Ricochet crashes on start with AddressSanitizer: new-delete-type-mismatch

Bug #1637995 reported by dllud on 2016-10-31
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ricochet-im (Ubuntu)
Undecided
Unassigned

Bug Description

The current build of ricochet-im in 16.10 crashes on start. This did not happen with 16.04.

Perhaps you'll have to disable ASAN: https://github.com/ricochet-im/ricochet/issues/402

Here is the stack trace:

> ricochet
=================================================================
==18219==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x6040007397d0 in thread T0:
  object passed to delete has wrong type:
  size of the allocated type: 48 bytes;
  size of the deallocated type: 16 bytes.
    #0 0x7fe40bc31bf0 in operator delete(void*, unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc8bf0)
    #1 0x7fe3ef8d000e (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x49b00e)
    #2 0x7fe3ef8c7f7b (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x492f7b)
    #3 0x7fe3ef8c8584 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x493584)
    #4 0x7fe3ef927a7d (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x4f2a7d)
    #5 0x7fe3ef931027 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x4fc027)
    #6 0x7fe3ef65f964 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x22a964)
    #7 0x7fe3ef6619d5 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x22c9d5)
    #8 0x7fe3ef6620ad (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x22d0ad)
    #9 0x7fe3ef609ba0 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x1d4ba0)
    #10 0x7fe3ef654b90 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x21fb90)
    #11 0x7fe3ef66aed0 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x235ed0)
    #12 0x7fe3ef4ed2e0 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0xb82e0)
    #13 0x7fe3ef5867a6 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x1517a6)
    #14 0x7fe3ef586840 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x151840)
    #15 0x7fe3ef59b384 (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x166384)
    #16 0x7fe3ef59c22f (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x16722f)
    #17 0x7fe40a70fef0 in QOpenGLTextureGlyphCache::createTextureData(int, int) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x440ef0)
    #18 0x7fe40a6880db in QTextureGlyphCache::fillInPendingGlyphs() (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x3b90db)
    #19 0x7fe40b042357 (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x15f357)
    #20 0x7fe40b040293 (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x15d293)
    #21 0x7fe40b0c3a76 (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1e0a76)
    #22 0x7fe40b0c86d3 (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1e56d3)
    #23 0x7fe40b0c499b (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1e199b)
    #24 0x7fe40b0c3459 in QQuickText::updatePaintNode(QSGNode*, QQuickItem::UpdatePaintNodeData*) (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1e0459)
    #25 0x7fe40b08296f in QQuickWindowPrivate::updateDirtyNode(QQuickItem*) (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x19f96f)
    #26 0x7fe40b08318a in QQuickWindowPrivate::updateDirtyNodes() (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1a018a)
    #27 0x7fe40b0841cd in QQuickWindowPrivate::syncSceneGraph() (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1a11cd)
    #28 0x7fe40b0522bd (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x16f2bd)
    #29 0x7fe40b053a47 (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x170a47)
    #30 0x7fe40a3daf64 in QWindow::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x10bf64)
    #31 0x7fe40b08da12 in QQuickWindow::event(QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Quick.so.5+0x1aaa12)
    #32 0x7fe40a9b78ab in QApplicationPrivate::notify_helper(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x15c8ab)
    #33 0x7fe40a9bcd4e in QApplication::notify(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5+0x161d4e)
    #34 0x7fe409c803af in QCoreApplication::notifyInternal2(QObject*, QEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2853af)
    #35 0x7fe40a3d029c in QGuiApplicationPrivate::processExposeEvent(QWindowSystemInterfacePrivate::ExposeEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x10129c)
    #36 0x7fe40a3d0e7c in QGuiApplicationPrivate::processWindowSystemEvent(QWindowSystemInterfacePrivate::WindowSystemEvent*) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0x101e7c)
    #37 0x7fe40a3aeb2a in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Gui.so.5+0xdfb2a)
    #38 0x7fe3fe89365f (/usr/lib/x86_64-linux-gnu/libQt5XcbQpa.so.5+0x7165f)
    #39 0x7fe4073147d6 in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4a7d6)
    #40 0x7fe407314a3f (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4aa3f)
    #41 0x7fe407314aeb in g_main_context_iteration (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x4aaeb)
    #42 0x7fe409cd648e in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2db48e)
    #43 0x7fe409c7e0f9 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x2830f9)
    #44 0x7fe409c8690b in QCoreApplication::exec() (/usr/lib/x86_64-linux-gnu/libQt5Core.so.5+0x28b90b)
    #45 0x55cc20a45789 (/usr/bin/ricochet+0x2c4789)
    #46 0x7fe40839d3f0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x203f0)
    #47 0x55cc20a4b1d9 (/usr/bin/ricochet+0x2ca1d9)

0x6040007397d0 is located 0 bytes inside of 48-byte region [0x6040007397d0,0x604000739800)
allocated by thread T0 here:
    #0 0x7fe40bc30ef0 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc7ef0)
    #1 0x7fe3ef9203ca (/usr/lib/x86_64-linux-gnu/dri/nouveau_dri.so+0x4eb3ca)

SUMMARY: AddressSanitizer: new-delete-type-mismatch (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc8bf0) in operator delete(void*, unsigned long)
==18219==HINT: if you don't care about these errors you may set ASAN_OPTIONS=new_delete_type_mismatch=0
==18219==ABORTING

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers