Initializing sigset_t in Rust

Question

I'm trying to learn more about the FFI in Rust and linking with C libraries (specifically libc). While on my "quest" I came accross the following problem.

Normal pattern in C

void(* sig_set(int sig, void(*handler)(int))) {
    // uninitialized sigaction structs
    struct sigaction new_action, old_action;

    // assign options to new action
    new_action.sa_flags = SA_RESTART;
    new_action.sa_handler = handler;
    sigemptyset(&new_action.sa_mask);

    if(sigaction(sig, &new_action, &old_action) < 0) {
        fprintf(stderr, "Error: %s!\n", "signal error");
        exit(1);
    }
    return old_action.sa_handler;
}

Attempt in Rust

fn sig_init(sig: i32, handler: fn(i32)->()) -> usize {
    unsafe {
        let mut new_action: libc::sigaction;
        let mut old_action: libc::sigaction;

        new_action.sa_flags = 0x10000000;
        new_action.sa_sigaction = handler as usize;
        libc::sigemptyset(&mut new_action.sa_mask as *mut libc::sigset_t);

        libc::sigaction(
            sig,
            &mut new_action as *mut libc::sigaction,
            &mut old_action as *mut libc::sigaction
            );
         old_action.sa_sigaction
    }
}

When I tried the above the compiler will throw the following error for the use of a possibly uninitialized variable.

error: use of possibly uninitialized variable: `<variable here>` [E0381]

This makes sense as very bad things could happen if sigemptyset were to read from sa_mask. So I tried the following on line 3 of the above.

let mut new_action: libc::sigaction = libc::sigaction{
    sa_sigaction: handler as usize,
    sa_flags: 0x10000000,
    sa_mask: mask,
};

This will not work as _restorer is missing in the above example, but _restorer is private. So how would one get around this problem or a simmilar situation? Would you use something like mem::transmute?

Answer 1

The standard library defines a couple of functions to deal with initialization. They are generic, so they can be used to initialize values of any type.

First, there's std::mem::uninitialized(), which gives you an uninitialized value. LLVM will consider the contents to be undefined, and will perform aggressive optimizations based on this. You must initialize any value before it's read.

Second, there's std::mem::zeroed(), which gives you a value whose storage is filled with zeroes. This function is unsafe because such a value is not necessarily legal for all types. zeroed() is appropriate for "plain old data" (POD) types.

Answer 2

How about using mem::zeroed? The docs (https://doc.rust-lang.org/std/mem/fn.zeroed.html) even say:

This is useful for FFI functions sometimes, but should generally be avoided.