ZJIT: Avoid transmute dodging rustc/LLVM int-to-ptr miscompilation

The transmute triggered a miscompilation on Rust 1.85.0, where the
callback was "optimized" to unconditional go to a `SIGTRAP`ping
instruction.

While later Rust versions don't have the same miscompilation, it seems
that this is also partly our fault for being funky with the pointer provenance
in this code. It's possible rust will make some changes that break the
transmute.

Use the Exposed Provenance API here and steer clear of transmute.

See: rust-lang/rust#121282
See: rust-lang/rust#147265
See: rust-lang/rust#128409 (comment)

Author: XrXr

zjit/src/cruby.rs

@@ -1228,13 +1228,13 @@ pub mod test_utils {
         // "Fun" double pointer dance to get a thin function pointer to pass through C
         unsafe extern "C" fn callback_wrapper(data: VALUE) -> VALUE {
             // SAFETY: shorter lifetime than the data local in the caller frame
-            let callback: &mut &mut dyn FnMut() = unsafe { std::mem::transmute(data) };
-            callback();
+            let callback: *mut &mut dyn FnMut() = std::ptr::with_exposed_provenance_mut(data.0);
+            unsafe { (*callback)() };
             Qnil
         }
 
         let mut state: c_int = 0;
-        unsafe { super::rb_protect(Some(callback_wrapper), VALUE((&mut data) as *mut _ as usize), &mut state) };
+        unsafe { super::rb_protect(Some(callback_wrapper), VALUE((&raw mut data).expose_provenance()), &mut state) };
         if state != 0 {
             unsafe { rb_zjit_print_exception(); }
             assert_eq!(0, state, "Exceptional unwind in callback. Ruby exception?");