Mailing List Archive

PSC #036 2021-09-03
PSC #036 2021-09-03

Present: Paul, Rik, Neil

We discussed the taint Configure option again. The driver for this is potential performance improvement. Steffen Mueller experimented some years back and came up with ~12%, but it would be good to do some benchmarking now and have a better handle on the potential benefit. Steffen Schwigon has done quite a bit of Perl benchmarking over the years, so we've asked him if he'd like to help out, and he's agreed. We'll put together a brief plan, but if you've thoughts on what needs to be benchmarked, and how, this is your chance to share them.

Recently we had a PSC+ discussion on namespaces, which seemed to work well, as a way to discuss a specific topic with an extended but still limited number of (relevant) people. Yves has suggested we have a similar discussion on the proposed change related to the scalar IOK/POK/NOK IOKp/POKp/NOKp bitflags. We'll have this discussion in a near future PSC meeting. If you're experienced with these, and would like to join the discussion, please email me.

We had a discussion about Module::Runtime, and the fact that you can't write `require $module`. We decided we'd like to do something about this, but there are a number of related issues, so Rik will kick off some discussion on the list on this, which we hope will lead to an RFC.

We had a brief chat about the RFC process, and decided we'll invite Nick into our next meeting, to agree how to move things forward.

We continued working through the Quirks document, with a couple being classified as not quirks (but worth saving elsewhere), one as a bug (which Neil will open a ticket for), and a number that are quirks we just have to live with, but are open to improving documentation, etc. We considered having a separate meeting just on quirks, but decided we're happy to steadily work through the document, with a handful done in each meeting.

Neil
Re: PSC #036 2021-09-03 [ In reply to ]
On Tue, Sep 07, 2021 at 11:20:15PM +0100, Neil Bowers wrote:

> We discussed the taint Configure option again ...

There's quite a bit of code out there that tests to see if taint-mode is
turned on and then takes different paths in the code. Sometimes it does
it by trying to do something "dangerous" in an eval and seeing if it
explodes. Compare:

perl -MCwd -T -E 'eval "chdir(getcwd())"; say "tainted" if $@'
perl -MCwd -E 'eval "chdir(getcwd())"; say "tainted" if $@'

Obviously if support for taint-mode is entirely absent then that
chdir(getcwd()) will Just Work and the code will correctly decide that
taint-mode is not in effect.

More sensible authors use something like Scalar::Util::tainted:

perl -MCwd -MScalar::Util=tainted -T -E 'tainted(getcwd()) && say "tainted"'
perl -MCwd -MScalar::Util=tainted -E 'tainted(getcwd()) && say "tainted"'

That boils down to this:
https://metacpan.org/release/PEVANS/Scalar-List-Utils-1.56/source/ListUtil.xs#L1838-1846

so to avoid breakage can I ask that if taint-mode support isn't compiled
in, SvTAINTED is still available, and #defined to always say "no, it's
not tainted"?

--
David Cantrell | top google result for "topless karaoke murders"

The test of the goodness of a thing is its fitness for use. If it
fails on this first test, no amount of ornamentation or finish will
make it any better, it will only make it more expensive and foolish.
-- Frank Pick, lecture to the Design and Industries Assoc, 1916