|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2019-10-30 11:28 UTC] lisachenko dot it at gmail dot com
Description: ------------ There is a zend_mm_heap corruption when using FFI preload mode and proxying requests to the FFI::cast from a preloaded class. Corruptions appear when trying to cast any CData pointer to another type via preloaded class that wraps FFI::cast() internally. Test script: --------------- See gist: https://gist.github.com/lisachenko/f133184201aa3c63d58af9548bdd825a Expected result: ---------------- No memory corruption Actual result: -------------- Script terminated with zend_mm_heap corrupted PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Fri Oct 31 01:00:01 2025 UTC |
I can confirm this issue. Simpler reproducer: <?php FFI::cast('char[10]', FFI::new('char[1]')); and opcache.preload=preload.php which is <?php FFI::load(__DIR__ . '/header.h'); header.h may be empty. The immediate problem seems to be that preloading sets FFI_G(persistent) to 1, but doesn't necessarily reset it to 0 when the loading is finished. This causes the array type to be allocated persistently, but it is later freed with efree().