[wasm][liftoff] Change size of references on stack to kSystemPointerSize

With pointer compression, the size of a reference depends on whether it
is stored on the stack or on the heap. The size provided by
ValueType::element_size_bytes() is the size of a reference on the heap.
LiftoffAssembler::SlotSizeForType(...) however should return the size
on the stack. This CL fixes this inconsistency.

This issue would have been found by an existing test, but this test is
disabled at the moment because of missing safepoint maps for stack
checks.

R=thibaudm@chromium.org

Bug: v8:7581
Change-Id: Ia45944b265fa4ce0d560ff00a24b023d6c1ae10a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2552515Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#71320}

src/wasm/baseline/ia32/liftoff-assembler-ia32.h

@@ -230,7 +230,8 @@ constexpr int LiftoffAssembler::StaticStackFrameSize() {
 }
 
 int LiftoffAssembler::SlotSizeForType(ValueType type) {
-  return type.element_size_bytes();
+  return type.is_reference_type() ? kSystemPointerSize
+                                  : type.element_size_bytes();
 }
 
 bool LiftoffAssembler::NeedsAlignment(ValueType type) {

src/wasm/baseline/x64/liftoff-assembler-x64.h

@@ -201,7 +201,8 @@ constexpr int LiftoffAssembler::StaticStackFrameSize() {
 }
 
 int LiftoffAssembler::SlotSizeForType(ValueType type) {
-  return type.element_size_bytes();
+  return type.is_reference_type() ? kSystemPointerSize
+                                  : type.element_size_bytes();
 }
 
 bool LiftoffAssembler::NeedsAlignment(ValueType type) {