core.git: Branch 'distro/collabora/co-25.04' - desktop/source

[Caolán McNamara (via logerrit)]

 desktop/source/lib/init.cxx |   15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

New commits:
commit 6034be914e4afdbdc330a6d1b43ff02cf966dacf
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Thu Jul 10 12:48:40 2025 +0100
Commit:     Miklos Vajna <vmik...@collabora.com>
CommitDate: Thu Jul 10 17:10:03 2025 +0200

    null deref of SfxViewShell
    
     #0  desktop::CallbackFlushHandler::enqueueUpdatedType 
(this=this@entry=0x34f1a860, type=3, viewShell=viewShell@entry=0x0, viewId=9) 
at libreoffice/desktop/source/lib/init.cxx:2474
     #1  0x00007f1d866182a4 in 
desktop::CallbackFlushHandler::enqueueUpdatedTypes (this=0x34f1a860) at 
libreoffice/desktop/source/lib/init.cxx:2437
     #2  0x00007f1d866184a0 in desktop::CallbackFlushHandler::invoke 
(this=0x34f1a860) at libreoffice/desktop/source/lib/init.cxx:2503
     #3  0x00007f1d87648db0 in Link<void*, void>::Call (data=<optimized out>, 
this=0x30d537e8) at libreoffice/include/tools/link.hxx:111
     #4  ImplHandleUserEvent (pSVEvent=0x30d537e0) at 
libreoffice/vcl/source/window/winproc.cxx:2285
     #5  ImplWindowFrameProc (_pWindow=<optimized out>, 
nEvent=SalEvent::UserEvent, pEvent=0x30d537e0) at 
libreoffice/vcl/source/window/winproc.cxx:2849
     #6  0x00007f1d87b3accc in SalFrame::CallCallback (pEvent=0x30d537e0, 
nEvent=SalEvent::UserEvent, this=0x38abd50) at 
libreoffice/vcl/inc/salframe.hxx:311
     #7  SvpSalInstance::ProcessEvent (this=0xe87940, aEvent=...) at 
libreoffice/vcl/headless/svpinst.cxx:272
     #8  0x00007f1d87937029 in operator() (__closure=<synthetic pointer>) at 
libreoffice/vcl/source/app/salusereventlist.cxx:119
     #9  SalUserEventList::DispatchUserEvents (this=this@entry=0xe87968, 
bHandleAllCurrentEvents=bHandleAllCurrentEvents@entry=false) at 
libreoffice/vcl/source/app/salusereventlist.cxx:120
     #10 0x00007f1d87b3b4d9 in SvpSalInstance::ImplYield 
(this=this@entry=0xe87940, bWait=bWait@entry=true, 
bHandleAllCurrentEvents=bHandleAllCurrentEvents@entry=false)
         at libreoffice/vcl/headless/svpinst.cxx:425
    
    Change-Id: Id6961b300ce67f5cfcbb91284a84bf02edc6aec3
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/187632
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
    Reviewed-by: Miklos Vajna <vmik...@collabora.com>

diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index b73ae8f426d9..67839304df62 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -2430,13 +2430,22 @@ void CallbackFlushHandler::enqueueUpdatedTypes()
         LOK_CALLBACK_INVALIDATE_VIEW_CURSOR,
         LOK_CALLBACK_TEXT_VIEW_SELECTION };
 
-    for( int type : orderedUpdatedTypes )
+    if (viewShell)
     {
-        if(o3tl::make_unsigned( type ) < updatedTypes.size() && updatedTypes[ 
type ])
+        for( int type : orderedUpdatedTypes )
         {
-            enqueueUpdatedType( type, viewShell, m_viewId );
+            if(o3tl::make_unsigned( type ) < updatedTypes.size() && 
updatedTypes[ type ])
+            {
+                enqueueUpdatedType( type, viewShell, m_viewId );
+            }
         }
     }
+    else
+    {
+        // View removed, probably cleaning up.
+        SAL_INFO("lok", "View #" << m_viewId << " no longer found for updated 
events");
+    }
+
     for( const auto& it : updatedTypesPerViewId )
     {
         int viewId = it.first;