From 1a954e290de20d56ee1bf98089946bd89e0805f9 Mon Sep 17 00:00:00 2001
From: dawsers <dawser@gmx.com>
Date: Fri, 7 Nov 2025 14:55:47 +0100
Subject: [PATCH] overview: clear fullscreen reference when destroying
 fullscreen container

When a fullscreen container is destroyed while in overview mode, the workspace
layout may still keep a stale fullscreen pointer, leading to invalid memory
access and crashes when exiting overview.

This change clears the fullscreen reference if the destroyed container is the one
stored in the overview layout, preventing use-after-free and crash scenarios.
---
 sway/tree/container.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sway/tree/container.c b/sway/tree/container.c
index c9ec852fc..c67e0654e 100644
--- a/sway/tree/container.c
+++ b/sway/tree/container.c
@@ -538,6 +538,12 @@ void container_begin_destroy(struct sway_container *con) {
 	if (con->pending.fullscreen_mode == FULLSCREEN_WORKSPACE && con->pending.workspace) {
 		con->pending.workspace->fullscreen = NULL;
 	}
+
+	// If the container was the one stored in the overview's fullscreen memory, clear it.
+	if (con->pending.workspace && con->pending.workspace->layout.fullscreen == con) {
+		con->pending.workspace->layout.fullscreen = NULL;
+	}
+
 	if (con->scratchpad && con->pending.fullscreen_mode == FULLSCREEN_GLOBAL) {
 		container_fullscreen_disable(con);
 	}