Thanks. If you have the environment ready for reproducing this, before I get to setting up such environment myself, could you check what values punit->activity and punit->activity_target have on that final backtrace frame.
E.g., on the same gdb prompt where you get the backtrace:
# print punit->activity;
# print punit->activity_target;
# print unit_rule_name(punit);
Sure:
(gdb) print punit->activity $1 = ACTIVITY_IRRIGATE (gdb) print punit->activity_target $2 = (struct extra_type *) 0x0 (gdb) print unit_rule_name(punit) $3 = 0x555555c44ed0 <unit_types+2960> "Workers"
Let me now if you need anything else.
Even without figuring exact details of this case, I think we have a general problem in that a change on "tile + units doing activities on it" is not atomic, and which ever order we send those packets there's always a chance that activity of some unit is not compatible with the terrain on tile (or some other tile property).
However, as this is only temporary situation (the other packets are enroute already), I guess we can just skip handling of that illegal state and wait that later packet turns it legal and refreshes the UI.
Seems to me that S2_6 would be affected, but as I have no reason to believe that this is a regression since 2.6.8, I'd rather not postpone 2.6.9 release to fix this.
I hope attached patch fix this.
It's also possible that it just postpones the crash by some code lines.
Reply To cazfi
I hope attached patch fix this. It's also possible that it just postpones the crash by some code lines.
It seems to work. My savegame no longer crashes with this patch applied (S3_0). I continued the game 10 more turns without further crashes.
I was playing my custom ruleset with freeciv 3.0.7 + patch #47856. It crashes every time I end the turn with qt client, but I can continue the game with gtk.
The backtrace:
#0 0x00005555557cf4b5 in calc_activity (calc=calc@entry=0x55555b4db8e0, ptile=ptile@entry=0x555556e1a940, pmodunit=pmodunit@entry=0x0, new_act=new_act@entry=ACTIVITY_LAST, new_tgt=new_tgt@entry=0x0) at clientutils.c:80 Python Exception <class 'gdb.MemoryError'> No se puede acceder a la memoria en la dirección 0x0: eidx = #1 0x00005555557cf9dd in concat_tile_activity_text (ptile=ptile@entry=0x555556e1a940) at clientutils.c:228 calc = 0x55555b4db8e0 num_activities = 0 str = {_private_str_ = 0x55555790ef30 "", _private_n_ = 12, _private_n_alloc_ = 15} __FUNCTION__ = "concat_tile_activity_text" #2 0x0000555555674d4f in popup_info_text (ptile=0x555556e1a940) at text.c:341 activity_text = <optimized out> pcity = 0x55555b0748e0 punit = 0x55555b13e9f0 diplo_nation_plural_adjectives = {0x555555983fed "", 0x5555559269f3 "Hostile", 0x555555983fed "", 0x555555926a03 "Peaceful", 0x555555926a14 "Friendly", 0x555555926a25 "Mysterious", 0x555555926a38 "Friendly(team)"} diplo_city_adjectives = {0x555555983fed "", 0x555555926a4d "Hostile", 0x555555983fed "", 0x555555926a5b "Peaceful", 0x555555926a6a "Friendly", 0x555555926a79 "Mysterious", 0x555555926a8a "Friendly(team)"} str = {_private_str_ = 0x5555576bb8a0 "Location: (51, 35) [2]\nNative coordinates: (24, 54)\nTerrain: Plains\nFood/Prod/Trade: 2/2/1\nCity: Maputo | davidf (Zulu, team Team 1) | Occupied with 4 units.\nInfrastructure: Road", _private_n_ = 179, _private_n_alloc_ = 307} username = "davidf\000\000\240\242\331VUU\000\000\200\301\331VUU\000\000\340bKWUU\000\000\060\316\377\377\377\177\000\000\360\351\023[UU\000\000\000\000\000\000\000\000\000\000`\000\000\000;", '\000' <repetidos 18 veces> nation = "Zulu, team Team 1\000\377\377\377\177\000\000\000\377\335\304ˊc\236\240\242\331VUU\000\000\340bKWUU\000\000\060\316\377\377\377\177\000\000\n}\270\366\377\177\000\000\000\000\000\000\000\000\000\000`\000\000\000;\000\000\000 \000\000\000\000\000\000\000\000\377\335\304ˊc\236\240\242\331VUU\000\000\200\301\331VUU\000\000\340bKWUU\000\000\361\227\270\366\377\177\000" tile_x = <optimized out> tile_y = <optimized out> nat_x = <optimized out> nat_y = <optimized out> first = <optimized out> __FUNCTION__ = "popup_info_text" #3 0x0000555555705825 in hud_units::update_actions(unit_list*) (this=0x555556d9a240, punits=<optimized out>) at hudwidget.cpp:760 num = <optimized out> wwidth = 86 font_width = <optimized out> expanded_unit_width = <optimized out> font = {static staticMetaObject = {d = {superdata = 0x0, stringdata = 0x7ffff7a02700, data = 0x7ffff7a02440, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}, d = {d = 0x555556f2dcb0}, resolve_mask = 4991} fm = <optimized out> cropped_img = <tipo incompleto> img = <tipo incompleto> p = {static staticMetaObject = {d = {superdata = 0x0, stringdata = 0x7ffff7a07940, data = 0x7ffff7a07860, static_metacall = 0x0, relatedMetaObjects = 0x0, extradata = 0x0}}, d_ptr = {d = 0x555557611a10}} pix = <tipo incompleto> pix2 = <tipo incompleto> crop = {x1 = 1, y1 = 24, x2 = 95, y2 = 71} --Type <RET> for more, q to quit, c to continue without paging--c bounding_rect = {x1 = 5, y1 = 23, x2 = 23, y2 = 59} mp = {static null = {<No data fields>}, d = 0x5555572c9ee0} snum = {static null = {<No data fields>}, d = 0x555557843fc0} fraction1 = {static null = {<No data fields>}, d = 0x7ffff72e4680 <QArrayData::shared_null>} fraction2 = {static null = {<No data fields>}, d = 0x7ffff72e4680 <QArrayData::shared_null>} text_str = {static null = {<No data fields>}, d = 0x55555af43150} move_pt_text = {static null = {<No data fields>}, d = 0x5555575fd610} tile_pixmap = 0x555557a0cb90 unit_pixmap = 0x555557057ed0 pcity = <optimized out> owner = <optimized out> tmp = 0x0 punit = 0x55555b13e9f0 #4 0x000055555565d7d4 in handle_unit_packet_common (packet_unit=packet_unit@entry=0x55555b6b1940) at packhand.c:1953 pcity = <optimized out> punit = 0x55555b13e9f0 need_menus_update = true need_economy_report_update = false need_units_report_update = false repaint_unit = true repaint_city = <optimized out> old_tile = 0x0 check_focus = false moved = false ret = true __FUNCTION__ = "handle_unit_packet_common" #5 0x0000555555660a01 in handle_unit_info (packet=packet@entry=0x555558373f50) at packhand.c:1551 punit = 0x55555b6b1940 #6 0x000055555566a5aa in client_handle_packet (type=type@entry=PACKET_UNIT_INFO, packet=packet@entry=0x555558373f50) at packhand_gen.c:191 #7 0x0000555555629aca in client_packet_input (packet=packet@entry=0x555558373f50, type=63) at client_main.c:792 __FUNCTION__ = "client_packet_input" #8 0x00005555556315bc in input_from_server (fd=fd@entry=20) at clinet.c:420 type = PACKET_UNIT_INFO packet = 0x555558373f50 nb = <optimized out> __FUNCTION__ = "input_from_server" #9 0x00005555556da8f4 in fc_client::server_input(int) (this=0x555556d4c730, sock=20) at fc_client.cpp:461 #10 0x00007ffff722f328 in QMetaObject::activate(QObject*, int, int, void**) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #11 0x00007ffff723beb5 in QSocketNotifier::activated(int, QSocketNotifier::QPrivateSignal) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #12 0x00007ffff723c211 in QSocketNotifier::event(QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #13 0x00007ffff6a4ca66 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5 #14 0x00007ffff6a560f0 in QApplication::notify(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Widgets.so.5 #15 0x00007ffff720380a in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #16 0x00007ffff725c095 in () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #17 0x00007ffff34b617d in g_main_context_dispatch () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #18 0x00007ffff34b6400 in () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #19 0x00007ffff34b64a3 in g_main_context_iteration () at /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0 #20 0x00007ffff725b435 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #21 0x00007ffff72023ab in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #22 0x00007ffff720a116 in QCoreApplication::exec() () at /usr/lib/x86_64-linux-gnu/libQt5Core.so.5 #23 0x00005555556dabc1 in fc_client::fc_main(QApplication*) (this=0x555556d4c730, qapp=0x555555d193c0) at fc_client.cpp:256 #24 0x0000555555628133 in qtg_ui_main(int, char**) (argc=<optimized out>, argv=<optimized out>) at gui_main.cpp:209 qpm = <optimized out> app_icon = {d = 0x55555626a2f0} tsret = 0 #25 0x000055555562ad44 in client_main (argc=1, argv=0x7fffffffdb48, postpone_tileset=<optimized out>) at client_main.c:703 i = 1 loglevel = LOG_NORMAL ui_options = <optimized out> ui_separator = <optimized out> option = <optimized out> fatal_assertions = -1 aii = 1 uret = <optimized out> __FUNCTION__ = "client_main" #26 0x00007ffff63a3083 in __libc_start_main (main=0x555555625a20 <main(int, char**)>, argc=1, argv=0x7fffffffdb48, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffdb38) at ../csu/libc-start.c:308 result = <optimized out> unwind_buf = {cancel_jmp_buf = {{jmp_buf = {93824996146240, 3760626952766532344, 93824993096144, 140737488345920, 0, 0, -3760626951876203784, -3760643962842993928}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x1, 0x7fffffffdb48}, data = {prev = 0x0, cleanup = 0x0, canceltype = 1}}} not_first_call = <optimized out> #27 0x00005555556271fe in _start () at gui_main.cpp:104