[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

For x64, ia32 and x87 we would pop the return address before the stack
overflow check. This meant the stack couldn't be unwound properly if
it was going to overflow. This CL moves the pop of the return address
to after the stack overflow check.

Also adds a regression test to check that a RangeError is thrown.

BUG=689016
Review-Url: https://codereview.chromium.org/2681643004
Cr-Commit-Position: refs/heads/master@{#42984}
Committed: https://chromium.googlesource.com/v8/v8/+/f4739ea863108016153941c29db4bf4568cbd734

[petermarshall, 2017-02-07 09:05:32]

The CQ bit was checked by petermarshall@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-02-07 09:05:37]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[petermarshall, 2017-02-07 09:10:30]

Description was changed from

==========
[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

For x64 and ia32, we would pop the return address before the stack
overflow check. This meant the stack couldn't be unwound properly if
it was going to overflow. This CL moves the pop of the return address
to after the stack overflow check.

Also adds a regression test to check that a RangeError is thrown.

BUG=689016
==========

to

==========
[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

For x64, ia32 and x87 we would pop the return address before the stack
overflow check. This meant the stack couldn't be unwound properly if
it was going to overflow. This CL moves the pop of the return address
to after the stack overflow check.

Also adds a regression test to check that a RangeError is thrown.

BUG=689016
==========

[petermarshall, 2017-02-07 09:14:44]

petermarshall@chromium.org changed reviewers:
+ bmeurer@chromium.org

[petermarshall, 2017-02-07 09:14:45]

PTAL =]

[Benedikt Meurer, 2017-02-07 09:27:13]

LGTM!

[petermarshall, 2017-02-07 09:28:00]

The CQ bit was checked by petermarshall@chromium.org

[commit-bot: I haz the power, 2017-02-07 09:28:07]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-02-07 09:58:20]

CQ is committing da patch.

Bot data: {"patchset_id": 20001, "attempt_start_ts": 1486459680363830,
"parent_rev": "44a381ad9995f90bc2ed61c398243acd054648b2", "commit_rev":
"f4739ea863108016153941c29db4bf4568cbd734"}

[commit-bot: I haz the power, 2017-02-07 09:58:28]

Description was changed from

==========
[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

For x64, ia32 and x87 we would pop the return address before the stack
overflow check. This meant the stack couldn't be unwound properly if
it was going to overflow. This CL moves the pop of the return address
to after the stack overflow check.

Also adds a regression test to check that a RangeError is thrown.

BUG=689016
==========

to

==========
[builtins] Fix crash on stack overflow in CheckSpreadAndPushToStack.

For x64, ia32 and x87 we would pop the return address before the stack
overflow check. This meant the stack couldn't be unwound properly if
it was going to overflow. This CL moves the pop of the return address
to after the stack overflow check.

Also adds a regression test to check that a RangeError is thrown.

BUG=689016

Review-Url: https://codereview.chromium.org/2681643004
Cr-Commit-Position: refs/heads/master@{#42984}
Committed:
https://chromium.googlesource.com/v8/v8/+/f4739ea863108016153941c29db4bf4568c...
==========

[commit-bot: I haz the power, 2017-02-07 09:58:29]

Committed patchset #2 (id:20001) as
https://chromium.googlesource.com/v8/v8/+/f4739ea863108016153941c29db4bf4568c...