Fix env debug assertion failure w/ Ractors+JITs

Previously when using a JIT and Ractors at the same time with debug
assertions turned on this could rarely fail with:

    vm_core.h:1448: Assertion Failed: VM_ENV_FLAGS:FIXNUM_P(flags)

When using Ractors, any time the VM lock is acquired, that may join a
barrier as another Ractor initiates GC. This could be made to happen
reliably by replacing the invalidation with a call to rb_gc().

This assertion failure happens because

    VM_STACK_ENV_WRITE(ep, 0, (VALUE)env);

Is setting VM_ENV_DATA_INDEX_FLAGS to the environment, which is not a
valid set of flags (it should be a fixnum). Although we update cfp->ep,
rb_execution_context_mark will also mark the PREV_EP, and until the
recursive calls to vm_make_env_each all finish the "next" ep may still
be pointing to the stack env we've just escaped.

I'm not completely sure why we need to store this on the stack - why is
setting cfp->ep not enough? I'm also not sure why
rb_execution_context_mark needs to mark the prev_ep.

Author: jhawthorn

vm.c

@@ -992,6 +992,13 @@ vm_make_env_each(const rb_execution_context_t * const ec, rb_control_frame_t *co
         local_size += VM_ENV_DATA_SIZE;
     }
 
+    // Invalidate JIT code that assumes cfp->ep == vm_base_ptr(cfp).
+    // This is done before creating the imemo_env because VM_STACK_ENV_WRITE
+    // below leaves the on-stack ep in a state that is unsafe to GC.
+    if (VM_FRAME_RUBYFRAME_P(cfp)) {
+        rb_yjit_invalidate_ep_is_bp(cfp->iseq);
+    }
+
     /*
      * # local variables on a stack frame (N == local_size)
      * [lvar1, lvar2, ..., lvarN, SPECVAL]
@@ -1035,11 +1042,6 @@ vm_make_env_each(const rb_execution_context_t * const ec, rb_control_frame_t *co
     }
 #endif
 
-    // Invalidate JIT code that assumes cfp->ep == vm_base_ptr(cfp).
-    if (env->iseq) {
-        rb_yjit_invalidate_ep_is_bp(env->iseq);
-    }
-
     return (VALUE)env;
 }