Add motes and `NockStack` allocation safety

[ashelkovnykov]

182 has been split into 2 PRs: this one and #202. This one adds error motes and adds NockStack safety checks by returning the null pointer when allocating on the NockStack runs out of memory.

[matthew-levan]

Review is in-progress. Meanwhile, I've attempted to boot a fake zod and got this:

gall: installing %dojo
gall: installing %eth-watcher
gall: installing %hood
drum: link [~zod %dojo]
kiln: boot
gall: installing %herm
gall: installing %lens
gall: installing %ping
gall: installing %spider
pier: (9): play: done
---------------- playback complete ----------------
vere: checking version compatibility
lick init mkdir zod/.urb/dev
ames: live on 31337 (localhost only)
conn: listening on zod/.urb/conn.sock
lick: %born failure;
http: web ipier: work exit: status 0, signal 6081
http: loopback live on http://localhost:12322
pier (20): live
pier: EOF 

[matthew-levan]

This all looks good. I'm going to try to track down why I can't boot a fake ship with it today, but I have a hunch that your work in mem.rs, in particular, may be what I'm missing in my guard page branch for raising SIGSEGV signals everywhere we should be (i.e, when we try to allocate across stack/alloc pointers, inwards or outwards).

[matthew-levan]

Ok I was able to boot a fake zod after increasing PMA_GROW_SIZE_p to 10000000.

[eamsden]

@ashelkovnykov please resolve merge conflicts before further review

[ashelkovnykov]

Ok I was able to boot a fake zod after increasing PMA_GROW_SIZE_p to 10000000.

@matthew-levan You're correct, though I'm seeing the same behaviour on status.