Caused by change 51d7f466df85f679f54e4e690f8b5e602192eb7b the SfxPoolItems are handed over as a std::initializer_list<SfxPoolItem const*> args, but there seem to be cases where 'nullptr' values are involved, that leads to crashes. Stack is: > sfxlo.dll!SfxDispatcher::ExecuteList(unsigned short nSlot, SfxCallMode eCall, std::initializer_list<SfxPoolItem const *> args) Line 1152 C++ svxlo.dll!svx::sidebar::AreaPropertyPanel::setFillStyleAndBitmap(const XFillStyleItem * pStyleItem, const XFillBitmapItem & rBitmapItem) Line 150 C++ svxlo.dll!svx::sidebar::AreaPropertyPanelBase::SelectFillAttrHdl(ListBox & __formal) Line 488 C++ svxlo.dll!svx::sidebar::AreaPropertyPanelBase::LinkStubSelectFillAttrHdl(void * instance, ListBox & data) Line 399 C++ vcllo.dll!Link<ListBox &,void>::Call(ListBox & data) Line 84 C++ To reproduce: - New Draw - Draw Shape (RightLeftArrow) - In Sidebar, in Area, choose 'Bitmap' and then a Bitmap -> crash in SfxDispatcher::ExecuteList due to one member of std::initializer_list<SfxPoolItem const*> args being zero. Looking at AreaPropertyPanelBase::SelectFillAttrHdl shows that nullptr is handed in by purpose: setFillStyleAndBitmap(bFillStyleChange ? &aXFillStyleItem : nullptr, aXFillBitmapItem) so this has worked before the change.
Michael Stahl committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=a7df6b4964e4c9af33e1d030042b6c0a5e59dd55 tdf#99264 svx: don't pass null pointers to SfxDispatcher It will be available in 5.2.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
oops, fixed on master