AddressSanitizer: SEGV freeciv-3.0.3/common/extras.c:787 in can_extras_coexist
As this is from idle_callback_wrapper(), there's a risk of inconsistent game state (you never know when the idle timer runs).
On thing I could see as a possible explanation:
The unit in question (on the tile, not one in focus) has been doing terrain transformative form (->no target) of ACTIVITY_IRRIGATE or ACTIVITY_MINE. Tile's terrain has just changed (client has received that packet), but the unit's activity has not been cancelled (the client has not yet received that packet). Now the logic in is_build_activity() detects that on the current terrain type ACTIVITY_IRRIGATE / ACTIVITY_MINE would not be terrain transformative, but extra building activities. Thus the caller expects there to be built target set, while it never was, for the transformative activity.
That would make on S3_0 (and earlier affected) as there's not activities with two different forms in later branches.
a lot of units were doing terrain transformation irrigate at the time. so this sounds reasonable.
With no way to confirm what actually happened, assuming that the cause was what I guess - and it's a bug in any case.
Patch attached - maybe a bit targeted one, considering the risky approach of idle callbacks refreshing menus and whatnot. This is meant for S3_0 and S2_6 only - later branches should not have this (very) problem.
CFLAGS = -fsanitize=address,undefined CC = GCC 12 gtk version = gtk3 3.24.34 glib version = glib2 2.74.0 extras.c:787:11: runtime error: member access within null pointer of type 'const struct extra_type' extras.c:787:11: runtime error: member access within null pointer of type 'const struct extra_type' AddressSanitizer:DEADLYSIGNAL ================================================================= ==300365==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55eed3d31db4 bp 0x55eed4d10580 sp 0x7ffe5ba762a0 T0) ==300365==The signal is caused by a READ memory access. ==300365==Hint: address points to the zero page. #0 0x55eed3d31db4 in can_extras_coexist /home/michael/usr/src/freeciv-3.0.3/common/extras.c:787 #1 0x55eed400a1e8 in can_unit_do_activity_targeted_at /home/michael/usr/src/freeciv-3.0.3/common/unit.c:775 #2 0x55eed400c51a in can_unit_do_activity_targeted /home/michael/usr/src/freeciv-3.0.3/common/unit.c:752 #3 0x55eed4010a03 in can_units_do_activity_targeted /home/michael/usr/src/freeciv-3.0.3/common/unitlist.c:133 #4 0x55eed3c2083a in real_menus_update /home/michael/usr/src/freeciv-3.0.3/client/gui-gtk-3.22/menu.c:2196 #5 0x55eed3b7102f in menus_update_callback /home/michael/usr/src/freeciv-3.0.3/client/update_queue.c:549 #6 0x55eed3b722cc in update_unqueue /home/michael/usr/src/freeciv-3.0.3/client/update_queue.c:320 #7 0x55eed39e6578 in idle_callback_wrapper /home/michael/usr/src/freeciv-3.0.3/client/gui-gtk-3.22/gui_main.c:2287 #8 0x7f2bc40ed81a in g_main_context_dispatch (/usr/lib/libglib-2.0.so.0+0x5581a) #9 0x7f2bc4143ec8 (/usr/lib/libglib-2.0.so.0+0xabec8) #10 0x7f2bc40ecd7e in g_main_loop_run (/usr/lib/libglib-2.0.so.0+0x54d7e) #11 0x7f2bc47d8e9e in gtk_main (/usr/lib/libgtk-3.so.0+0x1d8e9e) #12 0x55eed39eee70 in ui_main /home/michael/usr/src/freeciv-3.0.3/client/gui-gtk-3.22/gui_main.c:1922 #13 0x55eed39f3683 in client_main /home/michael/usr/src/freeciv-3.0.3/client/client_main.c:685 #14 0x55eed39ed163 in main /home/michael/usr/src/freeciv-3.0.3/client/gui-gtk-3.22/gui_main.c:1670 #15 0x7f2bc383c28f (/usr/lib/libc.so.6+0x2328f) #16 0x7f2bc383c349 in __libc_start_main (/usr/lib/libc.so.6+0x23349) #17 0x55eed39e4044 in _start ../sysdeps/x86_64/start.S:115 AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/michael/usr/src/freeciv-3.0.3/common/extras.c:787 in can_extras_coexist ==300365==ABORTING