Bug 79588 - [[Get]]/[[Put]] for primitives should not wrap on strict accessor call
Summary: [[Get]]/[[Put]] for primitives should not wrap on strict accessor call
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Gavin Barraclough
: 79843 (view as bug list)
Depends on:
Reported: 2012-02-25 17:18 PST by Sam Sneddon [:gsnedders]
Modified: 2012-02-29 15:29 PST (History)
3 users (show)

See Also:

Test cases (2.62 KB, application/x-javascript)
2012-02-25 17:18 PST, Sam Sneddon [:gsnedders]
no flags Details
Fix (17.70 KB, patch)
2012-02-28 17:32 PST, Gavin Barraclough
oliver: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sam Sneddon [:gsnedders] 2012-02-25 17:18:33 PST
Created attachment 128896 [details]
Test cases

See attached TC.

The special [[Get]]/[[Put]] defined in ES5.1 §8.7 calls accessors with the primitive value as thisArg; in the non-strict accessor case §10.4.3 calls ToObject on thisArg before entering the function code, whereas in the strict accessor case thisArg is passed through untouched (i.e., as a primitive).

Currently SM (730632), JSC, and Carakan (CORE-44789) all always wrap, V8 never does (about to be reported).
Comment 1 Gavin Barraclough 2012-02-25 22:17:11 PST
Ugh, yes.  Should be a relatively easy fix, thanks for the bug report!
Comment 2 Gavin Barraclough 2012-02-28 15:36:50 PST
I think there is a second, related bug here.

Following through the spec, the behavior described in this bug arises from how primitives are handled as the bases of references, in section 8.7.  In the case of access to a data property, in strict mode a put should always throw rather than creating a new value on a transient object.
Comment 3 Gavin Barraclough 2012-02-28 17:32:38 PST
Created attachment 129362 [details]
Comment 4 Gavin Barraclough 2012-02-28 17:40:39 PST
Fixed in r109177
Comment 5 Gavin Barraclough 2012-02-29 15:29:30 PST
*** Bug 79843 has been marked as a duplicate of this bug. ***