Encapsulate IC::State into the IC.

src/ic.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 54 matching lines @@
   if (mode == STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS) {
     return ".IGNORE_OOB";
   }
   if (IsGrowStoreMode(mode)) return ".GROW";
   return "";
 }
 
 
 void IC::TraceIC(const char* type,
                  Handle<Object> name,
-                 State old_state,
                  Code* new_target) {
   if (FLAG_trace_ic) {
-    Object* undef = new_target->GetHeap()->undefined_value();
-    State new_state = StateFrom(new_target, undef, undef);
+    State new_state = new_target->ic_state();
     PrintF("[%s in ", type);
     Isolate* isolate = new_target->GetIsolate();
     StackFrameIterator it(isolate);
     while (it.frame()->fp() != this->fp()) it.Advance();
     StackFrame* raw_frame = it.frame();
     if (raw_frame->is_internal()) {
       Code* apply_builtin = isolate->builtins()->builtin(
           Builtins::kFunctionApply);
       if (raw_frame->unchecked_code() == apply_builtin) {
         PrintF("apply from ");
         it.Advance();
         raw_frame = it.frame();
       }
     }
     JavaScriptFrame::PrintTop(isolate, stdout, false, true);
-    Code::ExtraICState state = new_target->extra_ic_state();
+    Code::ExtraICState extra_state = new_target->extra_ic_state();
     const char* modifier =
-        GetTransitionMarkModifier(Code::GetKeyedAccessStoreMode(state));
+        GetTransitionMarkModifier(Code::GetKeyedAccessStoreMode(extra_state));
     PrintF(" (%c->%c%s)",
-           TransitionMarkFromState(old_state),
+           TransitionMarkFromState(state()),
            TransitionMarkFromState(new_state),
            modifier);
     name->Print();
     PrintF("]\n");
   }
 }
 
 #define TRACE_GENERIC_IC(isolate, type, reason)                 \
   do {                                                          \
     if (FLAG_trace_ic) {                                        \
       PrintF("[%s patching generic stub in ", type);            \
       JavaScriptFrame::PrintTop(isolate, stdout, false, true);  \
       PrintF(" (%s)]\n", reason);                               \
     }                                                           \
   } while (false)
 
 #else
 #define TRACE_GENERIC_IC(isolate, type, reason)
 #endif  // DEBUG
 
-#define TRACE_IC(type, name, old_state, new_target)             \
-  ASSERT((TraceIC(type, name, old_state, *new_target), true))
+#define TRACE_IC(type, name, new_target)             \
+  ASSERT((TraceIC(type, name, *new_target), true))
 
 IC::IC(FrameDepth depth, Isolate* isolate) : isolate_(isolate) {
   // To improve the performance of the (much used) IC code, we unfold a few
   // levels of the stack frame iteration code. This yields a ~35% speedup when
   // running DeltaBlue and a ~25% speedup of gbemu with the '--nouse-ic' flag.
   const Address entry =
       Isolate::c_entry_fp(isolate->thread_local_top());
   Address* pc_address =
       reinterpret_cast<Address*>(entry + ExitFrameConstants::kCallerPCOffset);
   Address fp = Memory::Address_at(entry + ExitFrameConstants::kCallerFPOffset);
   // If there's another JavaScript frame on the stack or a
   // StubFailureTrampoline, we need to look one frame further down the stack to
   // find the frame pointer and the return address stack slot.
   if (depth == EXTRA_CALL_FRAME) {
     const int kCallerPCOffset = StandardFrameConstants::kCallerPCOffset;
     pc_address = reinterpret_cast<Address*>(fp + kCallerPCOffset);
     fp = Memory::Address_at(fp + StandardFrameConstants::kCallerFPOffset);
   }
 #ifdef DEBUG
   StackFrameIterator it(isolate);
   for (int i = 0; i < depth + 1; i++) it.Advance();
   StackFrame* frame = it.frame();
   ASSERT(fp == frame->fp() && pc_address == frame->pc_address());
 #endif
   fp_ = fp;
   pc_address_ = StackFrame::ResolveReturnAddressLocation(pc_address);
   target_ = handle(raw_target(), isolate);
+  state_ = target_->ic_state();
 }
 
 
 #ifdef ENABLE_DEBUGGER_SUPPORT
 Address IC::OriginalCodeAddress() const {
   HandleScope scope(isolate());
   // Compute the JavaScript frame for the frame pointer of this IC
   // structure. We need this to be able to find the function
   // corresponding to the frame.
   StackFrameIterator it(isolate());
@@ skipping 96 matching lines @@
     global->LocalLookupRealNamedProperty(Name::cast(name), &lookup);
     if (!lookup.IsFound()) return false;
     PropertyCell* cell = global->GetPropertyCell(&lookup);
     return cell->type()->IsConstant();
   }
 
   return false;
 }
 
 
-IC::State IC::StateFrom(Code* target, Object* receiver, Object* name) {
-  IC::State state = target->ic_state();
+void IC::UpdateState(Object* receiver, Object* name) {
+  if (state() != MONOMORPHIC || !name->IsString()) return;
+  if (receiver->IsUndefined() || receiver->IsNull()) return;
 
-  if (state != MONOMORPHIC || !name->IsString()) return state;
-  if (receiver->IsUndefined() || receiver->IsNull()) return state;
-
-  Code::Kind kind = target->kind();
+  Code::Kind kind = target()->kind();
   // Remove the target from the code cache if it became invalid
   // because of changes in the prototype chain to avoid hitting it
   // again.
   // Call stubs handle this later to allow extra IC state
   // transitions.
   if (kind != Code::CALL_IC && kind != Code::KEYED_CALL_IC &&
-      TryRemoveInvalidPrototypeDependentStub(target, receiver, name)) {
-    return MONOMORPHIC_PROTOTYPE_FAILURE;
+      TryRemoveInvalidPrototypeDependentStub(*target_, receiver, name)) {
+    MarkMonomorphicPrototypeFailure();
+    return;
   }
 
   // The builtins object is special.  It only changes when JavaScript
   // builtins are loaded lazily.  It is important to keep inline
   // caches for the builtins object monomorphic.  Therefore, if we get
   // an inline cache miss for the builtins object after lazily loading
   // JavaScript builtins, we return uninitialized as the state to
   // force the inline cache back to monomorphic state.
-  if (receiver->IsJSBuiltinsObject()) {
-    return UNINITIALIZED;
-  }
-
-  return MONOMORPHIC;
+  if (receiver->IsJSBuiltinsObject()) state_ = UNINITIALIZED;
 }
 
 
 RelocInfo::Mode IC::ComputeMode() {
   Address addr = address();
   Code* code = Code::cast(isolate()->FindCodeObject(addr));
   for (RelocIterator it(code, RelocInfo::kCodeTargetMask);
        !it.done(); it.next()) {
     RelocInfo* info = it.rinfo();
     if (info->pc() == addr) return info->rmode();
@@ skipping 229 matching lines @@
     // Change the receiver to the result of calling ToObject on it.
     const int argc = this->target()->arguments_count();
     StackFrameLocator locator(isolate());
     JavaScriptFrame* frame = locator.FindJavaScriptFrame(0);
     int index = frame->ComputeExpressionsCount() - (argc + 1);
     frame->SetExpression(index, *isolate()->factory()->ToObject(object));
   }
 }
 
 
-MaybeObject* CallICBase::LoadFunction(State state,
-                                      Code::ExtraICState extra_ic_state,
+MaybeObject* CallICBase::LoadFunction(Code::ExtraICState extra_ic_state,
                                       Handle<Object> object,
                                       Handle<String> name) {
   bool use_ic = FLAG_use_ic;
   if (object->IsJSObject()) {
     Handle<JSObject> receiver = Handle<JSObject>::cast(object);
     if (receiver->map()->is_deprecated()) {
       use_ic = false;
       JSObject::MigrateInstance(receiver);
     }
   }
@@ skipping 25 matching lines @@
 
   if (!lookup.IsFound()) {
     // If the object does not have the requested property, check which
     // exception we need to throw.
     return IsUndeclaredGlobal(object)
         ? ReferenceError("not_defined", name)
         : TypeError("undefined_method", object, name);
   }
 
   // Lookup is valid: Update inline cache and stub cache.
-  if (use_ic) UpdateCaches(&lookup, state, extra_ic_state, object, name);
+  if (use_ic) UpdateCaches(&lookup, extra_ic_state, object, name);
 
   // Get the property.
   PropertyAttributes attr;
   Handle<Object> result =
       Object::GetProperty(object, object, &lookup, name, &attr);
   RETURN_IF_EMPTY_HANDLE(isolate(), result);
 
   if (lookup.IsInterceptor() && attr == ABSENT) {
     // If the object does not have the requested property, check which
     // exception we need to throw.
@@ skipping 69 matching lines @@
       }
       break;
     default:
       return false;
   }
   return false;
 }
 
 
 Handle<Code> CallICBase::ComputeMonomorphicStub(LookupResult* lookup,
-                                                State state,
                                                 Code::ExtraICState extra_state,
                                                 Handle<Object> object,
                                                 Handle<String> name) {
   int argc = target()->arguments_count();
   Handle<JSObject> holder(lookup->holder(), isolate());
   switch (lookup->type()) {
     case FIELD: {
       PropertyIndex index = lookup->GetFieldIndex();
       return isolate()->stub_cache()->ComputeCallField(
           argc, kind_, extra_state, name, object, holder, index);
@@ skipping 35 matching lines @@
       ASSERT(HasInterceptorGetter(*holder));
       return isolate()->stub_cache()->ComputeCallInterceptor(
           argc, kind_, extra_state, name, object, holder);
     default:
       return Handle<Code>::null();
   }
 }
 
 
 void CallICBase::UpdateCaches(LookupResult* lookup,
-                              State state,
                               Code::ExtraICState extra_ic_state,
                               Handle<Object> object,
                               Handle<String> name) {
   // Bail out if we didn't find a result.
   if (!lookup->IsProperty() || !lookup->IsCacheable()) return;
 
   // Compute the number of arguments.
   int argc = target()->arguments_count();
   Handle<Code> code;
-  if (state == UNINITIALIZED) {
+  if (state() == UNINITIALIZED) {
     // This is the first time we execute this inline cache.
     // Set the target to the pre monomorphic stub to delay
     // setting the monomorphic state.
     code = isolate()->stub_cache()->ComputeCallPreMonomorphic(
         argc, kind_, extra_ic_state);
-  } else if (state == MONOMORPHIC) {
+  } else if (state() == MONOMORPHIC) {
     if (kind_ == Code::CALL_IC &&
         TryUpdateExtraICState(lookup, object, &extra_ic_state)) {
-      code = ComputeMonomorphicStub(lookup, state, extra_ic_state,
-                                    object, name);
+      code = ComputeMonomorphicStub(lookup, extra_ic_state, object, name);
     } else if (TryRemoveInvalidPrototypeDependentStub(*target(),
                                                       *object,
                                                       *name)) {
-      state = MONOMORPHIC_PROTOTYPE_FAILURE;
-      code = ComputeMonomorphicStub(lookup, state, extra_ic_state,
-                                    object, name);
+      MarkMonomorphicPrototypeFailure();
+      code = ComputeMonomorphicStub(lookup, extra_ic_state, object, name);
     } else {
       code = isolate()->stub_cache()->ComputeCallMegamorphic(
           argc, kind_, extra_ic_state);
     }
   } else {
-    code = ComputeMonomorphicStub(lookup, state, extra_ic_state,
-                                  object, name);
+    code = ComputeMonomorphicStub(lookup, extra_ic_state, object, name);
   }
 
   // If there's no appropriate stub we simply avoid updating the caches.
   if (code.is_null()) return;
 
   // Patch the call site depending on the state of the cache.
-  switch (state) {
+  switch (state()) {
     case UNINITIALIZED:
     case MONOMORPHIC_PROTOTYPE_FAILURE:
     case PREMONOMORPHIC:
     case MONOMORPHIC:
       set_target(*code);
       break;
     case MEGAMORPHIC: {
       // Cache code holding map should be consistent with
       // GenerateMonomorphicCacheProbe. It is not the map which holds the stub.
       Handle<JSObject> cache_object = object->IsJSObject()
           ? Handle<JSObject>::cast(object)
           : Handle<JSObject>(JSObject::cast(object->GetPrototype(isolate())),
                              isolate());
       // Update the stub cache.
       UpdateMegamorphicCache(cache_object->map(), *name, *code);
       break;
     }
     case DEBUG_STUB:
       break;
     case POLYMORPHIC:
     case GENERIC:
       UNREACHABLE();
       break;
   }
 
-  TRACE_IC(kind_ == Code::CALL_IC ? "CallIC" : "KeyedCallIC",
-           name, state, target());
+  TRACE_IC(kind_ == Code::CALL_IC ? "CallIC" : "KeyedCallIC", name, target());
 }
 
 
-MaybeObject* KeyedCallIC::LoadFunction(State state,
-                                       Handle<Object> object,
+MaybeObject* KeyedCallIC::LoadFunction(Handle<Object> object,
                                        Handle<Object> key) {
   if (key->IsInternalizedString()) {
-    return CallICBase::LoadFunction(state,
-                                    Code::kNoExtraICState,
+    return CallICBase::LoadFunction(Code::kNoExtraICState,
                                     object,
                                     Handle<String>::cast(key));
   }
 
   bool use_ic = FLAG_use_ic && !object->IsAccessCheckNeeded();
   if (object->IsJSObject()) {
     Handle<JSObject> receiver = Handle<JSObject>::cast(object);
     if (receiver->map()->is_deprecated()) {
       use_ic = false;
       JSObject::MigrateInstance(receiver);
     }
   }
 
   if (object->IsUndefined() || object->IsNull()) {
     return TypeError("non_object_property_call", object, key);
   }
 
   ASSERT(!(use_ic && object->IsJSGlobalProxy()));
 
-  if (use_ic && state != MEGAMORPHIC) {
+  if (use_ic && state() != MEGAMORPHIC) {
     int argc = target()->arguments_count();
     Handle<Code> stub = isolate()->stub_cache()->ComputeCallMegamorphic(
         argc, Code::KEYED_CALL_IC, Code::kNoExtraICState);
     if (object->IsJSObject()) {
       Handle<JSObject> receiver = Handle<JSObject>::cast(object);
       if (receiver->elements()->map() ==
           isolate()->heap()->non_strict_arguments_elements_map()) {
         stub = isolate()->stub_cache()->ComputeCallArguments(argc);
       }
     }
     ASSERT(!stub.is_null());
     set_target(*stub);
-    TRACE_IC("KeyedCallIC", key, state, target());
+    TRACE_IC("KeyedCallIC", key, target());
   }
 
   Handle<Object> result = GetProperty(isolate(), object, key);
   RETURN_IF_EMPTY_HANDLE(isolate(), result);
 
   // Make receiver an object if the callee requires it. Strict mode or builtin
   // functions do not wrap the receiver, non-strict functions and objects
   // called as functions do.
   ReceiverToObjectIfRequired(result, object);
   if (result->IsJSFunction()) return *result;
 
   result = TryCallAsFunction(result);
   if (result->IsJSFunction()) return *result;
 
   return TypeError("property_not_function", object, key);
 }
 
 
-MaybeObject* LoadIC::Load(State state,
-                          Handle<Object> object,
+MaybeObject* LoadIC::Load(Handle<Object> object,
                           Handle<String> name) {
   // If the object is undefined or null it's illegal to try to get any
   // of its properties; throw a TypeError in that case.
   if (object->IsUndefined() || object->IsNull()) {
     return TypeError("non_object_property_load", object, name);
   }
 
   bool use_ic = FLAG_use_ic;
 
   if (use_ic) {
     // Use specialized code for getting the length of strings and
     // string wrapper objects.  The length property of string wrapper
     // objects is read-only and therefore always returns the length of
     // the underlying string value.  See ECMA-262 15.5.5.1.
     if (object->IsStringWrapper() &&
         name->Equals(isolate()->heap()->length_string())) {
       Handle<Code> stub;
-      if (state == UNINITIALIZED) {
+      if (state() == UNINITIALIZED) {
         stub = pre_monomorphic_stub();
-      } else if (state == PREMONOMORPHIC || state == MONOMORPHIC) {
+      } else if (state() == PREMONOMORPHIC || state() == MONOMORPHIC) {
         StringLengthStub string_length_stub(kind());
         stub = string_length_stub.GetCode(isolate());
-      } else if (state != MEGAMORPHIC) {
-        ASSERT(state != GENERIC);
+      } else if (state() != MEGAMORPHIC) {
+        ASSERT(state() != GENERIC);
         stub = megamorphic_stub();
       }
       if (!stub.is_null()) {
         set_target(*stub);
 #ifdef DEBUG
         if (FLAG_trace_ic) PrintF("[LoadIC : +#length /stringwrapper]\n");
 #endif
       }
       // Get the string if we have a string wrapper object.
       String* string = String::cast(JSValue::cast(*object)->value());
       return Smi::FromInt(string->length());
     }
 
     // Use specialized code for getting prototype of functions.
     if (object->IsJSFunction() &&
         name->Equals(isolate()->heap()->prototype_string()) &&
         Handle<JSFunction>::cast(object)->should_have_prototype()) {
       Handle<Code> stub;
-      if (state == UNINITIALIZED) {
+      if (state() == UNINITIALIZED) {
         stub = pre_monomorphic_stub();
-      } else if (state == PREMONOMORPHIC) {
+      } else if (state() == PREMONOMORPHIC) {
         FunctionPrototypeStub function_prototype_stub(kind());
         stub = function_prototype_stub.GetCode(isolate());
-      } else if (state != MEGAMORPHIC) {
-        ASSERT(state != GENERIC);
+      } else if (state() != MEGAMORPHIC) {
+        ASSERT(state() != GENERIC);
         stub = megamorphic_stub();
       }
       if (!stub.is_null()) {
         set_target(*stub);
 #ifdef DEBUG
         if (FLAG_trace_ic) PrintF("[LoadIC : +#prototype /function]\n");
 #endif
       }
       return *Accessors::FunctionGetPrototype(Handle<JSFunction>::cast(object));
     }
@@ skipping 22 matching lines @@
 
   // If we did not find a property, check if we need to throw an exception.
   if (!lookup.IsFound()) {
     if (IsUndeclaredGlobal(object)) {
       return ReferenceError("not_defined", name);
     }
     LOG(isolate(), SuspectReadEvent(*name, *object));
   }
 
   // Update inline cache and stub cache.
-  if (use_ic) UpdateCaches(&lookup, state, object, name);
+  if (use_ic) UpdateCaches(&lookup, object, name);
 
   PropertyAttributes attr;
   if (lookup.IsInterceptor() || lookup.IsHandler()) {
     // Get the property.
     Handle<Object> result =
         Object::GetProperty(object, object, &lookup, name, &attr);
     RETURN_IF_EMPTY_HANDLE(isolate(), result);
     // If the property is not present, check if we need to throw an
     // exception.
     if (attr == ABSENT && IsUndeclaredGlobal(object)) {
@@ skipping 14 matching lines @@
     if (!receiver_maps->at(current).is_null() &&
         receiver_maps->at(current).is_identical_to(new_receiver_map)) {
       return false;
     }
   }
   receiver_maps->Add(new_receiver_map);
   return true;
 }
 
 
-bool IC::UpdatePolymorphicIC(State state,
-                             Handle<HeapObject> receiver,
+bool IC::UpdatePolymorphicIC(Handle<HeapObject> receiver,
                              Handle<String> name,
                              Handle<Code> code) {
   if (!code->is_handler()) return false;
 
   MapHandleList receiver_maps;
   CodeHandleList handlers;
 
   int number_of_valid_maps;
   int handler_to_overwrite = -1;
   Handle<Map> new_receiver_map(receiver->map());
@@ skipping 11 matching lines @@
       // If the receiver map is already in the polymorphic IC, this indicates
       // there was a prototoype chain failure. In that case, just overwrite the
       // handler.
       } else if (map.is_identical_to(new_receiver_map)) {
         number_of_valid_maps--;
         handler_to_overwrite = i;
       }
     }
 
     if (number_of_valid_maps >= 4) return false;
-
-    // Only allow 0 maps in case target() was reset to UNINITIALIZED by the GC.
-    // In that case, allow the IC to go back monomorphic.
-    if (number_of_maps == 0 && target()->ic_state() != UNINITIALIZED) {
-      return false;
-    }
+    if (number_of_maps == 0) return false;
 
     if (!target()->FindHandlers(&handlers, receiver_maps.length())) {
       return false;
     }
   }
 
   number_of_valid_maps++;
   if (handler_to_overwrite >= 0) {
     handlers.Set(handler_to_overwrite, code);
   } else {
@@ skipping 41 matching lines @@
       IsMoreGeneralElementsKindTransition(
         current_map->elements_kind(), receiver_elements_kind);
   Map* transitioned_map = more_general_transition
       ? current_map->LookupElementsTransitionMap(receiver_elements_kind)
       : NULL;
 
   return transitioned_map == receiver_map;
 }
 
 
-void IC::PatchCache(State state,
-                    Handle<HeapObject> receiver,
+void IC::PatchCache(Handle<HeapObject> receiver,
                     Handle<String> name,
                     Handle<Code> code) {
-  switch (state) {
+  switch (state()) {
     case UNINITIALIZED:
     case PREMONOMORPHIC:
     case MONOMORPHIC_PROTOTYPE_FAILURE:
       UpdateMonomorphicIC(receiver, code, name);
       break;
     case MONOMORPHIC:
       ASSERT(!target().is_identical_to(code));
       if (!target()->is_keyed_stub()) {
         bool is_same_handler = false;
         {
           DisallowHeapAllocation no_allocation;
           Code* old_handler = target()->FindFirstHandler();
           is_same_handler = old_handler == *code;
         }
         if (is_same_handler
             && IsTransitionedMapOfMonomorphicTarget(receiver->map())) {
           UpdateMonomorphicIC(receiver, code, name);
           break;
         }
-        if (UpdatePolymorphicIC(state, receiver, name, code)) {
+        if (UpdatePolymorphicIC(receiver, name, code)) {
           break;
         }
 
         CopyICToMegamorphicCache(name);
       }
 
       UpdateMegamorphicCache(receiver->map(), *name, *code);
       set_target(*megamorphic_stub());
       break;
     case MEGAMORPHIC:
       UpdateMegamorphicCache(receiver->map(), *name, *code);
       break;
     case POLYMORPHIC:
       if (target()->is_keyed_stub()) {
         // When trying to patch a polymorphic keyed stub with anything other
         // than another polymorphic stub, go generic.
         set_target(*generic_stub());
       } else {
-        if (UpdatePolymorphicIC(state, receiver, name, code)) {
+        if (UpdatePolymorphicIC(receiver, name, code)) {
           break;
         }
         CopyICToMegamorphicCache(name);
         UpdateMegamorphicCache(receiver->map(), *name, *code);
         set_target(*megamorphic_stub());
       }
       break;
     case DEBUG_STUB:
       break;
     case GENERIC:
       UNREACHABLE();
       break;
   }
 }
 
 
-static void GetReceiverMapsForStub(Handle<Code> stub,
-                                   MapHandleList* result) {
-  ASSERT(stub->is_inline_cache_stub());
-  switch (stub->ic_state()) {
-    case MONOMORPHIC: {
-      Map* map = stub->FindFirstMap();
-      if (map != NULL) {
-        result->Add(Handle<Map>(map));
-      }
-      break;
-    }
-    case POLYMORPHIC: {
-      DisallowHeapAllocation no_allocation;
-      int mask = RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT);
-      for (RelocIterator it(*stub, mask); !it.done(); it.next()) {
-        RelocInfo* info = it.rinfo();
-        Handle<Object> object(info->target_object(), stub->GetIsolate());
-        if (object->IsString()) break;
-        ASSERT(object->IsMap());
-        AddOneReceiverMapIfMissing(result, Handle<Map>::cast(object));
-      }
-      break;
-    }
-    case MEGAMORPHIC:
-      break;
-    case UNINITIALIZED:
-    case PREMONOMORPHIC:
-    case MONOMORPHIC_PROTOTYPE_FAILURE:
-    case GENERIC:
-    case DEBUG_STUB:
-      UNREACHABLE();
-      break;
-  }
-}
-
-
 void LoadIC::UpdateCaches(LookupResult* lookup,
-                          State state,
                           Handle<Object> object,
                           Handle<String> name) {
   // TODO(verwaest): It would be nice to support loading fields from smis as
   // well. For now just fail to update the cache.
   if (!object->IsHeapObject()) return;
 
   Handle<HeapObject> receiver = Handle<HeapObject>::cast(object);
 
   Handle<Code> code;
-  if (state == UNINITIALIZED) {
+  if (state() == UNINITIALIZED) {
     // This is the first time we execute this inline cache.
     // Set the target to the pre monomorphic stub to delay
     // setting the monomorphic state.
     code = pre_monomorphic_stub();
   } else if (!lookup->IsCacheable()) {
     // Bail out if the result is not cacheable.
     code = slow_stub();
   } else if (object->IsString() &&
              name->Equals(isolate()->heap()->length_string())) {
     int length_index = String::kLengthOffset / kPointerSize;
     if (target()->is_load_stub()) {
       LoadFieldStub stub(true, length_index, Representation::Tagged());
       code = stub.GetCode(isolate());
     } else {
       KeyedLoadFieldStub stub(true, length_index, Representation::Tagged());
       code = stub.GetCode(isolate());
     }
   } else if (!object->IsJSObject()) {
     // TODO(jkummerow): It would be nice to support non-JSObjects in
     // ComputeLoadHandler, then we wouldn't need to go generic here.
     code = slow_stub();
   } else {
     code = ComputeLoadHandler(lookup, Handle<JSObject>::cast(receiver), name);
     if (code.is_null()) code = slow_stub();
   }
 
-  PatchCache(state, receiver, name, code);
-  TRACE_IC("LoadIC", name, state, target());
+  PatchCache(receiver, name, code);
+  TRACE_IC("LoadIC", name, target());
 }
 
 
 void IC::UpdateMegamorphicCache(Map* map, Name* name, Code* code) {
   // Cache code holding map should be consistent with
   // GenerateMonomorphicCacheProbe.
   isolate()->stub_cache()->Set(name, map, code);
 }
 
 
@@ skipping 102 matching lines @@
       }
     }
   } else if (key->IsUndefined()) {
     key = isolate->factory()->undefined_string();
   }
   return key;
 }
 
 
 Handle<Code> KeyedLoadIC::LoadElementStub(Handle<JSObject> receiver) {
-  State ic_state = target()->ic_state();
-
   // Don't handle megamorphic property accesses for INTERCEPTORS or CALLBACKS
   // via megamorphic stubs, since they don't have a map in their relocation info
   // and so the stubs can't be harvested for the object needed for a map check.
   if (target()->type() != Code::NORMAL) {
     TRACE_GENERIC_IC(isolate(), "KeyedIC", "non-NORMAL target type");
     return generic_stub();
   }
 
   Handle<Map> receiver_map(receiver->map(), isolate());
   MapHandleList target_receiver_maps;
-  if (ic_state == UNINITIALIZED || ic_state == PREMONOMORPHIC) {
+  if (state() == UNINITIALIZED || state() == PREMONOMORPHIC) {
     // Optimistically assume that ICs that haven't reached the MONOMORPHIC state
     // yet will do so and stay there.
     return isolate()->stub_cache()->ComputeKeyedLoadElement(receiver_map);
   }
 
   if (target().is_identical_to(string_stub())) {
     target_receiver_maps.Add(isolate()->factory()->string_map());
   } else {
-    GetReceiverMapsForStub(target(), &target_receiver_maps);
+    target()->FindAllMaps(&target_receiver_maps);
     if (target_receiver_maps.length() == 0) {
       return isolate()->stub_cache()->ComputeKeyedLoadElement(receiver_map);
     }
   }
 
   // The first time a receiver is seen that is a transitioned version of the
   // previous monomorphic receiver type, assume the new ElementsKind is the
   // monomorphic type. This benefits global arrays that only transition
   // once, and all call sites accessing them are faster if they remain
   // monomorphic. If this optimistic assumption is not true, the IC will
   // miss again and it will become polymorphic and support both the
   // untransitioned and transitioned maps.
-  if (ic_state == MONOMORPHIC &&
+  if (state() == MONOMORPHIC &&
       IsMoreGeneralElementsKindTransition(
           target_receiver_maps.at(0)->elements_kind(),
           receiver->GetElementsKind())) {
     return isolate()->stub_cache()->ComputeKeyedLoadElement(receiver_map);
   }
 
-  ASSERT(ic_state != GENERIC);
+  ASSERT(state() != GENERIC);
 
   // Determine the list of receiver maps that this call site has seen,
   // adding the map that was just encountered.
   if (!AddOneReceiverMapIfMissing(&target_receiver_maps, receiver_map)) {
     // If the miss wasn't due to an unseen map, a polymorphic stub
     // won't help, use the generic stub.
     TRACE_GENERIC_IC(isolate(), "KeyedIC", "same map added twice");
     return generic_stub();
   }
 
   // If the maximum number of receiver maps has been exceeded, use the generic
   // version of the IC.
   if (target_receiver_maps.length() > kMaxKeyedPolymorphism) {
     TRACE_GENERIC_IC(isolate(), "KeyedIC", "max polymorph exceeded");
     return generic_stub();
   }
 
   return isolate()->stub_cache()->ComputeLoadElementPolymorphic(
       &target_receiver_maps);
 }
 
 
-MaybeObject* KeyedLoadIC::Load(State state,
-                               Handle<Object> object,
+MaybeObject* KeyedLoadIC::Load(Handle<Object> object,
                                Handle<Object> key,
                                ICMissMode miss_mode) {
   // Check for values that can be converted into an internalized string directly
   // or is representable as a smi.
   key = TryConvertKey(key, isolate());
 
   if (key->IsInternalizedString()) {
-    return LoadIC::Load(state, object, Handle<String>::cast(key));
+    return LoadIC::Load(object, Handle<String>::cast(key));
   }
 
   bool use_ic = FLAG_use_ic && !object->IsAccessCheckNeeded();
   ASSERT(!(use_ic && object->IsJSGlobalProxy()));
 
   if (use_ic) {
     Handle<Code> stub = generic_stub();
     if (miss_mode != MISS_FORCE_GENERIC) {
       if (object->IsString() && key->IsNumber()) {
-        if (state == UNINITIALIZED) {
+        if (state() == UNINITIALIZED) {
           stub = string_stub();
         }
       } else if (object->IsJSObject()) {
         Handle<JSObject> receiver = Handle<JSObject>::cast(object);
         if (receiver->map()->is_deprecated()) {
           use_ic = false;
           JSObject::MigrateInstance(receiver);
         }
 
         if (receiver->elements()->map() ==
             isolate()->heap()->non_strict_arguments_elements_map()) {
           stub = non_strict_arguments_stub();
         } else if (receiver->HasIndexedInterceptor()) {
           stub = indexed_interceptor_stub();
         } else if (!key->ToSmi()->IsFailure() &&
                    (!target().is_identical_to(non_strict_arguments_stub()))) {
           stub = LoadElementStub(receiver);
         }
       }
     } else {
       TRACE_GENERIC_IC(isolate(), "KeyedLoadIC", "force generic");
     }
     if (use_ic) {
       ASSERT(!stub.is_null());
       set_target(*stub);
-      TRACE_IC("KeyedLoadIC", key, state, target());
+      TRACE_IC("KeyedLoadIC", key, target());
     }
   }
 
 
   return Runtime::GetObjectPropertyOrFail(isolate(), object, key);
 }
 
 
 Handle<Code> KeyedLoadIC::ComputeLoadHandler(LookupResult* lookup,
                                              Handle<JSObject> receiver,
@@ skipping 53 matching lines @@
       return generic_stub();
   }
   return Handle<Code>::null();
 }
 
 
 static bool LookupForWrite(Handle<JSObject> receiver,
                            Handle<String> name,
                            Handle<Object> value,
                            LookupResult* lookup,
-                           IC::State* state) {
+                           IC* ic) {
   Handle<JSObject> holder = receiver;
   receiver->Lookup(*name, lookup);
   if (lookup->IsFound()) {
     if (lookup->IsReadOnly() || !lookup->IsCacheable()) return false;
 
     if (lookup->holder() == *receiver) {
       if (lookup->IsInterceptor() &&
           receiver->GetNamedInterceptor()->setter()->IsUndefined()) {
         receiver->LocalLookupRealNamedProperty(*name, lookup);
         return lookup->IsFound() &&
@@ skipping 33 matching lines @@
   ASSERT(!receiver->map()->is_deprecated());
   if (!value->FitsRepresentation(target_details.representation())) {
     Handle<Map> target(lookup->GetTransitionMapFromMap(receiver->map()));
     Map::GeneralizeRepresentation(
         target, target->LastAdded(),
         value->OptimalRepresentation(), FORCE_FIELD);
     // Lookup the transition again since the transition tree may have changed
     // entirely by the migration above.
     receiver->map()->LookupTransition(*holder, *name, lookup);
     if (!lookup->IsTransition()) return false;
-    *state = MONOMORPHIC_PROTOTYPE_FAILURE;
+    ic->MarkMonomorphicPrototypeFailure();
   }
   return true;
 }
 
 
-MaybeObject* StoreIC::Store(State state,
-                            Handle<Object> object,
+MaybeObject* StoreIC::Store(Handle<Object> object,
                             Handle<String> name,
                             Handle<Object> value,
                             JSReceiver::StoreFromKeyed store_mode) {
   // Handle proxies.
   if (object->IsJSProxy()) {
     Handle<Object> result = JSReceiver::SetProperty(
         Handle<JSReceiver>::cast(object), name, value, NONE, strict_mode());
     RETURN_IF_EMPTY_HANDLE(isolate(), result);
     return *result;
   }
@@ skipping 45 matching lines @@
   // to have fast properties but a read-only length.
   if (use_ic &&
       receiver->IsJSArray() &&
       name->Equals(isolate()->heap()->length_string()) &&
       Handle<JSArray>::cast(receiver)->AllowsSetElementsLength() &&
       receiver->HasFastProperties() &&
       !receiver->map()->is_frozen()) {
     Handle<Code> stub =
         StoreArrayLengthStub(kind(), strict_mode()).GetCode(isolate());
     set_target(*stub);
-    TRACE_IC("StoreIC", name, state, stub);
+    TRACE_IC("StoreIC", name, stub);
     Handle<Object> result = JSReceiver::SetProperty(
         receiver, name, value, NONE, strict_mode(), store_mode);
     RETURN_IF_EMPTY_HANDLE(isolate(), result);
     return *result;
   }
 
   if (receiver->IsJSGlobalProxy()) {
     if (use_ic && kind() != Code::KEYED_STORE_IC) {
       // Generate a generic stub that goes to the runtime when we see a global
       // proxy as receiver.
       Handle<Code> stub = global_proxy_stub();
       set_target(*stub);
-      TRACE_IC("StoreIC", name, state, stub);
+      TRACE_IC("StoreIC", name, stub);
     }
     Handle<Object> result = JSReceiver::SetProperty(
         receiver, name, value, NONE, strict_mode(), store_mode);
     RETURN_IF_EMPTY_HANDLE(isolate(), result);
     return *result;
   }
 
   LookupResult lookup(isolate());
-  bool can_store = LookupForWrite(receiver, name, value, &lookup, &state);
+  bool can_store = LookupForWrite(receiver, name, value, &lookup, this);
   if (!can_store &&
       strict_mode() == kStrictMode &&
       !(lookup.IsProperty() && lookup.IsReadOnly()) &&
       IsUndeclaredGlobal(object)) {
     // Strict mode doesn't allow setting non-existent global property.
     return ReferenceError("not_defined", name);
   }
   if (use_ic) {
-    if (state == UNINITIALIZED) {
+    if (state() == UNINITIALIZED) {
       Handle<Code> stub = pre_monomorphic_stub();
       set_target(*stub);
-      TRACE_IC("StoreIC", name, state, stub);
+      TRACE_IC("StoreIC", name, stub);
     } else if (can_store) {
-      UpdateCaches(&lookup, state, receiver, name, value);
+      UpdateCaches(&lookup, receiver, name, value);
     } else if (!name->IsCacheable(isolate()) ||
                lookup.IsNormal() ||
                (lookup.IsField() && lookup.CanHoldValue(value))) {
       Handle<Code> stub = generic_stub();
       set_target(*stub);
     }
   }
 
   // Set the property.
   Handle<Object> result = JSReceiver::SetProperty(
       receiver, name, value, NONE, strict_mode(), store_mode);
   RETURN_IF_EMPTY_HANDLE(isolate(), result);
   return *result;
 }
 
 
 void StoreIC::UpdateCaches(LookupResult* lookup,
-                           State state,
                            Handle<JSObject> receiver,
                            Handle<String> name,
                            Handle<Object> value) {
   ASSERT(!receiver->IsJSGlobalProxy());
   ASSERT(lookup->IsFound());
 
   // These are not cacheable, so we never see such LookupResults here.
   ASSERT(!lookup->IsHandler());
 
   Handle<Code> code = ComputeStoreMonomorphic(lookup, receiver, name, value);
   if (code.is_null()) {
     set_target(*generic_stub());
     return;
   }
 
-  PatchCache(state, receiver, name, code);
-  TRACE_IC("StoreIC", name, state, target());
+  PatchCache(receiver, name, code);
+  TRACE_IC("StoreIC", name, target());
 }
 
 
 Handle<Code> StoreIC::ComputeStoreMonomorphic(LookupResult* lookup,
                                               Handle<JSObject> receiver,
                                               Handle<String> name,
                                               Handle<Object> value) {
   Handle<JSObject> holder(lookup->holder());
   switch (lookup->type()) {
     case FIELD:
@@ skipping 78 matching lines @@
 Handle<Code> KeyedStoreIC::StoreElementStub(Handle<JSObject> receiver,
                                             KeyedAccessStoreMode store_mode) {
   // Don't handle megamorphic property accesses for INTERCEPTORS or CALLBACKS
   // via megamorphic stubs, since they don't have a map in their relocation info
   // and so the stubs can't be harvested for the object needed for a map check.
   if (target()->type() != Code::NORMAL) {
     TRACE_GENERIC_IC(isolate(), "KeyedIC", "non-NORMAL target type");
     return generic_stub();
   }
 
-  State ic_state = target()->ic_state();
   Handle<Map> receiver_map(receiver->map(), isolate());
-  if (ic_state == UNINITIALIZED || ic_state == PREMONOMORPHIC) {
+  if (state() == UNINITIALIZED || state() == PREMONOMORPHIC) {
     // Optimistically assume that ICs that haven't reached the MONOMORPHIC state
     // yet will do so and stay there.
     Handle<Map> monomorphic_map = ComputeTransitionedMap(receiver, store_mode);
     store_mode = GetNonTransitioningStoreMode(store_mode);
     return isolate()->stub_cache()->ComputeKeyedStoreElement(
         monomorphic_map, strict_mode(), store_mode);
   }
 
   MapHandleList target_receiver_maps;
   target()->FindAllMaps(&target_receiver_maps);
   if (target_receiver_maps.length() == 0) {
     // In the case that there is a non-map-specific IC is installed (e.g. keyed
     // stores into properties in dictionary mode), then there will be not
     // receiver maps in the target.
     return generic_stub();
   }
 
   // There are several special cases where an IC that is MONOMORPHIC can still
   // transition to a different GetNonTransitioningStoreMode IC that handles a
   // superset of the original IC. Handle those here if the receiver map hasn't
   // changed or it has transitioned to a more general kind.
   KeyedAccessStoreMode old_store_mode =
       Code::GetKeyedAccessStoreMode(target()->extra_ic_state());
   Handle<Map> previous_receiver_map = target_receiver_maps.at(0);
-  if (ic_state == MONOMORPHIC) {
+  if (state() == MONOMORPHIC) {
       // If the "old" and "new" maps are in the same elements map family, stay
       // MONOMORPHIC and use the map for the most generic ElementsKind.
     Handle<Map> transitioned_receiver_map = receiver_map;
     if (IsTransitionStoreMode(store_mode)) {
       transitioned_receiver_map =
           ComputeTransitionedMap(receiver, store_mode);
     }
     if (IsTransitionedMapOfMonomorphicTarget(*transitioned_receiver_map)) {
       // Element family is the same, use the "worst" case map.
       store_mode = GetNonTransitioningStoreMode(store_mode);
       return isolate()->stub_cache()->ComputeKeyedStoreElement(
           transitioned_receiver_map, strict_mode(), store_mode);
     } else if (*previous_receiver_map == receiver->map() &&
                old_store_mode == STANDARD_STORE &&
                (IsGrowStoreMode(store_mode) ||
                 store_mode == STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS ||
                 store_mode == STORE_NO_TRANSITION_HANDLE_COW)) {
       // A "normal" IC that handles stores can switch to a version that can
       // grow at the end of the array, handle OOB accesses or copy COW arrays
       // and still stay MONOMORPHIC.
       return isolate()->stub_cache()->ComputeKeyedStoreElement(
           receiver_map, strict_mode(), store_mode);
     }
   }
 
-  ASSERT(ic_state != GENERIC);
+  ASSERT(state() != GENERIC);
 
   bool map_added =
       AddOneReceiverMapIfMissing(&target_receiver_maps, receiver_map);
 
   if (IsTransitionStoreMode(store_mode)) {
     Handle<Map> transitioned_receiver_map =
         ComputeTransitionedMap(receiver, store_mode);
     map_added |= AddOneReceiverMapIfMissing(&target_receiver_maps,
                                             transitioned_receiver_map);
   }
@@ skipping 159 matching lines @@
     Heap* heap = receiver->GetHeap();
     if (receiver->elements()->map() == heap->fixed_cow_array_map()) {
       return STORE_NO_TRANSITION_HANDLE_COW;
     } else {
       return STANDARD_STORE;
     }
   }
 }
 
 
-MaybeObject* KeyedStoreIC::Store(State state,
-                                 Handle<Object> object,
+MaybeObject* KeyedStoreIC::Store(Handle<Object> object,
                                  Handle<Object> key,
                                  Handle<Object> value,
                                  ICMissMode miss_mode) {
   // Check for values that can be converted into an internalized string directly
   // or is representable as a smi.
   key = TryConvertKey(key, isolate());
 
   if (key->IsInternalizedString()) {
-    return StoreIC::Store(state,
-                          object,
+    return StoreIC::Store(object,
                           Handle<String>::cast(key),
                           value,
                           JSReceiver::MAY_BE_STORE_FROM_KEYED);
   }
 
   bool use_ic = FLAG_use_ic && !object->IsAccessCheckNeeded() &&
       !(FLAG_harmony_observation && object->IsJSObject() &&
         JSObject::cast(*object)->map()->is_observed());
   if (use_ic && !object->IsSmi()) {
     // Don't use ICs for maps of the objects in Array's prototype chain. We
@@ skipping 24 matching lines @@
           TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "key not a number");
         }
       } else {
         TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "not an object");
       }
     } else {
       TRACE_GENERIC_IC(isolate(), "KeyedStoreIC", "force generic");
     }
     ASSERT(!stub.is_null());
     set_target(*stub);
-    TRACE_IC("KeyedStoreIC", key, state, target());
+    TRACE_IC("KeyedStoreIC", key, target());
   }
 
   return Runtime::SetObjectPropertyOrFail(
       isolate(), object , key, value, NONE, strict_mode());
 }
 
 
 Handle<Code> KeyedStoreIC::ComputeStoreMonomorphic(LookupResult* lookup,
                                                    Handle<JSObject> receiver,
                                                    Handle<String> name,
@@ skipping 42 matching lines @@
 
 // ----------------------------------------------------------------------------
 // Static IC stub generators.
 //
 
 // Used from ic-<arch>.cc.
 RUNTIME_FUNCTION(MaybeObject*, CallIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   CallIC ic(isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
+  ic.UpdateState(args[0], args[1]);
   Code::ExtraICState extra_ic_state = ic.target()->extra_ic_state();
-  MaybeObject* maybe_result = ic.LoadFunction(state,
-                                              extra_ic_state,
+  MaybeObject* maybe_result = ic.LoadFunction(extra_ic_state,
                                               args.at<Object>(0),
                                               args.at<String>(1));
   JSFunction* raw_function;
   if (!maybe_result->To(&raw_function)) return maybe_result;
 
   // The first time the inline cache is updated may be the first time the
   // function it references gets called. If the function is lazily compiled
   // then the first call will trigger a compilation. We check for this case
   // and we do the compilation immediately, instead of waiting for the stub
   // currently attached to the JSFunction object to trigger compilation.
   if (raw_function->is_compiled()) return raw_function;
 
   Handle<JSFunction> function(raw_function);
   JSFunction::CompileLazy(function, CLEAR_EXCEPTION);
   return *function;
 }
 
 
 // Used from ic-<arch>.cc.
 RUNTIME_FUNCTION(MaybeObject*, KeyedCallIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   KeyedCallIC ic(isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
+  ic.UpdateState(args[0], args[1]);
   MaybeObject* maybe_result =
-      ic.LoadFunction(state, args.at<Object>(0), args.at<Object>(1));
+      ic.LoadFunction(args.at<Object>(0), args.at<Object>(1));
   // Result could be a function or a failure.
   JSFunction* raw_function = NULL;
   if (!maybe_result->To(&raw_function)) return maybe_result;
 
   if (raw_function->is_compiled()) return raw_function;
 
   Handle<JSFunction> function(raw_function, isolate);
   JSFunction::CompileLazy(function, CLEAR_EXCEPTION);
   return *function;
 }
 
 
 // Used from ic-<arch>.cc.
 RUNTIME_FUNCTION(MaybeObject*, LoadIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   LoadIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Load(state, args.at<Object>(0), args.at<String>(1));
+  ic.UpdateState(args[0], args[1]);
+  return ic.Load(args.at<Object>(0), args.at<String>(1));
 }
 
 
 // Used from ic-<arch>.cc
 RUNTIME_FUNCTION(MaybeObject*, KeyedLoadIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   KeyedLoadIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Load(state, args.at<Object>(0), args.at<Object>(1), MISS);
+  ic.UpdateState(args[0], args[1]);
+  return ic.Load(args.at<Object>(0), args.at<Object>(1), MISS);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, KeyedLoadIC_MissFromStubFailure) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   KeyedLoadIC ic(IC::EXTRA_CALL_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Load(state, args.at<Object>(0), args.at<Object>(1), MISS);
+  ic.UpdateState(args[0], args[1]);
+  return ic.Load(args.at<Object>(0), args.at<Object>(1), MISS);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, KeyedLoadIC_MissForceGeneric) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 2);
   KeyedLoadIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Load(state,
-                 args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Load(args.at<Object>(0),
                  args.at<Object>(1),
                  MISS_FORCE_GENERIC);
 }
 
 
 // Used from ic-<arch>.cc.
 RUNTIME_FUNCTION(MaybeObject*, StoreIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   StoreIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Store(state,
-                  args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Store(args.at<Object>(0),
                   args.at<String>(1),
                   args.at<Object>(2));
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, StoreIC_MissFromStubFailure) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   StoreIC ic(IC::EXTRA_CALL_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Store(state,
-                  args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Store(args.at<Object>(0),
                   args.at<String>(1),
                   args.at<Object>(2));
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, StoreIC_ArrayLength) {
   SealHandleScope shs(isolate);
 
   ASSERT(args.length() == 2);
   JSArray* receiver = JSArray::cast(args[0]);
@@ skipping 64 matching lines @@
   // Return the stored value.
   return value;
 }
 
 
 // Used from ic-<arch>.cc.
 RUNTIME_FUNCTION(MaybeObject*, KeyedStoreIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   KeyedStoreIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Store(state,
-                  args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Store(args.at<Object>(0),
                   args.at<Object>(1),
                   args.at<Object>(2),
                   MISS);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, KeyedStoreIC_MissFromStubFailure) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   KeyedStoreIC ic(IC::EXTRA_CALL_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Store(state,
-                  args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Store(args.at<Object>(0),
                   args.at<Object>(1),
                   args.at<Object>(2),
                   MISS);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, StoreIC_Slow) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   StoreIC ic(IC::NO_EXTRA_FRAME, isolate);
@@ skipping 26 matching lines @@
                                     value,
                                     NONE,
                                     strict_mode);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, KeyedStoreIC_MissForceGeneric) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   KeyedStoreIC ic(IC::NO_EXTRA_FRAME, isolate);
-  IC::State state = IC::StateFrom(*ic.target(), args[0], args[1]);
-  return ic.Store(state,
-                  args.at<Object>(0),
+  ic.UpdateState(args[0], args[1]);
+  return ic.Store(args.at<Object>(0),
                   args.at<Object>(1),
                   args.at<Object>(2),
                   MISS_FORCE_GENERIC);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, ElementsTransitionAndStoreIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 4);
   KeyedStoreIC ic(IC::EXTRA_CALL_FRAME, isolate);
@@ skipping 508 matching lines @@
 RUNTIME_FUNCTION(Code*, CompareIC_Miss) {
   HandleScope scope(isolate);
   ASSERT(args.length() == 3);
   CompareIC ic(isolate, static_cast<Token::Value>(args.smi_at(2)));
   ic.UpdateCaches(args.at<Object>(0), args.at<Object>(1));
   return ic.raw_target();
 }
 
 
 void CompareNilIC::Clear(Address address, Code* target) {
-  if (target->ic_state() == UNINITIALIZED) return;
+  if (IsCleared(target)) return;
   Code::ExtraICState state = target->extended_extra_ic_state();
 
   CompareNilICStub stub(state, HydrogenCodeStub::UNINITIALIZED);
   stub.ClearState();
 
   Code* code = NULL;
   CHECK(stub.FindCodeInCache(&code, target->GetIsolate()));
 
   SetTargetAtAddress(address, code);
 }
@@ skipping 59 matching lines @@
   set_target(*code);
   return Smi::FromInt(to_boolean_value ? 1 : 0);
 }
 
 
 RUNTIME_FUNCTION(MaybeObject*, ToBooleanIC_Miss) {
   ASSERT(args.length() == 1);
   HandleScope scope(isolate);
   Handle<Object> object = args.at<Object>(0);
   ToBooleanIC ic(isolate);
-  Code::ExtraICState ic_state = ic.target()->extended_extra_ic_state();
-  return ic.ToBoolean(object, ic_state);
+  Code::ExtraICState extra_ic_state = ic.target()->extended_extra_ic_state();
+  return ic.ToBoolean(object, extra_ic_state);
 }
 
 
 static const Address IC_utilities[] = {
 #define ADDR(name) FUNCTION_ADDR(name),
     IC_UTIL_LIST(ADDR)
     NULL
 #undef ADDR
 };
 
 
 Address IC::AddressFromUtilityId(IC::UtilityId id) {
   return IC_utilities[id];
 }
 
 
 } }  // namespace v8::internal