PHP 5.3.6-13ubuntu3.6 with Suhosin-Patch crashes when using SPLFixedArray built-in class

Test script
-----------

    spl_fixed_array.php:
    <?php
    for ($i = 0; $i != 10000; ++$i) {
        fprintf(STDERR, "$i\n");
        $array = new SplFixedArray(1);
        $array->offsetSet(0, array($array));
    }
    ?>

Running
-------

    php spl_fixed_array.php

Expected result
---------------

The script terminates normally or PHP handles memory limit exhaustion error
(depending on configuration).

Actual result
-------------

    1
    2
    ...
    4997
    4998
    4999
    Segmentation fault

Backtrace
---------

    Program received signal SIGSEGV, Segmentation fault.
    spl_fixedarray_object_get_properties (obj=0x156fcc8) at
    /build/buildd/php5-5.3.6/Zend/zend.h:381
    381 /build/buildd/php5-5.3.6/Zend/zend.h: No such file or directory.
            in /build/buildd/php5-5.3.6/Zend/zend.h
    (gdb) bt
    #0 spl_fixedarray_object_get_properties (obj=0x156fcc8) at /build/buildd/php5-5.3.6/Zend/zend.h:381
    #1 0x00000000006b4563 in zval_scan_black (pz=0x156fcc8)
        at /build/buildd/php5-5.3.6/Zend/zend_gc.c:285
    #2 0x00000000006b47f5 in zval_scan (pz=0x156fcc8) at /build/buildd/php5-5.3.6/Zend/zend_gc.c:453
    #3 0x00000000006b4bbe in gc_collect_cycles () at /build/buildd/php5-5.3.6/Zend/zend_gc.c:537
    #4 0x00000000006b5244 in gc_zval_possible_root (zv=0x156fcc8)
        at /build/buildd/php5-5.3.6/Zend/zend_gc.c:166
    #5 0x000000000070bfef in zend_do_fcall_common_helper_SPEC (execute_data=0x7ffff7ebc068)
        at /build/buildd/php5-5.3.6/Zend/zend_execute.h:318
    #6 0x00000000006bd51b in execute (op_array=0x104c3d0)
        at /build/buildd/php5-5.3.6/Zend/zend_vm_execute.h:107
    #7 0x00007ffff4be28b5 in xdebug_execute (op_array=0x104c3d0)
        at /build/buildd/xdebug-2.1.0/build-php5/xdebug.c:1272
    #8 0x0000000000698b70 in zend_execute_scripts (type=0, retval=0x800000000, file_count=3)
        at /build/buildd/php5-5.3.6/Zend/zend.c:1266
    #9 0x0000000000645913 in php_execute_script (primary_file=0x7ffff5c40e56)
        at /build/buildd/php5-5.3.6/main/main.c:2297
    #10 0x000000000042c53e in main (argc=32767, argv=0x7fffffffdf36)
        at /build/buildd/php5-5.3.6/sapi/cli/php_cli.c:1197
    (gdb) p *obj
    $1 = {value = {lval = 0, dval = 0, str = {val = 0x0, len = 0}, ht = 0x0, obj = {handle = 0,
          handlers = 0x0}}, refcount__gc = 0, type = 0 '\000', is_ref__gc = 0 '\000'}

Version
-------

php --version output:

    PHP 5.3.6-13ubuntu3.6 with Suhosin-Patch (cli) (built: Feb 11 2012 03:26:01)
    Copyright (c) 1997-2011 The PHP Group
    Zend Engine v2.3.0, Copyright (c) 1998-2011 Zend Technologies
        with Xdebug v2.1.0, Copyright (c) 2002-2010, by Derick Rethans

apt-cache policy php5 output:

    php5:
      Installed: (none)
      Candidate: 5.3.6-13ubuntu3.6
      Version table:
         5.3.6-13ubuntu3.6 0
            500 http://hu.archive.ubuntu.com/ubuntu/ oneiric-updates/main amd64 Packages
            500 http://security.ubuntu.com/ubuntu/ oneiric-security/main amd64 Packages
         5.3.6-13ubuntu3.1 0
            500 http://hu.archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages

lsb_release -rd output:

    Description: Ubuntu 11.10
    Release: 11.10

file /usr/bin/php5 output:

    /usr/bin/php5: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.15, stripped

Reproduction with vanilla PHP
-----------------------------

Manually built current stable release of PHP downloaded from http://php.net.
The issue seemed to be not reproducable. Version:

    PHP 5.4.0 (cli) (built: Apr 17 2012 22:23:57)
    Copyright (c) 1997-2012 The PHP Group
    Zend Engine v2.4.0, Copyright (c) 1998-2012 Zend Technologies