OSV-2021-16 Stack-buffer-overflow in JS::Heap::gather_conservative_roots

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29266 Crash type: Stack-buffer-overflow READ 8 Crash state: JS::Heap::gatherconservativeroots JS::Heap::gatherroots JS::Heap::collectgarbage...