Fix invalid access to layout descriptor in Map::CopyInitialMap()

Fix invalid usage of layout_descriptor() function on 32-bit arch's,
which doesn't perform necessary checks. Test failure is observed only on
mips32 big-endian, and on mips32 little-endian as an alignment issue,
but the problem appears to be generic for all 32-bit arch's.

TEST=test/mjsunit/es6/classes-subclass-builtins.js
BUG=

Review URL: https://codereview.chromium.org/1522203004

Cr-Commit-Position: refs/heads/master@{#32887}

src/objects.cc

@@ -9059,7 +9059,7 @@ Handle<Map> Map::CopyInitialMap(Handle<Map> map, int instance_size,
   if (number_of_own_descriptors > 0) {
     // The copy will use the same descriptors array.
     result->UpdateDescriptors(map->instance_descriptors(),
-                              map->layout_descriptor());
+                              map->GetLayoutDescriptor());
     result->SetNumberOfOwnDescriptors(number_of_own_descriptors);
 
     DCHECK_EQ(result->NumberOfFields(),