[regexp] Handle another regexp-too-big path for fuzzer suppressions

The behavior here depends on the platform and may also differ between
fast and slow paths [0]. Crash to let the fuzzer know there's nothing
interesting here.

[0] The reason for the fast-slow-path difference is that sometimes we
may trigger different compile jobs on these paths. One example is
`split`, which creates a new regexp instance on the slow path, but
reuses an existing instance on the fast path.

Bug: chromium:1236845
Change-Id: I87d9eb2601b235440014530d98df0e938b717650
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3080577
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76197}

src/regexp/regexp-compiler.cc

@@ -280,6 +280,9 @@ RegExpCompiler::CompilationResult RegExpCompiler::Assemble(
     if (!node->label()->is_bound()) node->Emit(this, &new_trace);
   }
   if (reg_exp_too_big_) {
+    if (FLAG_correctness_fuzzer_suppressions) {
+      FATAL("Aborting on excess zone allocation");
+    }
     macro_assembler_->AbortedCodeGeneration();
     return CompilationResult::RegExpTooBig();
   }