Use the partition allocator and run the test in debug too.

Source/wtf/PartitionAlloc.h

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 118 matching lines @@
     PartitionPageHeader seedPage;
     PartitionBucket seedBucket;
     PartitionBucket buckets[kNumBuckets];
     char* nextSuperPage;
     char* nextPartitionPage;
     char* nextPartitionPageEnd;
     bool initialized;
 };
 
 WTF_EXPORT void partitionAllocInit(PartitionRoot*);
-WTF_EXPORT void partitionAllocShutdown(PartitionRoot*);
+WTF_EXPORT bool partitionAllocShutdown(PartitionRoot*);
 
 WTF_EXPORT NEVER_INLINE void* partitionAllocSlowPath(PartitionBucket*);
 WTF_EXPORT NEVER_INLINE void partitionFreeSlowPath(PartitionPageHeader*);
 
 ALWAYS_INLINE PartitionFreelistEntry* partitionFreelistMask(PartitionFreelistEntry* ptr)
 {
     // For now, use a simple / fast mask that guarantees an invalid pointer in
     // case it gets used as a vtable pointer.
     // The one attack we're fully mitigating is where an object is freed and its
     // vtable used where the attacker doesn't get the chance to run allocations
@@ skipping 27 matching lines @@
     return partitionAllocSlowPath(bucket);
 }
 
 ALWAYS_INLINE void* partitionAlloc(PartitionRoot* root, size_t size)
 {
     ASSERT(isMainThread());
     ASSERT(size);
     size_t index = size >> kBucketShift;
     ASSERT(index < kNumBuckets);
     ASSERT(size == index << kBucketShift);
-#if defined(ADDRESS_SANITIZER) || (!defined(NDEBUG) && !defined(DEBUG_PARTITION_ALLOC))
+#if defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
     return malloc(size);
 #else
     PartitionBucket* bucket = &root->buckets[index];
     return partitionBucketAlloc(bucket);
 #endif
 }
 
 ALWAYS_INLINE void partitionFree(void* ptr)
 {
     ASSERT(isMainThread());
-#if defined(ADDRESS_SANITIZER) || (!defined(NDEBUG) && !defined(DEBUG_PARTITION_ALLOC))
+#if defined(MEMORY_TOOL_REPLACES_ALLOCATOR)
     free(ptr);
 #else
     uintptr_t pointerAsUint = reinterpret_cast<uintptr_t>(ptr);
     // Checks that the pointer is after the page header. You can't free the
     // page header!
     ASSERT((pointerAsUint & kPartitionPageOffsetMask) >= sizeof(PartitionPageHeader));
     PartitionPageHeader* page = reinterpret_cast<PartitionPageHeader*>(pointerAsUint & kPartitionPageBaseMask);
     // Checks that the pointer is a multiple of bucket size.
     ASSERT(!(((pointerAsUint & kPartitionPageOffsetMask) - sizeof(PartitionPageHeader)) % partitionBucketSize(page->bucket)));
     PartitionFreelistEntry* entry = static_cast<PartitionFreelistEntry*>(ptr);
     entry->next = partitionFreelistMask(page->freelistHead);
     page->freelistHead = entry;
     --page->numAllocatedSlots;
     if (UNLIKELY(page->numAllocatedSlots <= 0))
         partitionFreeSlowPath(page);
 #endif
 }
 
 } // namespace WTF
 
 using WTF::PartitionRoot;
 using WTF::partitionAllocInit;
 using WTF::partitionAllocShutdown;
 using WTF::partitionAlloc;
 using WTF::partitionFree;
 
 #endif // WTF_PartitionAlloc_h