x87: fixed x87 stack state in TurboFan

Unstructured control flow caused by excpetion handling leads to a wrong x87 stack
  state. This patch is to reset the x87 state at the hanlder entry point.

  Thanks for help from weiliang.lin@intel.com.

BUG=

Review URL: https://codereview.chromium.org/1668463006

Cr-Commit-Position: refs/heads/master@{#33738}

src/compiler/x87/code-generator-x87.cc

@@ -360,18 +360,41 @@ void CodeGenerator::AssemblePrepareTailCall(int stack_param_delta) {
   frame_access_state()->SetFrameAccessToSP();
 }
 
+thread_local bool is_handler_entry_point = false;
+static void DoEnsureSpaceForLazyDeopt(CompilationInfo* info,
+                                      MacroAssembler* masm,
+                                      int last_lazy_deopt_pc) {
+  if (!info->ShouldEnsureSpaceForLazyDeopt()) {
+    return;
+  }
+
+  int space_needed = Deoptimizer::patch_size();
+  // Ensure that we have enough space after the previous lazy-bailout
+  // instruction for patching the code here.
+  int current_pc = masm->pc_offset();
+  if (current_pc < last_lazy_deopt_pc + space_needed) {
+    int padding_size = last_lazy_deopt_pc + space_needed - current_pc;
+    masm->Nop(padding_size);
+  }
+}
 
 // Assembles an instruction after register allocation, producing machine code.
 void CodeGenerator::AssembleArchInstruction(Instruction* instr) {
   X87OperandConverter i(this, instr);
+  if (is_handler_entry_point) {
+    // Lazy Bailout entry, need to re-initialize FPU state.
+    __ fninit();
+    __ fld1();
+    is_handler_entry_point = false;
+  }
 
   switch (ArchOpcodeField::decode(instr->opcode())) {
     case kArchCallCodeObject: {
+      DoEnsureSpaceForLazyDeopt(info(), masm(), last_lazy_deopt_pc_);
       if (FLAG_debug_code && FLAG_enable_slow_asserts) {
         __ VerifyX87StackDepth(1);
       }
       __ fstp(0);
-      EnsureSpaceForLazyDeopt();
       if (HasImmediateInput(instr, 0)) {
         Handle<Code> code = Handle<Code>::cast(i.InputHeapObject(0));
         __ call(code, RelocInfo::CODE_TARGET);
@@ -416,7 +439,7 @@ void CodeGenerator::AssembleArchInstruction(Instruction* instr) {
       break;
     }
     case kArchCallJSFunction: {
-      EnsureSpaceForLazyDeopt();
+      DoEnsureSpaceForLazyDeopt(info(), masm(), last_lazy_deopt_pc_);
       Register func = i.InputRegister(0);
       if (FLAG_debug_code) {
         // Check the function's context matches the context argument.
@@ -463,7 +486,7 @@ void CodeGenerator::AssembleArchInstruction(Instruction* instr) {
       break;
     }
     case kArchLazyBailout: {
-      EnsureSpaceForLazyDeopt();
+      DoEnsureSpaceForLazyDeopt(info(), masm(), last_lazy_deopt_pc_);
       RecordCallPosition(instr);
       // Lazy Bailout entry, need to re-initialize FPU state.
       __ fninit();
@@ -2156,18 +2179,8 @@ void CodeGenerator::AddNopForSmiCodeInlining() { __ nop(); }
 
 
 void CodeGenerator::EnsureSpaceForLazyDeopt() {
-  if (!info()->ShouldEnsureSpaceForLazyDeopt()) {
+  is_handler_entry_point = true;
-    return;
+  DoEnsureSpaceForLazyDeopt(info(), masm(), last_lazy_deopt_pc_);
-  }
-
-  int space_needed = Deoptimizer::patch_size();
-  // Ensure that we have enough space after the previous lazy-bailout
-  // instruction for patching the code here.
-  int current_pc = masm()->pc_offset();
-  if (current_pc < last_lazy_deopt_pc_ + space_needed) {
-    int padding_size = last_lazy_deopt_pc_ + space_needed - current_pc;
-    __ Nop(padding_size);
-  }
 }
 
 #undef __