unmaintained, moved to http://wiki.musl-libc.org/wiki/Bugs_found_by_musl

bugs found or refound by musl

• pcc (integer constant expression bug)
• pcc (cpp bug: #define B !defined(A))
• pcc (cpp bug: macro()text)
• pcc (cpp bug: line reporting)
• pcc (cpp bug: recursive macro)
• pcc (corrupted static variable)
• pcc (-Os)
• pcc (makefile bug)
• pcc (__builtin_nanf for -fPIC)
• pcc (-print-file-name)
• pcc (complex cast to double)
• pcc (crtbeginT.o)
• pcc (visibility=hidden, inline asm with array argument, __PIC__, pcc-libs withou -fPIC)
• gcc 48825 (compiling gcc libiberty is built as target lib)
• binutils 12549 (--as-needed should ignore weak refs)
• binutils 12657 (binutils uses __pid_t instead of pid_t)
• glibc 12683 (race condition in pthread cancellation), article on ewontfix
• glibc 12701 (incorrect input matching in scanf)
• glibc 12889 (race condition in pthread_kill)
• gdb 13011 (build system does not check for dl* api)
• gdb 13014 (build system does not check for thread_db api)
• glibc 13065 (race condition in pthread barriers)
• glibc 13080 (incorrect definition of clock_t)
• glibc 13151 (fmemopen does not give EOF)
• glibc 13152 (fmemopen does not honour append mode)
• glibc 13154 (strtol clobbers endptr on invalid base)
• glibc 13172 (aio_suspend is not async-signal-safe)
• glibc 13234 (performance issue: non-pshared vs pshared condition vars)
• glibc 13347 (threaded setuid can incorrectly report success)
• glibc 13613 (broken cancellation in single-threaded process)
• glibc 13837 (sin,cos argument reduction on x86)
• binutils 13891 (binutils cannot be linked statically)
• libtool (makes static linking impossible)
• glibc 13959 (namespace pollution when _GNU_SOURCE is defined)
• glibc 13988 (scanf %f handles +.e incorrectly)
• gcc 52451 (float nan comparision without raising invalid and broken -mno-ieee-fp)
• glib 672665 (race in dlsym error detection)
• glib 674446 (g_malloc aborts on allocation failure)
• glib 674540 (incorrect assert in gconvert)
• glibc 14008 (incorrect iconv behaviour when char does not exist in destination charset)
• glibc 14010 (alphabetic character class does not follow unicode)
• glibc 14029 (manual wrongly claims fnmatch cannot fail)
• gcc 52593 (builtin sqrt is not correctly rounded)
• glibc 14032 (sqrt is not correctly rounded)
• binutils 14037 (.eh_frame stripped shared lib incorrectly linked with -fPIC program)
• glibc 14047 (spurious ERANGE by strtof)
• glibc 14102 (NI_NUMERICSCOPE is missing from netdb.h)
• glibc 14147 (async cancellation mode may be spuriously set)
• binutils 14156 (--sort-sectio=alignment is broken)
• busybox (sed bug)
• glibc 14233 (test assertions are not explained)
• glibc 14254 (scanf warn-unused-result is not justified)
• glibc 14286 (integer overflow in vfwprintf %s)
• gnulib (SLOW_BUT_NO_HACKS could be a fallback)
• gnulib (4bugs: freadahead, printf of invalid long double, getopt, SLOW_BUT_NO_HACKS)
• gcc 54232 (x86 PIC code reserves register for GOT even if there is no global data)
• posix 603 (request for posix_spawn with setrlimit, chdir,..)
• glibc 14485 (race condition in robust mutex unlocking)
• glibc 14511 (dlcose is unsafe)
• binutils 14512 (not-unloadable dso should be the default)
• glibc 14553 (loff_t is visible in sys/types.h)
• glibc 14565 (additional failure case in writev emulation)
• glibc 14578 (fchmodat with AT_SYMLINK_NOFOLLOW fails unconditionally)
• glib 684123 (_GNU_SOURCE is only tried if glibc is detected)
• posix 609 (pthread_cond_broadcast, pthread_cond_signal)
• glibc 14609 (stack clobbering in pthread cancellation cleanup handlers)
• glibc 14627 (interrupted close is non-conformant)
• gas 14640 (broken relocations for weak symbols on microblaze)
• glibc 14697 (behaviour of exit is non-conformant)
• qemu (broken app-level clone for microblaze)
• qemu (broken app-level thread cancellation)
• glibc 14744 (kill -32 cancels random thread)
• glibc 14749 (race condition with vfork in posix_spawn, address space sharing)
• glibc 14750 (race condition with vfork in posix_spawn, signal handlers)
• gcc 55012 (protected visibility wrongly uses GOT relative addressing)
• glibc 14752 (unsafe alloca in shm_open)
• posix 610 (exit vs threads)
• posix 611 (exit vs locked stdio)
• posix 612 (dirname of "usr/" and "/")
• posix 613 (pthread_cleanup_push and auto object lifetime)
• posix 614 (close as a cancellation point)
• posix 615 (pthread_setcancelstate should be async-signal-safe)
• posix 622 (loophole that turns any function async-cancel-safe)
• posix 623 (poll should not modify fds[i].events)
• posix 624 (pthread_cleanup_pop and _push should not require a prototype)
• posix 625 (allowing alarm based sleep contradicts thread-safety)
• posix 626 (fflush vs memory streams)
• posix 627 (pthread cancellation of system())
• posix 632 (pclose as a cancellation point)
• posix 633 (SIGEV_THREAD signal delivery)
• glibc 14782 (cancellation is enabled for system)
• gcc 55129 (release packaging issue)
• binutils 14798 (gas for mips generates symbols with wrong types)
• glib 687600 (gfileutils uses open through non-vararg function pointer)
• qemu (socket type mapping for mips app-level emulation is wrong)
• glibc 10815 (SIGEV_THREAD signal delivery)
• clang 13694 (wrong optimization with -ffreestanding)
• gcc 55431 (invlid auxv search in ppc linux-unwind code)
• glibc 14829 (sched_* alter thread scheduling instead of process scheduling)
• glibc 14830 (race condition with signals and priority sched)
• glibc 14942 (file corruption with close and aio)
• glibc 14985 (EPOLL_NONBLOCK broken definition)
• openssl (build system issue)
• inkscape (use of sys/fcntl.h instead of fcntl.h)
• boehm gc (build system, fallback code for determining stack address)
• posix 650 (c99 -E on #pragma)
• glibc 15088 (_POSIX_PRIORITY_SCHEDULING is defined)
• glibc 15124 (no way to get conformant api, eg strerror_r)
• posix 655 (deprecate strerror_r)
• posix 656 (allow or forbid tls for static buffers)
• posix 659 (allow timer_t to be non-arithmetic)
• glibc 15129 (timer_t is non-conforming)
• glib 694239 (gresolver uses non-portable libc api)
• posix 662 (atomicity of freopen)
• posix 663 (strcasecmp is underspecified)
• linux-lvm (include the correct header files)
• cairo (FE_ macros might not be defined in fenv.h)
• dnsmasq (unchecked use of SO_REUSEPORT)
• googletest framework (missing sys/socket.h include)
• mdadm (canonicalize_file_name, broken ifdefs)
• dm-crypt (missing headers)
• johntheripper (expecting tcphdr in tcp.h)
• glibc 15368 (raise is not async signal safe)
• posix 686 (clock() wrap around and signedness of clock_t)
• posix 689 (stdio deadlock)
• glibc 15448 (integer overflow in CPU_* macros in sched.h)
• posix 695 (atomicity of file operations)
• posix 703 (add errno for clock() wrap around)
• gcc 57258 (unused warning for volatile variables)
• posix 708 (thread-safety of mblen, mbtowc, and wctomb)
• gcc 57574 (incorrect c99 inline semantics)
• glibc 15615 (rand_r is biased)
• posix 711 (va_* macros should be async-signal-safe)
• posix 712 (typographic error in html)
• posix 713 (*quo is unspecified on error in remquo)
• posix 714 (yn(n,0) for negative odd n)
• gnulib (assuming broken fflush in cross compilation)
• posix 716 (process instead of thread in rename spec)
• glibc 15720 (stdc-predef.h defines __STDC_IEC_559_COMPLEX__)
• posix 728 (signal handler restrictions)
• sdl (SDL_CreateThread stack size is unknown and cannot be set)

bugs relevant for musl

• glibc 5945 (regoff_t size)
• glibc 12674 (sem_post/sem_wait race)
• glibc 13276 (realloc aborts when runs out of vm)
• glibc 4737 (fork is not async-signal-safe)
• binutils 13470 (ppc32 ld regressions in 2.22)
• binutils 13600 (protected visibility creates bogus relocation)
• gcc 51437 (feature request: warn on reserved identifiers)
• glibc 13165 (observable invalid ordering with pthread_cond_wait)
• gcc 46770 (.init_array vs .ctors for initializing static objects in c++)
• boost (endian detection is incorrect)
• gcc 18501 (missing warning about uninitialized variables)
• clang 8100 (incorrect floating-point optimizations and c99 fenv support)
• NULL in vararg functions (ewontfix article)
• gcc fixincludes (ewontfix article)
• gcc 31798 (on arm libgcc has undefined reference to raise)
• gcc 56888 (memcpy is compiled to invoke memcpy) gcc-help thread

unreported bugs

• linux procfs and writev
• posix: usage of the cx option in unistd.h
• broken bre support in tre
• broken random in all bsd libc and glibc (bad seed, ub signed int arithmetics)
• search.h implementation bugs in bsd libc and glibc (stack overflow, hsearch crashes on glibc)
• several libm bugs in glibc, fdlibm (freebsd, openbsd, bionic,..)
• gcc fldpi, fldl2e,.. even with -frounding-math
• gcc -fPIC -Os generates GOT for single 32bit consts instead of using immediate value (for float on i386)
• llvm signal handler bug (not async-signal-safe, invalid use of c++, racy unmasking) in Support/Unix/Signals.inc
• llvm exit bug (destructor calls exit)
• llvm: invalid use of the address of stdin/stdout/stderr in Support/DynamicLibrary.cpp
• address sanitizer: various problems: stack detection, include files, ifdef, non-portable code,..
• various c++ projects: depend on constructor order of different tu (gcc 46770)
• various projects: assume large thread stack size without setting it up (firefox,..)
• various projects: query the base pointer of the stack to do pointer arithmetics with it (libgc, firefox,...)
• calling dlopen from the constructor of global static object (firefox)
• incorrect usage of feature test macros and configure results (lots of projects)
• usage of obsolete wrong headers (sys/foo.h instead of foo.h and vice-versa, many projects)
• glibc has some missing posix symbols (found by libc-test)
• glibc has broken vfork on mips
• glibc integer overflows in time/tz code
• linux headers invoke ub by using (1 << 31) eg. MS_NOUSER in inlude/uapi/linux/fs.h
• strace: broken handling of vfork
• bionic: posix namespace violation, +gratuitous interface breaking
• bionic: broken checks in wchar.cpp mbrtowc
• gnutls: O_CLOEXEC
• arp: posix namespace collision (tm_)
• util-linux: cpuset.h __cpumask, etc, sys/ttydefaults.h, __sighandler_t
• f() instead of (f)() in configure scripts (or #undef)
• bionic/wchar.cpp 'if (n == 0)' is wrong, should be 'if (s == NULL)' and later 'if (n == 0) return -2'
• gcc vs c99 annex f issues
• gcc dl_iterate_phdr configure check (hard coded solaris header check + glibc/bionic/bsd ifdef + config.host overrides)
• libxml2 and glib: ub and several threading and allocation related bugs

misc

• webkit (jit requires vm overcommit) (fixed 2 years later)
• glibc 3400 (static linking is not supported)
• glibc 12189 (__stack_chk_fail attempts backtrace)
• gcc 41431 (sizeof(&main) is rejected)
• mozilla (disallow animated favicon) (unfixed since 2001)
• posix 374 (posix vs c inconsistency about malloc(0) and realloc(p,0))
• python (excessive amount of syscalls made at startup)
• glibc 13344 (regression after leaf attribute is added to pthread functions)
• eglibc (restrict is added to memmove and thus optimized to memcpy)
• glibc 13601 (ldso fails on short read)
• glibc 11214 (CLONE_VM vs TLS)
• glibc 4099 (agressive caching)
• glibc 12100 (strstr: O(n)->O(n^2) on SSE4)
• glibc 13138 (scanf stackoverflows on long numbers)
• glibc 14195 (strncasecmp segfaults with SSSE3)
• glibc 14229 (strtok_r fails on x32)
• glibc 14552 (unbounded alloca in strcoll and strxfrm)
• systemd (early boot vasprintf segfault)
• glibc 14716 (memmem crash)
• gcc 4.7.0 regression (incorrect tail merging optimization)