diff --git a/DevTools/UserspaceEmulator/MallocTracer.cpp b/DevTools/UserspaceEmulator/MallocTracer.cpp
index 07b8123454..67f921268a 100644
--- a/DevTools/UserspaceEmulator/MallocTracer.cpp
+++ b/DevTools/UserspaceEmulator/MallocTracer.cpp
@@ -101,8 +101,11 @@ void MallocTracer::audit_read(FlatPtr address, size_t size)
     if (mallocation->freed) {
         dbgprintf("\n");
         dbgprintf("==%d==  \033[31;1mUse-after-free\033[0m, invalid %zu-byte read at address %p\n", s_pid, size, address);
-        dbgprintf("==%d==  Address is %zu bytes into freed block of size %zu\n", s_pid, offset_into_mallocation, mallocation->size);
         Emulator::the().dump_backtrace();
+        dbgprintf("==%d==  Address is %zu bytes into block of size %zu, allocated at:\n", s_pid, offset_into_mallocation, mallocation->size);
+        Emulator::the().dump_backtrace(mallocation->malloc_backtrace);
+        dbgprintf("==%d==  Later freed at:\n", s_pid, offset_into_mallocation, mallocation->size);
+        Emulator::the().dump_backtrace(mallocation->free_backtrace);
         return;
     }
 }
@@ -124,8 +127,11 @@ void MallocTracer::audit_write(FlatPtr address, size_t size)
     if (mallocation->freed) {
         dbgprintf("\n");
         dbgprintf("==%d==  \033[31;1mUse-after-free\033[0m, invalid %zu-byte write at address %p\n", s_pid, size, address);
-        dbgprintf("==%d==  Address is %zu bytes into freed block of size %zu\n", s_pid, offset_into_mallocation, mallocation->size);
         Emulator::the().dump_backtrace();
+        dbgprintf("==%d==  Address is %zu bytes into block of size %zu, allocated at:\n", s_pid, offset_into_mallocation, mallocation->size);
+        Emulator::the().dump_backtrace(mallocation->malloc_backtrace);
+        dbgprintf("==%d==  Later freed at:\n", s_pid, offset_into_mallocation, mallocation->size);
+        Emulator::the().dump_backtrace(mallocation->free_backtrace);
         return;
     }
 }