Bug #2043
opengtk3.22 client crash: government.c:156:10: runtime error: null pointer passed as argument 1, which is declared to never be null
0%
Description
branch main
commit b7f428b7e2ae3c46c6922f7f39ab47692f459f8c
CFLAGS="-march=native -Og -pipe -Wall -g3 -fsanitize=undefined" CXXFLAGS="-march=native -Og -pipe -Wall -g3 -fsanitize=undefined"
~/opt/freeciv-main-20260604/bin/freeciv-gtk3.22 --version
Freeciv version 3.3.90.12-dev gui-gtk-3.22
/opt/freeciv-main-20260604/bin/freeciv-gtk3.22
[...]
../../common/government.c:156:10: runtime error: null pointer passed as argument 1, which is declared to never be null
../../common/government.c:143:10: runtime error: member access within null pointer of type 'const struct government'
fish: Job 1, '/opt/freeciv-main-20260604/bin…' terminated by signal SIGSEGV (Address boundary error)
(gdb) bt full
#0 0x0000558844872f35 in name_translation_get (ptrans=0x8) at ../../common/name_translation.h:123
#1 government_name_translation (pgovern=pgovern@entry=0x0) at ../../common/government.c:143
#2 0x0000558844872faf in government_name_for_player (pplayer=pplayer@entry=0x5588600bbc40) at ../../common/government.c:156
#3 0x00005588446b397d in col_government (them=0x5588600bbc40) at ../../client/plrdlg_common.c:329
buf = "Democracy\000lism", '\000' <repeats 85 times>
me = <optimized out>
#4 0x0000558844791edd in fill_row (store=0x55885bac89b0, it=it@entry=0x7fffaeb25700, pplayer=pplayer@entry=0x5588600bbc40) at ../../../client/gui-gtk-3.22/plrdlg.c:661
pcol = 0x558844c61800 <player_dlg_columns+768>
pixbuf = <optimized out>
style = 0
weight = 400
k = 16
#5 0x00005588447923d0 in real_players_dialog_update (unused=<optimized out>) at ../../../client/gui-gtk-3.22/plrdlg.c:753
pplayer = 0x5588600bbc40
pslotpplayer = 0x558860128a88
model = 0x55885bac89b0
iter = {stamp = -1564267901, user_data = 0x558860fbaba0, user_data2 = 0x0, user_data3 = 0x0}
selected = 0
#6 0x0000558844711a84 in update_unqueue (data=<optimized out>) at ../../client/update_queue.c:320
callback = 0x5588447922a4 <real_players_dialog_update>
uq_data = 0x55885c22be80
MY_mem_MY_iter = 0x7fffaeb25750 "\234\"\252D\210U"
MY_it_MY_iter = 0x7fffaeb25750
MY_iter = <optimized out>
hash = 0x55885a5c8010
#7 0x000055884461033c in idle_callback_wrapper (data=0x55885c209260) at ../../../client/gui-gtk-3.22/gui_main.c:2392
cb = 0x55885c209260
#8 0x00007ff58d6a0bfd in g_main_dispatch (context=0x55885844bf10) at ../glib/glib/gmain.c:3591
user_data = 0x55885c209260
callback = 0x55884461030b <idle_callback_wrapper>
gaig_temp = <optimized out>
gaig_temp = <optimized out>
cb_data = 0x55885c57b330
need_destroy = <optimized out>
dispatch = 0x7ff58d69ce20 <g_idle_dispatch>
prev_source = 0x0
was_in_call = 0
cb_funcs = 0x7ff58d7a03a0 <g_source_callback_funcs>
begin_time_nsec = 401157848555940
source = 0x55885b240fe0
gaig_temp = <optimized out>
current = 0x5588585714d0
i = 1
#9 0x00007ff58d6a2e57 in g_main_context_dispatch_unlocked (context=0x55885844bf10) at ../glib/glib/gmain.c:4451
#10 g_main_context_iterate_unlocked (context=0x55885844bf10, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4516
max_priority = 200
timeout_usec = 0
some_ready = 1
nfds = 4
allocated_nfds = <optimized out>
fds = <optimized out>
begin_time_nsec = <optimized out>
#11 0x00007ff58d6a31a7 in g_main_loop_run (loop=0x55885a2ab600) at ../glib/glib/gmain.c:4721
self = <optimized out>
#12 0x00007ff58ddeac4f in gtk_main () at ../gtk/gtk/gtkmain.c:1332
loop = 0x55885a2ab600
#13 0x0000558844615ebb in ui_main (argc=<optimized out>, argc@entry=1, argv=<optimized out>, argv@entry=0x7fffaeb26158) at ../../../client/gui-gtk-3.22/gui_main.c:2023
window_name = "Freeciv (gtk3.22)\000\000\000\000\000\000\000\307\245D\210U\000\000\000Z\262\256\377\177\000\000\360[\262\256\377\177\000\000\001\000\000\000\000\000\000\000\001\201\261D\210U\000\000(\001\000\000\000\000\000\0009g\245D\210U\000\000\020Z\262\256\377\177\000\000\000X,\352", '\000' <repeats 12 times>, " \000\000\0000\000\000\000\360[\262\256\377\177\000\000\020[\262\256\377\177\000\000colors.playerdlg_background0\000ble0\000\000t0\0000\000\000X,\352\2057Tq\240\a\000\000\000\000\000\000@\303[X\210U\000\000B9\253D\210U\000\000"...
toplevel_font_name = <optimized out>
sig = <optimized out>
#14 0x000055884461c512 in client_main (argc=1, argv=0x7fffaeb26158, postpone_tileset=postpone_tileset@entry=false) at ../../client/client_main.c:693
i = 1
loglevel = LOG_NORMAL
ui_options = 0
ui_separator = false
option = <optimized out>
fatal_assertions = -1
aii = <optimized out>
uret = <optimized out>
#15 0x0000558844614bf4 in main (argc=<optimized out>, argv=<optimized out>) at ../../../client/gui-gtk-3.22/gui_main.c:1765
Could be related to Issue 1943
Files
Updated by Michael Ortmann 6 days ago
branch main
commit b7f428b7e2ae3c46c6922f7f39ab47692f459f8c
CFLAGS="-march=native -Og -pipe -Wall -g3 -fsanitize=undefined" CXXFLAGS="-march=native -Og -pipe -Wall -g3 -fsanitize=undefined"
~/opt/freeciv-main-20260604/bin/freeciv-gtk3.22 --version
Freeciv version 3.3.90.12-dev gui-gtk-3.22
~/opt/freeciv-main-20260604/bin/freeciv-gtk3.22
[...]
../../common/government.c:156:10: runtime error: null pointer passed as argument 1, which is declared to never be null
../../common/government.c:143:10: runtime error: member access within null pointer of type 'const struct government'
fish: Job 1, '~/opt/freeciv-main-20260604/bin…' terminated by signal SIGSEGV (Address boundary error)
(gdb) bt full
#0 0x0000558844872f35 in name_translation_get (ptrans=0x8) at ../../common/name_translation.h:123
#1 government_name_translation (pgovern=pgovern@entry=0x0) at ../../common/government.c:143
#2 0x0000558844872faf in government_name_for_player (pplayer=pplayer@entry=0x5588600bbc40) at ../../common/government.c:156
#3 0x00005588446b397d in col_government (them=0x5588600bbc40) at ../../client/plrdlg_common.c:329
buf = "Democracy\000lism", '\000' <repeats 85 times>
me = <optimized out>
#4 0x0000558844791edd in fill_row (store=0x55885bac89b0, it=it@entry=0x7fffaeb25700, pplayer=pplayer@entry=0x5588600bbc40) at ../../../client/gui-gtk-3.22/plrdlg.c:661
pcol = 0x558844c61800 <player_dlg_columns+768>
pixbuf = <optimized out>
style = 0
weight = 400
k = 16
#5 0x00005588447923d0 in real_players_dialog_update (unused=<optimized out>) at ../../../client/gui-gtk-3.22/plrdlg.c:753
pplayer = 0x5588600bbc40
_pslotpplayer = 0x558860128a88
model = 0x55885bac89b0
iter = {stamp = -1564267901, user_data = 0x558860fbaba0, user_data2 = 0x0, user_data3 = 0x0}
selected = 0
#6 0x0000558844711a84 in update_unqueue (data=<optimized out>) at ../../client/update_queue.c:320
callback = 0x5588447922a4 <real_players_dialog_update>
uq_data = 0x55885c22be80
MY_mem_MY_iter = 0x7fffaeb25750 "\234\"\252D\210U"
MY_it_MY_iter = 0x7fffaeb25750
MY_iter = <optimized out>
hash = 0x55885a5c8010
#7 0x000055884461033c in idle_callback_wrapper (data=0x55885c209260) at ../../../client/gui-gtk-3.22/gui_main.c:2392
cb = 0x55885c209260
#8 0x00007ff58d6a0bfd in g_main_dispatch (context=0x55885844bf10) at ../glib/glib/gmain.c:3591
user_data = 0x55885c209260
callback = 0x55884461030b <idle_callback_wrapper>
gaig_temp = <optimized out>
gaig_temp = <optimized out>
cb_data = 0x55885c57b330
need_destroy = <optimized out>
dispatch = 0x7ff58d69ce20 <g_idle_dispatch>
prev_source = 0x0
was_in_call = 0
cb_funcs = 0x7ff58d7a03a0 <g_source_callback_funcs>
begin_time_nsec = 401157848555940
source = 0x55885b240fe0
gaig_temp = <optimized out>
current = 0x5588585714d0
i = 1
#9 0x00007ff58d6a2e57 in g_main_context_dispatch_unlocked (context=0x55885844bf10) at ../glib/glib/gmain.c:4451
#10 g_main_context_iterate_unlocked (context=0x55885844bf10, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/glib/gmain.c:4516
max_priority = 200
timeout_usec = 0
some_ready = 1
nfds = 4
allocated_nfds = <optimized out>
fds = <optimized out>
begin_time_nsec = <optimized out>
#11 0x00007ff58d6a31a7 in g_main_loop_run (loop=0x55885a2ab600) at ../glib/glib/gmain.c:4721
self = <optimized out>
#12 0x00007ff58ddeac4f in gtk_main () at ../gtk/gtk/gtkmain.c:1332
loop = 0x55885a2ab600
#13 0x0000558844615ebb in ui_main (argc=<optimized out>, argc@entry=1, argv=<optimized out>, argv@entry=0x7fffaeb26158) at ../../../client/gui-gtk-3.22/gui_main.c:2023
window_name = "Freeciv (gtk3.22)\000\000\000\000\000\000\000\307_\245D\210U\000\000\000Z\262\256\377\177\000\000\360[\262\256\377\177\000\000\001\000\000\000\000\000\000\000\001\201\261D\210U\000\000(\001\000\000\000\000\000\0009g\245D\210U\000\000\020Z\262\256\377\177\000\000\000X,\352", '\000' <repeats 12 times>, " \000\000\0000\000\000\000\360[\262\256\377\177\000\000\020[\262\256\377\177\000\000colors.playerdlg_background0\000ble0\000\000t0\0000\000\000X,\352\2057Tq\240\a\000\000\000\000\000\000@\303[X\210U\000\000B9\253D\210U\000\000"...
toplevel_font_name = <optimized out>
sig = <optimized out>
#14 0x000055884461c512 in client_main (argc=1, argv=0x7fffaeb26158, postpone_tileset=postpone_tileset@entry=false) at ../../client/client_main.c:693
i = 1
loglevel = LOG_NORMAL
ui_options = 0
ui_separator = false
option = <optimized out>
fatal_assertions = -1
aii = <optimized out>
uret = <optimized out>
#15 0x0000558844614bf4 in main (argc=<optimized out>, argv=<optimized out>) at ../../../client/gui-gtk-3.22/gui_main.c:1765
Could be related to Issue 1943
Updated by Marko Lindqvist 1 day ago
- File 0036-Reorder-packets-sent-when-contact-re-established.patch 0036-Reorder-packets-sent-when-contact-re-established.patch added
- Category changed from gtk3.22-client to Server
- Status changed from New to In Review
- Assignee set to Marko Lindqvist
- Target version set to 3.3.0
Attached patch fix the only root cause I can think of causing this. Since the backtrace shows the crash happening when calling idle callback, it can actually happen between receiving two consecutive server sent packets while the game state is inconsistent.