122501 – Dynamically generated JSExport protocols added to a class results in a crash

Bug 122501 - Dynamically generated JSExport protocols added to a class results in a crash

Summary: Dynamically generated JSExport protocols added to a class results in a crash

Status:	UNCONFIRMED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Mac OS X 10.8

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2013-10-08 02:21 PDT by Axel Katerbau
Modified:	2013-10-09 02:29 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Corresponding Xcode project (36.01 KB, application/zip) 2013-10-08 02:42 PDT, Axel Katerbau	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Axel Katerbau 2013-10-08 02:21:52 PDT

While the JSExport subprotocol method for exposing methods to JSC works fine when written in Code (as in the examples in Apple's docs), programmatically at runtime generated and added such protocols crash the JSC cocoa bridge.

Run this code to see the crash (I use Xcode 5 release with iOS7 SDK).

@import JavaScriptCore;
@import ObjectiveC;

int main(int argc, char * argv[]) {
    @autoreleasepool {
        JSContext *context = [[JSContext alloc] init];
        Protocol *dynProtocol = objc_allocateProtocol("NSStringJSExport");
        Protocol *jsExportProtocol = @protocol(JSExport);
        protocol_addProtocol(dynProtocol, jsExportProtocol);
        Method method = class_getInstanceMethod([NSString class], @selector(boolValue));
        protocol_addMethodDescription(dynProtocol, @selector(boolValue), method_getTypeEncoding(method), YES, YES);
        //        protocol_addMethodDescription(dynProtocol, @selector(boolValue), "@:", YES, YES); // <-- also crashes
        //        protocol_addMethodDescription(dynProtocol, @selector(boolValue), "B@:", YES, YES); // <-- also crashes
        objc_registerProtocol(dynProtocol);
        class_addProtocol([NSString class], dynProtocol);
        
        context[@"NSString"] = [NSString class]; // <-- crashes here in parseObjCType
        context[@"myString"] = @"YES";
        JSValue *value = [context evaluateScript:@"myResult = myString.boolValue()"];
        NSLog(@"Result = %@", value);
    }
}

Comment 1 Axel Katerbau 2013-10-08 02:42:37 PDT

Created attachment 213680 [details]
Corresponding Xcode project

Comment 2 Axel Katerbau 2013-10-08 03:05:35 PDT

Version used might be:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9) AppleWebKit/537.71 (KHTML, like Gecko) Version/7.0 Safari/537.71

Comment 3 Radar WebKit Bug Importer 2013-10-09 02:29:44 PDT

<rdar://problem/15184814>