NEWS

Release 3.10.0 (?? ?????? 201?)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.10.0 is not yet released.

* ================== PLATFORM CHANGES =================

* Support for Android on MIPS32.

* ==================== TOOL CHANGES ====================

* Helgrind:

* Callgrind:
  - callgrind_control now supports the --vgdb-prefix argument,
    which is needed if valgrind was started with this same argument.

* ==================== OTHER CHANGES ====================

* New and modified GDB server monitor features:

  - A new monitor command "v.info stats" that shows various valgrind core and
    tool statistics.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

308729  vex x86->IR: unhandled instruction bytes 0xf 0x5 (syscall) 
325714  Empty vgcore but RLIMIT_CORE is big enough (too big) 
326462  Refactor vgdb to isolate invoker stuff into separate module
326983  Clear direction flag after tests on amd64.
327238  Callgrind Assertion 'passed <= last_bb->cjmp_count' failed
327284  s390x: Fix translation of the risbg instruction
327837  dwz compressed alternate .debug_info and .debug_str not read correctly
327916  DW_TAG_typedef may have no name
328100  XABORT not implemented
328205  Implement additional Xen hypercalls
328455  s390x: SIGILL after emitting wrong register pair for ldxbr
328711  valgrind.1 manpage "memcheck options" section is badly generated
329612  Incorrect handling of AT_BASE for image execution 
330459  --track-fds=yes doesn't track eventfds
330469  Add clock_adjtime syscall support
330939  Support for AMD's syscall instruction on x86
330941  Typo in PRE(poll) syscall wrapper
n-i-bz  Fix KVM_CREATE_IRQCHIP ioctl handling

Release 3.9.0 (31 October 2013)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.9.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, MIPS32/Linux, MIPS64/Linux, ARM/Android,
X86/Android, X86/MacOSX 10.7 and AMD64/MacOSX 10.7.  Support for
MacOSX 10.8 is significantly improved relative to the 3.8.0 release.

* ================== PLATFORM CHANGES =================

* Support for MIPS64 LE and BE running Linux.  Valgrind has been
  tested on MIPS64 Debian Squeeze and Debian Wheezy distributions.

* Support for MIPS DSP ASE on MIPS32 platforms.

* Support for s390x Decimal Floating Point instructions on hosts that
  have the DFP facility installed.

* Support for POWER8 (Power ISA 2.07) instructions

* Support for Intel AVX2 instructions.  This is available only on 64
  bit code.

* Initial support for Intel Transactional Synchronization Extensions,
  both RTM and HLE.

* Initial support for Hardware Transactional Memory on POWER.

* Improved support for MacOSX 10.8 (64-bit only).  Memcheck can now
  run large GUI apps tolerably well.

* ==================== TOOL CHANGES ====================

* Memcheck:

  - Improvements in handling of vectorised code, leading to
    significantly fewer false error reports.  You need to use the flag
    --partial-loads-ok=yes to get the benefits of these changes.

  - Better control over the leak checker.  It is now possible to
    specify which leak kinds (definite/indirect/possible/reachable)
    should be displayed, which should be regarded as errors, and which
    should be suppressed by a given leak suppression.  This is done
    using the options --show-leak-kinds=kind1,kind2,..,
    --errors-for-leak-kinds=kind1,kind2,.. and an optional
    "match-leak-kinds:" line in suppression entries, respectively.

    Note that generated leak suppressions contain this new line and
    are therefore more specific than in previous releases.  To get the
    same behaviour as previous releases, remove the "match-leak-kinds:"
    line from generated suppressions before using them.

  - Reduced "possible leak" reports from the leak checker by the use
    of better heuristics.  The available heuristics provide detection
    of valid interior pointers to std::stdstring, to new[] allocated
    arrays with elements having destructors and to interior pointers
    pointing to an inner part of a C++ object using multiple
    inheritance.  They can be selected individually using the
    option --leak-check-heuristics=heur1,heur2,...

  - Better control of stacktrace acquisition for heap-allocated
    blocks.  Using the --keep-stacktraces option, it is possible to
    control independently whether a stack trace is acquired for each
    allocation and deallocation.  This can be used to create better
    "use after free" errors or to decrease Valgrind's resource
    consumption by recording less information.

  - Better reporting of leak suppression usage.  The list of used
    suppressions (shown when the -v option is given) now shows, for
    each leak suppressions, how many blocks and bytes it suppressed
    during the last leak search.

* Helgrind:

  - False errors resulting from the use of statically initialised
    mutexes and condition variables (PTHREAD_MUTEX_INITIALISER, etc)
    have been removed.

  - False errors resulting from the use of pthread_cond_waits that
    timeout, have been removed.

* ==================== OTHER CHANGES ====================

* Some attempt to tune Valgrind's space requirements to the expected
  capabilities of the target:

  - The default size of the translation cache has been reduced from 8
    sectors to 6 on Android platforms, since each sector occupies
    about 40MB when using Memcheck.

  - The default size of the translation cache has been increased to 16
    sectors on all other platforms, reflecting the fact that large
    applications require instrumentation and storage of huge amounts
    of code.  For similar reasons, the number of memory mapped
    segments that can be tracked has been increased by a factor of 6.

  - In all cases, the maximum number of sectors in the translation
    cache can be controlled by the new flag --num-transtab-sectors.

* Changes in how debug info (line numbers, etc) is read:

  - Valgrind no longer temporarily mmaps the entire object to read
    from it.  Instead, reading is done through a small fixed sized
    buffer.  This avoids virtual memory usage spikes when Valgrind
    reads debuginfo from large shared objects.

  - A new experimental remote debug info server.  Valgrind can read
    debug info from a different machine (typically, a build host)
    where debuginfo objects are stored.  This can save a lot of time
    and hassle when running Valgrind on resource-constrained targets
    (phones, tablets) when the full debuginfo objects are stored
    somewhere else.  This is enabled by the --debuginfo-server=
    option.

  - Consistency checking between main and debug objects can be
    disabled using the --allow-mismatched-debuginfo option.

* Stack unwinding by stack scanning, on ARM.  Unwinding by stack
  scanning can recover stack traces in some cases when the normal
  unwind mechanisms fail.  Stack scanning is best described as "a
  nasty, dangerous and misleading hack" and so is disabled by default.
  Use --unw-stack-scan-thresh and --unw-stack-scan-frames to enable
  and control it.

* Detection and merging of recursive stack frame cycles.  When your
  program has recursive algorithms, this limits the memory used by
  Valgrind for recorded stack traces and avoids recording
  uninteresting repeated calls.  This is controlled by the command
  line option --merge-recursive-frame and by the monitor command
  "v.set merge-recursive-frames".

* File name and line numbers for used suppressions.  The list of used
  suppressions (shown when the -v option is given) now shows, for each
  used suppression, the file name and line number where the suppression
  is defined.

* New and modified GDB server monitor features:

  - valgrind.h has a new client request, VALGRIND_MONITOR_COMMAND,
    that can be used to execute gdbserver monitor commands from the
    client program.

  - A new monitor command, "v.info open_fds", that gives the list of
    open file descriptors and additional details.

  - An optional message in the "v.info n_errs_found" monitor command,
    for example "v.info n_errs_found test 1234 finished", allowing a
    comment string to be added to the process output, perhaps for the
    purpose of separating errors of different tests or test phases.

  - A new monitor command "v.info execontext" that shows information
    about the stack traces recorded by Valgrind.

  - A new monitor command "v.do expensive_sanity_check_general" to run
    some internal consistency checks.

* New flag --sigill-diagnostics to control whether a diagnostic
  message is printed when the JIT encounters an instruction it can't
  translate.  The actual behavior -- delivery of SIGILL to the
  application -- is unchanged.

* The maximum amount of memory that Valgrind can use on 64 bit targets
  has been increased from 32GB to 64GB.  This should make it possible
  to run applications on Memcheck that natively require up to about 35GB.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

123837  system call: 4th argument is optional, depending on cmd
135425  memcheck should tell you where Freed blocks were Mallocd
164485  VG_N_SEGNAMES and VG_N_SEGMENTS are (still) too small
207815  Adds some of the drm ioctls to syswrap-linux.c 
251569  vex amd64->IR: 0xF 0x1 0xF9 0xBF 0x90 0xD0 0x3 0x0 (RDTSCP)
252955  Impossible to compile with ccache
253519  Memcheck reports auxv pointer accesses as invalid reads.
263034  Crash when loading some PPC64 binaries
269599  Increase deepest backtrace
274695  s390x: Support "compare to/from logical" instructions (z196)
275800  s390x: Autodetect cache info (part 2)
280271  Valgrind reports possible memory leaks on still-reachable std::string
284540  Memcheck shouldn't count suppressions matching still-reachable [..]
289578  Backtraces with ARM unwind tables (stack scan flags)
296311  Wrong stack traces due to -fomit-frame-pointer (x86) 
304832  ppc32: build failure
305431  Use find_buildid shdr fallback for separate .debug files
305728  Add support for AVX2 instructions
305948  ppc64: code generation for ShlD64 / ShrD64 asserts
306035  s390x: Fix IR generation for LAAG and friends
306054  s390x: Condition code computation for convert-to-int/logical
306098  s390x: alternate opcode form for convert to/from fixed
306587  Fix cache line detection from auxiliary vector for PPC.
306783  Mips unhandled syscall :  4025  /  4079  / 4182
307038  DWARF2 CFI reader: unhandled DW_OP_ opcode 0x8 (DW_OP_const1u et al)
307082  HG false positive: pthread_cond_destroy: destruction of unknown CV
307101  sys_capget second argument can be NULL
307103  sys_openat: If pathname is absolute, then dirfd is ignored.
307106  amd64->IR: f0 0f c0 02 (lock xadd byte)
307113  s390x: DFP support
307141  valgrind does't work in mips-linux system
307155  filter_gdb should filter out syscall-template.S T_PSEUDO
307285  x86_amd64 feature test for avx in test suite is wrong
307290  memcheck overlap testcase needs memcpy version filter
307463  Please add "&limit=0" to the "all open bugs" link
307465  --show-possibly-lost=no should reduce the error count / exit code
307557  Leaks on Mac OS X 10.7.5 libraries at ImageLoader::recursiveInit[..]
307729  pkgconfig support broken valgrind.pc
307828  Memcheck false errors SSE optimized wcscpy, wcscmp, wcsrchr, wcschr
307955  Building valgrind 3.7.0-r4 fails in Gentoo AMD64 when using clang
308089  Unhandled syscall on ppc64: prctl
308135  PPC32 MPC8xx has 16 bytes cache size
308321  testsuite memcheck filter interferes with gdb_filter 
308333 == 307106
308341  vgdb should report process exit (or fatal signal)
308427  s390 memcheck reports tsearch cjump/cmove depends on uninit
308495  Remove build dependency on installed Xen headers
308573  Internal error on 64-bit instruction executed in 32-bit mode
308626  == 308627
308627  pmovmskb validity bit propagation is imprecise
308644  vgdb command for having the info for the track-fds option
308711  give more info about aspacemgr and arenas in out_of_memory
308717  ARM: implement fixed-point VCVT.F64.[SU]32
308718  ARM implement SMLALBB family of instructions
308886  Missing support for PTRACE_SET/GETREGSET 
308930  syscall name_to_handle_at (303 on amd64) not handled
309229  V-bit tester does not report number of tests generated
309323  print unrecognized instuction on MIPS
309425  Provide a --sigill-diagnostics flag to suppress illegal [..]
309427  SSE optimized stpncpy trigger uninitialised value [..] errors
309430  Self hosting ppc64 encounters a vassert error on operand type
309600  valgrind is a bit confused about 0-sized sections
309823  Generate errors for still reachable blocks
309921  PCMPISTRI validity bit propagation is imprecise
309922  none/tests/ppc64/test_dfp5 sometimes fails
310169  The Iop_CmpORD class of Iops is not supported by the vbit checker.
310424  --read-var-info does not properly describe static variables 
310792  search additional path for debug symbols
310931  s390x: Message-security assist (MSA) instruction extension [..]
311100  PPC DFP implementation of the integer operands is inconsistent [..]
311318  ARM: "128-bit constant is not implemented" error message
311407  ssse3 bcopy (actually converted memcpy) causes invalid read [..]
311690  V crashes because it redirects branches inside of a redirected function
311880  x86_64: make regtest hangs at shell_valid1
311922  WARNING: unhandled syscall: 170
311933  == 251569
312171  ppc: insn selection for DFP
312571  Rounding mode call wrong for the DFP Iops [..]
312620  Change to Iop_D32toD64 [..] for s390 DFP support broke ppc [..]
312913  Dangling pointers error should also report the alloc stack trace
312980  Building on Mountain Lion generates some compiler warnings
313267  Adding MIPS64/Linux port to Valgrind
313348  == 251569
313354  == 251569
313811  Buffer overflow in assert_fail
314099  coverity pointed out error in VEX guest_ppc_toIR.c insn_suffix
314269  ppc: dead code in insn selection
314718  ARM: implement integer divide instruction (sdiv and udiv)
315345  cl-format.xml and callgrind/dump.c don't agree on using cfl= or cfi=
315441  sendmsg syscall should ignore unset msghdr msg_flags
315534  msgrcv inside a thread causes valgrind to hang (block)
315545  Assertion '(UChar*)sec->tt[tteNo].tcptr <= (UChar*)hcode' failed
315689  disInstr(thumb): unhandled instruction: 0xF852 0x0E10 (LDRT)
315738  disInstr(arm): unhandled instruction: 0xEEBE0BEE (vcvt.s32.f64)
315959  valgrind man page has bogus SGCHECK (and no BBV) OPTIONS section
316144  valgrind.1 manpage contains unknown ??? strings [..]
316145  callgrind command line options in manpage reference (unknown) [..]
316145  callgrind command line options in manpage reference [..]
316181  drd: Fixed a 4x slowdown for certain applications
316503  Valgrind does not support SSE4 "movntdqa" instruction
316535  Use of |signed int| instead of |size_t| in valgrind messages
316696   fluidanimate program of parsec 2.1 stuck 
316761  syscall open_by_handle_at (304 on amd64, 342 on x86) not handled
317091  Use -Wl,-Ttext-segment when static linking if possible [..]
317186  "Impossible happens" when occurs VCVT instruction on ARM
317318  Support for Threading Building Blocks "scalable_malloc"
317444  amd64->IR: 0xC4 0x41 0x2C 0xC2 0xD2 0x8 (vcmpeq_uqps)
317461  Fix BMI assembler configure check and avx2/bmi/fma vgtest prereqs
317463  bmi testcase IR SANITY CHECK FAILURE
317506  memcheck/tests/vbit-test fails with unknown opcode after [..]
318050  libmpiwrap fails to compile with out-of-source build
318203  setsockopt handling needs to handle SOL_SOCKET/SO_ATTACH_FILTER
318643  annotate_trace_memory tests infinite loop on arm and ppc [..]
318773  amd64->IR: 0xF3 0x48 0x0F 0xBC 0xC2 0xC3 0x66 0x0F
318929  Crash with: disInstr(thumb): 0xF321 0x0001 (ssat16)
318932  Add missing PPC64 and PPC32 system call support
319235  --db-attach=yes is broken with Yama (ptrace scoping) enabled
319395  Crash with unhandled instruction on STRT (Thumb) instructions
319494  VEX Makefile-gcc standalone build update after r2702
319505  [MIPSEL] Crash: unhandled UNRAY operator.
319858  disInstr(thumb): unhandled instruction on instruction STRBT
319932  disInstr(thumb): unhandled instruction on instruction STRHT
320057  Problems when we try to mmap more than 12 memory pages on MIPS32
320063  Memory from PTRACE_GET_THREAD_AREA is reported uninitialised
320083  disInstr(thumb): unhandled instruction on instruction LDRBT
320116  bind on AF_BLUETOOTH produces warnings because of sockaddr_rc padding
320131  WARNING: unhandled syscall: 369 on ARM (prlimit64)
320211  Stack buffer overflow in ./coregrind/m_main.c with huge TMPDIR
320661  vgModuleLocal_read_elf_debug_info(): "Assertion '!di->soname'
320895  add fanotify support (patch included)
320998  vex amd64->IR pcmpestri and pcmpestrm SSE4.2 instruction
321065  Valgrind updates for Xen 4.3
321148  Unhandled instruction: PLI (Thumb 1, 2, 3)
321363  Unhandled instruction: SSAX (ARM + Thumb)
321364  Unhandled instruction: SXTAB16 (ARM + Thumb)
321466  Unhandled instruction: SHASX (ARM + Thumb)
321467  Unhandled instruction: SHSAX (ARM + Thumb)
321468  Unhandled instruction: SHSUB16 (ARM + Thumb)
321619  Unhandled instruction: SHSUB8 (ARM + Thumb)
321620  Unhandled instruction: UASX (ARM + Thumb)
321621  Unhandled instruction: USAX (ARM + Thumb)
321692  Unhandled instruction: UQADD16 (ARM + Thumb)
321693  Unhandled instruction: LDRSBT (Thumb)
321694  Unhandled instruction: UQASX (ARM + Thumb)
321696  Unhandled instruction: UQSAX (Thumb + ARM)
321697  Unhandled instruction: UHASX (ARM + Thumb)
321703  Unhandled instruction: UHSAX (ARM + Thumb)
321704  Unhandled instruction: REVSH (ARM + Thumb)
321730  Add cg_diff and cg_merge man pages
321738  Add vgdb and valgrind-listener man pages
321814  == 315545
321891  Unhandled instruction: LDRHT (Thumb)
321960  pthread_create() then alloca() causing invalid stack write errors
321969  ppc32 and ppc64 don't support [lf]setxattr
322254  Show threadname together with tid if set by application
322294  Add initial support for IBM Power ISA 2.07
322368  Assertion failure in wqthread_hijack under OS X 10.8
322563  vex mips->IR: 0x70 0x83 0xF0 0x3A
322807  VALGRIND_PRINTF_BACKTRACE writes callstack to xml and text to stderr
322851  0bXXX binary literal syntax is not standard 
323035  Unhandled instruction: LDRSHT(Thumb)
323036  Unhandled instruction: SMMLS (ARM and Thumb)
323116  The memcheck/tests/ppc64/power_ISA2_05.c fails to build [..]
323175  Unhandled instruction: SMLALD (ARM + Thumb)
323177  Unhandled instruction: SMLSLD (ARM + Thumb)
323432  Calling pthread_cond_destroy() or pthread_mutex_destroy() [..]
323437  Phase 2 support for IBM Power ISA 2.07
323713  Support mmxext (integer sse) subset on i386 (athlon)
323803  Transactional memory instructions are not supported for Power
323893  SSE3 not available on amd cpus in valgrind
323905  Probable false positive from Valgrind/drd on close()
323912  valgrind.h header isn't compatible for mingw64
324047  Valgrind doesn't support [LDR,ST]{S}[B,H]T ARM instructions
324149  helgrind: When pthread_cond_timedwait returns ETIMEDOUT [..]
324181  mmap does not handle MAP_32BIT
324227  memcheck false positive leak when a thread calls exit+block [..]
324421  Support for fanotify API on ARM architecture
324514  gdbserver monitor cmd output behaviour consistency [..]
324518  ppc64: Emulation of dcbt instructions does not handle [..]
324546  none/tests/ppc32 test_isa_2_07_part2 requests -m64
324582  When access is made to freed memory, report both allocation [..]
324594  Fix overflow computation for Power ISA 2.06 insns: mulldo/mulldo.
324765  ppc64: illegal instruction when executing none/tests/ppc64/jm-misc
324816  Incorrect VEX implementation for xscvspdp/xvcvspdp for SNaN inputs
324834  Unhandled instructions in Microsoft C run-time for x86_64
324894  Phase 3 support for IBM Power ISA 2.07
326091  drd: Avoid false race reports from optimized strlen() impls
326113  valgrind libvex hwcaps error on AMD64 
n-i-bz  Some wrong command line options could be ignored
n-i-bz  patch to allow fair-sched on android
n-i-bz  report error for vgdb snapshot requested before execution
n-i-bz  same as 303624 (fixed in 3.8.0), but for x86 android

(3.9.0: 31 October 2013, vex r2796, valgrind r13708)



Release 3.8.1 (19 September 2012)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.8.1 is a bug fix release.  It fixes some assertion failures in 3.8.0
that occur moderately frequently in real use cases, adds support for
some missing instructions on ARM, and fixes a deadlock condition on
MacOSX.  If you package or deliver 3.8.0 for others to use, you might
want to consider upgrading to 3.8.1 instead.

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

284004  == 301281
289584  Unhandled instruction: 0xF 0x29 0xE5 (MOVAPS)
295808  amd64->IR: 0xF3 0xF 0xBC 0xC0 (TZCNT)
298281  wcslen causes false(?) uninitialised value warnings
301281  valgrind hangs on OS X when the process calls system()
304035  disInstr(arm): unhandled instruction 0xE1023053
304867  implement MOVBE instruction in x86 mode
304980  Assertion 'lo <= hi' failed in vgModuleLocal_find_rx_mapping
305042  amd64: implement 0F 7F encoding of movq between two registers
305199  ARM: implement QDADD and QDSUB
305321  amd64->IR: 0xF 0xD 0xC (prefetchw)
305513  killed by fatal signal: SIGSEGV
305690  DRD reporting invalid semaphore when sem_trywait fails
305926  Invalid alignment checks for some AVX instructions
306297  disInstr(thumb): unhandled instruction 0xE883 0x000C
306310  3.8.0 release tarball missing some files
306612  RHEL 6 glibc-2.X default suppressions need /lib*/libc-*patterns
306664  vex amd64->IR: 0x66 0xF 0x3A 0x62 0xD1 0x46 0x66 0xF
n-i-bz  shmat of a segment > 4Gb does not work 
n-i-bz  simulate_control_c script wrong USR1 signal number on mips
n-i-bz  vgdb ptrace calls wrong on mips [...]
n-i-bz  Fixes for more MPI false positives
n-i-bz  exp-sgcheck's memcpy causes programs to segfault
n-i-bz  OSX build w/ clang: asserts at startup
n-i-bz  Incorrect undef'dness prop for Iop_DPBtoBCD and Iop_BCDtoDPB
n-i-bz  fix a couple of union tag-vs-field mixups
n-i-bz  OSX: use __NR_poll_nocancel rather than __NR_poll

The following bugs were fixed in 3.8.0 but not listed in this NEWS
file at the time:

254088  Valgrind should know about UD2 instruction
301280  == 254088
301902  == 254088
304754  NEWS blows TeX's little mind

(3.8.1: 19 September 2012, vex r2537, valgrind r12996)



Release 3.8.0 (10 August 2012)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.8.0 is a feature release with many improvements and the usual
collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, MIPS/Linux, ARM/Android, X86/Android,
X86/MacOSX 10.6/10.7 and AMD64/MacOSX 10.6/10.7.  Support for recent
distros and toolchain components (glibc 2.16, gcc 4.7) has been added.
There is initial support for MacOSX 10.8, but it is not usable for
serious work at present.

* ================== PLATFORM CHANGES =================

* Support for MIPS32 platforms running Linux.  Valgrind has been
  tested on MIPS32 and MIPS32r2 platforms running different Debian
  Squeeze and MeeGo distributions.  Both little-endian and big-endian
  cores are supported.  The tools Memcheck, Massif and Lackey have
  been tested and are known to work. See README.mips for more details.

* Preliminary support for Android running on x86.

* Preliminary (as-yet largely unusable) support for MacOSX 10.8.

* Support for Intel AVX instructions and for AES instructions.  This
  support is available only for 64 bit code.

* Support for POWER Decimal Floating Point instructions.

* ==================== TOOL CHANGES ====================

* Non-libc malloc implementations are now supported.  This is useful
  for tools that replace malloc (Memcheck, Massif, DRD, Helgrind).
  Using the new option --soname-synonyms, such tools can be informed
  that the malloc implementation is either linked statically into the
  executable, or is present in some other shared library different
  from libc.so.  This makes it possible to process statically linked
  programs, and programs using other malloc libraries, for example
  TCMalloc or JEMalloc.

* For tools that provide their own replacement for malloc et al, the
  option --redzone-size=<number> allows users to specify the size of
  the padding blocks (redzones) added before and after each client
  allocated block.  Smaller redzones decrease the memory needed by
  Valgrind.  Bigger redzones increase the chance to detect blocks
  overrun or underrun.  Prior to this change, the redzone size was
  hardwired to 16 bytes in Memcheck.

* Memcheck:

  - The leak_check GDB server monitor command now can
    control the maximum nr of loss records to output.

  - Reduction of memory use for applications allocating
    many blocks and/or having many partially defined bytes.

  - Addition of GDB server monitor command 'block_list' that lists
    the addresses/sizes of the blocks of a leak search loss record.

  - Addition of GDB server monitor command 'who_points_at' that lists
    the locations pointing at a block.

  - If a redzone size > 0 is given, VALGRIND_MALLOCLIKE_BLOCK now will
    detect an invalid access of these redzones, by marking them
    noaccess.  Similarly, if a redzone size is given for a memory
    pool, VALGRIND_MEMPOOL_ALLOC will mark the redzones no access.
    This still allows to find some bugs if the user has forgotten to
    mark the pool superblock noaccess.

  - Performance of memory leak check has been improved, especially in
    cases where there are many leaked blocks and/or many suppression
    rules used to suppress leak reports.

  - Reduced noise (false positive) level on MacOSX 10.6/10.7, due to
    more precise analysis, which is important for LLVM/Clang
    generated code.  This is at the cost of somewhat reduced
    performance.  Note there is no change to analysis precision or
    costs on Linux targets.

* DRD:

  - Added even more facilities that can help finding the cause of a data
    race, namely the command-line option --ptrace-addr and the macro
    DRD_STOP_TRACING_VAR(x). More information can be found in the manual.

  - Fixed a subtle bug that could cause false positive data race reports.

* ==================== OTHER CHANGES ====================

* The C++ demangler has been updated so as to work well with C++ 
  compiled by up to at least g++ 4.6.

* Tool developers can make replacement/wrapping more flexible thanks
  to the new option --soname-synonyms.  This was reported above, but
  in fact is very general and applies to all function
  replacement/wrapping, not just to malloc-family functions.

* Round-robin scheduling of threads can be selected, using the new
  option --fair-sched= yes.  Prior to this change, the pipe-based
  thread serialisation mechanism (which is still the default) could
  give very unfair scheduling.  --fair-sched=yes improves
  responsiveness of interactive multithreaded applications, and
  improves repeatability of results from the thread checkers Helgrind
  and DRD.

* For tool developers: support to run Valgrind on Valgrind has been
  improved.  We can now routinely Valgrind on Helgrind or Memcheck.

* gdbserver now shows the float shadow registers as integer
  rather than float values, as the shadow values are mostly
  used as bit patterns.

* Increased limit for the --num-callers command line flag to 500.

* Performance improvements for error matching when there are many
  suppression records in use.

* Improved support for DWARF4 debugging information (bug 284184).

* Initial support for DWZ compressed Dwarf debug info.

* Improved control over the IR optimiser's handling of the tradeoff
  between performance and precision of exceptions.  Specifically,
  --vex-iropt-precise-memory-exns has been removed and replaced by
  --vex-iropt-register-updates, with extended functionality.  This
  allows the Valgrind gdbserver to always show up to date register
  values to GDB.

* Modest performance gains through the use of translation chaining for
  JIT-generated code.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (https://bugs.kde.org/enter_bug.cgi?product=valgrind) rather
than mailing the developers (or mailing lists) directly -- bugs that
are not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
  https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

197914  Building valgrind from svn now requires automake-1.10
203877  increase to 16Mb maximum allowed alignment for memalign et al
219156  Handle statically linked malloc or other malloc lib (e.g. tcmalloc) 
247386  make perf does not run all performance tests
270006  Valgrind scheduler unfair 
270777  Adding MIPS/Linux port to Valgrind
270796  s390x: Removed broken support for the TS insn
271438  Fix configure for proper SSE4.2 detection
273114  s390x: Support TR, TRE, TROO, TROT, TRTO, and TRTT instructions
273475  Add support for AVX instructions
274078  improved configure logic for mpicc
276993  fix mremap 'no thrash checks' 
278313  Fedora 15/x64: err read debug info with --read-var-info=yes flag
281482  memcheck incorrect byte allocation count in realloc() for silly argument
282230  group allocator for small fixed size, use it for MC_Chunk/SEc vbit
283413  Fix wrong sanity check
283671  Robustize alignment computation in LibVEX_Alloc
283961  Adding support for some HCI IOCTLs
284124  parse_type_DIE: confused by: DWARF 4
284864  == 273475 (Add support for AVX instructions)
285219  Too-restrictive constraints for Thumb2 "SP plus/minus register"
285662  (MacOSX): Memcheck needs to replace memcpy/memmove
285725  == 273475 (Add support for AVX instructions)
286261  add wrapper for linux I2C_RDWR ioctl
286270  vgpreload is not friendly to 64->32 bit execs, gives ld.so warnings
286374  Running cachegrind with --branch-sim=yes on 64-bit PowerPC program fails
286384  configure fails "checking for a supported version of gcc"
286497  == 273475 (Add support for AVX instructions)
286596  == 273475 (Add support for AVX instructions)
286917  disInstr(arm): unhandled instruction: QADD (also QSUB)
287175  ARM: scalar VFP fixed-point VCVT instructions not handled
287260  Incorrect conditional jump or move depends on uninitialised value(s)
287301  vex amd64->IR: 0x66 0xF 0x38 0x41 0xC0 0xB8 0x0 0x0 (PHMINPOSUW)
287307  == 273475 (Add support for AVX instructions)
287858  VG_(strerror): unknown error 
288298  (MacOSX) unhandled syscall shm_unlink
288995  == 273475 (Add support for AVX instructions)
289470  Loading of large Mach-O thin binaries fails.
289656  == 273475 (Add support for AVX instructions)
289699  vgdb connection in relay mode erroneously closed due to buffer overrun 
289823  ==  293754 (PCMPxSTRx not implemented for 16-bit characters)
289839  s390x: Provide support for unicode conversion instructions
289939  monitor cmd 'leak_check' with details about leaked or reachable blocks
290006  memcheck doesn't mark %xmm as initialized after "pcmpeqw %xmm %xmm"
290655  Add support for AESKEYGENASSIST instruction 
290719  valgrind-3.7.0 fails with automake-1.11.2 due to"pkglibdir" usage
290974  vgdb must align pages to VKI_SHMLBA (16KB) on ARM 
291253  ES register not initialised in valgrind simulation
291568  Fix 3DNOW-related crashes with baseline x86_64 CPU (w patch)
291865  s390x: Support the "Compare Double and Swap" family of instructions
292300  == 273475 (Add support for AVX instructions)
292430  unrecognized instruction in __intel_get_new_mem_ops_cpuid
292493  == 273475 (Add support for AVX instructions)
292626  Missing fcntl F_SETOWN_EX and F_GETOWN_EX support
292627  Missing support for some SCSI ioctls
292628  none/tests/x86/bug125959-x86.c triggers undefined behavior
292841  == 273475 (Add support for AVX instructions)
292993  implement the getcpu syscall on amd64-linux
292995  Implement the “cross memory attach” syscalls introduced in Linux 3.2
293088  Add some VEX sanity checks for ppc64 unhandled instructions
293751  == 290655 (Add support for AESKEYGENASSIST instruction)
293754  PCMPxSTRx not implemented for 16-bit characters
293755  == 293754 (No tests for PCMPxSTRx on 16-bit characters)
293808  CLFLUSH not supported by latest VEX for amd64
294047  valgrind does not correctly emulate prlimit64(..., RLIMIT_NOFILE, ...)
294048  MPSADBW instruction not implemented
294055  regtest none/tests/shell fails when locale is not set to C
294185  INT 0x44 (and others) not supported on x86 guest, but used by Jikes RVM
294190  --vgdb-error=xxx can be out of sync with errors shown to the user
294191  amd64: fnsave/frstor and 0x66 size prefixes on FP instructions
294260  disInstr_AMD64: disInstr miscalculated next %rip
294523  --partial-loads-ok=yes causes false negatives
294617  vex amd64->IR: 0x66 0xF 0x3A 0xDF 0xD1 0x1 0xE8 0x6A
294736  vex amd64->IR: 0x48 0xF 0xD7 0xD6 0x48 0x83
294812  patch allowing to run (on x86 at least) helgrind/drd on tool.
295089  can not annotate source for both helgrind and drd
295221  POWER Processor decimal floating point instruction support missing
295427  building for i386 with clang on darwin11 requires "-new_linker linker"
295428  coregrind/m_main.c has incorrect x86 assembly for darwin
295590  Helgrind: Assertion 'cvi->nWaiters > 0' failed
295617  ARM - Add some missing syscalls
295799  Missing \n with get_vbits in gdbserver when line is % 80 [...]
296229  Linux user input device ioctls missing wrappers
296318  ELF Debug info improvements (more than one rx/rw mapping)
296422  Add translation chaining support
296457  vex amd64->IR: 0x66 0xF 0x3A 0xDF 0xD1 0x1 0xE8 0x6A (dup of AES)
296792  valgrind 3.7.0: add SIOCSHWTSTAMP (0x89B0) ioctl wrapper
296983  Fix build issues on x86_64/ppc64 without 32-bit toolchains
297078  gdbserver signal handling problems [..]
297147  drd false positives on newly allocated memory
297329  disallow decoding of IBM Power DFP insns on some machines
297497  POWER Processor decimal floating point instruction support missing
297701  Another alias for strncasecmp_l in libc-2.13.so
297911  'invalid write' not reported when using APIs for custom mem allocators.
297976  s390x: revisit EX implementation
297991  Valgrind interferes with mmap()+ftell() 
297992  Support systems missing WIFCONTINUED (e.g. pre-2.6.10 Linux) 
297993  Fix compilation of valgrind with gcc -g3.
298080  POWER Processor DFP support missing, part 3
298227  == 273475 (Add support for AVX instructions)
298335  == 273475 (Add support for AVX instructions)
298354  Unhandled ARM Thumb instruction 0xEB0D 0x0585 (streq)
298394  s390x: Don't bail out on an unknown machine model.  [..]
298421  accept4() syscall (366) support is missing for ARM
298718  vex amd64->IR: 0xF 0xB1 0xCB 0x9C 0x8F 0x45
298732  valgrind installation problem in ubuntu with kernel version 3.x
298862  POWER Processor DFP instruction support missing, part 4
298864  DWARF reader mis-parses DW_FORM_ref_addr
298943  massif asserts with --pages-as-heap=yes when brk is changing [..]
299053  Support DWARF4 DW_AT_high_pc constant form
299104  == 273475 (Add support for AVX instructions)
299316  Helgrind: hg_main.c:628 (map_threads_lookup): Assertion 'thr' failed.
299629  dup3() syscall (358) support is missing for ARM
299694  POWER Processor DFP instruction support missing, part 5
299756  Ignore --free-fill for MEMPOOL_FREE and FREELIKE client requests
299803  == 273475 (Add support for AVX instructions)
299804  == 273475 (Add support for AVX instructions)
299805  == 273475 (Add support for AVX instructions)
300140  ARM - Missing (T1) SMMUL
300195  == 296318 (ELF Debug info improvements (more than one rx/rw mapping))
300389  Assertion `are_valid_hwcaps(VexArchAMD64, [..])' failed.
300414  FCOM and FCOMP unimplemented for amd64 guest
301204  infinite loop in canonicaliseSymtab with ifunc symbol
301229  == 203877 (increase to 16Mb maximum allowed alignment for memalign etc)
301265  add x86 support to Android build 
301984  configure script doesn't detect certain versions of clang
302205  Fix compiler warnings for POWER VEX code and POWER test cases
302287  Unhandled movbe instruction on Atom processors
302370  PPC: fnmadd, fnmsub, fnmadds, fnmsubs insns always negate the result
302536  Fix for the POWER Valgrind regression test: memcheck-ISA2.0.
302578  Unrecognized isntruction 0xc5 0x32 0xc2 0xca 0x09 vcmpngess
302656  == 273475 (Add support for AVX instructions)
302709  valgrind for ARM needs extra tls support for android emulator [..]
302827  add wrapper for CDROM_GET_CAPABILITY
302901  Valgrind crashes with dwz optimized debuginfo
302918  Enable testing of the vmaddfp and vnsubfp instructions in the testsuite
303116  Add support for the POWER instruction popcntb
303127  Power test suite fixes for frsqrte, vrefp, and vrsqrtefp instructions.
303250  Assertion `instrs_in->arr_used <= 10000' failed w/ OpenSSL code
303466  == 273475 (Add support for AVX instructions)
303624  segmentation fault on Android 4.1 (e.g. on Galaxy Nexus OMAP) 
303963  strstr() function produces wrong results under valgrind callgrind
304054  CALL_FN_xx macros need to enforce stack alignment
304561  tee system call not supported
715750  (MacOSX): Incorrect invalid-address errors near 0xFFFFxxxx (mozbug#)
n-i-bz  Add missing gdbserver xml files for shadow registers for ppc32
n-i-bz  Bypass gcc4.4/4.5 code gen bugs causing out of memory or asserts
n-i-bz  Fix assert in gdbserver for watchpoints watching the same address
n-i-bz  Fix false positive in sys_clone on amd64 when optional args [..]
n-i-bz  s390x: Shadow registers can now be examined using vgdb

(3.8.0-TEST3:  9 August 2012, vex r2465, valgrind r12865)
(3.8.0:       10 August 2012, vex r2465, valgrind r12866)



Release 3.7.0 (5 November 2011)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.7.0 is a feature release with many significant improvements and the
usual collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, S390X/Linux, ARM/Android, X86/Darwin and AMD64/Darwin.
Support for recent distros and toolchain components (glibc 2.14, gcc
4.6, MacOSX 10.7) has been added.

* ================== PLATFORM CHANGES =================

* Support for IBM z/Architecture (s390x) running Linux.  Valgrind can
  analyse 64-bit programs running on z/Architecture.  Most user space
  instructions up to and including z10 are supported.  Valgrind has
  been tested extensively on z9, z10, and z196 machines running SLES
  10/11, RedHat 5/6m, and Fedora. The Memcheck and Massif tools are
  known to work well. Callgrind, Helgrind, and DRD work reasonably
  well on z9 and later models. See README.s390 for more details.

* Preliminary support for MacOSX 10.7 and XCode 4.  Both 32- and
  64-bit processes are supported.  Some complex threaded applications
  (Firefox) are observed to hang when run as 32 bit applications,
  whereas 64-bit versions run OK.  The cause is unknown.  Memcheck
  will likely report some false errors.  In general, expect some rough
  spots.  This release also supports MacOSX 10.6, but drops support
  for 10.5.

* Preliminary support for Android (on ARM).  Valgrind can now run
  large applications (eg, Firefox) on (eg) a Samsung Nexus S.  See
  README.android for more details, plus instructions on how to get
  started.

* Support for the IBM Power ISA 2.06 (Power7 instructions)

* General correctness and performance improvements for ARM/Linux, and,
  by extension, ARM/Android.

* Further solidification of support for SSE 4.2 in 64-bit mode.  AVX
  instruction set support is under development but is not available in
  this release.

* Support for AIX5 has been removed.

* ==================== TOOL CHANGES ====================

* Memcheck: some incremental changes:

  - reduction of memory use in some circumstances

  - improved handling of freed memory, which in some circumstances 
    can cause detection of use-after-free that would previously have
    been missed

  - fix of a longstanding bug that could cause false negatives (missed
    errors) in programs doing vector saturated narrowing instructions.

* Helgrind: performance improvements and major memory use reductions,
  particularly for large, long running applications which perform many
  synchronisation (lock, unlock, etc) events.  Plus many smaller
  changes:

  - display of locksets for both threads involved in a race

  - general improvements in formatting/clarity of error messages

  - addition of facilities and documentation regarding annotation
    of thread safe reference counted C++ classes

  - new flag --check-stack-refs=no|yes [yes], to disable race checking
    on thread stacks (a performance hack)

  - new flag --free-is-write=no|yes [no], to enable detection of races
    where one thread accesses heap memory but another one frees it,
    without any coordinating synchronisation event

* DRD: enabled XML output; added support for delayed thread deletion
  in order to detect races that occur close to the end of a thread
  (--join-list-vol); fixed a memory leak triggered by repeated client
  memory allocatation and deallocation; improved Darwin support.

* exp-ptrcheck: this tool has been renamed to exp-sgcheck

* exp-sgcheck: this tool has been reduced in scope so as to improve
  performance and remove checking that Memcheck does better.
  Specifically, the ability to check for overruns for stack and global
  arrays is unchanged, but the ability to check for overruns of heap
  blocks has been removed.  The tool has accordingly been renamed to
  exp-sgcheck ("Stack and Global Array Checking").

* ==================== OTHER CHANGES ====================

* GDB server: Valgrind now has an embedded GDB server.  That means it
  is possible to control a Valgrind run from GDB, doing all the usual
  things that GDB can do (single stepping, breakpoints, examining
  data, etc).  Tool-specific functionality is also available.  For
  example, it is possible to query the definedness state of variables
  or memory from within GDB when running Memcheck; arbitrarily large
  memory watchpoints are supported, etc.  To use the GDB server, start
  Valgrind with the flag --vgdb-error=0 and follow the on-screen
  instructions.

* Improved support for unfriendly self-modifying code: a new option
  --smc-check=all-non-file is available.  This adds the relevant
  consistency checks only to code that originates in non-file-backed
  mappings.  In effect this confines the consistency checking only to
  code that is or might be JIT generated, and avoids checks on code
  that must have been compiled ahead of time.  This significantly
  improves performance on applications that generate code at run time.

* It is now possible to build a working Valgrind using Clang-2.9 on
  Linux.

* new client requests VALGRIND_{DISABLE,ENABLE}_ERROR_REPORTING.
  These enable and disable error reporting on a per-thread, and
  nestable, basis.  This is useful for hiding errors in particularly
  troublesome pieces of code.  The MPI wrapper library (libmpiwrap.c)
  now uses this facility.

* Added the --mod-funcname option to cg_diff.

* ==================== FIXED BUGS ====================

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

210935  port valgrind.h (not valgrind) to win32 to support client requests
214223  valgrind SIGSEGV on startup gcc 4.4.1 ppc32 (G4) Ubuntu 9.10
243404  Port to zSeries
243935  Helgrind: incorrect handling of ANNOTATE_HAPPENS_BEFORE()/AFTER()
247223  non-x86: Suppress warning: 'regparm' attribute directive ignored
250101  huge "free" memory usage due to m_mallocfree.c fragmentation
253206  Some fixes for the faultstatus testcase
255223  capget testcase fails when running as root
256703  xlc_dbl_u32.c testcase broken
256726  Helgrind tests have broken inline asm 
259977  == 214223 (Valgrind segfaults doing __builtin_longjmp)
264800  testcase compile failure on zseries
265762  make public VEX headers compilable by G++ 3.x
265771  assertion in jumps.c (r11523) fails with glibc-2.3
266753  configure script does not give the user the option to not use QtCore
266931  gen_insn_test.pl is broken
266961  ld-linux.so.2 i?86-linux strlen issues
266990  setns instruction causes false positive
267020  Make directory for temporary files configurable at run-time.
267342  == 267997 (segmentation fault on Mac OS 10.6)
267383  Assertion 'vgPlain_strlen(dir) + vgPlain_strlen(file) + 1 < 256' failed
267413  Assertion 'DRD_(g_threadinfo)[tid].synchr_nesting >= 1' failed.
267488  regtest: darwin support for 64-bit build
267552  SIGSEGV (misaligned_stack_error) with DRD, but not with other tools
267630  Add support for IBM Power ISA 2.06 -- stage 1
267769  == 267997 (Darwin: memcheck triggers segmentation fault)
267819  Add client request for informing the core about reallocation
267925  laog data structure quadratic for a single sequence of lock
267968  drd: (vgDrd_thread_set_joinable): Assertion '0 <= (int)tid ..' failed
267997  MacOSX: 64-bit V segfaults on launch when built with Xcode 4.0.1
268513  missed optimizations in fold_Expr
268619  s390x: fpr - gpr transfer facility 
268620  s390x: reconsider "long displacement" requirement 
268621  s390x: improve IR generation for XC
268715  s390x: FLOGR is not universally available
268792  == 267997 (valgrind seg faults on startup when compiled with Xcode 4)
268930  s390x: MHY is not universally available
269078  arm->IR: unhandled instruction SUB (SP minus immediate/register) 
269079  Support ptrace system call on ARM
269144  missing "Bad option" error message
269209  conditional load and store facility (z196)
269354  Shift by zero on x86 can incorrectly clobber CC_NDEP
269641  == 267997 (valgrind segfaults immediately (segmentation fault))
269736  s390x: minor code generation tweaks
269778  == 272986 (valgrind.h: swap roles of VALGRIND_DO_CLIENT_REQUEST() ..)
269863  s390x: remove unused function parameters
269864  s390x: tweak s390_emit_load_cc 
269884  == 250101 (overhead for huge blocks exhausts space too soon)
270082  s390x: Make sure to point the PSW address to the next address on SIGILL
270115  s390x: rewrite some testcases
270309  == 267997 (valgrind crash on startup)
270320  add support for Linux FIOQSIZE ioctl() call
270326  segfault while trying to sanitize the environment passed to execle
270794  IBM POWER7 support patch causes regression in none/tests
270851  IBM POWER7 fcfidus instruction causes memcheck to fail
270856  IBM POWER7 xsnmaddadp instruction causes memcheck to fail on 32bit app 
270925  hyper-optimized strspn() in /lib64/libc-2.13.so needs fix
270959  s390x: invalid use of R0 as base register
271042  VSX configure check fails when it should not 
271043  Valgrind build fails with assembler error on ppc64 with binutils 2.21 
271259  s390x: fix code confusion 
271337  == 267997 (Valgrind segfaults on MacOS X)
271385  s390x: Implement Ist_MBE 
271501  s390x: misc cleanups 
271504  s390x: promote likely and unlikely 
271579  ppc: using wrong enum type 
271615  unhandled instruction "popcnt" (arch=amd10h) 
271730  Fix bug when checking ioctls: duplicate check 
271776  s390x: provide STFLE instruction support 
271779  s390x: provide clock instructions like STCK 
271799  Darwin: ioctls without an arg report a memory error 
271820  arm: fix type confusion 
271917  pthread_cond_timedwait failure leads to not-locked false positive 
272067  s390x: fix DISP20 macro 
272615  A typo in debug output in mc_leakcheck.c
272661  callgrind_annotate chokes when run from paths containing regex chars
272893  amd64->IR: 0x66 0xF 0x38 0x2B 0xC1 0x66 0xF 0x7F == (closed as dup)
272955  Unhandled syscall error for pwrite64 on ppc64 arch 
272967  make documentation build-system more robust 
272986  Fix gcc-4.6 warnings with valgrind.h
273318  amd64->IR: 0x66 0xF 0x3A 0x61 0xC1 0x38 (missing PCMPxSTRx case)
273318  unhandled PCMPxSTRx case: vex amd64->IR: 0x66 0xF 0x3A 0x61 0xC1 0x38 
273431  valgrind segfaults in evalCfiExpr (debuginfo.c:2039)
273465  Callgrind: jumps.c:164 (new_jcc): Assertion '(0 <= jmp) && ...'
273536  Build error: multiple definition of `vgDrd_pthread_cond_initializer'
273640  ppc64-linux: unhandled syscalls setresuid(164) and setresgid(169)
273729  == 283000 (Illegal opcode for SSE2 "roundsd" instruction)
273778  exp-ptrcheck: unhandled sysno == 259
274089  exp-ptrcheck: unhandled sysno == 208
274378  s390x: Various dispatcher tweaks
274447  WARNING: unhandled syscall: 340
274776  amd64->IR: 0x66 0xF 0x38 0x2B 0xC5 0x66
274784  == 267997 (valgrind ls -l results in Segmentation Fault)
274926  valgrind does not build against linux-3
275148  configure FAIL with glibc-2.14
275151  Fedora 15 / glibc-2.14 'make regtest' FAIL
275168  Make Valgrind work for MacOSX 10.7 Lion
275212  == 275284 (lots of false positives from __memcpy_ssse3_back et al)
275278  valgrind does not build on Linux kernel 3.0.* due to silly
275284  Valgrind memcpy/memmove redirection stopped working in glibc 2.14/x86_64
275308  Fix implementation for ppc64 fres instruc
275339  s390x: fix testcase compile warnings
275517  s390x: Provide support for CKSM instruction
275710  s390x: get rid of redundant address mode calculation
275815  == 247894 (Valgrind doesn't know about Linux readahead(2) syscall)
275852  == 250101 (valgrind uses all swap space and is killed)
276784  Add support for IBM Power ISA 2.06 -- stage 3
276987  gdbsrv: fix tests following recent commits
277045  Valgrind crashes with  unhandled DW_OP_ opcode 0x2a
277199  The test_isa_2_06_part1.c in none/tests/ppc64 should be a symlink
277471  Unhandled syscall: 340
277610  valgrind crashes in VG_(lseek)(core_fd, phdrs[idx].p_offset, ...)
277653  ARM: support Thumb2 PLD instruction
277663  ARM: NEON float VMUL by scalar incorrect
277689  ARM: tests for VSTn with register post-index are broken
277694  ARM: BLX LR instruction broken in ARM mode
277780  ARM: VMOV.F32 (immediate) instruction is broken
278057  fuse filesystem syscall deadlocks
278078  Unimplemented syscall 280 on ppc32
278349  F_GETPIPE_SZ and  F_SETPIPE_SZ Linux fcntl commands
278454  VALGRIND_STACK_DEREGISTER has wrong output type
278502  == 275284 (Valgrind confuses memcpy() and memmove())
278892  gdbsrv: factorize gdb version handling, fix doc and typos
279027  Support for MVCL and CLCL instruction
279027  s390x: Provide support for CLCL and MVCL instructions
279062  Remove a redundant check in the insn selector for ppc.
279071  JDK creates PTEST with redundant REX.W prefix
279212  gdbsrv: add monitor cmd v.info scheduler.
279378  exp-ptrcheck: the 'impossible' happened on mkfifo call
279698  memcheck discards valid-bits for packuswb
279795  memcheck reports uninitialised values for mincore on amd64
279994  Add support for IBM Power ISA 2.06 -- stage 3
280083  mempolicy syscall check errors
280290  vex amd64->IR: 0x66 0xF 0x38 0x28 0xC1 0x66 0xF 0x6F
280710  s390x: config files for nightly builds
280757  /tmp dir still used by valgrind even if TMPDIR is specified
280965  Valgrind breaks fcntl locks when program does mmap
281138  WARNING: unhandled syscall: 340
281241  == 275168 (valgrind useless on Macos 10.7.1 Lion)
281304  == 275168 (Darwin: dyld "cannot load inserted library")
281305  == 275168 (unhandled syscall: unix:357 on Darwin 11.1)
281468  s390x: handle do_clone and gcc clones in call traces
281488  ARM: VFP register corruption
281828  == 275284 (false memmove warning: "Source and destination overlap")
281883  s390x: Fix system call wrapper for "clone".
282105  generalise 'reclaimSuperBlock' to also reclaim splittable superblock
282112  Unhandled instruction bytes: 0xDE 0xD9 0x9B 0xDF (fcompp)
282238  SLES10: make check fails
282979  strcasestr needs replacement with recent(>=2.12) glibc
283000  vex amd64->IR: 0x66 0xF 0x3A 0xA 0xC0 0x9 0xF3 0xF
283243  Regression in ppc64 memcheck tests
283325  == 267997 (Darwin: V segfaults on startup when built with Xcode 4.0)
283427  re-connect epoll_pwait syscall on ARM linux
283600  gdbsrv: android: port vgdb.c
283709  none/tests/faultstatus needs to account for page size
284305  filter_gdb needs enhancement to work on ppc64
284384  clang 3.1 -Wunused-value warnings in valgrind.h, memcheck.h
284472  Thumb2 ROR.W encoding T2 not implemented
284621  XML-escape process command line in XML output
n-i-bz  cachegrind/callgrind: handle CPUID information for Core iX Intel CPUs
        that have non-power-of-2 sizes (also AMDs)
n-i-bz  don't be spooked by libraries mashed by elfhack
n-i-bz  don't be spooked by libxul.so linked with gold
n-i-bz  improved checking for VALGRIND_CHECK_MEM_IS_DEFINED

(3.7.0-TEST1: 27  October 2011, vex r2228, valgrind r12245)
(3.7.0.RC1:    1 November 2011, vex r2231, valgrind r12257)
(3.7.0:        5 November 2011, vex r2231, valgrind r12258)



Release 3.6.1 (16 February 2011)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.6.1 is a bug fix release.  It adds support for some SSE4
instructions that were omitted in 3.6.0 due to lack of time.  Initial
support for glibc-2.13 has been added.  A number of bugs causing
crashing or assertion failures have been fixed.

The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

188572  Valgrind on Mac should suppress setenv() mem leak
194402  vex amd64->IR: 0x48 0xF 0xAE 0x4 (proper FX{SAVE,RSTOR} support)
210481  vex amd64->IR: Assertion `sz == 2 || sz == 4' failed (REX.W POPQ)
246152  callgrind internal error after pthread_cancel on 32 Bit Linux
250038  ppc64: Altivec LVSR and LVSL instructions fail their regtest
254420  memory pool tracking broken 
254957  Test code failing to compile due to changes in memcheck.h
255009  helgrind/drd: crash on chmod with invalid parameter
255130  readdwarf3.c parse_type_DIE confused by GNAT Ada types
255355  helgrind/drd: crash on threaded programs doing fork
255358  == 255355
255418  (SSE4.x) rint call compiled with ICC
255822  --gen-suppressions can create invalid files: "too many callers [...]"
255888  closing valgrindoutput tag outputted to log-stream on error
255963  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0x9 0xDB 0x0 (ROUNDPD)
255966  Slowness when using mempool annotations
256387  vex x86->IR: 0xD4 0xA 0x2 0x7 (AAD and AAM)
256600  super-optimized strcasecmp() false positive
256669  vex amd64->IR: Unhandled LOOPNEL insn on amd64
256968  (SSE4.x) vex amd64->IR: 0x66 0xF 0x38 0x10 0xD3 0x66 (BLENDVPx)
257011  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0xE 0xFD 0xA0 (PBLENDW)
257063  (SSE4.x) vex amd64->IR: 0x66 0xF 0x3A 0x8 0xC0 0x0 (ROUNDPS)
257276  Missing case in memcheck --track-origins=yes
258870  (SSE4.x) Add support for EXTRACTPS SSE 4.1 instruction
261966  (SSE4.x) support for CRC32B and CRC32Q is lacking (also CRC32{W,L})
262985  VEX regression in valgrind 3.6.0 in handling PowerPC VMX
262995  (SSE4.x) crash when trying to valgrind gcc-snapshot (PCMPxSTRx $0)
263099  callgrind_annotate counts Ir improperly [...]
263877  undefined coprocessor instruction on ARMv7
265964  configure FAIL with glibc-2.13
n-i-bz  Fix compile error w/ icc-12.x in guest_arm_toIR.c
n-i-bz  Docs: fix bogus descriptions for VALGRIND_CREATE_BLOCK et al
n-i-bz  Massif: don't assert on shmat() with --pages-as-heap=yes
n-i-bz  Bug fixes and major speedups for the exp-DHAT space profiler
n-i-bz  DRD: disable --free-is-write due to implementation difficulties

(3.6.1: 16 February 2011, vex r2103, valgrind r11561).



Release 3.6.0 (21 October 2010)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.6.0 is a feature release with many significant improvements and the
usual collection of bug fixes.

This release supports X86/Linux, AMD64/Linux, ARM/Linux, PPC32/Linux,
PPC64/Linux, X86/Darwin and AMD64/Darwin.  Support for recent distros
and toolchain components (glibc 2.12, gcc 4.5, OSX 10.6) has been added.

                    -------------------------

Here are some highlights.  Details are shown further down:

* Support for ARM/Linux.

* Support for recent Linux distros: Ubuntu 10.10 and Fedora 14.

* Support for Mac OS X 10.6, both 32- and 64-bit executables.

* Support for the SSE4.2 instruction set.

* Enhancements to the Callgrind profiler, including the ability to
  handle CPUs with three levels of cache.

* A new experimental heap profiler, DHAT.

* A huge number of bug fixes and small enhancements.

                    -------------------------

Here are details of the above changes, together with descriptions of
many other changes, and a list of fixed bugs.

* ================== PLATFORM CHANGES =================

* Support for ARM/Linux.  Valgrind now runs on ARMv7 capable CPUs
  running Linux.  It is known to work on Ubuntu 10.04, Ubuntu 10.10,
  and Maemo 5, so you can run Valgrind on your Nokia N900 if you want.

  This requires a CPU capable of running the ARMv7-A instruction set
  (Cortex A5, A8 and A9).  Valgrind provides fairly complete coverage
  of the user space instruction set, including ARM and Thumb integer
  code, VFPv3, NEON and V6 media instructions.  The Memcheck,
  Cachegrind and Massif tools work properly; other tools work to
  varying degrees.

* Support for recent Linux distros (Ubuntu 10.10 and Fedora 14), along
  with support for recent releases of the underlying toolchain
  components, notably gcc-4.5 and glibc-2.12.

* Support for Mac OS X 10.6, both 32- and 64-bit executables.  64-bit
  support also works much better on OS X 10.5, and is as solid as
  32-bit support now.

* Support for the SSE4.2 instruction set.  SSE4.2 is supported in
  64-bit mode.  In 32-bit mode, support is only available up to and
  including SSSE3.  Some exceptions: SSE4.2 AES instructions are not
  supported in 64-bit mode, and 32-bit mode does in fact support the
  bare minimum SSE4 instructions to needed to run programs on Mac OS X
  10.6 on 32-bit targets.

* Support for IBM POWER6 cpus has been improved.  The Power ISA up to
  and including version 2.05 is supported.

* ==================== TOOL CHANGES ====================

* Cachegrind has a new processing script, cg_diff, which finds the
  difference between two profiles.  It's very useful for evaluating
  the performance effects of a change in a program.
  
  Related to this change, the meaning of cg_annotate's (rarely-used)
  --threshold option has changed; this is unlikely to affect many
  people, if you do use it please see the user manual for details.

* Callgrind now can do branch prediction simulation, similar to
  Cachegrind.  In addition, it optionally can count the number of
  executed global bus events.  Both can be used for a better
  approximation of a "Cycle Estimation" as derived event (you need to
  update the event formula in KCachegrind yourself).

* Cachegrind and Callgrind now refer to the LL (last-level) cache
  rather than the L2 cache.  This is to accommodate machines with
  three levels of caches -- if Cachegrind/Callgrind auto-detects the
  cache configuration of such a machine it will run the simulation as
  if the L2 cache isn't present.  This means the results are less
  likely to match the true result for the machine, but
  Cachegrind/Callgrind's results are already only approximate, and
  should not be considered authoritative.  The results are still
  useful for giving a general idea about a program's locality.

* Massif has a new option, --pages-as-heap, which is disabled by
  default.  When enabled, instead of tracking allocations at the level
  of heap blocks (as allocated with malloc/new/new[]), it instead
  tracks memory allocations at the level of memory pages (as mapped by
  mmap, brk, etc).  Each mapped page is treated as its own block.
  Interpreting the page-level output is harder than the heap-level
  output, but this option is useful if you want to account for every
  byte of memory used by a program.

* DRD has two new command-line options: --free-is-write and
  --trace-alloc.  The former allows to detect reading from already freed
  memory, and the latter allows tracing of all memory allocations and
  deallocations.

* DRD has several new annotations.  Custom barrier implementations can
  now be annotated, as well as benign races on static variables.

* DRD's happens before / happens after annotations have been made more
  powerful, so that they can now also be used to annotate e.g. a smart
  pointer implementation.

* Helgrind's annotation set has also been drastically improved, so as
  to provide to users a general set of annotations to describe locks,
  semaphores, barriers and condition variables.  Annotations to
  describe thread-safe reference counted heap objects have also been
  added.

* Memcheck has a new command-line option, --show-possibly-lost, which
  is enabled by default.  When disabled, the leak detector will not
  show possibly-lost blocks.

* A new experimental heap profiler, DHAT (Dynamic Heap Analysis Tool),
  has been added.  DHAT keeps track of allocated heap blocks, and also
  inspects every memory reference to see which block (if any) is being
  accessed.  This gives a lot of insight into block lifetimes,
  utilisation, turnover, liveness, and the location of hot and cold
  fields.  You can use DHAT to do hot-field profiling.

* ==================== OTHER CHANGES ====================

* Improved support for unfriendly self-modifying code: the extra
  overhead incurred by --smc-check=all has been reduced by
  approximately a factor of 5 as compared with 3.5.0.

* Ability to show directory names for source files in error messages.
  This is combined with a flexible mechanism for specifying which
  parts of the paths should be shown.  This is enabled by the new flag
  --fullpath-after.

* A new flag, --require-text-symbol, which will stop the run if a
  specified symbol is not found it a given shared object when it is
  loaded into the process.  This makes advanced working with function
  intercepting and wrapping safer and more reliable.

* Improved support for the Valkyrie GUI, version 2.0.0.  GUI output
  and control of Valgrind is now available for the tools Memcheck and
  Helgrind.  XML output from Valgrind is available for Memcheck,
  Helgrind and exp-Ptrcheck.

* More reliable stack unwinding on amd64-linux, particularly in the
  presence of function wrappers, and with gcc-4.5 compiled code.

* Modest scalability (performance improvements) for massive
  long-running applications, particularly for those with huge amounts
  of code.

* Support for analyzing programs running under Wine with has been
  improved.  The header files <valgrind/valgrind.h>,
  <valgrind/memcheck.h> and <valgrind/drd.h> can now be used in
  Windows-programs compiled with MinGW or one of the Microsoft Visual
  Studio compilers.

* A rare but serious error in the 64-bit x86 CPU simulation was fixed.
  The 32-bit simulator was not affected.  This did not occur often,
  but when it did would usually crash the program under test.
  Bug 245925.

* A large number of bugs were fixed.  These are shown below.

* A number of bugs were investigated, and were candidates for fixing,
  but are not fixed in 3.6.0, due to lack of developer time.  They may
  get fixed in later releases.  They are:

  194402  vex amd64->IR: 0x48 0xF 0xAE 0x4 0x24 0x49  (FXSAVE64)
  212419  false positive "lock order violated" (A+B vs A) 
  213685  Undefined value propagates past dependency breaking instruction
  216837  Incorrect instrumentation of NSOperationQueue on Darwin 
  237920  valgrind segfault on fork failure 
  242137  support for code compiled by LLVM-2.8
  242423  Another unknown Intel cache config value 
  243232  Inconsistent Lock Orderings report with trylock 
  243483  ppc: callgrind triggers VEX assertion failure 
  243935  Helgrind: implementation of ANNOTATE_HAPPENS_BEFORE() is wrong
  244677  Helgrind crash hg_main.c:616 (map_threads_lookup): Assertion
          'thr' failed. 
  246152  callgrind internal error after pthread_cancel on 32 Bit Linux 
  249435  Analyzing wine programs with callgrind triggers a crash 
  250038  ppc64: Altivec lvsr and lvsl instructions fail their regtest
  250065  Handling large allocations 
  250101  huge "free" memory usage due to m_mallocfree.c
          "superblocks fragmentation"
  251569  vex amd64->IR: 0xF 0x1 0xF9 0x8B 0x4C 0x24 (RDTSCP)
  252091  Callgrind on ARM does not detect function returns correctly
  252600  [PATCH] Allow lhs to be a pointer for shl/shr
  254420  memory pool tracking broken
  n-i-bz  support for adding symbols for JIT generated code


The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

135264  dcbzl instruction missing
142688  == 250799
153699  Valgrind should report unaligned reads with movdqa
180217  == 212335
190429  Valgrind reports lost of errors in ld.so
        with x86_64 2.9.90 glibc 
197266  valgrind appears to choke on the xmms instruction
        "roundsd" on x86_64 
197988  Crash when demangling very large symbol names
202315  unhandled syscall: 332 (inotify_init1)
203256  Add page-level profiling to Massif
205093  dsymutil=yes needs quotes, locking (partial fix)
205241  Snow Leopard 10.6 support (partial fix)
206600  Leak checker fails to upgrade indirect blocks when their
        parent becomes reachable 
210935  port valgrind.h (not valgrind) to win32 so apps run under
        wine can make client requests
211410  vex amd64->IR: 0x15 0xFF 0xFF 0x0 0x0 0x89
        within Linux ip-stack checksum functions 
212335  unhandled instruction bytes: 0xF3 0xF 0xBD 0xC0
        (lzcnt %eax,%eax) 
213685  Undefined value propagates past dependency breaking instruction
        (partial fix)
215914  Valgrind inserts bogus empty environment variable 
217863  == 197988
219538  adjtimex syscall wrapper wrong in readonly adjtime mode 
222545  shmat fails under valgind on some arm targets 
222560  ARM NEON support 
230407  == 202315
231076  == 202315
232509  Docs build fails with formatting inside <title></title> elements 
232793  == 202315
235642  [PATCH] syswrap-linux.c: support evdev EVIOCG* ioctls 
236546  vex x86->IR: 0x66 0xF 0x3A 0xA
237202  vex amd64->IR: 0xF3 0xF 0xB8 0xC0 0x49 0x3B 
237371  better support for VALGRIND_MALLOCLIKE_BLOCK 
237485  symlink (syscall 57) is not supported on Mac OS 
237723  sysno == 101 exp-ptrcheck: the 'impossible' happened:
        unhandled syscall 
238208  is_just_below_ESP doesn't take into account red-zone 
238345  valgrind passes wrong $0 when executing a shell script 
238679  mq_timedreceive syscall doesn't flag the reception buffer
        as "defined"
238696  fcntl command F_DUPFD_CLOEXEC not supported 
238713  unhandled instruction bytes: 0x66 0xF 0x29 0xC6 
238713  unhandled instruction bytes: 0x66 0xF 0x29 0xC6 
238745  3.5.0 Make fails on PPC Altivec opcodes, though configure
        says "Altivec off"
239992  vex amd64->IR: 0x48 0xF 0xC4 0xC1 0x0 0x48 
240488  == 197988
240639  == 212335
241377  == 236546
241903  == 202315
241920  == 212335
242606  unhandled syscall: setegid (in Ptrcheck)
242814  Helgrind "Impossible has happened" during
        QApplication::initInstance(); 
243064  Valgrind attempting to read debug information from iso 
243270  Make stack unwinding in Valgrind wrappers more reliable
243884  exp-ptrcheck: the 'impossible happened: unhandled syscall 
        sysno = 277 (mq_open)
244009  exp-ptrcheck unknown syscalls in analyzing lighttpd
244493  ARM VFP d16-d31 registers support 
244670  add support for audit_session_self syscall on Mac OS 10.6
244921  The xml report of helgrind tool is not well format
244923  In the xml report file, the <preamble> not escape the 
        xml char, eg '<','&','>'
245535  print full path names in plain text reports 
245925  x86-64 red zone handling problem 
246258  Valgrind not catching integer underruns + new [] s
246311  reg/reg cmpxchg doesn't work on amd64
246549  unhandled syscall unix:277 while testing 32-bit Darwin app 
246888  Improve Makefile.vex.am 
247510  [OS X 10.6] Memcheck reports unaddressable bytes passed 
        to [f]chmod_extended
247526  IBM POWER6 (ISA 2.05) support is incomplete
247561  Some leak testcases fails due to reachable addresses in
        caller save regs
247875  sizeofIRType to handle Ity_I128 
247894  [PATCH] unhandled syscall sys_readahead 
247980  Doesn't honor CFLAGS passed to configure 
248373  darwin10.supp is empty in the trunk 
248822  Linux FIBMAP ioctl has int parameter instead of long
248893  [PATCH] make readdwarf.c big endianess safe to enable
        unwinding on big endian systems
249224  Syscall 336 not supported (SYS_proc_info) 
249359  == 245535
249775  Incorrect scheme for detecting NEON capabilities of host CPU
249943  jni JVM init fails when using valgrind
249991  Valgrind incorrectly declares AESKEYGENASSIST support
        since VEX r2011
249996  linux/arm: unhandled syscall: 181 (__NR_pwrite64)
250799  frexp$fenv_access_off function generates SIGILL 
250998  vex x86->IR: unhandled instruction bytes: 0x66 0x66 0x66 0x2E 
251251  support pclmulqdq insn 
251362  valgrind: ARM: attach to debugger either fails or provokes
        kernel oops 
251674  Unhandled syscall 294
251818  == 254550

254257  Add support for debugfiles found by build-id
254550  [PATCH] Implement DW_ATE_UTF (DWARF4)
254646  Wrapped functions cause stack misalignment on OS X
        (and possibly Linux)
254556  ARM: valgrinding anything fails with SIGSEGV for 0xFFFF0FA0

(3.6.0: 21 October 2010, vex r2068, valgrind r11471).



Release 3.5.0 (19 August 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.5.0 is a feature release with many significant improvements and the
usual collection of bug fixes.  The main improvement is that Valgrind
now works on Mac OS X.

This release supports X86/Linux, AMD64/Linux, PPC32/Linux, PPC64/Linux
and X86/Darwin.  Support for recent distros and toolchain components
(glibc 2.10, gcc 4.5) has been added.

                    -------------------------

Here is a short summary of the changes.  Details are shown further
down:

* Support for Mac OS X (10.5.x).

* Improvements and simplifications to Memcheck's leak checker.

* Clarification and simplifications in various aspects of Valgrind's
  text output.

* XML output for Helgrind and Ptrcheck.

* Performance and stability improvements for Helgrind and DRD.

* Genuinely atomic support for x86/amd64/ppc atomic instructions.

* A new experimental tool, BBV, useful for computer architecture
  research.

* Improved Wine support, including ability to read Windows PDB
  debuginfo.

                    -------------------------

Here are details of the above changes, followed by descriptions of
many other minor changes, and a list of fixed bugs.


* Valgrind now runs on Mac OS X.  (Note that Mac OS X is sometimes
  called "Darwin" because that is the name of the OS core, which is the
  level that Valgrind works at.)

  Supported systems:

  - It requires OS 10.5.x (Leopard).  Porting to 10.4.x is not planned
    because it would require work and 10.4 is only becoming less common.

  - 32-bit programs on x86 and AMD64 (a.k.a x86-64) machines are supported
    fairly well.  For 10.5.x, 32-bit programs are the default even on
    64-bit machines, so it handles most current programs.
    
  - 64-bit programs on x86 and AMD64 (a.k.a x86-64) machines are not
    officially supported, but simple programs at least will probably work.
    However, start-up is slow.

  - PowerPC machines are not supported.

  Things that don't work:

  - The Ptrcheck tool.

  - Objective-C garbage collection.

  - --db-attach=yes.

  - If you have Rogue Amoeba's "Instant Hijack" program installed,
    Valgrind will fail with a SIGTRAP at start-up.  See
    https://bugs.kde.org/show_bug.cgi?id=193917 for details and a
    simple work-around.

  Usage notes:

  - You will likely find --dsymutil=yes a useful option, as error
    messages may be imprecise without it.

  - Mac OS X support is new and therefore will be less robust than the
    Linux support.  Please report any bugs you find.

  - Threaded programs may run more slowly than on Linux.

  Many thanks to Greg Parker for developing this port over several years.


* Memcheck's leak checker has been improved.  

  - The results for --leak-check=summary now match the summary results
    for --leak-check=full.  Previously they could differ because
    --leak-check=summary counted "indirectly lost" blocks and
    "suppressed" blocks as "definitely lost".

  - Blocks that are only reachable via at least one interior-pointer,
    but are directly pointed to by a start-pointer, were previously
    marked as "still reachable".  They are now correctly marked as
    "possibly lost".

  - The default value for the --leak-resolution option has been
    changed from "low" to "high".  In general, this means that more
    leak reports will be produced, but each leak report will describe
    fewer leaked blocks.

  - With --leak-check=full, "definitely lost" and "possibly lost"
    leaks are now considered as proper errors, ie. they are counted
    for the "ERROR SUMMARY" and affect the behaviour of
    --error-exitcode.  These leaks are not counted as errors if
    --leak-check=summary is specified, however.

  - Documentation for the leak checker has been improved.


* Various aspects of Valgrind's text output have changed.

  - Valgrind's start-up message has changed.  It is shorter but also
    includes the command being run, which makes it easier to use
    --trace-children=yes.  An example:

  - Valgrind's shut-down messages have also changed.  This is most
    noticeable with Memcheck, where the leak summary now occurs before
    the error summary.  This change was necessary to allow leaks to be
    counted as proper errors (see the description of the leak checker
    changes above for more details).  This was also necessary to fix a
    longstanding bug in which uses of suppressions against leaks were
    not "counted", leading to difficulties in maintaining suppression
    files (see https://bugs.kde.org/show_bug.cgi?id=186790).

  - Behavior of -v has changed.  In previous versions, -v printed out
    a mixture of marginally-user-useful information, and tool/core
    statistics.  The statistics printing has now been moved to its own
    flag, --stats=yes.  This means -v is less verbose and more likely
    to convey useful end-user information.

  - The format of some (non-XML) stack trace entries has changed a
    little.  Previously there were six possible forms:

      0x80483BF: really (a.c:20)
      0x80483BF: really (in /foo/a.out)
      0x80483BF: really
      0x80483BF: (within /foo/a.out)
      0x80483BF: ??? (a.c:20)
      0x80483BF: ???

    The third and fourth of these forms have been made more consistent
    with the others.  The six possible forms are now:
  
      0x80483BF: really (a.c:20)
      0x80483BF: really (in /foo/a.out)
      0x80483BF: really (in ???)
      0x80483BF: ??? (in /foo/a.out)
      0x80483BF: ??? (a.c:20)
      0x80483BF: ???

    Stack traces produced when --xml=yes is specified are different
    and unchanged.


* Helgrind and Ptrcheck now support XML output, so they can be used
  from GUI tools.  Also, the XML output mechanism has been
  overhauled.

  - The XML format has been overhauled and generalised, so it is more
    suitable for error reporting tools in general.  The Memcheck
    specific aspects of it have been removed.  The new format, which
    is an evolution of the old format, is described in
    docs/internals/xml-output-protocol4.txt.

  - Memcheck has been updated to use the new format.

  - Helgrind and Ptrcheck are now able to emit output in this format.

  - The XML output mechanism has been overhauled.  XML is now output
    to its own file descriptor, which means that:

    * Valgrind can output text and XML independently.

    * The longstanding problem of XML output being corrupted by 
      unexpected un-tagged text messages  is solved.

    As before, the destination for text output is specified using
    --log-file=, --log-fd= or --log-socket=.

    As before, XML output for a tool is enabled using --xml=yes.

    Because there's a new XML output channel, the XML output
    destination is now specified by --xml-file=, --xml-fd= or
    --xml-socket=.

    Initial feedback has shown this causes some confusion.  To
    clarify, the two envisaged usage scenarios are:

    (1) Normal text output.  In this case, do not specify --xml=yes
        nor any of --xml-file=, --xml-fd= or --xml-socket=.

    (2) XML output.  In this case, specify --xml=yes, and one of
        --xml-file=, --xml-fd= or --xml-socket= to select the XML
        destination, one of --log-file=, --log-fd= or --log-socket=
        to select the destination for any remaining text messages,
        and, importantly, -q.

        -q makes Valgrind completely silent on the text channel,
        except in the case of critical failures, such as Valgrind
        itself segfaulting, or failing to read debugging information.
        Hence, in this scenario, it suffices to check whether or not
        any output appeared on the text channel.  If yes, then it is
        likely to be a critical error which should be brought to the
        attention of the user.  If no (the text channel produced no
        output) then it can be assumed that the run was successful.

        This allows GUIs to make the critical distinction they need to
        make (did the run fail or not?) without having to search or
        filter the text output channel in any way.

    It is also recommended to use --child-silent-after-fork=yes in
    scenario (2).


* Improvements and changes in Helgrind:

  - XML output, as described above

  - Checks for consistent association between pthread condition
    variables and their associated mutexes are now performed.

  - pthread_spinlock functions are supported.

  - Modest performance improvements.

  - Initial (skeletal) support for describing the behaviour of
    non-POSIX synchronisation objects through ThreadSanitizer
    compatible ANNOTATE_* macros.

  - More controllable tradeoffs between performance and the level of
    detail of "previous" accesses in a race.  There are now three
    settings:

    * --history-level=full.  This is the default, and was also the
      default in 3.4.x.  It shows both stacks involved in a race, but
      requires a lot of memory and can be very slow in programs that
      do many inter-thread synchronisation events.

    * --history-level=none.  This only shows the later stack involved
      in a race.  This can be much faster than --history-level=full,
      but makes it much more difficult to find the other access
      involved in the race.

    The new intermediate setting is

    * --history-level=approx

      For the earlier (other) access, two stacks are presented.  The
      earlier access is guaranteed to be somewhere in between the two
      program points denoted by those stacks.  This is not as useful
      as showing the exact stack for the previous access (as per
      --history-level=full), but it is better than nothing, and it's
      almost as fast as --history-level=none.


* New features and improvements in DRD:

  - The error messages printed by DRD are now easier to interpret.
    Instead of using two different numbers to identify each thread
    (Valgrind thread ID and DRD thread ID), DRD does now identify
    threads via a single number (the DRD thread ID).  Furthermore
    "first observed at" information is now printed for all error
    messages related to synchronization objects.

  - Added support for named semaphores (sem_open() and sem_close()).

  - Race conditions between pthread_barrier_wait() and
    pthread_barrier_destroy() calls are now reported.

  - Added support for custom allocators through the macros
    VALGRIND_MALLOCLIKE_BLOCK() VALGRIND_FREELIKE_BLOCK() (defined in
    in <valgrind/valgrind.h>). An alternative for these two macros is
    the new client request VG_USERREQ__DRD_CLEAN_MEMORY (defined in
    <valgrind/drd.h>).

  - Added support for annotating non-POSIX synchronization objects
    through several new ANNOTATE_*() macros.

  - OpenMP: added support for the OpenMP runtime (libgomp) included
    with gcc versions 4.3.0 and 4.4.0.

  - Faster operation.

  - Added two new command-line options (--first-race-only and
    --segment-merging-interval).


* Genuinely atomic support for x86/amd64/ppc atomic instructions

  Valgrind will now preserve (memory-access) atomicity of LOCK-
  prefixed x86/amd64 instructions, and any others implying a global
  bus lock.  Ditto for PowerPC l{w,d}arx/st{w,d}cx. instructions.

  This means that Valgrinded processes will "play nicely" in
  situations where communication with other processes, or the kernel,
  is done through shared memory and coordinated with such atomic
  instructions.  Prior to this change, such arrangements usually
  resulted in hangs, races or other synchronisation failures, because
  Valgrind did not honour atomicity of such instructions.


* A new experimental tool, BBV, has been added.  BBV generates basic
  block vectors for use with the SimPoint analysis tool, which allows
  a program's overall behaviour to be approximated by running only a
  fraction of it.  This is useful for computer architecture
  researchers.  You can run BBV by specifying --tool=exp-bbv (the
  "exp-" prefix is short for "experimental").  BBV was written by
  Vince Weaver.


* Modestly improved support for running Windows applications under
  Wine.  In particular, initial support for reading Windows .PDB debug
  information has been added.


* A new Memcheck client request VALGRIND_COUNT_LEAK_BLOCKS has been
  added.  It is similar to VALGRIND_COUNT_LEAKS but counts blocks
  instead of bytes.


* The Valgrind client requests VALGRIND_PRINTF and
  VALGRIND_PRINTF_BACKTRACE have been changed slightly.  Previously,
  the string was always printed immediately on its own line.  Now, the
  string will be added to a buffer but not printed until a newline is
  encountered, or other Valgrind output is printed (note that for
  VALGRIND_PRINTF_BACKTRACE, the back-trace itself is considered
  "other Valgrind output").  This allows you to use multiple
  VALGRIND_PRINTF calls to build up a single output line, and also to
  print multiple output lines with a single request (by embedding
  multiple newlines in the string).


* The graphs drawn by Massif's ms_print program have changed slightly:

  - The half-height chars '.' and ',' are no longer drawn, because
    they are confusing.  The --y option can be used if the default
    y-resolution is not high enough.

  - Horizontal lines are now drawn after the top of a snapshot if
    there is a gap until the next snapshot.  This makes it clear that
    the memory usage has not dropped to zero between snapshots.


* Something that happened in 3.4.0, but wasn't clearly announced: the
  option --read-var-info=yes can be used by some tools (Memcheck,
  Helgrind and DRD).  When enabled, it causes Valgrind to read DWARF3
  variable type and location information.  This makes those tools
  start up more slowly and increases memory consumption, but
  descriptions of data addresses in error messages become more
  detailed.


* exp-Omega, an experimental instantaneous leak-detecting tool, was
  disabled in 3.4.0 due to a lack of interest and maintenance,
  although the source code was still in the distribution.  The source
  code has now been removed from the distribution.  For anyone
  interested, the removal occurred in SVN revision r10247.


* Some changes have been made to the build system.

  - VEX/ is now integrated properly into the build system.  This means
    that dependency tracking within VEX/ now works properly, "make
    install" will work without requiring "make" before it, and
    parallel builds (ie. 'make -j') now work (previously a
    .NOTPARALLEL directive was used to serialize builds, ie. 'make -j'
    was effectively ignored).

  - The --with-vex configure option has been removed.  It was of
    little use and removing it simplified the build system.

  - The location of some install files has changed.  This should not
    affect most users.  Those who might be affected:

    * For people who use Valgrind with MPI programs, the installed
      libmpiwrap.so library has moved from
      $(INSTALL)/<platform>/libmpiwrap.so to
      $(INSTALL)/libmpiwrap-<platform>.so.

    * For people who distribute standalone Valgrind tools, the
      installed libraries such as $(INSTALL)/<platform>/libcoregrind.a
      have moved to $(INSTALL)/libcoregrind-<platform>.a.

    These changes simplify the build system.

  - Previously, all the distributed suppression (*.supp) files were
    installed.  Now, only default.supp is installed.  This should not
    affect users as the other installed suppression files were not
    read; the fact that they were installed was a mistake.


* KNOWN LIMITATIONS:

  - Memcheck is unusable with the Intel compiler suite version 11.1,
    when it generates code for SSE2-and-above capable targets.  This
    is because of icc's use of highly optimised inlined strlen
    implementations.  It causes Memcheck to report huge numbers of
    false errors even in simple programs.  Helgrind and DRD may also
    have problems.

    Versions 11.0 and earlier may be OK, but this has not been
    properly tested.


The following bugs have been fixed or resolved.  Note that "n-i-bz"
stands for "not in bugzilla" -- that is, a bug that was reported to us
but never got a bugzilla entry.  We encourage you to file bugs in
bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
mailing the developers (or mailing lists) directly -- bugs that are
not entered into bugzilla tend to get forgotten about or ignored.

To see details of a given bug, visit
https://bugs.kde.org/show_bug.cgi?id=XXXXXX
where XXXXXX is the bug number as listed below.

84303   How about a LockCheck tool? 
91633   dereference of null ptr in vgPlain_st_basetype 
97452   Valgrind doesn't report any pthreads problems 
100628  leak-check gets assertion failure when using 
        VALGRIND_MALLOCLIKE_BLOCK on malloc()ed memory 
108528  NPTL pthread cleanup handlers not called 
110126  Valgrind 2.4.1 configure.in tramples CFLAGS 
110128  mallinfo is not implemented... 
110770  VEX: Generated files not always updated when making valgrind
111102  Memcheck: problems with large (memory footprint) applications 
115673  Vex's decoder should never assert 
117564  False positive: Syscall param clone(child_tidptr) contains
        uninitialised byte(s) 
119404  executing ssh from inside valgrind fails 
133679  Callgrind does not write path names to sources with dwarf debug
        info
135847  configure.in problem with non gnu compilers (and possible fix) 
136154  threads.c:273 (vgCallgrind_post_signal): Assertion
        '*(vgCallgrind_current_fn_stack.top) == 0' failed. 
136230  memcheck reports "possibly lost", should be "still reachable" 
137073  NULL arg to MALLOCLIKE_BLOCK causes crash 
137904  Valgrind reports a memory leak when using POSIX threads,
        while it shouldn't 
139076  valgrind VT_GETSTATE error 
142228  complaint of elf_dynamic_do_rela in trivial usage 
145347  spurious warning with USBDEVFS_REAPURB 
148441  (wine) can't find memory leak in Wine, win32 binary 
        executable file.
148742  Leak-check fails assert on exit 
149878  add (proper) check for calloc integer overflow 
150606  Call graph is broken when using callgrind control 
152393  leak errors produce an exit code of 0. I need some way to 
        cause leak errors to result in a nonzero exit code. 
157154  documentation (leak-resolution doc speaks about num-callers
        def=4) + what is a loss record
159501  incorrect handling of ALSA ioctls 
162020  Valgrinding an empty/zero-byte file crashes valgrind 
162482  ppc: Valgrind crashes while reading stabs information 
162718  x86: avoid segment selector 0 in sys_set_thread_area() 
163253  (wine) canonicaliseSymtab forgot some fields in DiSym 
163560  VEX/test_main.c is missing from valgrind-3.3.1 
164353  malloc_usable_size() doesn't return a usable size 
165468  Inconsistent formatting in memcheck manual -- please fix 
169505  main.c:286 (endOfInstr):
        Assertion 'ii->cost_offset == *cost_offset' failed 
177206  Generate default.supp during compile instead of configure
177209  Configure valt_load_address based on arch+os 
177305  eventfd / syscall 323 patch lost
179731  Tests fail to build because of inlining of non-local asm labels
181394  helgrind: libhb_core.c:3762 (msm_write): Assertion 
        'ordxx == POrd_EQ || ordxx == POrd_LT' failed. 
181594  Bogus warning for empty text segment 
181707  dwarf doesn't require enumerations to have name 
185038  exp-ptrcheck: "unhandled syscall: 285" (fallocate) on x86_64 
185050  exp-ptrcheck: sg_main.c:727 (add_block_to_GlobalTree):
        Assertion '!already_present' failed.
185359  exp-ptrcheck: unhandled syscall getresuid()
185794  "WARNING: unhandled syscall: 285" (fallocate) on x86_64
185816  Valgrind is unable to handle debug info for files with split
        debug info that are prelinked afterwards 
185980  [darwin] unhandled syscall: sem_open 
186238  bbToIR_AMD64: disInstr miscalculated next %rip
186507  exp-ptrcheck unhandled syscalls prctl, etc. 
186790  Suppression pattern used for leaks are not reported 
186796  Symbols with length>200 in suppression files are ignored 
187048  drd: mutex PTHREAD_PROCESS_SHARED attribute missinterpretation
187416  exp-ptrcheck: support for __NR_{setregid,setreuid,setresuid}
188038  helgrind: hg_main.c:926: mk_SHVAL_fail: the 'impossible' happened
188046  bashisms in the configure script
188127  amd64->IR: unhandled instruction bytes: 0xF0 0xF 0xB0 0xA
188161  memcheck: --track-origins=yes asserts "mc_machine.c:672
        (get_otrack_shadow_offset_wrk): the 'impossible' happened."
188248  helgrind: pthread_cleanup_push, pthread_rwlock_unlock, 
        assertion fail "!lock->heldBy" 
188427  Add support for epoll_create1 (with patch) 
188530  Support for SIOCGSTAMPNS
188560  Include valgrind.spec in the tarball
188572  Valgrind on Mac should suppress setenv() mem leak 
189054  Valgrind fails to build because of duplicate non-local asm labels 
189737  vex amd64->IR: unhandled instruction bytes: 0xAC
189762  epoll_create syscall not handled (--tool=exp-ptrcheck)
189763  drd assertion failure: s_threadinfo[tid].is_recording 
190219  unhandled syscall: 328 (x86-linux)
190391  dup of 181394; see above
190429  Valgrind reports lots of errors in ld.so with x86_64 2.9.90 glibc 
190820  No debug information on powerpc-linux
191095  PATCH: Improve usbdevfs ioctl handling 
191182  memcheck: VALGRIND_LEAK_CHECK quadratic when big nr of chunks
        or big nr of errors
191189  --xml=yes should obey --gen-suppressions=all 
191192  syslog() needs a suppression on macosx 
191271  DARWIN: WARNING: unhandled syscall: 33554697 a.k.a.: 265 
191761  getrlimit on MacOSX 
191992  multiple --fn-skip only works sometimes; dependent on order 
192634  V. reports "aspacem sync_check_mapping_callback: 
        segment mismatch" on Darwin
192954  __extension__ missing on 2 client requests 
194429  Crash at start-up with glibc-2.10.1 and linux-2.6.29 
194474  "INSTALL" file has different build instructions than "README"
194671  Unhandled syscall (sem_wait?) from mac valgrind 
195069  memcheck: reports leak (memory still reachable) for 
        printf("%d', x) 
195169  drd: (vgDrd_barrier_post_wait):
        Assertion 'r->sg[p->post_iteration]' failed. 
195268  valgrind --log-file doesn't accept ~/...
195838  VEX abort: LibVEX_N_SPILL_BYTES too small for CPUID boilerplate 
195860  WARNING: unhandled syscall: unix:223 
196528  need a error suppression for pthread_rwlock_init under os x? 
197227  Support aio_* syscalls on Darwin
197456  valgrind should reject --suppressions=(directory) 
197512  DWARF2 CFI reader: unhandled CFI instruction 0:10 
197591  unhandled syscall 27 (mincore) 
197793  Merge DCAS branch to the trunk == 85756, 142103
197794  Avoid duplicate filenames in Vex 
197898  make check fails on current SVN 
197901  make check fails also under exp-ptrcheck in current SVN 
197929  Make --leak-resolution=high the default 
197930  Reduce spacing between leak reports 
197933  Print command line of client at start-up, and shorten preamble 
197966  unhandled syscall 205 (x86-linux, --tool=exp-ptrcheck)
198395  add BBV to the distribution as an experimental tool 
198624  Missing syscalls on Darwin: 82, 167, 281, 347 
198649  callgrind_annotate doesn't cumulate counters 
199338  callgrind_annotate sorting/thresholds are broken for all but Ir 
199977  Valgrind complains about an unrecognized instruction in the
        atomic_incs test program
200029  valgrind isn't able to read Fedora 12 debuginfo 
200760  darwin unhandled syscall: unix:284 
200827  DRD doesn't work on Mac OS X 
200990  VG_(read_millisecond_timer)() does not work correctly 
201016  Valgrind does not support pthread_kill() on Mac OS 
201169  Document --read-var-info
201323  Pre-3.5.0 performance sanity checking 
201384  Review user manual for the 3.5.0 release 
201585  mfpvr not implemented on ppc 
201708  tests failing because x86 direction flag is left set 
201757  Valgrind doesn't handle any recent sys_futex additions 
204377  64-bit valgrind can not start a shell script
        (with #!/path/to/shell) if the shell is a 32-bit executable
n-i-bz  drd: fixed assertion failure triggered by mutex reinitialization.
n-i-bz  drd: fixed a bug that caused incorrect messages to be printed
        about memory allocation events with memory access tracing enabled
n-i-bz  drd: fixed a memory leak triggered by vector clock deallocation

(3.5.0: 19 Aug 2009, vex r1913, valgrind r10846).



Release 3.4.1 (28 February 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.4.1 is a bug-fix release that fixes some regressions and assertion
failures in debug info reading in 3.4.0, most notably incorrect stack
traces on amd64-linux on older (glibc-2.3 based) systems. Various
other debug info problems are also fixed.  A number of bugs in the
exp-ptrcheck tool introduced in 3.4.0 have been fixed.

In view of the fact that 3.4.0 contains user-visible regressions
relative to 3.3.x, upgrading to 3.4.1 is recommended.  Packagers are
encouraged to ship 3.4.1 in preference to 3.4.0.

The fixed bugs are as follows.  Note that "n-i-bz" stands for "not in
bugzilla" -- that is, a bug that was reported to us but never got a
bugzilla entry.  We encourage you to file bugs in bugzilla
(http://bugs.kde.org/enter_valgrind_bug.cgi) rather than mailing the
developers (or mailing lists) directly -- bugs that are not entered
into bugzilla tend to get forgotten about or ignored.

n-i-bz  Fix various bugs reading icc-11 generated debug info
n-i-bz  Fix various bugs reading gcc-4.4 generated debug info
n-i-bz  Preliminary support for glibc-2.10 / Fedora 11
n-i-bz  Cachegrind and Callgrind: handle non-power-of-two cache sizes,
        so as to support (eg) 24k Atom D1 and Core2 with 3/6/12MB L2.
179618  exp-ptrcheck crashed / exit prematurely
179624  helgrind: false positive races with pthread_create and
        recv/open/close/read
134207  pkg-config output contains @VG_PLATFORM@
176926  floating point exception at valgrind startup with PPC 440EPX
181594  Bogus warning for empty text segment
173751  amd64->IR: 0x48 0xF 0x6F 0x45 (even more redundant rex prefixes)
181707  Dwarf3 doesn't require enumerations to have name
185038  exp-ptrcheck: "unhandled syscall: 285" (fallocate) on x86_64
185050  exp-ptrcheck: sg_main.c:727 (add_block_to_GlobalTree):
        Assertion '!already_present' failed.
185359  exp-ptrcheck unhandled syscall getresuid()

(3.4.1.RC1:  24 Feb 2008, vex r1884, valgrind r9253).
(3.4.1:      28 Feb 2008, vex r1884, valgrind r9293).



Release 3.4.0 (2 January 2009)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.4.0 is a feature release with many significant improvements and the
usual collection of bug fixes.  This release supports X86/Linux,
AMD64/Linux, PPC32/Linux and PPC64/Linux.  Support for recent distros
(using gcc 4.4, glibc 2.8 and 2.9) has been added.

3.4.0 brings some significant tool improvements.  Memcheck can now
report the origin of uninitialised values, the thread checkers
Helgrind and DRD are much improved, and we have a new experimental
tool, exp-Ptrcheck, which is able to detect overruns of stack and
global arrays.  In detail:

* Memcheck is now able to track the origin of uninitialised values.
  When it reports an uninitialised value error, it will try to show
  the origin of the value, as either a heap or stack allocation.
  Origin tracking is expensive and so is not enabled by default.  To
  use it, specify --track-origins=yes.  Memcheck's speed will be
  essentially halved, and memory usage will be significantly
  increased.  Nevertheless it can drastically reduce the effort
  required to identify the root cause of uninitialised value errors,
  and so is often a programmer productivity win, despite running more
  slowly.

* A version (1.4.0) of the Valkyrie GUI, that works with Memcheck in
  3.4.0, will be released shortly.

* Helgrind's race detection algorithm has been completely redesigned
  and reimplemented, to address usability and scalability concerns:

  - The new algorithm has a lower false-error rate: it is much less
    likely to report races that do not really exist.

  - Helgrind will display full call stacks for both accesses involved
    in a race.  This makes it easier to identify the root causes of
    races.

  - Limitations on the size of program that can run have been removed.

  - Performance has been modestly improved, although that is very
    workload-dependent.

  - Direct support for Qt4 threading has been added.

  - pthread_barriers are now directly supported.

  - Helgrind works well on all supported Linux targets.

* The DRD thread debugging tool has seen major improvements:

  - Greatly improved performance and significantly reduced memory
    usage.

  - Support for several major threading libraries (Boost.Thread, Qt4,
    glib, OpenMP) has been added.

  - Support for atomic instructions, POSIX semaphores, barriers and
    reader-writer locks has been added.

  - Works now on PowerPC CPUs too.

  - Added support for printing thread stack usage at thread exit time.

  - Added support for debugging lock contention.

  - Added a manual for Drd.

* A new experimental tool, exp-Ptrcheck, has been added.  Ptrcheck
  checks for misuses of pointers.  In that sense it is a bit like
  Memcheck.  However, Ptrcheck can do things Memcheck can't: it can
  detect overruns of stack and global arrays, it can detect
  arbitrarily far out-of-bounds accesses to heap blocks, and it can
  detect accesses heap blocks that have been freed a very long time
  ago (millions of blocks in the past).

  Ptrcheck currently works only on x86-linux and amd64-linux.  To use
  it, use --tool=exp-ptrcheck.  A simple manual is provided, as part
  of the main Valgrind documentation.  As this is an experimental
  tool, we would be particularly interested in hearing about your
  experiences with it.

* exp-Omega, an experimental instantaneous leak-detecting tool, is no
  longer built by default, although the code remains in the repository
  and the tarball.  This is due to three factors: a perceived lack of
  users, a lack of maintenance, and concerns that it may not be
  possible to achieve reliable operation using the existing design.

* As usual, support for the latest Linux distros and toolchain
  components has been added.  It should work well on Fedora Core 10,
  OpenSUSE 11.1 and Ubuntu 8.10.  gcc-4.4 (in its current pre-release
  state) is supported, as is glibc-2.9.  The C++ demangler has been
  updated so as to work well with C++ compiled by even the most recent
  g++'s.

* You can now use frame-level wildcards in suppressions.  This was a
  frequently-requested enhancement.  A line "..." in a suppression now
  matches zero or more frames.  This makes it easier to write
  suppressions which are precise yet insensitive to changes in
  inlining behaviour.

* 3.4.0 adds support on x86/amd64 for the SSSE3 instruction set.

* Very basic support for IBM Power6 has been added (64-bit processes only).

* Valgrind is now cross-compilable.  For example, it is possible to
  cross compile Valgrind on an x86/amd64-linux host, so that it runs
  on a ppc32/64-linux target.

* You can set the main thread's stack size at startup using the
  new --main-stacksize= flag (subject of course to ulimit settings).
  This is useful for running apps that need a lot of stack space.

* The limitation that you can't use --trace-children=yes together
  with --db-attach=yes has been removed.

* The following bugs have been fixed.  Note that "n-i-bz" stands for
  "not in bugzilla" -- that is, a bug that was reported to us but
  never got a bugzilla entry.  We encourage you to file bugs in
  bugzilla (http://bugs.kde.org/enter_valgrind_bug.cgi) rather than
  mailing the developers (or mailing lists) directly.

  n-i-bz  Make return types for some client requests 64-bit clean
  n-i-bz  glibc 2.9 support
  n-i-bz  ignore unsafe .valgrindrc's (CVE-2008-4865)
  n-i-bz  MPI_Init(0,0) is valid but libmpiwrap.c segfaults
  n-i-bz  Building in an env without gdb gives bogus gdb attach
  92456   Tracing the origin of uninitialised memory
  106497  Valgrind does not demangle some C++ template symbols
  162222  ==106497
  151612  Suppression with "..." (frame-level wildcards in .supp files)
  156404  Unable to start oocalc under memcheck on openSUSE 10.3 (64-bit)
  159285  unhandled syscall:25 (stime, on x86-linux)
  159452  unhandled ioctl 0x8B01 on "valgrind iwconfig"
  160954  ppc build of valgrind crashes with illegal instruction (isel)
  160956  mallinfo implementation, w/ patch
  162092  Valgrind fails to start gnome-system-monitor
  162819  malloc_free_fill test doesn't pass on glibc2.8 x86
  163794  assertion failure with "--track-origins=yes"
  163933  sigcontext.err and .trapno must be set together
  163955  remove constraint !(--db-attach=yes && --trace-children=yes)
  164476  Missing kernel module loading system calls
  164669  SVN regression: mmap() drops posix file locks
  166581  Callgrind output corruption when program forks
  167288  Patch file for missing system calls on Cell BE
  168943  unsupported scas instruction pentium
  171645  Unrecognised instruction (MOVSD, non-binutils encoding)
  172417  x86->IR: 0x82 ...
  172563  amd64->IR: 0xD9 0xF5  -  fprem1
  173099  .lds linker script generation error
  173177  [x86_64] syscalls: 125/126/179 (capget/capset/quotactl)
  173751  amd64->IR: 0x48 0xF 0x6F 0x45 (even more redundant prefixes)
  174532  == 173751
  174908  --log-file value not expanded correctly for core file
  175044  Add lookup_dcookie for amd64
  175150  x86->IR: 0xF2 0xF 0x11 0xC1 (movss non-binutils encoding)

Developer-visible changes:

* Valgrind's debug-info reading machinery has been majorly overhauled.
  It can now correctly establish the addresses for ELF data symbols,
  which is something that has never worked properly before now.

  Also, Valgrind can now read DWARF3 type and location information for
  stack and global variables.  This makes it possible to use the
  framework to build tools that rely on knowing the type and locations
  of stack and global variables, for example exp-Ptrcheck.

  Reading of such information is disabled by default, because most
  tools don't need it, and because it is expensive in space and time.
  However, you can force Valgrind to read it, using the
  --read-var-info=yes flag.  Memcheck, Helgrind and DRD are able to
  make use of such information, if present, to provide source-level
  descriptions of data addresses in the error messages they create.

(3.4.0.RC1:  24 Dec 2008, vex r1878, valgrind r8882).
(3.4.0:       3 Jan 2009, vex r1878, valgrind r8899).