AddressSanitizer: SEGV in GC_malloc_atomic

[cx104906]

git clone https://github.com/tats/w3m.git cd w3m CC=gcc CXX=g++ CFLAGS="-fsanitize=address -fPIC -O2" CXXFLAGS="-fsanitize=address -fPIC -O2" ./configure make ./w3m -dump input

AddressSanitizer:DEADLYSIGNAL

==20170==ERROR: AddressSanitizer: SEGV on unknown address 0x000012001400 (pc 0x7ffff6bfe743 bp 0x000000000011 sp 0x7fffffffd380 T0) ==20170==The signal is caused by a READ memory access. #0 0x7ffff6bfe743 in GC_malloc_atomic (/usr/lib/x86_64-linux-gnu/libgc.so.1+0x1f743) #1 0x5152c0 in growbuf_reserve (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x5152c0) #2 0x515638 in growbuf_append (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x515638) #3 0x50b694 in ISgets_to_growbuf (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x50b694) #4 0x50c385 in StrISgets2 (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x50c385) #5 0x445c30 in loadBuffer (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x445c30) #6 0x46b700 in loadGeneralFile (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x46b700) #7 0x406e38 in main (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x406e38) #8 0x7ffff5c87c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86) #9 0x40a6b9 in _start (/home/cas/chenxu/cxfuzz2/fuzz/verify_cve/w3m/w3m+0x40a6b9)

AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/usr/lib/x86_64-linux-gnu/libgc.so.1+0x1f743) in GC_malloc_atomic ==20170==ABORTING

./w3m -version w3m version w3m/0.5.3+git20230718, options lang=en,m17n,image,color,ansi-color,mouse,gpm,menu,cookie,ssl,ssl-verify,external-uri-loader,w3mmailer,nntp,gopher,ipv6,alarm,mark

gcc --version gcc (GCC) 11.2.0 Copyright © 2021 Free Software Foundation, Inc.

uname -a Linux cas-PC 5.4.0-144-generic #161~18.04.1-Ubuntu SMP Fri Feb 10 15:55:22 UTC 2023 x86_64 GNU/Linux

input file url https://github.com/cx104906/poc/tree/main/w3m