diff --git a/src/ic/handler-configuration.cc b/src/ic/handler-configuration.cc index 04dcc82783..7a5d6a46f7 100644 --- a/src/ic/handler-configuration.cc +++ b/src/ic/handler-configuration.cc @@ -123,9 +123,6 @@ Handle LoadHandler::LoadFromPrototype(Isolate* isolate, Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate); - if (validity_cell.is_null()) { - validity_cell = handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); - } int data_count = 1 + checks_count; Handle handler = isolate->factory()->NewLoadHandler(data_count); @@ -149,11 +146,10 @@ Handle LoadHandler::LoadFullChain(Isolate* isolate, Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate); - if (validity_cell.is_null()) { + if (validity_cell->IsSmi()) { DCHECK_EQ(0, checks_count); // Lookup on receiver isn't supported in case of a simple smi handler. if (!LookupOnReceiverBits::decode(smi_handler->value())) return smi_handler; - validity_cell = handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); } int data_count = 1 + checks_count; @@ -191,9 +187,6 @@ Handle StoreHandler::StoreElementTransition( .GetCode(); Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate); - if (validity_cell.is_null()) { - validity_cell = handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); - } Handle cell = Map::WeakCellForMap(transition); Handle handler = isolate->factory()->NewStoreHandler(1); handler->set_smi_handler(*stub); @@ -227,9 +220,6 @@ Handle StoreHandler::StoreTransition(Isolate* isolate, if (is_dictionary_map || !transition_map->IsPrototypeValidityCellValid()) { validity_cell = Map::GetOrCreatePrototypeChainValidityCell(transition_map, isolate); - if (validity_cell.is_null()) { - validity_cell = handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); - } } if (is_dictionary_map) { @@ -266,10 +256,7 @@ Handle StoreHandler::StoreThroughPrototype( Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate); - if (validity_cell.is_null()) { - DCHECK_EQ(0, checks_count); - validity_cell = handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); - } + DCHECK_IMPLIES(validity_cell->IsSmi(), checks_count == 0); int data_count = 1 + checks_count; Handle handler = diff --git a/src/ic/ic.cc b/src/ic/ic.cc index ddd42d78ac..9c80e838f9 100644 --- a/src/ic/ic.cc +++ b/src/ic/ic.cc @@ -1860,7 +1860,10 @@ Handle KeyedStoreIC::StoreElementHandler( Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(receiver_map, isolate()); - if (validity_cell.is_null()) return stub; + if (validity_cell->IsSmi()) { + // There's no prototype validity cell to check, so we can just use the stub. + return stub; + } Handle handler = isolate()->factory()->NewStoreHandler(0); handler->set_validity_cell(*validity_cell); handler->set_smi_handler(*stub); diff --git a/src/lookup.cc b/src/lookup.cc index 409b90bd6a..7b1fd91be6 100644 --- a/src/lookup.cc +++ b/src/lookup.cc @@ -588,10 +588,6 @@ void LookupIterator::ApplyTransitionToDataProperty( // configuration can produce valid transition handler maps. Handle validity_cell = Map::GetOrCreatePrototypeChainValidityCell(transition, isolate()); - if (validity_cell.is_null()) { - validity_cell = - handle(Smi::FromInt(Map::kPrototypeChainValid), isolate()); - } transition->set_prototype_validity_cell(*validity_cell); } diff --git a/src/objects.cc b/src/objects.cc index d2bfe41fdb..c369ff8f44 100644 --- a/src/objects.cc +++ b/src/objects.cc @@ -12568,8 +12568,8 @@ void Map::SetShouldBeFastPrototypeMap(Handle map, bool value, } // static -Handle Map::GetOrCreatePrototypeChainValidityCell(Handle map, - Isolate* isolate) { +Handle Map::GetOrCreatePrototypeChainValidityCell(Handle map, + Isolate* isolate) { Handle maybe_prototype; if (map->IsJSGlobalObjectMap()) { DCHECK(map->is_prototype_map()); @@ -12580,7 +12580,9 @@ Handle Map::GetOrCreatePrototypeChainValidityCell(Handle map, maybe_prototype = handle(map->GetPrototypeChainRootMap(isolate)->prototype(), isolate); } - if (!maybe_prototype->IsJSObject()) return Handle::null(); + if (!maybe_prototype->IsJSObject()) { + return handle(Smi::FromInt(Map::kPrototypeChainValid), isolate); + } Handle prototype = Handle::cast(maybe_prototype); // Ensure the prototype is registered with its own prototypes so its cell // will be invalidated when necessary. diff --git a/src/objects/map.h b/src/objects/map.h index 16d66243e6..4af6902f5c 100644 --- a/src/objects/map.h +++ b/src/objects/map.h @@ -420,11 +420,13 @@ class Map : public HeapObject { Isolate* isolate); // [prototype chain validity cell]: Associated with a prototype object, - // stored in that object's map's PrototypeInfo, indicates that prototype - // chains through this object are currently valid. The cell will be - // invalidated and replaced when the prototype chain changes. - static Handle GetOrCreatePrototypeChainValidityCell(Handle map, - Isolate* isolate); + // stored in that object's map, indicates that prototype chains through this + // object are currently valid. The cell will be invalidated and replaced when + // the prototype chain changes. When there's nothing to guard (for example, + // when direct prototype is null or Proxy) this function returns Smi with + // |kPrototypeChainValid| sentinel value. + static Handle GetOrCreatePrototypeChainValidityCell(Handle map, + Isolate* isolate); static const int kPrototypeChainValid = 0; static const int kPrototypeChainInvalid = 1;