Update from https://crrev.com/328418

sandbox/linux/seccomp-bpf/trap.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "sandbox/linux/seccomp-bpf/trap.h"
 
 #include <errno.h>
 #include <signal.h>
 #include <string.h>
 #include <sys/syscall.h>
 
 #include <algorithm>
 #include <limits>
 
+#include "base/compiler_specific.h"
 #include "base/logging.h"
 #include "build/build_config.h"
 #include "sandbox/linux/bpf_dsl/seccomp_macros.h"
 #include "sandbox/linux/seccomp-bpf/die.h"
 #include "sandbox/linux/seccomp-bpf/syscall.h"
 #include "sandbox/linux/services/syscall_wrappers.h"
 #include "sandbox/linux/system_headers/linux_seccomp.h"
 #include "sandbox/linux/system_headers/linux_signal.h"
 
 namespace {
@@ skipping 89 matching lines @@
   if (!global_trap_) {
     global_trap_ = new Trap();
     if (!global_trap_) {
       SANDBOX_DIE("Failed to allocate global trap handler");
     }
   }
   return global_trap_;
 }
 
 void Trap::SigSysAction(int nr, LinuxSigInfo* info, void* void_context) {
+  if (info) {
+    MSAN_UNPOISON(info, sizeof(*info));
+  }
+
+  // Obtain the signal context. This, most notably, gives us access to
+  // all CPU registers at the time of the signal.
+  ucontext_t* ctx = reinterpret_cast<ucontext_t*>(void_context);
+  if (ctx) {
+    MSAN_UNPOISON(ctx, sizeof(*ctx));
+  }
+
   if (!global_trap_) {
     RAW_SANDBOX_DIE(
         "This can't happen. Found no global singleton instance "
         "for Trap() handling.");
   }
-  global_trap_->SigSys(nr, info, void_context);
+  global_trap_->SigSys(nr, info, ctx);
 }
 
-void Trap::SigSys(int nr, LinuxSigInfo* info, void* void_context) {
+void Trap::SigSys(int nr, LinuxSigInfo* info, ucontext_t* ctx) {
   // Signal handlers should always preserve "errno". Otherwise, we could
   // trigger really subtle bugs.
   const int old_errno = errno;
 
   // Various sanity checks to make sure we actually received a signal
   // triggered by a BPF filter. If something else triggered SIGSYS
   // (e.g. kill()), there is really nothing we can do with this signal.
-  if (nr != LINUX_SIGSYS || info->si_code != SYS_SECCOMP || !void_context ||
+  if (nr != LINUX_SIGSYS || info->si_code != SYS_SECCOMP || !ctx ||
       info->si_errno <= 0 ||
       static_cast<size_t>(info->si_errno) > trap_array_size_) {
     // ATI drivers seem to send SIGSYS, so this cannot be FATAL.
     // See crbug.com/178166.
     // TODO(jln): add a DCHECK or move back to FATAL.
     RAW_LOG(ERROR, "Unexpected SIGSYS received.");
     errno = old_errno;
     return;
   }
 
-  // Obtain the signal context. This, most notably, gives us access to
-  // all CPU registers at the time of the signal.
-  ucontext_t* ctx = reinterpret_cast<ucontext_t*>(void_context);
 
   // Obtain the siginfo information that is specific to SIGSYS. Unfortunately,
   // most versions of glibc don't include this information in siginfo_t. So,
   // we need to explicitly copy it into a arch_sigsys structure.
   struct arch_sigsys sigsys;
   memcpy(&sigsys, &info->_sifields, sizeof(sigsys));
 
 #if defined(__mips__)
   // When indirect syscall (syscall(__NR_foo, ...)) is made on Mips, the
   // number in register SECCOMP_SYSCALL(ctx) is always __NR_syscall and the
@@ skipping 208 matching lines @@
           "CHROME_SANDBOX_DEBUGGING is turned on first");
     }
   }
   // Returns the, possibly updated, value of has_unsafe_traps_.
   return has_unsafe_traps_;
 }
 
 Trap* Trap::global_trap_;
 
 }  // namespace sandbox