Chapter 7. Compiler and Tools
Support for new instructions in IBM z Systems z13
The new version of GCC brings support for the new hardware instructions of the IBM z Systems z13, along with support for SIMD instructions. The
-march=z13
command-line option is needed to enable the new intrinsics. (BZ#1182152)
GCC now generates optimal code for POWER8
On the PowerPC 64 LE architecture, the GCC compiler is now configured with the
--with-cpu=power8
and --with-tune=power8
parameters, to make GCC generate optimal code for POWER8 platforms. (BZ#1213268)
Support for Intel Memory Protection Keys (IMPK)
This update to the GCC compiler provides support for IMPK - the compiler can now generate the new PKU instructions. The new instructions can be enabled by using the
-mpku
command-line option. (BZ#1304449)
gcc-libraries rebased
The gcc-libraries package has been rebased to the latest GCC 5 version to include various bug fixes and enhancements from the upstream version. (BZ#1265252)
GDB now supports IBM z13 features
This update provides a GDB extension for debugging code utilizing IBM z13 features. This includes disassembling extended IBM z13 instructions and supporting SIMD instructions using 128-bit wide vector registers
v0-v31
. Code optimized for IBM z13 can be now debugged by GDB displaying correct instruction mnemonics, vector registers, and retrieving and passing vector register content during inferior calls. (BZ#1182151)
binutils rebased to version 2.25.1
The highlights of the new rebased binutils package include:
- The
strings
program now has a--data
command-line option which only prints strings in loadable, initialized data sections. The default behaviour has been changed to match the--all
command-line option. - The
strings
program now has a--include-all-whitespace
command-line option which treats any non-displaying ASCII character as part of the string. This includes carriage return and new line characters which otherwise would be considered to be line terminators. - The
objcopy
program now has a--dump-section
command-line option to extract the contents of named sections and copy them into separate files. - The
objcopy
program now supports wildcard characters in command-line options that take section names. - The
as
assembler now has a--gdwarf-sections
command-line option to enable the generation of per-code-sectionDWARF.debug_line
sections. This facilitates the removal of those sections when their corresponding code section is removed by linker garbage collection. (BZ#1341730)
Support for the z13 extensions to IBM z Systems architecture.
This update provides multiple upstream patches combined into a single patch and applied to the Red Hat Enterprise Linux 7 binutils package. The z13 extensions are now supported. (BZ#1364516)
Support for MWAITX
The updated binutils package for the 32-bit AMD and Intel architecture now provides support for the
MWAITX
instruction. (BZ#1335684)
Support for Zeppelin
The updated binutils package for the 32-bit AMD and Intel architecture now provides support for the
Zeppelin
extensions. (BZ#1335313)
Support for the Large System Extensions
The updated binutils package now provides support for the Large System Extensions to the AArch64 assembler. In addition, support for the
.arch_extension
pseudo-operation has also been added. (BZ#1276755)
elfutils rebased to version 0.166
The elfutils packages contain a number of utilities and libraries related to the creation and maintenance of executable code. The package has been upgraded to version 0.166. Highlighted improvements include:
strip
,unstrip
- These utilities can now handle ELF files with merged strtab/shstrtab tables.elfcompress
- A new utility to compress or decompress ELF sections.readelf
- A new-z,--decompress
option.- New functions have been added to
libelf
andlibdw
to handle compressed ELF sections:elf_compress
,elf_compress_gnu
,elf32_getchdr
,elf64_getchdr
, andgelf_getchdr
. libdwelf
- a newdwelf_scn_gnu_compressed_size()
function.- New
libelf
andlibdw
pkgconfig (package configuration) files.
(BZ#1296313)
valgrind rebased to version 3.11.0
Valgrind is an instrumentation framework that is used for debugging memory, detecting memory leaks, and profiling applications. The package has been upgraded to upstream version 3.11.0. Highlighted improvements include:
- The JIT's register allocator is now significantly faster, making JIT-intensive activities, for example program startup, approximately 5% faster.
- Intel AVX2 support is now more complete for 64-bit targets. On AVX2-capable hosts, the simulated CPUID will now indicate AVX2 support.
- The default value for the
--smc-check
option has been changed fromstack
toall-non-file
on targets that provide automatic D-I cache coherence. The result is to provide, by default, transparent support for JIT generated and self-modifying code on all targets.
Highlighted new features in the
Memcheck
utility include:
- The default value for the
--leak-check-heuristics
option has been changed fromnone
toall
. This helps to reduce the number of possibly lost blocks, in particular for C++ applications. - The default value for the
--keep-stacktraces
option has been changed frommalloc-then-free
tomalloc-and-free
. This has a small cost in memory but allowsMemcheck
to show the 3 stack traces of a dangling reference: where the block was allocated, where it was freed, and where it is accessed after being freed. - The default value for the
--partial-loads-ok
option has been changed fromno
toyes
, to avoid false-positive errors resulting from certain vectorised loops. - A new gdb monitor command
xb [addr] [len]
shows the validity bits of[len]
bytes at[addr]
. The monitor commandxb
is easier to use thanget_vbits
when you need to associate byte data value with their corresponding validity bits. - The
block_list
gdb monitor command has been enhanced: it can print a range of loss records; it now accepts an optional argument,limited [max_blocks]
, to control the number of printed blocks; if a block has been found using a heuristic, thenblock_list
now shows the heuristic after the block size; the loss records/blocks to print can be limited to the blocks found via specified heuristics. - A new
--expensive-definedness-checks=yes|no
command-line option has been added. This is useful for avoiding occasional invalid uninitialized-value errors in optimized code. Beware of potential runtime degradation, as this can be up to 25%. The slowdown is highly application-specific though. The default value isno
.
(BZ#1296318)
Interception of user-defined allocation functions in valgrind
Some applications do not use the
glibc
allocator. Consequently, it was not always convenient to run such applications under valgrind
. With this update, valgrind
tries to automatically intercept user-defined memory allocation functions as if the program used the normal glibc
allocator, making it possible to use memory tracing utilities such as memcheck
on those programs out of the box. (BZ#1271754)
systemtap rebased to version 3.0
The systemtap packages have been updated to upstream version 3.0, which provides a number of bug fixes and enhancements. For example, the translator has been improved to require less memory, produce faster code, support more function callee probing, print improved diagnostics, include language extensions for function overloading and private scoping, and introduce experimental
--monitor
and --interactive
modes. (BZ#1289617)
Support for the 7th-generation Core i3, i5, and i7 Intel processors
This update provides a complete set of performance monitoring events for the 7th-generation Core i3, i5, and i7 Intel processors (Kabylake-U/Y). (BZ#1310950)
Support for the 7th-generation Core i3, i5, and i7 Intel processors
This update provides a complete set of performance monitoring events for the 7th-generation Core i3, i5, and i7 Intel processors (Kabylake-H/S). (BZ#1310951)
libpfm rebased to version 4.7.0
The libpfm package has been upgraded to version 4.7.0. This version provides support for the following 32-bit AMD and Intel architectures:
- Intel Skylake core PMU
- Intel Haswell-EP uncore PMUs
- Intel Broadwell-DE
- Intel Broadwell (desktop core)
- Intel Haswell-EP (core)
- Intel Haswell-EP (core)
- Intel Ivy Bridge-EP uncore PMUs (all boxes)
- Intel Silvermont core PMU
- Intel RAPL events support
- Intel SNB, IVB, HSW event table updates
- Major update on Intel event tables
- AMD Fam15h Northbridge PMU
(BZ#1321051)
gssproxy now supports RELRO and PIE
The GSS-API
gssproxy
daemon is now built using the security-related RELRO
and PIE
compile-time flags to harden the daemon. As a result, gssproxy provides a higher security against loader memory area overwrite attempts and memory corruption attacks. (BZ#1092515)
iputils rebased to version 20160308
The iputils packages have been upgraded to upstream version 20160308, which provides a number of bug fixes and enhancements over the previous version. Notably, the
ping
command is now dual stack aware. It can be used for probing both IPv4 and IPv6 addresses. The old ping6
command is now a symbolic link to the ping
command and works the same way as before. (BZ#1273336)
Logging capabilities of the tftp
server have been enhanced
As a result of improved logging, the Trivial File Transfer Protocol (TFTP) server can now track successes and failures. For example, a log event is now created when a client successfully finishes downloading a file, or the
file not found
message is provided in case of a failure. (BZ#1311092)
New option for arpwatch: -p
This update introduces option
-p
for the arpwatch
command of the arpwatch
network monitoring tool. This option disables promiscuous mode. (BZ#1291722)
The chrt
utility now has new options
This update introduces new command-line options for the
chrt
utility: --deadline
, --sched-runtime
, --sched-period
, and --sched-deadline
. These options take advantage of the kernel SCHED_DEADLINE
scheduler and provide full control of deadline scheduling policy for scripts and when using the command line. (BZ#1298384)
New command-line utility: lsipc
This update introduces the
lsipc
utility that lists information about inter-process communication (IPC) facilities. In comparison with the old ipcs
command, lsipc
provides more details, is easier to use in scripts, and is more user-friendly. This results into better control of the output on IPC information for scripts and when using the command line. (BZ#1153770)
Searching using libmount
and findmnt
is now more reliable
Overlay filesystem's
st_dev
does not provide possibility for reliable searching to the libmount
library and the findmnt
utility. With this update, libmount
and findmnt
search in mount tables by other means than with st_dev
in some cases, achieving better reliability. (BZ#587393)
New --family
option for the alternatives
utility
This update introduces the new
--family
option for the alternatives
utility. The software packager can use this option to group similar alternative packages from the same group into families. Families inside groups ensure that if the currently used alternative is removed, and it belonged to a family, then the current alternative will change to package with the highest priority within the same family, and not outside the family.
For example, a system has four packages installed in the same
alternatives
group: a1, a2, a3, b (listed in increasing priority). Packages a1, a2, and a3 belong to the same family. a1 is the currently used alternative. If a1 is removed, then the currently used alternative will change to a3. It will not be b, because b is outside the family of a1, and it will not be a2, because a2 has lower priority than a3.
This option is useful when just setting priorities for each alternative is not enough. For example, all openjdk packages can be put into the same family to ensure that if one of them is uninstalled, the alternative will switch to another openjdk package, and not to the java-1.7.0-oracle package (if another openjdk package is installed). (BZ#1291340)
sos rebased to version 3.3
The sos package has been updated to upstream version 3.3, which provides a number of enhancements, new features, and bug fixes, including:
- Support for OpenShift Enterprise 3.x
- Improved and expanded OpenStack plug-ins
- Enhanced support for Open vSwitch
- Enhanced Kubernetes data collection
- Improved support for
systemd
journal collection - Enhanced display manager and 3D acceleration data capture
- Improved support for Linux clusters, including Pacemaker
- Expanded CPU and NUMA topology collection
- Expanded mainframe (IBM z Systems) coverage
- Collection of multipath topology (BZ#1293044)
ethtool rebased to version 4.5
The ethtool utility enables querying and changing settings such as speed, port, auto-negotiation, PCI locations, and checksum offload on many network devices, especially Ethernet devices. The package has been upgraded to upstream version 4.5. Notable improvements include:
- SFP serial number and date are now included in EEPROM dump (option
-m
) - Added missing Advertised speeds, some combinations of 10GbE and 56GbE
- Added register dump support for VMware vmxnet3 (option
-d
) - Added support for setting the default
Rx
flow indirection table (option-X
)
(BZ#1318316)
pcp rebased to version 3.11.3
Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. The package has been upgraded to version 3.11.3. Highlighted improvements include:
pcp-ipcs
- new command to show inter-process communicationpcp-atopsar
- new PMAPI sar command based on http://atoptool.nlpcp-vmstat
- wrapper forpmstat
modified to more closely resemblevmstat
libpcp
- newfetchgroup
APIpmdamic
- new PMDA for Intel MIC card metricspmdaslurm
- new PMDA exporting HPC scheduler metricspmdapipe
- command output event capture PMDApmdaxfs
- support for per-device XFS metricspmdavmware
- updated to work with current VMWare Perl APIpmdaperfevent
- variety of improvements surrounding derived metrics; added reference clock cycles for NHM and WSMpmdaoracle
- Oracle database metrics available and updatedpmdads389
- added normalized dn cache metricspmdalinux
- added metrics for per numa node memory bandwidth, shared memory segments, IPC, MD driver stats, transparent-huge-page zero page alloc counters, NVME devices, IPv6 metricspmdaelasticsearch
- restrict to local node metrics by default and adjust toelasticsearch
API changepmdaxfs
- support for per-device XFS metricspmrep
- powerful and versatile metric-reporting utilitypmlogconf
- support for automatic recording of Oracle database, nginx, elasticsearch, memcache, and application metrics supplied bymmv
zbxpcp
- Zabbix Agent loadable module forPCP
metrics supporting Zabbix v2 and v3 simultaneouslypmcd
- support for starting PMDAs viapmdaroot
, allowing restart on PMDA failure without restartingpmcd
itselfsar2pcp
- support for additionalmem.util
metrics and sysstat-11.0.1 commandspmmgr
- added general monitor-program launching optionpcp-atop
- updated with latestatop
features (especially NFS-related)libpcp
- allowed the name of a server certificate to be customized; added support for permanent, global derived metrics, and multi-archive contextspmdaproc
-cgroup
blkio
throttle throughput and IOPS metricspcp-iostat
- added the-R
flag for device-name matching using regular expressions and the-G
flag forsum
,avg
,min
, ormax statistics
pmieconf
- new rule to automate restarting of unresponsive PMDAs
(BZ#1284307)
OpenJDK 8
now supports ECC
With this update, support for Elliptic Curve Cryptography (ECC) and associated ciphers for TLS connections has been added to
OpenJDK 8
. In most cases, ECC is preferable to older cryptographic solutions for establishing secure network connections. (BZ#1245810)
pycurl
now provides options to require TLSv1.1 or 1.2
With this update,
pycurl
has been enhanced to support options that make it possible to require the use of the 1.1 or 1.2 versions of the TLS protocol, which improves the security of communication. (BZ#1260407)
Perl Net:SSLeay
now supports elliptic curve parameters
Support for elliptic-curve parameters has been added to the Perl
Net:SSLeay
module, which contains bindings to the OpenSSL library. Namely, the EC_KEY_new_by_curve_name()
, EC_KEY_free*()
, SSL_CTX_set_tmp_ecdh()
, and OBJ_txt2nid()
subroutines have been ported from upstream. This is required for the support of the Elliptic Curve Diffie–Hellman Exchange (ECDHE) key exchange in the IO::Socket::SSL
Perl module. (BZ#1316379)
Perl IO::Socket::SSL
now supports ECDHE
Support for Elliptic Curve Diffie–Hellman Exchange (ECDHE) has been added to the
IO::Socket::SSL
Perl module. The new SSL_ecdh_curve
option can be used for specifying a suitable curve by the Object Identifier (OID) or Name Identifier (NID). As a result, it is now possible to override the default elliptic curve parameters when implementing a TLS client using IO::Socket:SSL
. (BZ#1316377)
tcsh
now uses system allocation functions
The
tcsh
command language interpreter now uses allocation functions from the glibc
library instead of built-in allocation functions. This eliminates earlier problems with the malloc()
library call. (BZ#1315713)
Python
performance enhancement
The
CPython
interpreter now uses computed goto
statements at the main switch
statement, which executes Python
bytecode. This enhancement allows the interpreter to avoid a bounds check that is required by the C99 standard for the switch
statement, and allows the CPU to perform more efficient branch prediction, which reduces pipeline flushes. As a result of this enhancement, Python
code is interpreted significantly faster than before. (BZ#1289277)
telnet
now accepts -i
to use an IP address when calling login
When a computer on a network has multiple IP addresses, it was previously possible to use one address to connect to the
telnet
server, but the other addresses were saved in the /var/run/utmp
file. To prevent the telnet
utility from performing a DNS lookup and ensure that telnet
uses a particular IP address when calling the login
utility, you can now use the -i
option. Note that -i
works in the same way as the -N
option on Debian systems. (BZ#1323094)
sg3_utils rebased to version 1.37-7
The sg3_utils packages provide command-line utilities for devices that use the Small Computer System Interface (SCSI) command sets. With this update, the
sg_inq
and sg_vpd
utilities allow decoding of more feature information on storage devices. Additionally, the presentation of date and software version information is now displayed correctly. The sg_rdac
utility has been fixed as well and now supports 10-byte Command Descriptor Block (CDB) mode, which allows management of up to 256 logical unit numbers (LUN). (BZ#1170719)
New configuration options for SSL/TLS certificate verification for the HTTP clients in the Python standard library
New per-application and per-process configuration options for SSL/TLS certificate verification have been added for the HTTP clients in the Python standard library. The options are described in the 493 Python Enhancement Proposal (https://www.python.org/dev/peps/pep-0493/). The default global setting continues to be to not verify certificates. For details, see https://access.redhat.com/articles/2039753. (BZ#1315758)
glibc
now supports the BIG5-HKSCS-2008 character set
Previously,
glibc
supported an earlier version of the Hong Kong Supplementary Character Set, BIG5-HKSCS-2004. The BIG5-HKSCS character set map has been updated to the HKSCS-2008 revision of the standard. This allows Red Hat Enterprise Linux customers to write applications processing text that is encoded with this version of the standard. (BZ#1211823)
memtest86+ rebased to version 5.01
The memtest86+ package has been upgraded to upstream version 5.01, which provides a number of bug fixes and enhancements over the previous version. Notable changes include the following:
- Support for up to 2 TB of RAM on AMD64 and Intel 64 CPUs
- Support for new Intel and AMD CPUs, for example Intel Haswell
- Experimental SMT support up to 32 cores
For detailed changes, see http://www.memtest.org/#change (BZ#1280352)
mcelog rebased to version 136
The mcelog packages have been upgraded to upstream version 136, which provides a number of bug fixes and enhancements over the previous version. Notably, support for various 5th and 6th generation Intel Core processors (Broadwell-DE/SoC, Broadwell-EP, Broadwell-EX, and Skylake Client) has been included. (BZ#1336431)
xz rebased to version 5.2.2
The xz packages have been upgraded to upstream version 5.2.2, which provides several optimization fixes, fixes for race conditions, translations, portability fixes, and also a new stabilized API previously available only for testing. Additionally, this update introduces a new experimental feature controlled by the
--flush-timeout
option (by default off). When compressing, if more than timeout milliseconds (a positive integer) have passed since the previous flush and reading more input would be blocked, all the pending input data is flushed from the encoder and made available in the output stream. This can be useful if the xz
utility is used for compressing data that is streamed over a network. (BZ#1160193)
tapestat
has been added to sysstat
The sysstat packages now provide the
tapestat
utility, which can be used to monitor performance of tape drives. (BZ#1332662)
sysstat now supports a larger number of processors
The sysstat packages now support the maximum number of processors supported by the Linux kernel, which is 8192 at the time of Red Hat Enterprise Linux 7.3 release. Previously, sysstat could not handle more than 2048 processors. (BZ#1258990)
ruby rebased to version 2.0.0.648
The ruby packages have been upgraded to upstream version 2.0.0.648, which provides a number of bug and security fixes. This is the last upstream stable release of
Ruby 2.0.0
as it has been deprecated in upstream. More recent versions of Ruby are available in Red Hat Software Collections. (BZ#1197720)
Enhancements to abrt
reporting workflow
The problem-reporting workflow in
abrt
has been enhanced to improve the overall crash-reporting experience and customer-case creation. The enhancements include:
- The
Provide additional information
screen now allows you to select whether the problem happens repeatedly, and also contains an additional input field for providing steps to reproduce the problem. - A new reporting workflow
Submit anonymous report
, which should be used when the reported problem is not critical and no Red Hat support team assistance is required. - New tests have been added to the internal logic to ensure that users only open cases for critical problems and software released by Red Hat. (BZ#1258482)
abrt
can now exclude specific programs from generating a core dump
Previously, ignoring crashes of blacklisted programs in
abrt
did not prevent it from creating their core dumps, which were written to disk and then deleted. This approach allowed abrt
to notify system administrators of a crash while not using disk space to store unneeded crash dumps. However, creating these dumps only to delete them later was unnecessarily wasting system resources. This update introduces a new configuration option IgnoredPaths
in the /etc/abrt/plugins/CCpp.conf
configuration file, which allows you to specify a comma-separated list of file system path patterns, for which core dump will not be generated at all. (BZ#1277848)
User and group whitelisting added to abrt
Previously,
abrt
allowed all users to generate and collect core dumps, which could potentially enable any user to maliciously generate a large number of core dumps and waste system resources. This update adds a whitelisting functionality to abrt
, and you can now only allow specific users or groups to generate core dumps. Use the new AllowedUsers = user1, user2, ...
and AllowedGroups = group1, group2, ...
options in the /etc/abrt/plugins/CCpp.conf
configuration file to restrict core dump generation and collection to these users or groups, or leave these options empty to configure abrt
to process core dumps for all users and groups. (BZ#1277849)
Format of emails sent by ABRT
is now configurable
You can now configure the format of emails sent by
ABRT
using the new -F FORMAT_FILE
command-line option of the reporter-mailx
utility. This option allows you to define your own format. Without the -F
option, reporter-mailx
uses the default format, which sorts all important elements by importance. For more information about the format of formatting files, see the reporter-mailx(1)
man page. (BZ#1281312)
The Oracle ACFS is now included among known file systems
Previously, the Oracle ASM Cluster file system (ACFS) was not listed among known file systems for the
stat
and tail
utilities. As a consequence, the tail
utility printed an error message stating that the file system was not recognized. ACFS has been added to the list of known file systems, and the error message no longer appears in the described situation.
In addition, other file systems recognized by upstream have been added to the list of known file systems as well, namely
bpf_fs
, btrfs_test
, configfs
, hfs+
, hfsx
, ibrix
, logfs
, m1fs
, nsfs
, overlayfs
, prl_fs
, and tracefs
. (BZ#1280357)
Support for Octave 3.8 used by swig
Previously, the Octave code generated by
swig
2.0.10 did not work with Octave 3.8, because it contained deprecated bits such as variables and macros. This update ensures that swig
produces code which works with Octave of versions 3.0.5, 3.2.4, 3.4.3, 3.6.4, and 3.8.0. (BZ#1136487)
The sos cluster
plug-in has been divided into type-specific plug-ins
The
cluster
plug-in in the sos package has been divided into several plug-ins (cman
, dlm
, gfs2
, and pacemaker
). The new plug-in organization reflects that there are two different types of cluster (cman
and pacemaker
) and prevents certain commands from needing to be run multiple times. (BZ#1187258)
libvpd rebased to version 2.2.5
The libvpd packages have been updated to upstream version 2.2.5, which provides a number of bug fixes and enhancements over the previous version. Notably, it also implements several security fixes, including the buffer overflow and memory allocation validation. (BZ#1182031)
Man pages for pchrt
and ptaskset
added to python-schedutils
This update adds man pages for the
pchrt
and ptaskset
utilities, which are provided by the python-schedutils package. (BZ#948381)
The socket timeout value for SSL connections of the subscription-manager
client is now configurable
Previously, the socket timeout value for SSL connections to an entitlement server was hard-coded. With this update, users can configure a custom SSL timeout value in the
/etc/rhsm/rhsm.conf
file. Setting a larger SSL timeout helps ensure that expensive operations involving many subscriptions have enough time to complete. (BZ#1346417)
redhat-uep.pem
CA certificate moved to a python-rhsm-certificates
package
The
/etc/rhsm/ca/redhat-uep.pem
certificate authority (CA) certificate was previously included in the python-rhsm
package. This update moves this certificate into a simplified python-rhsm-certificates
package that provides only the certificate. As a result, container images can now be built only with python-rhsm-certificates
without all the package dependencies required by python-rhsm
, specifically the python
package. (BZ#1104332)
gfs2-utils rebased to version 3.1.9
The gfs2-utils package has been updated to upstream version 3.1.9, which provides a number of enhancements, new features, and bug fixes, including the following:
- fsck.gfs2 now uses less memory
- Improvements and fixes to the extended attributes and resource group checking of fsck.gfs2
- mkfs.gfs2 reports progress so that the user can tell it is still active during a long mkfs operation
- The
-t
option of mkfs.gfs2 now accepts a longer cluster name and file system name - A udev helper script is now installed to suspend the device on withdraw, which prevents hangs
- Support for the de_rahead and de_cookie dirent fields has been added
- gfs2_edit savemeta performance improvements
- The glocktop utility has been added to help analyze locking-related performance problems
- The mkfs.gfs2(8) man page has been reworked
- The
rgrplbv
andloccookie
mount options have been added to the gfs2(5) man page - Fixes for out-of-tree builds and testing (BZ#1271674)
system-switch-java rebased to version 1.7
The system-switch-java package, which provides an easy-to-use tool to select the default Java toolset for the system, has been updated to version 1.7. The new version has been rewritten to support modern JDK packages. The main enhancements include support for multiple Java installations, addition of -debug packages, and support for JDK 9. (BZ#1283904)
Optional branch predictor optimization for certain Intel micro-architectures
The branch predictor in the 2nd generation Xeon Phi and 3rd generation Atom micro-architectures only supports 32-bit offsets between branch and branch targets. If a branch and its target were further apart than 4 GiB, performance was very poor.
With this update,
glibc
maps the main program and shared objects into the first 31 bits of the address space if the LD_PREFER_MAP_32BIT_EXEC
environment variable is set, improving performance on the described architectures. Note that this improvement reduces address space layout randomization (ASLR) and is therefore not enabled by default. (BZ#1292018)
Optimized memory routines for Intel hardware using AVX 512
This update provides optimized memory copying routines to the core C library (glibc) for Intel hardware using AVX 512. These optimized routines are automatically selected when applications use the C library
memcpy()
, memmove()
, or memset()
function on AVX 512-enabled hardware.
The AVX 512-enabled memory copying routine provides the best possible performance on the latest Intel hardware that supports this feature, particularly on the second-generation Xeon Phi systems. (BZ#1298526)
Better-performance memset()
routine
This update provides a key optimization to the core C library
memset()
routine for Intel Xeon v5 server hardware. The existing memset()
routine for AMD64 and Intel 64 architectures made extensive use of non-temporal stores, a hardware feature which does not provide uniform performance across hardware variants. The new memset()
provides better performance across hardware variants, including Intel Xeon v5 hardware. (BZ#1335286)
Support for the --instLangs
option in glibc
The glibc-common packages provide a large locale archive containing data for all locales supported by
glibc
. Typical installations only need a subset of these locales, and installing all of them is wasteful. With this update, it is possible to create system installations and container images which only include required locales, greatly reducing image size. (BZ#1296297)
Optimizations in glibc
for IBM POWER8
With this update, all libraries provided by
glibc
have been compiled for optimal execution on POWER8 hardware. Optimized memory and string manipulation routines for 64-bit IBM POWER7 and POWER8 hardware have been added to the core C library (glibc). These optimized routines are automatically selected when applications use C library routines like strncat()
or strncmp()
. These POWER7 and POWER8-enabled routines provide the best possible performance on the latest IBM hardware. (BZ#1213267, BZ#1183088, BZ#1240351)
Optimizations in glibc
for IBM z Systems z13
The core C library (glibc) has been enhanced to provide optimized support for IBM z Systems z13 hardware. Core string and memory manipulation routines such as
strncpy()
or memcpy()
have all been optimized. The z13-enabled routines provide the best possible performance on the latest IBM hardware. (BZ#1268008)
Origin
plug-in added to the sos package
The
origin
plug-in has been added to the sos package. The plug-in collects information about OpenShift Origin
and related products, such as Atomic Platform
or OpenShift Enterprise 3
and higher. This allows users to gather information about OpenShift Origin
deployments. (BZ#1246423)
gssproxy now supports krb5 1.14
The gssproxy packages, which provide a daemon to manage access to GSSAPI credentials, as well as a GSSAPI interposer plug-in, have been updated to upstream version 0.4.1-10. gssproxy now supports the krb5 packages in version 1.14. (BZ#1292487)
A possibility to configure optional SSH key files for the ABRT reporter-upload
tool has been added
This update adds the possibility to configure an SSH key in the
reporter-upload
utility of Automatic Bug Reporting Tool (ABRT). To specify the key file, choose one of the following ways:
- Using the
SSHPublicKey
andSSHPrivateKey
options in the/etc/libreport/plugins/upload.conf
configuration file - Using the
-b
and-r
command-line options for the public and private key, respectively - Setting the
Upload_SSHPublicKey
andUpload_SSHPrivateKey
environment variables, respectively.
If none of these options or variables are specified,
reporter-upload
uses the default SSH key from the user's ~/.ssh/
directory. (BZ#1289513)