X87: Array() in optimized code can create with wrong ElementsKind in corner cases

X87: Array() in optimized code can create with wrong ElementsKind in corner cases

port 13459c1ae3caa4cc546c522177bac5450a3252bf (r27857)

original commit message:

    Array() in optimized code can create with wrong ElementsKind in corner cases.

    Calling new Array(JSObject::kInitialMaxFastElementArray) in optimized code
    makes a stub call that bails out due to the length. Currently, the bailout
    code a) doesn't have the allocation site, and b) wouldn't use it if it did
    because the length is perceived to be too high.

    This CL passes the allocation site to the stub call (rather than undefined),
    and alters the bailout code to utilize the feedback.

BUG=

Committed: https://crrev.com/5729299752c2ea3d2cae1844219273afc9ada3ca
Cr-Commit-Position: refs/heads/master@{#27875}

[chunyang.dai, 2015-04-16 07:02:30]

chunyang.dai@intel.com changed reviewers:
+ weiliang.lin@intel.com

[chunyang.dai, 2015-04-16 07:02:30]

PTAL

[Weiliang, 2015-04-16 09:38:54]

The CQ bit was checked by weiliang.lin@intel.com

[Weiliang, 2015-04-16 09:38:55]

lgtm

[commit-bot: I haz the power, 2015-04-16 09:39:00]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1088423002/1

[commit-bot: I haz the power, 2015-04-16 10:38:47]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2015-04-16 10:38:57]

Patchset 1 (id:??) landed as
https://crrev.com/5729299752c2ea3d2cae1844219273afc9ada3ca
Cr-Commit-Position: refs/heads/master@{#27875}