[Webkit-unassigned] [Bug 167708] New: [Cocoa] An exported Objective C class’s constructor doesn’t persist across JSContext deallocation

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Feb 1 13:52:54 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=167708

            Bug ID: 167708
           Summary: [Cocoa] An exported Objective C class’s constructor
                    doesn’t persist across JSContext deallocation
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mitz at webkit.org
                CC: ggaren at apple.com, joepeck at webkit.org

If a class A with an initializer is exported to JavaScriptCore, and its constructor is referenced by a global object in some context, but the JSContext wrapping that context get deallocated, then a new, different constructor is created the next time it’s needed.

To see the problem, build and run this program:

@import JavaScriptCore;
@import Foundation;

@protocol AJSExport <JSExport>
- (instancetype)init;
@end

@interface A : NSObject <AJSExport>
@end

@implementation A
@end

int main(int argc, const char * argv[]) {
    JSGlobalContextRef contextRef;
    @autoreleasepool {
        JSContext *context = [[JSContext alloc] init];
        contextRef = JSGlobalContextRetain(context.JSGlobalContextRef);
        context[@"A"] = A.class;
        NSLog(@"%@", [context evaluateScript:@"new A().constructor === A"]);
    }

    @autoreleasepool {
        JSContext *context = [JSContext contextWithJSGlobalContextRef:contextRef];
        NSLog(@"%@", [context evaluateScript:@"new A().constructor === A"]);
    }

    JSGlobalContextRelease(contextRef);

    return 0;
}

The first NSLog statement logs true, and the second one logs false. It’s expected to log true as well.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170201/3abc220c/attachment-0001.html>

More information about the webkit-unassigned mailing list