fix: crash on reconversion with google IME and editcontext on macOS (#46701)

* fix: crash on reconversion with google IME and editcontext on macOS Co-authored-by: deepak1556 <hop2deep@gmail.com> * chore: update .patches * chore: update patch --------- Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com> Co-authored-by: deepak1556 <hop2deep@gmail.com> Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
2026-04-10 03:01:51 -04:00 · 2025-04-22 14:29:01 +09:00
parent fa7caa9c21
commit 26affd6c3e
2 changed files with 44 additions and 0 deletions
--- a/patches/chromium/.patches
+++ b/patches/chromium/.patches
@@ -153,3 +153,4 @@ fix_take_snapped_status_into_account_when_showing_a_window.patch
 chore_modify_chromium_handling_of_mouse_events.patch
 cherry-pick-b8f80176b163.patch
 fix_false_activation_logic_for_context_menu.patch
+mac_fix_check_on_ime_reconversion_due_to_invalid_replacement_range.patch
--- a/patches/chromium/mac_fix_check_on_ime_reconversion_due_to_invalid_replacement_range.patch
+++ b/patches/chromium/mac_fix_check_on_ime_reconversion_due_to_invalid_replacement_range.patch
@@ -0,0 +1,43 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Keren Zhu <kerenzhu@chromium.org>
+Date: Fri, 18 Apr 2025 11:02:46 -0700
+Subject: mac: fix CHECK on IME reconversion due to invalid replacement range
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+It appears that Google Japanese IME can call -setMarkedText: with an
+invalid replacement range when doing text reconversion (変換, i.e.,
+conversion between different text with same pronunciation). This range
+is a NSRange and NSRange.location is supposed to be NSNotFound (2^31-1)
+for invalid range, but the IME can pass in 2^32. Subsequently causing
+CHECK error.
+
+This CL fixes the issue by converting such invalid NSRange to
+gfx::InvalidRange using FromPossiblyInvalidNSRange(range).
+
+Fixed: 409864204
+Change-Id: I08ff426a933ef76aa81e33af59aa32e2ac0b674d
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6470915
+Commit-Queue: Keren Zhu <kerenzhu@chromium.org>
+Reviewed-by: Marijn Kruisselbrink <mek@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#1448935}
+
+diff --git a/content/app_shim_remote_cocoa/render_widget_host_view_cocoa.mm b/content/app_shim_remote_cocoa/render_widget_host_view_cocoa.mm
+index c89f25bf49d773f5f77b2434bd6fabcfd8cb4e33..87c5c0b3d04769dcbcf43880d5ec88dea93b4d58 100644
+--- a/content/app_shim_remote_cocoa/render_widget_host_view_cocoa.mm
+++ b/content/app_shim_remote_cocoa/render_widget_host_view_cocoa.mm
+@@ -2337,9 +2337,10 @@ - (void)setMarkedText:(id)string
+   if ([self isHandlingKeyDown] && !_isReconversionTriggered) {
+     _setMarkedTextReplacementRange = gfx::Range(replacementRange);
+   } else {
+-    _host->ImeSetComposition(_markedText, _imeTextSpans,
+-                             gfx::Range(replacementRange), newSelRange.location,
+-                             NSMaxRange(newSelRange));
+    _host->ImeSetComposition(
+        _markedText, _imeTextSpans,
+        gfx::Range::FromPossiblyInvalidNSRange(replacementRange),
+        newSelRange.location, NSMaxRange(newSelRange));
+   }
+ 
+   [[self inputContext] invalidateCharacterCoordinates];