Revert "[Partition Alloc] Probabilistically poison memory on free."

This reverts commit 8ee0e773.

Reason for revert: Performance regression (Bugs: 1006176, 1005678, 1005677, 1005248, 1005068, 1005066, 1006178, 1006071)

Original change's description:
> [Partition Alloc] Probabilistically poison memory on free.
> 
> We do it unconditionally in DCHECK builds to catch bugs, but let's occasionally
> do it in release builds too. Frequency is tunable.
> 
> This is a re-land of
> https://chromium-review.googlesource.com/c/chromium/src/+/1761578, which was
> reverted in https://chromium-review.googlesource.com/c/chromium/src/+/1797642.
> 
> Bug: 984742
> TBR: haraken
> Change-Id: I8f9a36389b2d58f6a11b324b59dd47727e4b91fb
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1808181
> Reviewed-by: Chris Palmer <palmer@chromium.org>
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#697013}

TBR=palmer@chromium.org,haraken@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 984742
Change-Id: Ica990f0b07ac74034e049bcd507cc7d515429057
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1824074Reviewed-by: Chris Palmer <palmer@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#699590}

base/allocator/partition_allocator/partition_page.h

@@ -11,7 +11,6 @@
 #include "base/allocator/partition_allocator/partition_bucket.h"
 #include "base/allocator/partition_allocator/partition_cookie.h"
 #include "base/allocator/partition_allocator/partition_freelist_entry.h"
-#include "base/allocator/partition_allocator/random.h"
 #include "base/logging.h"
 
 namespace base {
@@ -202,28 +201,19 @@ ALWAYS_INLINE size_t PartitionPage::get_raw_size() const {
 }
 
 ALWAYS_INLINE void PartitionPage::Free(void* ptr) {
+#if DCHECK_IS_ON()
   size_t slot_size = this->bucket->slot_size;
   const size_t raw_size = get_raw_size();
   if (raw_size) {
     slot_size = raw_size;
   }
 
-#if DCHECK_IS_ON()
   // If these asserts fire, you probably corrupted memory.
   PartitionCookieCheckValue(ptr);
   PartitionCookieCheckValue(reinterpret_cast<char*>(ptr) + slot_size -
                             kCookieSize);
 
   memset(ptr, kFreedByte, slot_size);
-#else
-  // Probabilistically poison the memory. The goal is to do it often enough to
-  // catch bugs in production, but not so often that it significantly affects
-  // performance. Set fewer bits in the mask to increase the probability of
-  // poisoning; set more to reduce the performance effect.
-  constexpr uint32_t kProbabilityMask = 0x3f;
-  if (kProbabilityMask == (RandomValue() & kProbabilityMask)) {
-    memset(ptr, kFreedByte, slot_size);
-  }
 #endif
 
   DCHECK(this->num_allocated_slots);

base/allocator/partition_allocator/random.h

@@ -15,7 +15,7 @@ namespace base {
 // `base::RandUint64` which is very unpredictable, but which is expensive due to
 // the need to call into the kernel. Therefore this generator uses a fast,
 // entirely user-space function after initialization.
-BASE_EXPORT uint32_t RandomValue();
+uint32_t RandomValue();
 
 // Sets the seed for the random number generator to a known value, to cause the
 // RNG to generate a predictable sequence of outputs. May be called multiple