Under certain circumstances, the sigaction() interceptor will return success without taking any action: compiler-rt/lib/sanitizer_common/sanitizer_signal_interceptors.inc line 56 This is intentional, to prevent certain signals from being overwritten. However, the third parameter to sigaction() is an output parameter, used for reading the current signal state. If this 'early return zero' behavior triggers, this structure will never be written to, leaving possibly-uninitialized bytes behind. This can cause errors in a program being fuzzed that only occur during fuzzing; and if compiled with MSan, can cause incorrect crashes. One reasonable behavior: rather than directly return zero, call the real sigaction implementation with a null second parameter. This prevents it from making any changes, but still allows reading. This was discovered while doing MSan fuzzing of the Python runtime - it uses sigaction() during initialization.
Fixed in https://reviews.llvm.org/D85797.