[turbofan] Speculatively optimize string character access.

src/builtins/builtins-string-gen.cc

Index: src/builtins/builtins-string-gen.cc
diff --git a/src/builtins/builtins-string-gen.cc b/src/builtins/builtins-string-gen.cc
index d0f707bcec42ed5b3810e664c6887a8eb0a33a8e..f30111a802d8ca93a81cbb67b6fdb0b2001bc68e 100644
--- a/src/builtins/builtins-string-gen.cc
+++ b/src/builtins/builtins-string-gen.cc
@@ -656,7 +656,13 @@ TF_BUILTIN(StringPrototypeCharAt, CodeStubAssembler) {
            &if_positioninbounds);
 
     BIND(&return_emptystring);
-    Return(EmptyStringConstant());
+    {
+      // Invalidate the "String Bounds Check" protector.
+      Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
+      Node* cell = LoadRoot(Heap::kStringBoundsCheckProtectorRootIndex);
+      StoreObjectFieldNoWriteBarrier(cell, Cell::kValueOffset, invalid);
+      Return(EmptyStringConstant());
+    }
 
     BIND(&if_positioninbounds);
   }
@@ -695,7 +701,13 @@ TF_BUILTIN(StringPrototypeCharCodeAt, CodeStubAssembler) {
            &if_positioninbounds);
 
     BIND(&return_nan);
-    Return(NaNConstant());
+    {
+      // Invalidate the "String Bounds Check" protector.
+      Node* invalid = SmiConstant(Isolate::kProtectorInvalid);
+      Node* cell = LoadRoot(Heap::kStringBoundsCheckProtectorRootIndex);
+      StoreObjectFieldNoWriteBarrier(cell, Cell::kValueOffset, invalid);
+      Return(NaNConstant());
+    }
 
     BIND(&if_positioninbounds);
   }