Perl-5.10.0 issues

[randy@…]

This ticket is a continuation of ticket #2200 which has been closed. That ticket was for the update of LFS to Perl-5.10.0. This ticket has to do with issues brought up by Alexander in the original ticket. Here's his report:

Debian has 15 "patch releases" of this package. That's 2x more than for 5.8.8, i.e., they found a lot of issues with Perl itself (although most of them are Debian-specific). At this point, using unpatched perl seems to be unwise. At the very least:

• [ROOT HOLE] ​http://bugs.debian.org/487319 (rmtree() makes symlink targets world-writable)
• ​http://bugs.debian.org/479698 (memory corruption that affects tests of the svk package)
• ​http://bugs.debian.org/479957 (using IO::File together with POSIX causes useless warnings)
• ​http://bugs.debian.org/498769 (sorting an array after pre-growing it causes segfault)

Note that I cannot reproduce this "ROOT HOLE" issue. See #2200 for some further information.

[willimm]

Debian's fixes for perl. Also includes the ROOT HOLE fix.

[randy@…]

You are easy to ignore.

Furthermore, I would have to check out this patch very carefully if I were to use it. To the point that making my own patch would be faster than closely examining yours.

You've done this to yourself, William. Nobody takes you seriously, why should I?

[robert@…]

I've only found two bugs that definitely relate to us: ​http://rt.cpan.org/Public/Bug/Display.html?id=36982 ​http://rt.perl.org/rt3/Public/Bug/Display.html?id=54566

The first bug is fixed in our security patch, but our patch is missing the new test added to Perl, which would be nice to have.

The second bug patch is Fedora's perl-5.10.0-bz448392.patch, and is also in upstream.

Fedora also has a io test failure on x86_64, with no known bug or fix for it, except for disabling the test (might be worth noting in the book if we reproduce the test failure).

[robert@…]

The second bug patch is Fedora's perl-5.10.0-bz448392.patch, and is also in upstream.

Pardon me. Fedora's patch is only 1 of the 2 hunks of the patch in Perl's bug page.

[ken@…]

Replying to robert@linuxfromscratch.org:

Fedora also has a io test failure on x86_64, with no known bug or fix for it, except for disabling the test (might be worth noting in the book if we reproduce the test failure).

Data point: using 5.10.0 with the security patch and gcc-4.2.4 on x86_64 "pure64" all the tests passed for me (looking at the detail, everything in t/io was ok, none of them skipped). Since we are anyway only targetting x86_32 for the next release, I don't think LFS needs to worry about this at the moment. It will be interesting to see if anyone replicates that failure.

[robert@…]

So, I made a patch and tested it with 'make test', and I think it works. I got a lib/h2xs test failure, but I got it before. The headers on the patch say where it came from.

This patch adds the test for the first bug.

The second hunk of the Perl 54566 bug patch doesn't exist in perl-5.10.0.

I also suggest that we name upstream patches "fixes", not security or whatever else. At the same time, don't name non-upstream patches "fixes". This might start another LFS bug issue, but it's worth mentioning here.

[robert@…]

upstream fixes

[willimm]

A merger of my Debian Fixes patch, and the other patch that was also made.

[willimm]

Oh, and my patch worked fine, so condiser including it in LFS.

[bdubbs@…]

Created a perl consolidated patch to combine page-1.patch, security_fix-1.patch, fix_posix_module.patch, warnings.patch, memory_corruption.patch. Note that not all these separate patches are not in the patches repository.

Changed to book to use the consolidated patch.

Fixed at revision 8718.