bugs Breaking Stuff
Back to DaveSource

I like to use things in new and interesting ways; I believe this makes me a good verification engineer. I have managed to break and find bugs in almost every tool I have used, including my cell phones, even before the smart phone revolution. Unfortunately I didn't keep track of many of these bugs, and I wish I had, because I feel like they are notches on my belt.

Let me make it clear that this information does not imply that these are bad tools - I just break anything that I touch, and these are some of the tools that I've touched the most.

Here's some of my bugs, with details where I can remember them:

ANSI cpp (on HP-UX)
This took a while to root-cause because it turned out you could actually hang cpp with commented code, and I was trying to comment code out to find the root-cause :)
Eventually this was fixed. Here's the info

HPUX linker
I had to monkey around with the linker to build weird test objects. I found a number of alignment bugs and a number of linker math bugs. Here's the only one that I saved (though it might have been an assembler bug after all.

Sadly I didn't keep a record of the bugs I found with the C compiler on HP-UX. There were many. (HP-UX isn't necessarily unstable, but it's what I used in my early days)

GNU gcc (on Linux)
I've also found bugs on gcc (a plethora on v2.95.4 in particular), but then again, who hasn't?

I found a security exploit the very first time I used FreeBSD (freebsd gnats, local) that revealed securelog messages to normal users.

Various assemblers
Every assembler I've worked with has shown up a bug eventually. I kept a few of my assembler bugs from as20 (HPUX assembler) bugs 1, 2 & 3.

I've found a few bugs with perl:

ActiveState Perl
ActivePerl is a perl port to Windows. It has oddities in dealing with pipes and execution, but it also has this bug (bug #81062)

Found a quaint little OSX bug when 10.3 came out, and another with CD burning bug. I've also found an amusing security issue.

Safari 1.1(v100)
Simple <pre> rendering bug

It was a proud day when I found a who bug. I was surprised it hadn't been caught already. It was a bug in the early days of HP-UX 10.20, and "who -u" wasn't ending it's strings with \0, so if the last field (machine/display) got shorter, then you would see the end of the longer machine name after the shorter machine name.

vim 6.1 has a search bug that causes a segfault. vim 7.0 has a minor delete search bug.

elm has a file-attach bug

The -l (max-lines) option screws up the -i (replace) option. These two commands act differently (the first one ignores the -i):

I can't remember the details from earlier bugs, but I've needed to fix/workaround tcsh, ksh, etc.. I do have a two tcsh bugs (2) listed.

Netscape Browser
I found some bugs that screwed up/crashed early versions of netscape, but sadly did not keep them. I posted one to Netscape.com, but can't find the bug report.

Opera Browser
Found a bug that screwed up the <font> stack

Mozilla Browser
bug 187845 (local): wasn't properly cleaning up "//../" - they claim it's undefined behavior. Bah.
Also, I helped track down 203609 (local).

Motorola RAZR V3i
This phone has so many endless interface bugs that I made a complaint list for the RAZR V3i.

e16 has many bugs, so this is no surprise. This one was difficult to capture.
And I just found another one, but enlightenment is no longer supported :(

XMMS & plugins
Found a playlist bug (#2271). I also found a bug using the CDcover XMMS plugin that is either in gtk or CDcover.

I was surprised to start receiving segfaults in xterm for what was previously working behavior.

Ogg Vorbis
Little things

A simple bug that should not be.

Bayesian Filters
Not really a software bug, but an algorithmic problem, I've started to realize that Bayesian Filters can't solve the SPAM problem

gphoto (actually rsony)
Filename corruption

Nokia 8260 Cell Phone
This phone actually has a caller identification problem

Siemens S55 Cell Phone
handsfree/bluetooth headset bug

Hasbro Monopoly for iPhone
Not only has a super slow interface, but I actually caught a bug just as it happened.

Belkin Wireless Router (F5D6231-4)
Even though the router (web interface) has a "just use as access point" setting which allows you to specify an IP address, it ignores the IP address setting and just reverts back to the default. This means you're hosed if that IP isn't on your network and unused.

Windows Media Player
I don't even use Windows, but I find bugs in it. Shocking. (Well, my tools do..): windows media player bug. I also found a 'bug' with their website

Internet Explorer
Once again, even though I don't even use Microsoft tools, it seems that it's quite easy to find their bugs. They are confused about what JPGs look like, and they also have a really stupid rendering bug

Calendar programs and .vcs format
The .vcs format is barely supported by most calendaring programs. Here are a bunch of .vcs parsing bugs that have bothered me.

Google Keep
A couple of issues

Google Drive
An amusing google drive bug

Google Map
Amusing directions from google maps

I found a bug with Blippo-Heavy on Ubuntu

I love ebay, I hate ebay.

I love Facebook, I hate Facebook.
Also there is this amusing bug in Facebook Places in the iPhone App. Where's the '+' button, exactly?

I pretty much just hate hotmail.

Various verilog/hardware tools

Modelsim verilog simulator
The coverage tools aren't quite up to speed:
  1. [6.2g] missed expression for '==',
  2. [6.2g] coverage on/off pragmas intermittently cover enclosed instantiations
  3. [6.3c] Simulation ending before coverage database is written
Some bug testcases I can't file here because they involve intellectual property. Most involve Modelsim coverage, which works about as often as the panhandlers downtown.
  1. Pointer crash: [Fixed in 6.3c] Examine large source in GUI, turn on source annotation, run so that PLI does tf_dostop, GUI suddenly crashes and outputs: "Bad pointer access... Closing vish."
  2. [6.3c] vcover merge bug: Intermittent failure:
    File 'new.ucdb' does not match code/functional coverage type of previous file(s)
    [[Design was not altered/recompiled between runs]]
  3. [6.3c] vcover merge bug: 50% Intermittent failure:
    "(vlib-5) ****** Memory failure. ***** Bad pointer/access type passed to memory subsystem. Pointer may have been previously deallocated.(vlib-5) ****** Memory failure. *****"
    And then vcover runs indefinitely, sucking up system resources until it is killed.
  4. [6.3c] vcover merge disappearing error:
    Multiple test data records with the same name encountered during the merge of file 'new.ucdb'. These test data records contain conflicting data. For more details, rerun merge with the '-verbose' option set.
    Amusingly, when I run with -verbose, the error disappears.
  5. [6.3c] vcover mis-parsing signal names with verilog "\escaped identifiers ;"

VCS verilog compiler
Found a few VCS bugs, and didn't really keep track of them

ESP verilog formal interpretor
ESP is a great formal verification tool, but I found some verilog compatibility bugs in the early days: (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11)

finsim verilog compiler
I've got a real bug (2), and one bug which is admittedly entering the territory of undefined behavior.

debussy waveform viewer
Excellent tool. Has certain behavior that makes it crash: (1, 2, 3, 4, 5)

rccs versioning software
This had so many bugs it was almost not worth mentioning. One of my favorites was that you could break the tool on your machine by piping the usage to another process (like less) and then killing the pipe. To fix it you need to reboot the tool's daemon, until then the machine would hang on any rccs commands. The cad tool manager at my company didn't think this was a bug, so I just ran all my rccs piped commands on his machine. His attitude changed quickly.

Neat bugs in lesser known programs

qPoll (cgi polling script)
I found a bug in qPoll that got qPoll admin access

This bug (local) allowed untrusted scripts to get around the `#sinclude` safe include method.