Add file descriptor table reservations.

The file descriptor table now has allows reserving room for multiple file descriptors before assigning their numbers. This functionality means the error conditions happen up front and the subsequent number assignment will never fail.

This change uses the new functionality to fix troublesome error handling when allocating multiple file descriptors. One pty allocation error path was even wrong.

There were subtle race conditions where one (kernel) thread may have allocated one file descriptor, and another thread suspiciously replaces it with something else, and then the second file descriptor allocation failed in the first thread, and it closes the first file descriptor now pointing to a different file description. This case seems harmless but it's not a great class of bugs to exist in the first place. The new behavior means the file descriptions appear in the file descriptor table without fail and never needs to be cleaned up midway and is certainly immune to shenanigans from other threads.