This happens because JSCClass is keeping a pointer to the JSCContext used when the class is registered, and the context can be destroyed before the class.
Created attachment 370249 [details] Patch
Comment on attachment 370249 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=370249&action=review > Source/JavaScriptCore/API/glib/JSCClass.cpp:346 > - static_cast<GParamFlags>(WEBKIT_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY))); > + static_cast<GParamFlags>(WEBKIT_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY))); Nothing like a good API break to make a change exciting. I think we can get away with this, though.
Committed r245514: <https://trac.webkit.org/changeset/245514>
<rdar://problem/50944708>
(In reply to Michael Catanzaro from comment #2) > Comment on attachment 370249 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=370249&action=review > > > Source/JavaScriptCore/API/glib/JSCClass.cpp:346 > > - static_cast<GParamFlags>(WEBKIT_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY))); > > + static_cast<GParamFlags>(WEBKIT_PARAM_WRITABLE | G_PARAM_CONSTRUCT_ONLY))); > > Nothing like a good API break to make a change exciting. > > I think we can get away with this, though. Well, if people were using the API that allows registering JS classes in the wild, we would have had a bug report for this much earlier. So not many people are using this *for now*, and I also think this change won't bite anybody ;-]