kahunsyo commented 4 months ago

Description

Converting a string of - and digits less than three to half-width causes crashes.

Steps to reproduce

Steps to reproduce the behavior:

Type −１２３ with IME
Convert half-width (default, press F10)

Expected behavior

You can convert full-width strings to half-width.

Actual behavior

IME stacks in around 30s and crash.

Version or commit-id

Mozc-2.29.5374.101+24.11.oss build for apple silicon

Environment

OS: macOS 14.3.1 (on Apple Silicon)

Investigations

Whether this issue happens on both Ibus and other IMF (e.g. Fcitx, uim).
- N/A
Whether this issue happens on other IMEs (e.g. Anthy, SKK).
- N/A
What applications this issue happens on (e.g. Chromium, gedit).
- all
What applications this issue does not happen on (e.g. Chromium, gedit).
- not-found
(optional) What versions or commit-ids this issue did not happen on (e.g. Mozc-2.28.4960.100+24.11.oss).
- no-investigation.

kahunsyo commented 4 months ago

I found the error log.

-------------------------------------
Translated Report (Full Report Below)
-------------------------------------

Process:               Mozc [59172]
Path:                  /Library/Input Methods/Mozc.app/Contents/MacOS/Mozc
Identifier:            org.mozc.inputmethod.Japanese
Version:               2.29.5374 (2.29.5374.101)
Code Type:             ARM-64 (Native)
Parent Process:        launchd [1]
User ID:               501

Date/Time:             2024-02-23 15:16:40.5517 +0900
OS Version:            macOS 14.3.1 (23D60)
Report Version:        12
Anonymous UUID:        501E81E0-8FE9-8D47-8E8C-2FDF92124AEA

Sleep/Wake UUID:       D1160452-C7A8-476E-B7E1-F765E66F9CB8

Time Awake Since Boot: 92000 seconds
Time Since Wake:       5008 seconds

System Integrity Protection: enabled

Crashed Thread:        0  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x00000002a0080001
Exception Codes:       0x0000000000000001, 0x00000002a0080001

Termination Reason:    Namespace SIGNAL, Code 11 Segmentation fault: 11
Terminating Process:   exc handler [59172]

VM Region Info: 0x2a0080001 is not in any region.  Bytes after previous region: 626163714  Bytes before following region: 56370921471
      REGION TYPE                    START - END         [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      unused __TEXT               27ab54000-27ab58000    [   16K] r--/r-- SM=COW  ...ed lib __TEXT
--->  GAP OF 0xd454a8000 BYTES
      commpage (reserved)         fc0000000-1000000000   [  1.0G] ---/--- SM=NUL  ...(unallocated)

Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   libobjc.A.dylib                        0x1886c5434 objc_msgSend + 52
1   libobjc.A.dylib                        0x1886c9af8 objc_storeStrong + 48
2   Mozc                                   0x100d31168 -[GoogleJapaneseInputController composedString:] + 52
3   InputMethodKit                         0x1ba8908c8 -[IMKInputController selectionRange] + 24
4   Mozc                                   0x100d312b4 -[GoogleJapaneseInputController selectionRange] + 88
5   Mozc                                   0x100d30c24 -[GoogleJapaneseInputController updateComposedString:] + 1244
6   Mozc                                   0x100d31094 -[GoogleJapaneseInputController commitComposition:] + 832
7   InputMethodKit                         0x1ba8c2228 __40-[IMKServer commitCompositionWithReply:]_block_invoke + 348
8   InputMethodKit                         0x1ba8ccd9c __IMKXPCPerformBlockOnMainThread_block_invoke + 44
9   CoreFoundation                         0x188b6f574 __CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__ + 28
10  CoreFoundation                         0x188b6f488 __CFRunLoopDoBlocks + 356
11  CoreFoundation                         0x188b6e2c0 __CFRunLoopRun + 812
12  CoreFoundation                         0x188b6d93c CFRunLoopRunSpecific + 608
13  HIToolbox                              0x193136448 RunCurrentEventLoopInMode + 292
14  HIToolbox                              0x193136284 ReceiveNextEventCommon + 648
15  HIToolbox                              0x193135fdc _BlockUntilNextEventMatchingListInModeWithFilter + 76
16  AppKit                                 0x18c34ced0 _DPSNextEvent + 660
17  AppKit                                 0x18cb37eec -[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 716
18  AppKit                                 0x18c34037c -[NSApplication run] + 476
19  AppKit                                 0x18c317640 NSApplicationMain + 880
20  Mozc                                   0x100d27b80 main + 1244
21  dyld                                   0x1887110e0 start + 2360

Thread 1:: com.apple.NSEventThread
0   libsystem_kernel.dylib                 0x188a51874 mach_msg2_trap + 8
1   libsystem_kernel.dylib                 0x188a63cf0 mach_msg2_internal + 80
2   libsystem_kernel.dylib                 0x188a5a4b0 mach_msg_overwrite + 476
3   libsystem_kernel.dylib                 0x188a51bf8 mach_msg + 24
4   CoreFoundation                         0x188b6fb84 __CFRunLoopServiceMachPort + 160
5   CoreFoundation                         0x188b6e44c __CFRunLoopRun + 1208
6   CoreFoundation                         0x188b6d93c CFRunLoopRunSpecific + 608
7   AppKit                                 0x18c476160 _NSEventThread + 144
8   libsystem_pthread.dylib                0x188a92034 _pthread_start + 136
9   libsystem_pthread.dylib                0x188a8ce3c thread_start + 8

Thread 2:
0   libsystem_pthread.dylib                0x188a8ce28 start_wqthread + 0

Thread 3:
0   libsystem_pthread.dylib                0x188a8ce28 start_wqthread + 0

Thread 4:
0   libsystem_pthread.dylib                0x188a8ce28 start_wqthread + 0

Thread 0 crashed with ARM Thread State (64-bit):
    x0: 0x0000000148729df0   x1: 0x00000001d7de86c2   x2: 0x0000000148729df0   x3: 0x000000014875c0b1
    x4: 0x0000000000000000   x5: 0x0000000000000000   x6: 0x000000014875c0b1   x7: 0x0000000000000000
    x8: 0x0000000000000000   x9: 0x0000000000000103  x10: 0x00000002a0080001  x11: 0x0000000000000000
   x12: 0x0000000000000000  x13: 0x00000002a0080001  x14: 0x0000000148742c70  x15: 0x0000000148742c70
   x16: 0x0000000148742c70  x17: 0x0000000000000000  x18: 0x0000000000000000  x19: 0x0000000148729df0
   x20: 0x0000000000000000  x21: 0x000000016f0dd838  x22: 0x0000000149507900  x23: 0x0000000000000000
   x24: 0x00000000141300cd  x25: 0x0000000149507900  x26: 0x000000014880a180  x27: 0x0000000149705e90
   x28: 0x0000000149714da0   fp: 0x000000016f0dd810   lr: 0x00000001886c9af8
    sp: 0x000000016f0dd7f0   pc: 0x00000001886c5434 cpsr: 0x20001000
   far: 0x00000002a0080001  esr: 0x92000006 (Data Abort) byte read Translation fault

Binary Images:
       0x1047c8000 -        0x1047cbfff com.apple.icloud.drive.fileprovider.override (1.0) <65e23bdd-17f1-3764-b85f-e4c9abfcfde1> /System/Library/Frameworks/FileProvider.framework/OverrideBundles/iCloudDriveFileProviderOverride.bundle/Contents/MacOS/iCloudDriveFileProviderOverride
       0x104784000 -        0x1047a3fff com.apple.findersync.fileprovideroverride.FinderSyncCollaborationFileProviderOverride (14.3) <aca2524a-0d34-344d-adf2-084c35ca6499> /System/Library/Frameworks/FileProvider.framework/OverrideBundles/FinderSyncCollaborationFileProviderOverride.bundle/Contents/MacOS/FinderSyncCollaborationFileProviderOverride
       0x10476c000 -        0x104773fff com.apple.FileProviderOverride (1703.80.16) <00f87e11-2be8-3a69-af66-d5cab347d31b> /System/Library/Frameworks/FileProvider.framework/OverrideBundles/FileProviderOverride.bundle/Contents/MacOS/FileProviderOverride
       0x100d20000 -        0x10134ffff org.mozc.inputmethod.Japanese (2.29.5374) <d69f717e-5c2e-3105-8cd3-ddd9eb611dcc> /Library/Input Methods/Mozc.app/Contents/MacOS/Mozc
       0x1886bc000 -        0x18870afe0 libobjc.A.dylib (*) <375f98a8-1d18-3da7-92a3-b7964847b03a> /usr/lib/libobjc.A.dylib
       0x1ba86b000 -        0x1ba98efff com.apple.InputMethodKit (1.2) <172d6be6-1ac7-37f5-812a-a329448c1fac> /System/Library/Frameworks/InputMethodKit.framework/Versions/A/InputMethodKit
       0x188af2000 -        0x188fc9fff com.apple.CoreFoundation (6.9) <6030a572-b731-3f46-b3a0-2598fbb98c9a> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
       0x193106000 -        0x1933c5fff com.apple.HIToolbox (2.1.1) <db8a8b63-7bfb-384b-b0a9-c124675fbb39> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
       0x18c313000 -        0x18d63efff com.apple.AppKit (6.9) <873e5da0-bc01-399b-bf60-4066922d6a17> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
       0x18870b000 -        0x18879f387 dyld (*) <50746901-db0e-39a0-b391-baaa6b82ad0f> /usr/lib/dyld
               0x0 - 0xffffffffffffffff ??? (*) <00000000-0000-0000-0000-000000000000> ???
       0x188a50000 -        0x188a8afff libsystem_kernel.dylib (*) <a7228b5d-53c7-3fe9-84e4-2a8c04dcf051> /usr/lib/system/libsystem_kernel.dylib
       0x188a8b000 -        0x188a97ff3 libsystem_pthread.dylib (*) <449bbad3-f7ef-371d-9a59-fd4ffa78289b> /usr/lib/system/libsystem_pthread.dylib

External Modification Summary:
  Calls made by other processes targeting this process:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0
  Calls made by this process:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0
  Calls made by all processes on this machine:
    task_for_pid: 0
    thread_create: 0
    thread_set_state: 0

VM Region Summary:
ReadOnly portion of Libraries: Total=1.2G resident=0K(0%) swapped_out_or_unallocated=1.2G(100%)
Writable regions: Total=303.1M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=303.1M(100%)

                                VIRTUAL   REGION 
REGION TYPE                        SIZE    COUNT (non-coalesced) 
===========                     =======  ======= 
Activity Tracing                   256K        1 
ColorSync                          544K       25 
CoreGraphics                        32K        2 
Dispatch continuations            80.0M        1 
Kernel Alloc Once                   32K        1 
MALLOC                           211.2M       32 
MALLOC guard page                  192K       12 
STACK GUARD                       56.1M        5 
Stack                             10.1M        5 
VM_ALLOCATE                        864K        7 
__AUTH                            1083K      236 
__AUTH_CONST                      18.2M      413 
__CTF                               824        1 
__DATA                            4390K      405 
__DATA_CONST                      20.4M      421 
__DATA_DIRTY                      1097K      137 
__FONT_DATA                          4K        1 
__LINKEDIT                       903.4M        5 
__OBJC_RO                         71.2M        1 
__OBJC_RW                         2171K        1 
__TEXT                           370.8M      436 
dyld private memory                656K        4 
mapped file                      168.8M       16 
shared memory                      848K       13 
===========                     =======  ======= 
TOTAL                              1.9G     2181 

-----------
Full Report
-----------

{"app_name":"Mozc","timestamp":"2024-02-23 15:16:40.00 +0900","app_version":"2.29.5374","slice_uuid":"d69f717e-5c2e-3105-8cd3-ddd9eb611dcc","build_version":"2.29.5374.101","platform":1,"bundleID":"org.mozc.inputmethod.Japanese","share_with_app_devs":0,"is_first_party":0,"bug_type":"309","os_version":"macOS 14.3.1 (23D60)","roots_installed":0,"name":"Mozc","incident_id":"E09144B7-8CC6-4A74-8010-48A40DD2ECAD"}
{
  "uptime" : 92000,
  "procRole" : "Default",
  "version" : 2,
  "userID" : 501,
  "deployVersion" : 210,
  "modelCode" : "MacBookPro18,1",
  "coalitionID" : 12427,
  "osVersion" : {
    "train" : "macOS 14.3.1",
    "build" : "23D60",
    "releaseType" : "User"
  },
  "captureTime" : "2024-02-23 15:16:40.5517 +0900",
  "codeSigningMonitor" : 1,
  "incident" : "E09144B7-8CC6-4A74-8010-48A40DD2ECAD",
  "pid" : 59172,
  "translated" : false,
  "cpuType" : "ARM-64",
  "roots_installed" : 0,
  "bug_type" : "309",
  "procLaunch" : "2024-02-23 15:14:36.8189 +0900",
  "procStartAbsTime" : 2220397608279,
  "procExitAbsTime" : 2223366787383,
  "procName" : "Mozc",
  "procPath" : "\/Library\/Input Methods\/Mozc.app\/Contents\/MacOS\/Mozc",
  "bundleInfo" : {"CFBundleShortVersionString":"2.29.5374","CFBundleVersion":"2.29.5374.101","CFBundleIdentifier":"org.mozc.inputmethod.Japanese"},
  "storeInfo" : {"deviceIdentifierForVendor":"3E79C7C7-EE5D-59EB-B737-B8033D82C941","thirdParty":true},
  "parentProc" : "launchd",
  "parentPid" : 1,
  "coalitionName" : "org.mozc.inputmethod.Japanese",
  "crashReporterKey" : "501E81E0-8FE9-8D47-8E8C-2FDF92124AEA",
  "codeSigningID" : "org.mozc.inputmethod.Japanese",
  "codeSigningTeamID" : "",
  "codeSigningFlags" : 570425857,
  "codeSigningValidationCategory" : 10,
  "codeSigningTrustLevel" : 4294967295,
  "instructionByteStream" : {"beforePC":"0M19kuoDAKoqXO3yUBnB2u8DEKoKCkD5S\/1w00q9QJIsAAsKTREMiw==","atPC":"sSX\/qD8BAeuBAABUSgEBykoBEMoqDh\/XqRYAtL8BCusC\/\/9UTVEriw=="},
  "wakeTime" : 5008,
  "sleepWakeUUID" : "D1160452-C7A8-476E-B7E1-F765E66F9CB8",
  "sip" : "enabled",
  "vmRegionInfo" : "0x2a0080001 is not in any region.  Bytes after previous region: 626163714  Bytes before following region: 56370921471\n      REGION TYPE                    START - END         [ VSIZE] PRT\/MAX SHRMOD  REGION DETAIL\n      unused __TEXT               27ab54000-27ab58000    [   16K] r--\/r-- SM=COW  ...ed lib __TEXT\n--->  GAP OF 0xd454a8000 BYTES\n      commpage (reserved)         fc0000000-1000000000   [  1.0G] ---\/--- SM=NUL  ...(unallocated)",
  "exception" : {"codes":"0x0000000000000001, 0x00000002a0080001","rawCodes":[1,11274813441],"type":"EXC_BAD_ACCESS","signal":"SIGSEGV","subtype":"KERN_INVALID_ADDRESS at 0x00000002a0080001"},
  "termination" : {"flags":0,"code":11,"namespace":"SIGNAL","indicator":"Segmentation fault: 11","byProc":"exc handler","byPid":59172},
  "vmregioninfo" : "0x2a0080001 is not in any region.  Bytes after previous region: 626163714  Bytes before following region: 56370921471\n      REGION TYPE                    START - END         [ VSIZE] PRT\/MAX SHRMOD  REGION DETAIL\n      unused __TEXT               27ab54000-27ab58000    [   16K] r--\/r-- SM=COW  ...ed lib __TEXT\n--->  GAP OF 0xd454a8000 BYTES\n      commpage (reserved)         fc0000000-1000000000   [  1.0G] ---\/--- SM=NUL  ...(unallocated)",
  "extMods" : {"caller":{"thread_create":0,"thread_set_state":0,"task_for_pid":0},"system":{"thread_create":0,"thread_set_state":0,"task_for_pid":0},"targeted":{"thread_create":0,"thread_set_state":0,"task_for_pid":0},"warnings":0},
  "faultingThread" : 0,
  "threads" : [{"triggered":true,"id":1310239,"threadState":{"x":[{"value":5510438384},{"value":7916652226,"objc-selector":"retain"},{"value":5510438384},{"value":5510643889},{"value":0},{"value":0},{"value":5510643889},{"value":0},{"value":0},{"value":259},{"value":11274813441},{"value":0},{"value":0},{"value":11274813441},{"value":5510540400},{"value":5510540400},{"value":5510540400},{"value":0},{"value":0},{"value":5510438384},{"value":0},{"value":6158145592},{"value":5524977920},{"value":0},{"value":336789709},{"value":5524977920},{"value":5511356800},{"value":5527068304},{"value":5527129504}],"flavor":"ARM_THREAD_STATE64","lr":{"value":6583786232},"cpsr":{"value":536875008},"fp":{"value":6158145552},"sp":{"value":6158145520},"esr":{"value":2449473542,"description":"(Data Abort) byte read Translation fault"},"pc":{"value":6583768116,"matchesCrashFrame":1},"far":{"value":11274813441}},"queue":"com.apple.main-thread","frames":[{"imageOffset":37940,"symbol":"objc_msgSend","symbolLocation":52,"imageIndex":4},{"imageOffset":56056,"symbol":"objc_storeStrong","symbolLocation":48,"imageIndex":4},{"imageOffset":69992,"symbol":"-[GoogleJapaneseInputController composedString:]","symbolLocation":52,"imageIndex":3},{"imageOffset":153800,"symbol":"-[IMKInputController selectionRange]","symbolLocation":24,"imageIndex":5},{"imageOffset":70324,"symbol":"-[GoogleJapaneseInputController selectionRange]","symbolLocation":88,"imageIndex":3},{"imageOffset":68644,"symbol":"-[GoogleJapaneseInputController updateComposedString:]","symbolLocation":1244,"imageIndex":3},{"imageOffset":69780,"symbol":"-[GoogleJapaneseInputController commitComposition:]","symbolLocation":832,"imageIndex":3},{"imageOffset":356904,"symbol":"__40-[IMKServer commitCompositionWithReply:]_block_invoke","symbolLocation":348,"imageIndex":5},{"imageOffset":400796,"symbol":"__IMKXPCPerformBlockOnMainThread_block_invoke","symbolLocation":44,"imageIndex":5},{"imageOffset":513396,"symbol":"__CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__","symbolLocation":28,"imageIndex":6},{"imageOffset":513160,"symbol":"__CFRunLoopDoBlocks","symbolLocation":356,"imageIndex":6},{"imageOffset":508608,"symbol":"__CFRunLoopRun","symbolLocation":812,"imageIndex":6},{"imageOffset":506172,"symbol":"CFRunLoopRunSpecific","symbolLocation":608,"imageIndex":6},{"imageOffset":197704,"symbol":"RunCurrentEventLoopInMode","symbolLocation":292,"imageIndex":7},{"imageOffset":197252,"symbol":"ReceiveNextEventCommon","symbolLocation":648,"imageIndex":7},{"imageOffset":196572,"symbol":"_BlockUntilNextEventMatchingListInModeWithFilter","symbolLocation":76,"imageIndex":7},{"imageOffset":237264,"symbol":"_DPSNextEvent","symbolLocation":660,"imageIndex":8},{"imageOffset":8539884,"symbol":"-[NSApplication(NSEventRouting) _nextEventMatchingEventMask:untilDate:inMode:dequeue:]","symbolLocation":716,"imageIndex":8},{"imageOffset":185212,"symbol":"-[NSApplication run]","symbolLocation":476,"imageIndex":8},{"imageOffset":17984,"symbol":"NSApplicationMain","symbolLocation":880,"imageIndex":8},{"imageOffset":31616,"symbol":"main","symbolLocation":1244,"imageIndex":3},{"imageOffset":24800,"symbol":"start","symbolLocation":2360,"imageIndex":9}]},{"id":1310251,"name":"com.apple.NSEventThread","threadState":{"x":[{"value":268451845},{"value":21592279046},{"value":8589934592},{"value":178133768601600},{"value":0},{"value":178133768601600},{"value":2},{"value":4294967295},{"value":18446744073709550527},{"value":41475},{"value":0},{"value":1},{"value":41475},{"value":50374},{"value":0},{"value":0},{"value":18446744073709551569},{"value":8191374728},{"value":0},{"value":4294967295},{"value":2},{"value":178133768601600},{"value":0},{"value":178133768601600},{"value":6161571944},{"value":8589934592},{"value":21592279046},{"value":21592279046},{"value":4412409862}],"flavor":"ARM_THREAD_STATE64","lr":{"value":6587563248},"cpsr":{"value":4096},"fp":{"value":6161571792},"sp":{"value":6161571712},"esr":{"value":1442840704,"description":" Address size fault"},"pc":{"value":6587488372},"far":{"value":0}},"frames":[{"imageOffset":6260,"symbol":"mach_msg2_trap","symbolLocation":8,"imageIndex":11},{"imageOffset":81136,"symbol":"mach_msg2_internal","symbolLocation":80,"imageIndex":11},{"imageOffset":42160,"symbol":"mach_msg_overwrite","symbolLocation":476,"imageIndex":11},{"imageOffset":7160,"symbol":"mach_msg","symbolLocation":24,"imageIndex":11},{"imageOffset":514948,"symbol":"__CFRunLoopServiceMachPort","symbolLocation":160,"imageIndex":6},{"imageOffset":509004,"symbol":"__CFRunLoopRun","symbolLocation":1208,"imageIndex":6},{"imageOffset":506172,"symbol":"CFRunLoopRunSpecific","symbolLocation":608,"imageIndex":6},{"imageOffset":1454432,"symbol":"_NSEventThread","symbolLocation":144,"imageIndex":8},{"imageOffset":28724,"symbol":"_pthread_start","symbolLocation":136,"imageIndex":12},{"imageOffset":7740,"symbol":"thread_start","symbolLocation":8,"imageIndex":12}]},{"id":1311189,"frames":[{"imageOffset":7720,"symbol":"start_wqthread","symbolLocation":0,"imageIndex":12}],"threadState":{"x":[{"value":6159282176},{"value":22547},{"value":6158745600},{"value":0},{"value":409602},{"value":18446744073709551615},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0}],"flavor":"ARM_THREAD_STATE64","lr":{"value":0},"cpsr":{"value":4096},"fp":{"value":0},"sp":{"value":6159282176},"esr":{"value":1442840704,"description":" Address size fault"},"pc":{"value":6587731496},"far":{"value":0}}},{"id":1311681,"frames":[{"imageOffset":7720,"symbol":"start_wqthread","symbolLocation":0,"imageIndex":12}],"threadState":{"x":[{"value":6158708736},{"value":4931},{"value":6158172160},{"value":6158707584},{"value":5193730},{"value":1},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0}],"flavor":"ARM_THREAD_STATE64","lr":{"value":0},"cpsr":{"value":4096},"fp":{"value":0},"sp":{"value":6158707568},"esr":{"value":1442840704,"description":" Address size fault"},"pc":{"value":6587731496},"far":{"value":0}}},{"id":1311682,"frames":[{"imageOffset":7720,"symbol":"start_wqthread","symbolLocation":0,"imageIndex":12}],"threadState":{"x":[{"value":6159855616},{"value":49923},{"value":6159319040},{"value":0},{"value":409602},{"value":18446744073709551615},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0},{"value":0}],"flavor":"ARM_THREAD_STATE64","lr":{"value":0},"cpsr":{"value":4096},"fp":{"value":0},"sp":{"value":6159855616},"esr":{"value":1442840704,"description":" Address size fault"},"pc":{"value":6587731496},"far":{"value":0}}}],
  "usedImages" : [
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 4370235392,
    "CFBundleShortVersionString" : "1.0",
    "CFBundleIdentifier" : "com.apple.icloud.drive.fileprovider.override",
    "size" : 16384,
    "uuid" : "65e23bdd-17f1-3764-b85f-e4c9abfcfde1",
    "path" : "\/System\/Library\/Frameworks\/FileProvider.framework\/OverrideBundles\/iCloudDriveFileProviderOverride.bundle\/Contents\/MacOS\/iCloudDriveFileProviderOverride",
    "name" : "iCloudDriveFileProviderOverride",
    "CFBundleVersion" : "2461.80.8"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 4369956864,
    "CFBundleShortVersionString" : "14.3",
    "CFBundleIdentifier" : "com.apple.findersync.fileprovideroverride.FinderSyncCollaborationFileProviderOverride",
    "size" : 131072,
    "uuid" : "aca2524a-0d34-344d-adf2-084c35ca6499",
    "path" : "\/System\/Library\/Frameworks\/FileProvider.framework\/OverrideBundles\/FinderSyncCollaborationFileProviderOverride.bundle\/Contents\/MacOS\/FinderSyncCollaborationFileProviderOverride",
    "name" : "FinderSyncCollaborationFileProviderOverride",
    "CFBundleVersion" : "1630.3.1"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 4369858560,
    "CFBundleShortVersionString" : "1703.80.16",
    "CFBundleIdentifier" : "com.apple.FileProviderOverride",
    "size" : 32768,
    "uuid" : "00f87e11-2be8-3a69-af66-d5cab347d31b",
    "path" : "\/System\/Library\/Frameworks\/FileProvider.framework\/OverrideBundles\/FileProviderOverride.bundle\/Contents\/MacOS\/FileProviderOverride",
    "name" : "FileProviderOverride",
    "CFBundleVersion" : "1703.80.16"
  },
  {
    "source" : "P",
    "arch" : "arm64",
    "base" : 4308729856,
    "CFBundleShortVersionString" : "2.29.5374",
    "CFBundleIdentifier" : "org.mozc.inputmethod.Japanese",
    "size" : 6488064,
    "uuid" : "d69f717e-5c2e-3105-8cd3-ddd9eb611dcc",
    "path" : "\/Library\/Input Methods\/Mozc.app\/Contents\/MacOS\/Mozc",
    "name" : "Mozc",
    "CFBundleVersion" : "2.29.5374.101"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6583730176,
    "size" : 323553,
    "uuid" : "375f98a8-1d18-3da7-92a3-b7964847b03a",
    "path" : "\/usr\/lib\/libobjc.A.dylib",
    "name" : "libobjc.A.dylib"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 7424356352,
    "CFBundleShortVersionString" : "1.2",
    "CFBundleIdentifier" : "com.apple.InputMethodKit",
    "size" : 1196032,
    "uuid" : "172d6be6-1ac7-37f5-812a-a329448c1fac",
    "path" : "\/System\/Library\/Frameworks\/InputMethodKit.framework\/Versions\/A\/InputMethodKit",
    "name" : "InputMethodKit",
    "CFBundleVersion" : "506"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6588145664,
    "CFBundleShortVersionString" : "6.9",
    "CFBundleIdentifier" : "com.apple.CoreFoundation",
    "size" : 5079040,
    "uuid" : "6030a572-b731-3f46-b3a0-2598fbb98c9a",
    "path" : "\/System\/Library\/Frameworks\/CoreFoundation.framework\/Versions\/A\/CoreFoundation",
    "name" : "CoreFoundation",
    "CFBundleVersion" : "2303"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6762291200,
    "CFBundleShortVersionString" : "2.1.1",
    "CFBundleIdentifier" : "com.apple.HIToolbox",
    "size" : 2883584,
    "uuid" : "db8a8b63-7bfb-384b-b0a9-c124675fbb39",
    "path" : "\/System\/Library\/Frameworks\/Carbon.framework\/Versions\/A\/Frameworks\/HIToolbox.framework\/Versions\/A\/HIToolbox",
    "name" : "HIToolbox"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6647001088,
    "CFBundleShortVersionString" : "6.9",
    "CFBundleIdentifier" : "com.apple.AppKit",
    "size" : 20103168,
    "uuid" : "873e5da0-bc01-399b-bf60-4066922d6a17",
    "path" : "\/System\/Library\/Frameworks\/AppKit.framework\/Versions\/C\/AppKit",
    "name" : "AppKit",
    "CFBundleVersion" : "2487.40.107"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6584053760,
    "size" : 607112,
    "uuid" : "50746901-db0e-39a0-b391-baaa6b82ad0f",
    "path" : "\/usr\/lib\/dyld",
    "name" : "dyld"
  },
  {
    "size" : 0,
    "source" : "A",
    "base" : 0,
    "uuid" : "00000000-0000-0000-0000-000000000000"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6587482112,
    "size" : 241664,
    "uuid" : "a7228b5d-53c7-3fe9-84e4-2a8c04dcf051",
    "path" : "\/usr\/lib\/system\/libsystem_kernel.dylib",
    "name" : "libsystem_kernel.dylib"
  },
  {
    "source" : "P",
    "arch" : "arm64e",
    "base" : 6587723776,
    "size" : 53236,
    "uuid" : "449bbad3-f7ef-371d-9a59-fd4ffa78289b",
    "path" : "\/usr\/lib\/system\/libsystem_pthread.dylib",
    "name" : "libsystem_pthread.dylib"
  }
],
  "sharedCache" : {
  "base" : 6583304192,
  "size" : 4065345536,
  "uuid" : "c32b200e-cf99-3583-bc9f-b7fb11382e8f"
},
  "vmSummary" : "ReadOnly portion of Libraries: Total=1.2G resident=0K(0%) swapped_out_or_unallocated=1.2G(100%)\nWritable regions: Total=303.1M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=303.1M(100%)\n\n                                VIRTUAL   REGION \nREGION TYPE                        SIZE    COUNT (non-coalesced) \n===========                     =======  ======= \nActivity Tracing                   256K        1 \nColorSync                          544K       25 \nCoreGraphics                        32K        2 \nDispatch continuations            80.0M        1 \nKernel Alloc Once                   32K        1 \nMALLOC                           211.2M       32 \nMALLOC guard page                  192K       12 \nSTACK GUARD                       56.1M        5 \nStack                             10.1M        5 \nVM_ALLOCATE                        864K        7 \n__AUTH                            1083K      236 \n__AUTH_CONST                      18.2M      413 \n__CTF                               824        1 \n__DATA                            4390K      405 \n__DATA_CONST                      20.4M      421 \n__DATA_DIRTY                      1097K      137 \n__FONT_DATA                          4K        1 \n__LINKEDIT                       903.4M        5 \n__OBJC_RO                         71.2M        1 \n__OBJC_RW                         2171K        1 \n__TEXT                           370.8M      436 \ndyld private memory                656K        4 \nmapped file                      168.8M       16 \nshared memory                      848K       13 \n===========                     =======  ======= \nTOTAL                              1.9G     2181 \n",
  "legacyInfo" : {
  "threadTriggered" : {
    "queue" : "com.apple.main-thread"
  }
},
  "logWritingSignature" : "348a8e59b4e61c4cdd8c96dce13958f742986da2",
  "trialInfo" : {
  "rollouts" : [
    {
      "rolloutId" : "654439cdafbf5b61207873a9",
      "factorPackIds" : {

      },
      "deploymentId" : 240000004
    },
    {
      "rolloutId" : "6246d6a916a70b047e454124",
      "factorPackIds" : {

      },
      "deploymentId" : 240000010
    }
  ],
  "experiments" : [

  ]
}
}

hiroyuki-komatsu commented 4 months ago

Hi kahunsyo,

Thank you for the report with logs. It's very helpful for investigations.

Looking at the log, the crash happens in src/mac/GoogleJapaneseInputController.mm. We have been investigating the issue.

Best,

hiroyuki-komatsu commented 2 months ago

Hi kahunsyo,

I tried to reproduce the issue, but this issue doesn't happen in my environment (M1 Mac Mini).

Would you confirm if this issue still happens with the latest version, and also following things?

Host application (e.g. Chrome)
Keymap of the configuration (e.g. Kotoeri, MS-IME, etc)
Whether this happens with the default configurations.

It'd be great if screen records are available. Thank you,

kahunsyo commented 2 months ago

Hi, hiroyuki-komatsu!

I missed precise steps and my settings.

I tried to uninstall mozc with UninstallMozc.app and remove ~/Library/Application Support/Mozc, then reboot.

After that, I reinstalled Mozc with Mozc-arm64.zip in the commit 83641d9.

The crash still happens.

I found that when I convert a string of - and digits less than three, crashes occur.

If I create a segment of string in question, crashes occur too.

Below steps are precise step and another step.

Precise step

Reinstall Mozc and reset settings.
Change Keymap style to MS-IME.
Type −１２３　with IME and convert it to half-width alpanumeric (default F10, Convert to half-width alphanumeric).

Crashes did't occur in Kotoeri, because F10 submits Replace to half ascill.

When I submitted Convert to full-width alphanumeric instead of Convert to half-width alphanumeric, creashes occured too.

New situation: extending segment

Reinstall Mozc and reset settings.
Type −１２３ with IME and press Space to entry converting.
You'll find that a segment contains only -, so extend the segment with Shift + Right Arrow
However, the segment extending to ３, crash will occur

The video shows this. The crash occurs around 0:30.

https://github.com/google/mozc/assets/81274957/b35915cc-a7ec-4ceb-b4eb-11accfba1c9d

Thank you,

kahunsyo commented 2 months ago

I forgot answering your questions.

Host application (e.g. Chrome)

May be all. I tried with Chrome, Edge, Spotlight, TextEdit, VScode, etc...

Keymap of the configuration (e.g. Kotoeri, MS-IME, etc)

MS-IME or custom (mentioned above)

Whether this happens with the default configurations.

Yes, default with MS-IME (mentioned above)

hiroyuki-komatsu commented 2 months ago

Thank you so much for your detailed information with the screen record. They are very helpful for the investigations.

I have succeeded to reproduce this issue. I'm creating a patch to fix it.

Best,

hiroyuki-komatsu commented 1 month ago

Hi kahunsyo,

ba8751c is the fix of this issue. Would you confirm if it works on your environment?

FYI. From your information, we have found some related issues.

The issue happened only in debug builds.
Packages in GitHub Actions were built as a debug build.
Negative three digit values were treated as four digit values (e.g. "-123" vs "1234").
Prolonged sound mark (ー, 長音) was treated as a number.

We have addressed / will address those issues too. Thank you,

kahunsyo commented 1 month ago

Thank you so much for your commit.

I tried in my mac. It works correctly.

Thank you,

google / mozc

Converting a string of `-` and digits less than three to half-width causes crashes #878

Description

Steps to reproduce

Expected behavior

Actual behavior

Version or commit-id

Environment

Investigations

Precise step

New situation: extending segment