Android crash dump

I have the following crash log and complete source code of app.

All I see is call to abort in libc while calling free (which was probably called from libstdc++ delete which is not even shown.) How do I debug my problem? Any ideas?

Can I use the information in code around pc, code around lr or addresses on stack in any way to know more about the issue?

What could be the possible causes??

06-03 13:57:27.837: INFO/DEBUG(1955): Build fingerprint: 'samsung/GT-I5801/GT-I5801/GT-I5801:2.1-update1/ECLAIR/DDJG6:user/release-keys'
06-03 13:57:27.837: INFO/DEBUG(1955): pid: 14328, tid: 14328  >>> com.google <<<
06-03 13:57:27.837: INFO/DEBUG(1955): signal 11 (SIGSEGV), fault addr deadbaad
06-03 13:57:27.837: INFO/DEBUG(1955):  r0 00000000  r1 afe1337d  r2 00000027  r3 00000000
06-03 13:57:27.837: INFO/DEBUG(1955):  r4 00000000  r5 deadbaad  r6 00002ee0  r7 00000000
06-03 13:57:27.837: INFO/DEBUG(1955):  r8 ac148410  r9 00000000  10 00411930  fp 0002ff84
06-03 13:57:27.842: INFO/DEBUG(1955):  ip ffffffff  sp beb315e8  lr afe1433d  pc afe10ca8  cpsr 40000030
06-03 13:57:27.917: INFO/DEBUG(1955):          #00  pc 00010ca8  /system/lib/libc.so (libc_android_abort)
06-03 13:57:27.917: INFO/DEBUG(1955):          #01  pc 00开发者_开发技巧00b3ae  /system/lib/libc.so (free)
06-03 13:57:27.917: INFO/DEBUG(1955): code around pc:
06-03 13:57:27.917: INFO/DEBUG(1955): afe10c98 4e17d003 51a02001 4d164798 24002227 
06-03 13:57:27.917: INFO/DEBUG(1955): afe10ca8 f7fb702a 2106ee52 ef1ef7fc 05592380 
06-03 13:57:27.922: INFO/DEBUG(1955): afe10cb8 6091aa01 1c116054 94012006 eb0cf7fc 
06-03 13:57:27.922: INFO/DEBUG(1955): code around lr:
06-03 13:57:27.922: INFO/DEBUG(1955): afe1432c 220ce008 2b005eab 1c28d003 47889901 
06-03 13:57:27.922: INFO/DEBUG(1955): afe1433c 35544306 d5f43f01 2c006824 b003d1ee 
06-03 13:57:27.922: INFO/DEBUG(1955): afe1434c bdf01c30 00024ae4 000000b4 1c0fb5f0 
06-03 13:57:27.922: INFO/DEBUG(1955): stack:
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315a8  00000015  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315ac  afe133ad  /system/lib/libc.so (_sflush)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315b0  afe3902c  /system/lib/libc.so (_data_start)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315b4  afe38fd8  /system/lib/libc.so (_data_start)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315b8  00000000  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315bc  afe1433d  /system/lib/libc.so (_fwalk)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315c0  00002bbc  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315c4  afe1337d  /system/lib/libc.so (_sflush)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315c8  00000008  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315cc  afe38e08  /system/lib/libc.so (??)
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315d0  00000000  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315d4  00002ee0  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315d8  00000000  
06-03 13:57:27.922: INFO/DEBUG(1955):     beb315dc  afe1361b  /system/lib/libc.so (_cleanup)
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315e0  df002777  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315e4  e3a070ad  
06-03 13:57:27.927: INFO/DEBUG(1955): #00 beb315e8  00002bbc  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315ec  000000dc  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315f0  afe3bb7c  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315f4  afe0f410  /system/lib/libc.so (pthread_mutex_lock)
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315f8  afe38e08  /system/lib/libc.so
06-03 13:57:27.927: INFO/DEBUG(1955):     beb315fc  fffffbdf  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31600  afe38e08  /system/lib/libc.so
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31604  afe3b9c4  
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31608  0000a000  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb3160c  afe0b3b3  /system/lib/libc.so (free)
06-03 13:57:27.927: INFO/DEBUG(1955): #01 beb31610  afe38e08  /system/lib/libc.so
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31614  afe0b3b3  /system/lib/libc.so
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31618  00300fe0  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb3161c  000bdff8  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31620  00300fe0  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31624  000be010  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31628  000b8c50  [heap]
06-03 13:57:27.927: INFO/DEBUG(1955):     beb3162c  ac0a5118  /system/lib/libskia.so (ft_mem_free)
06-03 13:57:27.927: INFO/DEBUG(1955):     beb31630  00002bbc  
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31634  ac0a997c  /system/lib/libskia.so (FT_Done_Face)
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31638  00124f60  [heap]
06-03 13:57:27.932: INFO/DEBUG(1955):     beb3163c  00124f60  [heap]
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31640  ac14762c  /system/lib/libskia.so
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31644  00410cd8  [heap]
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31648  00000bc0  
06-03 13:57:27.932: INFO/DEBUG(1955):     beb3164c  ac04cedc  /system/lib/libskia.so
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31650  00410eb8  [heap]
06-03 13:57:27.932: INFO/DEBUG(1955):     beb31654  00000000  

First you should get the symbols of your libc.so. You can find it under your "out" directory. after that run "nm –gCl libc.so", this will print out all the symbols in your lib, plus the addresses they were in. Compare those addresses with the addresses in your coredump, you will be able to recover the call stack at the crash time.

Below are some of the output I get on my libc.so 00021595 T wcswidth bionic/libc/wchar/wcswidth.c:44 00020909 T wcsxfrm bionic/libc/stdlib/wchar.c:305 000208d5 T wctob bionic/libc/stdlib/wchar.c:311 000208e1 T wctype bionic/libc/stdlib/wchar.c:316 000208d9 T wcwidth bionic/libc/stdlib/wchar.c:333 000215c5 T wmemchr bionic/libc/wchar/wmemchr.c:40 000215dd T wmemcmp bionic/libc/wchar/wmemcmp.c:40 00021605 T wmemcpy bionic/libc/wchar/wmemcpy.c:41 00021611 T wmemmove bionic/libc/wchar/wmemmove.c:41