Fix Type::Intersect to allocate large enough union.

src/types.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 418 matching lines @@
   if (type1->IsNone()) return type2;
   if (type2->IsNone()) return type1;
 
   // Semi-fast case: Unioned objects are neither involved nor produced.
   if (!(type1->IsUnion() || type2->IsUnion())) {
     if (type1->Is(type2)) return type2;
     if (type2->Is(type1)) return type1;
   }
 
   // Slow case: may need to produce a Unioned object.
-  int size = type1->IsBitset() || type2->IsBitset() ? 1 : 0;
+  int bitset = type1->GlbBitset() | type2->GlbBitset();
+  int allocated_size = bitset != kNone ? 1 : 0;
   if (!type1->IsBitset()) {
-    size += (type1->IsUnion() ? Config::union_length(type1->AsUnion()) : 1);
+    allocated_size += type1->IsUnion() ? Config::union_length(type1->AsUnion())
+                                       : 1;
   }
   if (!type2->IsBitset()) {
-    size += (type2->IsUnion() ? Config::union_length(type2->AsUnion()) : 1);
+    allocated_size += type2->IsUnion() ? Config::union_length(type2->AsUnion())
+                                       : 1;
   }
-  ASSERT(size >= 2);
-  UnionedHandle unioned = Config::union_create(size, region);
-  size = 0;
+  UnionedHandle unioned = Config::union_create(allocated_size, region);
+  int used_size = 0;
 
-  int bitset = type1->GlbBitset() | type2->GlbBitset();
   if (bitset != kNone) {
-    Config::union_set(unioned, size++, Config::from_bitset(bitset, region));
+    Config::union_set(unioned, used_size++,
+                      Config::from_bitset(bitset, region));
   }
-  size = ExtendUnion(unioned, type1, size);
-  size = ExtendUnion(unioned, type2, size);
+  used_size = ExtendUnion(unioned, type1, used_size);
+  used_size = ExtendUnion(unioned, type2, used_size);
+  ASSERT(used_size <= allocated_size);
 
-  if (size == 1) {
+  if (used_size == 1) {
     return Config::union_get(unioned, 0);
   } else {
-    Config::union_shrink(unioned, size);
+    Config::union_shrink(unioned, used_size);
     return Config::from_union(unioned);
   }
 }
 
 
 // Get non-bitsets from type which are also in other, store at unioned,
 // starting at index. Returns updated index.
 template<class Config>
 int TypeImpl<Config>::ExtendIntersection(
     UnionedHandle result, TypeHandle type, TypeHandle other, int current_size) {
@@ skipping 34 matching lines @@
   if (type1->IsAny()) return type2;
   if (type2->IsAny()) return type1;
 
   // Semi-fast case: Unioned objects are neither involved nor produced.
   if (!(type1->IsUnion() || type2->IsUnion())) {
     if (type1->Is(type2)) return type1;
     if (type2->Is(type1)) return type2;
   }
 
   // Slow case: may need to produce a Unioned object.
-  int size = 0;
+  int allocated_size = 0;
   if (!type1->IsBitset()) {
-    size = (type1->IsUnion() ? Config::union_length(type1->AsUnion()) : 2);
+    allocated_size = type1->IsUnion() ? Config::union_length(type1->AsUnion())
+                                      : 1;
   }
   if (!type2->IsBitset()) {
-    int size2 = (type2->IsUnion() ? Config::union_length(type2->AsUnion()) : 2);
-    size = (size == 0 ? size2 : Min(size, size2));
+    int size2 = type2->IsUnion() ? Config::union_length(type2->AsUnion()) : 1;
+    allocated_size = allocated_size == 0 ? size2 : Min(allocated_size, size2);
   }
-  ASSERT(size >= 2);
-  UnionedHandle unioned = Config::union_create(size, region);
-  size = 0;
+  int bitset = type1->GlbBitset() & type2->GlbBitset();
+  if (bitset != kNone) allocated_size++;
+  UnionedHandle unioned = Config::union_create(allocated_size, region);
+  int used_size = 0;
 
-  int bitset = type1->GlbBitset() & type2->GlbBitset();
   if (bitset != kNone) {
-    Config::union_set(unioned, size++, Config::from_bitset(bitset, region));
+    Config::union_set(unioned, used_size++,
+                      Config::from_bitset(bitset, region));
   }
-  size = ExtendIntersection(unioned, type1, type2, size);
-  size = ExtendIntersection(unioned, type2, type1, size);
+  used_size = ExtendIntersection(unioned, type1, type2, used_size);
+  used_size = ExtendIntersection(unioned, type2, type1, used_size);
+  ASSERT(used_size <= allocated_size);
 
-  if (size == 0) {
+  if (used_size == 0) {
     return None(region);
-  } else if (size == 1) {
+  } else if (used_size == 1) {
     return Config::union_get(unioned, 0);
   } else {
-    Config::union_shrink(unioned, size);
+    Config::union_shrink(unioned, used_size);
     return Config::from_union(unioned);
   }
 }
 
 
 template<class Config>
 template<class OtherType>
 typename TypeImpl<Config>::TypeHandle TypeImpl<Config>::Convert(
     typename OtherType::TypeHandle type, Region* region) {
   if (type->IsBitset()) {
@@ skipping 88 matching lines @@
 }
 
 
 template<class Config>
 void TypeImpl<Config>::TypePrint(FILE* out, PrintDimension dim) {
   if (this->IsBitset()) {
     int bitset = this->AsBitset();
     switch (dim) {
       case BOTH_DIMS:
         BitsetTypePrint(out, bitset & kSemantic);
-        PrintF("/");
+        PrintF(out, "/");
         BitsetTypePrint(out, bitset & kRepresentation);
         break;
       case SEMANTIC_DIM:
         BitsetTypePrint(out, bitset & kSemantic);
         break;
       case REPRESENTATION_DIM:
         BitsetTypePrint(out, bitset & kRepresentation);
         break;
     }
   } else if (this->IsConstant()) {
     PrintF(out, "Constant(%p : ", static_cast<void*>(*this->AsConstant()));
     Config::from_bitset(this->LubBitset())->TypePrint(out);
-    PrintF(")");
+    PrintF(out, ")");
   } else if (this->IsClass()) {
     PrintF(out, "Class(%p < ", static_cast<void*>(*this->AsClass()));
     Config::from_bitset(this->LubBitset())->TypePrint(out);
-    PrintF(")");
+    PrintF(out, ")");
   } else if (this->IsUnion()) {
     PrintF(out, "(");
     UnionedHandle unioned = this->AsUnion();
     for (int i = 0; i < Config::union_length(unioned); ++i) {
       TypeHandle type_i = Config::union_get(unioned, i);
       if (i > 0) PrintF(out, " | ");
-      type_i->TypePrint(out);
+      type_i->TypePrint(out, dim);
     }
     PrintF(out, ")");
   }
 }
 #endif
 
 
 template class TypeImpl<ZoneTypeConfig>;
 template class TypeImpl<ZoneTypeConfig>::Iterator<i::Map>;
 template class TypeImpl<ZoneTypeConfig>::Iterator<i::Object>;
 
 template class TypeImpl<HeapTypeConfig>;
 template class TypeImpl<HeapTypeConfig>::Iterator<i::Map>;
 template class TypeImpl<HeapTypeConfig>::Iterator<i::Object>;
 
 template TypeImpl<ZoneTypeConfig>::TypeHandle
   TypeImpl<ZoneTypeConfig>::Convert<HeapType>(
     TypeImpl<HeapTypeConfig>::TypeHandle, TypeImpl<ZoneTypeConfig>::Region*);
 template TypeImpl<HeapTypeConfig>::TypeHandle
   TypeImpl<HeapTypeConfig>::Convert<Type>(
     TypeImpl<ZoneTypeConfig>::TypeHandle, TypeImpl<HeapTypeConfig>::Region*);
 
 
 } }  // namespace v8::internal