=================================================================
==14818== ERROR: AddressSanitizer: heap-use-after-free on address 0x608e00080888 at pc 0x2298122 bp 0x7fff2dd51960 sp 0x7fff2dd51958
READ of size 4 at 0x608e00080888 thread T0
    #0 0x2298121 in BLI_mempool_iterstep ./source/blender/blenlib/intern/BLI_mempool.c:518
    #1 0x1885179 in bmiter__face_of_mesh_step ./source/blender/bmesh/intern/bmesh_iterators.c:334
    #2 0x1833bf3 in BM_iter_step ./source/blender/bmesh/intern/bmesh_iterators_inline.h:42
    #3 0x1838e7e in bmo_remove_tagged_context_verts ./source/blender/bmesh/intern/bmesh_construct.c:569
    #4 0x183b096 in BMO_remove_tagged_context ./source/blender/bmesh/intern/bmesh_construct.c:614
    #5 0x19e365b in bmo_delete_exec ./source/blender/bmesh/operators/bmo_dupe.c:456
    #6 0x18ef019 in BMO_op_exec ./source/blender/bmesh/intern/bmesh_operators.c:219
    #7 0x105a17f in EDBM_op_callf ./source/blender/editors/mesh/editmesh_utils.c:267
    #8 0x10ea8ee in edbm_delete_exec ./source/blender/editors/mesh/editmesh_tools.c:334
    #9 0x8b287d in wm_operator_invoke ./source/blender/windowmanager/intern/wm_event_system.c:1006
    #10 0x8b3690 in wm_operator_call_internal ./source/blender/windowmanager/intern/wm_event_system.c:1185
    #11 0x8b3837 in WM_operator_name_call ./source/blender/windowmanager/intern/wm_event_system.c:1234
    #12 0xf0c8a1 in ui_apply_but_funcs_after ./source/blender/editors/interface/interface_handlers.c:499 (discriminator 3)
    #13 0xf476d5 in ui_handler_popup ./source/blender/editors/interface/interface_handlers.c:7749
    #14 0x8aeeb9 in wm_handler_ui_call ./source/blender/windowmanager/intern/wm_event_system.c:416
    #15 0x8b6e1b in wm_handlers_do_intern ./source/blender/windowmanager/intern/wm_event_system.c:1868
    #16 0x8b73ee in wm_handlers_do ./source/blender/windowmanager/intern/wm_event_system.c:1947
    #17 0x8b8a1e in wm_event_do_handlers ./source/blender/windowmanager/intern/wm_event_system.c:2193
    #18 0x89fa7b in WM_main ./source/blender/windowmanager/intern/wm.c:459 (discriminator 1)
    #19 0x89e0a6 in main ./source/creator/creator.c:1673
    #20 0x7f277d4d9de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
    #21 0x899948 in _start ??:?
0x608e00080888 is located 3720 bytes inside of 28752-byte region [0x608e0007fa00,0x608e00086a50)
freed by thread T0 here:
    #0 0x7f2780d0e4ca in __interceptor_free ??:?
    #1 0x23b2e2f in rem_memblock ./intern/guardedalloc/intern/mallocn.c:987
    #2 0x23b2526 in MEM_freeN ./intern/guardedalloc/intern/mallocn.c:885
    #3 0x22968d6 in mempool_chunk_free ./source/blender/blenlib/intern/BLI_mempool.c:217
    #4 0x2296952 in mempool_chunk_free_all ./source/blender/blenlib/intern/BLI_mempool.c:227 (discriminator 2)
    #5 0x2297354 in BLI_mempool_free ./source/blender/blenlib/intern/BLI_mempool.c:356
    #6 0x1850728 in bm_kill_only_face ./source/blender/bmesh/intern/bmesh_core.c:617
    #7 0x1850e0f in BM_face_kill ./source/blender/bmesh/intern/bmesh_core.c:714
    #8 0x1833ba9 in BMO_remove_tagged_faces ./source/blender/bmesh/intern/bmesh_construct.c:508
    #9 0x1838e7e in bmo_remove_tagged_context_verts ./source/blender/bmesh/intern/bmesh_construct.c:569
    #10 0x183b096 in BMO_remove_tagged_context ./source/blender/bmesh/intern/bmesh_construct.c:614
    #11 0x19e365b in bmo_delete_exec ./source/blender/bmesh/operators/bmo_dupe.c:456
    #12 0x18ef019 in BMO_op_exec ./source/blender/bmesh/intern/bmesh_operators.c:219
    #13 0x105a17f in EDBM_op_callf ./source/blender/editors/mesh/editmesh_utils.c:267
    #14 0x10ea8ee in edbm_delete_exec ./source/blender/editors/mesh/editmesh_tools.c:334
    #15 0x8b287d in wm_operator_invoke ./source/blender/windowmanager/intern/wm_event_system.c:1006
    #16 0x8b3690 in wm_operator_call_internal ./source/blender/windowmanager/intern/wm_event_system.c:1185
    #17 0x8b3837 in WM_operator_name_call ./source/blender/windowmanager/intern/wm_event_system.c:1234
    #18 0xf0c8a1 in ui_apply_but_funcs_after ./source/blender/editors/interface/interface_handlers.c:499 (discriminator 3)
    #19 0xf476d5 in ui_handler_popup ./source/blender/editors/interface/interface_handlers.c:7749
    #20 0x8aeeb9 in wm_handler_ui_call ./source/blender/windowmanager/intern/wm_event_system.c:416
    #21 0x8b6e1b in wm_handlers_do_intern ./source/blender/windowmanager/intern/wm_event_system.c:1868
    #22 0x8b73ee in wm_handlers_do ./source/blender/windowmanager/intern/wm_event_system.c:1947
    #23 0x8b8a1e in wm_event_do_handlers ./source/blender/windowmanager/intern/wm_event_system.c:2193
    #24 0x89fa7b in WM_main ./source/blender/windowmanager/intern/wm.c:459 (discriminator 1)
    #25 0x89e0a6 in main ./source/creator/creator.c:1673
    #26 0x7f277d4d9de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
previously allocated by thread T0 here:
    #0 0x7f2780d0e5aa in malloc ??:?
    #1 0x23b130e in MEM_mallocN ./intern/guardedalloc/intern/mallocn.c:530
    #2 0x229646a in mempool_chunk_alloc ./source/blender/blenlib/intern/BLI_mempool.c:140
    #3 0x2296cec in BLI_mempool_create ./source/blender/blenlib/intern/BLI_mempool.c:274 (discriminator 2)
    #4 0x18bd965 in bm_mempool_init ./source/blender/bmesh/intern/bmesh_mesh.c:56
    #5 0x18c0d22 in BM_mesh_create ./source/blender/bmesh/intern/bmesh_mesh.c:140
    #6 0x1e8e199 in BKE_mesh_to_bmesh ./source/blender/blenkernel/intern/mesh.c:535
    #7 0x105aa6a in EDBM_mesh_make ./source/blender/editors/mesh/editmesh_utils.c:358
    #8 0x115250e in ED_object_editmode_enter ./source/blender/editors/object/object_edit.c:482
    #9 0x1152bd3 in editmode_toggle_exec ./source/blender/editors/object/object_edit.c:574
    #10 0x8b287d in wm_operator_invoke ./source/blender/windowmanager/intern/wm_event_system.c:1006
    #11 0x8b3690 in wm_operator_call_internal ./source/blender/windowmanager/intern/wm_event_system.c:1185
    #12 0x8b3837 in WM_operator_name_call ./source/blender/windowmanager/intern/wm_event_system.c:1234
    #13 0x115c404 in object_mode_set_exec ./source/blender/editors/object/object_edit.c:1600
    #14 0x8b287d in wm_operator_invoke ./source/blender/windowmanager/intern/wm_event_system.c:1006
    #15 0x8b564b in wm_handler_operator_call ./source/blender/windowmanager/intern/wm_event_system.c:1568
    #16 0x8b6c3f in wm_handlers_do_intern ./source/blender/windowmanager/intern/wm_event_system.c:1836
    #17 0x8b73ee in wm_handlers_do ./source/blender/windowmanager/intern/wm_event_system.c:1947
    #18 0x8b8dae in wm_event_do_handlers ./source/blender/windowmanager/intern/wm_event_system.c:2239
    #19 0x89fa7b in WM_main ./source/blender/windowmanager/intern/wm.c:459 (discriminator 1)
    #20 0x89e0a6 in main ./source/creator/creator.c:1673
    #21 0x7f277d4d9de4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
Shadow bytes around the buggy address:
  0x0c12400080c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c12400080d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c12400080e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c12400080f0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008100: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c1240008110: fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008120: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008130: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008140: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008150: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c1240008160: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
==14818== ABORTING