fuzz: Enable heap protection option

IPC fuzzer is built with Zephyr sys_heap. Because we have a custom
allocator, the compiler sanitizers alone are not able to detect all
errors related to memory allocation. Enabling heap hardening aims to
increase the number of potentially detectable errors in fuzz builds.

CONFIG_SYS_HEAP_HARDENING_EXTREME: adds per-chunk canary trailers
(catching buffer overflows that spill even a single byte into the next
chunk), double-free detection, free-list pointer validation, and
a full heap structure walk after every alloc/free operation. This last
check catches external corruption (e.g. a wild write from an unrelated
component damaging heap metadata) before the allocator acts on it,
rather than letting the damage propagate silently to the next allocation
that happens to touch the corrupted region. The measured cost is ~7%
throughput (288k -> 280k execs/30s), negligible given the class of bugs
it surfaces.

Signed-off-by: Tomasz Leman <tomasz.m.leman@intel.com>

Author: tmleman

app/boards/native_sim_libfuzzer.conf

@@ -5,6 +5,7 @@ CONFIG_ASSERT=y
 CONFIG_EXCEPTION_DEBUG=y
 CONFIG_ARCH_POSIX_TRAP_ON_FATAL=y
 CONFIG_SYS_HEAP_BIG_ONLY=y
+CONFIG_SYS_HEAP_HARDENING_EXTREME=y
 CONFIG_ZEPHYR_NATIVE_DRIVERS=y
 CONFIG_ARCH_POSIX_LIBFUZZER=y
 CONFIG_ZEPHYR_POSIX_FUZZ_TICKS=100