Customized support for feedback on calls to Array.

src/objects.cc

Index: src/objects.cc
diff --git a/src/objects.cc b/src/objects.cc
index f9a52e59c7455d2986ade2ac70296c2dd5db5034..353b932958d25ede0170ecf86d128f5124210d33 100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -11226,13 +11226,26 @@ void Code::ClearInlineCaches(Code::Kind* kind) {
 void SharedFunctionInfo::ClearTypeFeedbackInfo() {
   FixedArray* vector = feedback_vector();
   Heap* heap = GetHeap();
-  for (int i = 0; i < vector->length(); i++) {
+  Context* context = GetIsolate()->context();
+  JSFunction* array_function = context != NULL
+      ? context->native_context()->array_function()
+      : NULL;
+  int length = vector->length();
+
+  for (int i = 0; i < length; i++) {
     Object* obj = vector->get(i);
-    if (!obj->IsAllocationSite()) {
-      vector->set(
-          i,
-          TypeFeedbackInfo::RawUninitializedSentinel(heap),
-          SKIP_WRITE_BARRIER);
+    if (obj->IsHeapObject()) {
+      InstanceType instance_type =
+          HeapObject::cast(obj)->map()->instance_type();
+      switch (instance_type) {
+        case ALLOCATION_SITE_TYPE: break;

[danno, 2014/05/22 08:20:43]

Perhaps comments here explaining why each of these cases shouldn't clear
feedback?

[mvstanton, 2014/05/22 09:29:47]

Done.

+        case JS_FUNCTION_TYPE:
+          if (obj == array_function) break;
+          // Fall through...
+        default:
+          vector->set(i, TypeFeedbackInfo::RawUninitializedSentinel(heap),
+                      SKIP_WRITE_BARRIER);
+      }
     }
   }
 }