Experimental: periodic merge of the bleeding_edge branch to the...

src/runtime.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 136 matching lines @@
   // which we should not have access to.
   Handle<Context> context =
       Handle<Context>(JSFunction::GlobalContextFromLiterals(*literals));
 
   bool is_result_from_cache;
   Handle<Map> map = ComputeObjectLiteralMap(context,
                                             constant_properties,
                                             &is_result_from_cache);
 
   Handle<JSObject> boilerplate = Factory::NewJSObjectFromMap(map);
-  {  // Add the constant propeties to the boilerplate.
+  {  // Add the constant properties to the boilerplate.
     int length = constant_properties->length();
     OptimizedObjectForAddingMultipleProperties opt(boilerplate,
                                                    !is_result_from_cache);
     for (int index = 0; index < length; index +=2) {
       Handle<Object> key(constant_properties->get(index+0));
       Handle<Object> value(constant_properties->get(index+1));
+      Handle<Object> result;
       uint32_t element_index = 0;
       if (key->IsSymbol()) {
         // If key is a symbol it is not an array element.
         Handle<String> name(String::cast(*key));
         ASSERT(!name->AsArrayIndex(&element_index));
-        SetProperty(boilerplate, name, value, NONE);
+        result = SetProperty(boilerplate, name, value, NONE);
       } else if (Array::IndexFromObject(*key, &element_index)) {
         // Array index (uint32).
-        SetElement(boilerplate, element_index, value);
+        result = SetElement(boilerplate, element_index, value);
       } else {
         // Non-uint32 number.
         ASSERT(key->IsNumber());
         double num = key->Number();
         char arr[100];
         Vector<char> buffer(arr, ARRAY_SIZE(arr));
         const char* str = DoubleToCString(num, buffer);
         Handle<String> name = Factory::NewStringFromAscii(CStrVector(str));
-        SetProperty(boilerplate, name, value, NONE);
+        result = SetProperty(boilerplate, name, value, NONE);
       }
+      // If setting the property on the boilerplate throws an
+      // exception, the exception is converted to an empty handle in
+      // the handle based operations.  In that case, we need to
+      // convert back to an exception.
+      if (result.is_null()) return Failure::Exception();
     }
   }
 
   // Update the functions literal and return the boilerplate.
   literals->set(literals_index, *boilerplate);
 
   return *boilerplate;
 }
 
 
@@ skipping 15 matching lines @@
   // Copy the elements.
   Object* content = elements->Copy();
   if (content->IsFailure()) return content;
 
   // Set the elements.
   JSArray::cast(object)->SetContent(FixedArray::cast(content));
   return object;
 }
 
 
+static Object* Runtime_CreateCatchExtensionObject(Arguments args) {
+  ASSERT(args.length() == 2);
+  CONVERT_CHECKED(String, key, args[0]);
+  Object* value = args[1];
+  // Create a catch context extension object.
+  JSFunction* constructor =
+      Top::context()->global_context()->context_extension_function();
+  Object* object = Heap::AllocateJSObject(constructor);
+  if (object->IsFailure()) return object;
+  // Assign the exception value to the catch variable and make sure
+  // that the catch variable is DontDelete.
+  value = JSObject::cast(object)->SetProperty(key, value, DONT_DELETE);
+  if (value->IsFailure()) return value;
+  return object;
+}
+
+
 static Object* Runtime_ClassOf(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
   Object* obj = args[0];
   if (!obj->IsJSObject()) return Heap::null_value();
   return JSObject::cast(obj)->class_name();
 }
 
 
 static Object* Runtime_HasStringClass(Arguments args) {
@@ skipping 108 matching lines @@
   } else {
     RUNTIME_ASSERT(offset < ObjectTemplateInfo::kSize);
   }
   return *HeapObject::RawField(templ, offset);
 }
 
 
 static Object* Runtime_DisableAccessChecks(Arguments args) {
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(HeapObject, object, args[0]);
-  bool needs_access_checks = object->map()->is_access_check_needed();
-  object->map()->set_is_access_check_needed(false);
+  Map* old_map = object->map();
+  bool needs_access_checks = old_map->is_access_check_needed();
+  if (needs_access_checks) {
+    // Copy map so it won't interfere constructor's initial map.
+    Object* new_map = old_map->CopyDropTransitions();
+    if (new_map->IsFailure()) return new_map;
+
+    Map::cast(new_map)->set_is_access_check_needed(false);
+    object->set_map(Map::cast(new_map));
+  }
   return needs_access_checks ? Heap::true_value() : Heap::false_value();
 }
 
 
 static Object* Runtime_EnableAccessChecks(Arguments args) {
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(HeapObject, object, args[0]);
-  object->map()->set_is_access_check_needed(true);
+  Map* old_map = object->map();
+  if (!old_map->is_access_check_needed()) {
+    // Copy map so it won't interfere constructor's initial map.
+    Object* new_map = old_map->CopyDropTransitions();
+    if (new_map->IsFailure()) return new_map;
+
+    Map::cast(new_map)->set_is_access_check_needed(true);
+    object->set_map(Map::cast(new_map));
+  }
   return Heap::undefined_value();
 }
 
 
 static Object* ThrowRedeclarationError(const char* type, Handle<String> name) {
   HandleScope scope;
   Handle<Object> type_handle = Factory::NewStringFromAscii(CStrVector(type));
   Handle<Object> args[2] = { type_handle, name };
   Handle<Object> error =
       Factory::NewTypeError("redeclaration", HandleVector(args, 2));
@@ skipping 352 matching lines @@
   Handle<Object> value(args[0]);
   ASSERT(!value->IsTheHole());
   CONVERT_ARG_CHECKED(Context, context, 1);
   Handle<String> name(String::cast(args[2]));
 
   // Initializations are always done in the function context.
   context = Handle<Context>(context->fcontext());
 
   int index;
   PropertyAttributes attributes;
-  ContextLookupFlags flags = DONT_FOLLOW_CHAINS;
+  ContextLookupFlags flags = FOLLOW_CHAINS;
   Handle<Object> holder =
       context->Lookup(name, flags, &index, &attributes);
 
-  // The property should always be present. It is always declared
-  // before being initialized through DeclareContextSlot.
-  ASSERT(attributes != ABSENT && (attributes & READ_ONLY) != 0);
-
-  // If the slot is in the context, we set it but only if it hasn't
-  // been set before.
+  // In most situations, the property introduced by the const
+  // declaration should be present in the context extension object.
+  // However, because declaration and initialization are separate, the
+  // property might have been deleted (if it was introduced by eval)
+  // before we reach the initialization point.
+  //
+  // Example:
+  //
+  //    function f() { eval("delete x; const x;"); }
+  //
+  // In that case, the initialization behaves like a normal assignment
+  // to property 'x'.
   if (index >= 0) {
-    // The constant context slot should always be in the function
-    // context; not in any outer context nor in the arguments object.
-    ASSERT(holder.is_identical_to(context));
-    if (context->get(index)->IsTheHole()) {
-      context->set(index, *value);
+    // Property was found in a context.
+    if (holder->IsContext()) {
+      // The holder cannot be the function context.  If it is, there
+      // should have been a const redeclaration error when declaring
+      // the const property.
+      ASSERT(!holder.is_identical_to(context));
+      if ((attributes & READ_ONLY) == 0) {
+        Handle<Context>::cast(holder)->set(index, *value);
+      }
+    } else {
+      // The holder is an arguments object.
+      ASSERT((attributes & READ_ONLY) == 0);
+      Handle<JSObject>::cast(holder)->SetElement(index, *value);
     }
     return *value;
   }
 
-  // Otherwise, the slot must be in a JS object extension.
-  Handle<JSObject> context_ext(JSObject::cast(*holder));
+  // The property could not be found, we introduce it in the global
+  // context.
+  if (attributes == ABSENT) {
+    Handle<JSObject> global = Handle<JSObject>(Top::context()->global());
+    SetProperty(global, name, value, NONE);
+    return *value;
+  }
 
-  // We must initialize the value only if it wasn't initialized
-  // before, e.g. for const declarations in a loop. The property has
-  // the hole value if it wasn't initialized yet. NOTE: We cannot use
-  // GetProperty() to get the current value as it 'unholes' the value.
-  LookupResult lookup;
-  context_ext->LocalLookupRealNamedProperty(*name, &lookup);
-  ASSERT(lookup.IsProperty());  // the property was declared
-  ASSERT(lookup.IsReadOnly());  // and it was declared as read-only
+  // The property was present in a context extension object.
+  Handle<JSObject> context_ext = Handle<JSObject>::cast(holder);
 
-  PropertyType type = lookup.type();
-  if (type == FIELD) {
-    FixedArray* properties = context_ext->properties();
-    int index = lookup.GetFieldIndex();
-    if (properties->get(index)->IsTheHole()) {
-      properties->set(index, *value);
-    }
-  } else if (type == NORMAL) {
-    Dictionary* dictionary = context_ext->property_dictionary();
-    int entry = lookup.GetDictionaryEntry();
-    if (dictionary->ValueAt(entry)->IsTheHole()) {
-      dictionary->ValueAtPut(entry, *value);
+  if (*context_ext == context->extension()) {
+    // This is the property that was introduced by the const
+    // declaration.  Set it if it hasn't been set before.  NOTE: We
+    // cannot use GetProperty() to get the current value as it
+    // 'unholes' the value.
+    LookupResult lookup;
+    context_ext->LocalLookupRealNamedProperty(*name, &lookup);
+    ASSERT(lookup.IsProperty());  // the property was declared
+    ASSERT(lookup.IsReadOnly());  // and it was declared as read-only
+
+    PropertyType type = lookup.type();
+    if (type == FIELD) {
+      FixedArray* properties = context_ext->properties();
+      int index = lookup.GetFieldIndex();
+      if (properties->get(index)->IsTheHole()) {
+        properties->set(index, *value);
+      }
+    } else if (type == NORMAL) {
+      Dictionary* dictionary = context_ext->property_dictionary();
+      int entry = lookup.GetDictionaryEntry();
+      if (dictionary->ValueAt(entry)->IsTheHole()) {
+        dictionary->ValueAtPut(entry, *value);
+      }
+    } else {
+      // We should not reach here. Any real, named property should be
+      // either a field or a dictionary slot.
+      UNREACHABLE();
     }
   } else {
-    // We should not reach here. Any real, named property should be
-    // either a field or a dictionary slot.
-    UNREACHABLE();
+    // The property was found in a different context extension object.
+    // Set it if it is not a read-only property.
+    if ((attributes & READ_ONLY) == 0) {
+      Handle<Object> set = SetProperty(context_ext, name, value, attributes);
+      // Setting a property might throw an exception.  Exceptions
+      // are converted to empty handles in handle operations.  We
+      // need to convert back to exceptions here.
+      if (set.is_null()) {
+        ASSERT(Top::has_pending_exception());
+        return Failure::Exception();
+      }
+    }
   }
+
   return *value;
 }
 
 
 static Object* Runtime_RegExpExec(Arguments args) {
   HandleScope scope;
   ASSERT(args.length() == 3);
   CONVERT_CHECKED(JSRegExp, raw_regexp, args[0]);
   Handle<JSRegExp> regexp(raw_regexp);
   CONVERT_CHECKED(String, raw_subject, args[1]);
@@ skipping 194 matching lines @@
   return *target;
 }
 
 
 static Object* CharCodeAt(String* subject, Object* index) {
   uint32_t i = 0;
   if (!Array::IndexFromObject(index, &i)) return Heap::nan_value();
   // Flatten the string.  If someone wants to get a char at an index
   // in a cons string, it is likely that more indices will be
   // accessed.
-  subject->TryFlatten(StringShape(subject));
+  subject->TryFlattenIfNotFlat(StringShape(subject));
   StringShape shape(subject);
   if (i >= static_cast<uint32_t>(subject->length(shape))) {
     return Heap::nan_value();
   }
   return Smi::FromInt(subject->Get(shape, i));
 }
 
 
 static Object* Runtime_StringCharCodeAt(Arguments args) {
   NoHandleAllocation ha;
@@ skipping 450 matching lines @@
 
 
 static Object* Runtime_StringLastIndexOf(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 3);
 
   CONVERT_CHECKED(String, sub, args[0]);
   CONVERT_CHECKED(String, pat, args[1]);
   Object* index = args[2];
 
-  sub->TryFlatten(StringShape(sub));
-  pat->TryFlatten(StringShape(pat));
+  sub->TryFlattenIfNotFlat(StringShape(sub));
+  pat->TryFlattenIfNotFlat(StringShape(pat));
 
   StringShape sub_shape(sub);
   StringShape pat_shape(pat);
 
   uint32_t start_index;
   if (!Array::IndexFromObject(index, &start_index)) return Smi::FromInt(-1);
 
   uint32_t pattern_length = pat->length(pat_shape);
   uint32_t sub_length = sub->length(sub_shape);
 
@@ skipping 38 matching lines @@
   }
 
   int end = str1_length < str2_length ? str1_length : str2_length;
 
   // No need to flatten if we are going to find the answer on the first
   // character.  At this point we know there is at least one character
   // in each string, due to the trivial case handling above.
   int d = str1->Get(shape1, 0) - str2->Get(shape2, 0);
   if (d != 0) return Smi::FromInt(d);
 
-  str1->TryFlatten(shape1);  // Shapes are no longer valid now!
-  str2->TryFlatten(shape2);
+  str1->TryFlattenIfNotFlat(shape1);  // Shapes are no longer valid now!
+  str2->TryFlattenIfNotFlat(shape2);
 
   static StringInputBuffer buf1;
   static StringInputBuffer buf2;
 
   buf1.Reset(str1);
   buf2.Reset(str2);
 
   for (int i = 0; i < end; i++) {
     uint16_t char1 = buf1.GetNext();
     uint16_t char2 = buf2.GetNext();
@@ skipping 116 matching lines @@
   DeleteArray(str);
   return res;
 }
 
 
 // Returns a single character string where first character equals
 // string->Get(index).
 static Handle<Object> GetCharAt(Handle<String> string, uint32_t index) {
   StringShape shape(*string);
   if (index < static_cast<uint32_t>(string->length(shape))) {
-    string->TryFlatten(shape);  // Invalidates shape!
+    string->TryFlattenIfNotFlat(shape);  // Invalidates shape!
     return LookupSingleCharacterStringFromCode(
         string->Get(StringShape(*string), index));
   }
   return Execution::CharAt(string, index);
 }
 
 
 Object* Runtime::GetElementOrCharAt(Handle<Object> object, uint32_t index) {
   // Handle [] indexing on Strings
   if (object->IsString()) {
@@ skipping 40 matching lines @@
   if (key->IsString()) {
     name = Handle<String>::cast(key);
   } else {
     bool has_pending_exception = false;
     Handle<Object> converted =
         Execution::ToString(key, &has_pending_exception);
     if (has_pending_exception) return Failure::Exception();
     name = Handle<String>::cast(converted);
   }
 
-  // Check if the name is trivially convertable to an index and get
+  // Check if the name is trivially convertible to an index and get
   // the element if so.
   if (name->AsArrayIndex(&index)) {
     return GetElementOrCharAt(object, index);
   } else {
     PropertyAttributes attr;
     return object->GetProperty(*name, &attr);
   }
 }
 
 
@@ skipping 11 matching lines @@
 
 // KeyedStringGetProperty is called from KeyedLoadIC::GenerateGeneric.
 static Object* Runtime_KeyedGetProperty(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 2);
 
   // Fast cases for getting named properties of the receiver JSObject
   // itself.
   //
   // The global proxy objects has to be excluded since LocalLookup on
-  // the global proxy object can return a valid result eventhough the
+  // the global proxy object can return a valid result even though the
   // global proxy object never has properties.  This is the case
   // because the global proxy object forwards everything to its hidden
   // prototype including local lookups.
   //
   // Additionally, we need to make sure that we do not cache results
   // for objects that require access checks.
   if (args[0]->IsJSObject() &&
       !args[0]->IsJSGlobalProxy() &&
       !args[0]->IsAccessCheckNeeded() &&
       args[1]->IsString()) {
@@ skipping 79 matching lines @@
     return *value;
   }
 
   if (key->IsString()) {
     Handle<Object> result;
     if (Handle<String>::cast(key)->AsArrayIndex(&index)) {
       ASSERT(attr == NONE);
       result = SetElement(js_object, index, value);
     } else {
       Handle<String> key_string = Handle<String>::cast(key);
-      key_string->TryFlatten(StringShape(*key_string));
+      key_string->TryFlattenIfNotFlat(StringShape(*key_string));
       result = SetProperty(js_object, key_string, value, attr);
     }
     if (result.is_null()) return Failure::Exception();
     return *value;
   }
 
   // Call-back into JavaScript to convert the key to a string.
   bool has_pending_exception = false;
   Handle<Object> converted = Execution::ToString(key, &has_pending_exception);
   if (has_pending_exception) return Failure::Exception();
@@ skipping 251 matching lines @@
       // host objects gives that it is okay to return "object"
       return Heap::object_symbol();
   }
 }
 
 
 static Object* Runtime_StringToNumber(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(String, subject, args[0]);
-  subject->TryFlatten(StringShape(subject));
+  subject->TryFlattenIfNotFlat(StringShape(subject));
   return Heap::NumberFromDouble(StringToDouble(subject, ALLOW_HEX));
 }
 
 
 static Object* Runtime_StringFromCharCodeArray(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
 
   CONVERT_CHECKED(JSArray, codes, args[0]);
   int length = Smi::cast(codes->length())->value();
@@ skipping 62 matching lines @@
   return kNotEscaped[character] != 0;
 }
 
 
 static Object* Runtime_URIEscape(Arguments args) {
   const char hex_chars[] = "0123456789ABCDEF";
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(String, source, args[0]);
 
-  source->TryFlatten(StringShape(source));
+  source->TryFlattenIfNotFlat(StringShape(source));
 
   int escaped_length = 0;
   int length = source->length();
   {
     Access<StringInputBuffer> buffer(&string_input_buffer);
     buffer->Reset(source);
     while (buffer->has_more()) {
       uint16_t character = buffer->GetNext();
       if (character >= 256) {
         escaped_length += 6;
@@ skipping 93 matching lines @@
     return character;
   }
 }
 
 
 static Object* Runtime_URIUnescape(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
   CONVERT_CHECKED(String, source, args[0]);
 
-  source->TryFlatten(StringShape(source));
+  source->TryFlattenIfNotFlat(StringShape(source));
   StringShape source_shape(source);
 
   bool ascii = true;
   int length = source->length(source_shape);
 
   int unescaped_length = 0;
   for (int i = 0; i < length; unescaped_length++) {
     int step;
     if (Unescape(source,
                  source_shape,
@@ skipping 28 matching lines @@
 }
 
 
 static Object* Runtime_StringParseInt(Arguments args) {
   NoHandleAllocation ha;
 
   CONVERT_CHECKED(String, s, args[0]);
   CONVERT_DOUBLE_CHECKED(n, args[1]);
   int radix = FastD2I(n);
 
-  s->TryFlatten(StringShape(s));
+  s->TryFlattenIfNotFlat(StringShape(s));
 
   StringShape shape(s);
 
   int len = s->length(shape);
   int i;
 
   // Skip leading white space.
   for (i = 0; i < len && Scanner::kIsWhiteSpace.get(s->Get(shape, i)); i++) ;
   if (i == len) return Heap::nan_value();
 
@@ skipping 52 matching lines @@
 static unibrow::Mapping<unibrow::ToUppercase, 128> to_upper_mapping;
 static unibrow::Mapping<unibrow::ToLowercase, 128> to_lower_mapping;
 
 
 template <class Converter>
 static Object* ConvertCase(Arguments args,
                            unibrow::Mapping<Converter, 128>* mapping) {
   NoHandleAllocation ha;
 
   CONVERT_CHECKED(String, s, args[0]);
-  s->TryFlatten(StringShape(s));
+  s->TryFlattenIfNotFlat(StringShape(s));
   StringShape shape(s);
 
   int raw_string_length = s->length(shape);
   // Assume that the string is not empty; we need this assumption later
   if (raw_string_length == 0) return s;
   int length = raw_string_length;
 
 
   // We try this twice, once with the assumption that the result is
   // no longer than the input and, if that assumption breaks, again
@@ skipping 524 matching lines @@
   int x_value = x->value();
   int y_value = y->value();
 
   // If the integers are equal so are the string representations.
   if (x_value == y_value) return Smi::FromInt(EQUAL);
 
   // If one of the integers are zero the normal integer order is the
   // same as the lexicographic order of the string representations.
   if (x_value == 0 || y_value == 0) return Smi::FromInt(x_value - y_value);
 
-  // If only one of the intergers is negative the negative number is
+  // If only one of the integers is negative the negative number is
   // smallest because the char code of '-' is less than the char code
   // of any digit.  Otherwise, we make both values positive.
   if (x_value < 0 || y_value < 0) {
     if (y_value >= 0) return Smi::FromInt(LESS);
     if (x_value >= 0) return Smi::FromInt(GREATER);
     x_value = -x_value;
     y_value = -y_value;
   }
 
   // Convert the integers to arrays of their decimal digits.
@@ skipping 38 matching lines @@
     if (x->length(x_shape) == 0) return Smi::FromInt(EQUAL);
     return Smi::FromInt(GREATER);
   } else if (x->length(x_shape) == 0) {
     return Smi::FromInt(LESS);
   }
 
   int d = x->Get(x_shape, 0) - y->Get(y_shape, 0);
   if (d < 0) return Smi::FromInt(LESS);
   else if (d > 0) return Smi::FromInt(GREATER);
 
-  x->TryFlatten(x_shape);  // Shapes are no longer valid!
-  y->TryFlatten(y_shape);
+  x->TryFlattenIfNotFlat(x_shape);  // Shapes are no longer valid!
+  y->TryFlattenIfNotFlat(y_shape);
 
   static StringInputBuffer bufx;
   static StringInputBuffer bufy;
   bufx.Reset(x);
   bufy.Reset(y);
   while (bufx.has_more() && bufy.has_more()) {
     int d = bufx.GetNext() - bufy.GetNext();
     if (d < 0) return Smi::FromInt(LESS);
     else if (d > 0) return Smi::FromInt(GREATER);
   }
@@ skipping 257 matching lines @@
 
 
 static Object* Runtime_NewObject(Arguments args) {
   NoHandleAllocation ha;
   ASSERT(args.length() == 1);
 
   Object* constructor = args[0];
   if (constructor->IsJSFunction()) {
     JSFunction* function = JSFunction::cast(constructor);
 
-    // Handle steping into constructors if step into is active.
+    // Handle stepping into constructors if step into is active.
     if (Debug::StepInActive()) {
       HandleScope scope;
       Debug::HandleStepIn(Handle<JSFunction>(function), 0, true);
     }
 
     if (function->has_initial_map() &&
         function->initial_map()->instance_type() == JS_FUNCTION_TYPE) {
       // The 'Function' function ignores the receiver object when
       // called using 'new' and creates a new JSFunction object that
       // is returned.  The receiver object is only used for error
@@ skipping 355 matching lines @@
 static Object* Runtime_DebugBreak(Arguments args) {
   ASSERT(args.length() == 0);
   return Execution::DebugBreakHelper();
 }
 
 
 static Object* Runtime_StackGuard(Arguments args) {
   ASSERT(args.length() == 1);
 
   // First check if this is a real stack overflow.
-  if (StackGuard::IsStackOverflow()) return Runtime_StackOverflow(args);
+  if (StackGuard::IsStackOverflow()) {
+    return Runtime_StackOverflow(args);
+  }
 
   return Execution::HandleStackGuardInterrupt();
 }
 
 
 // NOTE: These PrintXXX functions are defined for all builds (not just
 // DEBUG builds) because we may want to be able to trace function
 // calls in all modes.
 static void PrintString(String* str) {
   // not uncommon to have empty strings
@@ skipping 781 matching lines @@
 }
 
 
 static Object* Runtime_Break(Arguments args) {
   ASSERT(args.length() == 0);
   StackGuard::DebugBreak();
   return Heap::undefined_value();
 }
 
 
-static Object* DebugLookupResultValue(Object* obj, String* name,
-                                      LookupResult* result,
+// Find the length of the prototype chain that is to to handled as one. If a
+// prototype object is hidden it is to be viewed as part of the the object it
+// is prototype for.
+static int LocalPrototypeChainLength(JSObject* obj) {
+  int count = 1;
+  Object* proto = obj->GetPrototype();
+  while (proto->IsJSObject() &&
+         JSObject::cast(proto)->map()->is_hidden_prototype()) {
+    count++;
+    proto = JSObject::cast(proto)->GetPrototype();
+  }
+  return count;
+}
+
+
+static Object* DebugLookupResultValue(Object* receiver, LookupResult* result,
                                       bool* caught_exception) {
+  Object* value;
   switch (result->type()) {
-    case NORMAL:
-    case FIELD:
-    case CONSTANT_FUNCTION:
-      return obj->GetProperty(name);
-    case CALLBACKS: {
-      // Get the property value. If there is an exception it must be thown from
-      // a JavaScript getter.
-      Object* value;
-      value = obj->GetProperty(name);
-      if (value->IsException()) {
-        if (caught_exception != NULL) {
-          *caught_exception = true;
-        }
-        value = Top::pending_exception();
-        Top::optional_reschedule_exception(true);
+    case NORMAL: {
+      Dictionary* dict =
+          JSObject::cast(result->holder())->property_dictionary();
+      value = dict->ValueAt(result->GetDictionaryEntry());
+      if (value->IsTheHole()) {
+        return Heap::undefined_value();
       }
-      ASSERT(!Top::has_pending_exception());
-      ASSERT(!Top::external_caught_exception());
       return value;
     }
+    case FIELD:
+      value =
+          JSObject::cast(
+              result->holder())->FastPropertyAt(result->GetFieldIndex());
+      if (value->IsTheHole()) {
+        return Heap::undefined_value();
+      }
+      return value;
+    case CONSTANT_FUNCTION:
+      return result->GetConstantFunction();
+    case CALLBACKS: {
+      Object* structure = result->GetCallbackObject();
+      if (structure->IsProxy()) {
+        AccessorDescriptor* callback =
+            reinterpret_cast<AccessorDescriptor*>(
+                Proxy::cast(structure)->proxy());
+        value = (callback->getter)(receiver, callback->data);
+        if (value->IsFailure()) {
+          value = Top::pending_exception();
+          Top::clear_pending_exception();
+          if (caught_exception != NULL) {
+            *caught_exception = true;
+          }
+        }
+        return value;
+      } else {
+        return Heap::undefined_value();
+      }
+    }
     case INTERCEPTOR:
-      return obj->GetProperty(name);
     case MAP_TRANSITION:
     case CONSTANT_TRANSITION:
     case NULL_DESCRIPTOR:
       return Heap::undefined_value();
     default:
       UNREACHABLE();
   }
   UNREACHABLE();
   return Heap::undefined_value();
 }
@@ skipping 12 matching lines @@
 // Items 2-4 are only filled if the property has either a getter or a setter
 // defined through __defineGetter__ and/or __defineSetter__.
 static Object* Runtime_DebugGetPropertyDetails(Arguments args) {
   HandleScope scope;
 
   ASSERT(args.length() == 2);
 
   CONVERT_ARG_CHECKED(JSObject, obj, 0);
   CONVERT_ARG_CHECKED(String, name, 1);
 
+  // Skip the global proxy as it has no properties and always delegates to the
+  // real global object.
+  if (obj->IsJSGlobalProxy()) {
+    obj = Handle<JSObject>(JSObject::cast(obj->GetPrototype()));
+  }
+
+
   // Check if the name is trivially convertible to an index and get the element
   // if so.
   uint32_t index;
   if (name->AsArrayIndex(&index)) {
     Handle<FixedArray> details = Factory::NewFixedArray(2);
     details->set(0, Runtime::GetElementOrCharAt(obj, index));
     details->set(1, PropertyDetails(NONE, NORMAL).AsSmi());
     return *Factory::NewJSArrayWithElements(details);
   }
 
-  // Perform standard local lookup on the object.
+  // Find the number of objects making up this.
+  int length = LocalPrototypeChainLength(*obj);
+
+  // Try local lookup on each of the objects.
   LookupResult result;
-  obj->LocalLookup(*name, &result);
+  Handle<JSObject> jsproto = obj;
+  for (int i = 0; i < length; i++) {
+    jsproto->LocalLookup(*name, &result);
+    if (result.IsProperty()) {
+      break;
+    }
+    if (i < length - 1) {
+      jsproto = Handle<JSObject>(JSObject::cast(jsproto->GetPrototype()));
+    }
+  }
+
   if (result.IsProperty()) {
     bool caught_exception = false;
-    Handle<Object> value(DebugLookupResultValue(*obj, *name, &result,
+    Handle<Object> value(DebugLookupResultValue(*obj, &result,
                                                 &caught_exception));
     // If the callback object is a fixed array then it contains JavaScript
     // getter and/or setter.
     bool hasJavaScriptAccessors = result.type() == CALLBACKS &&
                                   result.GetCallbackObject()->IsFixedArray();
     Handle<FixedArray> details =
         Factory::NewFixedArray(hasJavaScriptAccessors ? 5 : 2);
     details->set(0, *value);
     details->set(1, result.GetPropertyDetails().AsSmi());
     if (hasJavaScriptAccessors) {
@@ skipping 13 matching lines @@
   HandleScope scope;
 
   ASSERT(args.length() == 2);
 
   CONVERT_ARG_CHECKED(JSObject, obj, 0);
   CONVERT_ARG_CHECKED(String, name, 1);
 
   LookupResult result;
   obj->Lookup(*name, &result);
   if (result.IsProperty()) {
-    return DebugLookupResultValue(*obj, *name, &result, NULL);
+    return DebugLookupResultValue(*obj, &result, NULL);
   }
   return Heap::undefined_value();
 }
 
 
 // Return the names of the local named properties.
 // args[0]: object
 static Object* Runtime_DebugLocalPropertyNames(Arguments args) {
   HandleScope scope;
   ASSERT(args.length() == 1);
   if (!args[0]->IsJSObject()) {
     return Heap::undefined_value();
   }
   CONVERT_ARG_CHECKED(JSObject, obj, 0);
 
-  int n = obj->NumberOfLocalProperties(static_cast<PropertyAttributes>(NONE));
-  Handle<FixedArray> names = Factory::NewFixedArray(n);
-  obj->GetLocalPropertyNames(*names);
+  // Skip the global proxy as it has no properties and always delegates to the
+  // real global object.
+  if (obj->IsJSGlobalProxy()) {
+    obj = Handle<JSObject>(JSObject::cast(obj->GetPrototype()));
+  }
+
+  // Find the number of objects making up this.
+  int length = LocalPrototypeChainLength(*obj);
+
+  // Find the number of local properties for each of the objects.
+  int* local_property_count = NewArray<int>(length);
+  int total_property_count = 0;
+  Handle<JSObject> jsproto = obj;
+  for (int i = 0; i < length; i++) {
+    int n;
+    n = jsproto->NumberOfLocalProperties(static_cast<PropertyAttributes>(NONE));
+    local_property_count[i] = n;
+    total_property_count += n;
+    if (i < length - 1) {
+      jsproto = Handle<JSObject>(JSObject::cast(jsproto->GetPrototype()));
+    }
+  }
+
+  // Allocate an array with storage for all the property names.
+  Handle<FixedArray> names = Factory::NewFixedArray(total_property_count);
+
+  // Get the property names.
+  jsproto = obj;
+  for (int i = 0; i < length; i++) {
+    jsproto->GetLocalPropertyNames(*names,
+                                   i == 0 ? 0 : local_property_count[i - 1]);
+    if (i < length - 1) {
+      jsproto = Handle<JSObject>(JSObject::cast(jsproto->GetPrototype()));
+    }
+  }
+
+  DeleteArray(local_property_count);
   return *Factory::NewJSArrayWithElements(names);
 }
 
 
 // Return the names of the local indexed properties.
 // args[0]: object
 static Object* Runtime_DebugLocalElementNames(Arguments args) {
   HandleScope scope;
   ASSERT(args.length() == 1);
   if (!args[0]->IsJSObject()) {
@@ skipping 442 matching lines @@
         Handle<SharedFunctionInfo> shared(SharedFunctionInfo::cast(obj));
         if (shared->script() == *script) {
           // If the SharedFunctionInfo found has the requested script data and
           // contains the source position it is a candidate.
           int start_position = shared->function_token_position();
           if (start_position == RelocInfo::kNoPosition) {
             start_position = shared->start_position();
           }
           if (start_position <= position &&
               position <= shared->end_position()) {
-            // If there is no candidate or this function is within the currrent
+            // If there is no candidate or this function is within the current
             // candidate this is the new candidate.
             if (target.is_null()) {
               target_start_position = start_position;
               target = shared;
             } else {
               if (target_start_position < start_position &&
                   shared->end_position() < target->end_position()) {
                 target_start_position = start_position;
                 target = shared;
               }
@@ skipping 197 matching lines @@
   WriteBarrierMode mode = array->GetWriteBarrierMode();
   for (int i = 0; i < length; i++) {
     array->set(i, frame->GetParameter(i), mode);
   }
   arguments->set_elements(*array);
   return arguments;
 }
 
 
 // Evaluate a piece of JavaScript in the context of a stack frame for
-// debugging. This is acomplished by creating a new context which in its
+// debugging. This is accomplished by creating a new context which in its
 // extension part has all the parameters and locals of the function on the
 // stack frame. A function which calls eval with the code to evaluate is then
 // compiled in this context and called in this context. As this context
 // replaces the context of the function on the stack frame a new (empty)
 // function is created as well to be used as the closure for the context.
 // This function and the context acts as replacements for the function on the
 // stack frame presenting the same view of the values of parameters and
 // local variables as if the piece of JavaScript was evaluated at the point
 // where the function on the stack frame is currently stopped.
 static Object* Runtime_DebugEvaluate(Arguments args) {
@@ skipping 90 matching lines @@
   // object build.
   Handle<Context> context =
       Factory::NewFunctionContext(Context::MIN_CONTEXT_SLOTS, go_between);
   context->set_extension(*context_ext);
   // Copy any with contexts present and chain them in front of this context.
   context = CopyWithContextChain(frame_context, context);
 
   // Wrap the evaluation statement in a new function compiled in the newly
   // created context. The function has one parameter which has to be called
   // 'arguments'. This it to have access to what would have been 'arguments' in
-  // the function beeing debugged.
+  // the function being debugged.
   // function(arguments,__source__) {return eval(__source__);}
   static const char* source_str =
       "function(arguments,__source__){return eval(__source__);}";
   static const int source_str_length = strlen(source_str);
   Handle<String> function_source =
       Factory::NewStringFromAscii(Vector<const char>(source_str,
                                                      source_str_length));
   Handle<JSFunction> boilerplate =
       Compiler::CompileEval(function_source, 0, context->IsGlobalContext());
   if (boilerplate.is_null()) return Failure::Exception();
@@ skipping 94 matching lines @@
 
   return count;
 }
 
 
 static Object* Runtime_DebugGetLoadedScripts(Arguments args) {
   HandleScope scope;
   ASSERT(args.length() == 0);
 
   // Perform two GCs to get rid of all unreferenced scripts. The first GC gets
-  // rid of all the cached script wrappes and the second gets rid of the
+  // rid of all the cached script wrappers and the second gets rid of the
   // scripts which is no longer referenced.
   Heap::CollectAllGarbage();
   Heap::CollectAllGarbage();
 
   // Get the number of scripts.
   int count;
   count = DebugGetLoadedScripts(NULL, 0);
 
   // Allocate an array to hold the result.
   Handle<FixedArray> instances = Factory::NewFixedArray(count);
@@ skipping 200 matching lines @@
 
   // Return result as JS array.
   Object* result =
       Heap::AllocateJSObject(
           Top::context()->global_context()->array_function());
   if (!result->IsFailure()) JSArray::cast(result)->SetContent(instances);
   return result;
 }
 
 
-static Object* Runtime_GetPrototype(Arguments args) {
+// Find the effective prototype object as returned by __proto__.
+// args[0]: the object to find the prototype for.
+static Object* Runtime_DebugGetPrototype(Arguments args) {
   ASSERT(args.length() == 1);
 
   CONVERT_CHECKED(JSObject, obj, args[0]);
 
-  return obj->GetPrototype();
+  // Use the __proto__ accessor.
+  return Accessors::ObjectPrototype.getter(obj, NULL);
 }
 
 
 static Object* Runtime_SystemBreak(Arguments args) {
   ASSERT(args.length() == 0);
   CPU::DebugBreak();
   return Heap::undefined_value();
 }
 
 
@@ skipping 153 matching lines @@
   } else {
     // Handle last resort GC and make sure to allow future allocations
     // to grow the heap without causing GCs (if possible).
     Counters::gc_last_resort_from_js.Increment();
     Heap::CollectAllGarbage();
   }
 }
 
 
 } }  // namespace v8::internal