 2.07
323713  Support mmxext (integer sse) subset on i386 (athlon)
323803  Transactional memory instructions are not supported for Power
323893  SSE3 not available on amd cpus in valgrind
323905  Probable false positive from Valgrind/drd on close()
323912  valgrind.h header isn't compatible for mingw64
324047  Valgrind doesn't support [LDR,ST]{S}[B,H]T ARM instructions
324149  helgrind: When pthread_cond_timedwait returns ETIMEDOUT [..]
324181  mmap does not handle MAP_32BIT
324227  memcheck false positive leak when a thread calls exit+block [..]
324421  Support for fanotify API on ARM architecture
324514  gdbserver monitor cmd output behaviour consistency [..]
324518  ppc64: Emulation of dcbt instructions does not handle [..]
324546  none/tests/ppc32 test_isa_2_07_part2 requests -m64
324582  When access is made to freed memory, report both allocation [..]
324594  Fix overflow computation for Power ISA 2.06 insns: mulldo/mulldo.
324765  ppc64: illegal instruction when executing none/tests/ppc64/jm-misc
324816  Incorrect VEX implementation for xscvspdp/xvcvspdp for SNaN inputs
324834  Unhandled instructions in Microsoft C run-time for x86_64
324894  Phase 3 support for IBM Power ISA 2.07
326091  drd: Avoid false race reports from optimized strlen() impls
326113  valgrind libvex hwcaps error on AMD64 
n-i-bz  Some wrong command line options could be ignored
n-i-bz  patch to allow fair-sched on android
n-i-bz  report error for vgdb snapshot requested before execution
n-i-bz  same as 303624 (fixed in 3.8.0), but for x86 android

(3.9.0: 31 October 2013, vex r2796, valgrind r13708)



Release 3.8.1 (19 September 2012)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.8.1 is a bug fix release.  It fixes some assertion failures in 3.8.0
that occur moderately frequently in real use cases, adds support for
some missing instructions on ARM, and fixes a deadlock condition on
MacOSX.  If you package or deliver 3.8.0 for others to use, you might
want to consider upgrading to 3.8.1 instead.

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

284004  == 301281
289584  Unhandled instruction: 0xF 0x29 0xE5 (MOVAPS)
295808  amd64->IR: 0xF3 0xF 0xBC 0xC0 (TZCNT)
298281  wcslen causes false(?) uninitialised value warnings
301281  valgrind hangs on OS X when the process calls system()
304035  disInstr(arm): unhandled instruction 0xE1023053
304867  implement MOVBE instruction in x86 mode
304980  Assertion 'lo <= hi' failed in vgModuleLocal_find_rx_mapping
305042  amd64: implement 0F 7F encoding of movq between two registers
305199  ARM: implement QDADD and QDSUB
305321  amd64->IR: 0xF 0xD 0xC (prefetchw)
305513  killed by fatal signal: SIGSEGV
305690  DRD reporting invalid semaphore when sem_trywait fails
305926  Invalid alignment checks for some AVX instructions
306297  disInstr(thumb): unhandled instruction 0xE883 0x000C
306310  3.8.0 release tarball missing some files
306612  RHEL 6 glibc-2.X default suppressions need /lib*/libc-*patterns
306664  vex amd64->IR: 0x66 0xF 0x3A 0x62 0xD1 0x46 0x66 0xF
n-i-bz  shmat of a segment > 4Gb does not work 
n-i-bz  simulate_control_c script wrong USR1 signal number on mips
n-i-bz  vgdb ptrace calls wrong on mips [...]
n-i-bz  Fixes for more MPI false positives
n-i-bz  exp-sgcheck's memcpy causes programs to segfault
n-i-bz  OSX build w/ clang: asserts at startup
n-i-bz  Incorrect undef'dness prop for Iop_DPBtoBCD and Iop_BCDtoDPB
n-i-bz  fix a couple of union tag-vs-field mixups
n-i-bz  OSX: use __NR_poll_nocancel rather than __NR_poll

The following bugs were fixed in 3.8.0 but not listed in this NEWS
file at the time:

254088  Valgrind should know about UD2 instruction
301280  == 254088
301902  == 254088
304754  NEWS blows TeX's little mind

(3.8.1: 19 September 2012, vex r2537, valgrind r12996)



Release 3.8.0 (10 August 2012)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.8.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, MIPS/Linux, ARM/Android, X86/Android,
X86/MacOSX 10.6/10.7 and AMD64/MacOSX 10.6/10.7.  Support for recent
distros and toolchain components (glibc 2.16, gcc 4.7) has been added.
There is initial support for MacOSX 10.8, but it is not usable for
serious work at present.

* ================== PLATFORM CHANGES =================

* Support for MIPS32 platforms running Linux.  Valgrind has been
  tested on MIPS32 and MIPS32r2 platforms running different Debian
  Squeeze and MeeGo distributions.  Both little-endian and big-endian
  cores are supported.  The tools Memcheck, Massif and Lackey have
  been tested and are known to work. See README.mips for more details.

* Preliminary support for Android running on x86.

* Preliminary (as-yet largely unusable) support for MacOSX 10.8.

* Support for Intel AVX instructions and for AES instructions.  This
  support is available only for 64 bit code.

* Support for POWER Decimal Floating Point instructions.

* ==================== TOOL CHANGES ====================

* Non-libc malloc implementations are now supported.  This is useful
  for tools that replace malloc (Memcheck, Massif, DRD, Helgrind).
  Using the new option --soname-synonyms, such tools can be informed
  that the malloc implementation is either linked statically into the
  executable, or is present in some other shared library different
  from libc.so.  This makes it possible to process statically linked
  programs, and programs using other malloc libraries, for example
  TCMalloc or JEMalloc.

* For tools that provide their own replacement for malloc et al, the
  option --redzone-size=<number> allows users to specify the size of
  the padding blocks (redzones) added before and after each client
  allocated block.  Smaller redzones decrease the memory needed by
  Valgrind.  Bigger redzones increase the chance to detect blocks
  overrun or underrun.  Prior to this change, the redzone size was
  hardwired to 16 bytes in Memcheck.

* Memcheck:

  - The leak_check GDB server monitor command now can
    control the maximum nr of loss records to output.

  - Reduction of memory use for applications allocating
    many blocks and/or having many partially defined bytes.

  - Addition of GDB server monitor command 'block_list' that lists
    the addresses/sizes of the blocks of a leak search loss record.

  - Addition of GDB server monitor command 'who_points_at' that lists
    the locations pointing at a block.

  - If a redzone size > 0 is given, VALGRIND_MALLOCLIKE_BLOCK now will
    detect an invalid access of these redzones, by marking them
    noaccess.  Similarly, if a redzone size is given for a memory
    pool, VALGRIND_MEMPOOL_ALLOC will mark the redzones no access.
    This still allows to find some bugs if the user has forgotten to
    mark the pool superblock noaccess.

  - Performance of memory leak check has been improved, especially in
    cases where there are many leaked blocks and/or many suppression
    rules used to suppress leak reports.

  - Reduced noise (false positive) level on MacOSX 10.6/10.7, due to
    more precise analysis, which is important for LLVM/Clang
    generated code.  This is at the cost of somewhat reduced
    performance.  Note there is no change to analysis precision or
    costs on Linux targets.

* DRD:

  - Added even more facilities that can help finding the cause of a data
    race, namely the command-line option --ptrace-addr and the macro
    DRD_STOP_TRACING_VAR(x). More information can be found in the manual.

  - Fixed a subtle bug that could cause false positive data race reports.

* ==================== OTHER CHANGES ====================

* The C++ demangler has been updated so as to work well with C++ 
  compiled by up to at least g++ 4.6.

* Tool developers can make replacement/wrapping more flexible thanks
  to the new option --soname-synonyms.  This was reported above, but
  in fact is very general and applies to all function
  replacement/wrapping, not just to malloc-family functions.

* Round-robin scheduling of threads can be selected, using the new
  option --fair-sched= yes.  Prior to this change, the pipe-based
  thread serialisation mechanism (which is still the default) could
  give very unfair scheduling.  --fair-sched=yes improves
  responsiveness of interactive multithreaded applications, and
  improves repeatability of results from the thread checkers Helgrind
  and DRD.

* For tool developers: support to run Valgrind on Valgrind has been
  improved.  We can now routinely Valgrind on Helgrind or Memcheck.

* gdbserver now shows the float shadow registers as integer
  rather than float values, as the shadow values are mostly
  used as bit patterns.

* Increased limit for the --num-callers command line flag to 500.

* Performance improvements for error matching when there are many
  suppression records in use.

* Improved support for DWARF4 debugging information (bug 284184).

* Initial support for DWZ compressed Dwarf debug info.

* Improved control over the IR optimiser's handling of the tradeoff
  between performance and precision of exceptions.  Specifically,
  --vex-iropt-precise-memory-exns has been removed and replaced by
  --vex-iropt-register-updates, with extended functionality.  This
  allows the Valgrind gdbserver to always show up to date register
  values to GDB.

* Modest performance gains through the use of translation chaining for
  JIT-generated code.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

197914  Building valgrind from svn now requires automake-1.10
203877  increase to 16Mb maximum allowed alignment for memalign et al
219156  Handle statically linked malloc or other malloc lib (e.g. tcmalloc) 
247386  make perf does not run all performance tests
270006  Valgrind scheduler unfair 
270777  Adding MIPS/Linux port to Valgrind
270796  s390x: Removed broken support for the TS insn
271438  Fix configure for proper SSE4.2 detection
273114  s390x: Support TR, TRE, TROO, TROT, TRTO, and TRTT instructions
273475  Add support for AVX instructions
274078  improved configure logic for mpicc
276993  fix mremap 'no thrash checks' 
278313  Fedora 15/x64: err read debug info with --read-var-info=yes flag
281482  memcheck incorrect byte allocation count in realloc() for silly argument
282230  group allocator for small fixed size, use it for MC_Chunk/SEc vbit
283413  Fix wrong sanity check
283671  Robustize alignment computation in LibVEX_Alloc
283961  Adding support for some HCI IOCTLs
284124  parse_type_DIE: confused by: DWARF 4
284864  == 273475 (Add support for AVX instructions)
285219  Too-restrictive constraints for Thumb2 "SP plus/minus register"
285662  (MacOSX): Memcheck needs to replace memcpy/memmove
285725  == 273475 (Add support for AVX instructions)
286261  add wrapper for linux I2C_RDWR ioctl
286270  vgpreload is not friendly to 64->32 bit execs, gives ld.so warnings
286374  Running cachegrind with --branch-sim=yes on 64-bit PowerPC program fails
286384  configure fails "checking for a supported version of gcc"
286497  == 273475 (Add support for AVX instructions)
286596  == 273475 (Add support for AVX instructions)
286917  disInstr(arm): unhandled instruction: QADD (also QSUB)
287175  ARM: scalar VFP fixed-point VCVT instructions not handled
287260  Incorrect conditional jump or move depends on uninitialised value(s)
287301  vex amd64->IR: 0x66 0xF 0x38 0x41 0xC0 0xB8 0x0 0x0 (PHMINPOSUW)
287307  == 273475 (Add support for AVX instructions)
287858  VG_(strerror): unknown error 
288298  (MacOSX) unhandled syscall shm_unlink
288995  == 273475 (Add support for AVX instructions)
289470  Loading of large Mach-O thin binaries fails.
289656  == 273475 (Add support for AVX instructions)
289699  vgdb connection in relay mode erroneously closed due to buffer overrun 
289823  ==  293754 (PCMPxSTRx not implemented for 16-bit characters)
289839  s390x: Provide support for unicode conversion instructions
289939  monitor cmd 'leak_check' with details about leaked or reachable blocks
290006  memcheck doesn't mark %xmm as initialized after "pcmpeqw %xmm %xmm"
290655  Add support for AESKEYGENASSIST instruction 
290719  valgrind-3.7.0 fails with automake-1.11.2 due to"pkglibdir" usage
290974  vgdb must align pages to VKI_SHMLBA (16KB) on ARM 
291253  ES register not initialised in valgrind simulation
291568  Fix 3DNOW-related crashes with baseline x86_64 CPU (w patch)
291865  s390x: Support the "Compare Double and Swap" family of instructions
292300  == 273475 (Add support for AVX instructions)
292430  unrecognized instruction in __intel_get_new_mem_ops_cpuid
292493  == 273475 (Add support for AVX instructions)
292626  Missing fcntl F_SETOWN_EX and F_GETOWN_EX support
292627  Missing support for some SCSI ioctls
292628  none/tests/x86/bug125959-x86.c triggers undefined behavior
292841  == 273475 (Add support for AVX instructions)
292993  implement the getcpu syscall on amd64-linux
292995  Implement the “cross memory attach” syscalls introduced in Linux 3.2
293088  Add some VEX sanity checks for ppc64 unhandled instructions
293751  == 290655 (Add support for AESKEYGENASSIST instruction)
293754  PCMPxSTRx not implemented for 16-bit characters
293755  == 293754 (No tests for PCMPxSTRx on 16-bit characters)
293808  CLFLUSH not supported by latest VEX for amd64
294047  valgrind does not correctly emulate prlimit64(..., RLIMIT_NOFILE, ...)
294048  MPSADBW instruction not implemented
294055  regtest none/tests/shell fails when locale is not set to C
294185  INT 0x44 (and others) not supported on x86 guest, but used by Jikes RVM
294190  --vgdb-error=xxx can be out of sync with errors shown to the user
294191  amd64: fnsave/frstor and 0x66 size prefixes on FP instructions
294260  disInstr_AMD64: disInstr miscalculated next %rip
294523  --partial-loads-ok=yes causes false negatives
294617  vex amd64->IR: 0x66 0xF 0x3A 0xDF 0xD1 0x1 0xE8 0x6A
294736  vex amd64->IR: 0x48 0xF 0xD7 0xD6 0x48 0x83
294812  patch allowing to run (on x86 at least) helgrind/drd on tool.
295089  can not annotate source for both helgrind and drd
295221  POWER Processor decimal floating point instruction support missing
295427  building for i386 with clang on darwin11 requires "-new_linker linker"
295428  coregrind/m_main.c has incorrect x86 assembly for darwin
295590  Helgrind: Assertion 'cvi->nWaiters > 0' failed
295617  ARM - Add some missing syscalls
295799  Missing \n with get_vbits in gdbserver when line is % 80 [...]
296229  Linux user input device ioctls missing wrappers
296318  ELF Debug info improvements (more than one rx/rw mapping)
296422  Add translation chaining support
296457  vex amd64->IR: 0x66 0xF 0x3A 0xDF 0xD1 0x1 0xE8 0x6A (dup of AES)
296792  valgrind 3.7.0: add SIOCSHWTSTAMP (0x89B0) ioctl wrapper
296983  Fix build issues on x86_64/ppc64 without 32-bit toolchains
297078  gdbserver signal handling problems [..]
297147  drd false positives on newly allocated memory
297329  disallow decoding of IBM Power DFP insns on some machines
297497  POWER Processor decimal floating point instruction support missing
297701  Another alias for strncasecmp_l in libc-2.13.so
297911  'invalid write' not reported when using APIs for custom mem allocators.
297976  s390x: revisit EX implementation
297991  Valgrind interferes with mmap()+ftell() 
297992  Support systems missing WIFCONTINUED (e.g. pre-2.6.10 Linux) 
297993  Fix compilation of valgrind with gcc -g3.
298080  POWER Processor DFP support missing, part 3
298227  == 273475 (Add support for AVX instructions)
298335  == 273475 (Add support for AVX instructions)
298354  Unhandled ARM Thumb instruction 0xEB0D 0x0585 (streq)
298394  s390x: Don't bail out on an unknown machine model.  [..]
298421  accept4() syscall (366) support is missing for ARM
298718  vex amd64->IR: 0xF 0xB1 0xCB 0x9C 0x8F 0x45
298732  valgrind installation problem in ubuntu with kernel version 3.x
298862  POWER Processor DFP instruction support missing, part 4
298864  DWARF reader mis-parses DW_FORM_ref_addr
298943  massif asserts with --pages-as-heap=yes when brk is changing [..]
299053  Support DWARF4 DW_AT_high_pc constant form
299104  == 273475 (Add support for AVX instructions)
299316  Helgrind: hg_main.c:628 (map_threads_lookup): Assertion 'thr' failed.
299629  dup3() syscall (358) support is missing for ARM
299694  POWER Processor DFP instruction support missing, part 5
299756  Ignore --free-fill for MEMPOOL_FREE and FREELIKE client requests
299803  == 273475 (Add support for AVX instructions)
299804  == 273475 (Add support for AVX instructions)
299805  == 273475 (Add support for AVX instructions)
300140  ARM - Missing (T1) SMMUL
300195  == 296318 (ELF Debug info improvements (more than one rx/rw mapping))
300389  Assertion `are_valid_hwcaps(VexArchAMD64, [..])' failed.
300414  FCOM and FCOMP unimplemented for amd64 guest
301204  infinite loop in canonicaliseSymtab with ifunc symbol
301229  == 203877 (increase to 16Mb maximum allowed alignment for memalign etc)
301265  add x86 support to Android build 
301984  configure script doesn't detect certain versions of clang
302205  Fix compiler warnings for POWER VEX code and POWER test cases
302287  Unhandled movbe instruction on Atom processors
302370  PPC: fnmadd, fnmsub, fnmadds, fnmsubs insns always negate the result
302536  Fix for the POWER Valgrind regression test: memcheck-ISA2.0.
302578  Unrecognized isntruction 0xc5 0x32 0xc2 0xca 0x09 vcmpngess
302656  == 273475 (Add support for AVX instructions)
302709  valgrind for ARM needs extra tls support for android emulator [..]
302827  add wrapper for CDROM_GET_CAPABILITY
302901  Valgrind crashes with dwz optimized debuginfo
302918  Enable testing of the vmaddfp and vnsubfp instructions in the testsuite
303116  Add support for the POWER instruction popcntb
303127  Power test suite fixes for frsqrte, vrefp, and vrsqrtefp instructions.
303250  Assertion `instrs_in->arr_used <= 10000' failed w/ OpenSSL code
303466  == 273475 (Add support for AVX instructions)
303624  segmentation fault on Android 4.1 (e.g. on Galaxy Nexus OMAP) 
303963  strstr() function produces wrong results under valgrind callgrind
304054  CALL_FN_xx macros need to enforce stack alignment
304561  tee system call not supported
715750  (MacOSX): Incorrect invalid-address errors near 0xFFFFxxxx (mozbug#)
n-i-bz  Add missing gdbserver xml files for shadow registers for ppc32
n-i-bz  Bypass gcc4.4/4.5 code gen bugs causing out of memory or asserts
n-i-bz  Fix assert in gdbserver for watchpoints watching the same address
n-i-bz  Fix false positive in sys_clone on amd64 when optional args [..]
n-i-bz  s390x: Shadow registers can now be examined using vgdb

(3.8.0-TEST3:  9 August 2012, vex r2465, valgrind r12865)
(3.8.0:       10 August 2012, vex r2465, valgrind r12866)



Release 3.7.0 (5 November 2011)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.7.0 is a feature release with many significant improvements and the
usual collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, ARM/Android, X86/Darwin and AMD64/Darwin.
Support for recent distros and toolchain components (glibc 2.14, gcc
4.6, MacOSX 10.7) has been added.

* ================== PLATFORM CHANGES =================

* Support for IBM z/Architecture (s390x) running Linux.  Valgrind can
  analyse 64-bit programs running on z/Architecture.  Most user space
  instructions up to and including z10 are supported.  Valgrind has
  been tested extensively on z9, z10, and z196 machines running SLES
  10/11, RedHat 5/6m, and Fedora. The Memcheck and Massif tools are
  known to work well. Callgrind, Helgrind, and DRD work reasonably
  well on z9 and later models. See README.s390 for more details.

* Preliminary support for MacOSX 10.7 and XCode 4.  Both 32- and
  64-bit processes are supported.  Some complex threaded applications
  (Firefox) are observed to hang when run as 32 bit applications,
  whereas 64-bit versions run OK.  The cause is unknown.  Memcheck
  will likely report some false errors.  In general, expect some rough
  spots.  This release also supports MacOSX 10.6, but drops support
  for 10.5.

* Preliminary support for Android (on ARM).  Valgrind can now run
  large applications (eg, Firefox) on (eg) a Samsung Nexus S.  See
  README.android for more details, plus instructions on how to get
  started.

* Support for the IBM Power ISA 2.06 (Power7 instructions)

* General correctness and performance improvements for ARM/Linux, and,
  by extension, ARM/Android.

* Further solidification of support for SSE 4.2 in 64-bit mode.  AVX
  instruction set support is under development but is not available in
  this release.

* Support for AIX5 has been removed.

* ==================== TOOL CHANGES ====================

* Memcheck: some incremental changes:

  - reduction of memory use in some circumstances

  - improved handling of freed memory, which in some circumstances 
    can cause detection of use-after-free that would previously have
    been missed

  - fix of a longstanding bug that could cause false negatives (missed
    errors) in programs doing vector saturated narrowing instructions.

* Helgrind: performance improvements and major memory use reductions,
  particularly for large, long running applications which perform many
  synchronisation (lock, unlock, etc) events.  Plus many smaller
  changes:

  - display of locksets for both threads involved in a race

  - general improvements in formatting/clarity of error messages

  - addition of facilities and documentation regarding annotation
    of thread safe reference counted C++ classes

  - new flag --check-stack-refs=no|yes [yes], to disable race checking
    on thread stacks (a performance hack)

  - new flag --free-is-write=no|yes [no], to enable detection of races
    where one thread accesses heap memory but another one frees it,
    without any coordinating synchronisation event

* DRD: enabled XML output; added support for delayed thread deletion
  in order to detect races that occur close to the end of a thread
  (--join-list-vol); fixed a memory leak triggered by repeated client
  memory allocatation and deallocation; improved Darwin support.

* exp-ptrcheck: this tool has been renamed to exp-sgcheck

* exp-sgcheck: this tool has been reduced in scope so as to improve
  performance and remove checking that Memcheck does better.
  Specifically, the ability to check for overruns for stack and global
  arrays is unchanged, but the ability to check for overruns of heap
  blocks has been removed.  The tool has accordingly been renamed to
  exp-sgcheck ("Stack and Global Array Checking").

* ==================== OTHER CHANGES ====================

* GDB server: Valgrind now has an embedded GDB server.  That means it
  is possible to control a Valgrind run from GDB, doing all the usual
  things that GDB can do (single stepping, breakpoints, examining
  data, etc).  Tool-specific functionality is also available.  For
  example, it is possible to query the definedness state of variables
  or memory from within GDB when running Memcheck; arbitrarily large
  memory watchpoints are supported, etc.  To use the GDB server, start
  Valgrind with the flag --vgdb-error=0 and follow the on-screen
  instructions.

* Improved support for unfriendly self-modifying code: a new option
  --smc-check=all-non-file is available.  This adds the relevant
  consistency checks only to code that originates in non-file-backed
  mappings.  In effect this confines the consistency checking only to
  code that is or might be JIT generated, and avoids checks on code
  that must have been compiled ahead of time.  This significantly
  improves performance on applications that generate code at run time.

* It is now possible to build a working Valgrind using Clang-2.9 on
  Linux.

* new client requests VALGRIND_{DISABLE,ENABLE}_ERROR_REPORTING.
  These enable and disable error reporting on a per-thread, and
  nestable, basis.  This is useful for hiding errors in particularly
  troublesome pieces of code.  The MPI wrapper library (libmpiwrap.c)
  now uses this facility.

* Added the --mod-funcname option to cg_diff.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

 79311  malloc silly arg warning does not give stack trace
210935  port valgrind.h (not valgrind) to win32 to support client requests
214223  valgrind SIGSEGV on startup gcc 4.4.1 ppc32 (G4) Ubuntu 9.10
243404  Port to zSeries
243935  Helgrind: incorrect handling of ANNOTATE_HAPPENS_BEFORE()/AFTER()
247223  non-x86: Suppress warning: 'regparm' attribute directive ignored
250101  huge "free" memory usage due to m_mallocfree.c fragmentation
253206  Some fixes for the faultstatus testcase
255223  capget testcase fails when running as root
256703  xlc_dbl_u32.c testcase broken
256726  Helgrind tests have broken inline asm 
259977  == 214223 (Valgrind segfaults doing __builtin_longjmp)
264800  testcase compile failure on zseries
265762  make public VEX headers compilable by G++ 3.x
265771  assertion in jumps.c (r11523) fails with glibc-2.3
266753  configure script does not give the user the option to not use QtCore
266931  gen_insn_test.pl is broken
266961  ld-linux.so.2 i?86-linux strlen issues
266990  setns instruction causes false positive
267020  Make directory for temporary files configurable at run-time.
267342  == 267997 (segmentation fault on Mac OS 10.6)
267383  Assertion 'vgPlain_strlen(dir) + vgPlain_strlen(file) + 1 < 256' failed
267413  Assertion 'DRD_(g_threadinfo)[tid].synchr_nesting >= 1' failed.
267488  regtest: darwin support for 64-bit build
267552  SIGSEGV (misaligned_stack_error) with DRD, but not with other tools
267630  Add support for IBM Power ISA 2.06 -- stage 1
267769  == 267997 (Darwin: memcheck triggers segmentation fault)
267819  Add client request for informing the core about reallocation
267925  laog data structure quadratic for a single sequence of lock
267968  drd: (vgDrd_thread_set_joinable): Assertion '0 <= (int)tid ..' failed
267997  MacOSX: 64-bit V segfaults on launch when built with Xcode 4.0.1
268513  missed optimizations in fold_Expr
268619  s390x: fpr - gpr transfer facility 
268620  s390x: reconsider "long displacement" requirement 
268621  s390x: improve IR generation for XC
268715  s390x: FLOGR is not universally available
268792  == 267997 (valgrind seg faults on startup when compiled with Xcode 4)
268930  s390x: MHY is not universally available
269078  arm->IR: unhandled instruction SUB (SP minus immediate/register) 
269079  Support ptrace system call on ARM
269144  missing "Bad option" error message
269209  conditional load and store facility (z196)
269354  Shift by zero on x86 can incorrectly clobber CC_NDEP
269641  == 267997 (valgrind segfaults immediately (segmentation fault))
269736  s390x: minor code generation tweaks
269778  == 272986 (valgrind.h: swap roles of VALGRIND_DO_CLIENT_REQUEST() ..)
269863  s390x: remove unused function parameters
269864  s390x: tweak s390_emit_load_cc 
269884  == 250101 (overhead for huge blocks exhausts space too soon)
270082  s390x: Make sure to point the PSW address to the next address on SIGILL
270115  s390x: rewrite some testcases
270309  == 267997 (valgrind crash on startup)
270320  add support for Linux FIOQSIZE ioctl() call
270326  segfault while trying to sanitize the environment passed to execle
270794  IBM POWER7 support patch causes regression in none/tests
270851  IBM POWER7 fcfidus instruction causes memcheck to fail
270856  IBM POWER7 xsnmaddadp instruction causes memcheck to fail on 32bit app 
270925  hyper-optimized strspn() in /lib64/libc-2.13.so needs fix
270959  s390x: invalid use of R0 as base register
271042  VSX configure check fails when it should not 
271043  Valgrind build fails with assembler error on ppc64 with binutils 2.21 
271259  s390x: fix code confusion 
271337  == 267997 (Valgrind segfaults on MacOS X)
271385  s390x: Implement Ist_MBE 
271501  s390x: misc cleanups 
271504  s390x: promote likely and unlikely 
271579  ppc: using wrong enum type 
271615  unhandled instruction "popcnt" (arch=amd10h) 
271730  Fix bug when checking ioctls: duplicate check 
271776  s390x: provide STFLE instruction support 
271779  s390x: provide clock instructions like STCK 
271799  Darwin: ioctls without an arg report a memory error 
271820  arm: fix type confusion 
271917  pthread_cond_timedwait failure leads to not-locked false positive 
272067  s390x: fix DISP20 macro 
272615  A typo in debug output in mc_leakcheck.c
272661  callgrind_annotate chokes when run from paths containing regex chars
272893  amd64->IR: 0x66 0xF 0x38 0x2B 0xC1 0x66 0xF 0x7F == (closed as dup)
272955  Unhandled syscall error for pwrite64 on ppc64 arch 
272967  make documentation build-system more robust 
272986  Fix gcc-4.6 warnings with valgrind.h
273318  amd64->IR: 0x66 0xF 0x3A 0x61 0xC1 0x38 (missing PCMPxSTRx case)
273318  unhandled PCMPxSTRx case: vex amd64->IR: 0x66 0xF 0x3A 0x61 0xC1 0x38 
273431  valgrind segfaults in evalCfiExpr (debuginfo.c:2039)
273465  Callgrind: jumps.c:164 (new_jcc): Assertion '(0 <= jmp) && ...'
273536  Build error: multiple definition of `vgDrd_pthread_cond_initializer'
273640  ppc64-linux: unhandled syscalls setresuid(164) and setresgid(169)
273729  == 283000 (Illegal opcode for SSE2 "roundsd" instruction)
273778  exp-ptrcheck: unhandled sysno == 259
274089  exp-ptrcheck: unhandled sysno == 208
274378  s390x: Various dispatcher tweaks
274447  WARNING: unhandled syscall: 340
274776  amd64->IR: 0x66 0xF 0x38 0x2B 0xC5 0x66
274784  == 267997 (valgrind ls -l results in Segmentation Fault)
274926  valgrind does not build against linux-3
275148  configure FAIL with glibc-2.14
275151  Fedora 15 / glibc-2.14 'make regtest' FAIL
275168  Make Valgrind work for MacOSX 10.7 Lion
275212  == 275284 (lots of false positives from __memcpy_ssse3_back et al)
275278  valgrind does not build on Linux kernel 3.0.* due to silly
275284  Valgrind memcpy/memmove redirection stopped working in glibc 2.14/x86_64
275308  Fix implementation for ppc64 fres instruc
275339  s390x: fix testcase compile warnings
275517  s390x: Provide support for CKSM instruction
275710  s390x: get rid of redundant address mode calculation
275815  == 247894 (Valgrind doesn't know about Linux readahead(2) syscall)
275852  == 250101 (valgrind uses all swap space and is killed)
276784  Add support for IBM Power ISA 2.06 -- stage 3
276987  gdbsrv: fix tests following recent commits
277045  Valgrind crashes with  unhandled DW_OP_ opcode 0x2a
277199  The test_isa_2_06_part1.c in none/tests/ppc64 should be a symlink
277471  Unhandled syscall: 340
277610  valgrind crashes in VG_(lseek)(core_fd, phdrs[idx].p_offset, ...)
277653  ARM: support Thumb2 PLD instruction
277663  ARM: NEON float VMUL by scalar incorrect
277689  ARM: tests for VSTn with register post-index are broken
277694  ARM: BLX LR instruction broken in ARM mode
277780  ARM: VMOV.F32 (immediate) instruction is broken
278057  fuse filesystem syscall deadlocks
278078  Unimplemented syscall 280 on ppc32
278349  F_GETPIPE_SZ and  F_SETPIPE_SZ Linux fcntl commands
278454  VALGRIND_STACK_DEREGISTER has wrong output type
278502  == 275284 (Valgrind confuses memcpy() and memmove())
278892  gdbsrv: factorize gdb version handling, fix doc and typos
279027  Support for MVCL and CLCL instruction
279027  s390x: Provide support for CLCL and MVCL instructions
279062  Remove a redundant check in the insn selector for ppc.
279071  JDK creates PTEST with redundant REX.W prefix
279212  gdbsrv: add monitor cmd v.info scheduler.
279378  exp-ptrcheck: the 'impossible' happened on mkfifo call
279698  memcheck discards valid-bits for packuswb
279795  memcheck reports uninitialised values for mincore on amd64
279994  Add support for IBM Power ISA 2.06 -- stage 3
280083  mempolicy syscall check errors
280290  vex amd64->IR: 0x66 0xF 0x38 0x28 0xC1 0x66 0xF 0x6F
280710  s390x: config files for nightly builds
280757  /tmp dir still used by valgrind even if TMPDIR is specified
280965  Valgrind breaks fcntl locks when program does mmap
281138  WARNING: unhandled syscall: 340
281241  == 275168 (valgrind useless on Macos 10.7.1 Lion)
281304  == 275168 (Darwin: dyld "cannot load inserted library")
281305  == 275168 (unhandled syscall: unix:357 on Darwin 11.1)
281468  s390x: handle do_clone and gcc clones in call traces
281488  ARM: VFP register corruption
281828  == 275284 (false memmove warning: "Source and destination overlap")
281883  s390x: Fix system call wrapper for "clone".
282105  generalise 'reclaimSuperBlock' to also reclaim splittable superblock
282112  Unhandled instruction bytes: 0xDE 0xD9 0x9B 0xDF (fcompp)
282238  SLES10: make check fails
282979  strcasestr needs replacement with recent(>=2.12) glibc
283000  vex amd64->IR: 0x66 0xF 0x3A 0xA 0xC0 0x9 0xF3 0xF
283243  Regression in ppc64 memcheck tests
283325  == 267997 (Darwin: V segfaults on startup when built with Xcode 4.0)
283427  re-connect epoll_pwait syscall on ARM linux
283600  gdbsrv: android: port vgdb.c
283709  none/tests/faultstatus needs to account for page size
284305  filter_gdb needs enhancement to work on ppc64
284384  clang 3.1 -Wunused-value warnings in valgrind.h, memcheck.h
284472  Thumb2 ROR.W encoding T2 not implemented
284621  XML-escape process command line in XML output
n-i-bz  cachegrind/callgrind: handle CPUID information for Core iX Intel CPUs
        that have non-power-of-2 sizes (also AMDs)
n-i-bz  don't be spooked by libraries mashed by elfhack
n-i-bz  don't be spooked by libxul.so linked with gold
n-i-bz  improved checking for VALGRIND_CHECK_MEM_IS_DEFINED

(3.7.0-TEST1: 27  October 2011, vex r2228, valgrind r12245)
(3.7.0.RC1:    1 November 2011, vex r2231, valgrind r12257)
(3.7.0:        5 November 2011, vex r2231, valgrind r12258)



Release 3.6.1 (16 February 2011)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.6.1 is a bug fix release.  It adds support for some SSE4
instructions that were omitted in 3.6.0 due to lack of time.  Initial
support for glibc-2.13 has been added.  A number of bugs causing
crashing or assertion failures have been fixed.

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

188572  Valgrind on Mac should suppress setenv() mem leak
194402  vex amd64->IR: 0x48 0xF 0xAE 0x4 (proper FX{SAVE,RSTOR} support)
210481  vex amd64->IR: Assertion `sz == 2 || sz == 4' failed (REX.W POPQ)
246152  callgrind internal error after pthread_cancel on 32 Bit Linux
250038  ppc64: Altivec LVSR and LVSL instructions fail their regtest
254420  memory pool tracking broken 
254957  Test code failing to compile due to changes in memcheck.h
255009  helgrind/drd: crash on chmod with invalid parameter
255130  readdwarf3.c parse_type_DIE confused by GNAT Ada types
255355  helgrind/drd: crash on threaded programs doing fork
255358  == 255355
255418  (SSE4.x) rint call compiled with ICC
255822  --gen-suppressions can create invalid files: "too many callers [...]"
255888  closing valgrindoutput tag outputted to log-stream on error
255963  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0x9 0xDB 0x0 (ROUNDPD)
255966  Slowness when using mempool annotations
256387  vex x86->IR: 0xD4 0xA 0x2 0x7 (AAD and AAM)
256600  super-optimized strcasecmp() false positive
256669  vex amd64->IR: Unhandled LOOPNEL insn on amd64
256968  (SSE4.x) vex amd64->IR: 0x66 0xF 0x38 0x10 0xD3 0x66 (BLENDVPx)
257011  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0xE 0xFD 0xA0 (PBLENDW)
257063  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0x8 0xC0 0x0 (ROUNDPS)
257276  Missing case in memcheck --track-origins=yes
258870  (SSE4.x) Add support for EXTRACTPS SSE 4.1 instruction
261966  (SSE4.x) support for CRC32B and CRC32Q is lacking (also CRC32{W,L})
262985  VEX regression in valgrind 3.6.0 in handling PowerPC VMX
262995  (SSE4.x) crash when trying to valgrind gcc-snapshot (PCMPxSTRx $0)
263099  callgrind_annotate counts Ir improperly [...]
263877  undefined coprocessor instruction on ARMv7
265964  configure FAIL with glibc-2.13
n-i-bz  Fix compile error w/ icc-12.x in guest_arm_toIR.c
n-i-bz  Docs: fix bogus descriptions for VALGRIND_CREATE_BLOCK et al
n-i-bz  Massif: don't assert on shmat() with --pages-as-heap=yes
n-i-bz  Bug fixes and major speedups for the exp-DHAT space profiler
n-i-bz  DRD: disable --free-is-write due to implementation difficulties

(3.6.1: 16 February 2011, vex r2103, valgrind r11561).



Release 3.6.0 (21 October 2010)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.6.0 is a feature release with many significant improvements and the
usual collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, X86/Darwin and AMD64/Darwin.  Support for recent distros
and toolchain components (glibc 2.12, gcc 4.5, OSX 10.6) has been added.

                    -------------------------

Here are some highlights.  Details are shown further down:

* Support for ARM/Linux.

* Support for recent Linux distros: Ubuntu 10.10 and Fedora 14.

* Support for Mac OS X 10.6, both 32- and 64-bit executables.

* Support for the SSE4.2 instruction set.

* Enhancements to the Callgrind profiler, including the ability to
  handle CPUs with three levels of cache.

* A new experimental heap profiler, DHAT.

* A huge number of bug fixes and small enhancements.

                    -------------------------

Here are details of the above changes, together with descriptions of
many other changes, and a list of fixed bugs.

* ================== PLATFORM CHANGES =================

* Support for ARM/Linux.  Valgrind now runs on ARMv7 capable CPUs
  running Linux.  It is known to work on Ubuntu 10.04, Ubuntu 10.10,
  and Maemo 5, so you can run Valgrind on your Nokia N900 if you want.

  This requires a CPU capable of running the ARMv7-A instruction set
  (Cortex A5, A8 and A9).  Valgrind provides fairly complete coverage
  of the user space instruction set, including ARM and Thumb integer
  code, VFPv3, NEON and V6 media instructions.  The Memcheck,
  Cachegrind and Massif tools work properly; other tools work to
  varying degrees.

* Support for recent Linux distros (Ubuntu 10.10 and Fedora 14), along
  with support for recent releases of the underlying toolchain
  components, notably gcc-4.5 and glibc-2.12.

* Support for Mac OS X 10.6, both 32- and 64-bit executables.  64-bit
  support also works much better on OS X 10.5, and is as solid as
  32-bit support now.

* Support for the SSE4.2 instruction set.  SSE4.2 is supported in
  64-bit mode.  In 32-bit mode, support is only available up to and
  including SSSE3.  Some exceptions: SSE4.2 AES instructions are not
  supported in 64-bit mode, and 32-bit mode does in fact support the
  bare minimum SSE4 instructions to needed to run programs on Mac OS X
  10.6 on 32-bit targets.

* Support for IBM POWER6 cpus has been improved.  The Power ISA up to
  and including version 2.05 is supported.

* ==================== TOOL CHANGES ====================

* Cachegrind has a new processing script, cg_diff, which finds the
  difference between two profiles.  It's very useful for evaluating
  the performance effects of a change in a program.
  
  Related to this change, the meaning of cg_annotate's (rarely-used)
  --threshold option has changed; this is unlikely to affect many
  people, if you do use it please see the user manual for details.

* Callgrind now can do branch prediction simulation, similar to
  Cachegrind.  In addition, it optionally can count the number of
  executed global bus events.  Both can be used for a better
  approximation of a "Cycle Estimation" as derived event (you need to
  update the event formula in KCachegrind yourself).

* Cachegrind and Callgrind now refer to the LL (last-level) cache
  rather than the L2 cache.  This is to accommodate machines with
  three levels of caches -- if Cachegrind/Callgrind auto-detects the
  cache configuration of such a machine it will run the simulation as
  if the L2 cache isn't present.  This means the results are less
  likely to match the true result for the machine, but
  Cachegrind/Callgrind's results are already only approximate, and
  should not be considered authoritative.  The results are still
  useful for giving a general idea about a program's locality.

* Massif has a new option, --pages-as-heap, which is disabled by
  default.  When enabled, instead of tracking allocations at the level
  of heap blocks (as allocated with malloc/new/new[]), it instead
  tracks memory allocations at the level of memory pages (as mapped by
  mmap, brk, etc).  Each mapped page is treated as its own block.
  Interpreting the page-level output is harder than the heap-level
  output, but this option is useful if you want to account for every
  byte of memory used by a program.

* DRD has two new command-line options: --free-is-write and
  --trace-alloc.  The former allows to detect reading from already freed
  memory, and the latter allows tracing of all memory allocations and
  deallocations.

* DRD has several new annotations.  Custom barrier implementations can
  now be annotated, as well as benign races on static variables.

* DRD's happens before / happens after annotations have been made more
  powerful, so that they can now also be used to annotate e.g. a smart
  pointer implementation.

* Helgrind's annotation set has also been drastically improved, so as
  to provide to users a general set of annotations to describe locks,
  semaphores, barriers and condition variables.  Annotations to
  describe thread-safe reference counted heap objects have also been
  added.

* Memcheck has a new command-line option, --show-possibly-lost, which
  is enabled by default.  When disabled, the leak detector will not
  show possibly-lost blocks.

* A new experimental heap profiler, DHAT (Dynamic Heap Analysis Tool),
  has been added.  DHAT keeps track of allocated heap blocks, and also
  inspects every memory reference to see which block (if any) is being
  accessed.  This gives a lot of insight into block lifetimes,
  utilisation, turnover, liveness, and the location of hot and cold
  fields.  You can use DHAT to do hot-field profiling.

* ==================== OTHER CHANGES ====================

* Improved support for unfriendly self-modifying code: the extra
  overhead incurred by --smc-check=all has been reduced by
  approximately a factor of 5 as compared with 3.5.0.

* Ability to show directory names for source files in error messages.
  This is combined with a flexible mechanism for specifying which
  parts of the paths should be shown.  This is enabled by the new flag
  --fullpath-after.

* A new flag, --require-text-symbol, which will stop the run if a
  specified symbol is not found it a given shared object when it is
  loaded into the process.  This makes advanced working with function
  intercepting and wrapping safer and more reliable.

* Improved support for the Valkyrie GUI, version 2.0.0.  GUI output
  and control of Valgrind is now available for the tools Memcheck and
  Helgrind.  XML output from Valgrind is available for Memcheck,
  Helgrind and exp-Ptrcheck.

* More reliable stack unwinding on amd64-linux, particularly in the
  presence of function wrappers, and with gcc-4.5 compiled code.

* Modest scalability (performance improvements) for massive
  long-running applications, particularly for those with huge amounts
  of code.

* Support for analyzing programs running under Wine with has been
  improved.  The header files <valgrind/valgrind.h>,
  <valgrind/memcheck.h> and <valgrind/drd.h> can now be used in
  Windows-programs compiled with MinGW or one of the Microsoft Visual
  Studio compilers.

* A rare but serious error in the 64-bit x86 CPU simulation was fixed.
  The 32-bit simulator was not affected.  This did not occur often,
  but when it did would usually crash the program under test.
  Bug 245925.

* A large number of bugs were fixed.  These are shown below.

* A number of bugs were investigated, and were candidates for fixing,
  but are not fixed in 3.6.0, due to lack of developer time.  They may
  get fixed in later releases.  They are:

  194402  vex amd64->IR: 0x48 0xF 0xAE 0x4 0x24 0x49  (FXSAVE64)
  212419  false positive "lock order violated" (A+B vs A) 
  213685  Undefined value propagates past dependency breaking instruction
  216837  Incorrect instrumentation of NSOperationQueue on Darwin 
  237920  valgrind segfault on fork failure 
  242137  support for code compiled by LLVM-2.8
  242423  Another unknown Intel cache config value 
  243232  Inconsistent Lock Orderings report with trylock 
  243483  ppc: callgrind triggers VEX assertion failure 
  243935  Helgrind: implementation of ANNOTATE_HAPPENS_BEFORE() is wrong
  244677  Helgrind crash hg_main.c:616 (map_threads_lookup): Assertion
          'thr' failed. 
  246152  callgrind internal error after pthread_cancel on 32 Bit Linux 
  249435  Analyzing wine programs with callgrind triggers a crash 
  250038  ppc64: Altivec lvsr and lvsl instructions fail their regtest
  250065  Handling large allocations 
  250101  huge "free" memory usage due to m_mallocfree.c
          "superblocks fragmentation"
  251569  vex amd64->IR: 0xF 0x1 0xF9 0x8B 0x4C 0x24 (RDTSCP)
  252091  Callgrind on ARM does not detect function returns correctly
  252600  [PATCH] Allow lhs to be a pointer for shl/shr
  254420  memory pool tracking broken
  n-i-bz  support for adding symbols for JIT generated code


The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

135264  dcbzl instruction missing
142688  == 250799
153699  Valgrind should report unaligned reads with movdqa
180217  == 212335
190429  Valgrind reports lost of errors in ld.so
        with x86_64 2.9.90 glibc 
197266  valgrind appears to choke on the xmms instruction
        "roundsd" on x86_64 
197988  Crash when demangling very large symbol names
202315  unhandled syscall: 332 (inotify_init1)
203256  Add page-level profiling to Massif
205093  dsymutil=yes needs quotes, locking (partial fix)
205241  Snow Leopard 10.6 support (partial fix)
206600  Leak checker fails to upgrade indirect blocks when their
        parent becomes reachable 
210935  port valgrind.h (not valgrind) to win32 so apps run under
        wine can make client requests
211410  vex amd64->IR: 0x15 0xFF 0xFF 0x0 0x0 0x89
        within Linux ip-stack checksum functions 
212335  unhandled instruction bytes: 0xF3 0xF 0xBD 0xC0
        (lzcnt %eax,%eax) 
213685  Undefined value propagates past dependency breaking instruction
        (partial fix)
215914  Valgrind inserts bogus empty environment variable 
217863  == 197988
219538  adjtimex syscall wrapper wrong in readonly adjtime mode 
222545  shmat fails under valgind on some arm targets 
222560  ARM NEON support 
230407  == 202315
231076  == 202315
232509  Docs build fails with formatting inside <title></title> elements 
232793  == 202315
235642  [PATCH] syswrap-linux.c: support evdev EVIOCG* ioctls 
236546  vex x86->IR: 0x66 0xF 0x3A 0xA
237202  vex amd64->IR: 0xF3 0xF 0xB8 0xC0 0x49 0x3B 
237371  better support for VALGRIND_MALLOCLIKE_BLOCK 
237485  symlink (syscall 57) is not supported on Mac OS 
237723  sysno == 101 exp-ptrcheck: the 'impossible' happened:
        unhandled syscall 
238208  is_just_below_ESP doesn't take into account red-zone 
238345  valgrind passes wrong $0 when executing a shell script 
238679  mq_timedreceive syscall doesn't flag the reception buffer
        as "defined"
238696  fcntl command F_DUPFD_CLOEXEC not supported 
238713  unhandled instruction bytes: 0x66 0xF 0x29 0xC6 
238713  unhandled instruction bytes: 0x66 0xF 0x29 0xC6 
238745  3.5.0 Make fails on PPC Altivec opcodes, though configure
        says "Altivec off"
239992  vex amd64->IR: 0x48 0xF 0xC4 0xC1 0x0 0x48 
240488  == 197988
240639  == 212335
241377  == 236546
241903  == 202315
241920  == 212335
242606  unhandled syscall: setegid (in Ptrcheck)
242814  Helgrind "Impossible has happened" during
        QApplication::initInstance(); 
243064  Valgrind attempting to read debug information from iso 
243270  Make stack unwinding in Valgrind wrappers more reliable
243884  exp-ptrcheck: the 'impossible happened: unhandled syscall 
        sysno = 277 (mq_open)
244009  exp-ptrcheck unknown syscalls in analyzing lighttpd
244493  ARM VFP d16-d31 registers support 
244670  add support for audit_session_self syscall on Mac OS 10.6
244921  The xml report of helgrind tool is not well format
244923  In the xml report file, the <preamble> not escape the 
        xml char, eg '<','&','>'
245535  print full path names in plain text reports 
245925  x86-64 red zone handling problem 
246258  Valgrind not catching integer underruns + new [] s
246311  reg/reg cmpxchg doesn't work on amd64
246549  unhandled syscall unix:277 while testing 32-bit Darwin app 
246888  Improve Makefile.vex.am 
247510  [OS X 10.6] Memcheck reports unaddressable bytes passed 
        to [f]chmod_extended
247526  IBM POWER6 (ISA 2.05) support is incomplete
247561  Some leak testcases fails due to reachable addresses in
        caller save regs
247875  sizeofIRType to handle Ity_I128 
247894  [PATCH] unhandled syscall sys_readahead 
247980  Doesn't honor CFLAGS passed to configure 
248373  darwin10.supp is empty in the trunk 
248822  Linux FIBMAP ioctl has int parameter instead of long
248893  [PATCH] make readdwarf.c big endianess safe to enable
        unwinding on big endian systems
249224  Syscall 336 not supported (SYS_proc_info) 
249359  == 245535
249775  Incorrect scheme for detecting NEON capabilities of host CPU
249943  jni JVM init fails when using valgrind
249991  Valgrind incorrectly declares AESKEYGENASSIST support
        since VEX r2011
249996  linux/arm: unhandled syscall: 181 (__NR_pwrite64)
250799  frexp$fenv_access_off function generates SIGILL 
250998  vex x86->IR: unhandled instruction bytes: 0x66 0x66 0x66 0x2E 
251251  support pclmulqdq insn 
251362  valgrind: ARM: attach to debugger either fails or provokes
        kernel oops 
251674  Unhandled syscall 294
251818  == 254550

254257  Add support for debugfiles found by build-id
254550  [PATCH] Implement DW_ATE_UTF (DWARF4)
254646  Wrapped functions cause stack misalignment on OS X
        (and possibly Linux)
254556  ARM: valgrinding anything fails with SIGSEGV for 0xFFFF0FA0

(3.6.0: 21 October 2010, vex r2068, valgrind r11471).



Release 3.5.0 (19 August 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.5.0 is a feature release with many significant improvements and the
usual collection of bug fixes.  The main improvement is that Valgrind
now works on Mac OS X.

This release supports X86/Linux, AMD64/Linux, PPC32/Linux, PPC64/Linux
and X86/Darwin.  Support for recent distros and toolchain components
(glibc 2.10, gcc 4.5) has been added.

                    -------------------------

Here is a short summary of the changes.  Details are shown further
down:

* Support for Mac OS X (10.5.x).

* Improvements and simplifications to Memcheck's leak checker.

* Clarification and simplifications in various aspects of Valgrind's
  text output.

* XML output for Helgrind and Ptrcheck.

* Performance and stability improvements for Helgrind and DRD.

* Genuinely atomic support for x86/amd64/ppc atomic instructions.

* A new experimental tool, BBV, useful for computer architecture
  research.

* Improved Wine support, including ability to read Windows PDB
  debuginfo.

                    -------------------------

Here are details of the above changes, followed by descriptions of
many other minor changes, and a list of fixed bugs.


* Valgrind now runs on Mac OS X.  (Note that Mac OS X is sometimes
  called "Darwin" because that is the name of the OS core, which is the
  level that Valgrind works at.)

  Supported systems:

  - It requires OS 10.5.x (Leopard).  Porting to 10.4.x is not planned
    because it would require work and 10.4 is only becoming less common.

  - 32-bit programs on x86 and AMD64 (a.k.a x86-64) machines are supported
    fairly well.  For 10.5.x, 32-bit programs are the default even on
    64-bit machines, so it handles most current programs.
    
  - 64-bit programs on x86 and AMD64 (a.k.a x86-64) machines are not
    officially supported, but simple programs at least will probably work.
    However, start-up is slow.

  - PowerPC machines are not supported.

  Things that don't work:

  - The Ptrcheck tool.

  - Objective-C garbage collection.

  - --db-attach=yes.

  - If you have Rogue Amoeba's "Instant Hijack" program installed,
    Valgrind will fail with a SIGTRAP at start-up.  See
    https://bugs.kde.org/show_bug.cgi?id=193917 for details and a
    simple work-around.

  Usage notes:

  - You will likely find --dsymutil=yes a useful option, as error
    messages may be imprecise without it.

  - Mac OS X support is new and therefore will be less robust than the
    Linux support.  Please report any bugs you find.

  - Threaded programs may run more slowly than on Linux.

  Many thanks to Greg Parker for developing this port over several years.


* Memcheck's leak checker has been improved.  

  - The results for --leak-check=summary now match the summary results
    for --leak-check=full.  Previously they could differ because
    --leak-check=summary counted "indirectly lost" blocks and
    "suppressed" blocks as "definitely lost".

  - Blocks that are only reachable via at least one interior-pointer,
    but are directly pointed to by a start-pointer, were previously
    marked as "still reachable".  They are now correctly marked as
    "possibly lost".

  - The default value for the --leak-resolution option has been
    changed from "low" to "high".  In general, this means that more
    leak reports will be produced, but each leak report will describe
    fewer leaked blocks.

  - With --leak-check=full, "definitely lost" and "possibly lost"
    leaks are now considered as proper errors, ie. they are counted
    for the "ERROR SUMMARY" and affect the behaviour of
    --error-exitcode.  These leaks are not counted as errors if
    --leak-check=summary is specified, however.

  - Documentation for the leak checker has been improved.


* Various aspects of Valgrind's text output have changed.

  - Valgrind's start-up message has changed.  It is shorter but also
    includes the command being run, which makes it easier to use
    --trace-children=yes.  An example:

  - Valgrind's shut-down messages have also changed.  This is most
    noticeable with Memcheck, where the leak summary now occurs before
    the error summary.  This change was necessary to allow leaks to be
    counted as proper errors (see the description of the leak checker
    changes above for more details).  This was also necessary to fix a
    longstanding bug in which uses of suppressions against leaks were
    not "counted", leading to difficulties in maintaining suppression
    files (see https://bugs.kde.org/show_bug.cgi?id=186790).

  - Behavior of -v has changed.  In previous versions, -v printed out
    a mixture of marginally-user-useful information, and tool/core
    statistics.  The statistics printing has now been moved to its own
    flag, --stats=yes.  This means -v is less verbose and more likely
    to convey useful end-user information.

  - The format of some (non-XML) stack trace entries has changed a
    little.  Previously there were six possible forms:

      0x80483BF: really (a.c:20)
      0x80483BF: really (in /foo/a.out)
      0x80483BF: really
      0x80483BF: (within /foo/a.out)
      0x80483BF: ??? (a.c:20)
      0x80483BF: ???

    The third and fourth of these forms have been made more consistent
    with the others.  The six possible forms are now:
  
      0x80483BF: really (a.c:20)
      0x80483BF: really (in /foo/a.out)
      0x80483BF: really (in ???)
      0x80483BF: ??? (in /foo/a.out)
      0x80483BF: ??? (a.c:20)
      0x80483BF: ???

    Stack traces produced when --xml=yes is specified are different
    and unchanged.


* Helgrind and Ptrcheck now support XML output, so they can be used
  from GUI tools.  Also, the XML output mechanism has been
  overhauled.

  - The XML format has been overhauled and generalised, so it is more
    suitable for error reporting tools in general.  The Memcheck
    specific aspects of it have been removed.  The new format, which
    is an evolution of the old format, is described in
    docs/internals/xml-output-protocol4.txt.

  - Memcheck has been updated to use the new format.

  - Helgrind and Ptrcheck are now able to emit output in this format.

  - The XML output mechanism has been overhauled.  XML is now output
    to its own file descriptor, which means that:

    * Valgrind can output text and XML independently.

    * The longstanding problem of XML output being corrupted by 
      unexpected un-tagged text messages  is solved.

    As before, the destination for text output is specified using
    --log-file=, --log-fd= or --log-socket=.

    As before, XML output for a tool is enabled using --xml=yes.

    Because there's a new XML output channel, the XML output
    destination is now specified by --xml-file=, --xml-fd= or
    --xml-socket=.

    Initial feedback has shown this causes some confusion.  To
    clarify, the two envisaged usage scenarios are:

    (1) Normal text output.  In this case, do not specify --xml=yes
        nor any of --xml-file=, --xml-fd= or --xml-socket=.

    (2) XML output.  In this case, specify --xml=yes, and one of
        --xml-file=, --xml-fd= or --xml-socket= to select the XML
        destination, one of --log-file=, --log-fd= or --log-socket=
        to select the destination for any remaining text messages,
        and, importantly, -q.

        -q makes Valgrind completely silent on the text channel,
        except in the case of critical failures, such as Valgrind
        itself segfaulting, or failing to read debugging information.
        Hence, in this scenario, it suffices to check whether or not
        any output appeared on the text channel.  If yes, then it is
        likely to be a critical error which should be brought to the
        attention of the user.  If no (the text channel produced no
        output) then it can be assumed that the run was successful.

        This allows GUIs to make the critical distinction they need to
        make (did the run fail or not?) without having to search or
        filter the text output channel in any way.

    It is also recommended to use --child-silent-after-fork=yes in
    scenario (2).


* Improvements and changes in Helgrind:

  - XML output, as described above

  - Checks for consistent association between pthread condition
    variables and their associated mutexes are now performed.

  - pthread_spinlock functions are supported.

  - Modest performance improvements.

  - Initial (skeletal) support for describing the behaviour of
    non-POSIX synchronisation objects through ThreadSanitizer
    compatible ANNOTATE_* macros.

  - More controllable tradeoffs between performance and the level of
    detail of "previous" accesses in a race.  There are now three
    settings:

    * --history-level=full.  This is the default, and was also the
      default in 3.4.x.  It shows both stacks involved in a race, but
      requires a lot of memory and can be very slow in programs that
      do many inter-thread synchronisation events.

    * --history-level=none.  This only shows the later stack involved
      in a race.  This can be much faster than --history-level=full,
      but makes it much more difficult to find the other access
      involved in the race.

    The new intermediate setting is

    * --history-level=approx

      For the earlier (other) access, two stacks are presented.  The
      earlier access is guaranteed to be somewhere in between the two
      program points denoted by those stacks.  This is not as useful
      as showing the exact stack for the previous access (as per
      --history-level=full), but it is better than nothing, and it's
      almost as fast as --history-level=none.


* New features and improvements in DRD:

  - The error messages printed by DRD are now easier to interpret.
    Instead of using two different numbers to identify each thread
    (Valgrind thread ID and DRD thread ID), DRD does now identify
    threads via a single number (the DRD thread ID).  Furthermore
    "first observed at" information is now printed for all error
    messages related to synchronization objects.

  - Added support for named semaphores (sem_open() and sem_close()).

  - Race conditions between pthread_barrier_wait() and
    pthread_barrier_destroy() calls are now reported.

  - Added support for custom allocators through the macros
    VALGRIND_MALLOCLIKE_BLOCK() VALGRIND_FREELIKE_BLOCK() (defined in
    in <valgrind/valgrind.h>). An alternative for these two macros is
    the new client request VG_USERREQ__DRD_CLEAN_MEMORY (defined in
    <valgrind/drd.h>).

  - Added support for annotating non-POSIX synchronization objects
    through several new ANNOTATE_*() macros.

  - OpenMP: added support for the OpenMP runtime (libgomp) included
    with gcc versions 4.3.0 and 4.4.0.

  - Faster operation.

  - Added two new command-line options (--first-race-only and
    --segment-merging-interval).


* Genuinely atomic support for x86/amd64/ppc atomic instructions

  Valgrind will now preserve (memory-access) atomicity of LOCK-
  prefixed x86/amd64 instructions, and any others implying a global
  bus lock.  Ditto for PowerPC l{w,d}arx/st{w,d}cx. instructions.

  This means that Valgrinded processes will "play nicely" in
  situations where communication with other processes, or the kernel,
  is done through shared memory and coordinated with such atomic
  instructions.  Prior to this change, such arrangements usually
  resulted in hangs, races or other synchronisation failures, because
  Valgrind did not honour atomicity of such instructions.


* A new experimental tool, BBV, has been added.  BBV generates basic
  block vectors for use with the SimPoint analysis tool, which allows
  a program's overall behaviour to be approximated by running only a
  fraction of it.  This is useful for computer architecture
  researchers.  You can run BBV by specifying --tool=exp-bbv (the
  "exp-" prefix is short for "experimental").  BBV was written by
  Vince Weaver.


* Modestly improved support for running Windows applications under
  Wine.  In particular, initial support for reading Windows .PDB debug
  information has been added.


* A new Memcheck client request VALGRIND_COUNT_LEAK_BLOCKS has been
  added.  It is similar to VALGRIND_COUNT_LEAKS but counts blocks
  instead of bytes.


* The Valgrind client requests VALGRIND_PRINTF and
  VALGRIND_PRINTF_BACKTRACE have been changed slightly.  Previously,
  the string was always printed immediately on its own line.  Now, the
  string will be added to a buffer but not printed until a newline is
  encountered, or other Valgrind output is printed (note that for
  VALGRIND_PRINTF_BACKTRACE, the back-trace itself is considered
  "other Valgrind output").  This allows you to use multiple
  VALGRIND_PRINTF calls to build up a single output line, and also to
  print multiple output lines with a single request (by embedding
  multiple newlines in the string).


* The graphs drawn by Massif's ms_print program have changed slightly:

  - The half-height chars '.' and ',' are no longer drawn, because
    they are confusing.  The --y option can be used if the default
    y-resolution is not high enough.

  - Horizontal lines are now drawn after the top of a snapshot if
    there is a gap until the next snapshot.  This makes it clear that
    the memory usage has not dropped to zero between snapshots.


* Something that happened in 3.4.0, but wasn't clearly announced: the
  option --read-var-info=yes can be used by some tools (Memcheck,
  Helgrind and DRD).  When enabled, it causes Valgrind to read DWARF3
  variable type and location information.  This makes those tools
  start up more slowly and increases memory consumption, but
  descriptions of data addresses in error messages become more
  detailed.


* exp-Omega, an experimental instantaneous leak-detecting tool, was
  disabled in 3.4.0 due to a lack of interest and maintenance,
  although the source code was still in the distribution.  The source
  code has now been removed from the distribution.  For anyone
  interested, the removal occurred in SVN revision r10247.


* Some changes have been made to the build system.

  - VEX/ is now integrated properly into the build system.  This means
    that dependency tracking within VEX/ now works properly, "make
    install" will work without requiring "make" before it, and
    parallel builds (ie. 'make -j') now work (previously a
    .NOTPARALLEL directive was used to serialize builds, ie. 'make -j'
    was effectively ignored).

  - The --with-vex configure option has been removed.  It was of
    little use and removing it simplified the build system.

  - The location of some install files has changed.  This should not
    affect most users.  Those who might be affected:

    * For people who use Valgrind with MPI programs, the installed
      libmpiwrap.so library has moved from
      $(INSTALL)/<platform>/libmpiwrap.so to
      $(INSTALL)/libmpiwrap-<platform>.so.

    * For people who distribute standalone Valgrind tools, the
      installed libraries such as $(INSTALL)/<platform>/libcoregrind.a
      have moved to $(INSTALL)/libcoregrind-<platform>.a.

    These changes simplify the build system.

  - Previously, all the distributed suppression (*.supp) files were
    installed.  Now, only default.supp is installed.  This should not
    affect users as the other installed suppression files were not
    read; the fact that they were installed was a mistake.


* KNOWN LIMITATIONS:

  - Memcheck is unusable with the Intel compiler suite version 11.1,
    when it generates code for SSE2-and-above capable targets.  This
    is because of icc's use of highly optimised inlined strlen
    implementations.  It causes Memcheck to report huge numbers of
    false errors even in simple programs.  Helgrind and DRD may also
    have problems.

    Versions 11.0 and earlier may be OK, but this has not been
    properly tested.


The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

84303   How about a LockCheck tool? 
91633   dereference of null ptr in vgPlain_st_basetype 
97452   Valgrind doesn't report any pthreads problems 
100628  leak-check gets assertion failure when using 
        VALGRIND_MALLOCLIKE_BLOCK on malloc()ed memory 
108528  NPTL pthread cleanup handlers not called 
110126  Valgrind 2.4.1 configure.in tramples CFLAGS 
110128  mallinfo is not implemented... 
110770  VEX: Generated files not always updated when making valgrind
111102  Memcheck: problems with large (memory footprint) applications 
115673  Vex's decoder should never assert 
117564  False positive: Syscall param clone(child_tidptr) contains
        uninitialised byte(s) 
119404  executing ssh from inside valgrind fails 
133679  Callgrind does not write path names to sources with dwarf debug
        info
135847  configure.in problem with non gnu compilers (and possible fix) 
136154  threads.c:273 (vgCallgrind_post_signal): Assertion
        '*(vgCallgrind_current_fn_stack.top) == 0' failed. 
136230  memcheck reports "possibly lost", should be "still reachable" 
137073  NULL arg to MALLOCLIKE_BLOCK causes crash 
137904  Valgrind reports a memory leak when using POSIX threads,
        while it shouldn't 
139076  valgrind VT_GETSTATE error 
142228  complaint of elf_dynamic_do_rela in trivial usage 
145347  spurious warning with USBDEVFS_REAPURB 
148441  (wine) can't find memory leak in Wine, win32 binary 
        executable file.
148742  Leak-check fails assert on exit 
149878  add (proper) check for calloc integer overflow 
150606  Call graph is broken when using callgrind control 
152393  leak errors produce an exit code of 0. I need some way to 
        cause leak errors to result in a nonzero exit code. 
157154  documentation (leak-resolution doc speaks about num-callers
        def=4) + what is a loss record
159501  incorrect handling of ALSA ioctls 
162020  Valgrinding an empty/zero-byte file crashes valgrind 
162482  ppc: Valgrind crashes while reading stabs information 
162718  x86: avoid segment selector 0 in sys_set_thread_area() 
163253  (wine) canonicaliseSymtab forgot some fields in DiSym 
163560  VEX/test_main.c is missing from valgrind-3.3.1 
164353  malloc_usable_size() doesn't return a usable size 
165468  Inconsistent formatting in memcheck manual -- please fix 
169505  main.c:286 (endOfInstr):
        Assertion 'ii->cost_offset == *cost_offset' failed 
177206  Generate default.supp during compile instead of configure
177209  Configure valt_load_address based on arch+os 
177305  eventfd / syscall 323 patch lost
179731  Tests fail to build because of inlining of non-local asm labels
181394  helgrind: libhb_core.c:3762 (msm_write): Assertion 
        'ordxx == POrd_EQ || ordxx == POrd_LT' failed. 
181594  Bogus warning for empty text segment 
181707  dwarf doesn't require enumerations to have name 
185038  exp-ptrcheck: "unhandled syscall: 285" (fallocate) on x86_64 
185050  exp-ptrcheck: sg_main.c:727 (add_block_to_GlobalTree):
        Assertion '!already_present' failed.
185359  exp-ptrcheck: unhandled syscall getresuid()
185794  "WARNING: unhandled syscall: 285" (fallocate) on x86_64
185816  Valgrind is unable to handle debug info for files with split
        debug info that are prelinked afterwards 
185980  [darwin] unhandled syscall: sem_open 
186238  bbToIR_AMD64: disInstr miscalculated next %rip
186507  exp-ptrcheck unhandled syscalls prctl, etc. 
186790  Suppression pattern used for leaks are not reported 
186796  Symbols with length>200 in suppression files are ignored 
187048  drd: mutex PTHREAD_PROCESS_SHARED attribute missinterpretation
187416  exp-ptrcheck: support for __NR_{setregid,setreuid,setresuid}
188038  helgrind: hg_main.c:926: mk_SHVAL_fail: the 'impossible' happened
188046  bashisms in the configure script
188127  amd64->IR: unhandled instruction bytes: 0xF0 0xF 0xB0 0xA
188161  memcheck: --track-origins=yes asserts "mc_machine.c:672
        (get_otrack_shadow_offset_wrk): the 'impossible' happened."
188248  helgrind: pthread_cleanup_push, pthread_rwlock_unlock, 
        assertion fail "!lock->heldBy" 
188427  Add support for epoll_create1 (with patch) 
188530  Support for SIOCGSTAMPNS
188560  Include valgrind.spec in the tarball
188572  Valgrind on Mac should suppress setenv() mem leak 
189054  Valgrind fails to build because of duplicate non-local asm labels 
189737  vex amd64->IR: unhandled instruction bytes: 0xAC
189762  epoll_create syscall not handled (--tool=exp-ptrcheck)
189763  drd assertion failure: s_threadinfo[tid].is_recording 
190219  unhandled syscall: 328 (x86-linux)
190391  dup of 181394; see above
190429  Valgrind reports lots of errors in ld.so with x86_64 2.9.90 glibc 
190820  No debug information on powerpc-linux
191095  PATCH: Improve usbdevfs ioctl handling 
191182  memcheck: VALGRIND_LEAK_CHECK quadratic when big nr of chunks
        or big nr of errors
191189  --xml=yes should obey --gen-suppressions=all 
191192  syslog() needs a suppression on macosx 
191271  DARWIN: WARNING: unhandled syscall: 33554697 a.k.a.: 265 
191761  getrlimit on MacOSX 
191992  multiple --fn-skip only works sometimes; dependent on order 
192634  V. reports "aspacem sync_check_mapping_callback: 
        segment mismatch" on Darwin
192954  __extension__ missing on 2 client requests 
194429  Crash at start-up with glibc-2.10.1 and linux-2.6.29 
194474  "INSTALL" file has different build instructions than "README"
194671  Unhandled syscall (sem_wait?) from mac valgrind 
195069  memcheck: reports leak (memory still reachable) for 
        printf("%d', x) 
195169  drd: (vgDrd_barrier_post_wait):
        Assertion 'r->sg[p->post_iteration]' failed. 
195268  valgrind --log-file doesn't accept ~/...
195838  VEX abort: LibVEX_N_SPILL_BYTES too small for CPUID boilerplate 
195860  WARNING: unhandled syscall: unix:223 
196528  need a error suppression for pthread_rwlock_init under os x? 
197227  Support aio_* syscalls on Darwin
197456  valgrind should reject --suppressions=(directory) 
197512  DWARF2 CFI reader: unhandled CFI instruction 0:10 
197591  unhandled syscall 27 (mincore) 
197793  Merge DCAS branch to the trunk == 85756, 142103
197794  Avoid duplicate filenames in Vex 
197898  make check fails on current SVN 
197901  make check fails also under exp-ptrcheck in current SVN 
197929  Make --leak-resolution=high the default 
197930  Reduce spacing between leak reports 
197933  Print command line of client at start-up, and shorten preamble 
197966  unhandled syscall 205 (x86-linux, --tool=exp-ptrcheck)
198395  add BBV to the distribution as an experimental tool 
198624  Missing syscalls on Darwin: 82, 167, 281, 347 
198649  callgrind_annotate doesn't cumulate counters 
199338  callgrind_annotate sorting/thresholds are broken for all but Ir 
199977  Valgrind complains about an unrecognized instruction in the
        atomic_incs test program
200029  valgrind isn't able to read Fedora 12 debuginfo 
200760  darwin unhandled syscall: unix:284 
200827  DRD doesn't work on Mac OS X 
200990  VG_(read_millisecond_timer)() does not work correctly 
201016  Valgrind does not support pthread_kill() on Mac OS 
201169  Document --read-var-info
201323  Pre-3.5.0 performance sanity checking 
201384  Review user manual for the 3.5.0 release 
201585  mfpvr not implemented on ppc 
201708  tests failing because x86 direction flag is left set 
201757  Valgrind doesn't handle any recent sys_futex additions 
204377  64-bit valgrind can not start a shell script
        (with #!/path/to/shell) if the shell is a 32-bit executable
n-i-bz  drd: fixed assertion failure triggered by mutex reinitialization.
n-i-bz  drd: fixed a bug that caused incorrect messages to be printed
        about memory allocation events with memory access tracing enabled
n-i-bz  drd: fixed a memory leak triggered by vector clock deallocation

(3.5.0: 19 Aug 2009, vex r1913, valgrind r10846).



Release 3.4.1 (28 February 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.4.1 is a bug-fix release that fixes some regressions and assertion
failures in debug info reading in 3.4.0, most notably incorrect stack
traces on amd64-linux on older (glibc-2.3 based) systems. Various
other debug info problems are also fixed.  A number of bugs in the
exp-ptrcheck tool introduced in 3.4.0 have been fixed.

In view of the fact that 3.4.0 contains user-visible regressions
relative to 3.3.x, upgrading to 3.4.1 is recommended.  Packagers are
encouraged to ship 3.4.1 in preference to 3.4.0.

The fixed bugs are as follows.  Note that "n-i-bz" stands for "not in
bugzilla" -- that is, a bug that was reported to us but never got a
bugzilla entry.  We encourage you to file bugs in bugzilla
(http://bugs.kde.org/enter_valgrind_bug.cgi) rather than mailing the
developers (or mailing lists) directly -- bugs that are not entered
into bugzilla tend to get forgotten about or ignored.

n-i-bz  Fix various bugs reading icc-11 generated debug info
n-i-bz  Fix various bugs reading gcc-4.4 generated debug info
n-i-bz  Preliminary support for glibc-2.10 / Fedora 11
n-i-bz  Cachegrind and Callgrind: handle non-power-of-two cache sizes,
        so as to support (eg) 24k Atom D1 and Core2 with 3/6/12MB L2.
179618  exp-ptrcheck crashed / exit prematurely
179624  helgrind: false positive races with pthread_create and
        recv/open/close/read
134207  pkg-config output contains @VG_PLATFORM@
176926  floating point exception at valgrind startup with PPC 440EPX
181594  Bogus warning for empty text segment
173751  amd64->IR: 0x48 0xF 0x6F 0x45 (even more redundant rex prefixes)
181707  Dwarf3 doesn't require enumerations to have name
185038  exp-ptrcheck: "unhandled syscall: 285" (fallocate) on x86_64
185050  exp-ptrcheck: sg_main.c:727 (add_block_to_GlobalTree):
        Assertion '!already_present' failed.
185359  exp-ptrcheck unhandled syscall getresuid()

(3.4.1.RC1:  24 Feb 2008, vex r1884, valgrind r9253).
(3.4.1:      28 Feb 2008, vex r1884, valgrind r9293).



Release 3.4.0 (2 January 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.4.0 is a feature release with many significant improvements and the
usual collection of bug fixes.  This release supports X86/Linux,
AMD64/Linux, PPC32/Linux and PPC64/Linux.  Support for recent distros
(using gcc 4.4, glibc 2.8 and 2.9) has been added.

3.4.0 brings some significant tool improvements.  Memcheck can now
report the origin of uninitialised values, the thread checkers
Helgrind and DRD are much improved, and we have a new experimental
tool, exp-Ptrcheck, which is able to detect overruns of stack and
global arrays.  In detail:

* Memcheck is now able to track the origin of uninitialised values.
  When it reports an uninitialised value error, it will try to show
  the origin of the value, as either a heap or stack allocation.
  Origin tracking is expensive and so is not enabled by default.  To
  use it, specify --track-origins=yes.  Memcheck's speed will be
  essentially halved, and memory usage will be significantly
  increased.  Nevertheless it can drastically reduce the effort
  required to identify the root cause of uninitialised value errors,
  and so is often a programmer productivity win, despite running more
  slowly.

* A version (1.4.0) of the Valkyrie GUI, that works with Memcheck in
  3.4.0, will be released shortly.

* Helgrind's race detection algorithm has been completely redesigned
  and reimplemented, to address usability and scalability concerns:

  - The new algorithm has a lower false-error rate: it is much less
    likely to report races that do not really exist.

  - Helgrind will display full call stacks for both accesses involved
    in a race.  This makes it easier to identify the root causes of
    races.

  - Limitations on the size of program that can run have been removed.

  - Performance has been modestly improved, although that is very
    workload-dependent.

  - Direct support for Qt4 threading has been added.

  - pthread_barriers are now directly supported.

  - Helgrind works well on all supported Linux targets.

* The DRD thread debugging tool has seen major improvements:

  - Greatly improved performance and significantly reduced memory
    usage.

  - Support for several major threading libraries (Boost.Thread, Qt4,
    glib, OpenMP) has been added.

  - Support for atomic instructions, POSIX semaphores, barriers and
    reader-writer locks has been added.

  - Works now on PowerPC CPUs too.

  - Added support for printing thread stack usage at thread exit time.

  - Added support for debugging lock contention.

  - Added a manual for Drd.

* A new experimental tool, exp-Ptrcheck, has been added.  Ptrcheck
  checks for misuses of pointers.  In that sense it is a bit like
  Memcheck.  However, Ptrcheck can do things Memcheck can't: it can
  detect overruns of stack and global arrays, it can detect
  arbitrarily far out-of-bounds accesses to heap blocks, and it can
  detect accesses heap blocks that have been freed a very long time
  ago (millions of blocks in the past).

  Ptrcheck currently works only on x86-linux and amd64-linux.  To use
  it, use --tool=exp-ptrcheck.  A simple manual is provided, as part
  of the main Valgrind documentation.  As this is an experimental
  tool, we would be particularly interested in hearing about your
  experiences with it.

* exp-Omega, an experimental instantaneous leak-detecting tool, is no
  longer built by default, although the code remains in the repository
  and the tarball.  This is due to three factors: a perceived lack of
  users, a lack of maintenance, and concerns that it may not be
  possible to achieve reliable operation using the existing design.

* As usual, support for the latest Linux distros and toolchain
  components has been added.  It should work well on Fedora Core 10,
  OpenSUSE 11.1 and Ubuntu 8.10.  gcc-4.4 (in its current pre-release
  state) is supported, as is glibc-2.9.  The C++ demangler has been
  updated so as to work well with C++ compiled by even the most recent
  g++'s.

* You can now use frame-level wildcards in suppressions.  This was a
  frequently-requested enhancement.  A line "..." in a suppression now
  matches zero or more frames.  This makes it easier to write
  suppressions which are precise yet insensitive to changes in
  inlining behaviour.

* 3.4.0 adds support on x86/amd64 for the SSSE3 instruction set.

* Very basic support for IBM Power6 has been added (64-bit processes only).

* Valgrind is now cross-compilable.  For example, it is possible to
  cross compile Valgrind on an x86/amd64-linux host, so that it runs
  on a ppc32/64-linux target.

* You can set the main thread's stack size at startup using the
  new --main-stacksize= flag (subject of course to ulimit settings).
  This is useful for running apps that need a lot of stack space.

* The limitation that you can't use --trace-children=yes together
  with --db-attach=yes has been removed.

* The following bugs have been fixed.  Note that "n-i-bz" stands for
  "not in bugzilla" -- that is, a bug that was reported to us but
  never got a bugzilla entry.  We encourage you to file bugs in
  bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
  mailing the developers (or mailing lists) directly.

  n-i-bz  Make return types for some client requests 64-bit clean
  n-i-bz  glibc 2.9 support
  n-i-bz  ignore unsafe .valgrindrc's (CVE-2008-4865)
  n-i-bz  MPI_Init(0,0) is valid but libmpiwrap.c segfaults
  n-i-bz  Building in an env without gdb gives bogus gdb attach
  92456   Tracing the origin of uninitialised memory
  106497  Valgrind does not demangle some C++ template symbols
  162222  ==106497
  151612  Suppression with "..." (frame-level wildcards in .supp files)
  156404  Unable to start oocalc under memcheck on openSUSE 10.3 (64-bit)
  159285  unhandled syscall:25 (stime, on x86-linux)
  159452  unhandled ioctl 0x8B01 on "valgrind iwconfig"
  160954  ppc build of valgrind crashes with illegal instruction (isel)
  160956  mallinfo implementation, w/ patch
  162092  Valgrind fails to start gnome-system-monitor
  162819  malloc_free_fill test doesn't pass on glibc2.8 x86
  163794  assertion failure with "--track-origins=yes"
  163933  sigcontext.err and .trapno must be set together
  163955  remove constraint !(--db-attach=yes && --trace-children=yes)
  164476  Missing kernel module loading system calls
  164669  SVN regression: mmap() drops posix file locks
  166581  Callgrind output corruption when program forks
  167288  Patch file for missing system calls on Cell BE
  168943  unsupported scas instruction pentium
  171645  Unrecognised instruction (MOVSD, non-binutils encoding)
  172417  x86->IR: 0x82 ...
  172563  amd64->IR: 0xD9 0xF5  -  fprem1
  173099  .lds linker script generation error
  173177  [x86_64] syscalls: 125/126/179 (capget/capset/quotactl)
  173751  amd64->IR: 0x48 0xF 0x6F 0x45 (even more redundant prefixes)
  174532  == 173751
  174908  --log-file value not expanded correctly for core file
  175044  Add lookup_dcookie for amd64
  175150  x86->IR: 0xF2 0xF 0x11 0xC1 (movss non-binutils encoding)

Developer-visible changes:

* Valgrind's debug-info reading machinery has been majorly overhauled.
  It can now correctly establish the addresses for ELF data symbols,
  which is something that has never worked properly before now.

  Also, Valgrind can now read DWARF3 type and location information for
  stack and global variables.  This makes it possible to use the
  framework to build tools that rely on knowing the type and locations
  of stack and global variables, for example exp-Ptrcheck.

  Reading of such information is disabled by default, because most
  tools don't need it, and because it is expensive in space and time.
  However, you can force Valgrind to read it, using the
  --read-var-info=yes flag.  Memcheck, Helgrind and DRD are able to
  make use of such information, if present, to provide source-level
  descriptions of data addresses in the error messages they create.

(3.4.0.RC1:  24 Dec 2008, vex r1878, valgrind r8882).
(3.4.0:       3 Jan 2009, vex r1878, valgrind r8899).