[wasm][liftoff] Fix indexing in loop stack check

The "num_exceptions" field of the control block must be updated before
entering the stack check, because it is used in
"GetCurrentDebugSideTable" to compute the correct indices for the debug
side table.

R=clemensb@chromium.org

Bug: chromium:1199526
Change-Id: I54f1e4244bf84d0a78b47a764fedc83b54758d01
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2831483
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74003}

src/wasm/baseline/liftoff-compiler.cc

@@ -1077,10 +1077,10 @@ class LiftoffCompiler {
     // Save the current cache state for the merge when jumping to this loop.
     loop->label_state.Split(*__ cache_state());
 
+    PushControl(loop);
+
     // Execute a stack check in the loop header.
     StackCheck(decoder, decoder->position());
-
-    PushControl(loop);
   }
 
   void Try(FullDecoder* decoder, Control* block) {

test/cctest/wasm/test-liftoff-inspection.cc

@@ -453,6 +453,29 @@ TEST(Liftoff_debug_side_table_catch_all) {
       debug_side_table.get());
 }
 
+TEST(Regress1199526) {
+  EXPERIMENTAL_FLAG_SCOPE(eh);
+  LiftoffCompileEnvironment env;
+  ValueType exception_type = ValueType::Ref(HeapType::kExtern, kNonNullable);
+  auto debug_side_table = env.GenerateDebugSideTable(
+      {}, {},
+      {kExprTry, kVoidCode, kExprCallFunction, 0, kExprCatchAll, kExprLoop,
+       kVoidCode, kExprEnd, kExprEnd},
+      {});
+  CheckDebugSideTable(
+      {
+          // function entry.
+          {0, {}},
+          // break on entry.
+          {0, {}},
+          // function call.
+          {0, {}},
+          // loop stack check.
+          {1, {Stack(0, exception_type)}},
+      },
+      debug_side_table.get());
+}
+
 }  // namespace wasm
 }  // namespace internal
 }  // namespace v8