Another crash that just happened: 
 
[New Thread 16384 (LWP 8863)] 
0x413eef29 in __wait4 () at __wait4:-1 
	in __wait4 
#0  0x413eef29 in __wait4 () at __wait4:-1 
#1  0x41472218 in __DTOR_END__ () from /lib/libc.so.6 
#2  0x411e4633 in waitpid () from /lib/libpthread.so.0 
#3  0x40840a2c in KCrash::defaultCrashHandler(int) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#4  <signal handler called> 
#5  0x40077c2d in Trade::updateAccept(Player*, bool) (this=0x822b4e0,  
    player=0xbfffeb00, accept=149) 
    at /usr/local/qt-x11-free-3/include/qmap.h:751 
#6  0x40061c79 in AtlantikNetwork::processNode(QDomNode) (this=0x80fbac8, n= 
      {_vptr.QDomNode = 0x41081548, impl = 0x81bc6f8}) 
    at atlantik_network.cpp:733 
#7  0x40055b0e in AtlantikNetwork::qt_invoke(int, QUObject*) (this=0x80fbac8,  
    _id=-1073747184, _o=0xbfffeb00) at atlantik_network.cpp:251 
#8  0x40c716b1 in QObject::activate_signal(QConnectionList*, QUObject*) ( 
    this=0x80fbac8, clist=0x80fbdf8, o=0xbfffebb0) at kernel/qobject.cpp:2212 
#9  0x40c71592 in QObject::activate_signal(int) (this=0x80fbac8, signal=2) 
    at kernel/qobject.cpp:2186 
#10 0x408838e7 in KExtendedSocket::socketActivityRead() () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#11 0x40886238 in KExtendedSocket::qt_invoke(int, QUObject*) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#12 0x40055b73 in AtlantikNetwork::qt_invoke(int, QUObject*) (this=0x80fbac8,  
    _id=135248584, _o=0x2) at atlantik_network.moc:593 
#13 0x40c716b1 in QObject::activate_signal(QConnectionList*, QUObject*) ( 
    this=0x81366d0, clist=0x8139138, o=0xbffff240) at kernel/qobject.cpp:2212 
#14 0x40c718fc in QObject::activate_signal(int, int) (this=0x81366d0,  
    signal=2, param=13) at kernel/qobject.cpp:2277 
#15 0x40f7251b in QSocketNotifier::activated(int) (this=0x81366d0, t0=13) 
    at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85 
#16 0x40c91357 in QSocketNotifier::event(QEvent*) (this=0x81366d0,  
    e=0xbffff540) at kernel/qsocketnotifier.cpp:268 
#17 0x40c0aee1 in QApplication::internalNotify(QObject*, QEvent*) ( 
    this=0xbffff720, receiver=0x81366d0, e=0xbffff540) 
    at kernel/qapplication.cpp:2350 
#18 0x40c0a510 in QApplication::notify(QObject*, QEvent*) (this=0xbffff720,  
    receiver=0x81366d0, e=0xbffff540) at kernel/qapplication.cpp:2112 
#19 0x407a27ef in KApplication::notify(QObject*, QEvent*) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#20 0x40baf2ec in QApplication::sendEvent(QObject*, QEvent*) ( 
    receiver=0x81366d0, event=0xbffff540) at kernel/qapplication.h:478 
#21 0x40be5513 in QEventLoop::activateSocketNotifiers() (this=0x80ac1a0) 
    at kernel/qeventloop_unix.cpp:544 
#22 0x40bbef16 in QEventLoop::processEvents(unsigned) (this=0x80ac1a0, flags=4) 
    at kernel/qeventloop_x11.cpp:307 
#23 0x40c219f9 in QEventLoop::enterLoop() (this=0x80ac1a0) 
    at kernel/qeventloop.cpp:191 
#24 0x40c21912 in QEventLoop::exec() (this=0x80ac1a0) 
    at kernel/qeventloop.cpp:138 
#25 0x40c0b051 in QApplication::exec() (this=0xbffff720) 
    at kernel/qapplication.cpp:2471 
#26 0x0805b234 in main (argc=-512, argv=0xfffffe00) at main.cpp:75 
#27 0x41353e64 in __libc_start_main () from /lib/libc.so.6 

...and another one. The last 2 crashes were not because I selected trade, possibly the 
opponent did: 
 
[New Thread 16384 (LWP 8865)] 
0x413eef29 in __wait4 () at __wait4:-1 
	in __wait4 
#0  0x413eef29 in __wait4 () at __wait4:-1 
#1  0x41472218 in __DTOR_END__ () from /lib/libc.so.6 
#2  0x411e4633 in waitpid () from /lib/libpthread.so.0 
#3  0x40840a2c in KCrash::defaultCrashHandler(int) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#4  <signal handler called> 
#5  0x40077c2d in Trade::updateAccept(Player*, bool) (this=0x81ed090,  
    player=0xbfffeb00, accept=149) 
    at /usr/local/qt-x11-free-3/include/qmap.h:751 
#6  0x40061c79 in AtlantikNetwork::processNode(QDomNode) (this=0x80fbad0, n= 
      {_vptr.QDomNode = 0x41081548, impl = 0x81be270}) 
    at atlantik_network.cpp:733 
#7  0x40055b0e in AtlantikNetwork::qt_invoke(int, QUObject*) (this=0x80fbad0,  
    _id=-1073747184, _o=0xbfffeb00) at atlantik_network.cpp:251 
#8  0x40c716b1 in QObject::activate_signal(QConnectionList*, QUObject*) ( 
    this=0x80fbad0, clist=0x80fbe00, o=0xbfffebb0) at kernel/qobject.cpp:2212 
#9  0x40c71592 in QObject::activate_signal(int) (this=0x80fbad0, signal=2) 
    at kernel/qobject.cpp:2186 
#10 0x408838e7 in KExtendedSocket::socketActivityRead() () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#11 0x40886238 in KExtendedSocket::qt_invoke(int, QUObject*) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#12 0x40055b73 in AtlantikNetwork::qt_invoke(int, QUObject*) (this=0x80fbad0,  
    _id=135248592, _o=0x2) at atlantik_network.moc:593 
#13 0x40c716b1 in QObject::activate_signal(QConnectionList*, QUObject*) ( 
    this=0x80b13d0, clist=0x81389f8, o=0xbffff240) at kernel/qobject.cpp:2212 
#14 0x40c718fc in QObject::activate_signal(int, int) (this=0x80b13d0,  
    signal=2, param=13) at kernel/qobject.cpp:2277 
#15 0x40f7251b in QSocketNotifier::activated(int) (this=0x80b13d0, t0=13) 
    at .moc/debug-shared-mt/moc_qsocketnotifier.cpp:85 
#16 0x40c91357 in QSocketNotifier::event(QEvent*) (this=0x80b13d0,  
    e=0xbffff540) at kernel/qsocketnotifier.cpp:268 
#17 0x40c0aee1 in QApplication::internalNotify(QObject*, QEvent*) ( 
    this=0xbffff720, receiver=0x80b13d0, e=0xbffff540) 
    at kernel/qapplication.cpp:2350 
#18 0x40c0a510 in QApplication::notify(QObject*, QEvent*) (this=0xbffff720,  
    receiver=0x80b13d0, e=0xbffff540) at kernel/qapplication.cpp:2112 
#19 0x407a27ef in KApplication::notify(QObject*, QEvent*) () 
   from /usr/local/kde-3.1.0/lib/libkdecore.so.4 
#20 0x40baf2ec in QApplication::sendEvent(QObject*, QEvent*) ( 
    receiver=0x80b13d0, event=0xbffff540) at kernel/qapplication.h:478 
#21 0x40be5513 in QEventLoop::activateSocketNotifiers() (this=0x80ac1a0) 
    at kernel/qeventloop_unix.cpp:544 
#22 0x40bbef16 in QEventLoop::processEvents(unsigned) (this=0x80ac1a0, flags=4) 
    at kernel/qeventloop_x11.cpp:307 
#23 0x40c219f9 in QEventLoop::enterLoop() (this=0x80ac1a0) 
    at kernel/qeventloop.cpp:191 
#24 0x40c21912 in QEventLoop::exec() (this=0x80ac1a0) 
    at kernel/qeventloop.cpp:138 
#25 0x40c0b051 in QApplication::exec() (this=0xbffff720) 
    at kernel/qapplication.cpp:2471 
#26 0x0805b234 in main (argc=-512, argv=0xfffffe00) at main.cpp:75 
#27 0x41353e64 in __libc_start_main () from /lib/libc.so.6 
 

Can it be because I played game after game with the same client instead of closing it 
after each and start it again? 

Yes, that could be a factor. So you haven't been able to reproduce this during a 
client's first game? 

I don't remember if it ever happened during a client's first game. I never thought 
specifically about that before. 

It seems like the client needs some asserts to make sure that the data structures that 
are supposed to be empty when a new game begins are really empty. 
 
I saw another trade bug yesterday. A player had a trade open with me. It was an 
estate for an estate. The player accepted the trade, landed on my hotel and became 
bankrupt (lost all property). I got all estate from that player, including the estate that I 
was supposed to get in the trade. Then I accepted the trade and the bankrupt player 
could get the estate that I was giving (according to the portfolioview). The trade should 
have been deleted when the player became bankrupt. 
 
When player A constructs a trade and accepts it, player B can quickly mortgage the 
estates he is giving and then immediately accept the deal before player A reacts to the 
mortgaging. Mortgaging an estate should unaccept all trades where the estate is 
mentioned, just like any other change to the trade. The trade clauses that include 
mortgaged estate should include the string "(mortgaged)" after the estate name. 

Figured out why, m_playerSelf is a dangling pointer. Will fix soon now. 

I've got it fixed locally now, but it has a nasty token side-effect which I would like 
to fix first. 

Committed some old fixes, including ones that should fix this.