summaryrefslogtreecommitdiffstats
path: root/release_docs/RELEASE.txt
blob: 985cbf57e511ff68c9177b39f05c99e75732d96a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
HDF5 version 1.15.0 currently under development
================================================================================


INTRODUCTION
============

This document describes the differences between this release and the previous
HDF5 release. It contains information on the platforms tested and known
problems in this release. For more details check the HISTORY*.txt files in the
HDF5 source.

Note that documentation in the links below will be updated at the time of each
final release.

Links to HDF5 documentation can be found on The HDF5 web page:

     https://portal.hdfgroup.org/display/HDF5/HDF5

The official HDF5 releases can be obtained from:

     https://www.hdfgroup.org/downloads/hdf5/

Changes from Release to Release and New Features in the HDF5-1.16.x release series
can be found at:

     https://portal.hdfgroup.org/display/HDF5/Release+Specific+Information

If you have any questions or comments, please send them to the HDF Help Desk:

     help@hdfgroup.org


CONTENTS
========

- New Features
- Support for new platforms and languages
- Bug Fixes since HDF5-1.14.0
- Platforms Tested
- Known Problems
- CMake vs. Autotools installations


New Features
============

    Configuration:
    -------------
    - Autotools builds now build the szip filter by default when an appropriate
      library is found

      Since libaec is prevalent and BSD-licensed for both encoding and
      decoding, we build the szip filter by default now.

      Both autotools and CMake build systems will process the szip filter the same as
      the zlib filter is processed.

    - Removed CMake cross-compiling variables

      * HDF5_USE_PREGEN
      * HDF5_BATCH_H5DETECT

      These were used to work around H5detect and H5make_libsettings and
      are no longer required.

    - Running H5make_libsettings is no longer required for cross-compiling

      The functionality of H5make_libsettings is now handled via template files,
      so H5make_libsettings has been removed.

    - Running H5detect is no longer required for cross-compiling

      The functionality of H5detect is now exercised at library startup,
      so H5detect has been removed.

    - Updated HDF5 API tests CMake code to support VOL connectors

      * Implemented support for fetching, building and testing HDF5
        VOL connectors during the library build process and documented
        the feature under doc/cmake-vols-fetchcontent.md

      * Implemented the HDF5_TEST_API_INSTALL option that enables
        installation of the HDF5 API tests on the system

    - Added new CMake options for building and running HDF5 API tests
      (Experimental)

      HDF5 API tests are an experimental feature, primarily targeted
      toward HDF5 VOL connector authors, that is currently being developed.
      These tests exercise the HDF5 API and are being integrated back
      into the HDF5 library from the HDF5 VOL tests repository
      (https://github.com/HDFGroup/vol-tests). To support this feature,
      the following new options have been added to CMake:

        * HDF5_TEST_API: ON/OFF (Default: OFF)

          Controls whether the HDF5 API tests will be built. These tests
          will only be run during testing of HDF5 if the HDF5_TEST_SERIAL
          (for serial tests) and HDF5_TEST_PARALLEL (for parallel tests)
          options are enabled.

        * HDF5_TEST_API_INSTALL: ON/OFF (Default: OFF)

          Controls whether the HDF5 API test executables will be installed
          on the system alongside the HDF5 library. This option is currently
          not functional.

        * HDF5_TEST_API_ENABLE_ASYNC: ON/OFF (Default: OFF)

          Controls whether the HDF5 Async API tests will be built. These
          tests will only be run if the VOL connector used supports Async
          operations.

        * HDF5_TEST_API_ENABLE_DRIVER: ON/OFF (Default: OFF)

          Controls whether to build the HDF5 API test driver program. This
          test driver program is useful for VOL connectors that use a
          client/server model where the server needs to be up and running
          before the VOL connector can function. This option is currently
          not functional.

        * HDF5_TEST_API_SERVER: String (Default: "")

          Used to specify a path to the server executable that the test
          driver program should execute.

    - Added support for CMake presets file.

      CMake supports two main files, CMakePresets.json and CMakeUserPresets.json,
      that allow users to specify common configure options and share them with others.
      HDF added a CMakePresets.json file of a typical configuration and support
      file, config/cmake-presets/hidden-presets.json. 
      Also added a section to INSTALL_CMake.txt with very basic explanation of the
      process to use CMakePresets.

    - Deprecated and removed old SZIP library in favor of LIBAEC library

      LIBAEC library has been used in HDF5 binaries as the szip library of choice
      for a few years. We are removing the options for using the old SZIP library.

      Also removed the config/cmake/FindSZIP.cmake file.

    - Enabled instrumentation of the library by default in CMake for parallel
      debug builds

      HDF5 can be configured to instrument portions of the parallel library to
      aid in debugging. Autotools builds of HDF5 turn this capability on by
      default for parallel debug builds and off by default for other build types.
      CMake has been updated to match this behavior.

    - Added new option to build libaec and zlib inline with CMake.

      Using the CMake FetchContent module, the external filters can populate
      content at configure time via any method supported by the ExternalProject
      module. Whereas ExternalProject_Add() downloads at build time, the
      FetchContent module makes content available immediately, allowing the
      configure step to use the content in commands like add_subdirectory(),
      include() or file() operations.

      The HDF options (and defaults) for using this are:
          BUILD_SZIP_WITH_FETCHCONTENT:BOOL=OFF
          LIBAEC_USE_LOCALCONTENT:BOOL=OFF
          BUILD_ZLIB_WITH_FETCHCONTENT:BOOL=OFF
          ZLIB_USE_LOCALCONTENT:BOOL=OFF

      The CMake variables to control the path and file names:
          LIBAEC_TGZ_ORIGPATH:STRING
          LIBAEC_TGZ_ORIGNAME:STRING
          ZLIB_TGZ_ORIGPATH:STRING
          ZLIB_TGZ_ORIGNAME:STRING

      See the CMakeFilters.cmake and config/cmake/cacheinit.cmake files for usage.

    - Added the CMake variable HDF5_ENABLE_ROS3_VFD to the HDF5 CMake config
      file hdf5-config.cmake. This allows to easily detect if the library
      has been built with or without read-only S3 functionality.

    Library:
    --------
    - Added support for in-place type conversion in most cases

      In-place type conversion allows the library to perform type conversion
      without an intermediate type conversion buffer.  This can improve
      performance by allowing I/O in a single operation over the entire
      selection instead of being limited by the size of the intermediate buffer.
      Implemented for I/O on contiguous and chunked datasets when the selection
      is contiguous in memory and when the memory datatype is not smaller than
      the file datatype.

    - Changed selection I/O to be on by default when using the MPIO file driver

    - Added support for selection I/O in the MPIO file driver

      Previously, only vector I/O operations were supported.  Support for
      selection I/O should improve performance and reduce memory uses in some
      cases.

    - Change the error handling for a not found path in the find plugin process.

      While attempting to load a plugin the HDF5 library will fail if one of the
      directories in the plugin paths does not exist, even if there are more paths
      to check. Instead of exiting the function with an error, just logged the error
      and continue processing the list of paths to check.

    - Implemented support for temporary security credentials for the Read-Only
      S3 (ROS3) file driver.

      When using temporary security credentials, one also needs to specify a
      session/security token next to the access key id and secret access key.
      This token can be specified by the new API function H5Pset_fapl_ros3_token().
      The API function H5Pget_fapl_ros3_token() can be used to retrieve
      the currently set token.

    - Added a Subfiling VFD configuration file prefix environment variable

      The Subfiling VFD now checks for values set in a new environment
      variable "H5FD_SUBFILING_CONFIG_FILE_PREFIX" to determine if the
      application has specified a pathname prefix to apply to the file
      path for its configuration file. For example, this can be useful
      for cases where the application wishes to write subfiles to a
      machine's node-local storage while placing the subfiling configuration
      file on a file system readable by all machine nodes.

    - Added H5Pset_selection_io(), H5Pget_selection_io(), and
      H5Pget_no_selection_io_cause() API functions to manage the selection I/O
      feature.  This can be used to enable collective I/O with type conversion,
      or it can be used with custom VFDs that support vector or selection I/O.

    - Added H5Pset_modify_write_buf() and H5Pget_modify_write_buf() API
      functions to allow the library to modify the contents of write buffers, in
      order to avoid malloc/memcpy.  Currently only used for type conversion
      with selection I/O.


    Parallel Library:
    -----------------
    -


    Fortran Library:
    ----------------
    - Added h5pget_vol_cap_flags_f and related Fortran VOL
      capability definitions.

    - Fortran async APIs H5A, H5D, H5ES, H5G, H5F, H5L and H5O were added.

    - Added Fortran APIs:
      h5pset_selection_io_f, h5pget_selection_io_f
      h5pset_modify_write_buf_f, h5pget_modify_write_buf_f

    - Added Fortran APIs:
      h5get_free_list_sizes_f, h5dwrite_chunk_f, h5dread_chunk_f,
      h5fget_info_f, h5lvisit_f, h5lvisit_by_name_f,
      h5pget_no_selection_io_cause_f, h5pget_mpio_no_collective_cause_f,
      h5sselect_shape_same_f, h5sselect_intersect_block_f,
      h5pget_file_space_page_size_f, h5pset_file_space_page_size_f,
      h5pget_file_space_strategy_f, h5pset_file_space_strategy_f

    C++ Library:
    ------------
    -


    Java Library:
    -------------
    -


    Tools:
    ------
    -


    High-Level APIs:
    ----------------
    - Added Fortran HL API: h5doappend_f


    C Packet Table API:
    -------------------
    -


    Internal header file:
    ---------------------
    -


    Documentation:
    --------------
    -


Support for new platforms, languages and compilers
==================================================
    -
    
Bug Fixes since HDF5-1.14.0 release
===================================
    Library
    -------
    - Fixed a bug with the way the Subfiling VFD assigns I/O concentrators

      During a file open operation, the Subfiling VFD determines the topology
      of the application and uses that to select a subset of MPI ranks that
      I/O will be forwarded to, called I/O concentrators. The code for this
      had previously assumed that the parallel job launcher application (e.g.,
      mpirun, srun, etc.) would distribute MPI ranks sequentially among a node
      until all processors on that node have been assigned before going on to
      the next node. When the launcher application mapped MPI ranks to nodes
      in a different fashion, such as round-robin, this could cause the Subfiling
      VFD to incorrectly map MPI ranks as I/O concentrators, leading to missing
      subfiles.

    - Fixed performance regression with some compound type conversions

      In-place type conversion was introduced for most use cases in 1.14.2.
      While being able to use the read buffer for type conversion potentially
      improves performance by performing the entire I/O at once, it also
      disables the optimized compound type conversion used when the destination
      is a subset of the source. Disabled in-place type conversion when using
      this optimized conversion and there is no benefit in terms of the I/O
      size.

    - Fixed an assertion in a previous fix for CVE-2016-4332

      An assert could fail when processing corrupt files that have invalid
      shared message flags (as in CVE-2016-4332).

      The assert statement in question has been replaced with pointer checks
      that don't raise errors. Since the function is in cleanup code, we do
      our best to close and free things, even when presented with partially
      initialized structs.

      Fixes CVE-2016-4332 and HDFFV-9950 (confirmed via the cve_hdf5 repo)

    - Fixed a file space allocation bug in the parallel library for chunked
      datasets

      With the addition of support for incremental file space allocation for
      chunked datasets with filters applied to them that are created/accessed
      in parallel, a bug was introduced to the library's parallel file space
      allocation code. This could cause file space to not be allocated correctly
      for datasets without filters applied to them that are created with serial
      file access and later opened with parallel file access. In turn, this could
      cause parallel writes to those datasets to place incorrect data in the file.

    - Fixed an assertion failure in Parallel HDF5 when a file can't be created
      due to an invalid library version bounds setting

      An assertion failure could occur in H5MF_settle_raw_data_fsm when a file
      can't be created with Parallel HDF5 due to specifying the use of a paged,
      persistent file free space manager
      (H5Pset_file_space_strategy(..., H5F_FSPACE_STRATEGY_PAGE, 1, ...)) with
      an invalid library version bounds combination
      (H5Pset_libver_bounds(..., H5F_LIBVER_EARLIEST, H5F_LIBVER_V18)). This
      has now been fixed.

    - Fixed bugs in selection I/O

      Previously, the library could fail in some cases when performing selection
      I/O with type conversion.

    - Fixed CVE-2018-13867

      A corrupt file containing an invalid local heap datablock address
      could trigger an assert failure when the metadata cache attempted
      to load the datablock from storage.

      The local heap now verifies that the datablock address is valid
      when the local heap header information is parsed.

    - Fixed CVE-2018-11202

      A malformed file could result in chunk index memory leaks. Under most
      conditions (i.e., when the --enable-using-memchecker option is NOT
      used), this would result in a small memory leak and and infinite loop
      and abort when shutting down the library. The infinite loop would be
      due to the "free list" package not being able to clear its resources
      so the library couldn't shut down. When the "using a memory checker"
      option is used, the free lists are disabled so there is just a memory
      leak with no abort on library shutdown.

      The chunk index resources are now correctly cleaned up when reading
      misparsed files and valgrind confirms no memory leaks.

    - Fixed an issue where an assert statement was converted to an
      incorrect error check statement

      An assert statement in the library dealing with undefined dataset data
      fill values was converted to an improper error check that would always
      trigger when a dataset's fill value was set to NULL (undefined). This
      has now been fixed.

    - Fixed an assertion failure when attempting to use the Subfiling IOC
      VFD directly

      The Subfiling feature makes use of two Virtual File Drivers, the
      Subfiling VFD and the IOC (I/O Concentrator) VFD. The two VFDs are
      intended to be stacked together such that the Subfiling VFD sits
      "on top" of the IOC VFD and routes I/O requests through it; using the
      IOC VFD alone is currently unsupported. The IOC VFD has been fixed so
      that an error message is displayed in this situation rather than causing
      an assertion failure.

    - Fixed a potential bug when copying empty enum datatypes

      Copying an empty enum datatype (including implicitly, as when an enum
      is a part of a compound datatype) would fail in an assert in debug
      mode and could fail in release mode depending on how the platform
      handles undefined behavior regarding size 0 memory allocations and
      using memcpy with a NULL src pointer.

      The library is now more careful about using memory operations when
      copying empty enum datatypes and will not error or raise an assert.

    - Added an AAPL check to H5Acreate

      A check was added to H5Acreate to ensure that a failure is correctly
      returned when an invalid Attribute Access Property List is passed
      in to the function. The HDF5 API tests were failing for certain
      build types due to this condition not being checked previously.

    - Fixed a bug in H5Ocopy that could generate invalid HDF5 files

      H5Ocopy was missing a check to determine whether the new object's
      object header version is greater than version 1. Without this check,
      copying of objects with object headers that are smaller than a
      certain size would cause H5Ocopy to create an object header for the
      new object that has a gap in the header data. According to the
      HDF5 File Format Specification, this is not allowed for version
      1 of the object header format.

      Fixes GitHub issue #2653

    - Fixed H5Pget_vol_cap_flags and H5Pget_vol_id to accept H5P_DEFAULT

      H5Pget_vol_cap_flags and H5Pget_vol_id were updated to correctly
      accept H5P_DEFAULT for the 'plist_id' FAPL parameter. Previously,
      they would fail if provided with H5P_DEFAULT as the FAPL.

    - Fixed ROS3 VFD anonymous credential usage with h5dump and h5ls

      ROS3 VFD anonymous credential functionality became broken in h5dump
      and h5ls in the HDF5 1.14.0 release with the added support for VFD
      plugins, which changed the way that the tools handled setting of
      credential information that the VFD uses. The tools could be
      provided the command-line option of "--s3-cred=(,,)" as a workaround
      for anonymous credential usage, but the documentation for this
      option stated that anonymous credentials could be used by simply
      omitting the option. The latter functionality has been restored.

      Fixes GitHub issue #2406

    - Fixed memory leaks when processing malformed object header continuation messages

      Malformed object header continuation messages can result in a too-small
      buffer being passed to the decode function, which could lead to reading
      past the end of the buffer. Additionally, errors in processing these
      malformed messages can lead to allocated memory not being cleaned up.

      This fix adds bounds checking and cleanup code to the object header
      continuation message processing.

      Fixes GitHub issue #2604

    - Fixed memory leaks, aborts, and overflows in H5O EFL decode

      The external file list code could call assert(), read past buffer
      boundaries, and not properly clean up resources when parsing malformed
      external data files messages.

      This fix cleans up allocated memory, adds buffer bounds checks, and
      converts asserts to HDF5 error checking.

      Fixes GitHub issue #2605

    - Fixed potential heap buffer overflow in decoding of link info message

      Detections of buffer overflow were added for decoding version, index
      flags, link creation order value, and the next three addresses.  The
      checkings will remove the potential invalid read of any of these
      values that could be triggered by a malformed file.

      Fixes GitHub issue #2603

    - Memory leak

      Memory leak was detected when running h5dump with "pov".  The memory was allocated
      via H5FL__malloc() in hdf5/src/H5FL.c

      The fuzzed file "pov" was an HDF5 file containing an illegal continuation message.
      When deserializing the object header chunks for the file, memory is allocated for the
      array of continuation messages (cont_msg_info->msgs) in continuation message info struct.
      As error is encountered in loading the illegal message, the memory allocated for
      cont_msg_info->msgs needs to be freed.

      Fixes GitHub issue #2599

    - Fixed memory leaks that could occur when reading a dataset from a
      malformed file

      When attempting to read layout, pline, and efl information for a
      dataset, memory leaks could occur if attempting to read pline/efl
      information threw an error, which is due to the memory that was 
      allocated for pline and efl not being properly cleaned up on error.  

      Fixes GitHub issue #2602

    - Fixed potential heap buffer overrun in group info header decoding from malformed file

      H5O__ginfo_decode could sometimes read past allocated memory when parsing a
      group info message from the header of a malformed file.
  
      It now checks buffer size before each read to properly throw an error in these cases.
  
      Fixes GitHub issue #2601
      
    - Fixed potential buffer overrun issues in some object header decode routines

      Several checks were added to H5O__layout_decode and H5O__sdspace_decode to
      ensure that memory buffers don't get overrun when decoding buffers read from
      a (possibly corrupted) HDF5 file.

    - Fixed a heap buffer overflow that occurs when reading from
      a dataset with a compact layout within a malformed HDF5 file

      During opening of a dataset that has a compact layout, the
      library allocates a buffer that stores the dataset's raw data.
      The dataset's object header that gets written to the file
      contains information about how large of a buffer the library
      should allocate. If this object header is malformed such that
      it causes the library to allocate a buffer that is too small
      to hold the dataset's raw data, future I/O to the dataset can
      result in heap buffer overflows. To fix this issue, an extra
      check is now performed for compact datasets to ensure that
      the size of the allocated buffer matches the expected size
      of the dataset's raw data (as calculated from the dataset's
      dataspace and datatype information). If the two sizes do not
      match, opening of the dataset will fail.

      Fixes GitHub issue #2606

    - Fixed a memory corruption issue that can occur when reading
      from a dataset using a hyperslab selection in the file
      dataspace and a point selection in the memory dataspace

      When reading from a dataset using a hyperslab selection in
      the dataset's file dataspace and a point selection in the
      dataset's memory dataspace where the file dataspace's "rank"
      is greater than the memory dataspace's "rank", memory corruption
      could occur due to an incorrect number of selection points
      being copied when projecting the point selection onto the
      hyperslab selection's dataspace.

    - Fixed issues in the Subfiling VFD when using the SELECT_IOC_EVERY_NTH_RANK
      or SELECT_IOC_TOTAL I/O concentrator selection strategies

      Multiple bugs involving these I/O concentrator selection strategies
      were fixed, including:

        * A bug that caused the selection strategy to be altered when
          criteria for the strategy was specified in the
          H5FD_SUBFILING_IOC_SELECTION_CRITERIA environment variable as
          a single value, rather than in the old and undocumented
          'integer:integer' format
        * Two bugs which caused a request for 'N' I/O concentrators to
          result in 'N - 1' I/O concentrators being assigned, which also
          lead to issues if only 1 I/O concentrator was requested

      Also added a regression test for these two I/O concentrator selection
      strategies to prevent future issues. 

    - Fix CVE-2021-37501 / GHSA-rfgw-5vq3-wrjf

      Check for overflow when calculating on-disk attribute data size.

      A bogus hdf5 file may contain dataspace messages with sizes
      which lead to the on-disk data sizes to exceed what is addressable.
      When calculating the size, make sure, the multiplication does not
      overflow.
      The test case was crafted in a way that the overflow caused the
      size to be 0.

      Fixes GitHub #2458

    - Fixed an issue with collective metadata writes of global heap data

      New test failures in parallel netCDF started occurring with debug
      builds of HDF5 due to an assertion failure and this was reported in
      GitHub issue #2433. The assertion failure began happening after the
      collective metadata write pathway in the library was updated to use
      vector I/O so that parallel-enabled HDF5 Virtual File Drivers (other
      than the existing MPI I/O VFD) can support collective metadata writes.

      The assertion failure was fixed by updating collective metadata writes
      to treat global heap metadata as raw data, as done elsewhere in the
      library. 

      Fixes GitHub issue #2433

    - Fixed buffer overflow error in image decoding function.

      The error occurred in the function for decoding address from the specified
      buffer, which is called many times from the function responsible for image
      decoding. The length of the buffer is known in the image decoding function,
      but no checks are produced, so the buffer overflow can occur in many places,
      including callee functions for address decoding. 

      The error was fixed by inserting corresponding checks for buffer overflow.

      Fixes GitHub issue #2432

    - Reading a H5std_string (std::string) via a C++ DataSet previously
      truncated the string at the first null byte as if reading a C string.
      Fixed length datasets are now read into H5std_string as a fixed length
      string of the appropriate size. Variable length datasets will still be
      truncated at the first null byte.

      Fixes Github issue #3034

    - Fixed write buffer overflow in H5O__alloc_chunk

      The overflow was found by OSS-Fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58658

    Java Library
    ------------
    - Fixed switch case 'L' block missing a break statement.

      The HDF5Array.arrayify method is missing a break statement in the case 'L': section
      which causes it to fall through and throw an HDF5JavaException when attempting to
      read an Array[Array[Long]].

      The error was fixed by inserting a break statement at the end of the case 'L': sections.

      Fixes GitHub issue #3056


    Configuration
    -------------
    - Fixed a configuration issue that prevented building of the Subfiling VFD on macOS

      Checks were added to the CMake and Autotools code to verify that CLOCK_MONOTONIC_COARSE,
      PTHREAD_MUTEX_ADAPTIVE_NP and pthread_condattr_setclock() are available before attempting
      to use them in Subfiling VFD-related utility code. Without these checks, attempting
      to build the Subfiling VFD on macOS would fail. 

    - The accum test now passes on macOS 12+ (Monterey) w/ CMake

      Due to changes in the way macOS handles LD_LIBRARY_PATH, the accum test
      started failing on macOS 12+ when building with CMake. CMake has been
      updated to set DYLD_LIBRARY_PATH on macOS and the test now passes.

      Fixes GitHub #2994, #2261, and #1289

    - Changed the default settings used by CMake for the GZIP filter

      The default for the option HDF5_ENABLE_Z_LIB_SUPPORT was OFF. Now the default is ON.
      This was done to match the defaults used by the autotools configure.ac.
      In addition, the CMake message level for not finding a suitable filter library was
      changed from FATAL_ERROR (which would halt the build process) to WARNING (which
      will print a message to stderr). Associated files and documentation were changed to match.

      In addition, the default settings in the config/cmake/cacheinit.cmake file were changed to
      allow CMake to disable building the filters if the tgz file could not be found. The option
      to allow CMake to download the file from the original Github location requires setting
      the ZLIB_USE_LOCALCONTENT option to OFF for gzip. And setting the LIBAEC_USE_LOCALCONTENT
      option to OFF for libaec (szip).

      Fixes GitHub issue #2926

    - Fixed syntax of generator expressions used by CMake

      Add quotes around the generator expression should allow CMake to
      correctly parse the expression. Generator expressions are typically
      parsed after command arguments. If a generator expression contains
      spaces, new lines, semicolons or other characters that may be
      interpreted as command argument separators, the whole expression
      should be surrounded by quotes when passed to a command. Failure to
      do so may result in the expression being split and it may no longer
      be recognized as a generator expression.

      Fixes GitHub issue #2906

    - Fixed improper include of Subfiling VFD build directory

      With the release of the Subfiling Virtual File Driver feature, compiler
      flags were added to the Autotools build's CPPFLAGS and AM_CPPFLAGS
      variables to always include the Subfiling VFD source code directory,
      regardless of whether the VFD is enabled and built or not. These flags
      are needed because the header files for the VFD contain macros that are
      assumed to always be available, such as H5FD_SUBFILING_NAME, so the
      header files are unconditionally included in the HDF5 library. However,
      these flags are only needed when building HDF5, so they belong in the
      H5_CPPFLAGS variable instead. Inclusion in the CPPFLAGS and AM_CPPFLAGS
      variables would export these flags to the h5cc and h5c++ wrapper scripts,
      as well as the libhdf5.settings file, which would break builds of software
      that use HDF5 and try to use or parse information out of these files after
      deleting temporary HDF5 build directories.

      Fixes GitHub issue #2621

    - Correct the CMake generated pkg-config file

      The pkg-config file generated by CMake had the order and placement of the
      libraries wrong. Also added support for debug library names.

      Changed the order of Libs.private libraries so that dependencies come after
      dependents. Did not move the compression libraries into Requires.private
      because there was not a way to determine if the compression libraries had
      supported pkconfig files. Still recommend that the CMake config file method
      be used for building projects with CMake.

      Fixes GitHub issues #1546 and #2259

    - Force lowercase Fortran module file names

      The Cray Fortran compiler  uses  uppercase Fortran module file names, which
      caused CMake installs to fail. A compiler option was added to use lowercase
      instead.


    Tools
    -----
    - Fixed an issue in h5repack for variable-length typed datasets

      When repacking datasets into a new file, h5repack tries to determine whether
      it can use H5Ocopy to copy each dataset into the new file, or if it needs to
      manually re-create the dataset, then read data from the old dataset and write
      it to the new dataset. H5repack was previously using H5Ocopy for datasets with
      variable-length datatypes, but this can be problematic if the global heap
      addresses involved do not match exactly between the old and new files. These
      addresses could change for a variety of reasons, such as the command-line options
      provided to h5repack, how h5repack allocate space in the repacked file, etc.      
      Since H5Ocopy does not currently perform any translation when these addresses
      change, datasets that were repacked with H5Ocopy could become unreadable in the
      new file. H5repack has been fixed to repack variable-length typed datasets without
      using H5Ocopy to ensure that the new datasets always have the correct global heap
      addresses.
    
    - Names of objects with square brackets will have trouble without the
      special argument, --no-compact-subset, on the h5dump command line.

      h5diff did not have this option and now it has been added.

      Fixes GitHub issue #2682

    - In the tools traverse function - an error in either visit call
      will bypass the cleanup of the local data variables.

      Replaced the H5TOOLS_GOTO_ERROR with just H5TOOLS_ERROR.

      Fixes GitHub issue #2598


    Performance
    -------------
    -


    Fortran API
    -----------
    -

    High-Level Library
    ------------------
    -


    Fortran High-Level APIs
    -----------------------
    -


    Documentation
    -------------
    -


    F90 APIs
    --------
    -


    C++ APIs
    --------
    - 


    Testing
    -------
    - Disabled running of MPI Atomicity tests for OpenMPI major versions < 5

      Support for MPI atomicity operations is not implemented for major
      versions of OpenMPI less than version 5. This would cause the MPI
      atomicity tests for parallel HDF5 to sporadically fail when run
      with OpenMPI. Testphdf5 now checks if OpenMPI is being used and will
      skip running the atomicity tests if the major version of OpenMPI is
      < 5.

    - Fixed a testing failure in testphdf5 on Cray machines

      On some Cray machines, what appears to be a bug in Cray MPICH was causing
      calls to H5Fis_accessible to create a 0-byte file with strange Unix
      permissions. This was causing an H5Fdelete file deletion test in the
      testphdf5 program to fail due to a just-deleted HDF5 file appearing to
      still be accessible on the file system. The issue in Cray MPICH has been
      worked around for the time being by resetting the MPI_Info object on the
      File Access Property List used to MPI_INFO_NULL before passing it to the
      H5Fis_accessible call.

    - A bug was fixed in the HDF5 API test random datatype generation code

      A bug in the random datatype generation code could cause test failures
      when trying to generate an enumeration datatype that has duplicated
      name/value pairs in it. This has now been fixed.

    - A bug was fixed in the HDF5 API test VOL connector registration checking code

      The HDF5 API test code checks to see if the VOL connector specified by the
      HDF5_VOL_CONNECTOR environment variable (if any) is registered with the library
      before attempting to run tests with it so that testing can be skipped and an
      error can be returned when a VOL connector fails to register successfully.
      Previously, this code didn't account for VOL connectors that specify extra
      configuration information in the HDF5_VOL_CONNECTOR environment variable and
      would incorrectly report that the specified VOL connector isn't registered
      due to including the configuration information as part of the VOL connector
      name being checked for registration status. This has now been fixed. 


Platforms Tested
===================

    Linux 5.16.14-200.fc35           GNU gcc (GCC) 11.2.1 20220127 (Red Hat 11.2.1-9)
    #1 SMP x86_64  GNU/Linux         GNU Fortran (GCC) 11.2.1 20220127 (Red Hat 11.2.1-9)
    Fedora35                         clang version 13.0.0 (Fedora 13.0.0-3.fc35)
                                     (cmake and autotools)

    Linux 5.19.0-1027-aws            GNU gcc (GCC) 11.3.0-1ubuntu1
    #36-Ubuntu SMP x86_64 GNU/Linux  GNU Fortran (GCC) 11.3.0-1ubuntu1
    Ubuntu 22.04                     Intel oneAPI DPC++/C++ Compiler, IFX 2023.1.0
                                     Ubuntu clang version 14.0.0-1ubuntu1
                                     (cmake and autotools)

    Linux 5.15.0-1037-aws            GNU gcc (GCC) 9.4.0-1ubuntu1
    #36-Ubuntu SMP x86_64 GNU/Linux  GNU Fortran (GCC) 9.4.0-1ubuntu1
    Ubuntu 20.04                     Intel oneAPI DPC++/C++ Compiler, IFX 2023.1.0
                                     Ubuntu clang version 10.0.0-4ubuntu1
                                     (cmake and autotools)

    Linux 5.14.21-cray_shasta_c      cray-mpich/8.1.25
    #1 SMP x86_64 GNU/Linux            cce 15.0.1
    (perlmutter)                       GCC 12.2.0
                                       intel-oneapi/2023.1.0
                                       nvidia/22.7
                                     (cmake)

    Linux 5.14.21-cray_shasta_c      cray-mpich/8.1.23
    #1 SMP x86_64 GNU/Linux              cce 15.0.1
    (crusher)                            GCC 12.2.0
                                     (cmake)

    Linux-4.14.0-115.21.2            spectrum-mpi/rolling-release
    #1 SMP ppc64le GNU/Linux             clang 12.0.1, 14.0.5
    (lassen)                             GCC 8.3.1
                                         XL 16.1.1.2, 2021,09.22, 2022.08.05
                                     (cmake)

    Linux-4.12.14-197.99-default     cray-mpich/7.7.14
    #1 SMP x86_64 GNU/Linux              cce 12.0.3
    (theta)                              GCC 11.2.0
                                         llvm 9.0
                                         Intel 19.1.2

    Linux 3.10.0-1160.36.2.el7.ppc64 gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-39)
    #1 SMP ppc64be GNU/Linux         g++ (GCC) 4.8.5 20150623 (Red Hat 4.8.5-39)
    Power8 (echidna)                 GNU Fortran (GCC) 4.8.5 20150623 (Red Hat 4.8.5-39)
                                     IBM XL C for Linux, V13.1
                                     IBM XL Fortran for Linux, V15.1

    Linux 3.10.0-1160.24.1.el7       GNU C (gcc), Fortran (gfortran), C++ (g++)
    #1 SMP x86_64 GNU/Linux          compilers:
    Centos7                              Version 4.8.5 20150623 (Red Hat 4.8.5-4)
    (jelly/kituo/moohan)                 Version 4.9.3, Version 5.3.0, Version 6.3.0,
                                         Version 7.2.0, Version 8.3.0, Version 9.1.0
                                         Version 10.2.0
                                     Intel(R) C (icc), C++ (icpc), Fortran (icc)
                                     compilers:
                                         Version 17.0.0.098 Build 20160721
                                     GNU C (gcc) and C++ (g++) 4.8.5 compilers
                                         with NAG Fortran Compiler Release 6.1(Tozai)
                                     Intel(R) C (icc) and C++ (icpc) 17.0.0.098 compilers
                                         with NAG Fortran Compiler Release 6.1(Tozai)
                                     MPICH 3.3 compiled with GCC 7.2.0
                                     MPICH 4.0.3 compiled with GCC 7.2.0
                                     OpenMPI 3.1.3 compiled with GCC 7.2.0
                                     OpenMPI 4.1.2 compiled with GCC 9.1.0
                                     PGI C, Fortran, C++ for 64-bit target on
                                     x86_64;
                                         Version 19.10-0
                                     NVIDIA C, Fortran, C++ for 64-bit target on
                                     x86_64;
                                         Version 22.5-0
                                     (autotools and cmake)

    Linux-3.10.0-1160.0.0.1chaos     openmpi-4.1.2
    #1 SMP x86_64 GNU/Linux              clang 6.0.0, 11.0.1
    (quartz)                             GCC 7.3.0, 8.1.0
                                         Intel 19.0.4, 2022.2, oneapi.2022.2

    macOS Apple M1 11.6              Apple clang version 12.0.5 (clang-1205.0.22.11)
    Darwin 20.6.0 arm64              gfortran GNU Fortran (Homebrew GCC 11.2.0) 11.1.0
    (macmini-m1)                     Intel icc/icpc/ifort version 2021.3.0 202106092021.3.0 20210609

    macOS Big Sur 11.3.1             Apple clang version 12.0.5 (clang-1205.0.22.9)
    Darwin 20.4.0 x86_64             gfortran GNU Fortran (Homebrew GCC 10.2.0_3) 10.2.0
    (bigsur-1)                       Intel icc/icpc/ifort version 2021.2.0 20210228

    macOS High Sierra 10.13.6        Apple LLVM version 10.0.0 (clang-1000.10.44.4)
    64-bit                           gfortran GNU Fortran (GCC) 6.3.0
    (bear)                           Intel icc/icpc/ifort version 19.0.4.233 20190416

    Mac OS X El Capitan 10.11.6      Apple clang version 7.3.0 from Xcode 7.3
    64-bit                           gfortran GNU Fortran (GCC) 5.2.0
    (osx1011test)                    Intel icc/icpc/ifort version 16.0.2

    Linux 2.6.32-573.22.1.el6        GNU C (gcc), Fortran (gfortran), C++ (g++)
    #1 SMP x86_64 GNU/Linux          compilers:
    Centos6                              Version 4.4.7 20120313
    (platypus)                           Version 4.9.3, 5.3.0, 6.2.0
                                     MPICH 3.1.4 compiled with GCC 4.9.3
                                     PGI C, Fortran, C++ for 64-bit target on
                                     x86_64;
                                         Version 19.10-0

    Windows 10 x64                  Visual Studio 2015 w/ Intel C/C++/Fortran 18 (cmake)
                                    Visual Studio 2017 w/ Intel C/C++/Fortran 19 (cmake)
                                    Visual Studio 2019 w/ clang 12.0.0
                                        with MSVC-like command-line (C/C++ only - cmake)
                                    Visual Studio 2019 w/ Intel C/C++/Fortran oneAPI 2022 (cmake)
                                    Visual Studio 2022 w/ clang 15.0.1
                                        with MSVC-like command-line (C/C++ only - cmake)
                                    Visual Studio 2022 w/ Intel C/C++/Fortran oneAPI 2022 (cmake)
                                    Visual Studio 2019 w/ MSMPI 10.1 (C only - cmake)


Known Problems
==============

    CMake files do not behave correctly with paths containing spaces.
    Do not use spaces in paths because the required escaping for handling spaces
    results in very complex and fragile build files.
    ADB - 2019/05/07

    At present, metadata cache images may not be generated by parallel
    applications.  Parallel applications can read files with metadata cache
    images, but since this is a collective operation, a deadlock is possible
    if one or more processes do not participate.

    CPP ptable test fails on both VS2017 and VS2019 with Intel compiler, JIRA
    issue: HDFFV-10628.  This test will pass with VS2015 with Intel compiler.

    The subsetting option in ph5diff currently will fail and should be avoided.
    The subsetting option works correctly in serial h5diff.

    Several tests currently fail on certain platforms:
        MPI_TEST-t_bigio fails with spectrum-mpi on ppc64le platforms.

        MPI_TEST-t_subfiling_vfd and MPI_TEST_EXAMPLES-ph5_subfiling fail with
        cray-mpich on theta and with XL compilers on ppc64le platforms.

        MPI_TEST_testphdf5_tldsc fails with cray-mpich 7.7 on cori and theta.

    Known problems in previous releases can be found in the HISTORY*.txt files
    in the HDF5 source. Please report any new problems found to
    help@hdfgroup.org.


CMake vs. Autotools installations
=================================
While both build systems produce similar results, there are differences.
Each system produces the same set of folders on linux (only CMake works
on standard Windows); bin, include, lib and share. Autotools places the
COPYING and RELEASE.txt file in the root folder, CMake places them in
the share folder.

The bin folder contains the tools and the build scripts. Additionally, CMake
creates dynamic versions of the tools with the suffix "-shared". Autotools
installs one set of tools depending on the "--enable-shared" configuration
option.
  build scripts
  -------------
  Autotools: h5c++, h5cc, h5fc
  CMake: h5c++, h5cc, h5hlc++, h5hlcc

The include folder holds the header files and the fortran mod files. CMake
places the fortran mod files into separate shared and static subfolders,
while Autotools places one set of mod files into the include folder. Because
CMake produces a tools library, the header files for tools will appear in
the include folder.

The lib folder contains the library files, and CMake adds the pkgconfig
subfolder with the hdf5*.pc files used by the bin/build scripts created by
the CMake build. CMake separates the C interface code from the fortran code by
creating C-stub libraries for each Fortran library. In addition, only CMake
installs the tools library. The names of the szip libraries are different
between the build systems.

The share folder will have the most differences because CMake builds include
a number of CMake specific files for support of CMake's find_package and support
for the HDF5 Examples CMake project.

The issues with the gif tool are:
    HDFFV-10592 CVE-2018-17433
    HDFFV-10593 CVE-2018-17436
    HDFFV-11048 CVE-2020-10809
These CVE issues have not yet been addressed and are avoided by not building
the gif tool by default. Enable building the High-Level tools with these options:
    autotools:   --enable-hlgiftools
    cmake:       HDF5_BUILD_HL_GIF_TOOLS=ON