Bugs found by musl
(originally created for slcon 2013)
Bugs found and reported
- pcc (integer constant expression bug)
- pcc (cpp bug: #define B !defined(A))
- pcc (cpp bug: macro()text)
- pcc (cpp bug: line reporting)
- pcc (cpp bug: recursive macro)
- pcc (corrupted static variable)
- pcc (-Os)
- pcc (makefile bug)
- pcc (__builtin_nanf for -fPIC)
- pcc (-print-file-name)
- pcc (complex cast to double)
- pcc (crtbeginT.o)
- pcc (visibility=hidden, inline asm with array argument, __PIC__, pcc-libs without -fPIC)
- gcc 48825 (compiling gcc libiberty is built as target lib)
- binutils 12657 (binutils uses __pid_t instead of pid_t)
- glibc 12683 (race condition in pthread cancellation), article on ewontfix
- glibc 12701 (incorrect input matching in scanf)
- glibc 12889 (race condition in pthread_kill)
- gdb 13011 (build system does not check for dl- api)
- gdb 13014 (build system does not check for thread_db api)
- glibc 13065 (race condition in pthread barriers)
- glibc 13080 (incorrect definition of clock_t)
- glibc 13151 (fmemopen does not give EOF)
- glibc 13152 (fmemopen does not honour append mode)
- glibc 13154 (strtol clobbers endptr on invalid base)
- glibc 13172 (aio_suspend is not async-signal-safe)
- glibc 13234 (performance issue: non-pshared vs pshared condition vars)
- glibc 13347 (threaded setuid can incorrectly report success)
- glibc 13613 (broken cancellation in single-threaded process)
- glibc 13837 (sin,cos argument reduction on x86)
- binutils 13891 (binutils cannot be linked statically)
- libtool (makes static linking impossible)
- glibc 13959 (namespace pollution when _GNU_SOURCE is defined)
- glibc 13988 (scanf %f handles +.e incorrectly)
- gcc 52451 (float nan comparison without raising invalid and broken -mno-ieee-fp)
- glib 672665 (race in dlsym error detection)
- glib 674446 (g_malloc aborts on allocation failure)
- glib 674540 (incorrect assert in gconvert)
- alsa-lib (invalid format specifier %L used for long long)
- glibc 14008 (incorrect iconv behaviour when char does not exist in destination charset)
- glibc 14010 (alphabetic character class does not follow unicode)
- glibc 14029 (manual wrongly claims fnmatch cannot fail)
- gcc 52593 (builtin sqrt is not correctly rounded)
- gcc 53119 (bogus warning about universal zero initializer)
- glibc 14032 (sqrt is not correctly rounded)
- binutils 14037 (.eh_frame stripped shared lib incorrectly linked with -fPIC program)
- glibc 14047 (spurious ERANGE by strtof)
- glibc 14102 (NI_NUMERICSCOPE is missing from netdb.h)
- glibc 14147 (async cancellation mode may be spuriously set)
- binutils 14156 (–sort-sectio=alignment is broken)
- busybox (sed bug)
- glibc 14233 (test assertions are not explained)
- glibc 14254 (scanf warn-unused-result is not justified)
- glibc 14286 (integer overflow in vfwprintf %s)
- gnulib (SLOW_BUT_NO_HACKS could be a fallback)
- gnulib (4bugs: freadahead, printf of invalid long double, getopt, SLOW_BUT_NO_HACKS)
- gcc 54232 (x86 PIC code reserves register for GOT even if there is no global data)
- posix 603 (request for posix_spawn with setrlimit, chdir,..)
- glibc 14485 (race condition in robust mutex unlocking)
- glibc 14511 (dlcose is unsafe)
- binutils 14512 (not-unloadable dso should be the default)
- glibc 14553 (loff_t is visible in sys/types.h)
- glibc 14565 (additional failure case in writev emulation)
- glibc 14578 (fchmodat with AT_SYMLINK_NOFOLLOW fails unconditionally)
- glib 684123 (_GNU_SOURCE is only tried if glibc is detected)
- posix 609 (pthread_cond_broadcast, pthread_cond_signal)
- glibc 14609 (stack clobbering in pthread cancellation cleanup handlers)
- glibc 14627 (interrupted close is non-conformant)
- gas 14640 (broken relocations for weak symbols on microblaze)
- glibc 14697 (behaviour of exit is non-conformant)
- qemu (broken app-level clone for microblaze)
- qemu (broken app-level thread cancellation)
- glibc 14744 (kill -32 cancels random thread)
- glibc 14749 (race condition with vfork in posix_spawn, address space sharing)
- glibc 14750 (race condition with vfork in posix_spawn, signal handlers)
- gcc 55012 (protected visibility wrongly uses GOT relative addressing)
- glibc 14752 (unsafe alloca in shm_open)
- posix 610 (exit vs threads)
- posix 611 (exit vs locked stdio)
- posix 612 (dirname of “usr/” and “/”)
- posix 613 (pthread_cleanup_push and auto object lifetime)
- posix 614 (close as a cancellation point)
- posix 615 (pthread_setcancelstate should be async-signal-safe)
- posix 622 (loophole that turns any function async-cancel-safe)
- posix 623 (poll should not modify fds[i].fd and fds[i].events)
- posix 624 (pthread_cleanup_pop and _push should not require a prototype)
- posix 625 (allowing alarm based sleep contradicts thread-safety)
- posix 626 (fflush vs memory streams)
- posix 627 (pthread cancellation of system())
- posix 632 (pclose as a cancellation point)
- posix 633 (SIGEV_THREAD signal delivery)
- glibc 14782 (cancellation is enabled for system)
- gcc 55129 (release packaging issue)
- binutils 14798 (gas for mips generates symbols with wrong types)
- glib 687600 (gfileutils uses open through non-vararg function pointer)
- qemu (socket type mapping for mips app-level emulation is wrong)
- glibc 10815 (SIGEV_THREAD signal delivery)
- clang 13694 (wrong optimization with -ffreestanding)
- gcc 55431 (invlid auxv search in ppc linux-unwind code)
- glibc 14829 (sched_- alter thread scheduling instead of process scheduling)
- glibc 14830 (race condition with signals and priority sched)
- glibc 14942 (file corruption with close and aio)
- glibc 14985 (EPOLL_NONBLOCK broken definition)
- openssl (build system issue)
- inkscape (use of sys/fcntl.h instead of fcntl.h)
- boehm gc (build system, fallback code for determining stack address)
- posix 650 (c99 -E on #pragma)
- glibc 15088 (_POSIX_PRIORITY_SCHEDULING is defined)
- glibc 15124 (no way to get conformant api, eg strerror_r)
- posix 655 (deprecate strerror_r)
- posix 656 (allow or forbid tls for static buffers)
- posix 659 (allow timer_t to be non-arithmetic)
- glibc 15129 (timer_t is non-conforming)
- glib 694239 (gresolver uses non-portable libc api)
- posix 662 (atomicity of freopen)
- posix 663 (strcasecmp is underspecified)
- linux-lvm (include the correct header files)
- cairo (FE_ macros might not be defined in fenv.h)
- dnsmasq (unchecked use of SO_REUSEPORT)
- googletest framework (missing sys/socket.h include)
- mdadm (canonicalize_file_name, broken ifdefs)
- dm-crypt (missing headers)
- johntheripper (expecting tcphdr in tcp.h)
- glibc 15368 (raise is not async signal safe)
- posix 686 (clock() wrap around and signedness of clock_t)
- iso c dr 437 (clock() wrap around)
- posix 689 (stdio deadlock)
- glibc 15448 (integer overflow in CPU_- macros in sched.h)
- posix 695 (atomicity of file operations)
- posix 703 (add errno for clock() wrap around)
- gcc 57258 (unused warning for volatile variables)
- posix 708 (thread-safety of mblen, mbtowc, and wctomb)
- gcc 57574 (incorrect c99 inline semantics)
- glibc 15615 (rand_r is biased)
- posix 711 (va_- macros should be async-signal-safe)
- posix 712 (typographic error in html)
- posix 713 (*quo is unspecified on error in remquo)
- posix 714 (yn(n,0) for negative odd n)
- gnulib (assuming broken fflush in cross compilation)
- posix 716 (process instead of thread in rename spec)
- glibc 15720 (stdc-predef.h defines __STDC_IEC_559_COMPLEX__)
- posix 728 (signal handler restrictions)
- sdl (SDL_CreateThread stack size is unknown and cannot be set)
- libxml2 704903 (dict.c randomization is bogus)
- libxml2 704904 (weak references to pthread functions)
- libxml2 704905 (xmlInitParser and xmlInitThreads lacks synchronization)
- libxml2 704907 (namespace violation: __xml symbols)
- libxml2 704908 (pthread symbols are not #undefed before reusing them)
- glibc 15838 (fts.h is unusable on 32bit systems)
- glibc 15846 (getauxval api is broken)
- posix 739 (strftime %F vs %Y-%m-%d in posix vs iso c)
- posix 740 (wcsftime field widths)
- gcc 58245 (gcc -fstack-protector with noreturn func optimizes away ssp epilogue)
- posix 747 (incorrect note about pthread_once_t)
- gcc 58427 (xgcc target compilation depends on installed libgcc_s.so)
- gcc 58446 (musl support patches)
- gcc 58489 (ICE in in reload_cse_simplify_operands with -march=armv6 -Os)
- posix 753 (typo in an example)
- posix 754 (total ordering requirement in qsort)
- posix 755 (mutex ownership after thread id reuse)
- posix 761 (snprintf when n>INT_MAX)
- wg14 n1769.pdf (round to narrower floating-point operations in ISO/IEC TS 18661)
- wg14 mail (floating-point issues, FLT_EVAL_METHOD!=0)
- linux (ASLR creates bad memory layout for PIE) lkml report
- linux 3.13 (microblaze mmap2 fix)
- mit-scheme (conformance issues)
- posix 777 (leading zero handling in inet_pton)
- posix 780 (missing CX shadings in the name space table)
- posix 781 (LC_*_MASK is reserved for locale.h instead of LC_A-Z*)
- posix 782 (reserve ISO C reserved identifiers in complex.h)
- posix 783 (missing IPV6 shading in unistd.h)
- posix 790 (reserved identifier list for external linkage)
- posix 791 (missing CX shading for getsubopt)
- posix 801 (M_- macros with FLT_EVAL_METHOD!=0)
- posix 806 (fnmatch when pattern ends in backslash)
- valgrind 329612 (incorrect AT_BASE handling) committed fix
- glibc 16355 (namespace violation in syslog.h)
- gdb 16370 (gdb build depends on bash)
- glibc 16437 (struct timespec is non-conforming on x32)
- glibc 16438 (__syscall_ulong_t is a security risk on x32)
- linux (CONFIG_MEM_SOFT_DIRTY disabled VMA merging) fix for linux 3.14
- gcc 60259 (classpath hangs if the opaque LC_MESSAGES string is in unexpected format)
- pcc (with -fPIC const data gets into writable .data section)
- pcc (libpcc symbols have default visibility instead of hidden)
- linux (uapi header conflicts with libc) patch 1 patch 2 patch 3 patch 4
- glibc 16605 (invalid stdio file position caching)
- binutils 16698 (assertion failure with -Wl,–gc-sections and -s)
- gold 16728 (hidden tls symbols are not hidden)
- glibc 16747 (lio_listio prototype misses a restrict qualifier)
- linux (sh arch syscall handling was broken), (exception handler fix), (cleanup)
- ewontfix/16 (collection of glibc pthread bugs)
- gcc 60537 (sh code bloat in loop optimization)
- gcc 60538 (sh cmp/str optimization)
- glibc 16852 (recvmmsg clobbers const object)
- glibc 16854 (sendmmsg and recvmmsg have incorrect header comments)
- python 20594 (posix namespace violation in posixmodule.c)
- posix 833 (new SOCK_- flags should not be used in getaddrinfo hints->ai_socktype)
- firefox (build system uses illegal char sequence in sh and sed)
- gcc 61144 (extern vars with local weak definitions are broken), (related debian bug)
- gcc 61159 (__builtin_constant_p is wrong on aliased local vars)
- firefox (assuming pthread_t is integral and using == on it)
- binutils 17057 (dynamic TLSDESC is broken on i386)
- gcc 61739 (invalid __builtin_printf optimization)
- glibc 17144 (syslog is non-thread-safe without NO_SIGPIPE)
- glibc 17145 (syslog leaks fd with LOG_CONS)
- libressl (using &main as entropy)
- firefox (hardcoded glibc specific config of icu)
- posix 861 (no way to query active locale name when uselocale is used)
- asterisk 24154 (use of PTHREAD_MUTEX_INITIALIZER as if it provided a recursive mutex)
- asterisk 24155 (invalid use of backtrace() to check for recursion)
- glibc 27929 (lax stub resolver interpretation of ServFail allows DNSSEC bypass).
Bugs relevant to musl
- glibc 3400 (static linking is not supported)
- posix 374 (posix vs c inconsistency about malloc(0) and realloc(p,0))
- glibc 5945 (regoff_t size)
- binutils 12549 (–as-needed should ignore weak refs)
- glibc 12674 (sem_post/sem_wait race)
- glibc 13276 (realloc aborts when runs out of vm)
- glibc 4737 (fork is not async-signal-safe)
- binutils 13470 (ppc32 ld regressions in 2.22)
- binutils 13600 (protected visibility creates bogus relocation)
- gcc 51437 (feature request: warn on reserved identifiers)
- glibc 13165 (observable invalid ordering with pthread_cond_wait)
- gcc 46770 (.init_array vs .ctors for initializing static objects in c++)
- boost (endian detection is incorrect)
- gcc 18501 (missing warning about uninitialized variables)
- clang 8100 (incorrect floating-point optimizations and c99 fenv support)
- NULL in vararg functions (ewontfix article)
- gcc fixincludes (ewontfix article)
- gcc 31798 (on arm libgcc has undefined reference to raise)
- gcc 52734 (4.7.0 regression: incorrect tail merging optimization)
- gcc 56888 (memcpy is compiled to invoke memcpy) gcc-help thread
- strace (fork/vfork tracing may fail with ERESTARTNOINTR, fixed in 4.8)
- gcc ml (__stack_chk_fail_local without -lssp_nonshared)
- glibc 13862 (tls design issue in glibc)
- mesa (initial-exec tls model breaks dlopening libGL)
- glibc 16291 (stack and tls bounds api for asan)
- glibc 9712 (expose futex syscall)
- gcc 53513 (sh fpu precision mode switching using __fpscr_values)
- gnulib (gnulib stdint.h was broken for c++)
- uClibc (no stable release for two years)
- posix 811 (is pthread_mutex_unlock atomic) self-synced destruction: qemu-devel, glibc 13690, linux pipe-race
- llvm 11316 (va_arg is broken on powerpc for aggregate types)
- gcc 60766 (bad optimization with -ftree-loop-optimize in 4.7 and 4.8)
Unreported bugs
- linux procfs and writev
- posix: usage of the cx option in unistd.h
- broken bre support in tre
- broken random in all bsd libc and glibc (bad seed, ub signed int arithmetics)
- search.h implementation bugs in bsd libc and glibc (stack overflow, hsearch crashes on glibc)
- several libm bugs in glibc, fdlibm (freebsd, openbsd, bionic,..)
- gcc fldpi, fldl2e,.. even with -frounding-math
- gcc -fPIC -Os generates GOT for single 32bit consts instead of using immediate value (for float on i386)
- llvm signal handler bug (not async-signal-safe, invalid use of c++, racy unmasking) in Support/Unix/Signals.inc
- llvm exit bug (destructor calls exit)
- llvm: invalid use of the address of stdin/stdout/stderr in Support/DynamicLibrary.cpp
- address sanitizer: various problems: stack detection, include files, ifdef, non-portable code,..
- various c++ projects: depend on constructor order of different tu (gcc 46770)
- various projects: assume large thread stack size without setting it up (firefox,..)
- various projects: query the base pointer of the stack to do pointer arithmetics with it (libgc, firefox,…)
- calling dlopen from the constructor of global static object (firefox)
- incorrect usage of feature test macros and configure results (lots of projects)
- usage of obsolete wrong headers (sys/foo.h instead of foo.h and vice-versa, many projects)
- glibc has some missing posix symbols (found by libc-test)
- glibc has broken vfork on mips
- glibc integer overflows in time/tz code
- linux headers invoke ub by using (1 << 31) eg. MS_NOUSER in include/uapi/linux/fs.h
- strace: broken handling of vfork
- bionic: posix namespace violation, +gratuitous interface breaking
- bionic: broken checks in wchar.cpp mbrtowc
- gnutls: O_CLOEXEC
- arp: posix namespace collision (tm_)
- util-linux: cpuset.h __cpumask, etc, sys/ttydefaults.h, __sighandler_t
- f() instead of (f)() in configure scripts (or #undef)
- bionic/wchar.cpp ‘if (n == 0)’ is wrong, should be ‘if (s == NULL)’ and later ‘if (n == 0) return -2’
- gcc vs c99 annex f issues
- gcc dl_iterate_phdr configure check (hard coded solaris header check + glibc/bionic/bsd ifdef + config.host overrides)
- posix: can syslog set errno (when it fails)?
- isoc: fputc(‘c’,stdin) should be explicitly ub
- posix: pow “For y < 0, if x is zero, .. +-HUGE_VAL” should be “if x is +-0” to match +-
- isoc: underflow omission in annex f with FLT_EVAL_METHOD!=0 (comp.lang.c discussion)
- glibc: fegetenv/fesetenv does not save/restore sse exception flags on i386
- gcc: peephole optimization on i386 (i64 &= -1ULL<<32; turns into “andl \$-1,4(%esp); movl \$0,(%esp)”)
- gcc: optimization for fmod loop: superfluous fldl/fstpl in loop
- glibc, gnulib: invalid ld80 on i386 printf’d incorrectly, gnulib tests this case, but not correctly
- glibc: -lxnet fails (posix requirement)
- glibc vs linux: on microblaze struct elf_prpsinfo does not match the in-kernel definition.
- gcc: generates usless .globl directive when referencing libgcc math function
- gcc: libgcc symbol references has .globl but not .type directive so the assembler considers the symbol reference as object breaking eg -Bsymbolic-functions
- gcc: definitions in libgcc.a should be .hidden (default visibility breaks usage in shared libraries)
- gcc: (long long)ptr sign extends the pointer value, this eg breaks syscall arg passing on x32
- glibc: alloca, strdupa, strndupa, should be declared with __attribute__((deprecated))
- gcc, clang: mm_malloc.h pollutes global namespace, broken if libc posix_memalign is macro, gcc proto is wrong
- gcc, __builtin_constant_p does not evaluate to an integer-constant-expression
- linux: on 32bit mips linux uses -1U/2 as RLIM_INFINITY (which is in the middle of the valid range) but limits are not always compared accordingly: eg one can set inifine limit even if rlim_max is finite and >-1U/2