xref: /freebsd/contrib/jemalloc/ChangeLog (revision d8b88105c2ccf7686552516877f541efb54fb6c8) 
1Following are change highlights associated with official releases.  Important
2bug fixes are all mentioned, but internal enhancements are omitted here for
3brevity (even though they are more fun to write about).  Much more detail can be
4found in the git revision history:
5
6    http://www.canonware.com/cgi-bin/gitweb.cgi?p=jemalloc.git
7    git://canonware.com/jemalloc.git
8
9* 3.5.0 (January 22, 2014)
10
11  This version focuses on refactoring and automated testing, though it also
12  includes some non-trivial heap profiling optimizations not mentioned below.
13
14  New features:
15  - Add the *allocx() API, which is a successor to the experimental *allocm()
16    API.  The *allocx() functions are slightly simpler to use because they have
17    fewer parameters, they directly return the results of primary interest, and
18    mallocx()/rallocx() avoid the strict aliasing pitfall that
19    allocm()/rallocx() share with posix_memalign().  Note that *allocm() is
20    slated for removal in the next non-bugfix release.
21  - Add support for LinuxThreads.
22
23  Bug fixes:
24  - Unless heap profiling is enabled, disable floating point code and don't link
25    with libm.  This, in combination with e.g. EXTRA_CFLAGS=-mno-sse on x64
26    systems, makes it possible to completely disable floating point register
27    use.  Some versions of glibc neglect to save/restore caller-saved floating
28    point registers during dynamic lazy symbol loading, and the symbol loading
29    code uses whatever malloc the application happens to have linked/loaded
30    with, the result being potential floating point register corruption.
31  - Report ENOMEM rather than EINVAL if an OOM occurs during heap profiling
32    backtrace creation in imemalign().  This bug impacted posix_memalign() and
33    aligned_alloc().
34  - Fix a file descriptor leak in a prof_dump_maps() error path.
35  - Fix prof_dump() to close the dump file descriptor for all relevant error
36    paths.
37  - Fix rallocm() to use the arena specified by the ALLOCM_ARENA(s) flag for
38    allocation, not just deallocation.
39  - Fix a data race for large allocation stats counters.
40  - Fix a potential infinite loop during thread exit.  This bug occurred on
41    Solaris, and could affect other platforms with similar pthreads TSD
42    implementations.
43  - Don't junk-fill reallocations unless usable size changes.  This fixes a
44    violation of the *allocx()/*allocm() semantics.
45  - Fix growing large reallocation to junk fill new space.
46  - Fix huge deallocation to junk fill when munmap is disabled.
47  - Change the default private namespace prefix from empty to je_, and change
48    --with-private-namespace-prefix so that it prepends an additional prefix
49    rather than replacing je_.  This reduces the likelihood of applications
50    which statically link jemalloc experiencing symbol name collisions.
51  - Add missing private namespace mangling (relevant when
52    --with-private-namespace is specified).
53  - Add and use JEMALLOC_INLINE_C so that static inline functions are marked as
54    static even for debug builds.
55  - Add a missing mutex unlock in a malloc_init_hard() error path.  In practice
56    this error path is never executed.
57  - Fix numerous bugs in malloc_strotumax() error handling/reporting.  These
58    bugs had no impact except for malformed inputs.
59  - Fix numerous bugs in malloc_snprintf().  These bugs were not exercised by
60    existing calls, so they had no impact.
61
62* 3.4.1 (October 20, 2013)
63
64  Bug fixes:
65  - Fix a race in the "arenas.extend" mallctl that could cause memory corruption
66    of internal data structures and subsequent crashes.
67  - Fix Valgrind integration flaws that caused Valgrind warnings about reads of
68    uninitialized memory in:
69    + arena chunk headers
70    + internal zero-initialized data structures (relevant to tcache and prof
71      code)
72  - Preserve errno during the first allocation.  A readlink(2) call during
73    initialization fails unless /etc/malloc.conf exists, so errno was typically
74    set during the first allocation prior to this fix.
75  - Fix compilation warnings reported by gcc 4.8.1.
76
77* 3.4.0 (June 2, 2013)
78
79  This version is essentially a small bugfix release, but the addition of
80  aarch64 support requires that the minor version be incremented.
81
82  Bug fixes:
83  - Fix race-triggered deadlocks in chunk_record().  These deadlocks were
84    typically triggered by multiple threads concurrently deallocating huge
85    objects.
86
87  New features:
88  - Add support for the aarch64 architecture.
89
90* 3.3.1 (March 6, 2013)
91
92  This version fixes bugs that are typically encountered only when utilizing
93  custom run-time options.
94
95  Bug fixes:
96  - Fix a locking order bug that could cause deadlock during fork if heap
97    profiling were enabled.
98  - Fix a chunk recycling bug that could cause the allocator to lose track of
99    whether a chunk was zeroed.  On FreeBSD, NetBSD, and OS X, it could cause
100    corruption if allocating via sbrk(2) (unlikely unless running with the
101    "dss:primary" option specified).  This was completely harmless on Linux
102    unless using mlockall(2) (and unlikely even then, unless the
103    --disable-munmap configure option or the "dss:primary" option was
104    specified).  This regression was introduced in 3.1.0 by the
105    mlockall(2)/madvise(2) interaction fix.
106  - Fix TLS-related memory corruption that could occur during thread exit if the
107    thread never allocated memory.  Only the quarantine and prof facilities were
108    susceptible.
109  - Fix two quarantine bugs:
110    + Internal reallocation of the quarantined object array leaked the old
111      array.
112    + Reallocation failure for internal reallocation of the quarantined object
113      array (very unlikely) resulted in memory corruption.
114  - Fix Valgrind integration to annotate all internally allocated memory in a
115    way that keeps Valgrind happy about internal data structure access.
116  - Fix building for s390 systems.
117
118* 3.3.0 (January 23, 2013)
119
120  This version includes a few minor performance improvements in addition to the
121  listed new features and bug fixes.
122
123  New features:
124  - Add clipping support to lg_chunk option processing.
125  - Add the --enable-ivsalloc option.
126  - Add the --without-export option.
127  - Add the --disable-zone-allocator option.
128
129  Bug fixes:
130  - Fix "arenas.extend" mallctl to output the number of arenas.
131  - Fix chunk_recycle() to unconditionally inform Valgrind that returned memory
132    is undefined.
133  - Fix build break on FreeBSD related to alloca.h.
134
135* 3.2.0 (November 9, 2012)
136
137  In addition to a couple of bug fixes, this version modifies page run
138  allocation and dirty page purging algorithms in order to better control
139  page-level virtual memory fragmentation.
140
141  Incompatible changes:
142  - Change the "opt.lg_dirty_mult" default from 5 to 3 (32:1 to 8:1).
143
144  Bug fixes:
145  - Fix dss/mmap allocation precedence code to use recyclable mmap memory only
146    after primary dss allocation fails.
147  - Fix deadlock in the "arenas.purge" mallctl.  This regression was introduced
148    in 3.1.0 by the addition of the "arena.<i>.purge" mallctl.
149
150* 3.1.0 (October 16, 2012)
151
152  New features:
153  - Auto-detect whether running inside Valgrind, thus removing the need to
154    manually specify MALLOC_CONF=valgrind:true.
155  - Add the "arenas.extend" mallctl, which allows applications to create
156    manually managed arenas.
157  - Add the ALLOCM_ARENA() flag for {,r,d}allocm().
158  - Add the "opt.dss", "arena.<i>.dss", and "stats.arenas.<i>.dss" mallctls,
159    which provide control over dss/mmap precedence.
160  - Add the "arena.<i>.purge" mallctl, which obsoletes "arenas.purge".
161  - Define LG_QUANTUM for hppa.
162
163  Incompatible changes:
164  - Disable tcache by default if running inside Valgrind, in order to avoid
165    making unallocated objects appear reachable to Valgrind.
166  - Drop const from malloc_usable_size() argument on Linux.
167
168  Bug fixes:
169  - Fix heap profiling crash if sampled object is freed via realloc(p, 0).
170  - Remove const from __*_hook variable declarations, so that glibc can modify
171    them during process forking.
172  - Fix mlockall(2)/madvise(2) interaction.
173  - Fix fork(2)-related deadlocks.
174  - Fix error return value for "thread.tcache.enabled" mallctl.
175
176* 3.0.0 (May 11, 2012)
177
178  Although this version adds some major new features, the primary focus is on
179  internal code cleanup that facilitates maintainability and portability, most
180  of which is not reflected in the ChangeLog.  This is the first release to
181  incorporate substantial contributions from numerous other developers, and the
182  result is a more broadly useful allocator (see the git revision history for
183  contribution details).  Note that the license has been unified, thanks to
184  Facebook granting a license under the same terms as the other copyright
185  holders (see COPYING).
186
187  New features:
188  - Implement Valgrind support, redzones, and quarantine.
189  - Add support for additional platforms:
190    + FreeBSD
191    + Mac OS X Lion
192    + MinGW
193    + Windows (no support yet for replacing the system malloc)
194  - Add support for additional architectures:
195    + MIPS
196    + SH4
197    + Tilera
198  - Add support for cross compiling.
199  - Add nallocm(), which rounds a request size up to the nearest size class
200    without actually allocating.
201  - Implement aligned_alloc() (blame C11).
202  - Add the "thread.tcache.enabled" mallctl.
203  - Add the "opt.prof_final" mallctl.
204  - Update pprof (from gperftools 2.0).
205  - Add the --with-mangling option.
206  - Add the --disable-experimental option.
207  - Add the --disable-munmap option, and make it the default on Linux.
208  - Add the --enable-mremap option, which disables use of mremap(2) by default.
209
210  Incompatible changes:
211  - Enable stats by default.
212  - Enable fill by default.
213  - Disable lazy locking by default.
214  - Rename the "tcache.flush" mallctl to "thread.tcache.flush".
215  - Rename the "arenas.pagesize" mallctl to "arenas.page".
216  - Change the "opt.lg_prof_sample" default from 0 to 19 (1 B to 512 KiB).
217  - Change the "opt.prof_accum" default from true to false.
218
219  Removed features:
220  - Remove the swap feature, including the "config.swap", "swap.avail",
221    "swap.prezeroed", "swap.nfds", and "swap.fds" mallctls.
222  - Remove highruns statistics, including the
223    "stats.arenas.<i>.bins.<j>.highruns" and
224    "stats.arenas.<i>.lruns.<j>.highruns" mallctls.
225  - As part of small size class refactoring, remove the "opt.lg_[qc]space_max",
226    "arenas.cacheline", "arenas.subpage", "arenas.[tqcs]space_{min,max}", and
227    "arenas.[tqcs]bins" mallctls.
228  - Remove the "arenas.chunksize" mallctl.
229  - Remove the "opt.lg_prof_tcmax" option.
230  - Remove the "opt.lg_prof_bt_max" option.
231  - Remove the "opt.lg_tcache_gc_sweep" option.
232  - Remove the --disable-tiny option, including the "config.tiny" mallctl.
233  - Remove the --enable-dynamic-page-shift configure option.
234  - Remove the --enable-sysv configure option.
235
236  Bug fixes:
237  - Fix a statistics-related bug in the "thread.arena" mallctl that could cause
238    invalid statistics and crashes.
239  - Work around TLS deallocation via free() on Linux.  This bug could cause
240    write-after-free memory corruption.
241  - Fix a potential deadlock that could occur during interval- and
242    growth-triggered heap profile dumps.
243  - Fix large calloc() zeroing bugs due to dropping chunk map unzeroed flags.
244  - Fix chunk_alloc_dss() to stop claiming memory is zeroed.  This bug could
245    cause memory corruption and crashes with --enable-dss specified.
246  - Fix fork-related bugs that could cause deadlock in children between fork
247    and exec.
248  - Fix malloc_stats_print() to honor 'b' and 'l' in the opts parameter.
249  - Fix realloc(p, 0) to act like free(p).
250  - Do not enforce minimum alignment in memalign().
251  - Check for NULL pointer in malloc_usable_size().
252  - Fix an off-by-one heap profile statistics bug that could be observed in
253    interval- and growth-triggered heap profiles.
254  - Fix the "epoch" mallctl to update cached stats even if the passed in epoch
255    is 0.
256  - Fix bin->runcur management to fix a layout policy bug.  This bug did not
257    affect correctness.
258  - Fix a bug in choose_arena_hard() that potentially caused more arenas to be
259    initialized than necessary.
260  - Add missing "opt.lg_tcache_max" mallctl implementation.
261  - Use glibc allocator hooks to make mixed allocator usage less likely.
262  - Fix build issues for --disable-tcache.
263  - Don't mangle pthread_create() when --with-private-namespace is specified.
264
265* 2.2.5 (November 14, 2011)
266
267  Bug fixes:
268  - Fix huge_ralloc() race when using mremap(2).  This is a serious bug that
269    could cause memory corruption and/or crashes.
270  - Fix huge_ralloc() to maintain chunk statistics.
271  - Fix malloc_stats_print(..., "a") output.
272
273* 2.2.4 (November 5, 2011)
274
275  Bug fixes:
276  - Initialize arenas_tsd before using it.  This bug existed for 2.2.[0-3], as
277    well as for --disable-tls builds in earlier releases.
278  - Do not assume a 4 KiB page size in test/rallocm.c.
279
280* 2.2.3 (August 31, 2011)
281
282  This version fixes numerous bugs related to heap profiling.
283
284  Bug fixes:
285  - Fix a prof-related race condition.  This bug could cause memory corruption,
286    but only occurred in non-default configurations (prof_accum:false).
287  - Fix off-by-one backtracing issues (make sure that prof_alloc_prep() is
288    excluded from backtraces).
289  - Fix a prof-related bug in realloc() (only triggered by OOM errors).
290  - Fix prof-related bugs in allocm() and rallocm().
291  - Fix prof_tdata_cleanup() for --disable-tls builds.
292  - Fix a relative include path, to fix objdir builds.
293
294* 2.2.2 (July 30, 2011)
295
296  Bug fixes:
297  - Fix a build error for --disable-tcache.
298  - Fix assertions in arena_purge() (for real this time).
299  - Add the --with-private-namespace option.  This is a workaround for symbol
300    conflicts that can inadvertently arise when using static libraries.
301
302* 2.2.1 (March 30, 2011)
303
304  Bug fixes:
305  - Implement atomic operations for x86/x64.  This fixes compilation failures
306    for versions of gcc that are still in wide use.
307  - Fix an assertion in arena_purge().
308
309* 2.2.0 (March 22, 2011)
310
311  This version incorporates several improvements to algorithms and data
312  structures that tend to reduce fragmentation and increase speed.
313
314  New features:
315  - Add the "stats.cactive" mallctl.
316  - Update pprof (from google-perftools 1.7).
317  - Improve backtracing-related configuration logic, and add the
318    --disable-prof-libgcc option.
319
320  Bug fixes:
321  - Change default symbol visibility from "internal", to "hidden", which
322    decreases the overhead of library-internal function calls.
323  - Fix symbol visibility so that it is also set on OS X.
324  - Fix a build dependency regression caused by the introduction of the .pic.o
325    suffix for PIC object files.
326  - Add missing checks for mutex initialization failures.
327  - Don't use libgcc-based backtracing except on x64, where it is known to work.
328  - Fix deadlocks on OS X that were due to memory allocation in
329    pthread_mutex_lock().
330  - Heap profiling-specific fixes:
331    + Fix memory corruption due to integer overflow in small region index
332      computation, when using a small enough sample interval that profiling
333      context pointers are stored in small run headers.
334    + Fix a bootstrap ordering bug that only occurred with TLS disabled.
335    + Fix a rallocm() rsize bug.
336    + Fix error detection bugs for aligned memory allocation.
337
338* 2.1.3 (March 14, 2011)
339
340  Bug fixes:
341  - Fix a cpp logic regression (due to the "thread.{de,}allocatedp" mallctl fix
342    for OS X in 2.1.2).
343  - Fix a "thread.arena" mallctl bug.
344  - Fix a thread cache stats merging bug.
345
346* 2.1.2 (March 2, 2011)
347
348  Bug fixes:
349  - Fix "thread.{de,}allocatedp" mallctl for OS X.
350  - Add missing jemalloc.a to build system.
351
352* 2.1.1 (January 31, 2011)
353
354  Bug fixes:
355  - Fix aligned huge reallocation (affected allocm()).
356  - Fix the ALLOCM_LG_ALIGN macro definition.
357  - Fix a heap dumping deadlock.
358  - Fix a "thread.arena" mallctl bug.
359
360* 2.1.0 (December 3, 2010)
361
362  This version incorporates some optimizations that can't quite be considered
363  bug fixes.
364
365  New features:
366  - Use Linux's mremap(2) for huge object reallocation when possible.
367  - Avoid locking in mallctl*() when possible.
368  - Add the "thread.[de]allocatedp" mallctl's.
369  - Convert the manual page source from roff to DocBook, and generate both roff
370    and HTML manuals.
371
372  Bug fixes:
373  - Fix a crash due to incorrect bootstrap ordering.  This only impacted
374    --enable-debug --enable-dss configurations.
375  - Fix a minor statistics bug for mallctl("swap.avail", ...).
376
377* 2.0.1 (October 29, 2010)
378
379  Bug fixes:
380  - Fix a race condition in heap profiling that could cause undefined behavior
381    if "opt.prof_accum" were disabled.
382  - Add missing mutex unlocks for some OOM error paths in the heap profiling
383    code.
384  - Fix a compilation error for non-C99 builds.
385
386* 2.0.0 (October 24, 2010)
387
388  This version focuses on the experimental *allocm() API, and on improved
389  run-time configuration/introspection.  Nonetheless, numerous performance
390  improvements are also included.
391
392  New features:
393  - Implement the experimental {,r,s,d}allocm() API, which provides a superset
394    of the functionality available via malloc(), calloc(), posix_memalign(),
395    realloc(), malloc_usable_size(), and free().  These functions can be used to
396    allocate/reallocate aligned zeroed memory, ask for optional extra memory
397    during reallocation, prevent object movement during reallocation, etc.
398  - Replace JEMALLOC_OPTIONS/JEMALLOC_PROF_PREFIX with MALLOC_CONF, which is
399    more human-readable, and more flexible.  For example:
400      JEMALLOC_OPTIONS=AJP
401    is now:
402      MALLOC_CONF=abort:true,fill:true,stats_print:true
403  - Port to Apple OS X.  Sponsored by Mozilla.
404  - Make it possible for the application to control thread-->arena mappings via
405    the "thread.arena" mallctl.
406  - Add compile-time support for all TLS-related functionality via pthreads TSD.
407    This is mainly of interest for OS X, which does not support TLS, but has a
408    TSD implementation with similar performance.
409  - Override memalign() and valloc() if they are provided by the system.
410  - Add the "arenas.purge" mallctl, which can be used to synchronously purge all
411    dirty unused pages.
412  - Make cumulative heap profiling data optional, so that it is possible to
413    limit the amount of memory consumed by heap profiling data structures.
414  - Add per thread allocation counters that can be accessed via the
415    "thread.allocated" and "thread.deallocated" mallctls.
416
417  Incompatible changes:
418  - Remove JEMALLOC_OPTIONS and malloc_options (see MALLOC_CONF above).
419  - Increase default backtrace depth from 4 to 128 for heap profiling.
420  - Disable interval-based profile dumps by default.
421
422  Bug fixes:
423  - Remove bad assertions in fork handler functions.  These assertions could
424    cause aborts for some combinations of configure settings.
425  - Fix strerror_r() usage to deal with non-standard semantics in GNU libc.
426  - Fix leak context reporting.  This bug tended to cause the number of contexts
427    to be underreported (though the reported number of objects and bytes were
428    correct).
429  - Fix a realloc() bug for large in-place growing reallocation.  This bug could
430    cause memory corruption, but it was hard to trigger.
431  - Fix an allocation bug for small allocations that could be triggered if
432    multiple threads raced to create a new run of backing pages.
433  - Enhance the heap profiler to trigger samples based on usable size, rather
434    than request size.
435  - Fix a heap profiling bug due to sometimes losing track of requested object
436    size for sampled objects.
437
438* 1.0.3 (August 12, 2010)
439
440  Bug fixes:
441  - Fix the libunwind-based implementation of stack backtracing (used for heap
442    profiling).  This bug could cause zero-length backtraces to be reported.
443  - Add a missing mutex unlock in library initialization code.  If multiple
444    threads raced to initialize malloc, some of them could end up permanently
445    blocked.
446
447* 1.0.2 (May 11, 2010)
448
449  Bug fixes:
450  - Fix junk filling of large objects, which could cause memory corruption.
451  - Add MAP_NORESERVE support for chunk mapping, because otherwise virtual
452    memory limits could cause swap file configuration to fail.  Contributed by
453    Jordan DeLong.
454
455* 1.0.1 (April 14, 2010)
456
457  Bug fixes:
458  - Fix compilation when --enable-fill is specified.
459  - Fix threads-related profiling bugs that affected accuracy and caused memory
460    to be leaked during thread exit.
461  - Fix dirty page purging race conditions that could cause crashes.
462  - Fix crash in tcache flushing code during thread destruction.
463
464* 1.0.0 (April 11, 2010)
465
466  This release focuses on speed and run-time introspection.  Numerous
467  algorithmic improvements make this release substantially faster than its
468  predecessors.
469
470  New features:
471  - Implement autoconf-based configuration system.
472  - Add mallctl*(), for the purposes of introspection and run-time
473    configuration.
474  - Make it possible for the application to manually flush a thread's cache, via
475    the "tcache.flush" mallctl.
476  - Base maximum dirty page count on proportion of active memory.
477  - Compute various addtional run-time statistics, including per size class
478    statistics for large objects.
479  - Expose malloc_stats_print(), which can be called repeatedly by the
480    application.
481  - Simplify the malloc_message() signature to only take one string argument,
482    and incorporate an opaque data pointer argument for use by the application
483    in combination with malloc_stats_print().
484  - Add support for allocation backed by one or more swap files, and allow the
485    application to disable over-commit if swap files are in use.
486  - Implement allocation profiling and leak checking.
487
488  Removed features:
489  - Remove the dynamic arena rebalancing code, since thread-specific caching
490    reduces its utility.
491
492  Bug fixes:
493  - Modify chunk allocation to work when address space layout randomization
494    (ASLR) is in use.
495  - Fix thread cleanup bugs related to TLS destruction.
496  - Handle 0-size allocation requests in posix_memalign().
497  - Fix a chunk leak.  The leaked chunks were never touched, so this impacted
498    virtual memory usage, but not physical memory usage.
499
500* linux_2008082[78]a (August 27/28, 2008)
501
502  These snapshot releases are the simple result of incorporating Linux-specific
503  support into the FreeBSD malloc sources.
504
505--------------------------------------------------------------------------------
506vim:filetype=text:textwidth=80
507