06567: ql_fr, ql_se: Mounting all varieties of QL Trump Card (trump) causes exception

ID	Category [?]	Severity [?]	Reproducibility	Date Submitted	Last Update
06567	Crash/Freeze	Critical (emulator)	Always	May 1, 2017, 03:03	Nov 15, 2022, 09:43

Tester	Tafoid	View Status	Public	Platform	MAME (Official Binary)
Assigned To		Resolution	Open	OS	Windows Vista/7/8 (64-bit)
Status [?]	Confirmed			Driver	sinclair/ql.cpp
Version	0.185	Fixed in Version		Build	Normal
		Fixed in Git Commit		Github Pull Request #

Summary	06567: ql_fr, ql_se: Mounting all varieties of QL Trump Card (trump) causes exception
Description	----------------------------------------------------- Exception at EIP=0000000001fc21a2 (ql_trump_card_t::write(address_space&, unsigned int, unsigned char)+0x0052): ACCESS VIOLATION While attempting to write memory at 00000000000ada58 ----------------------------------------------------- RAX=00000000000ada58 RBX=00000000000eda58 RCX=000000000c5eebf0 RDX=0000000000000000 RSI=000000000c5eebf0 RDI=00000000000000fa RBP=00000000002281d0 RSP=0000000000228150 R8=00000000000eda58 R9=00000000000000fa R10=00000000000000ff R11=0000000000000008 R12=00000000118397f0 R13=0000000000228540 R14=000000000c615120 R15=000000000022ed48 ----------------------------------------------------- Stack crawl: 0000000000228120: 0000000001fc21a2 (ql_trump_card_t::write(address_space&, unsigned int, unsigned char)+0x0052) 0000000000228200: 00000000019117ff (ql_state::write(address_space&, unsigned int, unsigned char, unsigned char)+0x01ef) 0000000000228250: 00000000047e0794 (delegate_base<void, address_space&, unsigned int, unsigned char, unsigned char>::operator()(address_space&, unsigned int, unsigned char, unsigned char) const+0x0054) 0000000000228290: 0000000004031c12 (address_space_specific<unsigned char, (endianness_t)1, true>::write_native(unsigned int, unsigned char, unsigned char)+0x00a2) 00000000002282e0: 0000000004031707 (address_space_specific<unsigned char, (endianness_t)1, true>::write_dword(unsigned int, unsigned int)+0x0027) 0000000000228320: 000000000247c600 (m68ki_write_32_fc(m68000_base_device, unsigned int, unsigned int, unsigned int)+0x0070) 0000000000228370: 000000000247c6be (m68ki_stack_frame_0000(m68000_base_device, unsigned int, unsigned int, unsigned int)+0x006e) 00000000002283b0: 000000000248b102 (m68000_base_device_ops::m68k_op_1111(m68000_base_device)+0x0102) 00000000002284b0: 0000000003f78358 (m68000_base_device::cpu_execute()+0x0878) 00000000002284e0: 000000000246e56d (m68000_base_device::execute_run()+0x000d) 0000000000228590: 0000000003231118 (device_scheduler::timeslice()+0x0188) 0000000000228690: 00000000031ed52b (running_machine::run(bool)+0x03fb) 000000000022f440: 0000000001bdb8ea (mame_machine_manager::execute()+0x00ea) 000000000022f540: 0000000001c39645 (cli_frontend::start_execution(mame_machine_manager, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x01d5) 000000000022f6b0: 0000000001c39835 (cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0045) 000000000022f710: 0000000001bd9b5a (emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x002a) 000000000022fdb0: 0000000001b2fcc2 (utf8_main(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&)+0x0122) 000000000022fe50: 0000000003764449 (wmain+0x0169) 000000000022ff20: 0000000000401410 (__tmainCRTStartup+0x0260) 000000000022ff50: 000000000040153b (mainCRTStartup+0x001b) 000000000022ff80: 00000000776059cd (BaseThreadInitThunk+0x000d) 000000000022ffd0: 000000007773a561 (RtlUserThreadStart+0x0021)
Steps To Reproduce	> mame ql_fr -exp trump
Additional Information
Github Commit

Flags
Regression Version	0.154 Added
Affected Sets / Systems	ql_fr, ql_se

Attached Files

No.20823 Firewave Senior Tester Nov 15, 2022, 09:43	These sets are flagged MNW. 0.249 on Linux reports: ==21629==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020001a84e8 at pc 0x7fe6544f8dc5 bp 0x7ffffcb7db90 sp 0x7ffffcb7db88 WRITE of size 1 at 0x6020001a84e8 thread T0 #0 0x7fe6544f8dc4 in ql_trump_card_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp:278:28 #1 0x7fe6544f906f in non-virtual thunk to ql_trump_card_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp #2 0x7fe64e3581bb in ql_expansion_slot_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/exp.h:104:64 #3 0x7fe64e34a493 in ql_state::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/mame/sinclair/ql.cpp:319:9 #4 0x7fe660fd0dbc in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/delegate.h:765:11 #5 0x7fe660fd0dbc in std::enable_if<(((std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned char)> >::value) \|\| (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned short)> >::value)) \|\| (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned int)> >::value)) \|\| (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned long)> >::value), void>::type handler_entry_write_delegate<0, 0, emu::device_delegate<void (unsigned int, unsigned char)> >::write_impl<emu::device_delegate<void (unsigned int, unsigned char)> >(unsigned int, unsigned char, unsigned char) const /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem_hedp.cpp:125:2 #6 0x7fe660fd0c38 in handler_entry_write_delegate<0, 0, emu::device_delegate<void (unsigned int, unsigned char)> >::write(unsigned int, unsigned char, unsigned char) const /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem_hedp.cpp:150:2 #7 0x7fe644076d6b in void dispatch_write<1, 0, 0>(unsigned int, unsigned int, emu::detail::handler_entry_size<0>::uX, emu::detail::handler_entry_size<0>::uX, handler_entry_write<0, 0> const* const) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1577:47 #8 0x7fe657e718b7 in write_native /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1741:3 #9 0x7fe657e718b7 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1639:90 #10 0x7fe657e718b7 in void memory_write_generic<0, 0, (util::endianness)1, 2, true, emu::detail::memory_access_specific<1, 0, 0, (util::endianness)1>::wop()::'lambda'(unsigned int, unsigned char, unsigned char)>(emu::detail::memory_access_specific<1, 0, 0, (util::endianness)1>::wop()::'lambda'(unsigned int, unsigned char, unsigned char), unsigned int, emu::detail::handler_entry_size<2>::uX, emu::detail::handler_entry_size<2>::uX) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1009:22 #11 0x7fe657e4d869 in write_dword /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1662:121 #12 0x7fe657e4d869 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:60 #13 0x7fe657e4d869 in __invoke_impl<void, (lambda at ../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:14) &, unsigned int, unsigned int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 #14 0x7fe657e4d869 in __invoke_r<void, (lambda at ../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:14) &, unsigned int, unsigned int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:111:2 #15 0x7fe657e4d869 in std::_Function_handler<void (unsigned int, unsigned int), m68000_base_device::init8(address_space&, address_space&)::$_6>::_M_invoke(std::_Any_data const&, unsigned int&&, unsigned int&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290:9 #16 0x7fe657e68b69 in std::function<void (unsigned int, unsigned int)>::operator()(unsigned int, unsigned int) const /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591:9 #17 0x7fe657e686b7 in m68000_base_device::m68ki_write_32_fc(unsigned int, unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:711:2 #18 0x7fe657e683cd in m68000_base_device::m68ki_write_32(unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:434:58 #19 0x7fe657e67c2e in m68000_base_device::m68ki_push_32(unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:927:2 #20 0x7fe657e6d4a3 in m68000_base_device::m68ki_stack_frame_3word(unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1130:2 #21 0x7fe657e655a9 in m68000_base_device::m68ki_stack_frame_0000(unsigned int, unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1142:3 #22 0x7fe6580b9f1f in m68000_base_device::m68ki_exception_1111() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1543:2 #23 0x7fe657e7269f in m68000_base_device::xf000_1111_071234fc() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kops.cpp:14:2 #24 0x7fe657e277c3 in m68000_base_device::execute_run() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp:909:5 #25 0x7fe657e2981f in non-virtual thunk to m68000_base_device::execute_run() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp #26 0x7fe6667bd577 in run /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/diexec.h:190:15 #27 0x7fe6667bd577 in device_scheduler::timeslice() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:456:14 #28 0x7fe66665b027 in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:329:17 #29 0x7fe65e76ac6f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19 #30 0x7fe65fb21fe6 in cli_frontend::start_execution(mame_machine_manager, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22 #31 0x7fe65fb25b2f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3 #32 0x7fe65e76fa4f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18 #33 0x7fe666950d0b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9 #34 0x7fe619699209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #35 0x7fe6196992bb in __libc_start_main csu/../csu/libc-start.c:389:3 #36 0x7fe6402e1bd0 in _start (/mnt/s/GitHub/mame/mame+0x24d5fbd0) (BuildId: 5ea94812d72bae4c) 0x6020001a84e8 is located 8 bytes to the left of 15-byte region [0x6020001a84f0,0x6020001a84ff) freed by thread T21 here: #0 0x7fe640364772 in free (/mnt/s/GitHub/mame/mame+0x24de2772) (BuildId: 5ea94812d72bae4c) #1 0x7fe668ce629c in (anonymous namespace)::internal_normalize_unicode[abi:cxx11](char const, unsigned long, unicode_normalization_form, bool, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:77:3 #2 0x7fe668ce6429 in normalize_unicode[abi:cxx11](std::basic_string_view<char, std::char_traits<char> >, unicode_normalization_form, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:503:9 #3 0x7fe65edd6ca7 in ui::system_list::do_cache_data(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:217:41 #4 0x7fe65edda5af in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:44:6 #5 0x7fe65edda5af in __invoke_impl<void, (lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 #6 0x7fe65edda5af in __invoke<(lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:96:14 #7 0x7fe65edda5af in _M_invoke<0UL> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:252:13 #8 0x7fe65edda5af in operator() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:259:11 #9 0x7fe65edda5af in std::thread::_State_impl<std::thread::_Invoker<std::tuple<ui::system_list::cache_data(ui_options const&)::$_0> > >::_M_run() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:210:13 #10 0x7fe6199743d2 (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd43d2) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151) previously allocated by thread T21 here: #0 0x7fe640364e46 in realloc (/mnt/s/GitHub/mame/mame+0x24de2e46) (BuildId: 5ea94812d72bae4c) #1 0x7fe66932fe1b in utf8proc_map_custom /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/utf8proc/utf8proc.c:752:35 #2 0x7fe66932fd2e in utf8proc_map /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/utf8proc/utf8proc.c:726:12 #3 0x7fe668ce621e in (anonymous namespace)::internal_normalize_unicode[abi:cxx11](char const, unsigned long, unicode_normalization_form, bool, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:69:48 #4 0x7fe668ce6429 in normalize_unicode[abi:cxx11](std::basic_string_view<char, std::char_traits<char> >, unicode_normalization_form, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:503:9 #5 0x7fe65edd6ca7 in ui::system_list::do_cache_data(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:217:41 #6 0x7fe65edda5af in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:44:6 #7 0x7fe65edda5af in __invoke_impl<void, (lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14 #8 0x7fe65edda5af in __invoke<(lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:96:14 #9 0x7fe65edda5af in _M_invoke<0UL> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:252:13 #10 0x7fe65edda5af in operator() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:259:11 #11 0x7fe65edda5af in std::thread::_State_impl<std::thread::_Invoker<std::tuple<ui::system_list::cache_data(ui_options const&)::$_0> > >::_M_run() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:210:13 #12 0x7fe6199743d2 (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd43d2) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151) Thread T21 created by T0 here: #0 0x7fe64034de9c in pthread_create (/mnt/s/GitHub/mame/mame+0x24dcbe9c) (BuildId: 5ea94812d72bae4c) #1 0x7fe6199744a8 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void ()()) (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd44a8) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151) #2 0x7fe65ed983ee in mame_ui_manager::init() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/ui.cpp:207:30 #3 0x7fe65e76cebb in mame_machine_manager::create_ui(running_machine&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:352:8 #4 0x7fe66665741c in running_machine::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:155:19 #5 0x7fe66665ac5c in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:281:3 #6 0x7fe65e76ac6f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19 #7 0x7fe65fb21fe6 in cli_frontend::start_execution(mame_machine_manager, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22 #8 0x7fe65fb25b2f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3 #9 0x7fe65e76fa4f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18 #10 0x7fe666950d0b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9 #11 0x7fe619699209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 SUMMARY: AddressSanitizer: heap-buffer-overflow /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp:278:28 in ql_trump_card_device::write(unsigned int, unsigned char) Shadow bytes around the buggy address: 0x0c048002d040: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd 0x0c048002d050: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fa 0x0c048002d060: fa fa fd fd fa fa fd fa fa fa fd fa fa fa fd fa 0x0c048002d070: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa 0x0c048002d080: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd =>0x0c048002d090: fa fa fd fa fa fa fd fd fa fa fd fd fa[fa]fd fd 0x0c048002d0a0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd 0x0c048002d0b0: fa fa fd fa fa fa fd fd fa fa fd fd fa fa fd fd 0x0c048002d0c0: fa fa fd fd fa fa fd fa fa fa fd fd fa fa fd fd 0x0c048002d0d0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fa 0x0c048002d0e0: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb

No.20823

Firewave

Senior Tester

Nov 15, 2022, 09:43

These sets are flagged MNW.

0.249 on Linux reports:

==21629==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020001a84e8 at pc 0x7fe6544f8dc5 bp 0x7ffffcb7db90 sp 0x7ffffcb7db88
WRITE of size 1 at 0x6020001a84e8 thread T0
    #0 0x7fe6544f8dc4 in ql_trump_card_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp:278:28
    #1 0x7fe6544f906f in non-virtual thunk to ql_trump_card_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp
    #2 0x7fe64e3581bb in ql_expansion_slot_device::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/exp.h:104:64
    #3 0x7fe64e34a493 in ql_state::write(unsigned int, unsigned char) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/mame/sinclair/ql.cpp:319:9
    #4 0x7fe660fd0dbc in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/delegate.h:765:11
    #5 0x7fe660fd0dbc in std::enable_if<(((std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned char)> >::value) || (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned short)> >::value)) || (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned int)> >::value)) || (std::is_same<emu::device_delegate<void (unsigned int, unsigned char)>, emu::device_delegate<void (unsigned int, unsigned long)> >::value), void>::type handler_entry_write_delegate<0, 0, emu::device_delegate<void (unsigned int, unsigned char)> >::write_impl<emu::device_delegate<void (unsigned int, unsigned char)> >(unsigned int, unsigned char, unsigned char) const /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem_hedp.cpp:125:2
    #6 0x7fe660fd0c38 in handler_entry_write_delegate<0, 0, emu::device_delegate<void (unsigned int, unsigned char)> >::write(unsigned int, unsigned char, unsigned char) const /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem_hedp.cpp:150:2
    #7 0x7fe644076d6b in void dispatch_write<1, 0, 0>(unsigned int, unsigned int, emu::detail::handler_entry_size<0>::uX, emu::detail::handler_entry_size<0>::uX, handler_entry_write<0, 0> const* const*) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1577:47
    #8 0x7fe657e718b7 in write_native /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1741:3
    #9 0x7fe657e718b7 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1639:90
    #10 0x7fe657e718b7 in void memory_write_generic<0, 0, (util::endianness)1, 2, true, emu::detail::memory_access_specific<1, 0, 0, (util::endianness)1>::wop()::'lambda'(unsigned int, unsigned char, unsigned char)>(emu::detail::memory_access_specific<1, 0, 0, (util::endianness)1>::wop()::'lambda'(unsigned int, unsigned char, unsigned char), unsigned int, emu::detail::handler_entry_size<2>::uX, emu::detail::handler_entry_size<2>::uX) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1009:22
    #11 0x7fe657e4d869 in write_dword /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/emumem.h:1662:121
    #12 0x7fe657e4d869 in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:60
    #13 0x7fe657e4d869 in __invoke_impl<void, (lambda at ../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:14) &, unsigned int, unsigned int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14
    #14 0x7fe657e4d869 in __invoke_r<void, (lambda at ../../../../../src/devices/cpu/m68000/m68kcpu.cpp:1334:14) &, unsigned int, unsigned int> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:111:2
    #15 0x7fe657e4d869 in std::_Function_handler<void (unsigned int, unsigned int), m68000_base_device::init8(address_space&, address_space&)::$_6>::_M_invoke(std::_Any_data const&, unsigned int&&, unsigned int&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:290:9
    #16 0x7fe657e68b69 in std::function<void (unsigned int, unsigned int)>::operator()(unsigned int, unsigned int) const /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_function.h:591:9
    #17 0x7fe657e686b7 in m68000_base_device::m68ki_write_32_fc(unsigned int, unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:711:2
    #18 0x7fe657e683cd in m68000_base_device::m68ki_write_32(unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:434:58
    #19 0x7fe657e67c2e in m68000_base_device::m68ki_push_32(unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:927:2
    #20 0x7fe657e6d4a3 in m68000_base_device::m68ki_stack_frame_3word(unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1130:2
    #21 0x7fe657e655a9 in m68000_base_device::m68ki_stack_frame_0000(unsigned int, unsigned int, unsigned int) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1142:3
    #22 0x7fe6580b9f1f in m68000_base_device::m68ki_exception_1111() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.h:1543:2
    #23 0x7fe657e7269f in m68000_base_device::xf000_1111_071234fc() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kops.cpp:14:2
    #24 0x7fe657e277c3 in m68000_base_device::execute_run() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp:909:5
    #25 0x7fe657e2981f in non-virtual thunk to m68000_base_device::execute_run() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/cpu/m68000/m68kcpu.cpp
    #26 0x7fe6667bd577 in run /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/diexec.h:190:15
    #27 0x7fe6667bd577 in device_scheduler::timeslice() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/schedule.cpp:456:14
    #28 0x7fe66665b027 in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:329:17
    #29 0x7fe65e76ac6f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
    #30 0x7fe65fb21fe6 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
    #31 0x7fe65fb25b2f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
    #32 0x7fe65e76fa4f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
    #33 0x7fe666950d0b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
    #34 0x7fe619699209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
    #35 0x7fe6196992bb in __libc_start_main csu/../csu/libc-start.c:389:3
    #36 0x7fe6402e1bd0 in _start (/mnt/s/GitHub/mame/mame+0x24d5fbd0) (BuildId: 5ea94812d72bae4c)

0x6020001a84e8 is located 8 bytes to the left of 15-byte region [0x6020001a84f0,0x6020001a84ff)
freed by thread T21 here:
    #0 0x7fe640364772 in free (/mnt/s/GitHub/mame/mame+0x24de2772) (BuildId: 5ea94812d72bae4c)
    #1 0x7fe668ce629c in (anonymous namespace)::internal_normalize_unicode[abi:cxx11](char const*, unsigned long, unicode_normalization_form, bool, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:77:3
    #2 0x7fe668ce6429 in normalize_unicode[abi:cxx11](std::basic_string_view<char, std::char_traits<char> >, unicode_normalization_form, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:503:9
    #3 0x7fe65edd6ca7 in ui::system_list::do_cache_data(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:217:41
    #4 0x7fe65edda5af in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:44:6
    #5 0x7fe65edda5af in __invoke_impl<void, (lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14
    #6 0x7fe65edda5af in __invoke<(lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:96:14
    #7 0x7fe65edda5af in _M_invoke<0UL> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:252:13
    #8 0x7fe65edda5af in operator() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:259:11
    #9 0x7fe65edda5af in std::thread::_State_impl<std::thread::_Invoker<std::tuple<ui::system_list::cache_data(ui_options const&)::$_0> > >::_M_run() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:210:13
    #10 0x7fe6199743d2  (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd43d2) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151)

previously allocated by thread T21 here:
    #0 0x7fe640364e46 in realloc (/mnt/s/GitHub/mame/mame+0x24de2e46) (BuildId: 5ea94812d72bae4c)
    #1 0x7fe66932fe1b in utf8proc_map_custom /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/utf8proc/utf8proc.c:752:35
    #2 0x7fe66932fd2e in utf8proc_map /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../3rdparty/utf8proc/utf8proc.c:726:12
    #3 0x7fe668ce621e in (anonymous namespace)::internal_normalize_unicode[abi:cxx11](char const*, unsigned long, unicode_normalization_form, bool, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:69:48
    #4 0x7fe668ce6429 in normalize_unicode[abi:cxx11](std::basic_string_view<char, std::char_traits<char> >, unicode_normalization_form, bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/lib/util/unicode.cpp:503:9
    #5 0x7fe65edd6ca7 in ui::system_list::do_cache_data(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:217:41
    #6 0x7fe65edda5af in operator() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/systemlist.cpp:44:6
    #7 0x7fe65edda5af in __invoke_impl<void, (lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:61:14
    #8 0x7fe65edda5af in __invoke<(lambda at ../../../../../src/frontend/mame/ui/systemlist.cpp:42:5)> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/invoke.h:96:14
    #9 0x7fe65edda5af in _M_invoke<0UL> /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:252:13
    #10 0x7fe65edda5af in operator() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:259:11
    #11 0x7fe65edda5af in std::thread::_State_impl<std::thread::_Invoker<std::tuple<ui::system_list::cache_data(ui_options const&)::$_0> > >::_M_run() /usr/bin/../lib/gcc/x86_64-linux-gnu/12/../../../../include/c++/12/bits/std_thread.h:210:13
    #12 0x7fe6199743d2  (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd43d2) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151)

Thread T21 created by T0 here:
    #0 0x7fe64034de9c in pthread_create (/mnt/s/GitHub/mame/mame+0x24dcbe9c) (BuildId: 5ea94812d72bae4c)
    #1 0x7fe6199744a8 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xd44a8) (BuildId: 00bbb52a4fbeaea07adbaa5ddc677c5d83686151)
    #2 0x7fe65ed983ee in mame_ui_manager::init() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/ui/ui.cpp:207:30
    #3 0x7fe65e76cebb in mame_machine_manager::create_ui(running_machine&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:352:8
    #4 0x7fe66665741c in running_machine::start() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:155:19
    #5 0x7fe66665ac5c in running_machine::run(bool) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/emu/machine.cpp:281:3
    #6 0x7fe65e76ac6f in mame_machine_manager::execute() /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:290:19
    #7 0x7fe65fb21fe6 in cli_frontend::start_execution(mame_machine_manager*, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:275:22
    #8 0x7fe65fb25b2f in cli_frontend::execute(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/clifront.cpp:291:3
    #9 0x7fe65e76fa4f in emulator_info::start_frontend(emu_options&, osd_interface&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > >&) /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/frontend/mame/mame.cpp:454:18
    #10 0x7fe666950d0b in main /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/osd/sdl/sdlmain.cpp:191:9
    #11 0x7fe619699209 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16

SUMMARY: AddressSanitizer: heap-buffer-overflow /mnt/s/GitHub/mame/build/projects/sdl/mame/gmake-linux-clang/../../../../../src/devices/bus/ql/trumpcard.cpp:278:28 in ql_trump_card_device::write(unsigned int, unsigned char)
Shadow bytes around the buggy address:
  0x0c048002d040: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c048002d050: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fa
  0x0c048002d060: fa fa fd fd fa fa fd fa fa fa fd fa fa fa fd fa
  0x0c048002d070: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
  0x0c048002d080: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd
=>0x0c048002d090: fa fa fd fa fa fa fd fd fa fa fd fd fa[fa]fd fd
  0x0c048002d0a0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c048002d0b0: fa fa fd fa fa fa fd fd fa fa fd fd fa fa fd fd
  0x0c048002d0c0: fa fa fd fd fa fa fd fa fa fa fd fd fa fa fd fd
  0x0c048002d0d0: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fa
  0x0c048002d0e0: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb