A simple fix of issue http://code.google.com/p/chromium/issues/detail?id=3285

A simple fix of issue code.google.com/p/chromium/issues/detail?id=3285

NPN_Construct allows a NPObject to be called as a construct. For example, the
test case

var s = new app.Packages.java.lang.Integer(5);

app.Packages.java.lang.Integer is a NPObject, and it implements NPN_Construct.

This fix allows a JSObject created by an API function be called as a construct
if it can be called
as a function. This is done by generating the same code for
var s = new app.Packages.java.lang.Integer(5); as
var s = app.Packages.java.lang.Integer(5);

and the caller handles both case correctly. A more sophiscated fix is to one
extra JSConstructCall
frame and allow CallAsConstructor in Builtin::HandleApiCallAsFunction.

This change itself shouldn't affect the semantic of normal case such as:

var a = {};
var s = new a();

A TypeError exception will be thrown in CALL_NON_FUNCTION (runtime.js).

Another part of fix is in the binding code, V8NPObject, which makes
NPN_InvokeDefault or NPN_Construct
call depending on which function is available.
Review URL: http://codereview.chromium.org/100243

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1837 ce2b1a6d-e550-0410-aec6-3dcde31c8c00