[turbofan] fix escape analysis for not word aligned fields

On big endian 64 bit architectures, kHashFieldOffset is not word-aligned. 
This breaks the assumption in escape analysis that all fields are word-aligned. 
Fix this by not dematerializing such objects.

Alternative fix for https://chromium-review.googlesource.com/c/v8/v8/+/681335

Change-Id: I7d8e4c7934d9306cc06a614ae110e7cf7235394f
Reviewed-on: https://chromium-review.googlesource.com/681714
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48163}

src/compiler/escape-analysis.h

@@ -10,6 +10,7 @@
 #include "src/compiler/js-graph.h"
 #include "src/compiler/persistent-map.h"
 #include "src/globals.h"
+#include "src/objects/name.h"
 
 namespace v8 {
 namespace internal {
@@ -120,7 +121,13 @@ class VirtualObject : public Dependable {
   typedef ZoneVector<Variable>::const_iterator const_iterator;
   VirtualObject(VariableTracker* var_states, Id id, int size);
   Maybe<Variable> FieldAt(int offset) const {
-    DCHECK_EQ(0, offset % kPointerSize);
+    if (offset % kPointerSize != 0) {
+      // We do not support fields that are not word-aligned. Bail out by
+      // treating the object as escaping. This can only happen for
+      // {Name::kHashFieldOffset} on 64bit big endian architectures.
+      DCHECK_EQ(Name::kHashFieldOffset, offset);
+      return Nothing<Variable>();
+    }
     CHECK(!HasEscaped());
     if (offset >= size()) {
       // This can only happen in unreachable code.