Oracle GraalVM for JDK 17.0.11

(2024-04-16)

This is the April 2024 Oracle Critical Patch Update (CPU) for Oracle GraalVM for JDK 17. This release contains fixes to security vulnerabilities announced in the April 2024 Oracle Critical Patch Update Advisory. It includes security fixes released as part of that CPU, some noteworthy bug fixes, listed below, and platform updates.

• Updated the Oracle JDK release on which Oracle GraalVM is built to 17.0.11+7. See JDK 17 Release Notes.
• Version compatibility:
  • Truffle languages and other components version 23.0.4 are designed for use with GraalVM for JDK 17.0.11.
• Graal compiler:
  • Fixed magic number calculation for Integer.divideUnsigned.
  • Return null when inverting a SIMDStamp if one component cannot be inverted.
  • Added a fix to Initialization Vector (IV): only non-overflowing constant properties should be constant
  • Added a guard against deleting canonicalizer replacement.
  • Counted strip mining optimization fixes:
    • Improved long to int overflow logic
    • Ensure that loop exit states are unique
  • Added a check to ensure CompilationResult.methods does not contain duplicates.
  • Fixed intrinsic frame states.
  • Fixed FrameStates for unresolved deoptimizations with incorrect stack size.
  • Do not optimize away Narrow in comparisons with mixed signedness to prevent incorrect canonicalization.
  • Fixed read nodes must only be removed if they are not used as null checks.
  • Ensure guards are attached to MoveGuardsUpwards to respect a DOM tree.
• Native Image:
  • Print crash log when exception handling fails.
  • Added constant fold reflection lookups in sun.nio.ch.Reflect.
  • Use a custom exception handler for @SVMTests.
  • Speedup method verification.
  • Fixed the Cpuid1Ecx feature parsing for AMD CPUs.
  • Fixed the debug section alignment which can lead to corrupt debug information.
  • Only use the -H:Path validation in non-bundle mode.
  • Fixed a bug in IsolateArgumentParser.
  • Preprocess _MSC_FULL_VER to detect cl.exe version information.
  • Added a test for Thread.getStackTrace() immediately following Thread.start().
  • Removed Heap.allowPageSizeMismatch() and provided a method to set the physical memory size.
  • Added improvements to crash log.
  • Correctly handle printing certain JSON values in Native Image agent trace files.
  • Handle recently started threads without a Thread object and NPE during VmOperation.
  • Added container support related fixes for G1 and support that run-time page size is smaller than build-time page size.
  • Added a fix to avoid deadlocks when the VM is out-of-memory and other threading-related fixes.
  • Reduced the number of spawned threads to prevent timeouts.
  • Fixed issues with conditional profiles.
  • Properly catch exceptions during shutdown.
  • Use an unsigned monitor and identity hash offsets and guarantee they are valid.
  • Constant fold reflection lookups in sun.nio.ch.Reflect.
  • Fixed a deadlock in IsolateAwareTruffleCompiler.tearDownIsolateOnShutdown.
  • Fixed a macOS-specific perf profiler data issue.
  • Fixes in the Native Image class initialization policy.
  • Consider stack slot sizes when limiting number of parameters in SBOutlining.
  • Make the segfault handler more robust.
  • Added workaround for a build-time crash.
  • Improved uncaught exception handler and error handling in CEntryPointSnippets.initializeIsolate().
  • Fixed the birth time supporting JDKs.
• Truffle framework:
  • Regex language cannot be used with UNTRUSTED sandbox policy.
• Javascript:
  • Deoptimize loops in NetSuite Javascript code.
  • Upgraded the underlying Node.js to version 18.19.1.
  • Fixed an issue when the library @rpath/libjsig.dylib could not loaded for Node.js native standalone.
• GraalVM Updater:
  • Removed gu catalogs that are no longer used or needed.

Oracle GraalVM for JDK 17.0.10

(2024-01-16)

This is the January 2024 Oracle Critical Patch Update (CPU) for Oracle GraalVM for JDK 17. This release contains fixes to security vulnerabilities announced in the January 2024 Oracle Critical Patch Update Advisory. It includes the security fixes released as part of that CPU, some noteworthy bug fixes, listed below, and platform updates.

• Updated the Oracle JDK release on which Oracle GraalVM is built to 17.0.10+11. See JDK 17 Release Notes.
• Version compatibility:
  • Truffle languages and other components version 23.0.3 are designed for use with GraalVM for JDK 17.0.10.
• Compiler fixes:
  • Rearranged binary arithmetic operations that may be re-associated for loop invariants and constants.
  • Refactored Native Image optimization levels: exposed the dead phi cycle detection as a feature that can be disabled.
  • Improved the conditional move optimization cost calculation.
  • The compiler now checks stamps before casting in IntegerLessThanNode.
  • Improved the loop unrolling optimization by handling stride overflow in the int range.
  • Removed explicit null check exceptions during generation of checkcast and instanceof.
  • Made the compiler respect maximum eden size in AggressiveShrinkCollectionPolicy.
• Native Image fixes:
  • Enabled synchronized data structures for reachability handlers registration.
  • Updated OS detection code to recognize Windows 11 and Windows Server 2022.
  • Added compatibility fixes with the ld64 versions on the macOS x64 architecture.
  • Fixed crashes during isolate teardown.
  • Improved the JFR support: switched to PlatformThreads.getCurrentThreadOrNull() instead of Thread.currentThread(); fixed race condition in JVM.commit(long).
  • Added stack walking heuristic to the Native Image builder crash log.
  • Made un uninitialized object array visible to the garbage collector.
  • Introduced the --disable-debuginfo-stripping argument for the mx tool.
  • Fixed the Xcode 15 compatibility bug related to CPU.
  • Treat stack as an executable if G1 garbage collector is built as a shared library.
  • Added an option to artificially increase the header size.
  • Used the vendor version for __svm_version_info.
  • Native Image now reports consistent values when memory usage is queried via MemoryPoolMXBean.
  • Enabled UnlockExperimentalVMOptions.
  • Fixed a check in EnterpriseAddressRangeCommittedMemoryProvider.
  • Improved the OutOfMemoryError messages.
  • HeapImpl.dirtyAllReferencesOf must be no-op for Epsilon garbage collector.
• Truffle tools and languages fixes:
  • Throw a NullPointerException when calling JS-Isolate async functions with parameter deconstruction after actively entering the polyglot Context.
  • Updated the expected Node.js structure after the update to version 18.18.2.
  • Upgraded the JSON parser library, org.json, to version 20231013.
  • Addressed unhandled OutOfMemory errors in PolyglotIsolate under UNTRUSTED policy.
  • Fixed a GraalVM process not being accessible with the Chrome DevTools by adding the mandatory experimental property debuggerId.
  • Added a fix to prevent InteropByteBufferTest#testLargeInteropBuffer from failing with an OutOfMemory error.
• GraalVM integrations:
  • Updated Jipher JCE to 10.32 and the public key infrastructure (PKI) to 10.15.

Oracle GraalVM for JDK 17.0.9

(2023-10-17)

This is the October 2023 Oracle Critical Patch Update (CPU) for Oracle GraalVM for JDK 17. This release contains fixes to security vulnerabilities announced in the October 2023 Oracle Critical Patch Update Advisory. It includes the security fixes released as part of that CPU, some noteworthy bug fixes, listed below, and platform updates.

• Updated Oracle GraalVM for JDK 17 to 17.0.9+11. See JDK 17 Release Notes.
• Version compatibility:
  • Truffle languages and other components version 23.0.2 are designed for use with GraalVM for JDK 17.0.9.
• Updated Jipher jce to 10.30 and pki to 10.14.
• Compiler fixes:
  • Fixed alternating Phi wrongly detected as induction variable.
  • Fixed macOS AArch64 miscompilation.
• Native Image fixes:
  • Re-throw feature exceptions as user errors.
  • Properly set exceptionTemp for foreign calls.
  • Ignore accessors of RecordComponents when null.
  • Improved build reports.
  • Do not annotate non-final JDK methods as uninterruptible.
  • Fixed incorrect buffer pool adjustment during sampler start.
  • Made the physical memory size initialize eagerly.
  • Fixed “New VarHandle found after static analysis” in Netty 5.
• Truffle framework fixes:
  • Fixed a NullPointerException when using isloates in JIT mode and sharing engine if the context is not closed.
  • Disconnected polyglot.Value instances created from BigInteger values should not return false by default for isNumber().
  • Fixed a NullPointerException in AbstractTruffleString.equals() method.
  • Fixed a deadlock in PolyglotStackFramesRetriever.
  • Disallowed untrusted code hardware mitigations until MPK support is complete.

Oracle GraalVM for JDK 17.0.8

(2023-07-18)

This is the July 2023 Oracle Critical Patch Update (CPU) for Oracle GraalVM for JDK 17. This release contains fixes to security vulnerabilities announced in the July 2023 Oracle Critical Patch Update Advisory. It includes the security fixes released as part of that CPU, some noteworthy bug fixes, listed below, and platform updates.

• Updated Oracle GraalVM for JDK 17 to 17.0.8+9. See JDK 17 Release Notes.
• Graal compiler: Updated counted strip mining optimization to do not strip mine overflowing loops.
• Native Image: Fixed jvmstat performance data initialization.
• Native Image: Fixed JDK Flight Recorder (JFR) events constant pool IDs.
• Native Image: Fixed some user experience issues.
• Native Image: Fixed analysis results in build reports.

Oracle GraalVM for JDK 17.0.7

(2023-06-13)

• Platform Updates
• Deprecated Functionality
• Java and Compiler Updates
• Native Image
• JavaScript and Node.js
• Polyglot Embedding
• Truffle Language and Tool Implementations
• Java on Truffle
• Python
• Ruby
• LLVM
• WebAssembly

Platform Updates

• Released Oracle GraalVM for JDK 17 based on Oracle JDK 17.0.7+8. See Java SE 17 Release Notes.
• The license for Oracle GraalVM has been aligned with Oracle JDK. Oracle GraalVM is now licensed under GraalVM Free Terms and Conditions (GFTC) including License for Early Adopter Versions. For more information about Oracle GraalVM licensing, see the Oracle Java SE Licensing FAQ.
• Simplified the GraalVM package naming: it is graalvm-jdk-<full java version>_<platform>-<arch>, for example: graalvm-jdk-17.0.7_macos-aarch64_bin.tar.gz.
• The new download location for Oracle GraalVM is Oracle Java Downloads. For previous releases, it remains the same.

Deprecated Functionality

The following functionality and components are deprecated and will be removed in GraalVM for JDK 23:

• Node.js
• LLVM Runtime

Java and Compiler Updates

• Added support for the ZGC garbage collector for workloads that require low latency or use a very large heap size. See #2149.
• Strengthened the optimistic aliasing analysis by adding a non-speculative mode. (Improves loop vectorization.) Some code shapes were previously only vectorized in JIT, but not in ahead-of-time compilations. With the improved loop vectorization for Native Image, the differences in those code shapes are gone, allowing the compiler to vectorize more loops for faster execution.
• Improved logging of the novel optimization compiler phase: unified interface to log and dump (for example, via JSON) optimization decisions. Optimization phases should use OptimizationLog to log transformations. Read more in OptimizationLog.md and Profdiff.md to learn how to compare performed optimizations in hot compilations.
• Open-sourced Ideal Graph Visualizer (IGV) to make it easier for third-party compilers and language developers to use and contribute to it. See more here.

See more updates in the changelog.

Native Image

Packaging and Platform Updates

• Native Image is now shipped as part of GraalVM for JDK 17, and no longer needs to be installed via gu install native-image. Read more here.
• Native Image now sets build environments on Windows automatically if it can find a Visual Studio installation in a known location. Therefore, running in an x64 Native Tools Command Prompt is no longer a requirement.
• Improved dynamic linking of AWT libraries on Linux. Static linking of AWT libraries on Linux has been a constant source of problems. Dynamic linking avoids the pitfalls of static linking at the expense of no longer having standalone binaries, which is a reasonable trade-off as shown by AWT support on Windows. The linker should no longer fail because of “multiple definitions of jvm”, or crash at the linking step for an AWS/Swing application on Linux.
• Jipher JCE, a Java Cryptography Architecture (JCA) provider implemented on top of OpenSSL 3.0 FIPS, now supports GraalVM Native Image. It is recommended to enable Jipher with Native Image in contexts where only FIPS-allowed algorithms should be used. See the documentationto get started.

New Features

• Introduced a new feature: building a native executable from a self-contained bundle on demand. The new option --bundle-create=<imagename>.nib creates a <imagename>.nib file (a build bundle) and the launch.output directory alongside a native executable. The bundle file, <imagename>.nib, is a regular JAR file that contains all information required to build a native executable (or a native shared library). In contrast to regular native-image building, this mode of operation takes only a single *.nib file as an input. At any time later, if the same version of GraalVM is used, the executable can be rebuilt with:

  native-image --bundle-apply=.../path/to/launch.nib
  

  It will rebuild the native executable with the same image arguments, environment variables, system properties, classpath, and module-path options as in the initial build. It is a safe and reliable solution to encapsulate all the input required for building into a single file. Learn more in the Native Image Bundles reference manual.

• Improved the memory footprint of the Native Image build process. The builder now takes available memory into account to reduce memory pressure when many other processes are running on the same machine. It also consumes less memory in many cases and is therefore also less likely to fail due to out-of-memory errors. At the same time, the memory limit was raised from 14GB to 32GB.
• Native Image now targets x86-64-v3 architecture by default on AMD64 and provides a new -march option to specify target compatibility. Use -march=compatibility for best compatibility or -march=native for best performance if a native executable is deployed on the same machine or on a machine with the same CPU features. To list all available machine types, use -march=list.
• Improved reporting of missing metadata in Native Image by throwing special exceptions. Native Image does not distinguish between missing reachability metadata and exceptions that were thrown by the Reflection API. For example, the ClassNotFoundException that is thrown when a class is not on the classpath, or when the metadata for a class is not present. Now Native Image users can catch metadata exceptions and debug their programs using the option -XX:ExitOnMissingMetadata to guarantee that all metadata entries are correct. Read more here. This is an experimental feature and is not on by default.
• Introduced safe composition of Reflection and Resources metadata in Native Image. For example, reflective methods such as java.lang.Class#getDeclaredMethodsreturn are based on the reachability of other reflective elements. Adding new metadata makes more elements reachable and can change the program functionality. Thanks to the safe composition of metadata optimization, the native-image builder now ensures that every reflective call on java.lang.Class requires a metadata entry. Read more here.
• Disallowed the --initialize-at-build-time option without arguments. As a temporary workaround, the -H:+AllowDeprecatedInitializeAllClassesAtBuildTime option turns this error into a warning.
• Added an experimental RISC-V mode for Native Image through the LLVM backend. Read more in this blog post.
• Improved Profile-Guided Optimizations (PGO) in Native Image:
  • Profile-guided optimizations now have a new sampling profiler that collect call stacks periodically. Use the option --pgo-sampling to turn on the sampling profiler and collect call stacks. This data is then included in the .iprof file. When the PGO-instrumented executable is built, the sampling profiler turned on by default (but can be turned off with the option -H:-SamplingCollect). To get good profiles and therefore good peak performance, you need to run relevant workloads and properly warm up the application.
  • Implemented the Context-Aware Inliner (CAI) optimization which specializes in sampling profiles in the “hot” code, and invests more optimization effort into hot-compilation units. When the optimized image is built for PGO, the Context-Aware Inliner is automatically turned on (but can be turned off with the option -H:-AOTInliner). The results are 2-7% smaller executable sizes, and increased peak performance.
  • Improved merging profiles and enabled pre-packaged profiles.
• Added Machine Learning (ML) based profile inference. When profiling is disabled, the Graal compiler in Native Image uses a pre-trained ML model to infer the profiles of the control split branches. Then, inferred profiles are used to perform the profile-guided optimizations. In some benchmarks such as Renaissance, Da Capo, and Da Capo con Scala, this optimization provides ~6% runtime speedup compared to the default Oracle GraalVM configuration. By running the native executable build with the ML profile inference, you can expect a slight binary size increase of 1%-2%. This optimization is enabled by default in Oracle GraalVM. To disable it, use the following option: -H:-MLProfileInference.
• Native Image SBOMs now include a single SBOM component for runtime components. This component uses the java.vm.version property of the executable to identify the version and belongs to the new graalvm-native-image product.

Build Output Improvements

• The builder now can generate build reports that help you better understand the contents of your executables. Use -H:+BuildReport to try this new experimental feature.
• Improved reporting of internal errors to be more user-friendly. A clear message tells users how to proceed: inspect the error report and, if unable to resolve the problem, file an issue with the error report. Inspired by HotSpot, the default filename for error reports is ./svm_err_b_<timestamp>_pid<pid>.md. This also adds a new option -H:ErrorFile to let you choose a different filename for error reports. See #5414.
• Adjusted the native-image build output to report types (primitives, classes, interfaces, and arrays) instead of classes and revise the output schema of -H:BuildOutputJSONFile.
• The output of the native-image --version command and various Java properties (for example, java.vm.version) are aligned with OpenJDK. To distinguish between GraalVM Community Edition, Oracle GraalVM, and GraalVM distributions from other vendors, refer to java.vm.vendor.

Debugging and Monitoring Experience Improvements

• Deprecated using the option --enable-monitoring without an argument. The option no longer defaults to all. Instead, always explicitly specify the list of monitoring features to be enabled, for example, --enable-monitoring=heapdump,jfr,jvmstat.
• Added the option -XX:HeapDumpPath to control where a heap dumps is created.
• Added more JFR events for application monitoring: ExecutionSample, ObjectAllocationInNewTLAB, and JavaMonitorInflate.
• Improved debugging on Windows: debug information now includes information about Java types. (Together with Red Hat.)
• Implemented the remote management over JMX to Native Image which can be enabled with the option --enable-monitoring, for example: --enable-monitoring=jmxclient,jmxserver. Read more here. The feature is experimental. (Together with Red Hat.)
• Enabled the JFR event streaming for Native Image. The feature is experimental. (Together with Red Hat.)

Find many more updates in the Native Image changelog.

JavaScript and Node.js

• Updated Node.js to version 18.14.1.
• Added BigInteger interoperability support. Note that foreign BigIntegers require an explicit type cast using the BigInt function to opt into JS BigInt semantics. The default semantics is to treat all foreign numbers like JavaScript Number values, regardless of the original value or type. Arithmetic operators perform an implicit lossy conversion to double. Comparison operators attempt to do a precise value comparison where possible. JavaScript BigInt values can now be converted to java.math.BigInteger host objects, although a target type mapping may still be necessary to ensure consistent type mapping if the target type is ambiguous or absent.
• Implemented several new ECMAScript proposals in the GraalVM JavaScript runtime:
  • The Iterator Helpers proposal. It is available behind the experimental option --js.iterator-helpers.
  • The ShadowRealm API proposal. It is available behind the experimental option --js.shadow-realm.
  • The Symbols as WeakMap keys proposal. It is available in ECMAScript staging mode, ()--js.ecmascript-version=staging).
  • The ArrayBuffer.prototype.transfer and friends proposal. It is available in ECMAScript staging mode (--js.ecmascript-version=staging).
  • The Change Array by copy proposal. It is available in ECMAScript staging mode (--js.ecmascript-version=staging).

Note: Node.js support is marked as deprecated and will be removed in a future release.

Find more updates in the project changelog.

Polyglot Embedding

• This is the first release that supports running untrusted applications in a code sandbox. The sandbox policy Context.Builder#sandbox(SandboxPolicy) with four different levels of sandboxing, ISOLATED, UNTRUSTED, TRUSTED, and CONSTRAINED, was implemented to enable users to establish a security boundary between a host application and guest code. The policy is set by passing it to the Engine.Builder#sandbox(SandboxPolicy) or Context.Builder#sandbox(SandboxPolicy) builder method. A host code can execute untrusted guest code using, for example, the UNTRUSTED policy. Host code can also execute multiple mutually distrusting instances of guest code that will be protected from one another. Learn more in the polyglot sandboxing guide. Code sandboxing is currently only supported for Javascript.
• Related to the code sandbox implementation, a new option TraceLimits was added to measure a guest application’s resource consumption and obtain realistic sandbox parameters.
• Added the IOAccess API: the IO access configuration of a polyglot context. The IO access configuration determines how a guest language can access the host IO. The new IOAccess class provides a predefined configuration to disable host IO access, or to enable full host IO access. A custom configuration can be created using an IOAccess builder.
• Added java.lang.BigInteger to the Polyglot Value API. By default, all host values of the type java.lang.BigInteger are now interpreted as number values (Value.isNumber()), unlike before. In order to restore the old behavior, set HostAccess.Builder.allowBigIntegerNumberAccess(boolean) to false. Note that the language support for interpreting numbers that do not fit into long values may vary. Some languages, such as JavaScript, may require explicit conversions of host big integers. Other languages, such as Ruby or Python, can use big integers without explicit conversion. The same applies to values passed across guest languages. See #2737.
• Added automatic copying of language resources for embedding Truffle languages in Native Image. The documentation is available here.

A full list of changes is available in the changelog.

Truffle Language and Tool Implementations

• Implemented several new features for Truffle DSL to improve performance. In particular, a new annotation called @GenerateInline was introduced which allows Truffle nodes to be object-inlined automatically. Object-inlined Truffle nodes become singletons and therefore reduce memory footprint. This works analogously to @GenerateCached and @GenerateUncached, which generate a cached or uncached node version. Please see the documentation for further details.

Other updates contributing to performance improvements are:

• Updated Truffle DSL nodes no longer require the node lock during specialization, resulting in improved first execution performance. CAS-style inline cache updates are now used to avoid deadlocks when calling CallTarget.call(...) in guards. Inline caches continue to guarantee no duplicate values and are not affected by race conditions. Language implementations should be aware that the reduced contention may reveal other thread-safety issues in the language.
• Improved Truffle DSL node memory footprint by merging generated fields for state and excluding bit sets and improving specialization data class generation to consider activation probability. Specializations should be ordered by activation probability for optimal results.
• Improved memory footprint by automatically inlining cached parameter values of enum types into the state bitset.
• Truffle DSL now emits many more warnings for recommendations. For example, it emits warnings for inlining opportunities, cached sharing or when a cache initializer should be designated as @NeverDefault. To ease migration work, new ways to suppress the warnings temporarily for a Java package were added. For a list of possible warnings and further usage instructions, see the documentation.
• Unclosed polyglot engines are no longer closed automatically on VM shutdown. They die with the VM. As a result, TruffleInstrument#onDispose is not called for active instruments on unclosed engines in the event of VM shutdown. In case an instrument is supposed to do some specific action before its disposal, for example, print some kind of summary, it should be done in TruffleInstrument#onFinalize.
• Implemented the policies to control the restriction of code sandboxing. By default, languages and instruments support just the TRUSTED sandbox policy.
  • If a language wants to target a more restrictive sandbox policy, it must:
    • Specify the most strict sandbox policy it satisfies using TruffleLanguage.Registration#sandbox().
    • For each option, the language must specify the most restrictive sandbox policy in which the option can be used via Option#sandbox(). By default, options have a TRUSTED sandbox policy.
    • If a language needs additional validation, it can use TruffleLanguage.Env#getSandboxPolicy() to obtain the current context sandbox policy.
  • If an instrument wants to target a more restrictive sandbox policy, it must:
    • Specify the most strict sandbox policy it satisfies using TruffleInstrument.Registration#sandbox().
    • For each option, the instrument must specify the most restrictive sandbox policy in which the option can be used via Option#sandbox(). By default, options have a TRUSTED sandbox policy.
    • If an instrument needs additional validation, it can use TruffleInstrument.Env#getSandboxPolicy() to obtain the engine’s sandbox policy.

Find many more updates in the Truffle changelog.

Java on Truffle (Espresso)

New features:

• The Truffle InteropLibrary has/getMetaParents API is now fully implemented.
• Enabled foreign Instant, TimeZone, Time, Date, Duration when calling espresso via interop.

Improvements:

• Enabled calling overloaded and Varargs methods through interop.
• Improved interoperability with foreign exceptions. A stack trace is now available and type mapping can be used to explicitly map exceptions.

Python

Performance Improvements:

• Added a new implementation of the Python C API interface that uses fully native execution by default. This improves performance and compatibility with some extensions that spend a lot of time in native code (such as SciPy, PyTorch, …) but can have negative effects on workloads that frequently cross the Python/native boundary. There are new options to control how extensions are built and run: python.NativeModules and python.UseSystemToolchain. The new default is to use the host system’s toolchain for building extensions rather than the LLVM toolchain that ships with GraalVM and to run all modules natively. A new launcher (graalpy-lt) is available to get the old behavior, which can be useful for debugging.
• The performance numbers we report on the website are now based on results from the community’s pyperformance benchmark suite, measuring GraalPy geomean speedup over CPython and Jython. This makes it easier to compare and reproduce our results.

Platform Updates:

• Implemented building and running basic GraalPy workloads on Windows. This enables Windows users to build and use GraalPy, especially for embedding into Java.
• Added GraalPy plugin for Virtualenv as a builtin module, so that creating virtual environments with virtualenv on GraalPy works out of the box.
• Updated the builtin venv module to create virtual environments with symlinks instead of generated shell scripts that are delegated to the base GraalPy.

Compatibility Improvements:

• Updated language version and the standard library to 3.10.8, making it compatible with more recent modules and packages.
• Updated the distribution layout of GraalPy to match CPython’s. This reduces the number of patches needed for various build systems to discover GraalPy’s library locations.
• Updated numpy and pandas versions.
• Implemented scipy and scikit_learn with ginstall.

A full list of updates can be found in the project changelog.

Ruby

New features:

• Updated to Ruby 3.1.3.
• Foreign big integers are now supported and work with all Numeric operators.

Performance:

• Made the system libyaml for psych to be used which improves warmup when parsing YAML. This means libyaml is now a dependency. See how to install LibYAML.
• Marking of native structures wrapped in objects is now done on the C call exit to reduce memory overhead.
• Optimized splitting (copying) of call targets by implementing cloneUninitialized().
• Process.pid is now cached per process like $$.
• Fixed repeated deoptimizations for methods building an Array which is growing over multiple calls at a given call site.

Bug fixes:

• Fixed spawn(..., fd => fd) on macOS, it did not work due to a macOS bug.
• Fixed rb_gc_register_address()/rb_global_variable() to read the latest value (see #2721, #2734).

A full list of changes is available in the project changelog.

LLVM

• Updated the LLVM toolchain to version 15.0.6.
• Update musl libc to version 1.2.3.
• Implemented long double (128 bit floating point) on the Linux AArch64 architecture.

Note: LLVM Runtime support is marked as deprecated and will be removed in a future release.

WebAssembly

• Added experimental debugging for DWARFv4. This enables debugging of C, C++, and Rust applications.
• Added experimental support for Memory64. The feature can be enabled with the option --wasm.Memory64=true.
• Implemented the Bulk-Memory and Reference-Types proposal. They can be disabled with the option --wasm.BulkMemoryAndRefTypes.