[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as well.

[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as well.

Hidden prototypes are merely an implementation detail. Properties on an object + hidden prototype should look like properties on the object. Hence we should always perform a hidden prototype lookup. This CL removes the option to ignore hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't have a hidden prototype; or because we knew we (in the optimizing compiler) would only handle properties from the non-hidden object.The first case is already handled by directly tagging whether a receiver has a hidden prototype. In the second case we can just filter out properties from hidden prototypes.

Committed: https://crrev.com/c9a83150e0440b30c4317db4d6cfe70a09557243
Cr-Commit-Position: refs/heads/master@{#36235}

[Toon Verwaest, 2016-05-12 11:32:43]

Description was changed from

==========
Rebase

BUG=
==========

to

==========
[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as
well.

Hidden prototypes are merely an implementation detail. Properties on an object +
hidden prototype should look like properties on the object. Hence we should
always perform a hidden prototype lookup. This CL removes the option to ignore
hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't
have a hidden prototype; or because we knew we (in the optimizing compiler)
would only handle properties from the non-hidden object.The first case is
already handled by directly tagging whether a receiver has a hidden prototype.
In the second case we can just filter out properties from hidden prototypes.
==========

[Toon Verwaest, 2016-05-12 11:35:47]

verwaest@chromium.org changed reviewers:
+ bmeurer@chromium.org, ishell@chromium.org

[Toon Verwaest, 2016-05-12 11:35:47]

bmeurer: ptal compiler
ishell: ptal everything else

[Benedikt Meurer, 2016-05-12 11:36:44]

LGTM on compiler/crankshaft.

[Igor Sheludko, 2016-05-13 08:55:07]

Please check that you don't hit the hidden prototype in case of the
IsJSGlobalObject() in
1) IC::ShouldRecomputeHandler()
2) Genesis::TransferNamedProperties()

[Toon Verwaest, 2016-05-13 10:59:24]

addressed comment. landing.

[Toon Verwaest, 2016-05-13 10:59:51]

The CQ bit was checked by verwaest@chromium.org

[Toon Verwaest, 2016-05-13 10:59:52]

The patchset sent to the CQ was uploaded after l-g-t-m from bmeurer@chromium.org
Link to the patchset: https://codereview.chromium.org/1975763002/#ps20001
(title: "Addressed comment")

[commit-bot: I haz the power, 2016-05-13 11:00:01]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1975763002/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1975763002/20001

[commit-bot: I haz the power, 2016-05-13 11:33:22]

Description was changed from

==========
[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as
well.

Hidden prototypes are merely an implementation detail. Properties on an object +
hidden prototype should look like properties on the object. Hence we should
always perform a hidden prototype lookup. This CL removes the option to ignore
hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't
have a hidden prototype; or because we knew we (in the optimizing compiler)
would only handle properties from the non-hidden object.The first case is
already handled by directly tagging whether a receiver has a hidden prototype.
In the second case we can just filter out properties from hidden prototypes.
==========

to

==========
[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as
well.

Hidden prototypes are merely an implementation detail. Properties on an object +
hidden prototype should look like properties on the object. Hence we should
always perform a hidden prototype lookup. This CL removes the option to ignore
hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't
have a hidden prototype; or because we knew we (in the optimizing compiler)
would only handle properties from the non-hidden object.The first case is
already handled by directly tagging whether a receiver has a hidden prototype.
In the second case we can just filter out properties from hidden prototypes.
==========

[commit-bot: I haz the power, 2016-05-13 11:33:23]

Committed patchset #2 (id:20001)

[commit-bot: I haz the power, 2016-05-13 11:33:42]

Description was changed from

==========
[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as
well.

Hidden prototypes are merely an implementation detail. Properties on an object +
hidden prototype should look like properties on the object. Hence we should
always perform a hidden prototype lookup. This CL removes the option to ignore
hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't
have a hidden prototype; or because we knew we (in the optimizing compiler)
would only handle properties from the non-hidden object.The first case is
already handled by directly tagging whether a receiver has a hidden prototype.
In the second case we can just filter out properties from hidden prototypes.
==========

to

==========
[runtime] Make sure that LookupIterator::OWN always performs a HIDDEN lookup as
well.

Hidden prototypes are merely an implementation detail. Properties on an object +
hidden prototype should look like properties on the object. Hence we should
always perform a hidden prototype lookup. This CL removes the option to ignore
hidden prototypes to avoid bugs that leak this implementation detail.

Also, the only previously valid cases were either places were we knew we didn't
have a hidden prototype; or because we knew we (in the optimizing compiler)
would only handle properties from the non-hidden object.The first case is
already handled by directly tagging whether a receiver has a hidden prototype.
In the second case we can just filter out properties from hidden prototypes.

Committed: https://crrev.com/c9a83150e0440b30c4317db4d6cfe70a09557243
Cr-Commit-Position: refs/heads/master@{#36235}
==========

[commit-bot: I haz the power, 2016-05-13 11:33:43]

Patchset 2 (id:??) landed as
https://crrev.com/c9a83150e0440b30c4317db4d6cfe70a09557243
Cr-Commit-Position: refs/heads/master@{#36235}