#43128 [NEW]: Long name cause seg. fault

[felipensp at gmail dot com]

From:             felipensp at gmail dot com
Operating system: Linux
PHP version:      5.3CVS-2007-10-29 (snap)
PHP Bug Type:     Reproducible crash
Bug description:  Long name cause seg. fault

Description:
------------
Long names cause segmentation fault in 'instanceof' and 'new' operators.

Reproduce code:
---------------
<?php

$a = str_repeat("a", 10000000);

# call_user_func($a); // Warning
# $a->$a();           // Fatal error

if ($a instanceof $a); // Segmentation fault
new $a;                // Segmentation fault


Expected result:
----------------
Warning / Fatal error

Actual result:
--------------
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1214703296 (LWP 4538)]
zend_lookup_class_ex (name=0xb6f4d018 'a' <repeats 200 times>..., 
    name_length=10000000, use_autoload=0, ce=0xbf9644d8)
    at /home/felipe/php5.3-200710261430/Zend/zend_execute_API.c:1078
1078    in /home/felipe/php5.3-200710261430/Zend/zend_execute_API.c



Backtrace:
----------------------------------------------

#0  zend_lookup_class_ex (name=0xb6ece018 'a' <repeats 200 times>..., 
    name_length=10000000, use_autoload=0, ce=0xbfb896f8)
    at /home/felipe/php5.3-200710261430/Zend/zend_execute_API.c:1078
#1  0x08277d9f in zend_fetch_class (
    class_name=0xb6ece018 'a' <repeats 200 times>...,
class_name_len=10000000, 
    fetch_type=132) at
/home/felipe/php5.3-200710261430/Zend/zend_execute_API.c:1548
#2  0x082c26c9 in ZEND_FETCH_CLASS_SPEC_CV_HANDLER
(execute_data=0xbfb8982c)
    at /home/felipe/php5.3-200710261430/Zend/zend_vm_execute.h:1065
#3  0x0829ef1b in execute (op_array=0x84a6900)
    at /home/felipe/php5.3-200710261430/Zend/zend_vm_execute.h:87
#4  0x08281952 in zend_execute_scripts (type=8, retval=<value optimized
out>, 
    file_count=3) at /home/felipe/php5.3-200710261430/Zend/zend.c:1137
#5  0x0823d841 in php_execute_script (primary_file=0xbfb8bbcc)
    at /home/felipe/php5.3-200710261430/main/main.c:2007
#6  0x08301c65 in main (argc=2, argv=0xbfb8bce4)
    at /home/felipe/php5.3-200710261430/sapi/cli/php_cli.c:1140


-- 
Edit bug report at http://bugs.php.net/?id=43128&edit=1
-- 
Try a CVS snapshot (PHP 4.4): 
http://bugs.php.net/fix.php?id=43128&r=trysnapshot44
Try a CVS snapshot (PHP 5.2): 
http://bugs.php.net/fix.php?id=43128&r=trysnapshot52
Try a CVS snapshot (PHP 5.3): 
http://bugs.php.net/fix.php?id=43128&r=trysnapshot53
Try a CVS snapshot (PHP 6.0): 
http://bugs.php.net/fix.php?id=43128&r=trysnapshot60
Fixed in CVS:                 http://bugs.php.net/fix.php?id=43128&r=fixedcvs
Fixed in release:             
http://bugs.php.net/fix.php?id=43128&r=alreadyfixed
Need backtrace:               http://bugs.php.net/fix.php?id=43128&r=needtrace
Need Reproduce Script:        http://bugs.php.net/fix.php?id=43128&r=needscript
Try newer version:            http://bugs.php.net/fix.php?id=43128&r=oldversion
Not developer issue:          http://bugs.php.net/fix.php?id=43128&r=support
Expected behavior:            http://bugs.php.net/fix.php?id=43128&r=notwrong
Not enough info:              
http://bugs.php.net/fix.php?id=43128&r=notenoughinfo
Submitted twice:              
http://bugs.php.net/fix.php?id=43128&r=submittedtwice
register_globals:             http://bugs.php.net/fix.php?id=43128&r=globals
PHP 3 support discontinued:   http://bugs.php.net/fix.php?id=43128&r=php3
Daylight Savings:             http://bugs.php.net/fix.php?id=43128&r=dst
IIS Stability:                http://bugs.php.net/fix.php?id=43128&r=isapi
Install GNU Sed:              http://bugs.php.net/fix.php?id=43128&r=gnused
Floating point limitations:   http://bugs.php.net/fix.php?id=43128&r=float
No Zend Extensions:           http://bugs.php.net/fix.php?id=43128&r=nozend
MySQL Configuration Error:    http://bugs.php.net/fix.php?id=43128&r=mysqlcfg