From burak.gursoy@booking.com

Created by burak.gursoy@booking.com

SILENT_NO_TAINT_SUPPORT causes all taint tests spread over lots of places in the
core test suite to fail. These shuld be skipped when this option is set as with
the current behavior, one needs to not runs tests at all all ignore build test
failures for perl altogether, which in turn might maskk real errors.

Flags:
    category=core
    severity=medium

Site configuration information for perl 5.28.1:

Configured by root at Mon Jul 15 11:28:20 UTC 2019.

Summary of my perl5 (revision 5 version 28 subversion 1) configuration:
   
  Platform:
    osname=linux
    osvers=3.10.0-862.14.4.el7.x86_64
    archname=x86_64-linux
    uname='linux 9bcba996f4e8 3.10.0-862.14.4.el7.x86_64 #1 smp wed sep 26 15:12:11 utc 2018 x86_64 gnulinux '
    config_args='-des -Dcc=gcc -A ccflags=-DSILENT_NO_TAINT_SUPPORT'
    hint=recommended
    useposix=true
    d_sigaction=define
    useithreads=undef
    usemultiplicity=undef
    use64bitint=define
    use64bitall=define
    uselongdouble=undef
    usemymalloc=n
    default_inc_excludes_dot=define
    bincompat5005=undef
  Compiler:
    cc='gcc'
    ccflags ='-DSILENT_NO_TAINT_SUPPORT -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2'
    optimize='-O2'
    cppflags='-DSILENT_NO_TAINT_SUPPORT -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include'
    ccversion=''
    gccversion='6.3.0 20170516'
    gccosandvers=''
    intsize=4
    longsize=8
    ptrsize=8
    doublesize=8
    byteorder=12345678
    doublekind=3
    d_longlong=define
    longlongsize=8
    d_longdbl=define
    longdblsize=16
    longdblkind=3
    ivtype='long'
    ivsize=8
    nvtype='double'
    nvsize=8
    Off_t='off_t'
    lseeksize=8
    alignbytes=8
    prototype=define
  Linker and Libraries:
    ld='gcc'
    ldflags =' -fstack-protector-strong -L/usr/local/lib'
    libpth=/usr/local/lib /usr/lib/gcc/x86_64-linux-gnu/6/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib
    libs=-lpthread -lnsl -ldb -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.24.so
    so=so
    useshrplib=false
    libperl=libperl.a
    gnulibc_version='2.24'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs
    dlext=so
    d_dlsymun=undef
    ccdlflags='-Wl,-E'
    cccdlflags='-fPIC'
    lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector-strong'



@INC for perl 5.28.1:
    lib
    /opt/pakket/app/pakket/lib
    /usr/local/lib/perl5/site_perl/5.28.1/x86_64-linux
    /usr/local/lib/perl5/site_perl/5.28.1
    /usr/local/lib/perl5/5.28.1/x86_64-linux
    /usr/local/lib/perl5/5.28.1


Environment for perl 5.28.1:
    HOME=/root
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/pakket/app/pakket/bin
    PERL5LIB=/opt/pakket/app/pakket/lib
    PERL_BADLANG (unset)
    SHELL (unset)
root@9bcba996f4e8:/tmp/perl-5.28.1# 

From burak.gursoy@booking.com

Build log attached. I've previously tried to reply to the email with the attachment, but apparently that failed.

From burak.gursoy@booking.com

perl-build.log

From @jkeenan

On Mon, 15 Jul 2019 12​:19​:45 GMT, burak.gursoy@​booking.com wrote​:

This is a bug report for perl from burak.gursoy@​booking.com,
generated with the help of perlbug 1.41 running under perl 5.28.1.

-----------------------------------------------------------------
[Please describe your issue here]

SILENT_NO_TAINT_SUPPORT causes all taint tests spread over lots of
places in the
core test suite to fail. These shuld be skipped when this option is
set as with
the current behavior, one needs to not runs tests at all all ignore
build test
failures for perl altogether, which in turn might maskk real errors.

Would you be able to provide a list of the test files in the core distribution which fail in this situation?

(Yes, I concede that anyone can run this, but if there are lots of files failing we should have more than one list of failures for QA purposes.)

Thank you very much.
Jim Keenan

--
James E Keenan (jkeenan@​cpan.org)

The RT System itself - Status changed from 'new' to 'open'

From @jkeenan

On Sat, 20 Jul 2019 13​:09​:18 GMT, jkeenan wrote​:

On Mon, 15 Jul 2019 12​:19​:45 GMT, burak.gursoy@​booking.com wrote​:

This is a bug report for perl from burak.gursoy@​booking.com,
generated with the help of perlbug 1.41 running under perl 5.28.1.

-----------------------------------------------------------------
[Please describe your issue here]

SILENT_NO_TAINT_SUPPORT causes all taint tests spread over lots of
places in the
core test suite to fail. These shuld be skipped when this option is
set as with
the current behavior, one needs to not runs tests at all all ignore
build test
failures for perl altogether, which in turn might maskk real errors.

Would you be able to provide a list of the test files in the core
distribution which fail in this situation?

(Yes, I concede that anyone can run this, but if there are lots of
files failing we should have more than one list of failures for QA
purposes.)

Thank you very much.
Jim Keenan

Okay, I can confirm that with a configuration like this​:

#####
sh ./Configure -des -Dusedevel -A ccflags="-DSILENT_NO_TAINT_SUPPORT"
#####

... the following tests fail​:

#####
  ../cpan/Encode/t/taint.t
  ../cpan/Scalar-List-Utils/t/tainted.t
  ../cpan/Test-Harness/t/compat/test-harness-compat.t
  ../cpan/Test-Harness/t/regression.t
  ../cpan/Text-ParseWords/t/taint.t
  ../lib/locale.t
  ../lib/overload.t
  ../lib/perl5db.t
  ../lib/warnings.t
  comp/opsubs.t
  op/taint.t
  perf/taint.t
  run/runenv.t
  run/switcht.t
#####

However, before we embark on fixes to these files -- which implies bug tickets for the 4 upstream CPAN distros -- we should decide what is the best way to write a SKIP condition for this situation.

The patch attached "works" on one selected file, but seems verbose and inflexible.

Thank you very much.
Jim Keenan
--
James E Keenan (jkeenan@​cpan.org)

From @jkeenan

From 5d4811b7d3f9d02cec0a6abeb9ca3937eba3c62d Mon Sep 17 00:00:00 2001
From: James E Keenan <jkeenan@cpan.org>
Date: Sun, 21 Jul 2019 10:58:53 -0400
Subject: [PATCH] Skip all if built with -DSILENT_NO_TAINT_SUPPORT

For: RT # 134287
---
 t/op/taint.t | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/t/op/taint.t b/t/op/taint.t
index dd9f2edd97..ac987acbc5 100644
--- a/t/op/taint.t
+++ b/t/op/taint.t
@@ -12,10 +12,17 @@ BEGIN {
     require './test.pl';
     set_up_inc('../lib');
     require './loc_tools.pl';
+    use Config;
+    skip_all("perl built with SILENT_NO_TAINT_SUPPORT") if (
+        $Config{ccflags} =~ m/-DSILENT_NO_TAINT_SUPPORT/
+            or
+        $Config{cppflags} =~ m/-DSILENT_NO_TAINT_SUPPORT/
+            or
+        $Config{ccflags_nolargefiles} =~ m/-DSILENT_NO_TAINT_SUPPORT/
+    );
 }
 
 use strict;
-use Config;
 
 plan tests => 1042;
 
-- 
2.17.1

From burak.gursoy@booking.com

On Sun, 21 Jul 2019 08​:01​:20 -0700, jkeenan wrote​:

On Sat, 20 Jul 2019 13​:09​:18 GMT, jkeenan wrote​:

On Mon, 15 Jul 2019 12​:19​:45 GMT, burak.gursoy@​booking.com wrote​:

This is a bug report for perl from burak.gursoy@​booking.com,
generated with the help of perlbug 1.41 running under perl 5.28.1.

-----------------------------------------------------------------
[Please describe your issue here]

SILENT_NO_TAINT_SUPPORT causes all taint tests spread over lots of
places in the
core test suite to fail. These shuld be skipped when this option is
set as with
the current behavior, one needs to not runs tests at all all ignore
build test
failures for perl altogether, which in turn might maskk real
errors.

Would you be able to provide a list of the test files in the core
distribution which fail in this situation?

(Yes, I concede that anyone can run this, but if there are lots of
files failing we should have more than one list of failures for QA
purposes.)

Hi,

I see that you ran it yourself, but the attached log also includes the test phase and the failures.

Thank you very much.
Jim Keenan

Okay, I can confirm that with a configuration like this​:

Cool :)

#####
sh ./Configure -des -Dusedevel -A ccflags="-DSILENT_NO_TAINT_SUPPORT"
#####

... the following tests fail​:

#####
../cpan/Encode/t/taint.t
../cpan/Scalar-List-Utils/t/tainted.t
../cpan/Test-Harness/t/compat/test-harness-compat.t
../cpan/Test-Harness/t/regression.t
../cpan/Text-ParseWords/t/taint.t
../lib/locale.t
../lib/overload.t
../lib/perl5db.t
../lib/warnings.t
comp/opsubs.t
op/taint.t
perf/taint.t
run/runenv.t
run/switcht.t
#####

However, before we embark on fixes to these files -- which implies bug
tickets for the 4 upstream CPAN distros -- we should decide what is
the best way to write a SKIP condition for this situation.

The patch attached "works" on one selected file, but seems verbose and
inflexible.

Thank you very much.
Jim Keenan