NEWS

[[TODO: fix all the TODO items!]]

Release 3.0.0 ([[TODO: add release date]])
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.0.0 is a major overhaul of Valgrind.  The most significant
user-visible change is that Valgrind now supports architectures other
than x86.  The new architectures it supports are AMD64 and PPC32, and
the infrastructure is present for other architectures to be added
later.

The AMD64 support works well, but has some shortcomings:

- It generally won't be as solid as the x86 version.  For example,
  support for more obscure instructions and system calls may be missing.
  We will fix these as they arise.

- Address space may be limited; see the point about
  position-independent executables below.

- If Valgrind is built on an AMD64 machine, it will only run 64-bit
  executables.  If you want to run 32-bit x86 executables under Valgrind
  on an AMD64, you will need to build Valgrind on an x86 machine and
  copy it to the AMD64 machine.  And it probably won't work if you do
  something tricky like exec'ing a 32-bit program from a 64-bit program
  while using --trace-children=yes.  We hope to improve this situation
  in the future.

The PPC32 support is very basic.  It may not work reliably even for
small programs, but it's a start.  Many thanks to Paul Mackerras for
his great work that enabled this support.  We are working to make
PPC32 usable as soon as possible.

Other user-visible changes:

- No longer building Valgrind as a position-independent executable
  (PIE) by default, as it caused too many problems.

  Without PIE enabled, AMD64 programs will only be able to access 2GB of
  address space.  We will fix this eventually, but not for the moment.
  
  Use --enable-pie at configure-time to turn this on.

- Support for programs that use stack-switching has been improved.  Use
  the --max-stackframe flag for simple cases, and the
  VALGRIND_STACK_REGISTER, VALGRIND_STACK_DEREGISTER and
  VALGRIND_STACK_CHANGE client requests for trickier cases.

- Support for programs that use self-modifying code has been improved,
  in particular programs that put temporary code fragments on the stack.
  This helps for C programs compiled with GCC that use nested functions,
  and also Ada programs.  This is controlled with the --smc-check
  flag, although the default setting should work in most cases.

- Output can now be printed in XML format.  This should make it easier
  for tools such as GUI front-ends and automated error-processing
  schemes to use Valgrind output as input.  The --xml flag controls this.
  As part of this change, ELF directory information is read from executables,
  so absolute source file paths are available if needed.
  [[TODO: describe the related CLOs added (eg. --log-file-qualifier)]]

- Programs that allocate many heap blocks may run faster, due to
  improvements in certain data structures.

- Addrcheck is currently not working.  We hope to get it working again
  soon.  Helgrind is still not working, as was the case for the 2.4.0
  release.

- The JITter has been completely rewritten, and is now in a separate
  library, called Vex.  This enabled a lot of the user-visible changes,
  such as new architecture support.  The new JIT unfortunately translates
  more slowly than the old one, so programs may take longer to start.
  We believe the code quality is produces is about the same, so once
  started, programs should run at about the same speed.  Feedback about
  this would be useful.

  On the plus side, Vex and hence Memcheck tracks value flow properly
  through floating point and vector registers, something the 2.X line
  could not do.  That means that Memcheck is much more likely to be
  usably accurate on vectorised code.

- There is a subtle change to the way exiting of threaded programs 
  is handled.  In 3.0, Valgrind's final diagnostic output (leak check,
  etc) is not printed until the last thread exits.  If the last thread
  to exit was not the original thread which started the program, any
  other process wait()-ing on this one to exit may conclude it has
  finished before the diagnostic output is printed.  This may not be
  what you expect.  2.X had a different scheme which avoided this
  problem, but caused deadlocks under obscure circumstances, so we
  are trying something different for 3.0.

- Small changes in control log file naming which make it easier to
  use valgrind for debugging MPI-based programs.

- As part of adding AMD64 support, DWARF2 CFI-based stack unwinding
  support was added.  In principle this means Valgrind can produce
  meaningful backtraces on x86 code compiled with -fomit-frame-pointer
  providing you also compile your code with -fasynchronous-unwind-tables.

- [[TODO: add more here]]

Changes that are not user-visible:

- The code has been massively overhauled in order to modularise it.
  As a result we hope it is easier to navigate and understand.

- Lots of code has been rewritten.

- [[TODO: add more here]]

BUGS FIXED

[[TODO: add the full list here (once the RCs are out of the way?)]]


Stable release 2.4.0 (March 2005) -- CHANGES RELATIVE TO 2.2.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.4.0 brings many significant changes and bug fixes.  The most
significant user-visible change is that we no longer supply our own
pthread implementation.  Instead, Valgrind is finally capable of
running the native thread library, either LinuxThreads or NPTL.

This means our libpthread has gone, along with the bugs associated
with it.  Valgrind now supports the kernel's threading syscalls, and
lets you use your standard system libpthread.  As a result:

* There are many fewer system dependencies and strange library-related
  bugs.  There is a small performance improvement, and a large
  stability improvement.

* On the downside, Valgrind can no longer report misuses of the POSIX
  PThreads API.  It also means that Helgrind currently does not work.
  We hope to fix these problems in a future release.

Note that running the native thread libraries does not mean Valgrind
is able to provide genuine concurrent execution on SMPs.  We still
impose the restriction that only one thread is running at any given
time.

There are many other significant changes too:

* Memcheck is (once again) the default tool.

* The default stack backtrace is now 12 call frames, rather than 4.

* Suppressions can have up to 25 call frame matches, rather than 4.

* Memcheck and Addrcheck use less memory.  Under some circumstances,
  they no longer allocate shadow memory if there are large regions of
  memory with the same A/V states - such as an mmaped file.

* The memory-leak detector in Memcheck and Addrcheck has been
  improved.  It now reports more types of memory leak, including
  leaked cycles.  When reporting leaked memory, it can distinguish
  between directly leaked memory (memory with no references), and
  indirectly leaked memory (memory only referred to by other leaked
  memory).

* Memcheck's confusion over the effect of mprotect() has been fixed:
  previously mprotect could erroneously mark undefined data as
  defined.

* Signal handling is much improved and should be very close to what
  you get when running natively.  

  One result of this is that Valgrind observes changes to sigcontexts
  passed to signal handlers.  Such modifications will take effect when
  the signal returns.  You will need to run with --single-step=yes to
  make this useful.

* Valgrind is built in Position Independent Executable (PIE) format if
  your toolchain supports it.  This allows it to take advantage of all
  the available address space on systems with 4Gbyte user address
  spaces.

* Valgrind can now run itself (requires PIE support).

* Syscall arguments are now checked for validity.  Previously all
  memory used by syscalls was checked, but now the actual values
  passed are also checked.

* Syscall wrappers are more robust against bad addresses being passed
  to syscalls: they will fail with EFAULT rather than killing Valgrind
  with SIGSEGV.

* Because clone() is directly supported, some non-pthread uses of it
  will work.  Partial sharing (where some resources are shared, and
  some are not) is not supported.

* open() and readlink() on /proc/self/exe are supported.

BUGS FIXED:

88520   pipe+fork+dup2 kills the main program
88604 	Valgrind Aborts when using $VALGRIND_OPTS and user progra...
88614 	valgrind: vg_libpthread.c:2323 (read): Assertion `read_pt...
88703 	Stabs parser fails to handle ";"
88886 	ioctl wrappers for TIOCMBIS and TIOCMBIC
89032 	valgrind pthread_cond_timedwait fails
89106 	the 'impossible' happened
89139 	Missing sched_setaffinity & sched_getaffinity
89198 	valgrind lacks support for SIOCSPGRP and SIOCGPGRP
89263 	Missing ioctl translations for scsi-generic and CD playing
89440 	tests/deadlock.c line endings
89481 	`impossible' happened: EXEC FAILED
89663 	valgrind 2.2.0 crash on Redhat 7.2
89792 	Report pthread_mutex_lock() deadlocks instead of returnin...
90111 	statvfs64 gives invalid error/warning
90128 	crash+memory fault with stabs generated by gnat for a run...
90778 	VALGRIND_CHECK_DEFINED() not as documented in memcheck.h
90834 	cachegrind crashes at end of program without reporting re...
91028 	valgrind: vg_memory.c:229 (vgPlain_unmap_range): Assertio...
91162 	valgrind crash while debugging drivel 1.2.1
91199 	Unimplemented function
91325 	Signal routing does not propagate the siginfo structure
91599 	Assertion `cv == ((void *)0)'
91604 	rw_lookup clears orig and sends the NULL value to rw_new
91821 	Small problems building valgrind with $top_builddir ne $t...
91844 	signal 11 (SIGSEGV) at get_tcb (libpthread.c:86) in corec...
92264 	UNIMPLEMENTED FUNCTION: pthread_condattr_setpshared
92331 	per-target flags necessitate AM_PROG_CC_C_O
92420 	valgrind doesn't compile with linux 2.6.8.1/9
92513 	Valgrind 2.2.0 generates some warning messages
92528 	vg_symtab2.c:170 (addLoc): Assertion `loc->size > 0' failed.
93096 	unhandled ioctl 0x4B3A and 0x5601
93117 	Tool and core interface versions do not match
93128 	Can't run valgrind --tool=memcheck because of unimplement...
93174 	Valgrind can crash if passed bad args to certain syscalls
93309 	Stack frame in new thread is badly aligned
93328 	Wrong types used with sys_sigprocmask()
93763 	/usr/include/asm/msr.h is missing
93776 	valgrind: vg_memory.c:508 (vgPlain_find_map_space): Asser...
93810 	fcntl() argument checking a bit too strict
94378 	Assertion `tst->sigqueue_head != tst->sigqueue_tail' failed.
94429 	valgrind 2.2.0 segfault with mmap64 in glibc 2.3.3
94645 	Impossible happened: PINSRW mem
94953 	valgrind: the `impossible' happened: SIGSEGV
95667 	Valgrind does not work with any KDE app
96243 	Assertion 'res==0' failed
96252 	stage2 loader of valgrind fails to allocate memory
96520 	All programs crashing at _dl_start (in /lib/ld-2.3.3.so) ...
96660 	ioctl CDROMREADTOCENTRY causes bogus warnings
96747 	After looping in a segfault handler, the impossible happens
96923 	Zero sized arrays crash valgrind trace back with SIGFPE
96948 	valgrind stops with assertion failure regarding mmap2
96966 	valgrind fails when application opens more than 16 sockets
97398 	valgrind: vg_libpthread.c:2667 Assertion failed
97407 	valgrind: vg_mylibc.c:1226 (vgPlain_safe_fd): Assertion `...
97427 	"Warning: invalid file descriptor -1 in syscall close()" ...
97785 	missing backtrace
97792 	build in obj dir fails - autoconf / makefile cleanup
97880 	pthread_mutex_lock fails from shared library (special ker...
97975 	program aborts without ang VG messages
98129 	Failed when open and close file 230000 times using stdio
98175 	Crashes when using valgrind-2.2.0 with a program using al...
98288 	Massif broken
98303 	UNIMPLEMENTED FUNCTION pthread_condattr_setpshared
98630 	failed--compilation missing warnings.pm, fails to make he...
98756 	Cannot valgrind signal-heavy kdrive X server
98966 	valgrinding the JVM fails with a sanity check assertion
99035 	Valgrind crashes while profiling
99142 	loops with message "Signal 11 being dropped from thread 0...
99195 	threaded apps crash on thread start (using QThread::start...
99348 	Assertion `vgPlain_lseek(core_fd, 0, 1) == phdrs[i].p_off...
99568 	False negative due to mishandling of mprotect
99738 	valgrind memcheck crashes on program that uses sigitimer
99923 	0-sized allocations are reported as leaks
99949 	program seg faults after exit()
100036 	"newSuperblock's request for 1048576 bytes failed"
100116 	valgrind: (pthread_cond_init): Assertion `sizeof(* cond) ...
100486 	memcheck reports "valgrind: the `impossible' happened: V...
100833 	second call to "mremap" fails with EINVAL
101156 	(vgPlain_find_map_space): Assertion `(addr & ((1 << 12)-1...
101173 	Assertion `recDepth >= 0 && recDepth < 500' failed
101291 	creating threads in a forked process fails
101313 	valgrind causes different behavior when resizing a window...
101423 	segfault for c++ array of floats
101562 	valgrind massif dies on SIGINT even with signal handler r...


Stable release 2.2.0 (31 August 2004) -- CHANGES RELATIVE TO 2.0.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2.0 brings nine months worth of improvements and bug fixes.  We
believe it to be a worthy successor to 2.0.0.  There are literally
hundreds of bug fixes and minor improvements.  There are also some
fairly major user-visible changes:

* A complete overhaul of handling of system calls and signals, and 
  their interaction with threads.  In general, the accuracy of the 
  system call, thread and signal simulations is much improved:

  - Blocking system calls behave exactly as they do when running
    natively (not on valgrind).  That is, if a syscall blocks only the
    calling thread when running natively, than it behaves the same on
    valgrind.  No more mysterious hangs because V doesn't know that some
    syscall or other, should block only the calling thread.

  - Interrupted syscalls should now give more faithful results.

  - Signal contexts in signal handlers are supported.

* Improvements to NPTL support to the extent that V now works 
  properly on NPTL-only setups.

* Greater isolation between Valgrind and the program being run, so
  the program is less likely to inadvertently kill Valgrind by
  doing wild writes.

* Massif: a new space profiling tool.  Try it!  It's cool, and it'll
  tell you in detail where and when your C/C++ code is allocating heap.
  Draws pretty .ps pictures of memory use against time.  A potentially
  powerful tool for making sense of your program's space use.

* File descriptor leakage checks.  When enabled, Valgrind will print out
  a list of open file descriptors on exit.

* Improved SSE2/SSE3 support.

* Time-stamped output; use --time-stamp=yes



Stable release 2.2.0 (31 August 2004) -- CHANGES RELATIVE TO 2.1.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.2.0 is not much different from 2.1.2, released seven weeks ago.
A number of bugs have been fixed, most notably #85658, which gave
problems for quite a few people.  There have been many internal
cleanups, but those are not user visible.

The following bugs have been fixed since 2.1.2:

85658   Assert in coregrind/vg_libpthread.c:2326 (open64) !=
        (void*)0 failed
        This bug was reported multiple times, and so the following
        duplicates of it are also fixed: 87620, 85796, 85935, 86065, 
        86919, 86988, 87917, 88156

80716   Semaphore mapping bug caused by unmap (sem_destroy)
        (Was fixed prior to 2.1.2)

86987   semctl and shmctl syscalls family is not handled properly

86696   valgrind 2.1.2 + RH AS2.1 + librt

86730   valgrind locks up at end of run with assertion failure 
        in __pthread_unwind

86641   memcheck doesn't work with Mesa OpenGL/ATI on Suse 9.1
        (also fixes 74298, a duplicate of this)

85947   MMX/SSE unhandled instruction 'sfence'

84978   Wrong error "Conditional jump or move depends on
        uninitialised value" resulting from "sbbl %reg, %reg"

86254   ssort() fails when signed int return type from comparison is 
        too small to handle result of unsigned int subtraction

87089   memalign( 4, xxx) makes valgrind assert

86407   Add support for low-level parallel port driver ioctls.

70587   Add timestamps to Valgrind output? (wishlist)

84937   vg_libpthread.c:2505 (se_remap): Assertion `res == 0'
        (fixed prior to 2.1.2)

86317   cannot load libSDL-1.2.so.0 using valgrind

86989   memcpy from mac_replace_strmem.c complains about
        uninitialized pointers passed when length to copy is zero

85811   gnu pascal symbol causes segmentation fault; ok in 2.0.0

79138   writing to sbrk()'d memory causes segfault

77369   sched deadlock while signal received during pthread_join
        and the joined thread exited

88115   In signal handler for SIGFPE,  siginfo->si_addr is wrong 
        under Valgrind

78765   Massif crashes on app exit if FP exceptions are enabled

Additionally there are the following changes, which are not 
connected to any bug report numbers, AFAICS:

* Fix scary bug causing mis-identification of SSE stores vs
  loads and so causing memcheck to sometimes give nonsense results
  on SSE code.

* Add support for the POSIX message queue system calls.

* Fix to allow 32-bit Valgrind to run on AMD64 boxes.  Note: this does
  NOT allow Valgrind to work with 64-bit executables - only with 32-bit
  executables on an AMD64 box.

* At configure time, only check whether linux/mii.h can be processed 
  so that we don't generate ugly warnings by trying to compile it.

* Add support for POSIX clocks and timers.



Developer (cvs head) release 2.1.2 (18 July 2004)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.1.2 contains four months worth of bug fixes and refinements.
Although officially a developer release, we believe it to be stable
enough for widespread day-to-day use.  2.1.2 is pretty good, so try it
first, although there is a chance it won't work.  If so then try 2.0.0
and tell us what went wrong."  2.1.2 fixes a lot of problems present
in 2.0.0 and is generally a much better product.

Relative to 2.1.1, a large number of minor problems with 2.1.1 have
been fixed, and so if you use 2.1.1 you should try 2.1.2.  Users of
the last stable release, 2.0.0, might also want to try this release.

The following bugs, and probably many more, have been fixed.  These
are listed at http://bugs.kde.org.  Reporting a bug for valgrind in
the http://bugs.kde.org is much more likely to get you a fix than
mailing developers directly, so please continue to keep sending bugs
there.

76869   Crashes when running any tool under Fedora Core 2 test1
        This fixes the problem with returning from a signal handler 
        when VDSOs are turned off in FC2.

69508   java 1.4.2 client fails with erroneous "stack size too small".
        This fix makes more of the pthread stack attribute related 
        functions work properly.  Java still doesn't work though.

71906   malloc alignment should be 8, not 4
        All memory returned by malloc/new etc is now at least
        8-byte aligned.

81970   vg_alloc_ThreadState: no free slots available
        (closed because the workaround is simple: increase
         VG_N_THREADS, rebuild and try again.)

78514   Conditional jump or move depends on uninitialized value(s)
        (a slight mishanding of FP code in memcheck)

77952   pThread Support (crash) (due to initialisation-ordering probs)
        (also 85118)

80942   Addrcheck wasn't doing overlap checking as it should.
78048   return NULL on malloc/new etc failure, instead of asserting
73655   operator new() override in user .so files often doesn't get picked up
83060   Valgrind does not handle native kernel AIO
69872   Create proper coredumps after fatal signals
82026   failure with new glibc versions: __libc_* functions are not exported
70344   UNIMPLEMENTED FUNCTION: tcdrain 
81297   Cancellation of pthread_cond_wait does not require mutex
82872   Using debug info from additional packages (wishlist)
83025   Support for ioctls FIGETBSZ and FIBMAP
83340   Support for ioctl HDIO_GET_IDENTITY
79714   Support for the semtimedop system call.
77022   Support for ioctls FBIOGET_VSCREENINFO and FBIOGET_FSCREENINFO
82098   hp2ps ansification (wishlist)
83573   Valgrind SIGSEGV on execve
82999   show which cmdline option was erroneous (wishlist)
83040   make valgrind VPATH and distcheck-clean (wishlist)
83998   Assertion `newfd > vgPlain_max_fd' failed (see below)
82722   Unchecked mmap in as_pad leads to mysterious failures later
78958   memcheck seg faults while running Mozilla 
85416   Arguments with colon (e.g. --logsocket) ignored


Additionally there are the following changes, which are not 
connected to any bug report numbers, AFAICS:

* Rearranged address space layout relative to 2.1.1, so that
  Valgrind/tools will run out of memory later than currently in many
  circumstances.  This is good news esp. for Calltree.  It should
  be possible for client programs to allocate over 800MB of
  memory when using memcheck now.

* Improved checking when laying out memory.  Should hopefully avoid
  the random segmentation faults that 2.1.1 sometimes caused.

* Support for Fedora Core 2 and SuSE 9.1.  Improvements to NPTL
  support to the extent that V now works properly on NPTL-only setups.

* Renamed the following options:
  --logfile-fd  -->  --log-fd
  --logfile     -->  --log-file
  --logsocket   -->  --log-socket
  to be consistent with each other and other options (esp. --input-fd).

* Add support for SIOCGMIIPHY, SIOCGMIIREG and SIOCSMIIREG ioctls and
  improve the checking of other interface related ioctls.

* Fix building with gcc-3.4.1.

* Remove limit on number of semaphores supported.

* Add support for syscalls: set_tid_address (258), acct (51).

* Support instruction "repne movs" -- not official but seems to occur.

* Implement an emulated soft limit for file descriptors in addition to
  the current reserved area, which effectively acts as a hard limit. The
  setrlimit system call now simply updates the emulated limits as best
  as possible - the hard limit is not allowed to move at all and just
  returns EPERM if you try and change it.  This should stop reductions
  in the soft limit causing assertions when valgrind tries to allocate
  descriptors from the reserved area.
  (This actually came from bug #83998).

* Major overhaul of Cachegrind implementation.  First user-visible change
  is that cachegrind.out files are now typically 90% smaller than they
  used to be;  code annotation times are correspondingly much smaller.
  Second user-visible change is that hit/miss counts for code that is
  unloaded at run-time is no longer dumped into a single "discard" pile,
  but accurately preserved.

* Client requests for telling valgrind about memory pools.



Developer (cvs head) release 2.1.1 (12 March 2004)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2.1.1 contains some internal structural changes needed for V's
long-term future.  These don't affect end-users.  Most notable
user-visible changes are:

* Greater isolation between Valgrind and the program being run, so
  the program is less likely to inadvertently kill Valgrind by
  doing wild writes.

* Massif: a new space profiling tool.  Try it!  It's cool, and it'll
  tell you in detail where and when your C/C++ code is allocating heap.
  Draws pretty .ps pictures of memory use against time.  A potentially
  powerful tool for making sense of your program's space use.

* Fixes for many bugs, including support for more SSE2/SSE3 instructions,
  various signal/syscall things, and various problems with debug
  info readers.

* Support for glibc-2.3.3 based systems.

We are now doing automatic overnight build-and-test runs on a variety
of distros.  As a result, we believe 2.1.1 builds and runs on:
Red Hat 7.2, 7.3, 8.0, 9, Fedora Core 1, SuSE 8.2, SuSE 9.


The following bugs, and probably many more, have been fixed.  These
are listed at http://bugs.kde.org.  Reporting a bug for valgrind in
the http://bugs.kde.org is much more likely to get you a fix than
mailing developers directly, so please continue to keep sending bugs
there.

69616   glibc 2.3.2 w/NPTL is massively different than what valgrind expects 
69856   I don't know how to instrument MMXish stuff (Helgrind)
73892   valgrind segfaults starting with Objective-C debug info 
        (fix for S-type stabs)
73145   Valgrind complains too much about close(<reserved fd>) 
73902   Shadow memory allocation seems to fail on RedHat 8.0 
68633   VG_N_SEMAPHORES too low (V itself was leaking semaphores)
75099   impossible to trace multiprocess programs 
76839   the `impossible' happened: disInstr: INT but not 0x80 ! 
76762   vg_to_ucode.c:3748 (dis_push_segreg): Assertion `sz == 4' failed. 
76747   cannot include valgrind.h in c++ program 
76223   parsing B(3,10) gave NULL type => impossible happens 
75604   shmdt handling problem 
76416   Problems with gcc 3.4 snap 20040225 
75614   using -gstabs when building your programs the `impossible' happened
75787   Patch for some CDROM ioctls CDORM_GET_MCN, CDROM_SEND_PACKET,
75294   gcc 3.4 snapshot's libstdc++ have unsupported instructions. 
        (REP RET)
73326   vg_symtab2.c:272 (addScopeRange): Assertion `range->size > 0' failed. 
72596   not recognizing __libc_malloc 
69489   Would like to attach ddd to running program 
72781   Cachegrind crashes with kde programs 
73055   Illegal operand at DXTCV11CompressBlockSSE2 (more SSE opcodes)
73026   Descriptor leak check reports port numbers wrongly 
71705   README_MISSING_SYSCALL_OR_IOCTL out of date 
72643   Improve support for SSE/SSE2 instructions 
72484   valgrind leaves it's own signal mask in place when execing 
72650   Signal Handling always seems to restart system calls 
72006   The mmap system call turns all errors in ENOMEM 
71781   gdb attach is pretty useless 
71180   unhandled instruction bytes: 0xF 0xAE 0x85 0xE8 
69886   writes to zero page cause valgrind to assert on exit 
71791   crash when valgrinding gimp 1.3 (stabs reader problem)
69783   unhandled syscall: 218 
69782   unhandled instruction bytes: 0x66 0xF 0x2B 0x80 
70385   valgrind fails if the soft file descriptor limit is less 
        than about 828
69529   "rep; nop" should do a yield 
70827   programs with lots of shared libraries report "mmap failed" 
        for some of them when reading symbols 
71028   glibc's strnlen is optimised enough to confuse valgrind 




Unstable (cvs head) release 2.1.0 (15 December 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For whatever it's worth, 2.1.0 actually seems pretty darn stable to me
(Julian).  It looks eminently usable, and given that it fixes some
significant bugs, may well be worth using on a day-to-day basis.
2.1.0 is known to build and pass regression tests on: SuSE 9, SuSE
8.2, RedHat 8.

2.1.0 most notably includes Jeremy Fitzhardinge's complete overhaul of
handling of system calls and signals, and their interaction with
threads.  In general, the accuracy of the system call, thread and
signal simulations is much improved.  Specifically:

- Blocking system calls behave exactly as they do when running
  natively (not on valgrind).  That is, if a syscall blocks only the
  calling thread when running natively, than it behaves the same on
  valgrind.  No more mysterious hangs because V doesn't know that some
  syscall or other, should block only the calling thread.

- Interrupted syscalls should now give more faithful results.

- Finally, signal contexts in signal handlers are supported.  As a
  result, konqueror on SuSE 9 no longer segfaults when notified of
  file changes in directories it is watching.

Other changes:

- Robert Walsh's file descriptor leakage checks.  When enabled,
  Valgrind will print out a list of open file descriptors on
  exit.  Along with each file descriptor, Valgrind prints out a stack
  backtrace of where the file was opened and any details relating to the
  file descriptor such as the file name or socket details.
  To use, give: --track-fds=yes

- Implemented a few more SSE/SSE2 instructions.

- Less crud on the stack when you do 'where' inside a GDB attach.

- Fixed the following bugs:
  68360: Valgrind does not compile against 2.6.0-testX kernels
  68525: CVS head doesn't compile on C90 compilers
  68566: pkgconfig support (wishlist)
  68588: Assertion `sz == 4' failed in vg_to_ucode.c (disInstr)
  69140: valgrind not able to explicitly specify a path to a binary. 
  69432: helgrind asserts encountering a MutexErr when there are 
         EraserErr suppressions

- Increase the max size of the translation cache from 200k average bbs
  to 300k average bbs.  Programs on the size of OOo (680m17) are
  thrashing the cache at the smaller size, creating large numbers of
  retranslations and wasting significant time as a result.



Stable release 2.0.0 (5 Nov 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2.0.0 improves SSE/SSE2 support, fixes some minor bugs, and
improves support for SuSE 9 and the Red Hat "Severn" beta.

- Further improvements to SSE/SSE2 support.  The entire test suite of
  the GNU Scientific Library (gsl-1.4) compiled with Intel Icc 7.1
  20030307Z '-g -O -xW' now works.  I think this gives pretty good
  coverage of SSE/SSE2 floating point instructions, or at least the
  subset emitted by Icc.

- Also added support for the following instructions:
    MOVNTDQ UCOMISD UNPCKLPS UNPCKHPS SQRTSS
    PUSH/POP %{FS,GS}, and PUSH %CS (Nb: there is no POP %CS).

- CFI support for GDB version 6.  Needed to enable newer GDBs
  to figure out where they are when using --gdb-attach=yes.

- Fix this:
      mc_translate.c:1091 (memcheck_instrument): Assertion
      `u_in->size == 4 || u_in->size == 16' failed.

- Return an error rather than panicing when given a bad socketcall.

- Fix checking of syscall rt_sigtimedwait().

- Implement __NR_clock_gettime (syscall 265).  Needed on Red Hat Severn.

- Fixed bug in overlap check in strncpy() -- it was assuming the src was 'n'
  bytes long, when it could be shorter, which could cause false
  positives.

- Support use of select() for very large numbers of file descriptors.

- Don't fail silently if the executable is statically linked, or is
  setuid/setgid. Print an error message instead.

- Support for old DWARF-1 format line number info.



Snapshot 20031012 (12 October 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Three months worth of bug fixes, roughly.  Most significant single
change is improved SSE/SSE2 support, mostly thanks to Dirk Mueller.

20031012 builds on Red Hat Fedora ("Severn") but doesn't really work
(curiosly, mozilla runs OK, but a modest "ls -l" bombs).  I hope to
get a working version out soon.  It may or may not work ok on the
forthcoming SuSE 9; I hear positive noises about it but haven't been
able to verify this myself (not until I get hold of a copy of 9).

A detailed list of changes, in no particular order:

- Describe --gen-suppressions in the FAQ.

- Syscall __NR_waitpid supported.

- Minor MMX bug fix.

- -v prints program's argv[] at startup.

- More glibc-2.3 suppressions.

- Suppressions for stack underrun bug(s) in the c++ support library
  distributed with Intel Icc 7.0.

- Fix problems reading /proc/self/maps.

- Fix a couple of messages that should have been suppressed by -q, 
  but weren't.

- Make Addrcheck understand "Overlap" suppressions.

- At startup, check if program is statically linked and bail out if so.

- Cachegrind: Auto-detect Intel Pentium-M, also VIA Nehemiah

- Memcheck/addrcheck: minor speed optimisations

- Handle syscall __NR_brk more correctly than before.

- Fixed incorrect allocate/free mismatch errors when using
  operator new(unsigned, std::nothrow_t const&)
  operator new[](unsigned, std::nothrow_t const&)

- Support POSIX pthread spinlocks.

- Fixups for clean compilation with gcc-3.3.1.

- Implemented more opcodes: 
    - push %es
    - push %ds
    - pop %es
    - pop %ds
    - movntq
    - sfence
    - pshufw
    - pavgb
    - ucomiss
    - enter
    - mov imm32, %esp
    - all "in" and "out" opcodes
    - inc/dec %esp
    - A whole bunch of SSE/SSE2 instructions

- Memcheck: don't bomb on SSE/SSE2 code.


Snapshot 20030725 (25 July 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fixes some minor problems in 20030716.

- Fix bugs in overlap checking for strcpy/memcpy etc.

- Do overlap checking with Addrcheck as well as Memcheck.

- Fix this:
      Memcheck: the `impossible' happened:
      get_error_name: unexpected type

- Install headers needed to compile new skins.

- Remove leading spaces and colon in the LD_LIBRARY_PATH / LD_PRELOAD
  passed to non-traced children.

- Fix file descriptor leak in valgrind-listener.

- Fix longstanding bug in which the allocation point of a 
  block resized by realloc was not correctly set.  This may
  have caused confusing error messages.


Snapshot 20030716 (16 July 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

20030716 is a snapshot of our current CVS head (development) branch.
This is the branch which will become valgrind-2.0.  It contains
significant enhancements over the 1.9.X branch.

Despite this being a snapshot of the CVS head, it is believed to be
quite stable -- at least as stable as 1.9.6 or 1.0.4, if not more so
-- and therefore suitable for widespread use.  Please let us know asap
if it causes problems for you.

Two reasons for releasing a snapshot now are:

- It's been a while since 1.9.6, and this snapshot fixes
  various problems that 1.9.6 has with threaded programs 
  on glibc-2.3.X based systems.

- So as to make available improvements in the 2.0 line.

Major changes in 20030716, as compared to 1.9.6:

- More fixes to threading support on glibc-2.3.1 and 2.3.2-based
  systems (SuSE 8.2, Red Hat 9).  If you have had problems
  with inconsistent/illogical behaviour of errno, h_errno or the DNS
  resolver functions in threaded programs, 20030716 should improve
  matters.  This snapshot seems stable enough to run OpenOffice.org
  1.1rc on Red Hat 7.3, SuSE 8.2 and Red Hat 9, and that's a big
  threaded app if ever I saw one.

- Automatic generation of suppression records; you no longer
  need to write them by hand.  Use --gen-suppressions=yes.

- strcpy/memcpy/etc check their arguments for overlaps, when
  running with the Memcheck or Addrcheck skins.

- malloc_usable_size() is now supported.

- new client requests:
    - VALGRIND_COUNT_ERRORS, VALGRIND_COUNT_LEAKS: 
      useful with regression testing
    - VALGRIND_NON_SIMD_CALL[0123]: for running arbitrary functions 
      on real CPU (use with caution!)

- The GDB attach mechanism is more flexible.  Allow the GDB to
  be run to be specified by --gdb-path=/path/to/gdb, and specify
  which file descriptor V will read its input from with
  --input-fd=<number>.

- Cachegrind gives more accurate results (wasn't tracking instructions in
  malloc() and friends previously, is now).

- Complete support for the MMX instruction set.

- Partial support for the SSE and SSE2 instruction sets.  Work for this
  is ongoing.  About half the SSE/SSE2 instructions are done, so
  some SSE based programs may work.  Currently you need to specify
  --skin=addrcheck.  Basically not suitable for real use yet.

- Significant speedups (10%-20%) for standard memory checking.

- Fix assertion failure in pthread_once().

- Fix this:
    valgrind: vg_intercept.c:598 (vgAllRoadsLeadToRome_select): 
              Assertion `ms_end >= ms_now' failed.

- Implement pthread_mutexattr_setpshared.

- Understand Pentium 4 branch hints.  Also implemented a couple more
  obscure x86 instructions.

- Lots of other minor bug fixes.

- We have a decent regression test system, for the first time.
  This doesn't help you directly, but it does make it a lot easier
  for us to track the quality of the system, especially across
  multiple linux distributions.  

  You can run the regression tests with 'make regtest' after 'make
  install' completes.  On SuSE 8.2 and Red Hat 9 I get this:
 
     == 84 tests, 0 stderr failures, 0 stdout failures ==

  On Red Hat 8, I get this:

     == 84 tests, 2 stderr failures, 1 stdout failure ==
     corecheck/tests/res_search               (stdout)
     memcheck/tests/sigaltstack               (stderr)

  sigaltstack is probably harmless.  res_search doesn't work
  on R H 8 even running natively, so I'm not too worried.   

  On Red Hat 7.3, a glibc-2.2.5 system, I get these harmless failures:

     == 84 tests, 2 stderr failures, 1 stdout failure ==
     corecheck/tests/pth_atfork1              (stdout)
     corecheck/tests/pth_atfork1              (stderr)
     memcheck/tests/sigaltstack               (stderr)

  You need to run on a PII system, at least, since some tests
  contain P6-specific instructions, and the test machine needs
  access to the internet so that corecheck/tests/res_search
  (a test that the DNS resolver works) can function.

As ever, thanks for the vast amount of feedback :) and bug reports :(
We may not answer all messages, but we do at least look at all of
them, and tend to fix the most frequently reported bugs.



Version 1.9.6 (7 May 2003 or thereabouts)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Major changes in 1.9.6:

- Improved threading support for glibc >= 2.3.2 (SuSE 8.2,
  RedHat 9, to name but two ...)  It turned out that 1.9.5
  had problems with threading support on glibc >= 2.3.2,
  usually manifested by threaded programs deadlocking in system calls,
  or running unbelievably slowly.  Hopefully these are fixed now.  1.9.6
  is the first valgrind which gives reasonable support for
  glibc-2.3.2.  Also fixed a 2.3.2 problem with pthread_atfork().

- Majorly expanded FAQ.txt.  We've added workarounds for all
  common problems for which a workaround is known.

Minor changes in 1.9.6:

- Fix identification of the main thread's stack.  Incorrect
  identification of it was causing some on-stack addresses to not get
  identified as such.  This only affected the usefulness of some error
  messages; the correctness of the checks made is unchanged.

- Support for kernels >= 2.5.68.

- Dummy implementations of __libc_current_sigrtmin, 
  __libc_current_sigrtmax and __libc_allocate_rtsig, hopefully
  good enough to keep alive programs which previously died for lack of
  them.

- Fix bug in the VALGRIND_DISCARD_TRANSLATIONS client request.

- Fix bug in the DWARF2 debug line info loader, when instructions 
  following each other have source lines far from each other 
  (e.g. with inlined functions).

- Debug info reading: read symbols from both "symtab" and "dynsym"
  sections, rather than merely from the one that comes last in the
  file.

- New syscall support: prctl(), creat(), lookup_dcookie().

- When checking calls to accept(), recvfrom(), getsocketopt(),
  don't complain if buffer values are NULL.

- Try and avoid assertion failures in
  mash_LD_PRELOAD_and_LD_LIBRARY_PATH.

- Minor bug fixes in cg_annotate.



Version 1.9.5 (7 April 2003)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

It occurs to me that it would be helpful for valgrind users to record
in the source distribution the changes in each release.  So I now
attempt to mend my errant ways :-)  Changes in this and future releases
will be documented in the NEWS file in the source distribution.

Major changes in 1.9.5:

- (Critical bug fix): Fix a bug in the FPU simulation.  This was
  causing some floating point conditional tests not to work right.
  Several people reported this.  If you had floating point code which
  didn't work right on 1.9.1 to 1.9.4, it's worth trying 1.9.5.

- Partial support for Red Hat 9.  RH9 uses the new Native Posix 
  Threads Library (NPTL), instead of the older LinuxThreads.  
  This potentially causes problems with V which will take some
  time to correct.  In the meantime we have partially worked around
  this, and so 1.9.5 works on RH9.  Threaded programs still work,
  but they may deadlock, because some system calls (accept, read,
  write, etc) which should be nonblocking, in fact do block.  This
  is a known bug which we are looking into.

  If you can, your best bet (unfortunately) is to avoid using 
  1.9.5 on a Red Hat 9 system, or on any NPTL-based distribution.
  If your glibc is 2.3.1 or earlier, you're almost certainly OK.

Minor changes in 1.9.5:

- Added some #errors to valgrind.h to ensure people don't include
  it accidentally in their sources.  This is a change from 1.0.X
  which was never properly documented.  The right thing to include
  is now memcheck.h.  Some people reported problems and strange
  behaviour when (incorrectly) including valgrind.h in code with 
  1.9.1 -- 1.9.4.  This is no longer possible.

- Add some __extension__ bits and pieces so that gcc configured
  for valgrind-checking compiles even with -Werror.  If you
  don't understand this, ignore it.  Of interest to gcc developers
  only.

- Removed a pointless check which caused problems interworking 
  with Clearcase.  V would complain about shared objects whose
  names did not end ".so", and refuse to run.  This is now fixed.
  In fact it was fixed in 1.9.4 but not documented.

- Fixed a bug causing an assertion failure of "waiters == 1"
  somewhere in vg_scheduler.c, when running large threaded apps,
  notably MySQL.

- Add support for the munlock system call (124).

Some comments about future releases:

1.9.5 is, we hope, the most stable Valgrind so far.  It pretty much
supersedes the 1.0.X branch.  If you are a valgrind packager, please
consider making 1.9.5 available to your users.  You can regard the
1.0.X branch as obsolete: 1.9.5 is stable and vastly superior.  There
are no plans at all for further releases of the 1.0.X branch.

If you want a leading-edge valgrind, consider building the cvs head
(from SourceForge), or getting a snapshot of it.  Current cool stuff
going in includes MMX support (done); SSE/SSE2 support (in progress),
a significant (10-20%) performance improvement (done), and the usual
large collection of minor changes.  Hopefully we will be able to
improve our NPTL support, but no promises.