Make Simulator respect C stack limits as well.

src/arm/simulator-arm.h

Index: src/arm/simulator-arm.h
diff --git a/src/arm/simulator-arm.h b/src/arm/simulator-arm.h
index eea43efc53a97a30cf44e8d690be34c5a28b740d..a972a77d411c47480bd572bd662b625eb66f73c2 100644
--- a/src/arm/simulator-arm.h
+++ b/src/arm/simulator-arm.h
@@ -181,12 +181,12 @@ class Simulator {
   void set_pc(int32_t value);
   int32_t get_pc() const;
 
-  Address get_sp() {
+  Address get_sp() const {
     return reinterpret_cast<Address>(static_cast<intptr_t>(get_register(sp)));
   }
 
   // Accessor to the internal simulator stack area.
-  uintptr_t StackLimit() const;
+  uintptr_t StackLimit(uintptr_t c_limit) const;
 
   // Executes ARM instructions until the PC reaches end_sim_pc.
   void Execute();
@@ -439,15 +439,14 @@ class Simulator {
 
 
 // The simulator has its own stack. Thus it has a different stack limit from
-// the C-based native code.  Setting the c_limit to indicate a very small
-// stack cause stack overflow errors, since the simulator ignores the input.
-// This is unlikely to be an issue in practice, though it might cause testing

[Michael Starzinger, 2015/08/24 13:46:31]

You claim this to unlikely be an issue in practice. The subsequent explosions on
ClusterFuzz over the last week proof that to be lie. :)

-// trouble down the line.
+// the C-based native code.  The JS-based limit normally points near the end of
+// the simulator stack.  When the C-based limit is exhausted we reflect that by
+// lowering the JS-based limit as well, to make stack checks trigger.
 class SimulatorStack : public v8::internal::AllStatic {
  public:
   static inline uintptr_t JsLimitFromCLimit(v8::internal::Isolate* isolate,
                                             uintptr_t c_limit) {
-    return Simulator::current(isolate)->StackLimit();
+    return Simulator::current(isolate)->StackLimit(c_limit);
   }
 
   static inline uintptr_t RegisterCTryCatch(uintptr_t try_catch_address) {