It would also be interesting to try out a more aggressive form of freeunmap for 64-bit where the allocations are purged with MADV_FREE and then the virtual memory is kept out of circulation with a similar FIFO queue approach. Could potentially do it by default when malloc hints are enabled, so it wouldn't need a new option exposed (but it would change the MADV_FREE option into something that enhances security at the expense of more VM fragmentation rather than a performance vs. memory trade-off so that may not make much sense after all).
It's the same issue as the junk validation feature where there's a need for a reliable delay to get the most out of the feature. Randomization does help, but it's not as good as knowing that virtual memory doesn't go back into circulation until some configured amount of allocator throughput has occurred.
