diff --git a/src/debug/debug-evaluate.cc b/src/debug/debug-evaluate.cc
index 745194e5bf..6f3f79f9ef 100644
--- a/src/debug/debug-evaluate.cc
+++ b/src/debug/debug-evaluate.cc
@@ -142,7 +142,7 @@ MaybeHandle<Object> DebugEvaluate::WithTopmostArguments(Isolate* isolate,
       Context::cast(it.frame()->context()).native_context(), isolate);
 
   // Materialize arguments as property on an extension object.
-  Handle<JSObject> materialized = factory->NewJSObjectWithNullProto();
+  Handle<JSObject> materialized = factory->NewSlowJSObjectWithNullProto();
   Handle<String> arguments_str = factory->arguments_string();
   JSObject::SetOwnPropertyIgnoreAttributes(
       materialized, arguments_str,
diff --git a/src/debug/debug-scopes.cc b/src/debug/debug-scopes.cc
index 393d0ea7ab..2de06dee5b 100644
--- a/src/debug/debug-scopes.cc
+++ b/src/debug/debug-scopes.cc
@@ -556,7 +556,7 @@ Handle<JSObject> ScopeIterator::ScopeObject(Mode mode) {
     return WithContextExtension();
   }
 
-  Handle<JSObject> scope = isolate_->factory()->NewJSObjectWithNullProto();
+  Handle<JSObject> scope = isolate_->factory()->NewSlowJSObjectWithNullProto();
   auto visitor = [=](Handle<String> name, Handle<Object> value,
                      ScopeType scope_type) {
     if (value->IsTheHole(isolate_)) {
@@ -901,7 +901,7 @@ bool ScopeIterator::VisitLocals(const Visitor& visitor, Mode mode,
 Handle<JSObject> ScopeIterator::WithContextExtension() {
   DCHECK(context_->IsWithContext());
   if (context_->extension_receiver().IsJSProxy()) {
-    return isolate_->factory()->NewJSObjectWithNullProto();
+    return isolate_->factory()->NewSlowJSObjectWithNullProto();
   }
   return handle(JSObject::cast(context_->extension_receiver()), isolate_);
 }
diff --git a/src/debug/debug-wasm-objects.cc b/src/debug/debug-wasm-objects.cc
index 3df53a8f5e..e45ed85574 100644
--- a/src/debug/debug-wasm-objects.cc
+++ b/src/debug/debug-wasm-objects.cc
@@ -628,7 +628,7 @@ class ContextProxy {
  public:
   static Handle<JSObject> Create(WasmFrame* frame) {
     Isolate* isolate = frame->isolate();
-    auto object = isolate->factory()->NewJSObjectWithNullProto();
+    auto object = isolate->factory()->NewSlowJSObjectWithNullProto();
     Handle<WasmInstanceObject> instance(frame->wasm_instance(), isolate);
     JSObject::AddProperty(isolate, object, "instance", instance, FROZEN);
     Handle<WasmModuleObject> module_object(instance->module_object(), isolate);
@@ -692,7 +692,7 @@ class DebugWasmScopeIterator final : public debug::ScopeIterator {
       case debug::ScopeIterator::ScopeTypeModule: {
         Handle<WasmInstanceObject> instance(frame_->wasm_instance(), isolate);
         Handle<JSObject> object =
-            isolate->factory()->NewJSObjectWithNullProto();
+            isolate->factory()->NewSlowJSObjectWithNullProto();
         JSObject::AddProperty(isolate, object, "instance", instance, FROZEN);
         Handle<JSObject> module_object(instance->module_object(), isolate);
         JSObject::AddProperty(isolate, object, "module", module_object, FROZEN);
@@ -725,7 +725,7 @@ class DebugWasmScopeIterator final : public debug::ScopeIterator {
         return Utils::ToLocal(LocalsProxy::Create(frame_));
       }
       case debug::ScopeIterator::ScopeTypeWasmExpressionStack: {
-        auto object = isolate->factory()->NewJSObjectWithNullProto();
+        auto object = isolate->factory()->NewSlowJSObjectWithNullProto();
         auto stack = StackProxy::Create(frame_);
         JSObject::AddProperty(isolate, object, "stack", stack, FROZEN);
         return Utils::ToLocal(object);
diff --git a/src/heap/factory.cc b/src/heap/factory.cc
index 3a8d9c124b..eddacd32c7 100644
--- a/src/heap/factory.cc
+++ b/src/heap/factory.cc
@@ -2302,12 +2302,21 @@ Handle<JSObject> Factory::NewJSObject(Handle<JSFunction> constructor,
   return NewJSObjectFromMap(map, allocation);
 }
 
-Handle<JSObject> Factory::NewJSObjectWithNullProto() {
+Handle<JSObject> Factory::NewSlowJSObjectWithNullProto() {
   Handle<JSObject> result =
       NewSlowJSObjectFromMap(isolate()->slow_object_with_null_prototype_map());
   return result;
 }
 
+Handle<JSObject> Factory::NewJSObjectWithNullProto() {
+  Handle<JSObject> result = NewJSObject(isolate()->object_function());
+  Handle<Map> new_map = Map::Copy(
+      isolate(), Handle<Map>(result->map(), isolate()), "ObjectWithNullProto");
+  Map::SetPrototype(isolate(), new_map, null_value());
+  JSObject::MigrateToMap(isolate(), result, new_map);
+  return result;
+}
+
 Handle<JSGlobalObject> Factory::NewJSGlobalObject(
     Handle<JSFunction> constructor) {
   DCHECK(constructor->has_initial_map());
diff --git a/src/heap/factory.h b/src/heap/factory.h
index f11687559f..f620f5eb3c 100644
--- a/src/heap/factory.h
+++ b/src/heap/factory.h
@@ -489,6 +489,8 @@ class V8_EXPORT_PRIVATE Factory : public FactoryBase<Factory> {
       AllocationType allocation = AllocationType::kYoung);
   // JSObject without a prototype.
   Handle<JSObject> NewJSObjectWithNullProto();
+  // JSObject without a prototype, in dictionary mode.
+  Handle<JSObject> NewSlowJSObjectWithNullProto();
 
   // Global objects are pretenured and initialized based on a constructor.
   Handle<JSGlobalObject> NewJSGlobalObject(Handle<JSFunction> constructor);