Using clone(2) to create the init container process segfault when build with release version of the youki binary

[yihuaf]

When building the released version of youki binary, the clone(2) used to create the container process will fail with the following error from dmesg:

[176643.245728] youki[340675]: segfault at 529 ip 00005581f9b434a0 sp 00007fff14905090 error 4 in youki[5581f9a20000+157000]
[176643.245741] Code: 00 00 ff d5 4c 89 bc 24 00 1c 00 00 48 89 9c 24 08 1c 00 00 4c 89 b4 24 10 1c 00 00 48 8b 84 24 18 03 00 00 48 8b 00 48 8b 00 <4c> 8b b8 28 05 00 00 48 8b 98 38 05 00 00 41 be 01 00 00 00 bd 01

Preliminary investigation points to the child stack pointer passed to clone(2) call. The debug version of the binary is not affected. Changing the allocated child stack size to 1MB or 2MB seems to make the issue go away, but I'd like a proper fix. Using this issue to track.

[yihuaf]

/assign

[yihuaf]

@utam0k I suspect in addition to PR #167, we would need to fix the issue mentioned here: nix-rust/nix#919. The whole discussion on boxed closure in nix-rust/nix#919 is a bit hard to wrap my head around, but I think it means the closure (the cb function in the clone call) context (the arguments to the closure) and its ownership belongs to the parent process instead of the child process callbacks. In the case of clone, the closure context may be free'ed by LLVM as soon as clone returns.