How should we handle OOM failures in CoreFoundation?

[madsmtm]

Functions like CFRunLoopGetCurrent and CFArrayCreate currently return Option<CFRetained<CFRunLoop>>, primarily because they aren't marked nonnull in the header.

These functions can technically fail if the process runs out of memory. We could add such an annotation ourselves, and panic! internally if we get NULL, but should we? Or should we keep returning an option here?

I'm leaning towards unwrapping internally, since there isn't much to do in that situation other than panicking (or maybe aborting?), and it's done by most of our other APIs as well. But perhaps we should add nuance here, and only panic for things where we don't control the allocator and size (CFRunLoopGetMain, CFCalendarCopyCurrent), while for things with user-specified sizes and allocators (CFAttributedStringCreate, CFArrayCreate, etc.) we keep the Option?