Panic when trying to match (?:){40}

[mstoykov]

r := MustCompile(`(?:){40}`, RE2)
 m, err := r.FindStringMatch("12")

will panic with

panic: runtime error: index out of range [-1] [recovered]
        panic: runtime error: index out of range [-1]

goroutine 6 [running]:
testing.tRunner.func1.1(0x590420, 0xc000016320)
        testing/testing.go:988 +0x30d
testing.tRunner.func1(0xc000134120)
        testing/testing.go:991 +0x3f9
panic(0x590420, 0xc000016320)
        runtime/panic.go:969 +0x166
github.com/dlclark/regexp2.(*runner).trackPush1(...)
        github.com/dlclark/regexp2/runner.go:992
github.com/dlclark/regexp2.(*runner).execute(0xc000146000, 0x0, 0x0)
        github.com/dlclark/regexp2/runner.go:387 +0x4511
github.com/dlclark/regexp2.(*runner).scan(0xc000146000, 0xc000014230, 0x2, 0x2, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x8, 0x8)
        github.com/dlclark/regexp2/runner.go:144 +0x1c3
github.com/dlclark/regexp2.(*Regexp).run(0xc000132100, 0x5a3d00, 0x0, 0xc000014230, 0x2, 0x2, 0x0, 0x0, 0x0)
        github.com/dlclark/regexp2/runner.go:91 +0x21a
github.com/dlclark/regexp2.(*Regexp).FindStringMatch(...)
        github.com/dlclark/regexp2/regexp.go:159
github.com/dlclark/regexp2.TestRE2ECMA(0xc000134120)
        github.com/dlclark/regexp2/regexp_re2_test.go:125 +0x8b
testing.tRunner(0xc000134120, 0x5b45d8)
        testing/testing.go:1039 +0xdc
created by testing.(*T).Run
        testing/testing.go:1090 +0x372
exit status 2
FAIL    github.com/dlclark/regexp2      0.006s

Things that I know don't matter:

• whether RE2 or ECMAScript (the issue was found first in goja)
• the input isn't important, the original one("\xe90000000") had Unicode
• the 40 needs to be 17 or bigger

This was found through fuzzing goja with the go-fuzz corpus for regexp which is why the example is such :). I may rewrite it to fuzz regexp2 as well and post it if there is interest.