Difference between revisions of "Changelogs"

Latest revision as of 08:28, 21 September 2024

This page contains all the changelogs for all the released CRIU versions. This is mostly useful for doing a search.

v. 4.0[edit]

Tarball:	criu-4.0.tar.gz
Version:	4.0 "CRIUDA"
Released:	20 Sep 2024
GIT tag:	v4.0

New features[edit]

Shadow stack support
CUDA plugin: Introduced a plugin to support checkpointing and restoring NVIDIA CUDA applications.

Bugfixes[edit]

cgroup: Add support for restoring a thread in a correct v1 cgroup
mem: fix some VMAs being incorrectly mapped wtih PROT_WRITE
criu: fix a fatal failure if nft doesn't work
net: Fix TOCTOU race condition in unix_conf_op
pagemap-cache: handle short reads
Fixes here and there.

Improvements[edit]

Pagemap cache: Added support for PAGEMAP_SCAN ioctl
zdtm: Added tests for IP_TTL restore
irmap: hardcode some more interesting paths
util: use close_range when it's supported
Fixes and improvements in amdgpu-plugin

v. 3.19[edit]

Tarball:	criu-3.19.tar.gz
Version:	3.19 "Bronze Peacock"
Released:	27 Nov 2023
GIT tag:	v3.19

New features[edit]

LoongArch64 support
C/R membarrier() registrations
Restore THP_DISABLE prctl.
prctl: Migrate prctl(NO_NEW_PRIVS) setting.

Bugfixes[edit]

Many fixes and improvements from the Google team.
Fix dumping hugetlb-based memfd on kernels < 4.16.
Fixes here and there.

Improvements[edit]

drop python 2 support
support XSAVE on newer Intel CPUs

v. 3.18[edit]

Tarball:	criu-3.18.tar.gz
Version:	3.18 "Silver Sandpiper"
Released:	22 Apr 2023
GIT tag:	v3.18

New features[edit]

Allow CRIU to be used as non-root
Add SIGTSTP support
Add opt to skip file r/w/x check on restore

Bugfixes[edit]

Many fixes here and there

Improvements[edit]

cgroup2: Dump cgroup controllers of every threads in a process
save IP_FREEBIND option for SOCK_RAW sockets also
support IP_PKTINFO and IPV6_RECVPKTINFO options
Implement hw breakpoint for arm64 platform
Set only used XFEATURE_* in xstate_bv
Checkpoint and restore some global properties
A checkpoint optimization for highly sparse ghost files (--ghost-fiemap)

v. 3.17.1[edit]

Tarball:	criu-3.17.1.tar.gz
Version:	3.17.1 "Radiant Redstart"
Released:	23 Jun 2022
GIT tag:	v3.17.1

Bugfixes[edit]

Fixes for pre-dump read mode
Fixes for mount-v2
amdgpu plugin build and installation fixes
Some minor CI related fixes

v. 3.17[edit]

Tarball:	criu-3.17.tar.gz
Version:	3.17 "Radiant Redstart"
Released:	5 May 2022
GIT tag:	v3.17

New features[edit]

Introduced mount-v2 engine
Added support for MAP_HUGETLB mappings
Added support for Linux Restartable Sequences
Added support for SOCK_SEQPACKET unix sockets
CRIU AMD GPU plugin

Bugfixes[edit]

GCC 12 compatibility fixes
cgroup: fix --manage-cgroups=ignore
several memory leaks fixed in net, files, mount, tun and config subsystems

Improvements[edit]

bpf: switch from deprecated bpf_create_map_xattr to bpf_map_create
bpfmap: handle map_extra field
setsockopt(SO_BUF_LOCK) support for tcp sockets

v. 3.16[edit]

Tarball:	criu-3.16.tar.gz
Version:	3.16 "Petrified Puffin"
Released:	22 Sep 2021
GIT tag:	v3.16

New features[edit]

criu-ns helper script
support checkpoint/restore of stacked apparmor profiles
[GSoC] Add nftables based network locking/unlocking (Zeyad Yasser)
allow restoring of precreated veth devices

Bugfixes[edit]

Many fixes here and there

Improvements[edit]

better support for restoring containers into existing pods
pidfd based pid reuse detection for RPC clients
license change for all files in the images/ directory to MIT
use clang-format for automatic code indentation

v. 3.15[edit]

Tarball:	criu-3.15.tar.gz
Version:	3.15 "Titanium Falcon"
Released:	03 Nov 2020
GIT tag:	v3.15

New features[edit]

Introduced criu-image-streamer (also see https://github.com/checkpoint-restore/criu-image-streamer).
Added MIPS support.
Allow checkpointing out of existing PID namespace and restoring into existing PID namespace.
Added additional file validation mechanisms (buildid in addition to filesize).
Added support to checkpoint and restore BPF hash maps (BPF_MAP_TYPE_HASH) and array maps (BPF_MAP_TYPE_ARRAY).
Initial cgroups v2 support

Bugfixes[edit]

Many fixes here and there

Improvements[edit]

Additional libcriu interfaces (orphan_pts_master, version, FD handling)
Use the new mount API

v. 3.14[edit]

Tarball:	criu-3.14.tar.gz
Version:	3.14 "Platinum Peacock"
Released:	29 Apr 2020
GIT tag:	v3.14

New features[edit]

C/R of memfd memory mappings and file descriptors.
Add time namespace support.
Add the read pre-dump mode which uses process_vm_readv.
Add --cgroup-yard option
Add support of the cgroup v2 freezer.
Add support of opened O_PATH fds.

Bugfixes[edit]

Fix C/R ia32 processes on AMD #398
Fix cross-compilation
Many fixes here and there

Improvements[edit]

Use clone3() with set_tid to restore processes
Clean up compel headers.
Use the new mount API

v. 3.13[edit]

Tarball:	criu-3.13.tar.gz
Version:	3.13 "Silicon Willet"
Released:	11 Sep 2019
GIT tag:	v3.13

New features[edit]

VDSO: arm32 support
Add TLS support for page server communications
"Ignore" mode for --manage-cgroups
Restore SO_BROADCAST option for inet sockets

Bugfixes[edit]

Auxiliary events were left in inotify queues
Lazy-pages daemon didn't detect stack pages and surrounders properly and marked them as "lazy"
Memory and resource leakage fixes detected by coverity, cppcheck and clang

Improvements[edit]

Use gettimeofday() directly from vdso for restore timings
Reformat all .py code into pep8 style

v. 3.12[edit]

Tarball:	criu-3.12.tar.gz
Version:	3.12 "Ice Penguin"
Released:	25 Apr 2019
GIT tag:	v3.12

New features[edit]

build CRIU with Android NDK
C/R of
- IP RAW sockets
- lsm: dump and restore any SELinux process label
- support restoring ghost files on readonly mounts

Bugfixes[edit]

Do not lock network if running in the host network namespace
Fix RPC configuration file handling
util: don't leak file descriprots to third-party tools
small fixes here and there

Improvements[edit]

travis: switch to the Ubuntu Xenial
travis-ci: Enable ia32 tests
Many improvements and bug fixes in the libcriu
- Changes in the API and ABI (SONAME increased from 1 to 2)

v. 3.11[edit]

Tarball:	criu-3.11.tar.gz
Version:	3.11 "Glass Flamingo"
Released:	06 Nov 2018
GIT tag:	v3.11

New features[edit]

cpuinfo: Detect compact frames and handle noxsaves
Add support for configuration files
Add support for external net namespaces
Punch holes in input files when restoring anonymous non-shared memory ( --auto-dedup )

C/R of
- epoll: Add support for duped targets
- tun: Add support for multiple net ns
- x86: Support extendable fpu frames

Bugfixes[edit]

mount: Better handling of mount points propagation
nmk: Make collect-deps to be more precise about targets
lazy-pages: Don't mark current stack page as lazy
x86: CPU -- Rework feature testing
files: Fix O(n^2) restore in terms of the number of fds
fdstore: Unlimit fdstore queue on start
mount: Fix regression where open_mountpoint failed on readonly fs
page server: Handle partial splicing
... lots of small fixes here and there

Improvements[edit]

Remove all magic of service descriptors when it isn't required

v. 3.10[edit]

Tarball:	criu-3.10.tar.gz
Version:	3.10 "Granite Eagle"
Released:	10 Jul 2018
GIT tag:	v3.10

New features[edit]

Support Python3 in ZDTM and CRIT
- with Python2 ZDTM and CRIT now require python2-ipaddress to be installed (used to be python2-ipaddr)
Keep names for UNIX sockets, that are unlinked from the FS
IPVv6 support for page server
Set page server socket fd via CLI
Large pages support for aarch64/ppc64
C/R of
- Per-thread seccomp chains

Bugfixes[edit]

Failed non-container restore could kill random task on the host
Failure to dump namespaces was erroneously ignored
CRIT didn't show cpuinfo image file
Tasks that got PID-reuse couldn't be dumped iteratively because previous images were missing

v. 3.9[edit]

Tarball:	criu-3.9.tar.gz
Version:	3.9 "Sand Martin"
Released:	21 May 2018
GIT tag:	v3.9

New features[edit]

C/R of
- Tun-Tap devices in sub-netns
- File descriptors which were opened with O_TMPFILE

Improvements[edit]

Restore of inotify watchers
Restore unix sockets in proper mount namespaces
Add a test to check the --shell-job option
Print CRIU and kernel version also in RPC mode

Bugfixes[edit]

Random memory corruptions during lazy restore
Workaround the iptables issue (#469)
Don't use standard descriptors when tar is running to dump tmpfs mounts
Fail dump if dump_one_file() fails
Fill kerndat with zero-s before reading it from cache
A lot of small fixes here and there

v. 3.8.1[edit]

Tarball:	criu-3.8.1.tar.gz
Version:	3.8.1 "Snow Bunting"
Released:	29 Mar 2018
GIT tag:	v3.8.1

Bugfixes[edit]

FDstore was initialized twice (re-initialized) causing e.g. --shell-job restore to fail (#460)

v. 3.8[edit]

Tarball:	criu-3.8.tar.gz
Version:	3.8 "Snow Bunting"
Released:	13 Mar 2018
GIT tag:	v3.8

New features[edit]

C/R of
- Multiple network namespaces
- Overmounted tmpfs mounts
- Unix sockets and epoll descriptors in SCM messages

Improvements[edit]

Rework service descriptors not to cause fdtable enormous grows
Start testing lazy migration in Jenkins/Travis

Bugfixes[edit]

FP state wasn't reported on Skylake due to a kernel bug
When compiled with gcc-8 a lot of warnings popped up
Resource leaked on error paths
Attributes of sit devices with value 0 were not saved into images (and were restored into default values)
Tasks with pgid of a zombie hung the resture
Ghost files on RO bind-mounts of an RW mount couldn't be restored
Random memory corruptions during lazy restore

v. 3.7[edit]

Tarball:	criu-3.7.tar.gz
Version:	3.7 "Vinyl Magpie"
Released:	19 Dec 2017
GIT tag:	v3.7

New features[edit]

Pipes usage statistics
Run page server as non-daemon via RPC
C/R of
- SO_REUSEPORT option
- IPv4-mapped inet sockets
- Net_prio CGroups
- Overmounted shared mountpoints
- Non-broken and breaking leases

Improvements[edit]

Show criu and kernel versions in logs
CRIT decodes socket families, protocols and types
Much less pipes is needed for pre-dump, which is especially useful for big mem migration

Bugfixes[edit]

Files in /proc/pid/map_file could be opened by non-exiting name (with 0x prefix) and it was fixed in kernel
CRIU log levels were used to configure logging for libsoccr thus breaking its logs
Overflow in various IDs caused bad image names
Compat (32bit) syscalls lost signedness in compel
Corked sockets lost cork flag
Preadv() syscall was declared with error which resulted in dump errors on 32-bit processors
Musl compilation failed
Ghost files in / dump failed
Crash when releasing context for ghost files, due to free()-ing shmalloc()-ed area
Lazy restore could receive partial page and crashed
Erroneous closing of lazy pages connection caused restore to hang
Lazy memory fetch restore could start before tasks are restored

v. 3.6[edit]

Tarball:	criu-3.6.tar.gz
Version:	3.6 "Alabaster Finch"
Released:	23 Oct 2017
GIT tag:	v3.6

New features[edit]

C/R for
- Files (except for unix sockets, ttys and epolls) sent over unix sockets
- Threads with different creds
- Ipv6 over ipv4 tunnel (SIT device)

Improvements[edit]

CI tests are now also run on Alpine and Fedora Rawhide

Bugfixes[edit]

Some s390x registers were not restored by native sigrestore way
Overflow when parsing autofs info from /proc file
Dumps of anon shared memory with sysvipc one raced with each other clashing and corrupting image file names
The "dumpable" flag was not restored on shmem regions
Trash bits leaked into image when dumping fsnotify on some kernels
Lock/unlock of iptables from different criu processes raced with each other
Closed TCP connection with non-empty send queue blocked the dump
When --empty-ns for netns was set on dump only, restore failed (when used from Docker, issue #393)

v. 3.5[edit]

Tarball:	criu-3.5.tar.gz
Version:	3.5 "Clay Jay"
Released:	27 Sep 2017
GIT tag:	v3.5

New features[edit]

Lazy pages beta support (kernel still needs to be fixed)

Improvements[edit]

More verbose libsoccr
VDSO rework
- layout is saved in kerndat cache
- PFN detection is relaxed
- restore is faster if kernel provides necessary prctl

Bugfixes[edit]

Task-size calculation could be wrong on s390
CRIT explore was broken since images format tune-up
VDSO page could be mis-detected

v. 3.4[edit]

Tarball:	criu-3.4.tar.gz
Version:	3.4 "Cobalt Swan"
Released:	21 Aug 2017
GIT tag:	v3.4

New features[edit]

Support for s390x architecture

Improvements[edit]

Unexpected death of restored tasks is reported with more details in logs
Merged many images containing info about files into one big files.img
When helper utility fails (ip, iptables, tar) its name is printed in logs

Bugfixes[edit]

Compilation failed on newer glibcs (ucontext_t)
Dying helper task could deadlock the restore process
Install-related makefile variables weren't configurable for distro build
SIT (ipv6-to-v4 tunnel) presence on host blocked dump of any containers
Potential NULL dereference when dumping net namespace
Dump via page server might not work across different criu versions
Failure to restore a subtask could be ignored by the restore command
EOF on page-server socket wasn't handled

v. 3.3[edit]

Tarball:	criu-3.3.tar.gz
Version:	3.3 "Crystal Pelican"
Released:	18 Jul 2017
GIT tag:	v3.3

New features[edit]

Added --tcp-close option to drop all established TCP connections
Sparse ghost files supported (fixes #230 as side effect)
Option -v now has a long alias called --verbosity
Criu build can now be reproducible

Bugfixes[edit]

CRIU didn't compile with glibcs w/o the definition of SIGUNUSED
Restoring files could race on 64bits
Restoring a mount in user-namespace could result in broken flags
C/R on nodes with unified cgroup hierarchy hanged (#252)
Dumping a character device could crash (detected by ASAN)
Dumping of tasks with shmem implemented as tmpfs file could fail if the shmem was huge (#230)

v. 3.2.1[edit]

Tarball:	criu-3.2.1.tar.gz
Version:	3.2.1
Released:	28 Jun 2017
GIT tag:	v3.2.1

Bugfixes[edit]

Restoring a stack fails on recent kernels due to kernel changes #322
Restoring on a host with LSM profiles failed #323

v. 3.2[edit]

Tarball:	criu-3.2.tar.gz
Version:	3.2 "Tin Hoopoe"
Released:	19 Jun 2017
GIT tag:	v3.2

Optimizations/improvements[edit]

Invisible files restore is de-serialized
VMAs restore performance is improved significantly
- Mappings of the same file re-use the descriptor, not re-open it every time
- Not-COW-ed mappings are restored in-place and are not mremmap()ed
- Empty RO mappings are mmap()ed as such and thus not re-mprotect()ed at the end
More verbosity in case TCP locking fails (#292)
More verbosity in case VDSO magic mismatch
Restore or legacy epoll target descriptors and fsnotify marks is unified with common case

Bugfixes[edit]

Restoring fanotify marks from old images (<1.3) dropped the mark
Binfmt_misc mount could be mounted into wrong place
Compilation failed with gcc 6.3.0 (#315)
Waiting helpers could race with sigchild handler and would result in restore failure
Missing VVAR page in 32bit tasks wasn't skipped and resulted in restore failure
After restore consumption of files is increased (was fixed as side effect of mmap optimization)

Deprecation/Removal[edit]

Deprecated separate images for fsnotify marks

v. 3.1[edit]

Tarball:	criu-3.1.tar.gz
Version:	3.1 "Graphene Swift"
Released:	22 May 2017
GIT tag:	v3.1

New features[edit]

Each boolean option now has the --no-$option pair
RSS explorer in CRIT
Multiple plugins in compel
Run-time check of 32-mmap BUG on x86
C/R of
- 32-bit futex robust list on x86

Optimizations/improvements[edit]

Start time is improved significantly with kerndat cache
Sigaction image is merged into Core
Unneeded stages are skipped during restore
Restore w/o namespaces uses host /proc
Restore w/o namespaces doesn't parse host mounts (not needed)
Single-threaded tasks do not parse /proc/pid/task/ in vain
BFD engine is used for more /proc files
More verbosity in libsoccr
Fsnotify dump w/o namespaces doesn't walk mounts tree

Bugfixes[edit]

Python bindings left zombie in self-dump mode
The last_pid sys-control was reset by restore
Threads caps were compared with mistake
make install put crit/pycriu to wrong place if DESTDIR was not set (#309)
Fsnotifies C/R w/o namespaces restored with errors
Inherited control terminal restore was failed (but dump succeeded)

v. 3.0[edit]

Tarball:	criu-3.0.tar.gz
Version:	3.0 "Basalt Wagtail"
Released:	24 Apr 2017
GIT tag:	v3.0

New features[edit]

Compel library
Support for x86 32-bit arch
Version check via RPC
ASAN support
Force VDSO trampolines via fault injection
C/R of
- Shutdown-ed UDP sockets
- Bind-mounts made from external mounts

Optimizations/improvements[edit]

SysVIPC shmem segments are now dumped as any other shmem (taking holes into account and sitting in common memory dumps)
CRIT show
- decodes socket's states and types and task's states into strings
- prints unix sockets names in more human-readable form

Bugfixes[edit]

Unix sockets' names appeared in logs with mistakes
Contents of SysVIPC shmem segments was dumped twice
Dumping of any memory segment more than 4Gigs failed
Migration of unaligned SysvSHM segment on Armv7 failed

Deprecation/removal[edit]

Exec action is removed, use compel instead

v. 2.12.1[edit]

Tarball:	criu-2.12.1.tar.bz2
Version:	2.12.1
Released:	27 Mar 2017
GIT tag:	v2.12.1

Fixes[edit]

Content for external bind mounts was erroneously dumped, which could lead to dump failures or huuuge images
Unneeded collection of host mounts on restore could cause restore to fail

v. 2.12[edit]

Tarball:	criu-2.12.tar.bz2
Version:	2.12 "Vulcanite Rook"
Released:	8 Mar 2017
GIT tag:	v2.12

New features[edit]

C/R of
- external TTYs (for Docker C/R)

Optimizations/improvements[edit]

Sanitized the way the -v works

Fixes[edit]

Checking features via RPC crashed
Resting pipes in user-namespaces could fail on modern kernels
Shutdown state for UNIX sockets could be lost on restore
Dump of huge (over 2Gb) SysV shmem segments didn't work

v. 2.11.1[edit]

Tarball:	criu-2.11.1.tar.bz2
Version:	2.11.1
Released:	17 Feb 2017
GIT tag:	v2.11.1

Fixes[edit]

Page server start via RPC was broken
Fedora build didn't work
Ppc64LE restorer switch crashed

v. 2.11[edit]

Tarball:	criu-2.11.tar.bz2
Version:	2.11 "Acrylic Bullfinch"
Released:	13 Feb 2017
GIT tag:	v2.11

New features[edit]

Added "pre-resume" to action scripts
New --status-fd option for better control of page server
C/R
- OFD file locks
- RO root mount for mount namespaces

Optimizations/improvements[edit]

More strict checks for extra CLI options
Report errors when probing locks
Restorer logs now contain timestamps

Fixes[edit]

Regression: v2.10 was broken on ARM
Use-after-free when restoring ghost directory
Array out-of-bound access when restoring VETH device
Page server exit code could be screwed up
Clang over-optimized string.h routines resulting in random crashes
Parasite failed to send FDs via socket on Alpine Linux
Restore of huge file tables could get stuck
Restore of epoll in epoll could fail
Errno value could be lost when reporting failure to restore invisible files
Dump of sched params didn't work on Alpine
Restore of huge memory dumps (over 2G) failed
Installation guessed /lib vs /lib64 with errors
Migration between xsave and noxsave didn't work for wrong cpu feature being checked

v. 2.10[edit]

Tarball:	criu-2.10.tar.bz2
Version:	2.10 "Brass Waxwing"
Released:	16 Jan 2017
GIT tag:	v2.10

New features[edit]

C/R of SOCK_PACKET sockets
Libsoccr -- library for C/R of TCP sockets
- Support for transitional states

Optimizations/improvements[edit]

Logs cleaned up (removed bunch of useless, fixed '\n' in perrors)
Action scripts errors are printed in logs
Removed several iovec-s copying over the pagemap code
Restore degraded linearly on Xen guests. Breakpoints disabled until solution

Fixes[edit]

Py bindings fault on restore error delivery
Fd leaked on file restore error path
Fd leaked when restoring invisible files (gets closed with criu exit though)
Link remap restore could fail on kernels 4.8 and higher
Impossible to restore after restore error with link remap file in images
When going daemon a descriptor could be leaked
Custom setting of mmap_min_addr could make restore to fail
Sending pages over UNIX socket could race and fail with EAGAIN
Error getting ID of /proc/pid/ns/foo link not propagated and could result in bogus NS ID generated

v. 2.9[edit]

Tarball:	criu-2.9.tar.bz2
Version:	2.9 "Silk Tit"
Released:	12 Dec 2016
GIT tag:	v2.9

New features[edit]

CRIU can now be built with clang on all supported architectures
Ignore missing sysctls on restore with --weak-sysctl
C/R overmounted mountpoints

Optimizations/improvements[edit]

Batch restore of memory contents from pages.img files
Link-remap type for invisible files is explicit in images
Man page for CRIT

Fixes[edit]

C/R with --empty-ns still handled iptables configuration
SCM messages inside UNIX socket got lost after C/R (now dump aborted)
Empty unixsk.img file appeared when dumping tasks without unix sockets
Install procedure wasn't PEP-394 compliant
CRIU blocking netfilter rules were added at the tail of the chain resulting in unlocked TCP connections
Dump/Restore spurious failures when open() returned 0 descriptor
When dumping shmem lots of zero pages were written into image files
Ghost directory with more than zero ghost parents caused restore to fail
Shared mount could escape to different group on restore

v. 2.8[edit]

Tarball:	criu-2.8.tar.bz2
Version:	2.8 "Bronze Siskin"
Released:	14 Nov 2016
GIT tag:	v2.8

New features[edit]

Ability to configure CRIU build
Show statistics on the screen with --display-stats
C/R of Mac-Vlan devices

Optimizations/improvements[edit]

x86 can now be built with clang
When dumping files useless garbage was sent with descriptors from parasite
The clear_tid_address and regs are printed in hex with CRIT
Big code rework for compel (part 1)
Removed duplicate error messages from opening /proc files

Fixes[edit]

Restoring cgroup NS could use old path prefix
criu check crashed on btrfs mounts
RO external mounts in userns couldn't be restored
Unmounted on host binfmt_misc could cause dump to fail
Off-by-one could cause criu crash when dumping shared / bind-mount
Mount namespace' roots could have flags changed on restore
Dying tasks could erroneously be tried to dump
Swapped shared memory pages were not dumped
Errno value can be sometimes spoiled by RPC
Restore of netns with newer iproute2 tool could fail

Deprecated[edit]

--ext-unix-sk, --veth-pair and --ext-mount-map, by --external

v. 2.7[edit]

Tarball:	criu-2.7.tar.bz2
Version:	2.7 "Rubber Owl"
Released:	17 Oct 2016
GIT tag:	v2.7

New features[edit]

Option --cgroup-root now makes sense on dump too
CLOCK_BOOTTIME timer supported

Optimizations/improvements[edit]

Output of iptables command leaked into logs for no use
Helper dev environment installation script for Debian
Man-page updated and prettified :)

Fixes[edit]

Unmounted binfmt_misc with rules wasn't dumped at all
Malloc() error could result in crash
Device cgroup restore could fail restoring empty record
Some entries in device cgroups were restored twice
Potential crash when dumping cgroup bindmounts
Sign error caused dump to fail on btrfs partitions
Shared mounts with the same mount path failed the dump
Threads were restored with unshared FS (cwd and root)
Shared memory changes tracking disabled (regression found)
Restore of autofs can hang
LSM profile propagation could be lost
Mountpoint with lots of options blocked the dump (too small buffer for parsing)
External slave mount (with external master) blocked the dump
Mounts with STRICTATIME restored with others flags dropped

Deprecated[edit]

No reg-file entry for TTYs

v. 2.6[edit]

Tarball:	criu-2.6.tar.bz2
Version:	2.6 "Paper Crane"
Released:	12 Sep 2016
GIT tag:	v2.6

New features[edit]

Ability to leave process stopped after restore
Memory changes tracking for anonymous shared memory
- Shared memory images deduplication too, as a part of it
Deprecation option/environment
First error message is reported back via RPC
C/R of
- More IPCNS sysctls
- xIDs of PTYs
- TMEM on PPC64LE

Optimizations/improvements[edit]

Use service FD for transport sockets on restore
Ability to turn pagemap-cache off (some kernels are buggy)
The criu --help text has become better

Fixes[edit]

R/O-mounted root could block the dump
Restore of cgroup.mm.oom_control could fail
Cgroup fs bind mounts were detected with error
Unaligned futex-es in parasite could cause dump to crash
When compiled with gcc-4.9 parasite code crashed
Failure to freeze cgroup didn't result in aborting of dump
Wrong ns list was parsed when dumping userns (invisible since nesting works only for mntns)
Non-inheritable non-tty as stdin caused shell-job restore to erroneously fail
Error path in criu dedup could crash

Deprecated[edit]

Per-pid rlimit, itimers and posix-timers
Separate image for epoll tfds (target file descriptors)

v. 2.5[edit]

Tarball:	criu-2.5.tar.bz2
Version:	2.5 "Concrete Oriole"
Released:	15 Aug 2016
GIT tag:	v2.5

New features[edit]

C/R
- fs.mqueue.msg*_default sysctls
- Unix sockets with overwritten paths
- Link-remap files in removed directories

Optimizations/improvements[edit]

Micro-optimization on namespace ID evaluation
Restoring shared files uses one socket instead of per-fd ones
More verbosity when refusing to dump a file descriptor

Fixes[edit]

Restore could fail on openat() with ENXIO when multiple mnt namespaces get restored
The criu exec action got broken
Link-remap and ghost files remained on FS after restore failure
TCP window could remain clamped after restore resulting in connection lockup/slowdown
Dump could stuck when injecting a parasite
The --timeout option wasn't taken into account when freezing tasks using freezecg
Race in freezeing/seizing could result in lost tasks
Memory leaks here and there on error paths
Double free in xvstrcat (crash)
VDSO length was mis-calculated
Symlink on --root path could make restore erroneously fail
Potential memory corruption on reading mntns images
When restoring on systems with low pid_max limit restore could fail
RO-protected SysV shmem segments could be restored with PROT_EXEC
File mode of mapped file was evaluated with errors
Restore of cgroups' mem.swappines and ..use_hierarchy blocked sub-groups creation
Impossible to restore cgoup mem.swappines default value
Zombies living in orphan sessions/groups failed the restore

v. 2.4[edit]

Tarball:	criu-2.4.tar.bz2
Version:	2.4 "Marble Lark"
Released:	11 Jul 2016
GIT tag:	v2.4

New features[edit]

Generate core from images
Ability to forcibly drop half-open TCP connections on C/R
Ability to specify cgroup ctls to dump via API
Opened/mapped files' mode is compared between dump and restore times
C/R of
- AutoFS mountpoints
- New cgroups (perf_event, net_cls, net_prio and pids)
- Memcgroup optional properties
- Devices cgroup

Optimizations/improvements[edit]

Pagemap image entries are cached in memory

Fixes[edit]

Configured kmem cgroup limit restore failed
Mem cgroup oom_control
Cgroup's pids.max was not C/R-ed
Failure to write cgroup property was ignored
No init PID in pre-dump action script
Sigactions inheritance didn't work on ARM
Opened "/proc" dir blocked the dump
Working with iptables was racy
Sibling mounts detection error on dump
Devconf accept_redirects devconf could be restored with errors
"All" devconfs could be overridden by "Default"
Name-less unix sockets got auto-bound
Mode was lost for PTY device file on restore
Newer protobuf compilers didn't recognize PB files
External mounts could be remounted with MS_PRIVATE
Build fail on Alpine Linux

Deprecated/removed[edit]

Per-pid file locks images
Per-pid fdinfo images
Ancient pagemap/pages images

v. 2.3[edit]

Tarball:	criu-2.3.tar.bz2
Version:	2.3 "Wooden Duck"
Released:	14 Jun 2016
GIT tag:	v2.3

New features[edit]

Ability not to show payload for some objects in CRIT
Pidfile is written at the end of restore
Ability to join existing namespaces on restore
C/R of
- Data sitting in TTYs
- Partially write-protected SysVIPC segments
- Debugfs and tracefs mounts
- Overmounted tmpfs
- IPv6 devconf sysctls
- External block devices
- Unix sockets with mismatched shutdown state

Optimizations/improvements[edit]

Relaxed calculation of AIO ring size
Tree-based search of tasks by real pid
Less mem-to-mem copies on restore
Saner devconf image format
More verbose explanation of why task cannot be seized
PID is printed in PIE logs

Fixes[edit]

Too many mmap-ed files blocked the dump
Potential memory corruption when working with IPv6 sockets
Overmounted bind mounts could cause restore to fail
Overmounted bind mounts could result in badly restored mount tree
Incomplete restoration of RO bind mounts options

Deprecated/removed[edit]

Greedy mode of pagemap (non-root) caused dump to fail (disabled)

v. 2.2[edit]

Tarball:	criu-2.2.tar.bz2
Version:	2.2 "Carbon Nightingale"
Released:	16 May 2016
GIT tag:	v2.2

New features[edit]

Uninstall action in Makfilefile
"Post-resume" added to action scripts
Root task's PID in environment for action scripts
C/R of
- Devconfs drop_gratuitous_arp and drop_unicast_in_l2_multicast
* Serial ttys

Optimizations/improvements[edit]

Lighter link-remaps restore on newer kernels

Fixes[edit]

Race when restoring userns vs setting ns' maps
Tasks with zero fds failed the dump
Restore of TCP recv queue could fail due to kernel mem alloc constraints
No errors were written to logs when launching helper (tar/iptables) app in userns restore
User-mode dumped no memory pages sometimes
Bind mounts considered not as bind sometimes
Two mounts in the same directory blocked the dump
Off-by in on /dev/tty{1,63} dumping
Forking of cgroupns task was done with screwed clone flags

Deprecated/removed[edit]

Greedy mode of pagemap dumping (on some kernels we do not support user-mode)
Removed the --namespaces option

v. 2.1[edit]

Tarball:	criu-2.1.tar.bz2
Version:	2.1 "Steel Lapwing"
Released:	11 Apr 2016
GIT tag:	v2.1

New features[edit]

Checking now classifies features to important/extra/experimental
Ability to bring some disk files into images. See $source/scripts/tmp-files.sh
C/R of
- Completed AIO requests
- Fallback gre and gretap net devices

Optimizations/improvements[edit]

Code coverage collecting now works
Use native rtnl library for netlink messages processing
Using --output - now results in stdout as log, not a file with the name "-"
Signals are printed by names in logs

Fixes[edit]

Make tar generated tarbal with bad name
CG restore code lacked rollback in some places
Error code from raw syscalls was treated with errors resulting in wrong criu check reports
Dumping task with HUGE amount of file descriptors failed
Task could be stopped after pre-dump if respective option was used
A /proc/pid directory from dead process conflicting with a new alive one could cause dump to fail
Zombie from alien session/process group caused restore to fail
CGroup fs was wrongly mounted in CGNS on restore
Irmap scan was mis-checking devices numbers
Use-after-free in irmap scan
Btrfs bindmounts detection was mistaken due to 'subvol=' options met
Propagation of mountpoint's shared groups was lost for propagated mounts
Unaligned allocations of restore shared memory could result in codedumps when used by futexes
Temporary mountpoints could result in spurious propagations
When aborting the dump criu could crash on use-after-free objects
Locking the network could stuck doing the DNS resolve
Several build fixes

Deprecated/removed[edit]

The images from criu prior to 0.4 are deprecated
The --namespaces option makes no sense and is also deprecated
The --ms option for check action is deprecated

v. 2.0[edit]

Tarball:	criu-2.0.tar.bz2
Version:	2.0
Released:	7 Mar 2016
GIT tag:	v2.0

New features[edit]

New code layout for sub-projects (e.g. Compel)
Unprivileged dump
Dump/check cpuinfo support for PPC
Explorers for CRIT
Added "post-setup-namespaces" to action scripts
Added timeout for dump procedure (5 sec by default)
Ability to override LSM profile on restore with CLI/RPC option
External bind mounts can be fs-root mounts too
Skip netns' internals on dump and restore (for Docker integration)
Advanced support for external files
- External TTYs
C/R for
- Mode and uid/gid of cgroup files and dirs
- Freeze cgroup state (frozen/thawed)
- Task's loginuid and oom score
- Per-thread credentials
- Filter mode of seccomp
- Ghost file in removed directory
- Ghost files lutimes
- Binfmt-misc FS contents
- Netfilter conntracks and expectations
- Multi-headed cgroups
- CGroup namespaces (no nesting)

Optimizations/improvements[edit]

Align parasite stack on 16 bits for correctness
Compilation with native libc syscall wrappers and helpers
Parasite code injection done via memfd system call
Make vaddr to pfn conversion with one less syscall
CRIT shows device numbers in "maj:min" manner
CRIT shows mmap's status in verbose
Docker files for builds on all supported arches

Fixes[edit]

Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail
Wrong argument to timer_create system call could cause restore to crash
Extra tasks in freeze cgroup caused dump to fail/hand/crash
Unaligned restore-time object allocations caused lock operations to fail
Opened /proc/pid dir of dead task failed the dump
Unaligned stacks caused criu to fail on aarch64
Changed device numbers on restore side could cause random failures
Fixes in mount points sharing/slavery/propagation restore
Race between mntns creation and fds closing in different tasks could cause restore to fail
Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail
Unconnected dgram UNIX socket with data lost packets on restore
CRIT didn't show IPC objects
CRIT didn't convert IP addresses in images
Logs from PIE code contained corrupted addresses and sizes
Not loaded netfilter modules could cause dump/restore to stuck on dumping netlink socket
Shared external mounts were restored with error

Security[edit]

User-mode
When checking for namespaces' CRIU entered userns with host creds

Deprecated/removed[edit]

Completely removed 'show' action. Use CRIT instead.

v. 1.8[edit]

Tarball:	criu-1.8.tar.bz2
Version:	1.8
Released:	7 Dec 2015
GIT tag:	v1.8

New features[edit]

Ability to check CRIU features via RPC
New zdtm.py test suite
Pre-dump and pre-restore action scripts
The "info" action in CRIT showing stats about image file
More user-friendly output by CRIT
Python API -- pycriu
Ability to add custom paths to irmap scan
C/R of
- read-only bind mounts
- IPv6 routes and iptables rules
- ip rules (it ip tool supports such)
- ignore_routes_with_linkdown netns devconf
- empty bridges in netns
- FILTER mode of seccomp
- IP_FREEBIND socket option

Optimizations/improvements[edit]

Shared pie/non-pie .c files are built two times with proper flags
VDSO code re-shuffled for better re-use between arches
Failures of action scripts are reported in logs
OpenVZ's VENET handling is tuned to fit the current kernel state
Do not use hardcoded /dev/rts maj:min numbers
Unsupported socket protocols are reported at expected place
Slightly faster access to /proc files by using O_PATH open mode
Improved page-server dump speed by keeping control over the Nagle algorithm
Read pages.img in more optimal manner rather than page-by-page
Less "Error"-s in logs, that actually don't lead to errors
Slightly faster /proc/pid/status parsing
Dead/live-locks on internal criu locks now emits a warning into logs

Fixes[edit]

Page server flooded node with tw buckets during migration
Turned off cgroups controllers weren't detected as such
Netns sysctls from old images weren't properly restored
Running process could be mistakenly stopped after --leave-running dump
Helper processes run by CRIU produced fake error messages in logs
Error code from sigaction restore could be missed
Several potential buffers overruns due to missed '\0' after strcpy-s existed
Killed processes after dump survived in zombie state for some time holding PIDs and resources
If task had MANY children, the latter could be skipped on dump
Task dying while being frozen could fail the dump
On Aarch64 the upper limit for user memory was not properly detected sometimes
Guess for TCP buffer max segment size was too optimistic (could fail the restore on low-mem machines)
CRIT didn't decode userns images
Ghost files were left in the FS tree after failed restore (blocking the next restore attempt)
Some log messages from pie code were lost
Some net/ipc/uts sysctls failed to restore in userns
Move tasks int cgroups failed in userns
Unsupported filesystems silently failed the dump
External tmpfs (and some other) mounts generated tarballs with their contents
Privately mapped files were picked from wrong mount namespace
Controlling tty could be restored on wrong tty end
Tmpfs mount of sub-namespace was restored from wrong image file
Potential stack overflow in libcriu
Partially-restored tasks could be left after failed restore
In-container TCP connection sometimes failed to restore
Race in sending SIGSTOP vs dump might cause dump to fail
Post-restore actions could generate stats files in wrong directories
Freeze-cgroup didn't take sub-cgroups' tasks into account
Tentative state in IPv6 sockets binding prevented socket from being bound immediately
Restoring from images with files pointing to /proc file of dead tasks could crash
Tasks with STOP in queue (i.e. -- not yet stopped) were CONT-ed in case of --leave-running dump
Stopped task with one more STOP in queue caused dump to stuck
If parent task left the MNT namespace it created for children restore could BUG()
Link-local IPv6 addresses sometimes failed to bind() at restore

Security[edit]

Service run as root could allow users to violate ptrace policies
Service run as root could give users access to privileged files and directories

v. 1.7.2[edit]

Tarball:	criu-1.7.2.tar.bz2
Version:	1.7.2
Released:	28 Oct 2015
GIT tag:	v1.7.2

Fixes[edit]

Mounting container root on restore could sometimes switch to wrong root path
The slave/shared option for CT root was lost on restore
Duplicate slave mount points could appear on restore
Fanotifies (inotifies) could be restored in wrong mount namespace (though on correct inode)
Fanotifies (inotifies) on bind-mount-ed tmpfs file could fail the dump
Kernel threads found in tree (OpenVZ containers case) blocked the dump
Flat user namespace (0; \infty) restore failed
Off-by-one in unix socket name handling
IPC objects' UIDs and GIDs were not treated as userns ones
Rcv and Snd buffers for sockets grew 2 times on restore

v. 1.7[edit]

Tarball:	criu-1.7.tar.bz2
Version:	1.7
Released:	7 Sep 2015
GIT tag:	v1.7

New features[edit]

More flexible CGroups managing on restore
Support for seccomp strict mode
Support for stream unix sockets inheritance
Support uid/gid-restricted mounts in userns
Support deleted bind-mounts
Freezer cgroups can be used on dump to freeze fast-spawning processes
Ability to specify maximum ghost file size
OverlayFS support
Support relative unix sockets' bind paths
In libcriu
- New set of calls using non-global opts
- Ability to pass existing connection to service
- Ability to start criu in swrk mode for all requests
Arch-specific improvements
- Altivec and PSX support for PPC
- Small PIE loader
- Preparations for 32-bit x86

Optimizations/improvements[edit]

Temporary proc mountpoint is mounted with nosuid, noexec and nodev
Less memory copies when preparing restorer binary
CRIT action "show" for less keystrokes on common use-case
Fsnotify log messages now use hex everywhere :)
CRIT output doesn't mix fields any more

Fixes[edit]

CRIU binary couldn't be installed independently from man pages
Root dir ignored in install: target
Bug in restoring PPC floating point register
SYSVIPC shmem was not attached on restore with PPC
AIO ring ID was erroneously close()-d
After dump+kill tasks remained in zombie states
Race in zombies vs proc proxy tasks deaths resulted in restore spurious failure
Restore got stuck when CRIU was called with blocked SIGCHILD
Wrong page size value could be used on some ARM compilations
Potential memory corruption when restoring an LSM profile
Opened /dev/kmsg in WRONLY mode failed the restore
Weird paths on tmpfs caused tar to fail
Temporary cgroup mount set (cgyard) got propagated into the host tree
Restore of inherited shared pipe failed
Spaces, tabs and backslashes in mountpoints' paths caused dump to fail
Tmpfs mounted with empty source caused dump to fail
The criu.pc file contained bad version when built from tarball
Deprecated -n option found in docs
On aarch64 the maximum virtual address available for user-space was wrongly hardcoded

v. 1.6.1[edit]

Tarball:	criu-1.6.1.tar.bz2
Version:	1.6.1
Released:	12 Aug 2015
GIT tag:	v1.6.1

New features[edit]

Support for relative paths for unix sockets

Fixes[edit]

Crash when restoring netns from older images
Race between unix sockets' connect and listen may cause restore to fail
Multiple unix datagram clients restored server queue multiple times

v. 1.6[edit]

Tarball:	criu-1.6.tar.bz2
Version:	1.6
Released:	1 Jun 2015
GIT tag:	v1.6

New features[edit]

PowerPC 64bit LE support
Makefile.local for 3-rd party build rules
Ability to "enable" filesystem on dump (--enable-fs)
Ability to skip mountpoint on dump (--skip-mnt)
Prepare to deprecate "criu show" command
External mounts auto-detection
- External siblings resolving
- External sharing resolving
/dev/tty (current terminal) support
Netdev and netns (all/default) confs C/R
Images v1.1 with extra magic at head
Support fusectl (only ctl) mountpoint
Sub-version format is now as of git-describe
Apparamor labels C/R support

Optimizations[edit]

Empty image files are not generated in image dir
/proc/pid/fd/locks support for faster and non-intrusive locks dump

Fixes[edit]

Cscope scanned symlinks on make tags
Compilation with clang failed
Improper PAGE_SIZE constant was used on Aarch64
Selinux blocks attempt to inject parasite w/o any reasonable message
Error code masked on some error paths
O_APPEND files' changed size aborted restore
Errno value could be overwritten by logging
Mount namespace w/o /tmp could not be dumped
Stats file generated in wrong dir sometimes
MS_STRICTATIME mountpoint option was dropped on dump
Read-only tmpfs mount failed to restore
Some files were put into wrong places upon install target
Service couldn't be enabled via systemd ctl after manual installation
Parent's /proc/self files could be accessed by criu processes on restore
When meeting unknown image file CRIT exited with exception instead of printing sane error message

v. 1.5.2[edit]

Tarball:	criu-1.5.2.tar.bz2
Version:	1.5.2
Released:	28 Apr 2015
GIT tag:	v1.5.2

Fixes[edit]

Mutli-threaded tasks restored with error when --restore-sibling (Docker and LXC cases)
Service (and swrk) couldn't receive too big RPC messages

v. 1.5.1[edit]

Tarball:	criu-1.5.1.tar.bz2
Version:	1.5.1
Released:	31 Mar 2015
GIT tag:	v1.5.1

New features[edit]

Inheriting FDs now work in "swrk" RPC mode
Restored pid is reported in post-restore RPC notification

Fixes[edit]

Uninitialized ss in sigframe causes C/R failures on 4.0 kernel
Cgroups' properties are initialized too late on restore
Cgroups' destruction isn't performed in non detached mode
Cgroups' destruction can fail on error paths

v. 1.5[edit]

Tarball:	criu-1.5.tar.bz2
Version:	1.5
Released:	2 Mar 2015
GIT tag:	v1.5

New features[edit]

CRIT tool
Ability to request CPU compatibility on instructions level only
C/R of empty AIO rings
More detailed errno report via RPC
Per-feature "criu check"
Inheriting FDs on restore
Ability to automatically move veth device to host-side bridge on netns restore
VT terminals support
More user namespaces C/R stuff
- Sockets full support
- Invisible files
- TTYs
- FSnotifies

Optimizations[edit]

TCP send queue is restored in the maximal portions allowed by the kernel
Pre-loading sock-diag modules now happens in a more elegant way

Fixes[edit]

Multi-threaded tasks on 64bit ARM could segfault upon restore
When doing "check" CRIU could leave un-killed piggie task
The --cpu-cap option argument was parsed with errors
Incorrect handling of --cpu-cap fpu compatibility mode on restore
Criu ignored trailing CLI arguments that resulted in usage confusions
Irmap hints didn't include common "/" path
When run per user request, CRIU left log and pid files belonging to root
Mappings on AUFS could be looked up on wrong mount point
Fixed compilation on Centos6.5
Wrong /proc was used when reading the list of FDs to close on restore
Race in restoring TCP established and listening sockets results in failed bind() on the latter
Legacy ttys errorneously treated as unix98
TTY pairs slavery setup could pick wrong peer
For user-dump the log and pid files still belonged to root
Task could die while being frozen thus causing dump to fail or save wrong task state
Failures in mount points validation and sharing resolving didn't abort the dump (error arose on restore)

v. 1.4[edit]

Tarball:	criu-1.4.tar.bz2
Version:	1.4
Released:	1 Dec 2014
GIT tag:	v1.4

New features[edit]

Dump and check cpuinfo. Needed to make sure CPU is capable to run the images after restore, e.g. during live migration
Initial support for user namespaces
- Use memfd to restore shared memory segments
- New (slightly faster) API for mm stuff restore via prctl
- [UG]ID-s are dumped from parasite, not from /proc files
The docker_cr.sh script to show how Docker container C/R should (will) look like
New API for writing plugins (old one is still possible)
Service workers change their title to better look in ps output
Ability to feed socket for pre-dump and page-server in swrk mode
Page-server can auto-bind its port
Ability to perform several actions during one connection to RPC service
C/R of opened /proc/$pid/foo files of dead tasks
C/R of /dev/console
C/R of virtualized devtmpfs (openvz and future upstream kernels)
C/R of empty mqueue fs (posix message queues)
C/R of shared bind-mounts

Optimizations[edit]

BFD engine
- Faster that glibc's FILE * buffered read from /proc files
- Buffered image files IO
Faster parasite/restorer unload
- Use HW breakpoints
- Less ptrace GETREGS calls sometimes
- Wake pie after sending the FINI command to socket
Merged some pairs of images into one
- eventpoll and -tfd
- inotify and -wd
- fsnotify and -mark
Less setns()-s on dump is much faster on older kernels
Faster access to /proc/self files -- cached fd of /proc/self and openat(this_cache)

Fixes[edit]

Sibling restore mode didn't set up CRIU signals properly
Unpredictable sibling/child root task restore. Fixed with explicit CLI option
Validation for leaf mount points was skipped
Mount options were corrupted on dump, which resulted in errors bind mounts detection
Uninitialized properties of some cgroups prevented moving tasks into them (e.g. empty cpuset masks and low memcg limit)
File locks could belong to task with different pid (inherited on fork) blocked the dump
Bogus error printed in logs about SIGCHLD catch (was caused by thread dump using traps)
Irmap engine accessed freed root_task on pre-dump
Restore of net namespace could always fail (pid mismatch on fork) if kernel thread was created on netns setup
Cgroups service descriptor was closed too early and failed restore
Auto-loaded *diag modules caused audit netlink socket to contain data on dump (dump fails in this case)
The "(deleted)" prefix accumulated in unlinked files while doing C/R
The devpts filesystem and ptmx file were only dumped when found on /dev/pts and /dev respectively
Data in netlink socket and fanotify was lost after C/R (now dump is aborted if data found in it)
Fanotify mark was restore in different mount namespace
Images were writable by group. Not secure when user-dump was requested
Rootfs has parent id equal to self. CRIU didn't expect this and failed the dump
Shared mount of the --root path failed the restore
Absence (e.g. not compiled in) of any namespace in the kernel failed the dump
Page-server incremental dump didn't detect new tasks properly and failed the stage
Big TCP queues sometimes failed to get restored
Incremental pre-dump could lose track of memory changes by task

v. 1.3.1[edit]

Tarball:	criu-1.3.1.tar.bz2
Version:	1.3.1
Released:	12 Sep 2014
GIT tag:	v1.3.1

Fixes[edit]

Sibling restore mode didn't set up CRIU signals properly
Unpredictable sibling/child root task restore. Fixed with explicit CLI option
Validation for leaf mount points was skipped
Mount options were corrupted on dump, which resulted in errors bind mounts detection

v. 1.3[edit]

Tarball:	criu-1.3.tar.bz2
Version:	1.3
Released:	1 Sep 2014
GIT tag:	v1.3

New features[edit]

TimerFD support
VVAR area (newer kernels' part of VDSO) support
CGroups hierarchies support
AUFS support (for Docker)
PDeathSig support
Check for opened file's size on dump and restore is the same
Ability to restore tasks as children using libcriu (criu_restore_child)
Add pkgconfig file for libcriu
CRTOOLS_IMAGE_DIR variable available in action scripts

Optimizations[edit]

Merged images with pending signal into core
Per-task images with file locks are merged into one big image
Smaller tasks orchestration memory area on restore
Sigactions are inherited on restore when possible, not overwritten
ZDTM suite now executes tests in parallel

Fixes[edit]

Dump failed if robust lists were off
Link remaps on tmpfs mounts were not dumped
Non root tasks with custom groups couldn't dump its peers (Security)
Opened and unlinked FIFOs, dirs and devices were restored as regular files
Files opened from alien mount namespace were restored in the local one
Link remap name sometimes was generated with error
Opened and removed cwd couldn't be restored
Sysctl kernel.msgmni was overwritten by subsequent auto_msgmni
Library and RPC APIs didn't match the CLI one
Some external mounts were constantly "postponed" and never got mounted
The self.mm_dumpable prlctl value of 2 caused restore to fail
Errors when writing sysctls with tail \n
The criu show printed nested repeated fields corrupted
Dump stats were initialized with garbage
Restore sometimes stuck on waiting for inet socket port bind
Spurious SIGHUP when restoring slave ttys
Restore wasn't aborted if sub-task failed early

v. 1.3-rc2[edit]

Tarball:	criu-1.3-rc2.tar.bz2
Version:	1.3-rc2
Released:	18 Jun 2014
GIT tag:	v1.3-rc2

New features[edit]

Native (w/o plugins) c/r of external bind mounts
C/R of the info in which cgroups tasks live
C/R of task's dumpable flag
Dump pstore, securityfs, fusectl and debugfs mountpoints

Fixes[edit]

VDSO was searched on stack's guard page
Mount namespace w/o /proc mount blocked the restore
Several misses in searching for COW VMA resulted in sub-optimal pages sharing on restore
FIFO-s path was restored in wrong mount namespace
Mountpoint fsnotify could be restored on a bind-mount
One tmpfs mounted several times was dumped several times
Bind-mount's root path of the top mount was calculated with error
Fix device number calculation out of major:minor on some distros
Devpts mount options got lost on dump
Page-pipes grew endlessly resulting in dump failures on big VMAs
IO and PF mappings were tried to be dumped
Two merged MAP_GROWSDOWN VMAs got dumped with overlapping guard page
Too small shared area was used to fetch tasks mappings that resulted in failed dump of huge mappings
Many fixes in build system
Zdtm's COW test sometimes ignored COW failures

v. 1.3-rc1[edit]

Tarball:	criu-1.3-rc1.tar.bz2
Version:	1.3-rc1
Released:	25 Apr 2014
GIT tag:	v1.3-rc1

New features[edit]

AArch64
Multiple mount namespaces
FPU state restore control
- Restore old FPU state on newer CPUs
- Ability to ignore FPU restoration
Support stopped multi-threaded tasks
CRIU now can execv() other binary right after restore is complete
Inode-reverse mapping can be enforced to allow live-migration with FS copying
Gold linker can now be used to compile CRIU
"Berserker" test to check CRIU scalability
Punch pages from mem images on restore (optimizes live-migration)

Optimizations[edit]

Batched deduplication of memory images
Packed rlimits into core image
Packed timers into core image

Fixes[edit]

Bad checks for kcmp() ret codes resulted in errors in file sharing detection
Multiple mmaps of same files with different flags blocked the restore
Integer overflow in huge mapping restore caused restoration failure
devpts's newinstance option was lost during dump
Subsequent dump could try to find old mem dump for newly forked task
Bad detection of overmounted mountpoints on fsnotify restore
Page-server could read partial message and failed
Errors in dumping of two subsequent anon VMAs in some cases
Irmap mis-compared devices for disk FSs
TMPFS handles always change during dump/restore
Pre-dump sometimes hangs on FIFOs
Post-restore script fails too late (if does it)

v. 1.2[edit]

Tarball:	criu-1.2.tar.bz2
Version:	1.2
Released:	26 Feb 2014
GIT tag:	v1.2

New features[edit]

Performance improvements
- Shared entries in reg-files image
- Less accesses to /proc/$pid/map_files links
- Cache for /proc/$pid/pagemap reads
- VDSO page is seeked only in anonymous mappings
- Task's auxv is read in one call
- Merged mm and vma image files for better packing
- NFS inodes' path resolution (for fsnotify) cache
- One readlink() call when checking anon inodes
- Don't dump kernel's zero-page
- Parse fast /proc/self/maps when searching for hole for restorer
- A bit faster write into image files with writev()
Library versioning
RPC API got closer to CLI
- Suitable for live migration project
- Action-scripts via RPC notification messages
New "post-restore" call in action scripts
Logrotate rules file
Default log file for service when starting via systemd

Fixes[edit]

A lot for ARM cross-compile
Fsnotifies dumping didn't work on NFS
Images auto-deduplication only worked one level up
Packet socket ID was treated as file-descriptor and close()-d
Badly counted pages stats on restore
Linked remap name conflict when dump and restore on NFS
Sporadic failures in memory draining due to huge pipes used
Broken criu show of repeated fields
Failure to open mountpoint in foreign pid namespace
Unlinked bound unix socket dump error
Small memory leak when writing to incremental image(s)
Restoring fsnotify for links results in ELOOP
Host's PATH is not suitable when execv-ing tar/ip/iptable to restore namespace (workaround, proper fix will be in 1.3)
Using subdirs in log file name via RPC breaks security

v. 1.1[edit]

Tarball:	criu-1.1.tar.bz2
Version:	1.1
Released:	28 Jan 2014
GIT tag:	v1.1

Fixes[edit]

Errors from memory dumping are not handled resulting in corrupted dumps
EOF detection in stacked images is done with error
Stacked images don't work on non-shared FS (missing pagemap-s)

v. 1.1-rc2[edit]

Tarball:	criu-1.1-rc2.tar.bz2
Version:	1.1-rc2
Released:	20 Jan 2014
GIT tag:	v1.1-rc2

Fixes[edit]

Crash in criu check
RPC check always fail on 3.11 kernel
Failed fork() didn't abort restore
Dump fail not reported via RPC
RPC client disconnect wasn't handled
Page server could connect to self for writing images
Hang on pre-dumping task livig in net-namespace
VDSO page mis-handle on pre-dump
FPU state loss on pre-dump
Memory tracking turns ON w/o request
Various fixes (and improvements) in build system

v. 1.1-rc1[edit]

Tarball:	criu-1.1-rc1.tar.bz2
Version:	1.1-rc1
Released:	30 Dec 2013
GIT tag:	v1.1-rc1

New features[edit]

libcriu.so -- wrapper library for RPC clients
Plugins
- External unix sockets
- External bind mounts
- External net devices
- Unknown file types
Images deduplication in incremental dumps
Integration with systemd
Filtering of criu show output

Note: The API defined in the first two items above may change after -rc1

Fixes[edit]

Errors in unlinked files/sockets detection on BTRFS
NFS silly-rename files are not treated as unlinked
Freezer fail to seize quickly forking/pthread_create-ing tasks
Extra stop signal queued for stopped tasks after pre-dump
Wrong dying task state detection
Lost RPC dump response
Crash when reporting restore error via RPC
Negative return code into shell
Tasks left in wrong states after failed dump
A little bit more verbose check action
Coverity checks fail here and there

v. 1.0[edit]

Tarball:	criu-1.0.tar.bz2
Version:	1.0
Released:	25 Nov 2013
GIT tag:	v1.0

Fixes[edit]

After --leave-running linked remaps were not cleaned
TCP was left locked after --leave-running
Weak criteria in memory COW detection
Private mapping's premmapped address overwrote file ID
Restorer memory could overlap with timers/signals arrays
RPC worker reused options from service task
Suboptimal memory utilization by restorer arguments
TCP unsent/unacked data boundary was lost
Wrong dev_t decoding on 64 bit
Unpredictable daemons (service and page-service) working dir
Parasite stack could be corrupted by its arguments
Error from exe link restore was ignored
Artificial small limit on the number of shared memory segments to restore
Bug in ARM VFP restore
VDSO proxy was unmapped at the very end of restore

New features[edit]

-W option to specify working dir
CHECK request in RPC
Optimized headers
More info in logs about undumpable files
More comments about tricky dump/restore places
Generic memory allocation for restorer

v. 0.8[edit]

Tarball:	criu-0.8.tar.bz2
Version:	0.8
Released:	18 Oct 2013
GIT tag:	v0.8

New features[edit]

RPC service
Ability to work from non-root user (via +s bit)
Handle stopped tasks
Restore tasks' root path
Dump and restore net ns iptables configuration (w/o conntracks)
Support for external net devices in netns (e.g. openvz venet)
Support CORK and NODELAY TCP options
SEQPACKET unix sockets support

Fixes and improvements[edit]

Unload restorer blob after restore
Fixes and enhancements in criu show
Fix in unsorted inotify wd restoring
Fixed trimmed messages in parasite transport
Fine-grained pgrps restore
Fix in large TCP buffers restore
Fixed buffer overflow in IPC ns dumping
Fix in early page server connection close on pre-dump
Fixed race in handling aborted parasite blob
Fixed lost unmapped criu vmas in restore
Fixes in parsing devices in /proc/pid/maps and /proc/locks
Fixed snd/rcv buf sockoptions restore
Enhanced logging in parasite

v. 0.7[edit]

Tarball:	criu-0.7.tar.bz2
Version:	0.7
Released:	3 Sep 2013
GIT tag:	v0.7

New features[edit]

TUN devices support (requires patched kernel)
Alternative stack (sigaltstack) C/R
Shared and master/slave mounts support
Restore statistics
Net device address C/R
Safer and simpler asynchronous parasite
Fixes in
- Stack guard page dump/restore
- Page server communications
- COW mappings restore
- Zombies restore
- Aborting failed restore
- TCP connection restore (some require patched kernel)
- Semi-closed Unix sockets with data dump/restore
- etc.

v. 0.6[edit]

Tarball:	criu-0.6.tar.bz2
Version:	0.6
Released:	1 Jul 2013
GIT tag:	v0.6

New features[edit]

Cross-compiling support
Ready to accept images from OpenVZ RHEL6-based kernel
- VDSO conversion
Posix CPU timers C/R
Asynchronous parasite
- Self-heal dumpee in case of crtools crash
Memory changes tracking (requires patched kernel)
- Incremental backups
- Pre-dump task command for smaller freeze time
Dump statistics
Return-arg for remote syscalls execution
Improved "show" output
Opened /proc/PID/ns/* files C/R
Daemon mode for page-server
Build-time features test (makes it possible to build on different distros)

v. 0.5[edit]

Tarball:	criu-0.5.tar.bz2
Version:	0.5
Released:	30 Apr 2013
GIT tag:	v0.5

New features[edit]

C/R netlink sockets
C/R pending signals
New format for memory dumps
Incremental dumps (preliminary)
Ability to directly send memory dumps on remote host (for faster live migration)
Images showing enhancements
Kernel features checking enhancements
Lots of BUGs fixed
Renamed crtools to criu (both binary and source package names)

v. 0.4[edit]

crtools-0.4.tar.bz2
Released: 20 Feb 2013
GIT tag: v0.4

New features[edit]

ARM port
Remote syscall execution
C/R of
- FPU state
- File locks (basic support)
- Rlimits
- FANotify descriptors
- Shared fdtable (table of file descriptors)
- Tasks' umask
- Pipe buffer size
- Unix sockets' credentials
- TCP time-stamp offset (allows to migrate a TCP socket, requires custom kernel)
Automatic namespaces detection (--namespace option is deprecated)

Internal[edit]

Build system rework
Dumping/restoring memory pointers standardized (while doing ARM port)
Ability to collect coverage (gcov, reported here)
32/64-bit problems mostly resolved (while doing ARM port)

v. 0.3[edit]

crtools-0.3.tar.bz2
Released: 11 Dec 2012
GIT tag: v0.3

New features[edit]

C/R of shell jobs
Handle files, that are opened and unlinked, but some other hard link exists
More SOL_SOCKET socket options. Two most interesting are:
- Binding socket to device (SO_BINDTODEVICE)
- Per-socket packet filter (SO_ATTACH_FILTER)
Shutdown state of a socket
Task scheduler parameters (nice, policy and prio)
Properly handle COW pages
Memory mapped packet sockets (with SOL- options this is enough for tcpdump tool support)
Complementary groups (getgroups(2))
Various mapping features, configured with madvise(2)
Tune TCP sockets support to work with IPv6 sockets
Closed (or not yet connected/bound) unix sockets

Bug fixes and improvements[edit]

Print timestamps in log files
Restructure source tree a little
- PIE stuff in separate dir
- Arch-specific code in arch/<Arch>/ directory
Nicer show -c output for pages/pipes/etc contents
Fixes in help text
Save and restore blocked signals mask for threads
Don't dump (and warn about it) corked UDP sockets
Fixed livelocks when restoring too big socket queues
Refresh info about sockets, that might have changed between diag dump and actual process freeze
Lost file params and socket options for some unix sockets
Fix inotify on opened and unlinked files
Fix shared anonymous memory detection
Properly close all files before restoring them
Fixes in running external tools (ip/tar)
Several fixes in control tty restoring code
RT signals handlers dumped and restored

v. 0.2[edit]

crtools-0.2.tar.bz2
Released: 20 Sep 2012
GIT tag: v0.2

v. 0.1[edit]

crtools-0.1.tar.bz2
Released: 23 Jul 2012
GIT tag: v0.1

Revision as of 13:26, 21 August 2017 (edit) Xemul (talk \| contribs) ← Older edit		Latest revision as of 08:28, 21 September 2024 (edit) (undo) Avagin (talk \| contribs)
(16 intermediate revisions by 4 users not shown)
Line 3:		Line 3:
	<div class="noautonum">__TOC__</div>		<div class="noautonum">__TOC__</div>

−	{{fe\|Changelog\|{{nln}}\|3.4\|3.3\|3.2.1\|3.2\|3.1\|3.0\|2.12.1\|2.12\|2.11.1\|2.11\|2.10\|2.9\|2.8\|2.7\|2.6\|2.5\|2.4\|2.3\|2.2\|2.1\|2.0\|1.8\|1.7.2\|1.7\|1.6.1\|1.6\|1.5.2\|1.5.1\|1.5\|1.4\|1.3.1\|1.3\|1.3-rc2\|1.3-rc1\|1.2\|1.1\|1.1-rc2\|1.1-rc1\|1.0\|0.8\|0.7\|0.6\|0.5\|0.4\|0.3\|0.2\|0.1}}	+	{{fe\|Changelog\|{{nln}}\|4.0\|3.19\|3.18\|3.17.1\|3.17\|3.16\|3.15\|3.14\|3.13\|3.12\|3.11\|3.10\|3.9\|3.8.1\|3.8\|3.7\|3.6\|3.5\|3.4\|3.3\|3.2.1\|3.2\|3.1\|3.0\|2.12.1\|2.12\|2.11.1\|2.11\|2.10\|2.9\|2.8\|2.7\|2.6\|2.5\|2.4\|2.3\|2.2\|2.1\|2.0\|1.8\|1.7.2\|1.7\|1.6.1\|1.6\|1.5.2\|1.5.1\|1.5\|1.4\|1.3.1\|1.3\|1.3-rc2\|1.3-rc1\|1.2\|1.1\|1.1-rc2\|1.1-rc1\|1.0\|0.8\|0.7\|0.6\|0.5\|0.4\|0.3\|0.2\|0.1}}