Workaround for CFI bug

This CL lands a workaround for a bug causing the linker to merge
ExternalOneByteStringGetChar() and ExternalTwoByteStringGetChar() which
leads to the generated vtable address checks failing on one of the
inputs.

To make the two function's machine code different (to prevent the
linker from merging them), this CL adds CHECKs of the arguments to both
functions.

Bug: chromium:1160961
Change-Id: Ifc4c6e4e05a394a6f27572877abb765d02fd23ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2640478Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72216}

src/codegen/external-reference.cc

@@ -684,9 +684,21 @@ void StringWriteToFlatTwoByte(Address source, uint16_t* sink, int32_t from,
 }
 
 const uint8_t* ExternalOneByteStringGetChars(Address string) {
+  // The following CHECK is a workaround to prevent a CFI bug where
+  // ExternalOneByteStringGetChars() and ExternalTwoByteStringGetChars() are
+  // merged by the linker, resulting in one of the input type's vtable address
+  // failing the address range check.
+  // TODO(chromium:1160961): Consider removing the CHECK when CFI is fixed.
+  CHECK(Object(string).IsExternalOneByteString());
   return ExternalOneByteString::cast(Object(string)).GetChars();
 }
 const uint16_t* ExternalTwoByteStringGetChars(Address string) {
+  // The following CHECK is a workaround to prevent a CFI bug where
+  // ExternalOneByteStringGetChars() and ExternalTwoByteStringGetChars() are
+  // merged by the linker, resulting in one of the input type's vtable address
+  // failing the address range check.
+  // TODO(chromium:1160961): Consider removing the CHECK when CFI is fixed.
+  CHECK(Object(string).IsExternalTwoByteString());
   return ExternalTwoByteString::cast(Object(string)).GetChars();
 }