[crankshaft] Properly handle stack overflows happened during AST typing.

Bug: chromium:724820
Change-Id: If4d05326ad00d0d3efe8f58b361595f2655d90d2
Reviewed-on: https://chromium-review.googlesource.com/518142Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45550}

src/crankshaft/hydrogen.cc

@@ -185,10 +185,13 @@ HCompilationJob::Status HCompilationJob::PrepareJobImpl() {
           : new (info()->zone()) HOptimizedGraphBuilder(info(), false);
 
   // Type-check the function.
-  AstTyper(info()->isolate(), info()->zone(), info()->closure(),
-           info()->scope(), info()->osr_ast_id(), info()->literal(),
-           graph_builder->bounds())
-      .Run();
+  AstTyper ast_typer(info()->isolate(), info()->zone(), info()->closure(),
+                     info()->scope(), info()->osr_ast_id(), info()->literal(),
+                     graph_builder->bounds());
+  ast_typer.Run();
+  if (ast_typer.HasStackOverflow()) {
+    return FAILED;
+  }
 
   graph_ = graph_builder->CreateGraph();
 
@@ -7964,10 +7967,14 @@ bool HOptimizedGraphBuilder::TryInline(Handle<JSFunction> target,
 
   // Type-check the inlined function.
   DCHECK(target_shared->has_deoptimization_support());
-  AstTyper(target_info.isolate(), target_info.zone(), target_info.closure(),
-           target_info.scope(), target_info.osr_ast_id(), target_info.literal(),
-           &bounds_)
-      .Run();
+  AstTyper ast_typer(target_info.isolate(), target_info.zone(),
+                     target_info.closure(), target_info.scope(),
+                     target_info.osr_ast_id(), target_info.literal(), &bounds_);
+  ast_typer.Run();
+  if (ast_typer.HasStackOverflow()) {
+    TraceInline(target, caller, "stack overflow");
+    return false;
+  }
 
   // Save the pending call context. Set up new one for the inlined function.
   // The function state is new-allocated because we need to delete it