Handle OOM gracefully

Most operations that require allocation can return to userspace with ENOMEM instead of panicking.

There has been significant progress when it comes to fallible allocations, in liballoc, thanks to the strict requirements for Rust code to be able to enter the Linux kernel. We now have functions like Arc::try_new, Box::try_new, etc., and there is even a flag --cfg no_global_oom_handling which disables everything in liballoc that can panic. We have a lot to do to make the kernel build with this strict option, and many fallible APIs we need are not even yet available, but they are slowly starting to appear at least.

changed title from Handle running out of frames gracefully to Handle OOM gracefully

removed time estimate

added ~1363 hard labels

changed the description

added medium-priority label

added mem label