[webkit-dev] [JavaScriptCore] Is property attribute ReadOnly working as intended here?

Alexei Sholik alcosholik at gmail.com
Mon Dec 2 07:51:06 PST 2013 

Hi,

Sorry if I'm writing to a wrong list. I'm not a subscriber, just got a
question I'd like to clarify with JavaScriptCore gurus.

I'm writing a JS binding for an existing class hierarchy and I'm trying to
set up a working inheritance model that would allow to extend classes
exported from C++ in JavaScript.

I have a problem with shadowing a prototype's readonly property. Here's a
minimal code sample:

JSStaticFunction sceneFuns[] = {
    { "ctor", Scene_ctor, kJSPropertyAttributeReadOnly |
kJSPropertyAttributeDontDelete },
    {0, 0, 0}
};

// I don't think nodeClass is relevant here, but I left it in to stay as
close
// to the original code as possible
JSClassDefinition classdef = {
    .version = 0,
    .attributes = kJSClassAttributeNone,
    .className = "Scene",
    .parentClass = nodeClass.jsclass,
    .staticValues = NULL,
    .staticFunctions = sceneFuns,
    .callAsConstructor = NULL,
};
JSClassRef jsclass = JSClassCreate(&classdef);
JSObjectRef sceneClassObj = JSObjectMake(ctx, jsclass, NULL);

//
// Then, inside a callback called from JavaScript as "this.newPrototype()":
//

JSValueRef jsCallback(...)
{
    // The class is intentionally left NULL here. We don't want to create a
separate JSClassRef
    // for every subclass created in JavaScript code
    JSObjectRef newClassObj = JSObjectMake(ctx, NULL, NULL);

    JSObjectSetPrototype(ctx, newClassObj, sceneClassObj);    // <---
offending line
    return newClassObj;
}

After executing JS code like this "var proto = this.newPrototype();
proto.ctor = ...", the value of "ctor" does not change. If I comment out
the offending line (marked in the code above), it becomes possible to
override it.

This behaviour is surprising me. To my knowledge, an object's prototype is
consulted when a property is not found on the object itself. Any new
property is written to the object, never its prototype. So I was expecting
to add the "ctor" property on "newClassObj" directly and shadow the
prototype's read-only "ctor", but it seems that either the property is set
on the object's prototype (and the ReadOnly attribute makes it a no-op) or
the ReadOnly attribute contaminates the object itself.

Perhaps I'm misunderstanding the role of prototypes in JavaScriptCore.
Could anyone help clear out the confusion for me?

Thanks!

-- 
Best regards
Alexei Sholik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-dev/attachments/20131202/8e4f7e87/attachment.html>

More information about the webkit-dev mailing list