Home/ Questions/Q 8294657
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T14:17:52+00:00

I’m working on an embedded platform (architecture is SH4 ), and my program crashed

  • 0

I’m working on an embedded platform (architecture is SH4), and my program crashed a few minutes ago with a SIGABRT.

Luckily, I was running under gdbserver, and the thread that was interrupted by this signal has this stack dump:

#0  0x2a7f1678 in raise () from /home/[user]/target/lib/libc.so.6
#1  0x2a7f2a4c in abort () from /home/[user]/target/lib/libc.so.6
#2  0x2a81ade0 in __libc_message () from /home/[user]/target/lib/libc.so.6
#3  0x2a81f3a8 in malloc_printerr () from /home/[user]/target/lib/libc.so.6
#4  0x2a8c3700 in _IO_wide_data_2 () from /home/[user]/target/lib/libc.so.6

Do you know what happened here? A bad free()? bad delete ? bad malloc?
What’s “_IO_wide_data_2” supposed to do?
I see the malloc_printerr() call that I don’t understand either.

Google gives me 234 results on this, but all of them are simply because the guys have that “function” in their backtrace.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    A bad free()? bad delete ? bad malloc?

    Yes I think it’s one of these.

    If the bug is easy reproducible, put a breakpoint in malloc.c, malloc_printerr. When debugger stops there, You’ll probably get full call stack and find the buggy place in Your code. I still don’t know why it happens, that after entering __libc_message, the call stack gets broken.

    There is how I found this strange behaviour.
    Simple app that deletes the same buffer twice:

    void main()
{
    char * buf = new char[4*1024];
    delete[] buf;
    delete[] buf;
}

    Inside malloc_printerr the call stack looks like this:

    #0  malloc_printerr (action=3, str=0x297d0b5c "double free or corruption (top)", ptr=<value optimized out>) at malloc.c:5887
#1  0x29750be8 in __libc_free (mem=0x411008) at malloc.c:3622
#2  0x29612c70 in operator delete (ptr=<value optimized out>) at ../../../../libstdc++-v3/libsupc++/del_op.cc:49
#3  0x29612cc2 in operator delete[] (ptr=<value optimized out>) at ../../../../libstdc++-v3/libsupc++/del_opv.cc:37
#4  0x0040068a in main (argc=1, argv=0x7bb26814) at double_free.cpp:47

    After entering __libc_message:

    #0  __libc_message (do_abort=2, fmt=0x297d09c8 "*** glibc detected *** %s: %s: 0x%s *** ") at ../sysdeps/unix/sysv/linux/libc_fatal.c:50
#1  0x2974f3a8 in malloc_printerr (action=3, str=0x297d0b5c "double free or corruption (top)", ptr=<value optimized out>) at malloc.c:5887
#2  0x297f3700 in _IO_wide_data_2 () from /cygdrive/c/STM/SH4-Linux-gcc/opt/STM/STLinux2.3/devkit/sh4/target/lib/libc.so.6
Backtrace stopped: frame did not save the PC

    Maybe it has something to do with attribute((noreturn)) and compiler optimization?

    • 0