Initial port of VirtualFrame to the ARM architecture. To reduce the...

src/codegen-arm.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 17 matching lines @@
 #include "v8.h"
 
 #include "bootstrapper.h"
 #include "codegen-inl.h"
 #include "debug.h"
 #include "scopes.h"
 #include "runtime.h"
 
 namespace v8 { namespace internal {
 
+#define __ masm_->
+
+// -------------------------------------------------------------------------
+// VirtualFrame implementation.
+
+VirtualFrame::VirtualFrame(CodeGenerator* cgen) {
+  ASSERT(cgen->scope() != NULL);
+
+  masm_ = cgen->masm();
+  frame_local_count_ = cgen->scope()->num_stack_slots();
+  parameter_count_ = cgen->scope()->num_parameters();
+}
+
+
 // -------------------------------------------------------------------------
 // CodeGenState implementation.
 
 CodeGenState::CodeGenState(CodeGenerator* owner)
     : owner_(owner),
       typeof_state_(NOT_INSIDE_TYPEOF),
       true_target_(NULL),
       false_target_(NULL),
       previous_(NULL) {
   owner_->set_state(this);
@@ skipping 12 matching lines @@
   owner_->set_state(this);
 }
 
 
 CodeGenState::~CodeGenState() {
   ASSERT(owner_->state() == this);
   owner_->set_state(previous_);
 }
 
 
-// -----------------------------------------------------------------------------
+// -------------------------------------------------------------------------
 // CodeGenerator implementation
 
-#define __ masm_->
-
 CodeGenerator::CodeGenerator(int buffer_size, Handle<Script> script,
                              bool is_eval)
     : is_eval_(is_eval),
       script_(script),
       deferred_(8),
       masm_(new MacroAssembler(NULL, buffer_size)),
       scope_(NULL),
+      frame_(NULL),
       cc_reg_(al),
       state_(NULL),
       break_stack_height_(0) {
 }
 
 
 // Calling conventions:
 
 // r0: the number of arguments
 // fp: frame pointer
 // sp: stack pointer
 // pp: caller's parameter pointer
 // cp: callee's context
 
 void CodeGenerator::GenCode(FunctionLiteral* fun) {
-  Scope* scope = fun->scope();
   ZoneList<Statement*>* body = fun->body();
 
   // Initialize state.
-  { CodeGenState state(this);
-    scope_ = scope;
-    cc_reg_ = al;
+  ASSERT(scope_ == NULL);
+  scope_ = fun->scope();
+  ASSERT(frame_ == NULL);
+  VirtualFrame virtual_frame(this);
+  frame_ = &virtual_frame;
+  cc_reg_ = al;
+  {
+    CodeGenState state(this);
 
     // Entry
     // stack: function, receiver, arguments, return address
     // r0: number of arguments
     // sp: stack pointer
     // fp: frame pointer
     // pp: caller's parameter pointer
     // cp: callee's context
 
     { Comment cmnt(masm_, "[ enter JS frame");
       EnterJSFrame();
     }
     // tos: code slot
 #ifdef DEBUG
     if (strlen(FLAG_stop_at) > 0 &&
         fun->name()->IsEqualTo(CStrVector(FLAG_stop_at))) {
       __ stop("stop-at");
     }
 #endif
 
     // Allocate space for locals and initialize them.
-    if (scope->num_stack_slots() > 0) {
+    if (scope_->num_stack_slots() > 0) {
       Comment cmnt(masm_, "[ allocate space for locals");
       // Initialize stack slots with 'undefined' value.
       __ mov(ip, Operand(Factory::undefined_value()));
-      for (int i = 0; i < scope->num_stack_slots(); i++) {
+      for (int i = 0; i < scope_->num_stack_slots(); i++) {
         __ push(ip);
       }
     }
 
-    if (scope->num_heap_slots() > 0) {
+    if (scope_->num_heap_slots() > 0) {
       // Allocate local context.
       // Get outer context and create a new context based on it.
-      __ ldr(r0, FunctionOperand());
+      __ ldr(r0, frame_->Function());
       __ push(r0);
       __ CallRuntime(Runtime::kNewContext, 1);  // r0 holds the result
 
       if (kDebug) {
         Label verified_true;
         __ cmp(r0, Operand(cp));
         __ b(eq, &verified_true);
         __ stop("NewContext: r0 is expected to be the same as cp");
         __ bind(&verified_true);
       }
       // Update context local.
-      __ str(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+      __ str(cp, frame_->Context());
     }
 
     // TODO(1241774): Improve this code!!!
     // 1) only needed if we have a context
     // 2) no need to recompute context ptr every single time
     // 3) don't copy parameter operand code from SlotOperand!
     {
       Comment cmnt2(masm_, "[ copy context parameters into .context");
 
       // Note that iteration order is relevant here! If we have the same
       // parameter twice (e.g., function (x, y, x)), and that parameter
       // needs to be copied into the context, it must be the last argument
       // passed to the parameter that needs to be copied. This is a rare
       // case so we don't check for it, instead we rely on the copying
       // order: such a parameter is copied repeatedly into the same
       // context location and thus the last value is what is seen inside
       // the function.
-      for (int i = 0; i < scope->num_parameters(); i++) {
-        Variable* par = scope->parameter(i);
+      for (int i = 0; i < scope_->num_parameters(); i++) {
+        Variable* par = scope_->parameter(i);
         Slot* slot = par->slot();
         if (slot != NULL && slot->type() == Slot::CONTEXT) {
-          ASSERT(!scope->is_global_scope());  // no parameters in global scope
-          __ ldr(r1, ParameterOperand(i));
+          ASSERT(!scope_->is_global_scope());  // no parameters in global scope
+          __ ldr(r1, frame_->Parameter(i));
           // Loads r2 with context; used below in RecordWrite.
           __ str(r1, SlotOperand(slot, r2));
           // Load the offset into r3.
           int slot_offset =
               FixedArray::kHeaderSize + slot->index() * kPointerSize;
           __ mov(r3, Operand(slot_offset));
           __ RecordWrite(r2, r3, r1);
         }
       }
     }
 
     // Store the arguments object.
     // This must happen after context initialization because
     // the arguments array may be stored in the context!
-    if (scope->arguments() != NULL) {
-      ASSERT(scope->arguments_shadow() != NULL);
+    if (scope_->arguments() != NULL) {
+      ASSERT(scope_->arguments_shadow() != NULL);
       Comment cmnt(masm_, "[ allocate arguments object");
-      { Reference shadow_ref(this, scope->arguments_shadow());
-        { Reference arguments_ref(this, scope->arguments());
+      { Reference shadow_ref(this, scope_->arguments_shadow());
+        { Reference arguments_ref(this, scope_->arguments());
           ArgumentsAccessStub stub(ArgumentsAccessStub::NEW_OBJECT);
-          __ ldr(r2, FunctionOperand());
+          __ ldr(r2, frame_->Function());
           // The receiver is below the arguments, the return address,
           // and the frame pointer on the stack.
-          const int kReceiverDisplacement = 2 + scope->num_parameters();
+          const int kReceiverDisplacement = 2 + scope_->num_parameters();
           __ add(r1, fp, Operand(kReceiverDisplacement * kPointerSize));
-          __ mov(r0, Operand(Smi::FromInt(scope->num_parameters())));
+          __ mov(r0, Operand(Smi::FromInt(scope_->num_parameters())));
           __ stm(db_w, sp, r0.bit() | r1.bit() | r2.bit());
           __ CallStub(&stub);

[Kevin Millikin (Chromium), 2008/11/04 08:39:59]

This is the only place that "ReceiverOperand" would be explicitly used (the
index -1 also appears in slots apparently).  I'm not quite sure how to best
rewrite this snippet to make it write through the frame.

           __ push(r0);
           arguments_ref.SetValue(NOT_CONST_INIT);
         }
         shadow_ref.SetValue(NOT_CONST_INIT);
       }
       __ pop(r0);  // Value is no longer needed.
     }
 
     // Generate code to 'execute' declarations and initialize
     // functions (source elements). In case of an illegal
     // redeclaration we need to handle that instead of processing the
     // declarations.
-    if (scope->HasIllegalRedeclaration()) {
+    if (scope_->HasIllegalRedeclaration()) {
       Comment cmnt(masm_, "[ illegal redeclarations");
-      scope->VisitIllegalRedeclaration(this);
+      scope_->VisitIllegalRedeclaration(this);
     } else {
       Comment cmnt(masm_, "[ declarations");
       // ProcessDeclarations calls DeclareGlobals indirectly
-      ProcessDeclarations(scope->declarations());
+      ProcessDeclarations(scope_->declarations());
 
       // Bail out if a stack-overflow exception occurred when
       // processing declarations.
       if (HasStackOverflow()) return;
     }
 
     if (FLAG_trace) {
       // Push a valid value as the parameter. The runtime call only uses
       // it as the return value to indicate non-failure.
       __ CallRuntime(Runtime::kTraceEnter, 0);
     }
     CheckStack();
 
     // Compile the body of the function in a vanilla state. Don't
     // bother compiling all the code if the scope has an illegal
     // redeclaration.
-    if (!scope->HasIllegalRedeclaration()) {
+    if (!scope_->HasIllegalRedeclaration()) {
       Comment cmnt(masm_, "[ function body");
 #ifdef DEBUG
       bool is_builtin = Bootstrapper::IsActive();
       bool should_trace =
           is_builtin ? FLAG_trace_builtin_calls : FLAG_trace_calls;
       if (should_trace) {
         __ CallRuntime(Runtime::kDebugTrace, 0);
       }
 #endif
       VisitStatements(body);
@@ skipping 18 matching lines @@
 
   // Tear down the frame which will restore the caller's frame pointer and the
   // link register.
   ExitJSFrame();
 
   __ add(sp, sp, Operand((scope_->num_parameters() + 1) * kPointerSize));
   __ mov(pc, lr);
 
   // Code generation state must be reset.
   scope_ = NULL;
+  frame_ = NULL;
   ASSERT(!has_cc());
   ASSERT(state_ == NULL);
 }
 
 
 MemOperand CodeGenerator::SlotOperand(Slot* slot, Register tmp) {
   // Currently, this assertion will fail if we try to assign to
   // a constant variable that is constant because it is read-only
   // (such as the variable referring to a named function expression).
   // We need to implement assignments to read-only variables.
   // Ideally, we should do this during AST generation (by converting
   // such assignments into expression statements); however, in general
   // we may not be able to make the decision until past AST generation,
   // that is when the entire program is known.
   ASSERT(slot != NULL);
   int index = slot->index();
   switch (slot->type()) {
     case Slot::PARAMETER:
-      return ParameterOperand(index);
+      return frame_->Parameter(index);
 
-    case Slot::LOCAL: {
-      ASSERT(0 <= index && index < scope()->num_stack_slots());
-      const int kLocalOffset = JavaScriptFrameConstants::kLocal0Offset;
-      return MemOperand(fp, kLocalOffset - index * kPointerSize);
-    }
+    case Slot::LOCAL:
+      return frame_->Local(index);
 
     case Slot::CONTEXT: {
       // Follow the context chain if necessary.
       ASSERT(!tmp.is(cp));  // do not overwrite context register
       Register context = cp;
       int chain_length = scope()->ContextChainLength(slot->var()->scope());
       for (int i = chain_length; i-- > 0;) {
         // Load the closure.
         // (All contexts, even 'with' contexts, have a closure,
         // and it is the same for all contexts inside a function.
@@ skipping 662 matching lines @@
   }
 
   // Record the position for debugging purposes.
   __ RecordPosition(position);
 
   // Use the shared code stub to call the function.
   CallFunctionStub call_function(args->length());
   __ CallStub(&call_function);
 
   // Restore context and pop function from the stack.
-  __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+  __ ldr(cp, frame_->Context());
   __ pop();  // discard the TOS
 }
 
 
 void CodeGenerator::Branch(bool if_true, Label* L) {
   ASSERT(has_cc());
   Condition cc = if_true ? cc_reg_ : NegateCondition(cc_reg_);
   __ b(cc, L);
   cc_reg_ = al;
 }
@@ skipping 214 matching lines @@
   Load(node->expression());
   __ CallRuntime(Runtime::kPushContext, 1);
   if (kDebug) {
     Label verified_true;
     __ cmp(r0, Operand(cp));
     __ b(eq, &verified_true);
     __ stop("PushContext: r0 is expected to be the same as cp");
     __ bind(&verified_true);
   }
   // Update context local.
-  __ str(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+  __ str(cp, frame_->Context());
 }
 
 
 void CodeGenerator::VisitWithExitStatement(WithExitStatement* node) {
   Comment cmnt(masm_, "[ WithExitStatement");
   // Pop context.
   __ ldr(cp, ContextOperand(cp, Context::PREVIOUS_INDEX));
   // Update context local.
-  __ str(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+  __ str(cp, frame_->Context());
 }
 
 
 int CodeGenerator::FastCaseSwitchMaxOverheadFactor() {
     return kFastSwitchMaxOverheadFactor;
 }
 
 int CodeGenerator::FastCaseSwitchMinCaseCount() {
     return kFastSwitchMinCaseCount;
 }
@@ skipping 80 matching lines @@
       // statements if it does not match any of the cases.
       __ b(&next);
 
       // Bind the default case label, so we can branch to it when we
       // have compared against all other cases.
       ASSERT(default_case.is_unused());  // at most one default clause
       __ bind(&default_case);
     } else {
       __ bind(&next);
       next.Unuse();
-      __ ldr(r0, MemOperand(sp, 0));
+      __ ldr(r0, frame_->Top());
       __ push(r0);  // duplicate TOS
       Load(clause->label());
       Comparison(eq, true);
       Branch(false, &next);
     }
 
     // Entering the case statement for the first time. Remove the switch value
     // from the stack.
     __ pop(r0);
 
@@ skipping 198 matching lines @@
   __ push(r0);
 
   // Condition.
   __ bind(&entry);
 
   // sp[0] : index
   // sp[1] : array/enum cache length
   // sp[2] : array or enum cache
   // sp[3] : 0 or map
   // sp[4] : enumerable
-  __ ldr(r0, MemOperand(sp, 0 * kPointerSize));  // load the current count
-  __ ldr(r1, MemOperand(sp, 1 * kPointerSize));  // load the length
+  __ ldr(r0, frame_->Element(0));  // load the current count
+  __ ldr(r1, frame_->Element(1));  // load the length
   __ cmp(r0, Operand(r1));  // compare to the array length
   __ b(hs, &cleanup);
 
-  __ ldr(r0, MemOperand(sp, 0 * kPointerSize));
+  __ ldr(r0, frame_->Element(0));
 
   // Get the i'th entry of the array.
-  __ ldr(r2, MemOperand(sp, 2 * kPointerSize));
+  __ ldr(r2, frame_->Element(2));
   __ add(r2, r2, Operand(FixedArray::kHeaderSize - kHeapObjectTag));
   __ ldr(r3, MemOperand(r2, r0, LSL, kPointerSizeLog2 - kSmiTagSize));
 
   // Get Map or 0.
-  __ ldr(r2, MemOperand(sp, 3 * kPointerSize));
+  __ ldr(r2, frame_->Element(3));
   // Check if this (still) matches the map of the enumerable.
   // If not, we have to filter the key.
-  __ ldr(r1, MemOperand(sp, 4 * kPointerSize));
+  __ ldr(r1, frame_->Element(4));
   __ ldr(r1, FieldMemOperand(r1, HeapObject::kMapOffset));
   __ cmp(r1, Operand(r2));
   __ b(eq, &end_del_check);
 
   // Convert the entry to a string (or null if it isn't a property anymore).
-  __ ldr(r0, MemOperand(sp, 4 * kPointerSize));  // push enumerable
+  __ ldr(r0, frame_->Element(4));  // push enumerable
   __ push(r0);
   __ push(r3);  // push entry
   __ mov(r0, Operand(1));
   __ InvokeBuiltin(Builtins::FILTER_KEY, CALL_JS);
   __ mov(r3, Operand(r0));
 
   // If the property has been removed while iterating, we just skip it.
   __ cmp(r3, Operand(Factory::null_value()));
   __ b(eq, &next);
 
 
   __ bind(&end_del_check);
 
   // Store the entry in the 'each' expression and take another spin in the loop.
   // r3: i'th entry of the enum cache (or string there of)
   __ push(r3);  // push entry
   { Reference each(this, node->each());
     if (!each.is_illegal()) {
       if (each.size() > 0) {
-        __ ldr(r0, MemOperand(sp, kPointerSize * each.size()));
+        __ ldr(r0, frame_->Element(each.size()));
         __ push(r0);
       }
       // If the reference was to a slot we rely on the convenient property
       // that it doesn't matter whether a value (eg, r3 pushed above) is
       // right on top of or right underneath a zero-sized reference.
       each.SetValue(NOT_CONST_INIT);
       if (each.size() > 0) {
         // It's safe to pop the value lying on top of the reference before
         // unloading the reference itself (which preserves the top of stack,
         // ie, now the topmost value of the non-zero sized reference), since
@@ skipping 74 matching lines @@
   // After shadowing stops, the original labels are unshadowed and the
   // LabelShadows represent the formerly shadowing labels.
   int nof_unlinks = 0;
   for (int i = 0; i <= nof_escapes; i++) {
     shadows[i]->StopShadowing();
     if (shadows[i]->is_linked()) nof_unlinks++;
   }
 
   // Unlink from try chain.
   // TOS contains code slot
-  const int kNextOffset = StackHandlerConstants::kNextOffset +
-      StackHandlerConstants::kAddressDisplacement;
-  __ ldr(r1, MemOperand(sp, kNextOffset));  // read next_sp
+  const int kNextIndex = (StackHandlerConstants::kNextOffset
+                          + StackHandlerConstants::kAddressDisplacement)
+                       / kPointerSize;

[Kevin Millikin (Chromium), 2008/11/04 08:39:59]

Changed as per request.

+  __ ldr(r1, frame_->Element(kNextIndex));  // read next_sp
   __ mov(r3, Operand(ExternalReference(Top::k_handler_address)));
   __ str(r1, MemOperand(r3));
   ASSERT(StackHandlerConstants::kCodeOffset == 0);  // first field is code
   __ add(sp, sp, Operand(StackHandlerConstants::kSize - kPointerSize));
   // Code slot popped.
   if (nof_unlinks > 0) __ b(&exit);
 
   // Generate unlink code for the (formerly) shadowing labels that have been
   // jumped to.
   for (int i = 0; i <= nof_escapes; i++) {
     if (shadows[i]->is_linked()) {
       // Unlink from try chain;
       __ bind(shadows[i]);
 
       // Reload sp from the top handler, because some statements that we
       // break from (eg, for...in) may have left stuff on the stack.
       __ mov(r3, Operand(ExternalReference(Top::k_handler_address)));
       __ ldr(sp, MemOperand(r3));
 
-      __ ldr(r1, MemOperand(sp, kNextOffset));
+      __ ldr(r1, frame_->Element(kNextIndex));
       __ str(r1, MemOperand(r3));
       ASSERT(StackHandlerConstants::kCodeOffset == 0);  // first field is code
       __ add(sp, sp, Operand(StackHandlerConstants::kSize - kPointerSize));
       // Code slot popped.
 
       __ b(shadows[i]->original_label());
     }
   }
 
   __ bind(&exit);
@@ skipping 74 matching lines @@
   }
 
   // Unlink from try chain;
   __ bind(&unlink);
 
   __ pop(r0);  // Store TOS in r0 across stack manipulation
   // Reload sp from the top handler, because some statements that we
   // break from (eg, for...in) may have left stuff on the stack.
   __ mov(r3, Operand(ExternalReference(Top::k_handler_address)));
   __ ldr(sp, MemOperand(r3));
-  const int kNextOffset = StackHandlerConstants::kNextOffset +
-      StackHandlerConstants::kAddressDisplacement;
-  __ ldr(r1, MemOperand(sp, kNextOffset));
+  const int kNextIndex = (StackHandlerConstants::kNextOffset
+                          + StackHandlerConstants::kAddressDisplacement)
+                       / kPointerSize;
+  __ ldr(r1, frame_->Element(kNextIndex));
   __ str(r1, MemOperand(r3));
   ASSERT(StackHandlerConstants::kCodeOffset == 0);  // first field is code
   __ add(sp, sp, Operand(StackHandlerConstants::kSize - kPointerSize));
   // Code slot popped.
   __ push(r0);
 
   // --- Finally block ---
   __ bind(&finally_block);
 
   // Push the state on the stack.
@@ skipping 162 matching lines @@
   __ push(r0);
 }
 
 
 void CodeGenerator::VisitRegExpLiteral(RegExpLiteral* node) {
   Comment cmnt(masm_, "[ RexExp Literal");
 
   // Retrieve the literal array and check the allocated entry.
 
   // Load the function of this activation.
-  __ ldr(r1, FunctionOperand());
+  __ ldr(r1, frame_->Function());
 
   // Load the literals array of the function.
   __ ldr(r1, FieldMemOperand(r1, JSFunction::kLiteralsOffset));
 
   // Load the literal at the ast saved index.
   int literal_offset =
       FixedArray::kHeaderSize + node->literal_index() * kPointerSize;
   __ ldr(r2, FieldMemOperand(r1, literal_offset));
 
   Label done;
@@ skipping 52 matching lines @@
 
 
 void CodeGenerator::VisitObjectLiteral(ObjectLiteral* node) {
   Comment cmnt(masm_, "[ ObjectLiteral");
 
   ObjectLiteralDeferred* deferred = new ObjectLiteralDeferred(this, node);
 
   // Retrieve the literal array and check the allocated entry.
 
   // Load the function of this activation.
-  __ ldr(r1, FunctionOperand());
+  __ ldr(r1, frame_->Function());
 
   // Load the literals array of the function.
   __ ldr(r1, FieldMemOperand(r1, JSFunction::kLiteralsOffset));
 
   // Load the literal at the ast saved index.
   int literal_offset =
       FixedArray::kHeaderSize + node->literal_index() * kPointerSize;
   __ ldr(r2, FieldMemOperand(r1, literal_offset));
 
   // Check whether we need to materialize the object literal boilerplate.
@@ skipping 16 matching lines @@
     Expression* value = property->value();
     switch (property->kind()) {
       case ObjectLiteral::Property::CONSTANT: break;
       case ObjectLiteral::Property::COMPUTED:  // fall through
       case ObjectLiteral::Property::PROTOTYPE: {
         __ push(r0);  // dup the result
         Load(key);
         Load(value);
         __ CallRuntime(Runtime::kSetProperty, 3);
         // restore r0
-        __ ldr(r0, MemOperand(sp, 0));
+        __ ldr(r0, frame_->Top());
         break;
       }
       case ObjectLiteral::Property::SETTER: {
         __ push(r0);
         Load(key);
         __ mov(r0, Operand(Smi::FromInt(1)));
         __ push(r0);
         Load(value);
         __ CallRuntime(Runtime::kDefineAccessor, 4);
-        __ ldr(r0, MemOperand(sp, 0));
+        __ ldr(r0, frame_->Top());
         break;
       }
       case ObjectLiteral::Property::GETTER: {
         __ push(r0);
         Load(key);
         __ mov(r0, Operand(Smi::FromInt(0)));
         __ push(r0);
         Load(value);
         __ CallRuntime(Runtime::kDefineAccessor, 4);
-        __ ldr(r0, MemOperand(sp, 0));
+        __ ldr(r0, frame_->Top());
         break;
       }
     }
   }
 }
 
 
 void CodeGenerator::VisitArrayLiteral(ArrayLiteral* node) {
   Comment cmnt(masm_, "[ ArrayLiteral");
 
   // Call runtime to create the array literal.
   __ mov(r0, Operand(node->literals()));
   __ push(r0);
   // Load the function of this frame.
-  __ ldr(r0, FunctionOperand());
+  __ ldr(r0, frame_->Function());
   __ ldr(r0, FieldMemOperand(r0, JSFunction::kLiteralsOffset));
   __ push(r0);
   __ CallRuntime(Runtime::kCreateArrayLiteral, 2);
 
   // Push the resulting array literal on the stack.
   __ push(r0);
 
   // Generate code to set the elements in the array that are not
   // literals.
   for (int i = 0; i < node->values()->length(); i++) {
     Expression* value = node->values()->at(i);
 
     // If value is literal the property value is already
     // set in the boilerplate object.
     if (value->AsLiteral() == NULL) {
       // The property must be set by generated code.
       Load(value);
       __ pop(r0);
 
       // Fetch the object literal
-      __ ldr(r1, MemOperand(sp, 0));
+      __ ldr(r1, frame_->Top());
         // Get the elements array.
       __ ldr(r1, FieldMemOperand(r1, JSObject::kElementsOffset));
 
       // Write to the indexed properties array.
       int offset = i * kPointerSize + Array::kHeaderSize;
       __ str(r0, FieldMemOperand(r1, offset));
 
       // Update the write barrier for the array address.
       __ mov(r3, Operand(offset));
       __ RecordWrite(r1, r3, r2);
@@ skipping 102 matching lines @@
     // invoked function.
     LoadGlobal();
 
     // Load the arguments.
     for (int i = 0; i < args->length(); i++) Load(args->at(i));
 
     // Setup the receiver register and call the IC initialization code.
     Handle<Code> stub = ComputeCallInitialize(args->length());
     __ RecordPosition(node->position());
     __ Call(stub, RelocInfo::CODE_TARGET_CONTEXT);
-    __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+    __ ldr(cp, frame_->Context());
     // Remove the function from the stack.
     __ pop();
     __ push(r0);
 
   } else if (var != NULL && var->slot() != NULL &&
              var->slot()->type() == Slot::LOOKUP) {
     // ----------------------------------
     // JavaScript example: 'with (obj) foo(1, 2, 3)'  // foo is in obj
     // ----------------------------------
 
@@ skipping 26 matching lines @@
       __ push(r0);
       Load(property->obj());
 
       // Load the arguments.
       for (int i = 0; i < args->length(); i++) Load(args->at(i));
 
       // Set the receiver register and call the IC initialization code.
       Handle<Code> stub = ComputeCallInitialize(args->length());
       __ RecordPosition(node->position());
       __ Call(stub, RelocInfo::CODE_TARGET);
-      __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+      __ ldr(cp, frame_->Context());
 
       // Remove the function from the stack.
       __ pop();
 
       __ push(r0);  // push after get rid of function from the stack
 
     } else {
       // -------------------------------------------
       // JavaScript example: 'array[index](1, 2, 3)'
       // -------------------------------------------
 
       // Load the function to call from the property through a reference.
       Reference ref(this, property);
       ref.GetValue(NOT_INSIDE_TYPEOF);  // receiver
 
       // Pass receiver to called function.
-      __ ldr(r0, MemOperand(sp, ref.size() * kPointerSize));
+      __ ldr(r0, frame_->Element(ref.size()));
       __ push(r0);
       // Call the function.
       CallWithArguments(args, node->position());
       __ push(r0);
     }
 
   } else {
     // ----------------------------------
     // JavaScript example: 'foo(1, 2, 3)'  // foo is not global
     // ----------------------------------
@@ skipping 27 matching lines @@
   LoadGlobal();
 
   // Push the arguments ("left-to-right") on the stack.
   ZoneList<Expression*>* args = node->arguments();
   for (int i = 0; i < args->length(); i++) Load(args->at(i));
 
   // r0: the number of arguments.
   __ mov(r0, Operand(args->length()));
 
   // Load the function into r1 as per calling convention.
-  __ ldr(r1, MemOperand(sp, (args->length() + 1) * kPointerSize));
+  __ ldr(r1, frame_->Element(args->length() + 1));
 
   // Call the construct call builtin that handles allocation and
   // constructor invocation.
   __ RecordPosition(RelocInfo::POSITION);
   __ Call(Handle<Code>(Builtins::builtin(Builtins::JSConstructCall)),
           RelocInfo::CONSTRUCT_CALL);
 
   // Discard old TOS value and push r0 on the stack (same as Pop(), push(r0)).
-  __ str(r0, MemOperand(sp, 0 * kPointerSize));
+  __ str(r0, frame_->Top());
 }
 
 
 void CodeGenerator::GenerateValueOf(ZoneList<Expression*>* args) {
   ASSERT(args->length() == 1);
   Label leave;
   Load(args->at(0));
   __ pop(r0);  // r0 contains object.
   // if (object->IsSmi()) return the object.
   __ tst(r0, Operand(kSmiTagMask));
@@ skipping 152 matching lines @@
     // Push the builtins object found in the current global object.
     __ ldr(r1, GlobalObject());
     __ ldr(r0, FieldMemOperand(r1, GlobalObject::kBuiltinsOffset));
     __ push(r0);
 
     for (int i = 0; i < args->length(); i++) Load(args->at(i));
 
     // Call the JS runtime function.
     Handle<Code> stub = ComputeCallInitialize(args->length());
     __ Call(stub, RelocInfo::CODE_TARGET);
-    __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+    __ ldr(cp, frame_->Context());
     __ pop();
     __ push(r0);
   }
 }
 
 
 void CodeGenerator::VisitUnaryOperation(UnaryOperation* node) {
   Comment cmnt(masm_, "[ UnaryOperation");
 
   Token::Value op = node->op();
@@ skipping 141 matching lines @@
     Label slow, exit;
 
     // Load the value (1) into register r1.
     __ mov(r1, Operand(Smi::FromInt(1)));
 
     // Check for smi operand.
     __ tst(r0, Operand(kSmiTagMask));
     __ b(ne, &slow);
 
     // Postfix: Store the old value as the result.
-    if (is_postfix) __ str(r0, MemOperand(sp, target.size() * kPointerSize));
+    if (is_postfix) {
+      __ str(r0, frame_->Element(target.size()));
+    }
 
     // Perform optimistic increment/decrement.
     if (is_increment) {
       __ add(r0, r0, Operand(r1), SetCC);
     } else {
       __ sub(r0, r0, Operand(r1), SetCC);
     }
 
     // If the increment/decrement didn't overflow, we're done.
     __ b(vc, &exit);
 
     // Revert optimistic increment/decrement.
     if (is_increment) {
       __ sub(r0, r0, Operand(r1));
     } else {
       __ add(r0, r0, Operand(r1));
     }
 
     // Slow case: Convert to number.
     __ bind(&slow);
 
     // Postfix: Convert the operand to a number and store it as the result.
     if (is_postfix) {
       InvokeBuiltinStub stub(InvokeBuiltinStub::ToNumber, 2);
       __ CallStub(&stub);
       // Store to result (on the stack).
-      __ str(r0, MemOperand(sp, target.size() * kPointerSize));
+      __ str(r0, frame_->Element(target.size()));
     }
 
     // Compute the new value by calling the right JavaScript native.
     if (is_increment) {
       InvokeBuiltinStub stub(InvokeBuiltinStub::Inc, 1);
       __ CallStub(&stub);
     } else {
       InvokeBuiltinStub stub(InvokeBuiltinStub::Dec, 1);
       __ CallStub(&stub);
     }
@@ skipping 39 matching lines @@
       __ bind(&is_true);
       LoadCondition(node->right(),
                     NOT_INSIDE_TYPEOF,
                     true_target(),
                     false_target(),
                     false);
 
     } else {
       Label pop_and_continue, exit;
 
-      __ ldr(r0, MemOperand(sp, 0));  // dup the stack top
+      __ ldr(r0, frame_->Top());  // dup the stack top
       __ push(r0);
       // Avoid popping the result if it converts to 'false' using the
       // standard ToBoolean() conversion as described in ECMA-262,
       // section 9.2, page 30.
       ToBoolean(&pop_and_continue, &exit);
       Branch(false, &exit);
 
       // Pop the result of evaluating the first part.
       __ bind(&pop_and_continue);
       __ pop(r0);
@@ skipping 20 matching lines @@
       __ bind(&is_false);
       LoadCondition(node->right(),
                     NOT_INSIDE_TYPEOF,
                     true_target(),
                     false_target(),
                     false);
 
     } else {
       Label pop_and_continue, exit;
 
-      __ ldr(r0, MemOperand(sp, 0));
+      __ ldr(r0, frame_->Top());
       __ push(r0);
       // Avoid popping the result if it converts to 'true' using the
       // standard ToBoolean() conversion as described in ECMA-262,
       // section 9.2, page 30.
       ToBoolean(&exit, &pop_and_continue);
       Branch(true, &exit);
 
       // Pop the result of evaluating the first part.
       __ bind(&pop_and_continue);
       __ pop(r0);
@@ skipping 24 matching lines @@
       Load(node->left());
       Load(node->right());
       GenericBinaryOperation(node->op());
     }
     __ push(r0);
   }
 }
 
 
 void CodeGenerator::VisitThisFunction(ThisFunction* node) {
-  __ ldr(r0, FunctionOperand());
+  __ ldr(r0, frame_->Function());
   __ push(r0);
 }
 
 
 void CodeGenerator::VisitCompareOperation(CompareOperation* node) {
   Comment cmnt(masm_, "[ CompareOperation");
 
   // Get the expressions from the node.
   Expression* left = node->left();
   Expression* right = node->right();
@@ skipping 1315 matching lines @@
   // Slow-case: Non-function called.
   __ bind(&slow);
   __ mov(r0, Operand(argc_));  // Setup the number of arguments.
   __ InvokeBuiltin(Builtins::CALL_NON_FUNCTION, JUMP_JS);
 }
 
 
 #undef __
 
 } }  // namespace v8::internal