Strings should not be allocated in a gigacage
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 May 2018 00:40:18 +0000 (00:40 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 May 2018 00:40:18 +0000 (00:40 +0000)
https://bugs.webkit.org/show_bug.cgi?id=185218

Reviewed by Saam Barati.
Source/bmalloc:

This removes the string gigacage.

Putting strings in a gigacage prevents read gadgets. The other things that get to be in gigacages
are there to prevent read-write gadgets.

Also, putting strings in a gigacage seems to have been a bigger regression than putting other
things in gigacages.

Therefore, to maximize the benefit/cost ratio of gigacages, we should evict strings from them. If
we want to throw away perf for security, there are more beneficial things to sacrifice.

* bmalloc/Gigacage.h:
(Gigacage::name):
(Gigacage::basePtr):
(Gigacage::size):
(Gigacage::forEachKind):
* bmalloc/HeapKind.h:
(bmalloc::isGigacage):
(bmalloc::gigacageKind):
(bmalloc::heapKind):
(bmalloc::isActiveHeapKindAfterEnsuringGigacage):
(bmalloc::mapToActiveHeapKindAfterEnsuringGigacage):

Source/JavaScriptCore:

* runtime/JSBigInt.cpp:
(JSC::JSBigInt::toStringGeneric):
* runtime/JSString.cpp:
(JSC::JSRopeString::resolveRopeToAtomicString const):
(JSC::JSRopeString::resolveRope const):
* runtime/JSString.h:
(JSC::JSString::create):
(JSC::JSString::createHasOtherOwner):
* runtime/VM.h:
(JSC::VM::gigacageAuxiliarySpace):

Source/WebCore:

No new tests because no new behavior.

* Modules/indexeddb/server/IDBSerialization.cpp:
(WebCore::decodeKey):
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::readString):
* html/canvas/CanvasRenderingContext2D.cpp:
(WebCore::normalizeSpaces):
* html/parser/HTMLTreeBuilder.cpp:
(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
* platform/URLParser.cpp:
(WebCore::percentEncodeByte):
(WebCore::serializeURLEncodedForm):
(WebCore::URLParser::serialize):
* platform/URLParser.h:
* platform/graphics/FourCC.cpp:
(WebCore::FourCC::toString const):
* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
* platform/text/LocaleICU.cpp:
(WebCore::LocaleICU::decimalSymbol):
(WebCore::LocaleICU::decimalTextAttribute):
(WebCore::getDateFormatPattern):
(WebCore::LocaleICU::createLabelVector):
(WebCore::getFormatForSkeleton):
* platform/win/FileSystemWin.cpp:
(WebCore::FileSystem::getFinalPathName):
(WebCore::FileSystem::pathByAppendingComponent):
(WebCore::FileSystem::storageDirectory):

Source/WTF:

* WTF.xcodeproj/project.pbxproj:
* wtf/Deque.h:
* wtf/Forward.h:
* wtf/Gigacage.h:
(Gigacage::name):
(Gigacage::basePtr):
* wtf/Vector.h:
(WTF::VectorBufferBase::allocateBuffer):
(WTF::VectorBufferBase::tryAllocateBuffer):
(WTF::VectorBufferBase::reallocateBuffer):
(WTF::VectorBufferBase::deallocateBuffer):
(WTF::minCapacity>::Vector):
(WTF::=):
(WTF::minCapacity>::contains const):
(WTF::minCapacity>::findMatching const):
(WTF::minCapacity>::find const):
(WTF::minCapacity>::reverseFind const):
(WTF::minCapacity>::appendIfNotContains):
(WTF::minCapacity>::fill):
(WTF::minCapacity>::appendRange):
(WTF::minCapacity>::expandCapacity):
(WTF::minCapacity>::tryExpandCapacity):
(WTF::minCapacity>::resize):
(WTF::minCapacity>::resizeToFit):
(WTF::minCapacity>::shrink):
(WTF::minCapacity>::grow):
(WTF::minCapacity>::asanSetInitialBufferSizeTo):
(WTF::minCapacity>::asanSetBufferSizeToFullCapacity):
(WTF::minCapacity>::asanBufferSizeWillChangeTo):
(WTF::minCapacity>::reserveCapacity):
(WTF::minCapacity>::tryReserveCapacity):
(WTF::minCapacity>::reserveInitialCapacity):
(WTF::minCapacity>::shrinkCapacity):
(WTF::minCapacity>::append):
(WTF::minCapacity>::tryAppend):
(WTF::minCapacity>::constructAndAppend):
(WTF::minCapacity>::tryConstructAndAppend):
(WTF::minCapacity>::appendSlowCase):
(WTF::minCapacity>::constructAndAppendSlowCase):
(WTF::minCapacity>::tryConstructAndAppendSlowCase):
(WTF::minCapacity>::uncheckedAppend):
(WTF::minCapacity>::appendVector):
(WTF::minCapacity>::insert):
(WTF::minCapacity>::insertVector):
(WTF::minCapacity>::remove):
(WTF::minCapacity>::removeFirst):
(WTF::minCapacity>::removeFirstMatching):
(WTF::minCapacity>::removeAll):
(WTF::minCapacity>::removeAllMatching):
(WTF::minCapacity>::reverse):
(WTF::minCapacity>::map const):
(WTF::minCapacity>::releaseBuffer):
(WTF::minCapacity>::checkConsistency):
(WTF::swap):
(WTF::operator==):
(WTF::operator!=):
(WTF::removeRepeatedElements):
(WTF::Malloc>::Vector): Deleted.
(WTF::Malloc>::contains const): Deleted.
(WTF::Malloc>::findMatching const): Deleted.
(WTF::Malloc>::find const): Deleted.
(WTF::Malloc>::reverseFind const): Deleted.
(WTF::Malloc>::appendIfNotContains): Deleted.
(WTF::Malloc>::fill): Deleted.
(WTF::Malloc>::appendRange): Deleted.
(WTF::Malloc>::expandCapacity): Deleted.
(WTF::Malloc>::tryExpandCapacity): Deleted.
(WTF::Malloc>::resize): Deleted.
(WTF::Malloc>::resizeToFit): Deleted.
(WTF::Malloc>::shrink): Deleted.
(WTF::Malloc>::grow): Deleted.
(WTF::Malloc>::asanSetInitialBufferSizeTo): Deleted.
(WTF::Malloc>::asanSetBufferSizeToFullCapacity): Deleted.
(WTF::Malloc>::asanBufferSizeWillChangeTo): Deleted.
(WTF::Malloc>::reserveCapacity): Deleted.
(WTF::Malloc>::tryReserveCapacity): Deleted.
(WTF::Malloc>::reserveInitialCapacity): Deleted.
(WTF::Malloc>::shrinkCapacity): Deleted.
(WTF::Malloc>::append): Deleted.
(WTF::Malloc>::tryAppend): Deleted.
(WTF::Malloc>::constructAndAppend): Deleted.
(WTF::Malloc>::tryConstructAndAppend): Deleted.
(WTF::Malloc>::appendSlowCase): Deleted.
(WTF::Malloc>::constructAndAppendSlowCase): Deleted.
(WTF::Malloc>::tryConstructAndAppendSlowCase): Deleted.
(WTF::Malloc>::uncheckedAppend): Deleted.
(WTF::Malloc>::appendVector): Deleted.
(WTF::Malloc>::insert): Deleted.
(WTF::Malloc>::insertVector): Deleted.
(WTF::Malloc>::remove): Deleted.
(WTF::Malloc>::removeFirst): Deleted.
(WTF::Malloc>::removeFirstMatching): Deleted.
(WTF::Malloc>::removeAll): Deleted.
(WTF::Malloc>::removeAllMatching): Deleted.
(WTF::Malloc>::reverse): Deleted.
(WTF::Malloc>::map const): Deleted.
(WTF::Malloc>::releaseBuffer): Deleted.
(WTF::Malloc>::checkConsistency): Deleted.
* wtf/text/AtomicStringImpl.h:
* wtf/text/CString.cpp:
(WTF::CStringBuffer::createUninitialized):
* wtf/text/CString.h:
* wtf/text/StringBuffer.h:
(WTF::StringBuffer::StringBuffer):
(WTF::StringBuffer::~StringBuffer):
(WTF::StringBuffer::resize):
* wtf/text/StringImpl.cpp:
(WTF::StringImpl::~StringImpl):
(WTF::StringImpl::destroy):
(WTF::StringImpl::createUninitializedInternalNonEmpty):
(WTF::StringImpl::reallocateInternal):
(WTF::StringImpl::releaseAssertCaged const): Deleted.
* wtf/text/StringImpl.h:
(WTF::StringImpl::createSubstringSharingImpl):
(WTF::StringImpl::tryCreateUninitialized):
(WTF::StringImpl::adopt):
(WTF::StringImpl::assertCaged const): Deleted.
* wtf/text/StringMalloc.cpp: Removed.
* wtf/text/StringMalloc.h: Removed.
* wtf/text/StringVector.h: Removed.
* wtf/text/SymbolImpl.h:
* wtf/text/UniquedStringImpl.h:
* wtf/text/WTFString.h:
(WTF::String::adopt):
(WTF::String::assertCaged const): Deleted.
(WTF::String::releaseAssertCaged const): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@231337 268f45cc-cd09-0410-ab3c-d52691b4dbfc

38 files changed:
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/JSBigInt.cpp
Source/JavaScriptCore/runtime/JSString.cpp
Source/JavaScriptCore/runtime/JSString.h
Source/JavaScriptCore/runtime/VM.h
Source/WTF/ChangeLog
Source/WTF/WTF.xcodeproj/project.pbxproj
Source/WTF/wtf/CMakeLists.txt
Source/WTF/wtf/Deque.h
Source/WTF/wtf/Forward.h
Source/WTF/wtf/Gigacage.h
Source/WTF/wtf/Vector.h
Source/WTF/wtf/text/AtomicStringImpl.h
Source/WTF/wtf/text/CString.cpp
Source/WTF/wtf/text/CString.h
Source/WTF/wtf/text/StringBuffer.h
Source/WTF/wtf/text/StringImpl.cpp
Source/WTF/wtf/text/StringImpl.h
Source/WTF/wtf/text/StringMalloc.cpp [deleted file]
Source/WTF/wtf/text/StringMalloc.h [deleted file]
Source/WTF/wtf/text/StringVector.h [deleted file]
Source/WTF/wtf/text/SymbolImpl.h
Source/WTF/wtf/text/UniquedStringImpl.h
Source/WTF/wtf/text/WTFString.h
Source/WebCore/ChangeLog
Source/WebCore/Modules/indexeddb/server/IDBSerialization.cpp
Source/WebCore/bindings/js/SerializedScriptValue.cpp
Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp
Source/WebCore/html/parser/HTMLTreeBuilder.cpp
Source/WebCore/platform/URLParser.cpp
Source/WebCore/platform/URLParser.h
Source/WebCore/platform/graphics/FourCC.cpp
Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp
Source/WebCore/platform/text/LocaleICU.cpp
Source/WebCore/platform/win/FileSystemWin.cpp
Source/bmalloc/ChangeLog
Source/bmalloc/bmalloc/Gigacage.h
Source/bmalloc/bmalloc/HeapKind.h

index 1a4e189..8fd11de 100644 (file)
@@ -1,3 +1,21 @@
+2018-05-03  Filip Pizlo  <fpizlo@apple.com>
+
+        Strings should not be allocated in a gigacage
+        https://bugs.webkit.org/show_bug.cgi?id=185218
+
+        Reviewed by Saam Barati.
+
+        * runtime/JSBigInt.cpp:
+        (JSC::JSBigInt::toStringGeneric):
+        * runtime/JSString.cpp:
+        (JSC::JSRopeString::resolveRopeToAtomicString const):
+        (JSC::JSRopeString::resolveRope const):
+        * runtime/JSString.h:
+        (JSC::JSString::create):
+        (JSC::JSString::createHasOtherOwner):
+        * runtime/VM.h:
+        (JSC::VM::gigacageAuxiliarySpace):
+
 2018-05-03  Keith Miller  <keith_miller@apple.com>
 
         Unreviewed, fix 32-bit profile offset for change in bytecode
index c51c8b2..3d1e9f1 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2017 Caio Lima <ticaiolima@gmail.com>
- * Copyright (C) 2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2017-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -53,7 +53,6 @@
 #include "MathCommon.h"
 #include "ParseInt.h"
 #include <algorithm>
-#include <wtf/text/StringVector.h>
 
 #define STATIC_ASSERT(cond) static_assert(cond, "JSBigInt assumes " #cond)
 
@@ -558,9 +557,9 @@ uint64_t JSBigInt::calculateMaximumCharactersRequired(int length, int radix, Dig
 
 String JSBigInt::toStringGeneric(ExecState& state, JSBigInt* x, int radix)
 {
-    // FIXME: [JSC] Revisit usage of StringVector into JSBigInt::toString
+    // FIXME: [JSC] Revisit usage of Vector into JSBigInt::toString
     // https://bugs.webkit.org/show_bug.cgi?id=18067
-    StringVector<LChar> resultString;
+    Vector<LChar> resultString;
 
     ASSERT(radix >= 2 && radix <= 36);
     ASSERT(!x->isZero());
index 2065275..5de2f55 100644 (file)
@@ -178,34 +178,30 @@ void JSRopeString::resolveRopeInternal16NoSubstring(UChar* buffer) const
 
 void JSRopeString::resolveRopeToAtomicString(ExecState* exec) const
 {
-    [&] () {
-        if (length() > maxLengthForOnStackResolve) {
-            resolveRope(exec);
-            m_value = AtomicString(m_value);
-            setIs8Bit(m_value.impl()->is8Bit());
-            return;
-        }
+    if (length() > maxLengthForOnStackResolve) {
+        resolveRope(exec);
+        m_value = AtomicString(m_value);
+        setIs8Bit(m_value.impl()->is8Bit());
+        return;
+    }
 
-        if (is8Bit()) {
-            LChar buffer[maxLengthForOnStackResolve];
-            resolveRopeInternal8(buffer);
-            m_value = AtomicString(buffer, length());
-            setIs8Bit(m_value.impl()->is8Bit());
-        } else {
-            UChar buffer[maxLengthForOnStackResolve];
-            resolveRopeInternal16(buffer);
-            m_value = AtomicString(buffer, length());
-            setIs8Bit(m_value.impl()->is8Bit());
-        }
+    if (is8Bit()) {
+        LChar buffer[maxLengthForOnStackResolve];
+        resolveRopeInternal8(buffer);
+        m_value = AtomicString(buffer, length());
+        setIs8Bit(m_value.impl()->is8Bit());
+    } else {
+        UChar buffer[maxLengthForOnStackResolve];
+        resolveRopeInternal16(buffer);
+        m_value = AtomicString(buffer, length());
+        setIs8Bit(m_value.impl()->is8Bit());
+    }
 
-        clearFibers();
+    clearFibers();
 
-        // If we resolved a string that didn't previously exist, notify the heap that we've grown.
-        if (m_value.impl()->hasOneRef())
-            Heap::heap(this)->reportExtraMemoryAllocated(m_value.impl()->cost());
-    }();
-    
-    m_value.releaseAssertCaged();
+    // If we resolved a string that didn't previously exist, notify the heap that we've grown.
+    if (m_value.impl()->hasOneRef())
+        Heap::heap(this)->reportExtraMemoryAllocated(m_value.impl()->cost());
 }
 
 void JSRopeString::clearFibers() const
@@ -252,32 +248,17 @@ RefPtr<AtomicStringImpl> JSRopeString::resolveRopeToExistingAtomicString(ExecSta
 
 void JSRopeString::resolveRope(ExecState* exec) const
 {
-    [&] () {
-        ASSERT(isRope());
-        
-        if (isSubstring()) {
-            ASSERT(!substringBase()->isRope());
-            m_value = substringBase()->m_value.substringSharingImpl(substringOffset(), length());
-            substringBase().clear();
-            return;
-        }
-        
-        if (is8Bit()) {
-            LChar* buffer;
-            if (auto newImpl = StringImpl::tryCreateUninitialized(length(), buffer)) {
-                Heap::heap(this)->reportExtraMemoryAllocated(newImpl->cost());
-                m_value = WTFMove(newImpl);
-            } else {
-                outOfMemory(exec);
-                return;
-            }
-            resolveRopeInternal8NoSubstring(buffer);
-            clearFibers();
-            ASSERT(!isRope());
-            return;
-        }
-        
-        UChar* buffer;
+    ASSERT(isRope());
+    
+    if (isSubstring()) {
+        ASSERT(!substringBase()->isRope());
+        m_value = substringBase()->m_value.substringSharingImpl(substringOffset(), length());
+        substringBase().clear();
+        return;
+    }
+    
+    if (is8Bit()) {
+        LChar* buffer;
         if (auto newImpl = StringImpl::tryCreateUninitialized(length(), buffer)) {
             Heap::heap(this)->reportExtraMemoryAllocated(newImpl->cost());
             m_value = WTFMove(newImpl);
@@ -285,13 +266,24 @@ void JSRopeString::resolveRope(ExecState* exec) const
             outOfMemory(exec);
             return;
         }
-        
-        resolveRopeInternal16NoSubstring(buffer);
+        resolveRopeInternal8NoSubstring(buffer);
         clearFibers();
         ASSERT(!isRope());
-    }();
-
-    m_value.releaseAssertCaged();
+        return;
+    }
+    
+    UChar* buffer;
+    if (auto newImpl = StringImpl::tryCreateUninitialized(length(), buffer)) {
+        Heap::heap(this)->reportExtraMemoryAllocated(newImpl->cost());
+        m_value = WTFMove(newImpl);
+    } else {
+        outOfMemory(exec);
+        return;
+    }
+    
+    resolveRopeInternal16NoSubstring(buffer);
+    clearFibers();
+    ASSERT(!isRope());
 }
 
 // Overview: These functions convert a JSString from holding a string in rope form
index 6da7bfd..4f65f63 100644 (file)
@@ -138,7 +138,6 @@ protected:
 public:
     static JSString* create(VM& vm, Ref<StringImpl>&& value)
     {
-        value->assertCaged();
         unsigned length = value->length();
         size_t cost = value->cost();
         JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, WTFMove(value));
@@ -147,7 +146,6 @@ public:
     }
     static JSString* createHasOtherOwner(VM& vm, Ref<StringImpl>&& value)
     {
-        value->assertCaged();
         size_t length = value->length();
         JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, WTFMove(value));
         newString->finishCreation(vm, length);
index 267f737..8afa7e2 100644 (file)
@@ -330,8 +330,6 @@ public:
             return primitiveGigacageAuxiliarySpace;
         case Gigacage::JSValue:
             return jsValueGigacageAuxiliarySpace;
-        case Gigacage::String:
-            break;
         }
         RELEASE_ASSERT_NOT_REACHED();
         return primitiveGigacageAuxiliarySpace;
index 9e176b3..3e2bfca 100644 (file)
@@ -1,3 +1,137 @@
+2018-05-03  Filip Pizlo  <fpizlo@apple.com>
+
+        Strings should not be allocated in a gigacage
+        https://bugs.webkit.org/show_bug.cgi?id=185218
+
+        Reviewed by Saam Barati.
+        
+        * WTF.xcodeproj/project.pbxproj:
+        * wtf/Deque.h:
+        * wtf/Forward.h:
+        * wtf/Gigacage.h:
+        (Gigacage::name):
+        (Gigacage::basePtr):
+        * wtf/Vector.h:
+        (WTF::VectorBufferBase::allocateBuffer):
+        (WTF::VectorBufferBase::tryAllocateBuffer):
+        (WTF::VectorBufferBase::reallocateBuffer):
+        (WTF::VectorBufferBase::deallocateBuffer):
+        (WTF::minCapacity>::Vector):
+        (WTF::=):
+        (WTF::minCapacity>::contains const):
+        (WTF::minCapacity>::findMatching const):
+        (WTF::minCapacity>::find const):
+        (WTF::minCapacity>::reverseFind const):
+        (WTF::minCapacity>::appendIfNotContains):
+        (WTF::minCapacity>::fill):
+        (WTF::minCapacity>::appendRange):
+        (WTF::minCapacity>::expandCapacity):
+        (WTF::minCapacity>::tryExpandCapacity):
+        (WTF::minCapacity>::resize):
+        (WTF::minCapacity>::resizeToFit):
+        (WTF::minCapacity>::shrink):
+        (WTF::minCapacity>::grow):
+        (WTF::minCapacity>::asanSetInitialBufferSizeTo):
+        (WTF::minCapacity>::asanSetBufferSizeToFullCapacity):
+        (WTF::minCapacity>::asanBufferSizeWillChangeTo):
+        (WTF::minCapacity>::reserveCapacity):
+        (WTF::minCapacity>::tryReserveCapacity):
+        (WTF::minCapacity>::reserveInitialCapacity):
+        (WTF::minCapacity>::shrinkCapacity):
+        (WTF::minCapacity>::append):
+        (WTF::minCapacity>::tryAppend):
+        (WTF::minCapacity>::constructAndAppend):
+        (WTF::minCapacity>::tryConstructAndAppend):
+        (WTF::minCapacity>::appendSlowCase):
+        (WTF::minCapacity>::constructAndAppendSlowCase):
+        (WTF::minCapacity>::tryConstructAndAppendSlowCase):
+        (WTF::minCapacity>::uncheckedAppend):
+        (WTF::minCapacity>::appendVector):
+        (WTF::minCapacity>::insert):
+        (WTF::minCapacity>::insertVector):
+        (WTF::minCapacity>::remove):
+        (WTF::minCapacity>::removeFirst):
+        (WTF::minCapacity>::removeFirstMatching):
+        (WTF::minCapacity>::removeAll):
+        (WTF::minCapacity>::removeAllMatching):
+        (WTF::minCapacity>::reverse):
+        (WTF::minCapacity>::map const):
+        (WTF::minCapacity>::releaseBuffer):
+        (WTF::minCapacity>::checkConsistency):
+        (WTF::swap):
+        (WTF::operator==):
+        (WTF::operator!=):
+        (WTF::removeRepeatedElements):
+        (WTF::Malloc>::Vector): Deleted.
+        (WTF::Malloc>::contains const): Deleted.
+        (WTF::Malloc>::findMatching const): Deleted.
+        (WTF::Malloc>::find const): Deleted.
+        (WTF::Malloc>::reverseFind const): Deleted.
+        (WTF::Malloc>::appendIfNotContains): Deleted.
+        (WTF::Malloc>::fill): Deleted.
+        (WTF::Malloc>::appendRange): Deleted.
+        (WTF::Malloc>::expandCapacity): Deleted.
+        (WTF::Malloc>::tryExpandCapacity): Deleted.
+        (WTF::Malloc>::resize): Deleted.
+        (WTF::Malloc>::resizeToFit): Deleted.
+        (WTF::Malloc>::shrink): Deleted.
+        (WTF::Malloc>::grow): Deleted.
+        (WTF::Malloc>::asanSetInitialBufferSizeTo): Deleted.
+        (WTF::Malloc>::asanSetBufferSizeToFullCapacity): Deleted.
+        (WTF::Malloc>::asanBufferSizeWillChangeTo): Deleted.
+        (WTF::Malloc>::reserveCapacity): Deleted.
+        (WTF::Malloc>::tryReserveCapacity): Deleted.
+        (WTF::Malloc>::reserveInitialCapacity): Deleted.
+        (WTF::Malloc>::shrinkCapacity): Deleted.
+        (WTF::Malloc>::append): Deleted.
+        (WTF::Malloc>::tryAppend): Deleted.
+        (WTF::Malloc>::constructAndAppend): Deleted.
+        (WTF::Malloc>::tryConstructAndAppend): Deleted.
+        (WTF::Malloc>::appendSlowCase): Deleted.
+        (WTF::Malloc>::constructAndAppendSlowCase): Deleted.
+        (WTF::Malloc>::tryConstructAndAppendSlowCase): Deleted.
+        (WTF::Malloc>::uncheckedAppend): Deleted.
+        (WTF::Malloc>::appendVector): Deleted.
+        (WTF::Malloc>::insert): Deleted.
+        (WTF::Malloc>::insertVector): Deleted.
+        (WTF::Malloc>::remove): Deleted.
+        (WTF::Malloc>::removeFirst): Deleted.
+        (WTF::Malloc>::removeFirstMatching): Deleted.
+        (WTF::Malloc>::removeAll): Deleted.
+        (WTF::Malloc>::removeAllMatching): Deleted.
+        (WTF::Malloc>::reverse): Deleted.
+        (WTF::Malloc>::map const): Deleted.
+        (WTF::Malloc>::releaseBuffer): Deleted.
+        (WTF::Malloc>::checkConsistency): Deleted.
+        * wtf/text/AtomicStringImpl.h:
+        * wtf/text/CString.cpp:
+        (WTF::CStringBuffer::createUninitialized):
+        * wtf/text/CString.h:
+        * wtf/text/StringBuffer.h:
+        (WTF::StringBuffer::StringBuffer):
+        (WTF::StringBuffer::~StringBuffer):
+        (WTF::StringBuffer::resize):
+        * wtf/text/StringImpl.cpp:
+        (WTF::StringImpl::~StringImpl):
+        (WTF::StringImpl::destroy):
+        (WTF::StringImpl::createUninitializedInternalNonEmpty):
+        (WTF::StringImpl::reallocateInternal):
+        (WTF::StringImpl::releaseAssertCaged const): Deleted.
+        * wtf/text/StringImpl.h:
+        (WTF::StringImpl::createSubstringSharingImpl):
+        (WTF::StringImpl::tryCreateUninitialized):
+        (WTF::StringImpl::adopt):
+        (WTF::StringImpl::assertCaged const): Deleted.
+        * wtf/text/StringMalloc.cpp: Removed.
+        * wtf/text/StringMalloc.h: Removed.
+        * wtf/text/StringVector.h: Removed.
+        * wtf/text/SymbolImpl.h:
+        * wtf/text/UniquedStringImpl.h:
+        * wtf/text/WTFString.h:
+        (WTF::String::adopt):
+        (WTF::String::assertCaged const): Deleted.
+        (WTF::String::releaseAssertCaged const): Deleted.
+
 2018-05-03  Wenson Hsieh  <wenson_hsieh@apple.com>
 
         Ads in NYTimes app are shifted downwards by the scroll view's top content inset
index 9d62560..1a38f19 100644 (file)
@@ -21,7 +21,6 @@
 /* End PBXAggregateTarget section */
 
 /* Begin PBXBuildFile section */
-               0F0F526B1F421FF8004A452C /* StringMalloc.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F0F52691F421FF8004A452C /* StringMalloc.cpp */; };
                0F30BA901E78708E002CA847 /* GlobalVersion.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F30BA8A1E78708E002CA847 /* GlobalVersion.cpp */; };
                0F30CB5A1FCDF134004B5323 /* ConcurrentPtrHashSet.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F30CB581FCDF133004B5323 /* ConcurrentPtrHashSet.cpp */; };
                0F43D8F11DB5ADDC00108FB6 /* AutomaticThread.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F43D8EF1DB5ADDC00108FB6 /* AutomaticThread.cpp */; };
                077CD86A1FD9CFD200828587 /* Logger.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Logger.h; sourceTree = "<group>"; };
                077CD86B1FD9CFD300828587 /* LoggerHelper.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LoggerHelper.h; sourceTree = "<group>"; };
                0F0D85B317234CB100338210 /* NoLock.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = NoLock.h; sourceTree = "<group>"; };
-               0F0F52691F421FF8004A452C /* StringMalloc.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = StringMalloc.cpp; sourceTree = "<group>"; };
-               0F0F526A1F421FF8004A452C /* StringMalloc.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = StringMalloc.h; sourceTree = "<group>"; };
                0F0FCDDD1DD167F900CCAB53 /* LockAlgorithm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LockAlgorithm.h; sourceTree = "<group>"; };
                0F2AC5601E89F70C0001EE3F /* Range.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Range.h; sourceTree = "<group>"; };
                0F2AC5621E8A01490001EE3F /* IndexKeyType.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = IndexKeyType.h; sourceTree = "<group>"; };
                0F30CB581FCDF133004B5323 /* ConcurrentPtrHashSet.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ConcurrentPtrHashSet.cpp; sourceTree = "<group>"; };
                0F30CB591FCDF133004B5323 /* ConcurrentPtrHashSet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ConcurrentPtrHashSet.h; sourceTree = "<group>"; };
                0F31DD701F1308BC0072EB4A /* LockAlgorithmInlines.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = LockAlgorithmInlines.h; sourceTree = "<group>"; };
-               0F348C7D1F47AA9D003CFEF2 /* StringVector.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = StringVector.h; sourceTree = "<group>"; };
                0F3501631BB258C800F0A2A3 /* WeakRandom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakRandom.h; sourceTree = "<group>"; };
                0F43D8EF1DB5ADDC00108FB6 /* AutomaticThread.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AutomaticThread.cpp; sourceTree = "<group>"; };
                0F43D8F01DB5ADDC00108FB6 /* AutomaticThread.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AutomaticThread.h; sourceTree = "<group>"; };
                                933D63191FCB6AB90032ECD6 /* StringHasher.h */,
                                A8A47328151A825B004123FF /* StringImpl.cpp */,
                                A8A47329151A825B004123FF /* StringImpl.h */,
-                               0F0F52691F421FF8004A452C /* StringMalloc.cpp */,
-                               0F0F526A1F421FF8004A452C /* StringMalloc.h */,
                                A8A4732A151A825B004123FF /* StringOperators.h */,
-                               0F348C7D1F47AA9D003CFEF2 /* StringVector.h */,
                                93F1993D19D7958D00C2390B /* StringView.cpp */,
                                1A6EB1DF187D0BD30030126F /* StringView.h */,
                                F72BBDB107FA424886178B9E /* SymbolImpl.cpp */,
                                A5BA15FC182435A600A82E69 /* StringImplCF.cpp in Sources */,
                                A5BA15F51824348000A82E69 /* StringImplMac.mm in Sources */,
                                A5BA15F3182433A900A82E69 /* StringMac.mm in Sources */,
-                               0F0F526B1F421FF8004A452C /* StringMalloc.cpp in Sources */,
                                0FDDBFA71666DFA300C55FEF /* StringPrintStream.cpp in Sources */,
                                93F1993E19D7958D00C2390B /* StringView.cpp in Sources */,
                                93934BD518A1F16900D0D6A1 /* StringViewCF.cpp in Sources */,
index 7669c80..4890297 100644 (file)
@@ -296,9 +296,7 @@ set(WTF_PUBLIC_HEADERS
     text/StringHash.h
     text/StringHasher.h
     text/StringImpl.h
-    text/StringMalloc.h
     text/StringOperators.h
-    text/StringVector.h
     text/StringView.h
     text/SymbolImpl.h
     text/SymbolRegistry.h
@@ -415,7 +413,6 @@ set(WTF_SOURCES
     text/StringBuilder.cpp
     text/StringBuilderJSON.cpp
     text/StringImpl.cpp
-    text/StringMalloc.cpp
     text/StringView.cpp
     text/SymbolImpl.cpp
     text/SymbolRegistry.cpp
index 9d1cf0f..25e9c84 100644 (file)
@@ -120,7 +120,7 @@ public:
 private:
     friend class DequeIteratorBase<T, inlineCapacity>;
 
-    typedef VectorBuffer<T, inlineCapacity, FastMalloc> Buffer;
+    typedef VectorBuffer<T, inlineCapacity> Buffer;
     typedef VectorTypeOperations<T> TypeOperations;
     typedef DequeIteratorBase<T, inlineCapacity> IteratorBase;
 
index 1f43f90..81938fc 100644 (file)
@@ -67,7 +67,7 @@ template<typename> struct DefaultHash { using Hash = void; };
 template<typename> struct HashTraits;
 
 template<typename...> class Variant;
-template<typename, size_t = 0, typename = CrashOnOverflow, size_t = 16, typename = FastMalloc> class Vector;
+template<typename, size_t = 0, typename = CrashOnOverflow, size_t = 16> class Vector;
 template<typename Value, typename = typename DefaultHash<Value>::Hash, typename = HashTraits<Value>> class HashCountedSet;
 template<typename KeyArg, typename MappedArg, typename = typename DefaultHash<KeyArg>::Hash, typename = HashTraits<KeyArg>, typename = HashTraits<MappedArg>> class HashMap;
 template<typename ValueArg, typename = typename DefaultHash<ValueArg>::Hash, typename = HashTraits<ValueArg>> class HashSet;
index c18bee9..b8b8f12 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2017-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -42,13 +42,11 @@ namespace Gigacage {
 struct BasePtrs {
     void* primitive;
     void* jsValue;
-    void* string;
 };
 
 enum Kind {
     Primitive,
     JSValue,
-    String
 };
 
 inline void ensureGigacage() { }
@@ -71,8 +69,6 @@ ALWAYS_INLINE const char* name(Kind kind)
         return "Primitive";
     case JSValue:
         return "JSValue";
-    case String:
-        return "String";
     }
     RELEASE_ASSERT_NOT_REACHED();
     return nullptr;
@@ -85,8 +81,6 @@ ALWAYS_INLINE void*& basePtr(BasePtrs& basePtrs, Kind kind)
         return basePtrs.primitive;
     case JSValue:
         return basePtrs.jsValue;
-    case String:
-        return basePtrs.string;
     }
     RELEASE_ASSERT_NOT_REACHED();
     return basePtrs.primitive;
index f83af2e..cfcb6bb 100644 (file)
@@ -276,7 +276,7 @@ struct VectorTypeOperations
     }
 };
 
-template<typename T, typename Malloc>
+template<typename T>
 class VectorBufferBase {
     WTF_MAKE_NONCOPYABLE(VectorBufferBase);
 public:
@@ -287,7 +287,7 @@ public:
             CRASH();
         size_t sizeToAllocate = newCapacity * sizeof(T);
         m_capacity = sizeToAllocate / sizeof(T);
-        m_buffer = static_cast<T*>(Malloc::malloc(sizeToAllocate));
+        m_buffer = static_cast<T*>(fastMalloc(sizeToAllocate));
     }
 
     bool tryAllocateBuffer(size_t newCapacity)
@@ -297,12 +297,13 @@ public:
             return false;
 
         size_t sizeToAllocate = newCapacity * sizeof(T);
-        T* newBuffer = static_cast<T*>(Malloc::tryMalloc(sizeToAllocate));
-        if (!newBuffer)
-            return false;
-        m_capacity = sizeToAllocate / sizeof(T);
-        m_buffer = newBuffer;
-        return true;
+        T* newBuffer;
+        if (tryFastMalloc(sizeToAllocate).getValue(newBuffer)) {
+            m_capacity = sizeToAllocate / sizeof(T);
+            m_buffer = newBuffer;
+            return true;
+        }
+        return false;
     }
 
     bool shouldReallocateBuffer(size_t newCapacity) const
@@ -317,7 +318,7 @@ public:
             CRASH();
         size_t sizeToAllocate = newCapacity * sizeof(T);
         m_capacity = sizeToAllocate / sizeof(T);
-        m_buffer = static_cast<T*>(Malloc::realloc(m_buffer, sizeToAllocate));
+        m_buffer = static_cast<T*>(fastRealloc(m_buffer, sizeToAllocate));
     }
 
     void deallocateBuffer(T* bufferToDeallocate)
@@ -330,7 +331,7 @@ public:
             m_capacity = 0;
         }
 
-        Malloc::free(bufferToDeallocate);
+        fastFree(bufferToDeallocate);
     }
 
     T* buffer() { return m_buffer; }
@@ -371,13 +372,13 @@ protected:
     unsigned m_size; // Only used by the Vector subclass, but placed here to avoid padding the struct.
 };
 
-template<typename T, size_t inlineCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity>
 class VectorBuffer;
 
-template<typename T, typename Malloc>
-class VectorBuffer<T, 0, Malloc> : private VectorBufferBase<T, Malloc> {
+template<typename T>
+class VectorBuffer<T, 0> : private VectorBufferBase<T> {
 private:
-    typedef VectorBufferBase<T, Malloc> Base;
+    typedef VectorBufferBase<T> Base;
 public:
     VectorBuffer()
     {
@@ -397,7 +398,7 @@ public:
         deallocateBuffer(buffer());
     }
     
-    void swap(VectorBuffer<T, 0, Malloc>& other, size_t, size_t)
+    void swap(VectorBuffer<T, 0>& other, size_t, size_t)
     {
         std::swap(m_buffer, other.m_buffer);
         std::swap(m_capacity, other.m_capacity);
@@ -432,11 +433,11 @@ private:
     using Base::m_capacity;
 };
 
-template<typename T, size_t inlineCapacity, typename Malloc>
-class VectorBuffer : private VectorBufferBase<T, Malloc> {
+template<typename T, size_t inlineCapacity>
+class VectorBuffer : private VectorBufferBase<T> {
     WTF_MAKE_NONCOPYABLE(VectorBuffer);
 private:
-    typedef VectorBufferBase<T, Malloc> Base;
+    typedef VectorBufferBase<T> Base;
 public:
     VectorBuffer()
         : Base(inlineBuffer(), inlineCapacity, 0)
@@ -598,11 +599,11 @@ struct UnsafeVectorOverflow {
 };
 
 // Template default values are in Forward.h.
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-class Vector : private VectorBuffer<T, inlineCapacity, Malloc> {
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+class Vector : private VectorBuffer<T, inlineCapacity> {
     WTF_MAKE_FAST_ALLOCATED;
 private:
-    typedef VectorBuffer<T, inlineCapacity, Malloc> Base;
+    typedef VectorBuffer<T, inlineCapacity> Base;
     typedef VectorTypeOperations<T> TypeOperations;
 
 public:
@@ -669,12 +670,12 @@ public:
     }
 
     Vector(const Vector&);
-    template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity, typename OtherMalloc>
-    explicit Vector(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity, OtherMalloc>&);
+    template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity>
+    explicit Vector(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity>&);
 
     Vector& operator=(const Vector&);
-    template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity, typename OtherMalloc>
-    Vector& operator=(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity, OtherMalloc>&);
+    template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity>
+    Vector& operator=(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity>&);
 
     Vector(Vector&&);
     Vector& operator=(Vector&&);
@@ -864,8 +865,8 @@ private:
 #endif
 };
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::Vector(const Vector& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+Vector<T, inlineCapacity, OverflowHandler, minCapacity>::Vector(const Vector& other)
     : Base(other.capacity(), other.size())
 {
     asanSetInitialBufferSizeTo(other.size());
@@ -874,9 +875,9 @@ Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::Vector(const Ve
         TypeOperations::uninitializedCopy(other.begin(), other.end(), begin());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity, typename OtherMalloc>
-Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::Vector(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity, OtherMalloc>& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity>
+Vector<T, inlineCapacity, OverflowHandler, minCapacity>::Vector(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity>& other)
     : Base(other.capacity(), other.size())
 {
     asanSetInitialBufferSizeTo(other.size());
@@ -885,8 +886,8 @@ Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::Vector(const Ve
         TypeOperations::uninitializedCopy(other.begin(), other.end(), begin());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::operator=(const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+Vector<T, inlineCapacity, OverflowHandler, minCapacity>& Vector<T, inlineCapacity, OverflowHandler, minCapacity>::operator=(const Vector<T, inlineCapacity, OverflowHandler, minCapacity>& other)
 {
     if (&other == this)
         return *this;
@@ -910,9 +911,9 @@ Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& Vector<T, inlin
 
 inline bool typelessPointersAreEqual(const void* a, const void* b) { return a == b; }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity, typename OtherMalloc>
-Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::operator=(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity, OtherMalloc>& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+template<size_t otherCapacity, typename otherOverflowBehaviour, size_t otherMinimumCapacity>
+Vector<T, inlineCapacity, OverflowHandler, minCapacity>& Vector<T, inlineCapacity, OverflowHandler, minCapacity>::operator=(const Vector<T, otherCapacity, otherOverflowBehaviour, otherMinimumCapacity>& other)
 {
     // If the inline capacities match, we should call the more specific
     // template.  If the inline capacities don't match, the two objects
@@ -936,29 +937,29 @@ Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& Vector<T, inlin
     return *this;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::Vector(Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>&& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline Vector<T, inlineCapacity, OverflowHandler, minCapacity>::Vector(Vector<T, inlineCapacity, OverflowHandler, minCapacity>&& other)
 {
     swap(other);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::operator=(Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>&& other)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline Vector<T, inlineCapacity, OverflowHandler, minCapacity>& Vector<T, inlineCapacity, OverflowHandler, minCapacity>::operator=(Vector<T, inlineCapacity, OverflowHandler, minCapacity>&& other)
 {
     swap(other);
     return *this;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::contains(const U& value) const
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::contains(const U& value) const
 {
     return find(value) != notFound;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename MatchFunction>
-size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::findMatching(const MatchFunction& matches) const
+size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity>::findMatching(const MatchFunction& matches) const
 {
     for (size_t i = 0; i < size(); ++i) {
         if (matches(at(i)))
@@ -967,18 +968,18 @@ size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::findMatc
     return notFound;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::find(const U& value) const
+size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity>::find(const U& value) const
 {
     return findMatching([&](auto& item) {
         return item == value;
     });
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reverseFind(const U& value) const
+size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity>::reverseFind(const U& value) const
 {
     for (size_t i = 1; i <= size(); ++i) {
         const size_t index = size() - i;
@@ -988,9 +989,9 @@ size_t Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reverseF
     return notFound;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendIfNotContains(const U& value)
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::appendIfNotContains(const U& value)
 {
     if (contains(value))
         return false;
@@ -998,8 +999,8 @@ bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendIfNo
     return true;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::fill(const T& val, size_t newSize)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::fill(const T& val, size_t newSize)
 {
     if (size() > newSize)
         shrink(newSize);
@@ -1016,22 +1017,22 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::fill(const
     m_size = newSize;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename Iterator>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendRange(Iterator start, Iterator end)
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::appendRange(Iterator start, Iterator end)
 {
     for (Iterator it = start; it != end; ++it)
         append(*it);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::expandCapacity(size_t newMinCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::expandCapacity(size_t newMinCapacity)
 {
     reserveCapacity(std::max(newMinCapacity, std::max(static_cast<size_t>(minCapacity), capacity() + capacity() / 4 + 1)));
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-T* Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::expandCapacity(size_t newMinCapacity, T* ptr)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+T* Vector<T, inlineCapacity, OverflowHandler, minCapacity>::expandCapacity(size_t newMinCapacity, T* ptr)
 {
     if (ptr < begin() || ptr >= end()) {
         expandCapacity(newMinCapacity);
@@ -1042,14 +1043,14 @@ T* Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::expandCapaci
     return begin() + index;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryExpandCapacity(size_t newMinCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryExpandCapacity(size_t newMinCapacity)
 {
     return tryReserveCapacity(std::max(newMinCapacity, std::max(static_cast<size_t>(minCapacity), capacity() + capacity() / 4 + 1)));
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-const T* Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryExpandCapacity(size_t newMinCapacity, const T* ptr)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+const T* Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryExpandCapacity(size_t newMinCapacity, const T* ptr)
 {
     if (ptr < begin() || ptr >= end()) {
         if (!tryExpandCapacity(newMinCapacity))
@@ -1062,16 +1063,16 @@ const T* Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryExp
     return begin() + index;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-inline U* Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::expandCapacity(size_t newMinCapacity, U* ptr)
+inline U* Vector<T, inlineCapacity, OverflowHandler, minCapacity>::expandCapacity(size_t newMinCapacity, U* ptr)
 {
     expandCapacity(newMinCapacity);
     return ptr;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::resize(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::resize(size_t size)
 {
     if (size <= m_size) {
         TypeOperations::destruct(begin() + size, end());
@@ -1087,15 +1088,15 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::res
     m_size = size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::resizeToFit(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::resizeToFit(size_t size)
 {
     reserveCapacity(size);
     resize(size);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::shrink(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::shrink(size_t size)
 {
     ASSERT(size <= m_size);
     TypeOperations::destruct(begin() + size, end());
@@ -1103,8 +1104,8 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::shrink(siz
     m_size = size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::grow(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::grow(size_t size)
 {
     ASSERT(size >= m_size);
     if (size > capacity())
@@ -1115,8 +1116,8 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::grow(size_
     m_size = size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asanSetInitialBufferSizeTo(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::asanSetInitialBufferSizeTo(size_t size)
 {
 #if ASAN_ENABLED
     if (!buffer())
@@ -1131,8 +1132,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asa
 #endif
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asanSetBufferSizeToFullCapacity(size_t size)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::asanSetBufferSizeToFullCapacity(size_t size)
 {
 #if ASAN_ENABLED
     if (!buffer())
@@ -1145,8 +1146,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asa
 #endif
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asanBufferSizeWillChangeTo(size_t newSize)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::asanBufferSizeWillChangeTo(size_t newSize)
 {
 #if ASAN_ENABLED
     if (!buffer())
@@ -1159,8 +1160,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::asa
 #endif
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reserveCapacity(size_t newCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::reserveCapacity(size_t newCapacity)
 {
     if (newCapacity <= capacity())
         return;
@@ -1178,8 +1179,8 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reserveCap
     Base::deallocateBuffer(oldBuffer);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryReserveCapacity(size_t newCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryReserveCapacity(size_t newCapacity)
 {
     if (newCapacity <= capacity())
         return true;
@@ -1201,8 +1202,8 @@ bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryReserve
     return true;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reserveInitialCapacity(size_t initialCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::reserveInitialCapacity(size_t initialCapacity)
 {
     ASSERT(!m_size);
     ASSERT(capacity() == inlineCapacity);
@@ -1210,8 +1211,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::res
         Base::allocateBuffer(initialCapacity);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::shrinkCapacity(size_t newCapacity)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::shrinkCapacity(size_t newCapacity)
 {
     if (newCapacity >= capacity())
         return;
@@ -1241,9 +1242,9 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::shrinkCapa
     asanSetInitialBufferSizeTo(size());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::append(const U* data, size_t dataSize)
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::append(const U* data, size_t dataSize)
 {
     size_t newSize = m_size + dataSize;
     if (newSize > capacity()) {
@@ -1258,9 +1259,9 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::append(con
     m_size = newSize;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryAppend(const U* data, size_t dataSize)
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryAppend(const U* data, size_t dataSize)
 {
     size_t newSize = m_size + dataSize;
     if (newSize > capacity()) {
@@ -1278,9 +1279,9 @@ bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryAppend(
     return true;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::append(U&& value)
+ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::append(U&& value)
 {
     if (size() != capacity()) {
         asanBufferSizeWillChangeTo(m_size + 1);
@@ -1292,9 +1293,9 @@ ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mallo
     appendSlowCase(std::forward<U>(value));
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename... Args>
-ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::constructAndAppend(Args&&... args)
+ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::constructAndAppend(Args&&... args)
 {
     if (size() != capacity()) {
         asanBufferSizeWillChangeTo(m_size + 1);
@@ -1306,9 +1307,9 @@ ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mallo
     constructAndAppendSlowCase(std::forward<Args>(args)...);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename... Args>
-ALWAYS_INLINE bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryConstructAndAppend(Args&&... args)
+ALWAYS_INLINE bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryConstructAndAppend(Args&&... args)
 {
     if (size() != capacity()) {
         asanBufferSizeWillChangeTo(m_size + 1);
@@ -1320,9 +1321,9 @@ ALWAYS_INLINE bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mallo
     return tryConstructAndAppendSlowCase(std::forward<Args>(args)...);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendSlowCase(U&& value)
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::appendSlowCase(U&& value)
 {
     ASSERT(size() == capacity());
 
@@ -1335,9 +1336,9 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendSlow
     ++m_size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename... Args>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::constructAndAppendSlowCase(Args&&... args)
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::constructAndAppendSlowCase(Args&&... args)
 {
     ASSERT(size() == capacity());
 
@@ -1349,9 +1350,9 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::constructA
     ++m_size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename... Args>
-bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryConstructAndAppendSlowCase(Args&&... args)
+bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::tryConstructAndAppendSlowCase(Args&&... args)
 {
     ASSERT(size() == capacity());
     
@@ -1368,9 +1369,9 @@ bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::tryConstru
 // This version of append saves a branch in the case where you know that the
 // vector's capacity is large enough for the append to succeed.
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::uncheckedAppend(U&& value)
+ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::uncheckedAppend(U&& value)
 {
     ASSERT(size() < capacity());
 
@@ -1380,16 +1381,16 @@ ALWAYS_INLINE void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mallo
     ++m_size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U, size_t otherCapacity>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::appendVector(const Vector<U, otherCapacity>& val)
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::appendVector(const Vector<U, otherCapacity>& val)
 {
     append(val.begin(), val.size());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::insert(size_t position, const U* data, size_t dataSize)
+void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::insert(size_t position, const U* data, size_t dataSize)
 {
     ASSERT_WITH_SECURITY_IMPLICATION(position <= size());
     size_t newSize = m_size + dataSize;
@@ -1406,9 +1407,9 @@ void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::insert(siz
     m_size = newSize;
 }
  
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::insert(size_t position, U&& value)
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::insert(size_t position, U&& value)
 {
     ASSERT_WITH_SECURITY_IMPLICATION(position <= size());
 
@@ -1426,15 +1427,15 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::ins
     ++m_size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U, size_t c>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::insertVector(size_t position, const Vector<U, c>& val)
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::insertVector(size_t position, const Vector<U, c>& val)
 {
     insert(position, val.begin(), val.size());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::remove(size_t position)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::remove(size_t position)
 {
     ASSERT_WITH_SECURITY_IMPLICATION(position < size());
     T* spot = begin() + position;
@@ -1444,8 +1445,8 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::rem
     --m_size;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::remove(size_t position, size_t length)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::remove(size_t position, size_t length)
 {
     ASSERT_WITH_SECURITY_IMPLICATION(position <= size());
     ASSERT_WITH_SECURITY_IMPLICATION(position + length <= size());
@@ -1457,18 +1458,18 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::rem
     m_size -= length;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-inline bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::removeFirst(const U& value)
+inline bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::removeFirst(const U& value)
 {
     return removeFirstMatching([&value] (const T& current) {
         return current == value;
     });
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename MatchFunction>
-inline bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::removeFirstMatching(const MatchFunction& matches, size_t startIndex)
+inline bool Vector<T, inlineCapacity, OverflowHandler, minCapacity>::removeFirstMatching(const MatchFunction& matches, size_t startIndex)
 {
     for (size_t i = startIndex; i < size(); ++i) {
         if (matches(at(i))) {
@@ -1479,18 +1480,18 @@ inline bool Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::rem
     return false;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename U>
-inline unsigned Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::removeAll(const U& value)
+inline unsigned Vector<T, inlineCapacity, OverflowHandler, minCapacity>::removeAll(const U& value)
 {
     return removeAllMatching([&value] (const T& current) {
         return current == value;
     });
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename MatchFunction>
-inline unsigned Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::removeAllMatching(const MatchFunction& matches, size_t startIndex)
+inline unsigned Vector<T, inlineCapacity, OverflowHandler, minCapacity>::removeAllMatching(const MatchFunction& matches, size_t startIndex)
 {
     iterator holeBegin = end();
     iterator holeEnd = end();
@@ -1515,16 +1516,16 @@ inline unsigned Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>:
     return matchCount;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::reverse()
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::reverse()
 {
     for (size_t i = 0; i < m_size / 2; ++i)
         std::swap(at(i), at(m_size - 1 - i));
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
 template<typename MapFunction, typename R>
-inline Vector<R> Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::map(MapFunction mapFunction) const
+inline Vector<R> Vector<T, inlineCapacity, OverflowHandler, minCapacity>::map(MapFunction mapFunction) const
 {
     Vector<R> result;
     result.reserveInitialCapacity(size());
@@ -1533,8 +1534,8 @@ inline Vector<R> Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>
     return result;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline MallocPtr<T> Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::releaseBuffer()
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline MallocPtr<T> Vector<T, inlineCapacity, OverflowHandler, minCapacity>::releaseBuffer()
 {
     // FIXME: Find a way to preserve annotations on the returned buffer.
     // ASan requires that all annotations are removed before deallocation,
@@ -1547,7 +1548,7 @@ inline MallocPtr<T> Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mall
         // that means it was using the inline buffer. In that case,
         // we create a brand new buffer so the caller always gets one.
         size_t bytes = m_size * sizeof(T);
-        buffer = adoptMallocPtr(static_cast<T*>(Malloc::malloc(bytes)));
+        buffer = adoptMallocPtr(static_cast<T*>(fastMalloc(bytes)));
         memcpy(buffer.get(), data(), bytes);
     }
     m_size = 0;
@@ -1555,8 +1556,8 @@ inline MallocPtr<T> Vector<T, inlineCapacity, OverflowHandler, minCapacity, Mall
     return buffer;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::checkConsistency()
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity>::checkConsistency()
 {
 #if !ASSERT_DISABLED
     for (size_t i = 0; i < size(); ++i)
@@ -1564,14 +1565,14 @@ inline void Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>::che
 #endif
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline void swap(Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& a, Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& b)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline void swap(Vector<T, inlineCapacity, OverflowHandler, minCapacity>& a, Vector<T, inlineCapacity, OverflowHandler, minCapacity>& b)
 {
     a.swap(b);
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-bool operator==(const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& a, const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& b)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+bool operator==(const Vector<T, inlineCapacity, OverflowHandler, minCapacity>& a, const Vector<T, inlineCapacity, OverflowHandler, minCapacity>& b)
 {
     if (a.size() != b.size())
         return false;
@@ -1579,8 +1580,8 @@ bool operator==(const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Ma
     return VectorTypeOperations<T>::compare(a.data(), b.data(), a.size());
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-inline bool operator!=(const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& a, const Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& b)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+inline bool operator!=(const Vector<T, inlineCapacity, OverflowHandler, minCapacity>& a, const Vector<T, inlineCapacity, OverflowHandler, minCapacity>& b)
 {
     return !(a == b);
 }
@@ -1604,8 +1605,8 @@ size_t removeRepeatedElements(VectorType& vector, const Func& func)
     return newSize;
 }
 
-template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity, typename Malloc>
-size_t removeRepeatedElements(Vector<T, inlineCapacity, OverflowHandler, minCapacity, Malloc>& vector)
+template<typename T, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
+size_t removeRepeatedElements(Vector<T, inlineCapacity, OverflowHandler, minCapacity>& vector)
 {
     return removeRepeatedElements(vector, [] (T& a, T& b) { return a == b; });
 }
index 52c68a3..a2c725d 100644 (file)
@@ -104,7 +104,7 @@ private:
 #if !ASSERT_DISABLED
 // AtomicStringImpls created from StaticStringImpl will ASSERT
 // in the generic ValueCheck<T>::checkConsistency
-// as they are not allocated by StringMalloc.
+// as they are not allocated by fastMalloc.
 // We don't currently have any way to detect that case
 // so we ignore the consistency check for all AtomicStringImpls*.
 template<> struct
index 181b110..07ae161 100644 (file)
@@ -29,7 +29,6 @@
 
 #include <string.h>
 #include <wtf/text/StringHasher.h>
-#include <wtf/text/StringMalloc.h>
 
 namespace WTF {
 
@@ -39,7 +38,7 @@ Ref<CStringBuffer> CStringBuffer::createUninitialized(size_t length)
 
     // The +1 is for the terminating null character.
     size_t size = sizeof(CStringBuffer) + length + 1;
-    CStringBuffer* stringBuffer = static_cast<CStringBuffer*>(stringMalloc(size));
+    CStringBuffer* stringBuffer = static_cast<CStringBuffer*>(fastMalloc(size));
     return adoptRef(*new (NotNull, stringBuffer) CStringBuffer(length));
 }
 
index bd16f6d..34793a4 100644 (file)
 #include <wtf/HashTraits.h>
 #include <wtf/Ref.h>
 #include <wtf/RefCounted.h>
-#include <wtf/text/StringMalloc.h>
 
 namespace WTF {
 
 // CStringBuffer is the ref-counted storage class for the characters in a CString.
 // The data is implicitly allocated 1 character longer than length(), as it is zero-terminated.
 class CStringBuffer : public RefCounted<CStringBuffer> {
-    WTF_MAKE_STRING_ALLOCATED;
 public:
     const char* data() { return mutableData(); }
     size_t length() const { return m_length; }
index 57a1ea2..f293d33 100644 (file)
@@ -30,7 +30,6 @@
 #define StringBuffer_h
 
 #include <wtf/Assertions.h>
-#include <wtf/text/StringMalloc.h>
 #include <limits>
 #include <unicode/utypes.h>
 
@@ -42,13 +41,13 @@ class StringBuffer {
 public:
     explicit StringBuffer(unsigned length)
         : m_length(length)
-        , m_data(m_length ? static_cast<CharType*>(stringMalloc((Checked<size_t>(m_length) * sizeof(CharType)).unsafeGet())) : nullptr)
+        , m_data(m_length ? static_cast<CharType*>(fastMalloc((Checked<size_t>(m_length) * sizeof(CharType)).unsafeGet())) : nullptr)
     {
     }
 
     ~StringBuffer()
     {
-        stringFree(m_data);
+        fastFree(m_data);
     }
 
     void shrink(unsigned newLength)
@@ -62,7 +61,7 @@ public:
         if (newLength > m_length) {
             if (newLength > std::numeric_limits<unsigned>::max() / sizeof(UChar))
                 CRASH();
-            m_data = static_cast<UChar*>(stringRealloc(m_data, newLength * sizeof(UChar)));
+            m_data = static_cast<UChar*>(fastRealloc(m_data, newLength * sizeof(UChar)));
         }
         m_length = newLength;
     }
index 774876b..dfe1d2c 100644 (file)
 #include "AtomicString.h"
 #include "StringBuffer.h"
 #include "StringHash.h"
-#include <wtf/Gigacage.h>
 #include <wtf/ProcessID.h>
 #include <wtf/StdLibExtras.h>
 #include <wtf/text/CString.h>
-#include <wtf/text/StringMalloc.h>
 #include <wtf/text/StringView.h>
 #include <wtf/text/SymbolImpl.h>
 #include <wtf/text/SymbolRegistry.h>
@@ -131,7 +129,7 @@ StringImpl::~StringImpl()
     if (ownership == BufferOwned) {
         // We use m_data8, but since it is a union with m_data16 this works either way.
         ASSERT(m_data8);
-        stringFree(const_cast<LChar*>(m_data8));
+        fastFree(const_cast<LChar*>(m_data8));
         return;
     }
 
@@ -143,7 +141,7 @@ StringImpl::~StringImpl()
 void StringImpl::destroy(StringImpl* stringImpl)
 {
     stringImpl->~StringImpl();
-    stringFree(stringImpl);
+    fastFree(stringImpl);
 }
 
 Ref<StringImpl> StringImpl::createFromLiteral(const char* characters, unsigned length)
@@ -190,7 +188,7 @@ template<typename CharacterType> inline Ref<StringImpl> StringImpl::createUninit
     // heap allocation from this call.
     if (length > ((std::numeric_limits<unsigned>::max() - sizeof(StringImpl)) / sizeof(CharacterType)))
         CRASH();
-    StringImpl* string = static_cast<StringImpl*>(stringMalloc(allocationSize<CharacterType>(length)));
+    StringImpl* string = static_cast<StringImpl*>(fastMalloc(allocationSize<CharacterType>(length)));
 
     data = string->tailPointer<CharacterType>();
     return constructInternal<CharacterType>(*string, length);
@@ -216,12 +214,12 @@ template<typename CharacterType> inline Ref<StringImpl> StringImpl::reallocateIn
         return *empty();
     }
 
-    // Same as createUninitialized() except here we use stringRealloc.
+    // Same as createUninitialized() except here we use fastRealloc.
     if (length > ((std::numeric_limits<unsigned>::max() - sizeof(StringImpl)) / sizeof(CharacterType)))
         CRASH();
 
     originalString->~StringImpl();
-    auto* string = static_cast<StringImpl*>(stringRealloc(&originalString.leakRef(), allocationSize<CharacterType>(length)));
+    auto* string = static_cast<StringImpl*>(fastRealloc(&originalString.leakRef(), allocationSize<CharacterType>(length)));
 
     data = string->tailPointer<CharacterType>();
     return constructInternal<CharacterType>(*string, length);
@@ -1885,14 +1883,4 @@ bool equalIgnoringNullity(const UChar* a, size_t aLength, StringImpl* b)
     return !memcmp(a, b->characters16(), b->length() * sizeof(UChar));
 }
 
-void StringImpl::releaseAssertCaged() const
-{
-    if (isStatic())
-        return;
-    RELEASE_ASSERT(!GIGACAGE_ENABLED || Gigacage::isCaged(Gigacage::String, this));
-    if (bufferOwnership() != BufferOwned)
-        return;
-    RELEASE_ASSERT(!GIGACAGE_ENABLED || Gigacage::isCaged(Gigacage::String, m_data8));
-}
-
 } // namespace WTF
index 616da25..af4ce6b 100644 (file)
@@ -34,7 +34,6 @@
 #include <wtf/text/ConversionMode.h>
 #include <wtf/text/StringCommon.h>
 #include <wtf/text/StringHasher.h>
-#include <wtf/text/StringVector.h>
 
 #if USE(CF)
 typedef const struct __CFString * CFStringRef;
@@ -157,7 +156,7 @@ protected:
 // Right now we use a mix of both, which makes code more confusing and has no benefit.
 
 class StringImpl : private StringImplShape {
-    WTF_MAKE_NONCOPYABLE(StringImpl); WTF_MAKE_STRING_ALLOCATED;
+    WTF_MAKE_NONCOPYABLE(StringImpl); WTF_MAKE_FAST_ALLOCATED;
 
     friend class AtomicStringImpl;
     friend class JSC::LLInt::Data;
@@ -257,7 +256,7 @@ public:
     static unsigned dataOffset() { return OBJECT_OFFSETOF(StringImpl, m_data8); }
 
     template<typename CharacterType, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
-    static Ref<StringImpl> adopt(StringVector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&&);
+    static Ref<StringImpl> adopt(Vector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&&);
 
     WTF_EXPORT_PRIVATE static Ref<StringImpl> adopt(StringBuffer<UChar>&&);
     WTF_EXPORT_PRIVATE static Ref<StringImpl> adopt(StringBuffer<LChar>&&);
@@ -470,9 +469,6 @@ public:
 
     BufferOwnership bufferOwnership() const { return static_cast<BufferOwnership>(m_hashAndFlags & s_hashMaskBufferOwnership); }
     
-    void assertCaged() const;
-    WTF_EXPORT_PRIVATE void releaseAssertCaged() const;
-
 protected:
     ~StringImpl();
 
@@ -526,7 +522,7 @@ static_assert(sizeof(StringImpl) == sizeof(StaticStringImpl), "");
 #if !ASSERT_DISABLED
 
 // StringImpls created from StaticStringImpl will ASSERT in the generic ValueCheck<T>::checkConsistency
-// as they are not allocated by stringMalloc. We don't currently have any way to detect that case
+// as they are not allocated by fastMalloc. We don't currently have any way to detect that case
 // so we ignore the consistency check for all StringImpl*.
 template<> struct ValueCheck<StringImpl*> {
     static void checkConsistency(const StringImpl*) { }
@@ -924,7 +920,7 @@ ALWAYS_INLINE Ref<StringImpl> StringImpl::createSubstringSharingImpl(StringImpl&
     auto* ownerRep = ((rep.bufferOwnership() == BufferSubstring) ? rep.substringBuffer() : &rep);
 
     // We allocate a buffer that contains both the StringImpl struct as well as the pointer to the owner string.
-    auto* stringImpl = static_cast<StringImpl*>(stringMalloc(allocationSize<StringImpl*>(1)));
+    auto* stringImpl = static_cast<StringImpl*>(fastMalloc(allocationSize<StringImpl*>(1)));
     if (rep.is8Bit())
         return adoptRef(*new (NotNull, stringImpl) StringImpl(rep.m_data8 + offset, length, *ownerRep));
     return adoptRef(*new (NotNull, stringImpl) StringImpl(rep.m_data16 + offset, length, *ownerRep));
@@ -949,8 +945,8 @@ template<typename CharacterType> ALWAYS_INLINE RefPtr<StringImpl> StringImpl::tr
         output = nullptr;
         return nullptr;
     }
-    auto* result = static_cast<StringImpl*>(tryStringMalloc(allocationSize<CharacterType>(length)));
-    if (!result) {
+    StringImpl* result;
+    if (!tryFastMalloc(allocationSize<CharacterType>(length)).getValue(result)) {
         output = nullptr;
         return nullptr;
     }
@@ -960,7 +956,7 @@ template<typename CharacterType> ALWAYS_INLINE RefPtr<StringImpl> StringImpl::tr
 }
 
 template<typename CharacterType, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
-inline Ref<StringImpl> StringImpl::adopt(StringVector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&& vector)
+inline Ref<StringImpl> StringImpl::adopt(Vector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&& vector)
 {
     if (size_t size = vector.size()) {
         ASSERT(vector.data());
@@ -1074,12 +1070,6 @@ inline UChar StringImpl::at(unsigned i) const
     return is8Bit() ? m_data8[i] : m_data16[i];
 }
 
-inline void StringImpl::assertCaged() const
-{
-    if (!ASSERT_DISABLED)
-        releaseAssertCaged();
-}
-
 inline StringImpl::StringImpl(CreateSymbolTag, const LChar* characters, unsigned length)
     : StringImplShape(s_refCountIncrement, length, characters, s_hashFlag8BitBuffer | StringSymbol | BufferSubstring)
 {
diff --git a/Source/WTF/wtf/text/StringMalloc.cpp b/Source/WTF/wtf/text/StringMalloc.cpp
deleted file mode 100644 (file)
index b64a32d..0000000
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright (C) 2017 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
- */
-
-#include "config.h"
-#include "StringMalloc.h"
-
-#include <wtf/DataLog.h>
-#include <wtf/FastMalloc.h>
-#include <wtf/Gigacage.h>
-#include <wtf/RawPointer.h>
-
-#if !(defined(USE_SYSTEM_MALLOC) && USE_SYSTEM_MALLOC)
-#include <bmalloc/bmalloc.h>
-#endif
-
-namespace WTF {
-
-#if defined(USE_SYSTEM_MALLOC) && USE_SYSTEM_MALLOC
-void* tryStringMalloc(size_t size)
-{
-    return FastMalloc::tryMalloc(size);
-}
-
-void* stringMalloc(size_t size)
-{
-    return fastMalloc(size);
-}
-
-void* stringRealloc(void* p, size_t size)
-{
-    return fastRealloc(p, size);
-}
-
-void stringFree(void* p)
-{
-    return fastFree(p);
-}
-#else
-void* tryStringMalloc(size_t size)
-{
-    return bmalloc::api::tryMalloc(size, bmalloc::HeapKind::StringGigacage);
-}
-
-void* stringMalloc(size_t size)
-{
-    return bmalloc::api::malloc(size, bmalloc::HeapKind::StringGigacage);
-}
-
-void* stringRealloc(void* p, size_t size)
-{
-    return bmalloc::api::realloc(p, size, bmalloc::HeapKind::StringGigacage);
-}
-
-void stringFree(void* p)
-{
-    if (!p)
-        return;
-    if (UNLIKELY(!Gigacage::isCaged(Gigacage::String, p))) {
-        dataLog("Trying to free string that is not caged: ", RawPointer(p), "\n");
-        RELEASE_ASSERT_NOT_REACHED();
-    }
-    bmalloc::api::free(p, bmalloc::HeapKind::StringGigacage);
-}
-#endif
-
-} // namespace WTF
-
diff --git a/Source/WTF/wtf/text/StringMalloc.h b/Source/WTF/wtf/text/StringMalloc.h
deleted file mode 100644 (file)
index b6b6ad2..0000000
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Copyright (C) 2017 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
- */
-
-#pragma once
-
-#include <wtf/FastMalloc.h>
-
-namespace WTF {
-
-WTF_EXPORT_PRIVATE void* tryStringMalloc(size_t);
-WTF_EXPORT_PRIVATE void* stringMalloc(size_t);
-WTF_EXPORT_PRIVATE void* stringRealloc(void*, size_t);
-WTF_EXPORT_PRIVATE void stringFree(void*);
-
-#define WTF_MAKE_STRING_ALLOCATED \
-public: \
-    void* operator new(size_t, void* p) { return p; } \
-    void* operator new[](size_t, void* p) { return p; } \
-    \
-    void* operator new(size_t size) \
-    { \
-        return ::WTF::stringMalloc(size); \
-    } \
-    \
-    void operator delete(void* p) \
-    { \
-        ::WTF::stringFree(p); \
-    } \
-    \
-    void* operator new[](size_t size) \
-    { \
-        return ::WTF::stringMalloc(size); \
-    } \
-    \
-    void operator delete[](void* p) \
-    { \
-        ::WTF::stringFree(p); \
-    } \
-    void* operator new(size_t, NotNullTag, void* location) \
-    { \
-        ASSERT(location); \
-        return location; \
-    } \
-private: \
-typedef int __thisIsHereToForceASemicolonAfterThisMacro
-
-
-struct StringMalloc {
-    static void* malloc(size_t size) { return stringMalloc(size); }
-    static void* tryMalloc(size_t size) { return tryStringMalloc(size); }
-    static void* realloc(void* p, size_t size) { return stringRealloc(p, size); }
-    static void free(void* p) { stringFree(p); }
-};
-
-} // namespace WTF
-
-using WTF::StringMalloc;
-using WTF::stringMalloc;
-using WTF::stringRealloc;
-using WTF::stringFree;
-using WTF::tryStringMalloc;
diff --git a/Source/WTF/wtf/text/StringVector.h b/Source/WTF/wtf/text/StringVector.h
deleted file mode 100644 (file)
index d7b23f9..0000000
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright (C) 2017 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
- */
-
-#pragma once
-
-#include <wtf/Forward.h>
-#include <wtf/text/StringMalloc.h>
-
-namespace WTF {
-
-template<typename T, size_t inlineCapacity = 0, typename OverflowHandler = CrashOnOverflow, size_t minCapacity = 16> using StringVector = Vector<T, inlineCapacity, OverflowHandler, minCapacity, StringMalloc>;
-
-} // namespace WTF
-
-using WTF::StringVector;
index 25455c4..42ff036 100644 (file)
@@ -202,7 +202,7 @@ inline RegisteredSymbolImpl* SymbolImpl::asRegisteredSymbolImpl()
 #if !ASSERT_DISABLED
 // SymbolImpls created from StaticStringImpl will ASSERT
 // in the generic ValueCheck<T>::checkConsistency
-// as they are not allocated by stringMalloc.
+// as they are not allocated by fastMalloc.
 // We don't currently have any way to detect that case
 // so we ignore the consistency check for all SymbolImpls*.
 template<> struct
index cdd0343..09aba85 100644 (file)
@@ -44,7 +44,7 @@ protected:
 #if !ASSERT_DISABLED
 // UniquedStringImpls created from StaticStringImpl will ASSERT
 // in the generic ValueCheck<T>::checkConsistency
-// as they are not allocated by stringMalloc.
+// as they are not allocated by fastMalloc.
 // We don't currently have any way to detect that case
 // so we ignore the consistency check for all UniquedStringImpls*.
 template<> struct
index b726608..a3e91d9 100644 (file)
@@ -140,7 +140,7 @@ public:
     static String adopt(StringBuffer<LChar>&& buffer) { return StringImpl::adopt(WTFMove(buffer)); }
     static String adopt(StringBuffer<UChar>&& buffer) { return StringImpl::adopt(WTFMove(buffer)); }
     template<typename CharacterType, size_t inlineCapacity, typename OverflowHandler, size_t minCapacity>
-    static String adopt(StringVector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&& vector) { return StringImpl::adopt(WTFMove(vector)); }
+    static String adopt(Vector<CharacterType, inlineCapacity, OverflowHandler, minCapacity>&& vector) { return StringImpl::adopt(WTFMove(vector)); }
 
     bool isNull() const { return !m_impl; }
     bool isEmpty() const { return !m_impl || m_impl->isEmpty(); }
@@ -364,9 +364,6 @@ public:
     // This is useful for clearing String-based caches.
     void clearImplIfNotShared();
 
-    void assertCaged() const;
-    void releaseAssertCaged() const;
-
 private:
     template<typename CharacterType> void removeInternal(const CharacterType*, unsigned, unsigned);
     template<typename CharacterType> void appendInternal(CharacterType);
@@ -572,18 +569,6 @@ inline void String::clearImplIfNotShared()
         m_impl = nullptr;
 }
 
-inline void String::assertCaged() const
-{
-    if (m_impl)
-        m_impl->assertCaged();
-}
-
-inline void String::releaseAssertCaged() const
-{
-    if (m_impl)
-        m_impl->releaseAssertCaged();
-}
-
 #ifdef __OBJC__
 
 inline String::operator NSString *() const
index 86306f2..beade0f 100644 (file)
@@ -1,3 +1,40 @@
+2018-05-03  Filip Pizlo  <fpizlo@apple.com>
+
+        Strings should not be allocated in a gigacage
+        https://bugs.webkit.org/show_bug.cgi?id=185218
+
+        Reviewed by Saam Barati.
+
+        No new tests because no new behavior.
+
+        * Modules/indexeddb/server/IDBSerialization.cpp:
+        (WebCore::decodeKey):
+        * bindings/js/SerializedScriptValue.cpp:
+        (WebCore::CloneDeserializer::readString):
+        * html/canvas/CanvasRenderingContext2D.cpp:
+        (WebCore::normalizeSpaces):
+        * html/parser/HTMLTreeBuilder.cpp:
+        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
+        * platform/URLParser.cpp:
+        (WebCore::percentEncodeByte):
+        (WebCore::serializeURLEncodedForm):
+        (WebCore::URLParser::serialize):
+        * platform/URLParser.h:
+        * platform/graphics/FourCC.cpp:
+        (WebCore::FourCC::toString const):
+        * platform/graphics/ca/GraphicsLayerCA.cpp:
+        (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
+        * platform/text/LocaleICU.cpp:
+        (WebCore::LocaleICU::decimalSymbol):
+        (WebCore::LocaleICU::decimalTextAttribute):
+        (WebCore::getDateFormatPattern):
+        (WebCore::LocaleICU::createLabelVector):
+        (WebCore::getFormatForSkeleton):
+        * platform/win/FileSystemWin.cpp:
+        (WebCore::FileSystem::getFinalPathName):
+        (WebCore::FileSystem::pathByAppendingComponent):
+        (WebCore::FileSystem::storageDirectory):
+
 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
 
         Widgets should hold a WeakPtr to their parents
index 915ef3f..98d09be 100644 (file)
@@ -326,7 +326,7 @@ static bool decodeKey(const uint8_t*& data, const uint8_t* end, IDBKeyData& resu
         if (static_cast<uint64_t>(end - data) < length * 2)
             return false;
 
-        StringVector<UChar> buffer;
+        Vector<UChar> buffer;
         buffer.reserveInitialCapacity(length);
         for (size_t i = 0; i < length; i++) {
             uint16_t ch;
index bb132fd..b018081 100644 (file)
@@ -1943,7 +1943,7 @@ private:
         str = String(reinterpret_cast<const UChar*>(ptr), length);
         ptr += length * sizeof(UChar);
 #else
-        StringVector<UChar> buffer;
+        Vector<UChar> buffer;
         buffer.reserveCapacity(length);
         for (unsigned i = 0; i < length; i++) {
             uint16_t ch;
index c27af23..77635a6 100644 (file)
@@ -349,7 +349,7 @@ static void normalizeSpaces(String& text)
         return;
 
     unsigned textLength = text.length();
-    StringVector<UChar> charVector(textLength);
+    Vector<UChar> charVector(textLength);
     StringView(text).getCharactersWithUpconvert(charVector.data());
 
     charVector[i++] = ' ';
index b10a4c4..603fc57 100644 (file)
@@ -203,7 +203,7 @@ public:
     String takeRemainingWhitespace()
     {
         ASSERT(!isEmpty());
-        StringVector<LChar, 8> whitespace;
+        Vector<LChar, 8> whitespace;
         do {
             UChar character = m_text[0];
             if (isHTMLSpace(character))
index 449f3e6..44ad4ec 100644 (file)
@@ -538,7 +538,7 @@ bool URLParser::shouldCopyFileURL(CodePointIterator<CharacterType> iterator)
     return !isSlashQuestionOrHash(*iterator);
 }
 
-static void percentEncodeByte(uint8_t byte, StringVector<LChar>& buffer)
+static void percentEncodeByte(uint8_t byte, Vector<LChar>& buffer)
 {
     buffer.append('%');
     buffer.append(upperNibbleToASCIIHexDigit(byte));
@@ -2814,7 +2814,7 @@ auto URLParser::parseURLEncodedForm(StringView input) -> URLEncodedForm
     return output;
 }
 
-static void serializeURLEncodedForm(const String& input, StringVector<LChar>& output)
+static void serializeURLEncodedForm(const String& input, Vector<LChar>& output)
 {
     auto utf8 = input.utf8(StrictConversion);
     const char* data = utf8.data();
@@ -2840,7 +2840,7 @@ String URLParser::serialize(const URLEncodedForm& tuples)
     if (tuples.isEmpty())
         return { };
 
-    StringVector<LChar> output;
+    Vector<LChar> output;
     for (auto& tuple : tuples) {
         if (!output.isEmpty())
             output.append('&');
index 6023bb6..5534de2 100644 (file)
@@ -59,7 +59,7 @@ private:
     friend std::optional<uint16_t> defaultPortForProtocol(StringView);
 
     URL m_url;
-    StringVector<LChar> m_asciiBuffer;
+    Vector<LChar> m_asciiBuffer;
     bool m_urlIsSpecial { false };
     bool m_urlIsFile { false };
     bool m_hostHasPercentOrNonASCII { false };
index 98a20dc..d9a8962 100644 (file)
@@ -42,7 +42,7 @@ std::optional<FourCC> FourCC::fromString(const String& stringValue)
 
 String FourCC::toString() const
 {
-    StringVector<LChar, 4> data = {
+    Vector<LChar, 4> data = {
         LChar(value >> 24),
         LChar((value >> 16) & 0xFF),
         LChar((value >> 8) & 0xFF),
index 121001a..2b35a97 100644 (file)
@@ -2747,7 +2747,7 @@ GraphicsLayerCA::CloneID GraphicsLayerCA::ReplicaState::cloneID() const
     const size_t bitsPerUChar = sizeof(UChar) * 8;
     size_t vectorSize = (depth + bitsPerUChar - 1) / bitsPerUChar;
     
-    StringVector<UChar> result(vectorSize);
+    Vector<UChar> result(vectorSize);
     result.fill(0);
 
     // Create a string from the bit sequence which we can use to identify the clone.
index 44ba325..dee15a1 100644 (file)
@@ -73,7 +73,7 @@ String LocaleICU::decimalSymbol(UNumberFormatSymbol symbol)
     ASSERT(U_SUCCESS(status) || status == U_BUFFER_OVERFLOW_ERROR);
     if (U_FAILURE(status) && status != U_BUFFER_OVERFLOW_ERROR)
         return String();
-    StringVector<UChar> buffer(bufferLength);
+    Vector<UChar> buffer(bufferLength);
     status = U_ZERO_ERROR;
     unum_getSymbol(m_numberFormat, symbol, buffer.data(), bufferLength, &status);
     if (U_FAILURE(status))
@@ -88,7 +88,7 @@ String LocaleICU::decimalTextAttribute(UNumberFormatTextAttribute tag)
     ASSERT(U_SUCCESS(status) || status == U_BUFFER_OVERFLOW_ERROR);
     if (U_FAILURE(status) && status != U_BUFFER_OVERFLOW_ERROR)
         return String();
-    StringVector<UChar> buffer(bufferLength);
+    Vector<UChar> buffer(bufferLength);
     status = U_ZERO_ERROR;
     unum_getTextAttribute(m_numberFormat, tag, buffer.data(), bufferLength, &status);
     ASSERT(U_SUCCESS(status));
@@ -153,7 +153,7 @@ static String getDateFormatPattern(const UDateFormat* dateFormat)
     int32_t length = udat_toPattern(dateFormat, TRUE, 0, 0, &status);
     if (status != U_BUFFER_OVERFLOW_ERROR || !length)
         return emptyString();
-    StringVector<UChar> buffer(length);
+    Vector<UChar> buffer(length);
     status = U_ZERO_ERROR;
     udat_toPattern(dateFormat, TRUE, buffer.data(), length, &status);
     if (U_FAILURE(status))
@@ -175,7 +175,7 @@ std::unique_ptr<Vector<String>> LocaleICU::createLabelVector(const UDateFormat*
         int32_t length = udat_getSymbols(dateFormat, type, startIndex + i, 0, 0, &status);
         if (status != U_BUFFER_OVERFLOW_ERROR)
             return std::make_unique<Vector<String>>();
-        StringVector<UChar> buffer(length);
+        Vector<UChar> buffer(length);
         status = U_ZERO_ERROR;
         udat_getSymbols(dateFormat, type, startIndex + i, buffer.data(), length, &status);
         if (U_FAILURE(status))
@@ -266,7 +266,7 @@ static String getFormatForSkeleton(const char* locale, const UChar* skeleton, in
     status = U_ZERO_ERROR;
     int32_t length = udatpg_getBestPattern(patternGenerator, skeleton, skeletonLength, 0, 0, &status);
     if (status == U_BUFFER_OVERFLOW_ERROR && length) {
-        StringVector<UChar> buffer(length);
+        Vector<UChar> buffer(length);
         status = U_ZERO_ERROR;
         udatpg_getBestPattern(patternGenerator, skeleton, skeletonLength, buffer.data(), length, &status);
         if (U_SUCCESS(status))
index d86a3f3..66c8334 100644 (file)
@@ -150,7 +150,7 @@ static String getFinalPathName(const String& path)
     if (!isHandleValid(handle))
         return String();
 
-    StringVector<UChar> buffer(MAX_PATH);
+    Vector<UChar> buffer(MAX_PATH);
     if (::GetFinalPathNameByHandleW(handle, buffer.data(), buffer.size(), VOLUME_NAME_NT) >= MAX_PATH) {
         closeFile(handle);
         return String();
@@ -250,7 +250,7 @@ bool moveFile(const String& oldPath, const String& newPath)
 
 String pathByAppendingComponent(const String& path, const String& component)
 {
-    StringVector<UChar> buffer(MAX_PATH);
+    Vector<UChar> buffer(MAX_PATH);
 
     if (path.length() + 1 > buffer.size())
         return String();
@@ -349,7 +349,7 @@ static String bundleName()
 
 static String storageDirectory(DWORD pathIdentifier)
 {
-    StringVector<UChar> buffer(MAX_PATH);
+    Vector<UChar> buffer(MAX_PATH);
     if (FAILED(SHGetFolderPathW(0, pathIdentifier | CSIDL_FLAG_CREATE, 0, 0, buffer.data())))
         return String();
     buffer.resize(wcslen(buffer.data()));
index 7afb578..4b2a3af 100644 (file)
@@ -1,3 +1,33 @@
+2018-05-03  Filip Pizlo  <fpizlo@apple.com>
+
+        Strings should not be allocated in a gigacage
+        https://bugs.webkit.org/show_bug.cgi?id=185218
+
+        Reviewed by Saam Barati.
+        
+        This removes the string gigacage.
+        
+        Putting strings in a gigacage prevents read gadgets. The other things that get to be in gigacages
+        are there to prevent read-write gadgets.
+        
+        Also, putting strings in a gigacage seems to have been a bigger regression than putting other
+        things in gigacages.
+        
+        Therefore, to maximize the benefit/cost ratio of gigacages, we should evict strings from them. If
+        we want to throw away perf for security, there are more beneficial things to sacrifice.
+
+        * bmalloc/Gigacage.h:
+        (Gigacage::name):
+        (Gigacage::basePtr):
+        (Gigacage::size):
+        (Gigacage::forEachKind):
+        * bmalloc/HeapKind.h:
+        (bmalloc::isGigacage):
+        (bmalloc::gigacageKind):
+        (bmalloc::heapKind):
+        (bmalloc::isActiveHeapKindAfterEnsuringGigacage):
+        (bmalloc::mapToActiveHeapKindAfterEnsuringGigacage):
+
 2018-04-30  Yusuke Suzuki  <utatane.tea@gmail.com>
 
         Use WordLock instead of std::mutex for Threading
index 38abf6c..027e280 100644 (file)
 #if BCPU(ARM64)
 #define PRIMITIVE_GIGACAGE_SIZE 0x80000000llu
 #define JSVALUE_GIGACAGE_SIZE 0x40000000llu
-#define STRING_GIGACAGE_SIZE 0x40000000llu
 #define GIGACAGE_ALLOCATION_CAN_FAIL 1
 #else
 #define PRIMITIVE_GIGACAGE_SIZE 0x800000000llu
 #define JSVALUE_GIGACAGE_SIZE 0x400000000llu
-#define STRING_GIGACAGE_SIZE 0x400000000llu
 #define GIGACAGE_ALLOCATION_CAN_FAIL 0
 #endif
 
 static_assert(bmalloc::isPowerOfTwo(PRIMITIVE_GIGACAGE_SIZE), "");
 static_assert(bmalloc::isPowerOfTwo(JSVALUE_GIGACAGE_SIZE), "");
-static_assert(bmalloc::isPowerOfTwo(STRING_GIGACAGE_SIZE), "");
 
 #define GIGACAGE_SIZE_TO_MASK(size) ((size) - 1)
 
 #define PRIMITIVE_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(PRIMITIVE_GIGACAGE_SIZE)
 #define JSVALUE_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(JSVALUE_GIGACAGE_SIZE)
-#define STRING_GIGACAGE_MASK GIGACAGE_SIZE_TO_MASK(STRING_GIGACAGE_SIZE)
 
 #if ((BOS(DARWIN) || BOS(LINUX)) && \
     (BCPU(X86_64) || (BCPU(ARM64) && !defined(__ILP32__) && (!BPLATFORM(IOS) || __IPHONE_OS_VERSION_MIN_REQUIRED >= 110300))))
@@ -78,16 +74,14 @@ BINLINE bool wasEnabled() { return g_wasEnabled; }
 struct BasePtrs {
     void* primitive;
     void* jsValue;
-    void* string;
 };
 
 enum Kind {
     Primitive,
     JSValue,
-    String
 };
 
-static constexpr unsigned numKinds = 3;
+static constexpr unsigned numKinds = 2;
 
 BEXPORT void ensureGigacage();
 
@@ -110,8 +104,6 @@ BINLINE const char* name(Kind kind)
         return "Primitive";
     case JSValue:
         return "JSValue";
-    case String:
-        return "String";
     }
     BCRASH();
     return nullptr;
@@ -124,8 +116,6 @@ BINLINE void*& basePtr(BasePtrs& basePtrs, Kind kind)
         return basePtrs.primitive;
     case JSValue:
         return basePtrs.jsValue;
-    case String:
-        return basePtrs.string;
     }
     BCRASH();
     return basePtrs.primitive;
@@ -153,8 +143,6 @@ BINLINE size_t size(Kind kind)
         return static_cast<size_t>(PRIMITIVE_GIGACAGE_SIZE);
     case JSValue:
         return static_cast<size_t>(JSVALUE_GIGACAGE_SIZE);
-    case String:
-        return static_cast<size_t>(STRING_GIGACAGE_SIZE);
     }
     BCRASH();
     return 0;
@@ -175,7 +163,6 @@ void forEachKind(const Func& func)
 {
     func(Primitive);
     func(JSValue);
-    func(String);
 }
 
 template<typename T>
index 95afce3..9e1af6c 100644 (file)
@@ -34,11 +34,10 @@ namespace bmalloc {
 enum class HeapKind {
     Primary,
     PrimitiveGigacage,
-    JSValueGigacage,
-    StringGigacage
+    JSValueGigacage
 };
 
-static constexpr unsigned numHeaps = 4;
+static constexpr unsigned numHeaps = 3;
 
 BINLINE bool isGigacage(HeapKind heapKind)
 {
@@ -47,7 +46,6 @@ BINLINE bool isGigacage(HeapKind heapKind)
         return false;
     case HeapKind::PrimitiveGigacage:
     case HeapKind::JSValueGigacage:
-    case HeapKind::StringGigacage:
         return true;
     }
     BCRASH();
@@ -64,8 +62,6 @@ BINLINE Gigacage::Kind gigacageKind(HeapKind kind)
         return Gigacage::Primitive;
     case HeapKind::JSValueGigacage:
         return Gigacage::JSValue;
-    case HeapKind::StringGigacage:
-        return Gigacage::String;
     }
     BCRASH();
     return Gigacage::Primitive;
@@ -78,8 +74,6 @@ BINLINE HeapKind heapKind(Gigacage::Kind kind)
         return HeapKind::PrimitiveGigacage;
     case Gigacage::JSValue:
         return HeapKind::JSValueGigacage;
-    case Gigacage::String:
-        return HeapKind::StringGigacage;
     }
     BCRASH();
     return HeapKind::Primary;
@@ -90,7 +84,6 @@ BINLINE bool isActiveHeapKindAfterEnsuringGigacage(HeapKind kind)
     switch (kind) {
     case HeapKind::PrimitiveGigacage:
     case HeapKind::JSValueGigacage:
-    case HeapKind::StringGigacage:
         if (Gigacage::wasEnabled())
             return true;
         return false;
@@ -106,7 +99,6 @@ BINLINE HeapKind mapToActiveHeapKindAfterEnsuringGigacage(HeapKind kind)
     switch (kind) {
     case HeapKind::PrimitiveGigacage:
     case HeapKind::JSValueGigacage:
-    case HeapKind::StringGigacage:
         if (Gigacage::wasEnabled())
             return kind;
         return HeapKind::Primary;