fix(SquirrelInputController): boundary check to prevent crash by ecstasoy · Pull Request #1044 · rime/squirrel

ecstasoy · 2025-07-03T05:26:57Z

Make sure candidatePreview is trimmed only when it is legal
Fallback to empty string when pulling out the switcher with caption as preedit text

This seems to solve the problem mentioned in #1041

sources/SquirrelInputController.swift

ecstasoy · 2025-07-06T00:13:16Z

关于 #1045 ：

此前的代码中：

squirrel/sources/SquirrelInputController.swift

Line 471 in ea6720a

    
           candidatePreview = String(candidatePreview[..<candidatePreview.index(candidatePreview.endIndex, offsetBy: -max(0, preedit.distance(from: end, to: preedit.endIndex)))])

和我之前的commit：
https://github.com/ecstasoy/squirrel/blob/b20aea24f843899fff5bc83372cacffddd818573/sources/SquirrelInputController.swift#L472

self	Squirrel.SquirrelInputController	0x000000012f6049d0
status	RimeStatus_stdbool	
ctx	RimeContext_stdbool	
preedit	String	",‸"	
start	String.Index	1[utf8]	
end	String.Index	1[utf8]	
caretPos	String.Index	1[utf8]	
candidatePreview	String	""	
trimCount	Int	1

这里会出问题：

squirrel/sources/SquirrelInputController.swift

Line 474 in ea6720a

    
           selRange: NSRange(location: start.utf16Offset(in: candidatePreview), length: candidatePreview.utf16.distance(from: start, to: candidatePreview.endIndex)),

修改后：

self	Squirrel.SquirrelInputController	0x000000012d21f7c0
status	RimeStatus_stdbool	
ctx	RimeContext_stdbool	
preedit	String	",‸"	
start	String.Index	1[utf8]	
end	String.Index	1[utf8]	
caretPos	String.Index	1[utf8]	
candidatePreview	String	","	
trimCount	Int	0

此时符号能正常作为candidate和preedit同时出现并且不会崩溃

ecstasoy · 2025-07-06T00:17:08Z

UPDATE: 编译测试一切正常且 #1041 #1045 中所述问题不再能复现。

- make sure candidatePreview is trimmed only when it is legal - add clamped() util function to clamp out-of-bounds values - prevent index out-of-bounds when candidatePreview is empty

lotem · 2025-07-07T13:32:39Z

觀察輸入，原先的算法似乎不會導致越界錯誤。

我重現了崩潰，但崩潰的不是鼠鬚管，而是 Chrome。
崩潰步驟是鍵入拼音後，左移光標到輸入碼開始位置。
方案選單沒有發生崩潰。
而其他應用裏也沒有問題。

這個 PR 的改法是讓鼠鬚管無法發出導致錯誤的消息，從而規避問題。
因此要把原本光標在預覽輸入串中移動的功能廢除了。
那還不如關閉相關配置項，也可規避問題。

lotem · 2025-07-07T13:53:27Z

关于 #1045 ：

此前的代码中：

squirrel/sources/SquirrelInputController.swift

Line 471 in ea6720a

candidatePreview = String(candidatePreview[..<candidatePreview.index(candidatePreview.endIndex, offsetBy: -max(0, preedit.distance(from: end, to: preedit.endIndex)))])

和我之前的commit：
https://github.com/ecstasoy/squirrel/blob/b20aea24f843899fff5bc83372cacffddd818573/sources/SquirrelInputController.swift#L472
self	Squirrel.SquirrelInputController	0x000000012f6049d0
status	RimeStatus_stdbool	
ctx	RimeContext_stdbool	
preedit	String	",‸"	
start	String.Index	1[utf8]	
end	String.Index	1[utf8]	
caretPos	String.Index	1[utf8]	
candidatePreview	String	""	
trimCount	Int	1
这里会出问题：

squirrel/sources/SquirrelInputController.swift

Line 474 in ea6720a

selRange: NSRange(location: start.utf16Offset(in: candidatePreview), length: candidatePreview.utf16.distance(from: start, to: candidatePreview.endIndex)),

修改后：
self	Squirrel.SquirrelInputController	0x000000012d21f7c0
status	RimeStatus_stdbool	
ctx	RimeContext_stdbool	
preedit	String	",‸"	
start	String.Index	1[utf8]	
end	String.Index	1[utf8]	
caretPos	String.Index	1[utf8]	
candidatePreview	String	","	
trimCount	Int	0
此时符号能正常作为candidate和preedit同时出现并且不会崩溃

This case seems to be a bug. I'll keep looking into it.

ecstasoy · 2025-07-07T14:13:33Z

觀察輸入，原先的算法似乎不會導致越界錯誤。

我重現了崩潰，但崩潰的不是鼠鬚管，而是 Chrome。崩潰步驟是鍵入拼音後，左移光標到輸入碼開始位置。方案選單沒有發生崩潰。而其他應用裏也沒有問題。

這個 PR 的改法是讓鼠鬚管無法發出導致錯誤的消息，從而規避問題。因此要把原本光標在預覽輸入串中移動的功能廢除了。那還不如關閉相關配置項，也可規避問題。

这个确信是另一个问题，当inline_preedit和inline_candidate都是true的时候show()中的caretPos计算会产生负数，我之前说clamped可能还有用处就是这里，您可以再看看。

[DEBUG] rimeUpdate:
  preedit: 'ce ui' (length: 5)
  composition - sel_start: 0, sel_end: 5, cursor_pos: 0
  converted positions - start: 0, end: 5, caretPos: 0
  inline settings - inlineCandidate: true, inlinePreedit: true
  candidatePreview: '测试' (length: 2)
  Branch: inlinePreedit = true
    will append suffix: false
    final candidatePreview: '测试'
    final selRange: location=0, length=2
    caret calculation: rawOffset=5, clampedOffset=2, rawCaretPos=-3, caretPos=0

lotem · 2025-07-07T14:27:38Z

之前的測試方法不對，
設置爲

patch:
  style/inline_preedit: false
  style/inline_candidate: true

可以重現崩潰。

lotem · 2025-07-07T14:56:42Z

不如擇期重新實現吧。
這塊邏輯太複雜了，不可控。

我沒想到 LEO 老師會做這麼複雜的功能，如果給 librime 多加接口，做起來應該會容易些。

LEOYoon-Tsaw · 2025-07-07T18:47:28Z

不如擇期重新實現吧。

這塊邏輯太複雜了，不可控。

我沒想到 LEO 老師會做這麼複雜的功能，如果給 librime 多加接口，做起來應該會容易些。

我想的是任何開關都可以任意組合，確實由librime來實現會好得多，前端就做展示，不做複雜邏輯

ecstasoy · 2025-07-07T21:24:14Z

崩溃的问题还是要尽快解决的

This reverts commit 58f42e6.

When inlineCandidate = true and inlinePreedit = false Control + grave result in crash Fix rime#1041

LEOYoon-Tsaw · 2025-07-10T02:07:02Z

Let's focus on the bug #1041 itself, don't make other changes.

LEOYoon-Tsaw · 2025-07-10T14:29:27Z

Potentially fixed #1040, #1045

ecstasoy · 2025-07-10T22:14:48Z

Potentially fixed #1040, #1045

#1045 似乎并没有解决。我开了新的PR，您可以看看

lotem · 2025-07-12T10:00:08Z

前端就做展示，不做複雜邏輯

R²ime ?

LEOYoon-Tsaw · 2025-07-12T15:19:16Z

前端就做展示，不做複雜邏輯

R²ime ?

一開始只是順手把這個組合實現了，沒想到還有不少人真的用，那確實可以mark一下，雖然不知道R²ime排期到哪年了😂

lotem requested a review from LEOYoon-Tsaw July 3, 2025 07:05

lotem reviewed Jul 3, 2025

View reviewed changes

sources/SquirrelInputController.swift Outdated Show resolved Hide resolved

ecstasoy changed the title ~~fix(SquirrelInputController): boundary check for inlinePreedit~~ fix(SquirrelInputController): boundary check to prevent crash Jul 3, 2025

lotem reviewed Jul 5, 2025

View reviewed changes

sources/SquirrelInputController.swift Outdated Show resolved Hide resolved

ecstasoy force-pushed the fix/inline-crash branch from b20aea2 to d66e20b Compare July 6, 2025 04:42

fix(SquirrelInputController): boundary check to prevent crash

58f42e6

- make sure candidatePreview is trimmed only when it is legal - add clamped() util function to clamp out-of-bounds values - prevent index out-of-bounds when candidatePreview is empty

ecstasoy force-pushed the fix/inline-crash branch from a751bb2 to 58f42e6 Compare July 6, 2025 09:12

ecstasoy requested a review from lotem July 6, 2025 17:34

lotem closed this Jul 7, 2025

lotem reopened this Jul 7, 2025

LEOYoon-Tsaw added 2 commits July 9, 2025 21:53

Revert "fix(SquirrelInputController): boundary check to prevent crash"

d8d369f

This reverts commit 58f42e6.

Fix range out of bound bug

f4717f8

When inlineCandidate = true and inlinePreedit = false Control + grave result in crash Fix rime#1041

LEOYoon-Tsaw merged commit 1a70873 into rime:master Jul 10, 2025

ecstasoy deleted the fix/inline-crash branch July 10, 2025 03:24

ecstasoy restored the fix/inline-crash branch July 10, 2025 03:24

ecstasoy mentioned this pull request Jul 10, 2025

fix(SquirrelInputController): no offset called on an empty string #1046

Merged

ecstasoy mentioned this pull request Jul 15, 2025

[Bug] 在Chrome的文本框中移动选字光标会导致崩溃 #1047

Closed

2 tasks

Conversation

ecstasoy commented Jul 3, 2025

Uh oh!

Uh oh!

Uh oh!

ecstasoy commented Jul 6, 2025

Uh oh!

ecstasoy commented Jul 6, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

lotem commented Jul 7, 2025

Uh oh!

lotem commented Jul 7, 2025

Uh oh!

ecstasoy commented Jul 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

lotem commented Jul 7, 2025

Uh oh!

lotem commented Jul 7, 2025

Uh oh!

LEOYoon-Tsaw commented Jul 7, 2025

Uh oh!

ecstasoy commented Jul 7, 2025

Uh oh!

LEOYoon-Tsaw commented Jul 10, 2025

Uh oh!

LEOYoon-Tsaw commented Jul 10, 2025

Uh oh!

ecstasoy commented Jul 10, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

lotem commented Jul 12, 2025

Uh oh!

LEOYoon-Tsaw commented Jul 12, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

ecstasoy commented Jul 6, 2025 •

edited

Loading

ecstasoy commented Jul 7, 2025 •

edited

Loading

ecstasoy commented Jul 10, 2025 •

edited

Loading