as roc pointed out on IRC: <roc> are people aware that in Chunk::init, the poisoning is completely pointless on Linux because (contrary to the comment above the call to decommitAllArenas) Linux immediately zeroes all decommitted memory? And he's right. We do JS_POISON(this, JS_FRESH_TENURED_PATTERN, ChunkSize); followed by decommitAllArenas(rt); which on Linux does madvise(p, size, MADV_DONTNEED); which will make all reads return zero. I suppose you could argue that theoretically the madvise could fail, but in actual practice we're wasting time touching pages and then throwing them away.
Well, IIRC, the Windows behavior is different and does behave as the comment suggests. Given that I don't think I've even seen JS_FRESH_TENURED_PATTERN in crashstats. I think we should probably just poison the footer and not touch the rest on all platforms.
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.