Bug#582916: Testing eglibc 2.17-7

2013-07-08 Thread Thomas Hood 
Jens, I ran your program (updated test) on a Debian 7.0 system with libc6
et al
upgraded to 2.17-7.

Output:

y.c:44: error: r=-2 Name or service not known

Output after replacing karme.de. with www.google.com: none; the program
completed successfully.

Output after doing iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP:

y.c:29: error: r=-5 No address associated with hostname

Comments?
-- 
Thomas

Bug#582916: Testing eglibc 2.17-7

2013-07-08 Thread Thomas Hood 
On Mon, Jul 8, 2013 at 9:16 AM, Jens Thiele ka...@karme.de wrote:

  Output:
 
  y.c:44: error: r=-2 Name or service not known
 
  Output after replacing karme.de. with www.google.com: none; the
 program
  completed successfully.
 
  Output after doing iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP:
 
  y.c:29: error: r=-5 No address associated with hostname
 
  Comments?

 you have to use a name with A but no  record for the test:


After iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP the output of
the program is the same whether hosts=www.google.com. or karme.de..
 It's

 y.c:29: error: r=-5 No address associated with hostname

-- 
Thomas

Bug#582916: Testing eglibc 2.17-7

2013-07-08 Thread Jens Thiele 
Thomas Hood jdth...@gmail.com writes:

 After iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP the output of
 the program is the same whether hosts=www.google.com. or karme.de..

from the test:

to easily reproduce, fake packet loss/overloaded dns server
on linux do something like:
# iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP 
# iptables -I OUTPUT -p udp -m udp --dport 53 -j LOG --log-prefix DROP DNS 
REQUEST  
# iptables -I OUTPUT -p udp -m udp --dport 53 -m limit --limit 10/sec -j ACCEPT 
first


all 3 lines are needed!
if you drop all dns requests the test doesn't work
if you use all 3 lines dns requests are rate limited (because of
iptables -I you have to read that in reverse order)

afair, the idea was that there is a high probability that at some time
the request for the a record is droped but the  request gets through

jens

PS: i also did write a dns-proxy for a more precise test (i think i
linked it somewhere?)


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87k3l11p3f@karme.de

Bug#582916: Testing eglibc 2.17-7

2013-07-08 Thread Jens Thiele 
Thomas Hood jdth...@gmail.com writes:

 Jens, I ran your program (updated test) on a Debian 7.0 system with libc6
 et al
 upgraded to 2.17-7.

 Output:

 y.c:44: error: r=-2 Name or service not known

 Output after replacing karme.de. with www.google.com: none; the program
 completed successfully.

 Output after doing iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP:

 y.c:29: error: r=-5 No address associated with hostname

 Comments?

you have to use a name with A but no  record for the test:
karme@amalthea:/$ dig -t A +short karme.de.
188.40.75.142
karme@amalthea:/$ dig -t  +short karme.de.
karme@amalthea:/$ dig -t A +short www.gooogle.com.
173.194.69.94
karme@amalthea:/$ dig -t  +short www.gooogle.com.
2a00:1450:4008:c01::5e

= www.google.com. will not work

jens

PS: my time is quite limited at the moment


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ip0l34ie@karme.de

Bug#582916: Testing eglibc 2.17-7

2013-07-08 Thread Thomas Hood 
On Mon, Jul 8, 2013 at 9:35 AM, Jens Thiele ka...@karme.de wrote:

 from the test:

 to easily reproduce, fake packet loss/overloaded dns server
 on linux do something like:
 # iptables -I OUTPUT -p udp -m udp --dport 53 -j DROP
 # iptables -I OUTPUT -p udp -m udp --dport 53 -j LOG --log-prefix DROP
 DNS REQUEST 
 # iptables -I OUTPUT -p udp -m udp --dport 53 -m limit --limit 10/sec -j
 ACCEPT
 first
 

 all 3 lines are needed!



OK, tried again after running all three commands.

Output:  y.c:44: error: r=-2 Name or service not known

-- 
Thomas

r5661 - in glibc-package/trunk/debian: . patches/kfreebsd

2013-07-08 Thread Petr Salinger 
Author: ps-guest
Date: 2013-07-08 20:04:14 + (Mon, 08 Jul 2013)
New Revision: 5661

Modified:
   glibc-package/trunk/debian/changelog
   glibc-package/trunk/debian/patches/kfreebsd/local-fbtl.diff
   glibc-package/trunk/debian/patches/kfreebsd/local-sysdeps.diff
Log:
kfreebsd/local-sysdeps.diff: update to revision 4699 (from glibc-bsd).



Modified: glibc-package/trunk/debian/changelog
===
--- glibc-package/trunk/debian/changelog2013-07-08 11:53:47 UTC (rev 
5660)
+++ glibc-package/trunk/debian/changelog2013-07-08 20:04:14 UTC (rev 
5661)
@@ -10,7 +10,7 @@
   * hurd-i386/tg-tls.diff: Move some hooks to tg-tls-threadvar.diff.
 
   [ Petr Salinger ]
-  * kfreebsd/local-sysdeps.diff: update to revision 4693 (from glibc-bsd).
+  * kfreebsd/local-sysdeps.diff: update to revision 4699 (from glibc-bsd).
   * split some parts of kfreebsd/local-linuxthreads29.diff
 into  kfreebsd/local-nscd-no-sockcloexec.diff and
   kfreebsd/local-linuxthreads-tlsdesc.diff

Modified: glibc-package/trunk/debian/patches/kfreebsd/local-fbtl.diff
===
--- glibc-package/trunk/debian/patches/kfreebsd/local-fbtl.diff 2013-07-08 
11:53:47 UTC (rev 5660)
+++ glibc-package/trunk/debian/patches/kfreebsd/local-fbtl.diff 2013-07-08 
20:04:14 UTC (rev 5661)
@@ -33184,269 +33184,6 @@
 +  return res;
 +}
 --- /dev/null
-+++ b/fbtl/sysdeps/pthread/createthread.c~
-@@ -0,0 +1,260 @@
-+/* Copyright (C) 2002-2013 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+   Contributed by Ulrich Drepper drep...@redhat.com, 2002.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   http://www.gnu.org/licenses/.  */
-+
-+#include sched.h
-+#include setjmp.h
-+#include signal.h
-+#include stdlib.h
-+#include atomic.h
-+#include ldsodefs.h
-+#include tls.h
-+#include stdint.h
-+
-+#include kernel-features.h
-+
-+
-+#define CLONE_SIGNAL  (CLONE_SIGHAND | CLONE_THREAD)
-+
-+/* Unless otherwise specified, the thread register is going to be
-+   initialized with a pointer to the TCB.  */
-+#ifndef TLS_VALUE
-+# define TLS_VALUE pd
-+#endif
-+
-+#ifndef ARCH_CLONE
-+# define ARCH_CLONE __clone
-+#endif
-+
-+
-+#ifndef TLS_MULTIPLE_THREADS_IN_TCB
-+/* Pointer to the corresponding variable in libc.  */
-+int *__libc_multiple_threads_ptr attribute_hidden;
-+#endif
-+
-+
-+static int
-+do_clone (struct pthread *pd, const struct pthread_attr *attr,
-+int clone_flags, int (*fct) (void *), STACK_VARIABLES_PARMS,
-+int stopped)
-+{
-+#ifdef PREPARE_CREATE
-+  PREPARE_CREATE;
-+#endif
-+
-+  if (__builtin_expect (stopped != 0, 0))
-+/* We make sure the thread does not run far by forcing it to get a
-+   lock.  We lock it here too so that the new thread cannot continue
-+   until we tell it to.  */
-+lll_lock (pd-lock, LLL_PRIVATE);
-+
-+  /* One more thread.  We cannot have the thread do this itself, since it
-+ might exist but not have been scheduled yet by the time we've returned
-+ and need to check the value to behave correctly.  We must do it before
-+ creating the thread, in case it does get scheduled first and then
-+ might mistakenly think it was the only thread.  In the failure case,
-+ we momentarily store a false value; this doesn't matter because there
-+ is no kosher thing a signal handler interrupting us right here can do
-+ that cares whether the thread count is correct.  */
-+  atomic_increment (__nptl_nthreads);
-+
-+  int rc = ARCH_CLONE (fct, STACK_VARIABLES_ARGS, clone_flags,
-+ pd, pd-tid, TLS_VALUE, pd-tid);
-+
-+  if (__builtin_expect (rc == -1, 0))
-+{
-+  atomic_decrement (__nptl_nthreads); /* Oops, we lied for a second.  */
-+
-+  /* Perhaps a thread wants to change the IDs and if waiting
-+   for this stillborn thread.  */
-+  if (__builtin_expect (atomic_exchange_acq (pd-setxid_futex, 0)
-+  == -2, 0))
-+  lll_futex_wake (pd-setxid_futex, 1, LLL_PRIVATE);
-+
-+  /* Free the resources.  */
-+  __deallocate_stack (pd);
-+
-+  /* We have to translate error codes.  */
-+  return errno == ENOMEM ? EAGAIN : errno;
-+}
-+#warning set scheduling parameters
-+#if 0
-+  /* Now we have the possibility to set