--- libmalloc/libmalloc-166.200.60/man/malloc.3
+++ libmalloc/libmalloc-646.40.3/man/malloc.3
@@ -27,7 +27,8 @@
 .Nm malloc ,
 .Nm realloc ,
 .Nm reallocf ,
-.Nm valloc
+.Nm valloc ,
+.Nm aligned_alloc
 .Nd memory allocation
 .Sh SYNOPSIS
 .In stdlib.h
@@ -56,6 +57,11 @@
 .Fc
 .Ft void *
 .Fo valloc
+.Fa "size_t size"
+.Fc
+.Ft void *
+.Fo aligned_alloc
+.Fa "size_t alignment"
 .Fa "size_t size"
 .Fc
 .Sh DESCRIPTION
@@ -70,6 +76,9 @@
 The allocated memory is aligned such that it can be used for any data type,
 including AltiVec- and SSE-related types.
 The
+.Fn aligned_alloc
+function allocates memory with the requested alignment.
+The
 .Fn free
 function frees allocations that were created via the preceding allocation
 functions.
@@ -95,6 +104,14 @@
 .Fa size
 bytes of memory and returns a pointer to the allocated memory.
 The allocated memory is aligned on a page boundary.
+.Pp
+The
+.Fn aligned_alloc
+function allocates
+.Fa size
+bytes of memory with an alignment specified by
+.Fa alignment
+and returns a pointer to the allocated memory.
 .Pp
 The
 .Fn realloc
@@ -154,8 +171,9 @@
 .Fn malloc ,
 .Fn realloc ,
 .Fn reallocf ,
+.Fn valloc ,
 and
-.Fn valloc
+.Fn aligned_alloc
 functions return a pointer to allocated memory.
 If there is an error, they return a
 .Dv NULL
@@ -163,6 +181,23 @@
 .Va errno
 to
 .Er ENOMEM .
+.Pp
+In addition,
+.Fn aligned_alloc
+returns a
+.Dv NULL
+pointer and sets
+.Va errno
+to
+.Er EINVAL
+if
+.Fa size
+is not an integral multiple of
+.Fa alignment ,
+or if
+.Fa alignment
+is not a power of 2 at least as large as
+.Fn sizeof "void *" .
 .Pp
 For
 .Fn realloc ,
@@ -283,6 +318,26 @@
 but will not abort in out of memory conditions, making it more useful to catch
 only those errors which will cause memory corruption.
 MallocCorruptionAbort is always set on 64-bit processes.
+.It Ev MallocZeroOnFree
+Starting in macOS 13, iOS 16.1 and aligned releases,
+.Xr free 3
+fully zeroes many blocks immediately.
+This may expose some previously-silent bugs in existing applications.
+In particular, read-after-free bugs may now observe zeroes instead of the
+previous content of an allocation, and write-after-free bugs may cause
+.Xr calloc 3
+to return non-zero memory.
+.Ev MallocZeroOnFree
+can be set to 0 or 1 to explicitly disable or enable this zeroing behavior to
+aid in diagnosing such bugs.
+Support for this environment variable will eventually be removed, and it should
+not be used by shipping software.
+.It Ev MallocCheckZeroOnFreeCorruption
+When zero-on-free behavior is active, this environment variable can be set to 1
+to cause the allocator to check that the free block chosen for a given
+allocation remained fully zeroed and was not corrupted by any invalid
+use-after-free writes.
+If corruption is detected, the allocator will abort.
 .It Ev MallocHelp
 If set, print a list of environment variables that are paid heed to by the
 allocation-related functions, along with short descriptions.