The deoptimizer can create argument adaptor frames, in which case we
write a return address onto the stack that jumps into the middle of
the ArgumentsAdaptorTrampoline builtin. Now that this builtin is
off-heap, we need to calculate the return address based on the
off-heap instruction stream, not the on-heap trampoline.

Bug: v8:6666
Change-Id: I55b27fe8b0573f6c6ae66375850352f71bdff618
Reviewed-on: https://chromium-review.googlesource.com/934202
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51520}