[NativeAOT] When reconciling shadow stack after catch, use more precise way to figure how much to pop.

[VSadov]

Fixes: #104628

After turning AVs in managed code into managed exceptions, we will not see the faulting/throwing IP on the shadow stack as redirecting vectored exception context is not a call thus will not push the faulting location to the shadow stack.
Also, there are other issues with throwing IP potentially present on the shadow stack multiple times, where the lowermost occurrence is not necessarily the correct one to unwind to.

To handle such cases we track the SSP unwinds in exception handling.
This is the same strategy as in #104820

[dotnet-policy-service]

Tagging subscribers to this area: @agocke, @MichalStrehovsky, @jkotas
See info in area-owners.md if you want to be subscribed.

[MichalStrehovsky]

I've just run into this locally too. Do we understand why none of the CI testing caught this? Is there a 9.0 issue tracking CET testing?

[VSadov]

Do we understand why none of the CI testing caught this?

Maybe typical lab runs use older hardware?

Yes, there are plans to have regular lab runs that have CET enabled. Also with CFG enabled as well.

[VSadov]

/azp run runtime-nativeaot-outerloop

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[VSadov]

@janvorli - Switched to the "SSP on REGDISPLAY" approach.

[janvorli]

Do we want to make this new member Windows only? The ifdefs around places that work with this are somehow inconsistent - some of them check for windows too and some don't.

[VSadov]

I tried to make it less platform-dependent initially, but as we moved through approaches it ended up being strictly wintel. Every piece working with this field is windows-only.
I will make the field windows-only as well.

[janvorli]

LGTM, thank you!

[VSadov]

Thanks!!

[VSadov]

I do not think Linux timeouts are related to this win-x64-CET specific change.