Fix deoptimization after exit during inc/dec

[arnaud-lb]

Fixes GH-19669

When the assumption that (PRE|POST)_(INC|DEC) overflows turns out to be false and we exit, effects are lost if op1 or result were in regs.

Fix by updating the stack map before creating the exit point.

My understanding is the stack map is setup for exits to the same opline, but not for exits to the next opline (e.g. ZREG_LAST_USE entries are removed by zend_jit_trace_cleanup_stack). Therefore, we need manual stack map manipulations before creating exit points to the next opline.

Analysis of the reproducer:

function test() {
    $a = PHP_INT_MIN;
    $b = 0;
    while ($b++ < 2) {
        $a = (int) ($a-- + $a - $b);
    }
    return $a;
}

Opcodes:

0003 T2 = POST_DEC CV0($a)
0004 T3 = ADD T2 CV0($a)
0005 T2 = SUB T3 CV1($b)

• POST_DEC is expected to underflow, so a guard is emitted
• The guard fails at some point
• During compilation of the side trace, the type of T2 in ADD T2 CV0($a) doesn't match type inference, which causes the assertion failure. This is because exiting from POST_DEC CV0($a) didn't update T2.