https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92207
--- Comment #6 from Christophe Lyon <clyon at gcc dot gnu.org> --- In particular, the execution continues after the last block dumped by qemu: 0x00018e40: e5974008 ldr r4, [r7, #8] 0x00018e44: e0898008 add r8, sb, r8 0x00018e48: e3888001 orr r8, r8, #1 0x00018e4c: e5848004 str r8, [r4, #4] 0x00018e50: eaffff14 b #0x18aa8 I set a breakpoint at 0x00018e40, then single-step until the crash: => 0x18e40 <_malloc_r+1732>: ldr r4, [r7, #8] => 0x18e44 <_malloc_r+1736>: add r8, r9, r8 => 0x18e48 <_malloc_r+1740>: orr r8, r8, #1 => 0x18e4c <_malloc_r+1744>: str r8, [r4, #4] => 0x18e50 <_malloc_r+1748>: b 0x18aa8 <_malloc_r+812> => 0x18aa8 <_malloc_r+812>: ldr r3, [r10, #44] ; 0x2c => 0x18aac <_malloc_r+816>: cmp r3, r1 => 0x18ab0 <_malloc_r+820>: ldr r3, [r10, #48] ; 0x30 => 0x18ab4 <_malloc_r+824>: strcc r1, [r10, #44] ; 0x2c => 0x18ab8 <_malloc_r+828>: cmp r3, r1 => 0x18abc <_malloc_r+832>: strcc r1, [r10, #48] ; 0x30 => 0x18ac0 <_malloc_r+836>: bic r8, r8, #3 => 0x18ac4 <_malloc_r+840>: sub r3, r8, r5 => 0x18ac8 <_malloc_r+844>: cmp r3, #15 => 0x18acc <_malloc_r+848>: movgt r2, #0 => 0x18ad0 <_malloc_r+852>: movle r2, #1 => 0x18ad4 <_malloc_r+856>: cmp r5, r8 => 0x18ad8 <_malloc_r+860>: orrhi r2, r2, #1 => 0x18adc <_malloc_r+864>: cmp r2, #0 => 0x18ae0 <_malloc_r+868>: beq 0x18ba4 <_malloc_r+1064> => 0x18ba4 <_malloc_r+1064>: add r2, r4, r5 => 0x18ba8 <_malloc_r+1068>: orr r3, r3, #1 => 0x18bac <_malloc_r+1072>: orr r5, r5, #1 => 0x18bb0 <_malloc_r+1076>: str r5, [r4, #4] => 0x18bb4 <_malloc_r+1080>: mov r0, r6 => 0x18bb8 <_malloc_r+1084>: str r2, [r7, #8] => 0x18bbc <_malloc_r+1088>: add r4, r4, #8 => 0x18bc0 <_malloc_r+1092>: str r3, [r2, #4] (gdb) p /x $r2 $1 = 0x804a568 (gdb) si Program received signal SIGSEGV, Segmentation fault. 0x00018bc0 in _malloc_r (reent_ptr=0x49098 <impure_data>, bytes=<optimized out>) at /tmp/7992549.tmpdir/aci-gcc-fsf/sources/newlib/newlib/libc/stdlib/mallocr.c:2592 2592 in /tmp/7992549.tmpdir/aci-gcc-fsf/sources/newlib/newlib/libc/stdlib/mallocr.c