# crasher heap-usage Invalid address 0xfff18d0c passed to free: value not allocated Aborted 08-03 00:29:16.324 1407 1407 F libc : Invalid address 0xfff18d0c passed to free: value not allocated 08-03 00:29:16.325 1407 1407 F libc : Fatal signal 6 (SIGABRT), code -6 (SI_TKILL) in tid 1407 (crasher), pid 1407 (crasher) 08-03 00:29:16.377 1410 1410 I crash_dump32: obtaining output fd from tombstoned, type: kDebuggerdTombstone 08-03 00:29:16.378 191 191 I /system/bin/tombstoned: received crash request for pid 1407 08-03 00:29:16.379 1410 1410 I crash_dump32: performing dump of process 1407 (target tid = 1407) 08-03 00:29:16.383 1410 1410 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 08-03 00:29:16.384 1410 1410 F DEBUG : LineageOS Version: '16.0-20200803-UNOFFICIAL-rpi3' 08-03 00:29:16.384 1410 1410 F DEBUG : Build fingerprint: 'Raspberry/lineage_rpi3/rpi3:9/PQ3A.190801.002/fdbai08031438:userdebug/test-keys' 08-03 00:29:16.384 1410 1410 F DEBUG : Revision: '0' 08-03 00:29:16.384 1410 1410 F DEBUG : ABI: 'arm' 08-03 00:29:16.384 1410 1410 F DEBUG : pid: 1407, tid: 1407, name: crasher >>> crasher <<< 08-03 00:29:16.384 1410 1410 F DEBUG : signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- 08-03 00:29:16.385 1410 1410 F DEBUG : Abort message: 'Invalid address 0xfff18d0c passed to free: value not allocated' 08-03 00:29:16.385 1410 1410 F DEBUG : r0 00000000 r1 0000057f r2 00000006 r3 00000008 08-03 00:29:16.385 1410 1410 F DEBUG : r4 0000057f r5 0000057f r6 fff18ca4 r7 0000010c 08-03 00:29:16.385 1410 1410 F DEBUG : r8 f5b0b008 r9 00000000 r10 00000000 r11 00000000 08-03 00:29:16.385 1410 1410 F DEBUG : ip 00000000 sp fff18c90 lr f5ca8ed9 pc f5ca0d2a 08-03 00:29:16.396 1410 1410 F DEBUG : 08-03 00:29:16.396 1410 1410 F DEBUG : backtrace: 08-03 00:29:16.396 1410 1410 F DEBUG : #00 pc 0001cd2a /system/lib/libc.so (abort+58) 08-03 00:29:16.396 1410 1410 F DEBUG : #01 pc 0007c3a5 /system/lib/libc.so (ifree+880) 08-03 00:29:16.396 1410 1410 F DEBUG : #02 pc 0007c4c1 /system/lib/libc.so (je_free+68) 08-03 00:29:16.397 1410 1410 F DEBUG : #03 pc 00001cb9 /system/bin/crasher (abuse_heap+20) 08-03 00:29:16.397 1410 1410 F DEBUG : #04 pc 00001827 /system/bin/crasher (do_action+1446) 08-03 00:29:16.397 1410 1410 F DEBUG : #05 pc 00002579 /system/bin/crasher (main+68) 08-03 00:29:16.397 1410 1410 F DEBUG : #06 pc 00088bc1 /system/lib/libc.so (__libc_init+48) 08-03 00:29:16.397 1410 1410 F DEBUG : #07 pc 0000112b /system/bin/crasher (_start_main+38) 08-03 00:29:16.397 1410 1410 F DEBUG : #08 pc 00000306 08-03 00:29:16.426 294 479 W NativeCrashListener: Couldn't find ProcessRecord for pid 1407 08-03 00:29:16.428 191 191 E /system/bin/tombstoned: Tombstone written to: /data/tombstones/tombstone_04 08-03 00:29:16.436 294 314 I BootReceiver: Copying /data/tombstones/tombstone_04 to DropBox (SYSTEM_TOMBSTONE) 08-03 00:29:16.695 294 304 I system_server: Background concurrent copying GC freed 49991(1659KB) AllocSpace objects, 7(140KB) LOS objects, 24% free, 6MB/8MB, paused 299us total 238.299ms *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** LineageOS Version: '16.0-20200803-UNOFFICIAL-rpi3' Build fingerprint: 'Raspberry/lineage_rpi3/rpi3:9/PQ3A.190801.002/fdbai08031438:userdebug/test-keys' Revision: '0' ABI: 'arm' pid: 1407, tid: 1407, name: crasher >>> crasher <<< signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- Abort message: 'Invalid address 0xfff18d0c passed to free: value not allocated' r0 00000000 r1 0000057f r2 00000006 r3 00000008 r4 0000057f r5 0000057f r6 fff18ca4 r7 0000010c r8 f5b0b008 r9 00000000 r10 00000000 r11 00000000 ip 00000000 sp fff18c90 lr f5ca8ed9 pc f5ca0d2a backtrace: #00 pc 0001cd2a /system/lib/libc.so (abort+58) #01 pc 0007c3a5 /system/lib/libc.so (ifree+880) #02 pc 0007c4c1 /system/lib/libc.so (je_free+68) #03 pc 00001cb9 /system/bin/crasher (abuse_heap+20) #04 pc 00001827 /system/bin/crasher (do_action+1446) #05 pc 00002579 /system/bin/crasher (main+68) #06 pc 00088bc1 /system/lib/libc.so (__libc_init+48) #07 pc 0000112b /system/bin/crasher (_start_main+38) #08 pc 00000306 stack: fff18c50 00000000 fff18c54 00000000 fff18c58 00000000 fff18c5c 00000000 fff18c60 00000000 fff18c64 00000000 fff18c68 00000000 fff18c6c 00000000 fff18c70 7fffffdf fff18c74 fffffff8 fff18c78 00000000 fff18c7c 9ac4fa2b fff18c80 0000057f fff18c84 0000057f fff18c88 fff18ca4 [stack] fff18c8c f5ca0d1f /system/lib/libc.so (abort+46) #00 fff18c90 f5b0b008 [anon:libc_malloc] ........ ........ #01 fff18cc0 00000000 ........ ........ #02 fff18ce0 00000000 ........ ........ #03 fff18d08 f5d2de0c [anon:.bss] ........ ........ #04 fff18d28 00000000 ........ ........ #05 fff18e98 00000000 ........ ........ #06 fff18ec0 f5ff5090 [anon:linker_alloc_small_objects] ........ ........ #07 fff18ed8 00000000 ........ ........ #08 fff18ef0 00000002 fff18ef4 fff19b30 [stack] fff18ef8 fff19b38 [stack] fff18efc 00000000 fff18f00 fff19b43 [stack] fff18f04 fff19b59 [stack] fff18f08 fff19b6c [stack] fff18f0c fff19b73 [stack] fff18f10 fff19b8c [stack] fff18f14 fff19ba1 [stack] fff18f18 fff19bb4 [stack] fff18f1c fff19bcf [stack] fff18f20 fff19be4 [stack] fff18f24 fff19e22 [stack] fff18f28 fff19e3c [stack] fff18f2c fff19e55 [stack] memory near r6 ([stack]): fff18c84 0000057f fff18ca4 f5ca0d1f f5b0b008 ................ fff18c94 00000000 00000000 f5ce0217 00000000 ................ fff18ca4 ffffffdf ffffffff fff18d0c f5b0b008 ................ fff18cb4 00000000 00000000 f5d003a9 00000000 ................ fff18cc4 fff18d0c f5b0b008 00000002 fff18f00 ................ fff18cd4 00000000 00000000 f5d004c5 00000000 ................ fff18ce4 00000000 00000000 00000000 00000000 ................ fff18cf4 9ac4fa2b b9661535 fff18ef4 00000002 +...5.f......... fff18d04 b9660cbd f5d2de0c 00000000 00000000 ..f............. fff18d14 00000000 00000002 9ac4fa2b fff18f00 ........+....... fff18d24 b966082b 00000000 00000000 00000000 +.f............. fff18d34 00000000 00000000 00000000 00000000 ................ fff18d44 00000000 00000000 00000000 00000000 ................ fff18d54 00000000 00000000 00000000 00000000 ................ fff18d64 00000000 00000000 00000000 00000000 ................ fff18d74 00000000 00000000 00000000 00000000 ................ memory near r8 ([anon:libc_malloc]): f5b0afe8 00000000 00000000 00000000 00000000 ................ f5b0aff8 00000000 00000000 00000001 00000000 ................ f5b0b008 00000001 00000000 000015b8 00000000 ................ f5b0b018 00001088 00000000 00000000 f5b80040 ............@... f5b0b028 f5b80040 f5b0c000 00000001 00000000 @............... f5b0b038 00000002 00000000 00000000 00000000 ................ f5b0b048 00000000 00000000 00000000 00000000 ................ f5b0b058 00000000 00000000 00000000 00000000 ................ f5b0b068 00000000 00000000 00000000 00000000 ................ f5b0b078 00000000 00000000 00000000 00000000 ................ f5b0b088 00000000 00000000 00000000 00000000 ................ f5b0b098 00000000 00000000 00000000 00000000 ................ f5b0b0a8 00000000 00000000 00000000 00000000 ................ f5b0b0b8 00000000 00000000 00000000 00000000 ................ f5b0b0c8 00000000 00000000 00000000 00000000 ................ f5b0b0d8 00000000 00000000 00000000 00000000 ................ memory near sp ([stack]): fff18c70 7fffffdf fffffff8 00000000 9ac4fa2b ............+... fff18c80 0000057f 0000057f fff18ca4 f5ca0d1f ................ fff18c90 f5b0b008 00000000 00000000 f5ce0217 ................ fff18ca0 00000000 ffffffdf ffffffff fff18d0c ................ fff18cb0 f5b0b008 00000000 00000000 f5d003a9 ................ fff18cc0 00000000 fff18d0c f5b0b008 00000002 ................ fff18cd0 fff18f00 00000000 00000000 f5d004c5 ................ fff18ce0 00000000 00000000 00000000 00000000 ................ fff18cf0 00000000 9ac4fa2b b9661535 fff18ef4 ....+...5.f..... fff18d00 00000002 b9660cbd f5d2de0c 00000000 ......f......... fff18d10 00000000 00000000 00000002 9ac4fa2b ............+... fff18d20 fff18f00 b966082b 00000000 00000000 ....+.f......... fff18d30 00000000 00000000 00000000 00000000 ................ fff18d40 00000000 00000000 00000000 00000000 ................ fff18d50 00000000 00000000 00000000 00000000 ................ fff18d60 00000000 00000000 00000000 00000000 ................ memory near lr (/system/lib/libc.so): f5ca8eb8 21234630 fec2f066 0100e9dd 0100e9cd 0F#!f........... f5ca8ec8 e0004669 46282100 23084622 fb3ef067 iF...!(F"F.#g.>. f5ca8ed8 44794906 68096809 1a899a03 b004d101 .IyD.h.h........ f5ca8ee8 f066bd70 bf00fca3 0007d53c 0007d4ee p.f.....<....... f5ca8ef8 447b4b01 4718689b 0007e242 b084b580 .K{D.h.GB....... f5ca8f08 c01cf8dd c004f8cd c018f8dd c000f8cd ................ f5ca8f18 c014f8df f8dc44fc f8cdc000 f000c008 .....D.......... f5ca8f28 b004f805 bf00bd80 0007d504 4ff0e92d ............-..O f5ca8f38 4607b089 461e4869 46894692 68004478 ...FiH.F.F.FxD.h f5ca8f48 90086800 4620ac03 fe70f066 2002aa01 .h.... Ff.p.... f5ca8f58 f0664621 2e00fe7b 6830bf18 8800bf18 !Ff.{.....0h.... f5ca8f68 2000bf08 f880fa0f 0f40f018 f1bad14e ... ......@.N... f5ca8f78 bf080f00 d0492800 fb68f067 d1492800 .....(I.g.h..(I. f5ca8f88 f0084d57 27010b04 447dac03 0f00f1bb WM.....'..}D.... f5ca8f98 6830d005 30184639 fc40f067 4638b950 ..0h9F.0g.@.P.8F f5ca8fa8 46222100 fe5af066 f0003001 98038094 .!"Ff.Z..0...... memory near pc (/system/lib/libc.so): f5ca0d08 ff94f06e 21064630 ff98f06e 46312002 n...0F.!n.... 1F f5ca0d18 f06e2200 4620ff9b 22064629 7786f44f ."n... F)F."O..w f5ca0d28 4669df00 460a480d f9604478 68000acd ..iF.H.FxD`....h f5ca0d38 0acdf942 20066010 f06e2200 2002ff8f B....`. ."n.... f5ca0d48 22004631 ff82f06e 46294620 f44f2206 1F."n... F)F."O. f5ca0d58 df007786 f06e207f bf00ff89 0007afec .w... n......... f5ca0d68 f06e2300 0000bf8b c008f8df f8dc44fc .#n..........D.. f5ca0d78 4760c000 000863c8 4601460a 0063f06f ..`G.c...F.Fo.c. f5ca0d88 f06e2300 0000bf83 b082b580 4479490c .#n..........IyD f5ca0d98 68096809 46699101 ff80f06e 48092800 .h.h..iFn....(.H f5ca0da8 44789900 f04fbf08 680031ff 9a016800 ..xD..O..1.h.h.. f5ca0db8 d1021a80 b002ba08 f06ebd80 bf00fd37 ..........n.7... f5ca0dc8 00085632 0008561e b082b580 4479490c 2V...V.......IyD f5ca0dd8 68096809 46699101 ff60f06e 98004601 .h.h..iFn.`..F.. f5ca0de8 49082900 f04fbf08 447930ff 68096809 .).I..O..0yD.h.h f5ca0df8 1a899a01 b002d101 f06ebd80 bf00fd17 ..........n..... memory map (75 entries): b965f000-b9664fff r-x 0 6000 /system/bin/crasher (BuildId: b7cf42c98f23b30ceb75f3eb5837ef3b) b9665000-b9665fff r-- 5000 1000 /system/bin/crasher b9666000-b9666fff rw- 0 1000 f5ac7000-f5acafff r-x 0 4000 /system/lib/libnetd_client.so (BuildId: 72d07c9629027b0a6d40c5c99f1df0a3) f5acb000-f5acbfff r-- 3000 1000 /system/lib/libnetd_client.so f5acc000-f5accfff rw- 4000 1000 /system/lib/libnetd_client.so f5b00000-f5bfffff rw- 0 100000 [anon:libc_malloc] f5c75000-f5c7cfff r-x 0 8000 /system/lib/libseccomp_policy.so (BuildId: 4518d6e4b5fda834dfdcf4a8f3b2789d) f5c7d000-f5c7dfff r-- 7000 1000 /system/lib/libseccomp_policy.so f5c7e000-f5c7efff rw- 8000 1000 /system/lib/libseccomp_policy.so f5c84000-f5d22fff r-x 0 9f000 /system/lib/libc.so (BuildId: 23e9d9759243df47d85724886cb52ce2) f5d23000-f5d26fff r-- 9e000 4000 /system/lib/libc.so f5d27000-f5d28fff rw- a2000 2000 /system/lib/libc.so f5d29000-f5d29fff rw- 0 1000 [anon:.bss] f5d2a000-f5d2afff r-- 0 1000 [anon:.bss] f5d2b000-f5d31fff rw- 0 7000 [anon:.bss] f5d55000-f5de7fff r-x 0 93000 /system/lib/libc++.so (BuildId: 0b27623fc2d89c5444acc59d3f31a514) (load bias 0x3000) f5de8000-f5de8fff --- 0 1000 f5de9000-f5dedfff r-- 93000 5000 /system/lib/libc++.so (load bias 0x3000) f5dee000-f5deefff rw- 98000 1000 /system/lib/libc++.so (load bias 0x3000) f5def000-f5deffff rw- 0 1000 [anon:.bss] f5e04000-f5e23fff r-x 0 20000 /system/lib/libm.so (BuildId: e7d0b8f9a43d77b74e49c5fc0796262f) f5e24000-f5e24fff r-- 1f000 1000 /system/lib/libm.so f5e25000-f5e25fff rw- 20000 1000 /system/lib/libm.so f5e64000-f5e72fff r-x 0 f000 /system/lib/libbase.so (BuildId: 134fd9b8cd8f2f4ea7304be5857cf27b) f5e73000-f5e73fff r-- e000 1000 /system/lib/libbase.so f5e74000-f5e74fff rw- f000 1000 /system/lib/libbase.so f5ea1000-f5eb4fff r-x 0 14000 /system/lib/liblog.so (BuildId: deaad76fe8564f670472555cec07cb4a) f5eb5000-f5eb5fff r-- 13000 1000 /system/lib/liblog.so f5eb6000-f5eb6fff rw- 14000 1000 /system/lib/liblog.so f5ec4000-f5ec4fff r-x 0 1000 /system/lib/libdl.so (BuildId: 676a0450f6cc27cf2554a3d1634fc4fe) f5ec5000-f5ec5fff r-- 1000 1000 /system/lib/libdl.so f5ec6000-f5ec6fff rw- 0 1000 [anon:.bss] f5f36000-f5f36fff rw- 0 1000 [anon:linker_alloc] f5f3c000-f5f3cfff rw- 0 1000 f5f3d000-f5f3dfff r-- 0 1000 [anon:atexit handlers] f5f3e000-f5f3efff r-- 0 1000 [anon:linker_alloc] f5f3f000-f5f5efff r-- 0 20000 /dev/__properties__/u:object_r:default_prop:s0 f5f5f000-f5f7efff r-- 0 20000 /dev/__properties__/properties_serial f5f7f000-f5f7ffff rw- 0 1000 [anon:System property context nodes] f5f80000-f5f82fff r-- 0 3000 /dev/__properties__/property_info f5f83000-f5f84fff rw- 0 2000 [anon:linker_alloc_vector] f5f85000-f5f85fff rw- 0 1000 [anon:linker_alloc_small_objects] f5f86000-f5f86fff rw- 0 1000 [anon:arc4random data] f5f87000-f5f87fff rw- 0 1000 [anon:linker_alloc_vector] f5f88000-f5f88fff rw- 0 1000 [anon:linker_alloc] f5f89000-f5fa8fff r-- 0 20000 /dev/__properties__/u:object_r:default_prop:s0 f5fa9000-f5fa9fff r-- 0 1000 [anon:linker_alloc] f5faa000-f5fc9fff r-- 0 20000 /dev/__properties__/u:object_r:debug_prop:s0 f5fca000-f5fcafff --- 0 1000 f5fcb000-f5fcbfff rw- 0 1000 f5fcc000-f5fccfff --- 0 1000 f5fcd000-f5fecfff r-- 0 20000 /dev/__properties__/properties_serial f5fed000-f5fedfff rw- 0 1000 [anon:System property context nodes] f5fee000-f5ff0fff r-- 0 3000 /dev/__properties__/property_info f5ff1000-f5ff1fff r-- 0 1000 [anon:linker_alloc] f5ff2000-f5ff2fff rw- 0 1000 [anon:linker_alloc_vector] f5ff3000-f5ff3fff rw- 0 1000 [anon:linker_alloc_small_objects] f5ff4000-f5ff4fff rw- 0 1000 [anon:linker_alloc_vector] f5ff5000-f5ff5fff rw- 0 1000 [anon:linker_alloc_small_objects] f5ff6000-f5ff6fff r-- 0 1000 [anon:atexit handlers] f5ff7000-f5ff7fff --- 0 1000 f5ff8000-f5ffbfff rw- 0 4000 [anon:thread signal stack] f5ffc000-f5ffcfff rw- 0 1000 [anon:arc4random data] f5ffd000-f5ffdfff --- 0 1000 f5ffe000-f6000fff rw- 0 3000 f6001000-f6001fff --- 0 1000 f6002000-f60bffff r-x 0 be000 /system/bin/linker (BuildId: 0c838a22790b1a897ca50303f17dce1e) f60c0000-f60c5fff r-- bd000 6000 /system/bin/linker f60c6000-f60c6fff rw- c3000 1000 /system/bin/linker f60c7000-f60c8fff rw- 0 2000 f60c9000-f60c9fff r-- 0 1000 f60ca000-f60cffff rw- 0 6000 ffef9000-fff19fff rw- 0 21000 [stack] ffff0000-ffff0fff r-x 0 1000 [vectors] open files: fd 0: /dev/pts/0 fd 1: /dev/pts/0 fd 2: /dev/pts/0