Harden how the compiler references GC objects
[WebKit.git] / Source / JavaScriptCore / ftl / FTLOutput.h
index daea7d0..433e1e0 100644 (file)
@@ -44,6 +44,7 @@
 #include "FTLValueFromBlock.h"
 #include "FTLWeight.h"
 #include "FTLWeightedTarget.h"
+#include "HeapCell.h"
 #include <wtf/OrderMaker.h>
 #include <wtf/StringPrintStream.h>
 
@@ -104,9 +105,29 @@ public:
 
     LValue constBool(bool value);
     LValue constInt32(int32_t value);
+
+    LValue weakPointer(DFG::Graph& graph, JSCell* cell)
+    {
+        ASSERT(graph.m_plan.weakReferences.contains(cell));
+
+        if (sizeof(void*) == 8)
+            return constInt64(bitwise_cast<intptr_t>(cell));
+        return constInt32(bitwise_cast<intptr_t>(cell));
+    }
+
+    LValue weakPointer(DFG::FrozenValue* value)
+    {
+        RELEASE_ASSERT(value->value().isCell());
+
+        if (sizeof(void*) == 8)
+            return constInt64(bitwise_cast<intptr_t>(value->cell()));
+        return constInt32(bitwise_cast<intptr_t>(value->cell()));
+    }
+
     template<typename T>
     LValue constIntPtr(T* value)
     {
+        static_assert(!std::is_base_of<HeapCell, T>::value, "To use a GC pointer, the graph must be aware of it. Use gcPointer instead and make sure the graph is aware of this reference.");
         if (sizeof(void*) == 8)
             return constInt64(bitwise_cast<intptr_t>(value));
         return constInt32(bitwise_cast<intptr_t>(value));