Retain references to buffers while doing blocking I/O

[aantron]

@olafhering, #726 was actually a symptom of a small family of pretty serious bugs in Lwt. Some Lwt APIs were not retaining references to user buffers that were passed in for I/O, and the buffers were occasionally being released too early.

These bugs are fairly difficult to trigger, as they require:

• Doing I/O on a blocking fd (Lwt is primarily used with sockets and pipes in non-blocking mode).
• The user not retaining a reference to the buffer (most programs reuse their buffers, so they retain the references).
• The I/O not completing right away (in most cases, blocking I/O calls do complete right away).
• An intervening GC cycle between when the I/O is scheduled and when it runs.

When triggered, Lwt could access dead (or reallocated) memory when writing, and unexpectedly write to memory of other objects when reading. The buggy APIs were Lwt_unix.writev, Lwt_unix.readv, Lwt_bytes.write, Lwt_bytes.read. Lwt_bytes.wait_mincore also had the issue, even though it's a different kind of function.

I added a new kind of tests specifically for buffer retention, and reviewed the arguments of all functions in lwt.unix for whether they have this bug or not.

I ran the same stress test that I used to reproduce #726 locally, and did not observe the problem with these patches. I'll run it a few more times, and then merge.

@olafhering, thanks again for being thorough and reporting the issue.

Fixes #726.