Skip to content

V
V8
Commit f5014617 authored by Leszek Swirski's avatar Leszek Swirski Committed by V8 LUCI CQ
Browse files
Options

[maglev] Fix slow path in CheckedInternalizedString 

Test for non-string objects in the CheckedInternalizedString slow path.

Bug: v8:7700
Change-Id: Iac82a39ad0a0a93b328f8c574ed0bb7e2f39703b
Fixed: chromium:1360432
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3879227
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: 's avatarVictor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83040}
parent ced65be6
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 0 deletions
src/maglev/maglev-ir.cc
View file @ f5014617
......@@ -1550,6 +1550,7 @@ void CheckedInternalizedString::GenerateCode(MaglevAssembler* masm,
__ LoadMap(map_tmp, object);
__ RecordComment("Test IsInternalizedString");
// Go to the slow path if this is a non-string, or a non-internalised string.
__ testw(FieldOperand(map_tmp, Map::kInstanceTypeOffset),
Immediate(kIsNotStringMask | kIsNotInternalizedMask));
static_assert((kStringTag | kInternalizedTag) == 0);
......@@ -1561,6 +1562,10 @@ void CheckedInternalizedString::GenerateCode(MaglevAssembler* masm,
__ RecordComment("Deferred Test IsThinString");
__ movw(map_tmp, FieldOperand(map_tmp, Map::kInstanceTypeOffset));
static_assert(kThinStringTagBit > 0);
// Deopt if this isn't a string.
__ testw(map_tmp, Immediate(kIsNotStringMask));
__ j(not_zero, &deopt_info->deopt_entry_label);
// Deopt if this isn't a thin string.
__ testb(map_tmp, Immediate(kThinStringTagBit));
__ j(zero, &deopt_info->deopt_entry_label);
__ LoadTaggedPointerField(
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment