Signal semantics for Rust

Hello everyone!

Some operating systems have a concept of asynchronous signals -- an external events that can interrupt the control flow of a thread and cause it to execute a special function, called a signal handler. A control flow can be redirected into a signal handler from any point at which the signal is not blocked, which makes installing signal handlers very unsafe and requires caution while implementing a signal handler. C and C++ standards, as well as POSIX, specify what a signal is and what semantics they have, and what a signal handler can safely do.

I propose providing documentation what can a signal handler do in a Rust program, specifically:

• What functions from the standard library (core and maybe std) can be called from a signal handler?
• Allowed interactions with global objects. As far as I understand, a signal handler can only safely interact with immutable (without interior mutability) and atomic (core::sync::atomic) objects
• Safety of using the Rust formatting subsystem (core::fmt) -- can it be safe, what types from the standard library can be safely formatted