You only get one chance to print the HTTP headers, so your second
print $cgi->header isn't going to be effective.
The solution is to first create/retrieve the session, then bake the cookie, and only then print the header:
#!/perl/bin/perl -wT
use strict;
use CGI;
use CGI::Session;
my $cgi = CGI->new;
my $session = CGI::Session->new( undef, $cgi, {Directory=>'/tmp'}
+);
my $cookie = $cgi->cookie(CGISESSID => $session->id );
print $cgi->header(-cookie=>$cookie);
print $cgi->start_html("query.cgi");
print "cookies is : $cookie <BR>" ;
my $sid = $session->id();
print "<BR>sid = $sid <BR>";
print $cgi->end_html;