From 90577d16aa12eed685048a1c177e3ff932a397fd Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Wed, 24 Jun 2026 09:05:30 -0400 Subject: [PATCH] Fix GH-22422: define ZEND_TRACK_ARENA_ALLOC in php_config.h ZEND_TRACK_ARENA_ALLOC selects an alternative zend_arena struct layout for AddressSanitizer, but it was only appended to the core CFLAGS, never recorded in php_config.h. Extensions built separately with phpize inherit php_config.h rather than the core CFLAGS, so they compiled the untracked layout while core used the tracked one. Destroying a core-created arena from such an extension leaked every tracked allocation. Define it with AC_DEFINE so core and extensions agree on the layout. Fixes GH-22422 --- NEWS | 2 ++ configure.ac | 6 ++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 0961ddaa9fbf..71f67c39665f 100644 --- a/NEWS +++ b/NEWS @@ -30,6 +30,8 @@ PHP NEWS string interpolation). (timwolla) . Fixed bug GH-22373 (AST pretty-printing drops meaningful parentheses surrounding property access). (timwolla) + . Fixed GH-22422 (zend_arena layout mismatch leaked memory in separately + built extensions under AddressSanitizer). (iliaal) - BCMath: . Added NUL-byte validation to BCMath functions. (jorgsowa) diff --git a/configure.ac b/configure.ac index b61b909b67b7..9014869fb94e 100644 --- a/configure.ac +++ b/configure.ac @@ -1539,8 +1539,10 @@ AS_VAR_IF([PHP_ADDRESS_SANITIZER], [yes], ]))]) AX_CHECK_COMPILE_FLAG([-fsanitize=address], [ - CFLAGS="$CFLAGS -fsanitize=address -DZEND_TRACK_ARENA_ALLOC" - CXXFLAGS="$CXXFLAGS -fsanitize=address -DZEND_TRACK_ARENA_ALLOC" + CFLAGS="$CFLAGS -fsanitize=address" + CXXFLAGS="$CXXFLAGS -fsanitize=address" + AC_DEFINE([ZEND_TRACK_ARENA_ALLOC], [1], + [Whether to track arena allocations individually for AddressSanitizer.]) ], [AC_MSG_ERROR([AddressSanitizer is not available])]) ])