Add sandbox support for AsanCoverage.

content/common/sandbox_linux/sandbox_linux.h

Index: content/common/sandbox_linux/sandbox_linux.h
diff --git a/content/common/sandbox_linux/sandbox_linux.h b/content/common/sandbox_linux/sandbox_linux.h
index 235ba96ce6367382d7557c8359eab6b9a7a19610..8e48b18af4ed00ca436a23b23a76ed37e8d1714d 100644
--- a/content/common/sandbox_linux/sandbox_linux.h
+++ b/content/common/sandbox_linux/sandbox_linux.h
@@ -82,6 +82,11 @@ class LinuxSandbox {
   // to make some vulnerabilities harder to exploit.
   bool LimitAddressSpace(const std::string& process_type);
 
+#if (defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
+     defined(LEAK_SANITIZER))  && defined(OS_LINUX)
+  void SetSanitizerArgs(void *sanitizer_args);

[jln (very slow on Chromium), 2014/05/13 01:17:35]

style: "void* blah" in Chromium.

[jln (very slow on Chromium), 2014/05/13 01:17:35]

Note: it's ok to just call it set_sanitizer_args() and define it inline, since
it's a trivial mutator.

[earthdok, 2014/05/14 17:00:26]

Done.

+#endif
+
  private:
   friend struct DefaultSingletonTraits<LinuxSandbox>;
 
@@ -117,6 +122,10 @@ class LinuxSandbox {
   bool seccomp_bpf_supported_;  // Accurate if pre_initialized_.
   bool yama_is_enforcing_;  // Accurate if pre_initialized_.
   scoped_ptr<sandbox::SetuidSandboxClient> setuid_sandbox_client_;
+#if (defined(ADDRESS_SANITIZER) || defined(MEMORY_SANITIZER) || \
+     defined(LEAK_SANITIZER))  && defined(OS_LINUX)

[jln (very slow on Chromium), 2014/05/13 01:17:35]

You're in _linux, so you can remove the last defined()

[earthdok, 2014/05/14 17:00:26]

Done.

+  void *sanitizer_args_;

[jln (very slow on Chromium), 2014/05/13 01:17:35]

style: "void* blah" in chromium.

[jln (very slow on Chromium), 2014/05/13 01:17:35]

How about doing the following instead:

1. scoped_ptr<struct sanitizer_args> sanitizer_args_;
2. Allocate it and zero it in the constructor.
3. SetSanitizerArgs takes three arguments instead and sets the structure members
(therefore, only sandbox_linux.cc needs to know about them).
4. __sanitizer_sandbox_on_notify uses sanitizer_args.release() to pass ownership
to *SAN.

3. (alternative): have a simple sanitizer_args() const { return sanitizer_args_;
} method and continue to do this inline.

[earthdok, 2014/05/14 17:00:26]

Done.

[earthdok, 2014/05/14 17:00:26]

Note that *SAN doesn't actually take ownership of this struct.

The drawback of this approach is that the interface (SetSanitizerArgs) would
have to be changed every time new structure members are added, even though some
callers might not care about setting them.
I've implemented this solution, although I'm not sure I understood you right.

+#endif
 
   ~LinuxSandbox();
   DISALLOW_IMPLICIT_CONSTRUCTORS(LinuxSandbox);