3 perldelta - what's new for perl v5.7.0
7 This document describes differences between the 5.6.0 release and
10 =head1 Security Vulnerability Closed
12 A potential security vulnerability in the optional suidperl component
13 of Perl has been identified. suidperl is neither built nor installed
14 by default. As of September the 2nd, 2000, the only known vulnerable
15 platform is Linux, most likely all Linux distributions. CERT and
16 various vendors have been alerted about the vulnerability.
18 The problem was caused by Perl trying to report a suspected security
19 exploit attempt using an external program, /bin/mail. On Linux
20 platforms the /bin/mail program had an undocumented feature which
21 when combined with suidperl gave access to a root shell, resulting in
22 a serious compromise instead of reporting the exploit attempt. If you
23 don't have /bin/mail, or if you have 'safe setuid scripts', or if
24 suidperl is not installed, you are safe.
26 The exploit attempt reporting feature has been completely removed from
27 the Perl 5.7.0 release, so that particular vulnerability isn't there
28 anymore. However, further security vulnerabilities are,
29 unfortunately, always possible. The suidperl code is being reviewed
30 and if deemed too risky to continue to be supported, it may be
31 completely removed from future releases. In any case, suidperl should
32 only be used by security experts who know exactly what they are doing
33 and why they are using suidperl instead of some other solution such as
34 sudo (see http://www.courtesan.com/sudo/).
36 =head1 Incompatible Changes
42 Arrays now always interpolate into double-quoted strings:
43 constructs like "foo@bar" now always assume C<@bar> is an array,
44 whether or not the compiler has seen use of C<@bar>.
48 The semantics of bless(REF, REF) were unclear and until someone proves
49 it to make some sense, it is forbidden.
53 A reference to a reference now stringify as "REF(0x81485ec)" instead
54 of "SCALAR(0x81485ec)" in order to be more consistent with the return
59 The very dusty examples in the eg/ directory have been removed.
60 Suggestions for new shiny examples welcome but the main issue is that
61 the examples need to be documented, tested and (most importantly)
66 The obsolete chat2 library that should never have been allowed
67 to escape the laboratory has been decommissioned.
71 The unimplemented POSIX regex features [[.cc.]] and [[=c=]] are still
72 recognised but now cause fatal errors. The previous behaviour of
73 ignoring them by default and warning if requested was unacceptable
74 since it, in a way, falsely promised that the features could be used.
78 The (bogus) escape sequences \8 and \9 now give an optional warning
79 ("Unrecognized escape passed through"). There is no need to \-escape
84 lstat(FILEHANDLE) now gives a warning because the operation makes no sense.
85 In future releases this may become a fatal error.
89 The long deprecated uppercase aliases for the string comparison
90 operators (EQ, NE, LT, LE, GE, GT) have now been removed.
94 The regular expression captured submatches ($1, $2, ...) are now
95 more consistently unset if the match fails, instead of leaving false
96 data lying around in them.
100 The tr///C and tr///U features have been removed and will not return;
101 the interface was a mistake. Sorry about that. For similar
102 functionality, see pack('U0', ...) and pack('C0', ...).
106 Although "you shouldn't do that", it was possible to write code that
107 depends on Perl's hashed key order (Data::Dumper does this). The new
108 algorithm "One-at-a-Time" produces a different hashed key order.
109 More details are in L<perldelta/Performance Enhancements>.
113 =head1 Core Enhancements
119 Formats now support zero-padded decimal fields.
123 C<perl -d:Module=arg,arg,arg> now works (previously one couldn't pass
124 in multiple arguments.)
128 my __PACKAGE__ now works.
132 C<no Module;> now works even if there is no "sub unimport" in the Module.
136 The numerical comparison operators return C<undef> if either operand
137 is a NaN. Previously the behaviour was unspecified.
141 C<pack('U0a*', ...)> can now be used to force a string to UTF8.
145 The printf and sprintf now support parameter reordering using the
146 C<%\d+\$> and C<*\d+\$> syntaxes.
150 prototype(\&) is now available.
154 There is now an UNTIE method.
158 =head1 Modules and Pragmata
166 File::Temp allows one to create temporary files and directories in an
167 easy, portable, and secure way.
171 Storable gives persistence to Perl data structures by allowing the
172 storage and retrieval of Perl data to and from files in a fast and
173 compact binary format.
177 =head2 Updated And Improved Modules and Pragmata
183 The following independently supported modules have been updated to
184 newer versions from CPAN: CGI, CPAN, DB_File, File::Spec, Getopt::Long,
185 the podlators bundle, Pod::LaTeX, Pod::Parser, Term::ANSIColor, Test.
189 Bug fixes and minor enhancements have been applied to B::Deparse,
190 Data::Dumper, IO::Poll, IO::Socket::INET, Math::BigFloat,
191 Math::Complex, Math::Trig, Net::protoent, the re pragma, SelfLoader,
192 Sys::SysLog, Test::Harness, Text::Wrap, UNIVERSAL, and the warnings
197 The attributes::reftype() now works on tied arguments.
201 AutoLoader can now be disabled with C<no AutoLoader;>,
205 The English module can now be used without the infamous performance
208 use English '-no_performance_hit';
210 (Assuming, of course, that one doesn't need the troublesome variables
211 C<$`>, C<$&>, or C<$'>.) Also, introduced C<@LAST_MATCH_START> and
212 C<@LAST_MATCH_END> English aliases for C<@-> and C<@+>.
216 File::Find now has pre- and post-processing callbacks. It also
217 correctly changes directories when chasing symbolic links. Callbacks
218 (naughtily) exiting with "next;" instead of "return;" now work.
222 File::Glob::glob() renamed to File::Glob::bsd_glob() to avoid
223 prototype mismatch with CORE::glob().
227 IPC::Open3 now allows the use of numeric file descriptors.
231 use lib now works identically to @INC. Removing directories
232 with 'no lib' now works.
236 C<%INC> now localised in a Safe compartment so that use/require work.
240 The Shell module now has an OO interface.
244 =head1 Utility Changes
250 The Emacs perl mode (emacs/cperl-mode.el) has been updated to version
255 Perlbug is now much more robust. It also sends the bug report to
256 perl.org, not perl.com.
260 The perlcc utility has been rewritten and its user interface (that is,
261 command line) is much more like that of the UNIX C compiler, cc.
265 The xsubpp utility for extension writers now understands POD
266 documentation embedded in the *.xs files.
270 =head1 New Documentation
276 perl56delta details the changes between the 5.005 release and the
281 perldebtut is a Perl debugging tutorial.
285 perlebcdic contains considerations for running Perl on EBCDIC platforms.
286 Note that unfortunately EBCDIC platforms that used to supported back in
287 Perl 5.005 are still unsupported by Perl 5.7.0; the plan, however, is to
288 bring them back to the fold.
292 perlnewmod tells about writing and submitting a new module.
296 perlposix-bc explains using Perl on the POSIX-BC platform
297 (an EBCDIC mainframe platform).
301 perlretut is a regular expression tutorial.
305 perlrequick is a regular expressions quick-start guide.
306 Yes, much quicker than perlretut.
310 perlutil explains the command line utilities packaged with the Perl
315 =head1 Performance Enhancements
321 map() that changes the size of the list should now work faster.
325 sort() has been changed to use mergesort internally as opposed to the
326 earlier quicksort. For very small lists this may result in slightly
327 slower sorting times, but in general the speedup should be at least
328 20%. Additional bonuses are that the worst case behaviour of sort()
329 is now better (in computer science terms it now runs in time O(N log N),
330 as opposed to quicksort's Theta(N**2) worst-case run time behaviour),
331 and that sort() is now stable (meaning that elements with identical
332 keys will stay ordered as they were before the sort).
336 Hashes now use Bob Jenkins "One-at-a-Time" hashing key algorithm
337 (http://burtleburtle.net/bob/hash/doobs.html).
338 This algorithm is reasonably fast while producing a much better spread
339 of values. Hash values output from the algorithm on a hash of all
340 3-char printable ASCII keys comes much closer to passing the DIEHARD
341 random number generation tests. According to perlbench, this change
342 has not affected the overall speed of Perl.
347 =head1 Installation and Configuration Improvements
349 =head2 Generic Improvements
355 INSTALL now explains how you can configure Perl to use 64-bit
356 integers even on non-64-bit platforms.
360 Policy.sh policy change: if you are reusing a Policy.sh file
361 (see INSTALL) and you use Configure -Dprefix=/foo/bar and in the old
362 Policy $prefix eq $siteprefix and $prefix eq $vendorprefix, all of
363 them will now be changed to the new prefix, /foo/bar. (Previously
364 only $prefix changed.) If you do not like this new behaviour,
365 specify prefix, siteprefix, and vendorprefix explicitly.
369 A new optional location for Perl libraries, otherlibdirs, is available.
370 It can be used for example for vendor add-ons without disturbing Perl's
371 own library directories.
375 In many platforms the vendor-supplied 'cc' is too stripped-down to
376 build Perl (basically, 'cc' doesn't do ANSI C). If this seems
377 to be the case and 'cc' does not seem to be the GNU C compiler
378 'gcc', an automatic attempt is made to find and use 'gcc' instead.
382 gcc needs to closely track the operating system release to avoid
383 build problems. If Configure finds that gcc was built for a different
384 operating system release than is running, it now gives a clearly visible
385 warning that there may be trouble ahead.
389 If binary compatibility with the 5.005 release is not wanted, Configure
390 no longer suggests including the 5.005 modules in @INC.
394 Configure C<-S> can now run non-interactively.
398 configure.gnu now works with options with whitespace in them.
402 installperl now outputs everything to STDERR.
406 $Config{byteorder} is now computed dynamically (this is more robust
407 with "fat binaries" where an executable image contains binaries for
408 more than one binary platform.)
412 Configure no longer included the DBM libraries (dbm, gdbm, db, ndbm)
413 when building the Perl binary. The only exception to this is SunOS 4.x,
418 =head1 Selected Bug Fixes
424 Several debugger fixes: exit code now reflects the script exit code,
425 condition C<"0"> now treated correctly, the C<d> command now checks
426 line number, the C<$.> no longer gets corrupted, all debugger output now
427 goes correctly to the socket if RemotePort is set.
431 C<*foo{FORMAT}> now works.
435 Lexical warnings now propagating correctly between scopes.
439 Line renumbering with eval and C<#line> now works.
443 Fixed numerous memory leaks, especially in eval "".
447 Modulus of unsigned numbers now works (4063328477 % 65535 used to
448 return 27406, instead of 27047).
452 Some "not a number" warnings introduced in 5.6.0 eliminated to be
453 more compatible with 5.005. Infinity is now recognised as a number.
457 our() variables will not cause "will not stay shared" warnings.
461 pack "Z" now correctly terminates the string with "\0".
465 Fix password routines which in some shadow password platforms
466 (e.g. HP-UX) caused getpwent() to return every other entry.
470 printf() no longer resets the numeric locale to "C".
474 C<q(a\\b)> now parses correctly as C<'a\\b'>.
478 Printing quads (64-bit integers) with printf/sprintf now works
479 without the q L ll prefixes (assuming you are on a quad-capable platform).
483 Regular expressions on references and overloaded scalars now work.
487 scalar() now forces scalar context even when used in void context.
491 sort() arguments are now compiled in the right wantarray context
492 (they were accidentally using the context of the sort() itself).
496 Changed the POSIX character class C<[[:space:]]> to include the (very
497 rare) vertical tab character. Added a new POSIX-ish character class
498 C<[[:blank:]]> which stands for horizontal whitespace (currently,
499 the space and the tab).
503 $AUTOLOAD, sort(), lock(), and spawning subprocesses
504 in multiple threads simultaneously are now thread-safe.
508 Allow read-only string on left hand side of non-modifying tr///.
512 Several Unicode fixes (but still not perfect).
518 BOMs (byte order marks) in the beginning of Perl files
519 (scripts, modules) should now be transparently skipped.
520 UTF-16 (UCS-2)encoded Perl files should now be read correctly.
524 The character tables have been updated to Unicode 3.0.1.
528 chr() for values greater than 127 now create utf8 when under use
533 Comparing with utf8 data does not magically upgrade non-utf8 data into
538 C<IsAlnum>, C<IsAlpha>, and C<IsWord> now match titlecase.
542 Concatenation with the C<.> operator or via variable interpolation,
543 C<eq>, C<substr>, C<reverse>, C<quotemeta>, the C<x> operator,
544 substitution with C<s///>, single-quoted UTF8, should now work--in
549 The C<tr///> operator now works I<slightly> better but is still rather
550 broken. Note that the C<tr///CU> functionality has been removed (but
551 see pack('U0', ...)).
555 vec() now tries to work with characters <= 255 when possible, but it leaves
556 higher character values in place. In that case, if vec() was used to modify
557 the string, it is no longer considered to be utf8-encoded.
561 Zero entries were missing from the Unicode classes like C<IsDigit>.
567 UNIVERSAL::isa no longer caches methods incorrectly. (This broke
568 the Tk extension with 5.6.0.)
572 =head2 Platform Specific Changes and Fixes
580 Perl now works on post-4.0 BSD/OSes.
586 Setting C<$0> now works (as much as possible; see perlvar for details).
592 Numerous updates; currently synchronised with Cygwin 1.1.4.
598 EPOC update after Perl 5.6.0. See README.epoc.
604 Perl now works on post-3.0 FreeBSDs.
610 README.hpux updated; C<Configure -Duse64bitall> now almost works.
616 Numerous compilation flag and hint enhancements; accidental mixing
617 of 32-bit and 64-bit libraries (a doomed attempt) made much harder.
623 Long doubles should now work (see INSTALL).
629 Compilation of the standard Perl distribution in MacOS Classic should
630 now work if you have the Metrowerks development environment and
631 the missing Mac-specific toolkit bits. Contact the macperl mailing
638 MPE/iX update after Perl 5.6.0. See README.mpeix.
644 Perl now works on NetBSD/sparc.
650 Now works with usethreads (see INSTALL).
656 64-bitness using the Sun Workshop compiler now works.
660 Tru64 (aka Digital UNIX, aka DEC OSF/1)
662 The operating system version letter now recorded in $Config{osvers}.
663 Allow compiling with gcc (previously explicitly forbidden). Compiling
664 with gcc still not recommended because buggy code results, even with
671 Fixed various alignment problems that lead into core dumps either
672 during build or later; no longer dies on math errors at runtime;
673 now using full quad integers (64 bits), previously was using
674 only 46 bit integers for speed.
680 chdir() now works better despite a CRT bug; now works with MULTIPLICITY
681 (see INSTALL); now works with Perl's malloc.
691 accept() no longer leaks memory.
695 Better chdir() return value for a non-existent directory.
699 New %ENV entries now propagate to subprocesses.
703 $ENV{LIB} now used to search for libs under Visual C.
707 A failed (pseudo)fork now returns undef and sets errno to EAGAIN.
711 Allow REG_EXPAND_SZ keys in the registry.
715 Can now send() from all threads, not just the first one.
719 Fake signal handling reenabled, bugs and all.
723 Less stack reserved per thread so that more threads can run
724 concurrently. (Still 16M per thread.)
728 C<File::Spec->tmpdir()> now prefers C:/temp over /tmp
729 (works better when perl is running as service).
733 Better UNC path handling under ithreads.
737 wait() and waitpid() now work much better.
741 winsock handle leak fixed.
747 =head1 New or Changed Diagnostics
749 All regular expression compilation error messages are now hopefully
750 easier to understand both because the error message now comes before
751 the failed regex and because the point of failure is now clearly
754 The various "opened only for", "on closed", "never opened" warnings
755 drop the C<main::> prefix for filehandles in the C<main> package,
756 for example C<STDIN> instead of <main::STDIN>.
758 The "Unrecognized escape" warning has been extended to include C<\8>,
759 C<\9>, and C<\_>. There is no need to escape any of the C<\w> characters.
761 =head1 Changed Internals
767 perlapi.pod (a companion to perlguts) now attempts to document the
772 You can now build a really minimal perl called microperl.
773 Building microperl does not require even running Configure;
774 C<make -f Makefile.micro> should be enough. Beware: microperl makes
775 many assumptions, some of which may be too bold; the resulting
776 executable may crash or otherwise misbehave in wondrous ways.
777 For careful hackers only.
781 Added rsignal(), whichsig(), do_join() to the publicised API.
785 Made possible to propagate customised exceptions via croak()ing.
789 Added is_utf8_char(), is_utf8_string(), bytes_to_utf8(), and utf8_to_bytes().
793 Now xsubs can have attributes just like subs.
797 =head1 Known Problems
799 =head2 Unicode Support Still Far From Perfect
801 We're working on it. Stay tuned.
803 =head2 EBCDIC Still A Lost Platform
805 The plan is to bring them back.
807 =head2 Building Extensions Can Fail Because Of Largefiles
809 Certain extensions like mod_perl and BSD::Resource are known to have
810 issues with `largefiles', a change brought by Perl 5.6.0 in which file
811 offsets default to 64 bits wide, where supported. Modules may fail to
812 compile at all or compile and work incorrectly. Currently there is no
813 good solution for the problem, but Configure now provides appropriate
814 non-largefile ccflags, ldflags, libswanted, and libs in the %Config
815 hash (e.g., $Config{ccflags_nolargefiles}) so the extensions that are
816 having problems can try configuring themselves without the
817 largefileness. This is admittedly not a clean solution, and the
818 solution may not even work at all. One potential failure is whether
819 one can (or, if one can, whether it's a good idea) link together at
820 all binaries with different ideas about file offsets, all this is
823 =head2 ftmp-security tests warn 'system possibly insecure'
825 Don't panic. Read INSTALL 'make test' section instead.
827 =head2 Test lib/posix Subtest 9 Fails In LP64-Configured HP-UX
829 If perl is configured with -Duse64bitall, the successful result of the
830 subtest 10 of lib/posix may arrive before the successful result of the
831 subtest 9, which confuses the test harness so much that it thinks the
834 =head2 Long Doubles Still Don't Work In Solaris
836 The experimental long double support is still very much so in Solaris.
837 (Other platforms like Linux and Tru64 are beginning to solidify in
840 =head2 Linux With Sfio Fails op/misc Test 48
844 =head2 sprintf tests 129 and 130
846 The op/sprintf tests 129 and 130 are known to fail in some platforms.
847 Examples include any platform using sfio, and Tandem's NonStop-UX.
848 The failing platforms do not comply with the ANSI C Standard, line
849 19ff on page 134 of ANSI X3.159 1989 to be exact. (They produce
850 something else than "1" and "-1" when formatting 0.6 and -0.6 using
851 the printf format "%.0f", most often they produce "0" and "-0".)
853 =head2 Storable tests fail in some platforms
855 If any Storable tests fail the use of Storable is not advisable.
861 Many Storable tests fail on AIX configured with 64 bit integers.
863 So far unidentified problems break Storable in AIX if Perl is
864 configured to use 64 bit integers. AIX in 32-bit mode works and
865 other 64-bit platforms work with Storable.
869 DOS DJGPP may hang when testing Storable.
873 st-06compat fails in UNICOS and UNICOS/mk.
875 This means that you cannot read old (pre-Storable-0.7) Storable images
876 made in other platforms.
880 st-store.t and st-retrieve may fail with Compaq C 6.2 on OpenVMS Alpha 7.2.
884 =head2 Threads Are Still Experimental
886 Multithreading is still an experimental feature. Some platforms
887 emit the following message for lib/thr5005
890 # This is a KNOWN FAILURE, and one of the reasons why threading
891 # is still an experimental feature. It is here to stop people
892 # from deploying threads in production. ;-)
895 and another known thread-related warning is
897 pragma/overload......Unbalanced saves: 3 more saves than restores
898 panic: magic_mutexfree during global destruction.
900 lib/selfloader.......Unbalanced saves: 3 more saves than restores
901 panic: magic_mutexfree during global destruction.
903 lib/st-dclone........Unbalanced saves: 3 more saves than restores
904 panic: magic_mutexfree during global destruction.
907 =head2 The Compiler Suite Is Still Experimental
909 The compiler suite is slowly getting better but is nowhere near
910 working order yet. The backend part that has seen perhaps the most
911 progress is the bytecode compiler.
913 =head1 Reporting Bugs
915 If you find what you think is a bug, you might check the articles
916 recently posted to the comp.lang.perl.misc newsgroup and the perl
917 bug database at http://bugs.perl.org. There may also be
918 information at http://www.perl.com/perl/, the Perl Home Page.
920 If you believe you have an unreported bug, please run the B<perlbug>
921 program included with your release. Be sure to trim your bug down
922 to a tiny but sufficient test case. Your bug report, along with the
923 output of C<perl -V>, will be sent off to perlbug@perl.org to be
924 analysed by the Perl porting team.
928 The F<Changes> file for exhaustive details on what changed.
930 The F<INSTALL> file for how to build Perl.
932 The F<README> file for general stuff.
934 The F<Artistic> and F<Copying> files for copyright information.
938 Written by Jarkko Hietaniemi <F<jhi@iki.fi>>, with many contributions
939 from The Perl Porters and Perl Users submitting feedback and patches.
941 Send omissions or corrections to <F<perlbug@perl.org>>.