[fullcodegen] Implement operand stack depth tracking.

src/full-codegen/arm64/full-codegen-arm64.cc

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #if V8_TARGET_ARCH_ARM64
 
 #include "src/ast/scopes.h"
 #include "src/code-factory.h"
 #include "src/code-stubs.h"
 #include "src/codegen.h"
@@ skipping 117 matching lines @@
   //  Push(lr, fp, cp, x1);
   //  Add(fp, jssp, 2 * kPointerSize);
   info->set_prologue_offset(masm_->pc_offset());
   __ Prologue(info->GeneratePreagedPrologue());
 
   // Reserve space on the stack for locals.
   { Comment cmnt(masm_, "[ Allocate locals");
     int locals_count = info->scope()->num_stack_slots();
     // Generators allocate locals, if any, in context slots.
     DCHECK(!IsGeneratorFunction(info->literal()->kind()) || locals_count == 0);
-
+    OperandStackDepthIncrement(locals_count);
     if (locals_count > 0) {
       if (locals_count >= 128) {
         Label ok;
         DCHECK(jssp.Is(__ StackPointer()));
         __ Sub(x10, jssp, locals_count * kPointerSize);
         __ CompareRoot(x10, Heap::kRealStackLimitRootIndex);
         __ B(hs, &ok);
         __ CallRuntime(Runtime::kThrowStackOverflow);
         __ Bind(&ok);
       }
@@ skipping 314 matching lines @@
     __ Ret();
     int32_t arg_count = info_->scope()->num_parameters() + 1;
     __ dc64(kXRegSize * arg_count);
   }
 }
 
 
 void FullCodeGenerator::StackValueContext::Plug(Variable* var) const {
   DCHECK(var->IsStackAllocated() || var->IsContextSlot());
   codegen()->GetVar(result_register(), var);
-  __ Push(result_register());
+  codegen()->PushOperand(result_register());
 }
 
 
 void FullCodeGenerator::EffectContext::Plug(Heap::RootListIndex index) const {
   // Root values have no side effects.
 }
 
 
 void FullCodeGenerator::AccumulatorValueContext::Plug(
     Heap::RootListIndex index) const {
   __ LoadRoot(result_register(), index);
 }
 
 
 void FullCodeGenerator::StackValueContext::Plug(
     Heap::RootListIndex index) const {
   __ LoadRoot(result_register(), index);
-  __ Push(result_register());
+  codegen()->PushOperand(result_register());
 }
 
 
 void FullCodeGenerator::TestContext::Plug(Heap::RootListIndex index) const {
   codegen()->PrepareForBailoutBeforeSplit(condition(), true, true_label_,
                                           false_label_);
   if (index == Heap::kUndefinedValueRootIndex ||
       index == Heap::kNullValueRootIndex ||
       index == Heap::kFalseValueRootIndex) {
     if (false_label_ != fall_through_) __ B(false_label_);
@@ skipping 12 matching lines @@
 
 void FullCodeGenerator::AccumulatorValueContext::Plug(
     Handle<Object> lit) const {
   __ Mov(result_register(), Operand(lit));
 }
 
 
 void FullCodeGenerator::StackValueContext::Plug(Handle<Object> lit) const {
   // Immediates cannot be pushed directly.
   __ Mov(result_register(), Operand(lit));
-  __ Push(result_register());
+  codegen()->PushOperand(result_register());
 }
 
 
 void FullCodeGenerator::TestContext::Plug(Handle<Object> lit) const {
   codegen()->PrepareForBailoutBeforeSplit(condition(),
                                           true,
                                           true_label_,
                                           false_label_);
   DCHECK(lit->IsNull() || lit->IsUndefined() || !lit->IsUndetectableObject());
   if (lit->IsUndefined() || lit->IsNull() || lit->IsFalse()) {
@@ skipping 13 matching lines @@
       if (true_label_ != fall_through_) __ B(true_label_);
     }
   } else {
     // For simplicity we always test the accumulator register.
     __ Mov(result_register(), Operand(lit));
     codegen()->DoTest(this);
   }
 }
 
 
-void FullCodeGenerator::EffectContext::DropAndPlug(int count,
-                                                   Register reg) const {
-  DCHECK(count > 0);
-  __ Drop(count);
-}
-
-
-void FullCodeGenerator::AccumulatorValueContext::DropAndPlug(
-    int count,
-    Register reg) const {
-  DCHECK(count > 0);
-  __ Drop(count);
-  __ Move(result_register(), reg);
-}
-
-
 void FullCodeGenerator::StackValueContext::DropAndPlug(int count,
                                                        Register reg) const {
   DCHECK(count > 0);
-  if (count > 1) __ Drop(count - 1);
+  if (count > 1) codegen()->DropOperands(count - 1);
   __ Poke(reg, 0);
 }
 
 
-void FullCodeGenerator::TestContext::DropAndPlug(int count,
-                                                 Register reg) const {
-  DCHECK(count > 0);
-  // For simplicity we always test the accumulator register.
-  __ Drop(count);
-  __ Mov(result_register(), reg);
-  codegen()->PrepareForBailoutBeforeSplit(condition(), false, NULL, NULL);
-  codegen()->DoTest(this);
-}
-
-
 void FullCodeGenerator::EffectContext::Plug(Label* materialize_true,
                                             Label* materialize_false) const {
   DCHECK(materialize_true == materialize_false);
   __ Bind(materialize_true);
 }
 
 
 void FullCodeGenerator::AccumulatorValueContext::Plug(
     Label* materialize_true,
     Label* materialize_false) const {
@@ skipping 10 matching lines @@
 void FullCodeGenerator::StackValueContext::Plug(
     Label* materialize_true,
     Label* materialize_false) const {
   Label done;
   __ Bind(materialize_true);
   __ LoadRoot(x10, Heap::kTrueValueRootIndex);
   __ B(&done);
   __ Bind(materialize_false);
   __ LoadRoot(x10, Heap::kFalseValueRootIndex);
   __ Bind(&done);
-  __ Push(x10);
+  codegen()->PushOperand(x10);
 }
 
 
 void FullCodeGenerator::TestContext::Plug(Label* materialize_true,
                                           Label* materialize_false) const {
   DCHECK(materialize_true == true_label_);
   DCHECK(materialize_false == false_label_);
 }
 
 
 void FullCodeGenerator::AccumulatorValueContext::Plug(bool flag) const {
   Heap::RootListIndex value_root_index =
       flag ? Heap::kTrueValueRootIndex : Heap::kFalseValueRootIndex;
   __ LoadRoot(result_register(), value_root_index);
 }
 
 
 void FullCodeGenerator::StackValueContext::Plug(bool flag) const {
   Heap::RootListIndex value_root_index =
       flag ? Heap::kTrueValueRootIndex : Heap::kFalseValueRootIndex;
   __ LoadRoot(x10, value_root_index);
-  __ Push(x10);
+  codegen()->PushOperand(x10);
 }
 
 
 void FullCodeGenerator::TestContext::Plug(bool flag) const {
   codegen()->PrepareForBailoutBeforeSplit(condition(),
                                           true,
                                           true_label_,
                                           false_label_);
   if (flag) {
     if (true_label_ != fall_through_) {
@@ skipping 229 matching lines @@
                                 kDontSaveFPRegs,
                                 EMIT_REMEMBERED_SET,
                                 OMIT_SMI_CHECK);
       PrepareForBailoutForId(proxy->id(), NO_REGISTERS);
       break;
     }
 
     case VariableLocation::LOOKUP: {
       Comment cmnt(masm_, "[ Function Declaration");
       __ Mov(x2, Operand(variable->name()));
-      __ Push(x2);
+      PushOperand(x2);
       // Push initial value for function declaration.
       VisitForStackValue(declaration->fun());
-      __ Push(Smi::FromInt(variable->DeclarationPropertyAttributes()));
-      __ CallRuntime(Runtime::kDeclareLookupSlot);
+      PushOperand(Smi::FromInt(variable->DeclarationPropertyAttributes()));
+      CallRuntimeWithOperands(Runtime::kDeclareLookupSlot);
       break;
     }
   }
 }
 
 
 void FullCodeGenerator::DeclareGlobals(Handle<FixedArray> pairs) {
   // Call the runtime to declare the globals.
   __ Mov(x11, Operand(pairs));
   Register flags = xzr;
@@ skipping 77 matching lines @@
     __ Bind(&skip);
 
     __ Cbnz(x0, &next_test);
     __ Drop(1);  // Switch value is no longer needed.
     __ B(clause->body_target());
   }
 
   // Discard the test value and jump to the default if present, otherwise to
   // the end of the statement.
   __ Bind(&next_test);
-  __ Drop(1);  // Switch value is no longer needed.
+  DropOperands(1);  // Switch value is no longer needed.
   if (default_clause == NULL) {
     __ B(nested_statement.break_label());
   } else {
     __ B(default_clause->body_target());
   }
 
   // Compile all the case bodies.
   for (int i = 0; i < clauses->length(); i++) {
     Comment cmnt(masm_, "[ Case body");
     CaseClause* clause = clauses->at(i);
@@ skipping 16 matching lines @@
 
   // TODO(all): This visitor probably needs better comments and a revisit.
 
   Label loop, exit;
   ForIn loop_statement(this, stmt);
   increment_loop_depth();
 
   // Get the object to enumerate over.
   SetExpressionAsStatementPosition(stmt->enumerable());
   VisitForAccumulatorValue(stmt->enumerable());
+  OperandStackDepthIncrement(ForIn::kElementCount);
 
   // If the object is null or undefined, skip over the loop, otherwise convert
   // it to a JS receiver.  See ECMA-262 version 5, section 12.6.4.
   Label convert, done_convert;
   __ JumpIfSmi(x0, &convert);
   __ JumpIfObjectType(x0, x10, x11, FIRST_JS_RECEIVER_TYPE, &done_convert, ge);
   __ JumpIfRoot(x0, Heap::kNullValueRootIndex, &exit);
   __ JumpIfRoot(x0, Heap::kUndefinedValueRootIndex, &exit);
   __ Bind(&convert);
   ToObjectStub stub(isolate());
@@ skipping 131 matching lines @@
   // TODO(all): We could use a callee saved register to avoid popping.
   __ Pop(x0);
   __ Add(x0, x0, Smi::FromInt(1));
   __ Push(x0);
 
   EmitBackEdgeBookkeeping(stmt, &loop);
   __ B(&loop);
 
   // Remove the pointers stored on the stack.
   __ Bind(loop_statement.break_label());
-  __ Drop(5);
+  DropOperands(5);
 
   // Exit and decrement the loop depth.
   PrepareForBailoutForId(stmt->ExitId(), NO_REGISTERS);
   __ Bind(&exit);
   decrement_loop_depth();
 }
 
 
 void FullCodeGenerator::EmitNewClosure(Handle<SharedFunctionInfo> info,
                                        bool pretenure) {
@@ skipping 248 matching lines @@
   FastCloneRegExpStub stub(isolate());
   __ CallStub(&stub);
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitAccessor(ObjectLiteralProperty* property) {
   Expression* expression = (property == NULL) ? NULL : property->value();
   if (expression == NULL) {
     __ LoadRoot(x10, Heap::kNullValueRootIndex);
-    __ Push(x10);
+    PushOperand(x10);
   } else {
     VisitForStackValue(expression);
     if (NeedsHomeObject(expression)) {
       DCHECK(property->kind() == ObjectLiteral::Property::GETTER ||
              property->kind() == ObjectLiteral::Property::SETTER);
       int offset = property->kind() == ObjectLiteral::Property::GETTER ? 2 : 3;
       EmitSetHomeObject(expression, offset, property->GetSlot());
     }
   }
 }
@@ skipping 24 matching lines @@
   AccessorTable accessor_table(zone());
   int property_index = 0;
   for (; property_index < expr->properties()->length(); property_index++) {
     ObjectLiteral::Property* property = expr->properties()->at(property_index);
     if (property->is_computed_name()) break;
     if (property->IsCompileTimeValue()) continue;
 
     Literal* key = property->key()->AsLiteral();
     Expression* value = property->value();
     if (!result_saved) {
-      __ Push(x0);  // Save result on stack
+      PushOperand(x0);  // Save result on stack
       result_saved = true;
     }
     switch (property->kind()) {
       case ObjectLiteral::Property::CONSTANT:
         UNREACHABLE();
       case ObjectLiteral::Property::MATERIALIZED_LITERAL:
         DCHECK(!CompileTimeValue::IsCompileTimeValue(property->value()));
         // Fall through.
       case ObjectLiteral::Property::COMPUTED:
         // It is safe to use [[Put]] here because the boilerplate already
@@ skipping 10 matching lines @@
 
             if (NeedsHomeObject(value)) {
               EmitSetHomeObjectAccumulator(value, 0, property->GetSlot(1));
             }
           } else {
             VisitForEffect(value);
           }
           break;
         }
         __ Peek(x0, 0);
-        __ Push(x0);
+        PushOperand(x0);
         VisitForStackValue(key);
         VisitForStackValue(value);
         if (property->emit_store()) {
           if (NeedsHomeObject(value)) {
             EmitSetHomeObject(value, 2, property->GetSlot());
           }
           __ Mov(x0, Smi::FromInt(SLOPPY));  // Language mode
-          __ Push(x0);
-          __ CallRuntime(Runtime::kSetProperty);
+          PushOperand(x0);
+          CallRuntimeWithOperands(Runtime::kSetProperty);
         } else {
-          __ Drop(3);
+          DropOperands(3);
         }
         break;
       case ObjectLiteral::Property::PROTOTYPE:
         DCHECK(property->emit_store());
         // Duplicate receiver on stack.
         __ Peek(x0, 0);
-        __ Push(x0);
+        PushOperand(x0);
         VisitForStackValue(value);
-        __ CallRuntime(Runtime::kInternalSetPrototype);
+        CallRuntimeWithOperands(Runtime::kInternalSetPrototype);
         PrepareForBailoutForId(expr->GetIdForPropertySet(property_index),
                                NO_REGISTERS);
         break;
       case ObjectLiteral::Property::GETTER:
         if (property->emit_store()) {
           accessor_table.lookup(key)->second->getter = property;
         }
         break;
       case ObjectLiteral::Property::SETTER:
         if (property->emit_store()) {
           accessor_table.lookup(key)->second->setter = property;
         }
         break;
     }
   }
 
   // Emit code to define accessors, using only a single call to the runtime for
   // each pair of corresponding getters and setters.
   for (AccessorTable::Iterator it = accessor_table.begin();
        it != accessor_table.end();
        ++it) {
       __ Peek(x10, 0);  // Duplicate receiver.
-      __ Push(x10);
+      PushOperand(x10);
       VisitForStackValue(it->first);
       EmitAccessor(it->second->getter);
       EmitAccessor(it->second->setter);
       __ Mov(x10, Smi::FromInt(NONE));
-      __ Push(x10);
-      __ CallRuntime(Runtime::kDefineAccessorPropertyUnchecked);
+      PushOperand(x10);
+      CallRuntimeWithOperands(Runtime::kDefineAccessorPropertyUnchecked);
   }
 
   // Object literals have two parts. The "static" part on the left contains no
   // computed property names, and so we can compute its map ahead of time; see
   // runtime.cc::CreateObjectLiteralBoilerplate. The second "dynamic" part
   // starts with the first computed property name, and continues with all
   // properties to its right.  All the code from above initializes the static
   // component of the object literal, and arranges for the map of the result to
   // reflect the static order in which the keys appear. For the dynamic
   // properties, we compile them into a series of "SetOwnProperty" runtime
   // calls. This will preserve insertion order.
   for (; property_index < expr->properties()->length(); property_index++) {
     ObjectLiteral::Property* property = expr->properties()->at(property_index);
 
     Expression* value = property->value();
     if (!result_saved) {
-      __ Push(x0);  // Save result on stack
+      PushOperand(x0);  // Save result on stack
       result_saved = true;
     }
 
     __ Peek(x10, 0);  // Duplicate receiver.
-    __ Push(x10);
+    PushOperand(x10);
 
     if (property->kind() == ObjectLiteral::Property::PROTOTYPE) {
       DCHECK(!property->is_computed_name());
       VisitForStackValue(value);
       DCHECK(property->emit_store());
-      __ CallRuntime(Runtime::kInternalSetPrototype);
+      CallRuntimeWithOperands(Runtime::kInternalSetPrototype);
       PrepareForBailoutForId(expr->GetIdForPropertySet(property_index),
                              NO_REGISTERS);
     } else {
       EmitPropertyKey(property, expr->GetIdForPropertyName(property_index));
       VisitForStackValue(value);
       if (NeedsHomeObject(value)) {
         EmitSetHomeObject(value, 2, property->GetSlot());
       }
 
       switch (property->kind()) {
         case ObjectLiteral::Property::CONSTANT:
         case ObjectLiteral::Property::MATERIALIZED_LITERAL:
         case ObjectLiteral::Property::COMPUTED:
           if (property->emit_store()) {
-            __ Push(Smi::FromInt(NONE));
-            __ Push(Smi::FromInt(property->NeedsSetFunctionName()));
-            __ CallRuntime(Runtime::kDefineDataPropertyInLiteral);
+            PushOperand(Smi::FromInt(NONE));
+            PushOperand(Smi::FromInt(property->NeedsSetFunctionName()));
+            CallRuntimeWithOperands(Runtime::kDefineDataPropertyInLiteral);
           } else {
-            __ Drop(3);
+            DropOperands(3);
           }
           break;
 
         case ObjectLiteral::Property::PROTOTYPE:
           UNREACHABLE();
           break;
 
         case ObjectLiteral::Property::GETTER:
-          __ Push(Smi::FromInt(NONE));
-          __ CallRuntime(Runtime::kDefineGetterPropertyUnchecked);
+          PushOperand(Smi::FromInt(NONE));
+          CallRuntimeWithOperands(Runtime::kDefineGetterPropertyUnchecked);
           break;
 
         case ObjectLiteral::Property::SETTER:
-          __ Push(Smi::FromInt(NONE));
-          __ CallRuntime(Runtime::kDefineSetterPropertyUnchecked);
+          PushOperand(Smi::FromInt(NONE));
+          CallRuntimeWithOperands(Runtime::kDefineSetterPropertyUnchecked);
           break;
       }
     }
   }
 
   if (expr->has_function()) {
     DCHECK(result_saved);
     __ Peek(x0, 0);
     __ Push(x0);
     __ CallRuntime(Runtime::kToFastProperties);
@@ skipping 43 matching lines @@
   int array_index = 0;
   for (; array_index < length; array_index++) {
     Expression* subexpr = subexprs->at(array_index);
     DCHECK(!subexpr->IsSpread());
 
     // If the subexpression is a literal or a simple materialized literal it
     // is already set in the cloned array.
     if (CompileTimeValue::IsCompileTimeValue(subexpr)) continue;
 
     if (!result_saved) {
-      __ Push(x0);
+      PushOperand(x0);
       result_saved = true;
     }
     VisitForAccumulatorValue(subexpr);
 
     __ Mov(StoreDescriptor::NameRegister(), Smi::FromInt(array_index));
     __ Peek(StoreDescriptor::ReceiverRegister(), 0);
     EmitLoadStoreICSlot(expr->LiteralFeedbackSlot());
     Handle<Code> ic =
         CodeFactory::KeyedStoreIC(isolate(), language_mode()).code();
     CallIC(ic);
 
     PrepareForBailoutForId(expr->GetIdForElement(array_index), NO_REGISTERS);
   }
 
   // In case the array literal contains spread expressions it has two parts. The
   // first part is  the "static" array which has a literal index is  handled
   // above. The second part is the part after the first spread expression
   // (inclusive) and these elements gets appended to the array. Note that the
   // number elements an iterable produces is unknown ahead of time.
   if (array_index < length && result_saved) {
-    __ Pop(x0);
+    PopOperand(x0);
     result_saved = false;
   }
   for (; array_index < length; array_index++) {
     Expression* subexpr = subexprs->at(array_index);
 
-    __ Push(x0);
+    PushOperand(x0);
     DCHECK(!subexpr->IsSpread());
     VisitForStackValue(subexpr);
-    __ CallRuntime(Runtime::kAppendElement);
+    CallRuntimeWithOperands(Runtime::kAppendElement);
 
     PrepareForBailoutForId(expr->GetIdForElement(array_index), NO_REGISTERS);
   }
 
   if (result_saved) {
     context()->PlugTOS();
   } else {
     context()->Plug(x0);
   }
 }
@@ skipping 20 matching lines @@
         __ Peek(LoadDescriptor::ReceiverRegister(), 0);
       } else {
         VisitForStackValue(property->obj());
       }
       break;
     case NAMED_SUPER_PROPERTY:
       VisitForStackValue(
           property->obj()->AsSuperPropertyReference()->this_var());
       VisitForAccumulatorValue(
           property->obj()->AsSuperPropertyReference()->home_object());
-      __ Push(result_register());
+      PushOperand(result_register());
       if (expr->is_compound()) {
         const Register scratch = x10;
         __ Peek(scratch, kPointerSize);
-        __ Push(scratch, result_register());
+        PushOperands(scratch, result_register());
       }
       break;
     case KEYED_SUPER_PROPERTY:
       VisitForStackValue(
           property->obj()->AsSuperPropertyReference()->this_var());
       VisitForStackValue(
           property->obj()->AsSuperPropertyReference()->home_object());
       VisitForAccumulatorValue(property->key());
-      __ Push(result_register());
+      PushOperand(result_register());
       if (expr->is_compound()) {
         const Register scratch1 = x10;
         const Register scratch2 = x11;
         __ Peek(scratch1, 2 * kPointerSize);
         __ Peek(scratch2, kPointerSize);
-        __ Push(scratch1, scratch2, result_register());
+        PushOperands(scratch1, scratch2, result_register());
       }
       break;
     case KEYED_PROPERTY:
       if (expr->is_compound()) {
         VisitForStackValue(property->obj());
         VisitForStackValue(property->key());
         __ Peek(LoadDescriptor::ReceiverRegister(), 1 * kPointerSize);
         __ Peek(LoadDescriptor::NameRegister(), 0);
       } else {
         VisitForStackValue(property->obj());
@@ skipping 24 matching lines @@
           PrepareForBailoutForId(property->LoadId(), TOS_REG);
           break;
         case KEYED_PROPERTY:
           EmitKeyedPropertyLoad(property);
           PrepareForBailoutForId(property->LoadId(), TOS_REG);
           break;
       }
     }
 
     Token::Value op = expr->binary_op();
-    __ Push(x0);  // Left operand goes on the stack.
+    PushOperand(x0);  // Left operand goes on the stack.
     VisitForAccumulatorValue(expr->value());
 
     AccumulatorValueContext context(this);
     if (ShouldInlineSmiCase(op)) {
       EmitInlineSmiBinaryOp(expr->binary_operation(),
                             op,
                             expr->target(),
                             expr->value());
     } else {
       EmitBinaryOp(expr->binary_operation(), op);
@@ skipping 38 matching lines @@
   Literal* key = prop->key()->AsLiteral();
   DCHECK(!prop->IsSuperAccess());
 
   __ Mov(LoadDescriptor::NameRegister(), Operand(key->value()));
   __ Mov(LoadDescriptor::SlotRegister(),
          SmiFromSlot(prop->PropertyFeedbackSlot()));
   CallLoadIC(NOT_INSIDE_TYPEOF);
 }
 
 
-void FullCodeGenerator::EmitNamedSuperPropertyLoad(Property* prop) {
-  // Stack: receiver, home_object.
-  SetExpressionPosition(prop);
-  Literal* key = prop->key()->AsLiteral();
-  DCHECK(!key->value()->IsSmi());
-  DCHECK(prop->IsSuperAccess());
-
-  __ Push(key->value());
-  __ CallRuntime(Runtime::kLoadFromSuper);
-}
-
-
-void FullCodeGenerator::EmitKeyedPropertyLoad(Property* prop) {
-  SetExpressionPosition(prop);
-  // Call keyed load IC. It has arguments key and receiver in x0 and x1.
-  Handle<Code> ic = CodeFactory::KeyedLoadIC(isolate()).code();
-  __ Mov(LoadDescriptor::SlotRegister(),
-         SmiFromSlot(prop->PropertyFeedbackSlot()));
-  CallIC(ic);
-}
-
-
-void FullCodeGenerator::EmitKeyedSuperPropertyLoad(Property* prop) {
-  // Stack: receiver, home_object, key.
-  SetExpressionPosition(prop);
-  __ CallRuntime(Runtime::kLoadKeyedFromSuper);
-}
-
-
 void FullCodeGenerator::EmitInlineSmiBinaryOp(BinaryOperation* expr,
                                               Token::Value op,
                                               Expression* left_expr,
                                               Expression* right_expr) {
   Label done, both_smis, stub_call;
 
   // Get the arguments.
   Register left = x1;
   Register right = x0;
   Register result = x0;
-  __ Pop(left);
+  PopOperand(left);
 
   // Perform combined smi check on both operands.
   __ Orr(x10, left, right);
   JumpPatchSite patch_site(masm_);
   patch_site.EmitJumpIfSmi(x10, &both_smis);
 
   __ Bind(&stub_call);
 
   Handle<Code> code = CodeFactory::BinaryOpIC(isolate(), op).code();
   {
@@ skipping 69 matching lines @@
     default:
       UNREACHABLE();
   }
 
   __ Bind(&done);
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitBinaryOp(BinaryOperation* expr, Token::Value op) {
-  __ Pop(x1);
+  PopOperand(x1);
   Handle<Code> code = CodeFactory::BinaryOpIC(isolate(), op).code();
   JumpPatchSite patch_site(masm_);    // Unbound, signals no inlined smi code.
   {
     Assembler::BlockPoolsScope scope(masm_);
     CallIC(code, expr->BinaryOperationFeedbackId());
     patch_site.EmitPatchInfo();
   }
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitClassDefineProperties(ClassLiteral* lit) {
   for (int i = 0; i < lit->properties()->length(); i++) {
     ObjectLiteral::Property* property = lit->properties()->at(i);
     Expression* value = property->value();
 
     Register scratch = x1;
     if (property->is_static()) {
       __ Peek(scratch, kPointerSize);  // constructor
     } else {
       __ Peek(scratch, 0);  // prototype
     }
-    __ Push(scratch);
+    PushOperand(scratch);
     EmitPropertyKey(property, lit->GetIdForProperty(i));
 
     // The static prototype property is read only. We handle the non computed
     // property name case in the parser. Since this is the only case where we
     // need to check for an own read only property we special case this so we do
     // not need to do this for every property.
     if (property->is_static() && property->is_computed_name()) {
       __ CallRuntime(Runtime::kThrowIfStaticPrototype);
       __ Push(x0);
     }
 
     VisitForStackValue(value);
     if (NeedsHomeObject(value)) {
       EmitSetHomeObject(value, 2, property->GetSlot());
     }
 
     switch (property->kind()) {
       case ObjectLiteral::Property::CONSTANT:
       case ObjectLiteral::Property::MATERIALIZED_LITERAL:
       case ObjectLiteral::Property::PROTOTYPE:
         UNREACHABLE();
       case ObjectLiteral::Property::COMPUTED:
-        __ Push(Smi::FromInt(DONT_ENUM));
-        __ Push(Smi::FromInt(property->NeedsSetFunctionName()));
-        __ CallRuntime(Runtime::kDefineDataPropertyInLiteral);
+        PushOperand(Smi::FromInt(DONT_ENUM));
+        PushOperand(Smi::FromInt(property->NeedsSetFunctionName()));
+        CallRuntimeWithOperands(Runtime::kDefineDataPropertyInLiteral);
         break;
 
       case ObjectLiteral::Property::GETTER:
-        __ Push(Smi::FromInt(DONT_ENUM));
-        __ CallRuntime(Runtime::kDefineGetterPropertyUnchecked);
+        PushOperand(Smi::FromInt(DONT_ENUM));
+        CallRuntimeWithOperands(Runtime::kDefineGetterPropertyUnchecked);
         break;
 
       case ObjectLiteral::Property::SETTER:
-        __ Push(Smi::FromInt(DONT_ENUM));
-        __ CallRuntime(Runtime::kDefineSetterPropertyUnchecked);
+        PushOperand(Smi::FromInt(DONT_ENUM));
+        CallRuntimeWithOperands(Runtime::kDefineSetterPropertyUnchecked);
         break;
 
       default:
         UNREACHABLE();
     }
   }
 }
 
 
 void FullCodeGenerator::EmitAssignment(Expression* expr,
                                        FeedbackVectorSlot slot) {
   DCHECK(expr->IsValidReferenceExpressionOrThis());
 
   Property* prop = expr->AsProperty();
   LhsKind assign_type = Property::GetAssignType(prop);
 
   switch (assign_type) {
     case VARIABLE: {
       Variable* var = expr->AsVariableProxy()->var();
       EffectContext context(this);
       EmitVariableAssignment(var, Token::ASSIGN, slot);
       break;
     }
     case NAMED_PROPERTY: {
-      __ Push(x0);  // Preserve value.
+      PushOperand(x0);  // Preserve value.
       VisitForAccumulatorValue(prop->obj());
       // TODO(all): We could introduce a VisitForRegValue(reg, expr) to avoid
       // this copy.
       __ Mov(StoreDescriptor::ReceiverRegister(), x0);
-      __ Pop(StoreDescriptor::ValueRegister());  // Restore value.
+      PopOperand(StoreDescriptor::ValueRegister());  // Restore value.
       __ Mov(StoreDescriptor::NameRegister(),
              Operand(prop->key()->AsLiteral()->value()));
       EmitLoadStoreICSlot(slot);
       CallStoreIC();
       break;
     }
     case NAMED_SUPER_PROPERTY: {
-      __ Push(x0);
+      PushOperand(x0);
       VisitForStackValue(prop->obj()->AsSuperPropertyReference()->this_var());
       VisitForAccumulatorValue(
           prop->obj()->AsSuperPropertyReference()->home_object());
       // stack: value, this; x0: home_object
       Register scratch = x10;
       Register scratch2 = x11;
       __ mov(scratch, result_register());  // home_object
       __ Peek(x0, kPointerSize);           // value
       __ Peek(scratch2, 0);                // this
       __ Poke(scratch2, kPointerSize);     // this
       __ Poke(scratch, 0);                 // home_object
       // stack: this, home_object; x0: value
       EmitNamedSuperPropertyStore(prop);
       break;
     }
     case KEYED_SUPER_PROPERTY: {
-      __ Push(x0);
+      PushOperand(x0);
       VisitForStackValue(prop->obj()->AsSuperPropertyReference()->this_var());
       VisitForStackValue(
           prop->obj()->AsSuperPropertyReference()->home_object());
       VisitForAccumulatorValue(prop->key());
       Register scratch = x10;
       Register scratch2 = x11;
       __ Peek(scratch2, 2 * kPointerSize);  // value
       // stack: value, this, home_object; x0: key, x11: value
       __ Peek(scratch, kPointerSize);  // this
       __ Poke(scratch, 2 * kPointerSize);
       __ Peek(scratch, 0);  // home_object
       __ Poke(scratch, kPointerSize);
       __ Poke(x0, 0);
       __ Move(x0, scratch2);
       // stack: this, home_object, key; x0: value.
       EmitKeyedSuperPropertyStore(prop);
       break;
     }
     case KEYED_PROPERTY: {
-      __ Push(x0);  // Preserve value.
+      PushOperand(x0);  // Preserve value.
       VisitForStackValue(prop->obj());
       VisitForAccumulatorValue(prop->key());
       __ Mov(StoreDescriptor::NameRegister(), x0);
-      __ Pop(StoreDescriptor::ReceiverRegister(),
-             StoreDescriptor::ValueRegister());
+      PopOperands(StoreDescriptor::ReceiverRegister(),
+                  StoreDescriptor::ValueRegister());
       EmitLoadStoreICSlot(slot);
       Handle<Code> ic =
           CodeFactory::KeyedStoreIC(isolate(), language_mode()).code();
       CallIC(ic);
       break;
     }
   }
   context()->Plug(x0);
 }
 
@@ skipping 114 matching lines @@
 
 void FullCodeGenerator::EmitNamedPropertyAssignment(Assignment* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitNamedPropertyAssignment");
   // Assignment to a property, using a named store IC.
   Property* prop = expr->target()->AsProperty();
   DCHECK(prop != NULL);
   DCHECK(prop->key()->IsLiteral());
 
   __ Mov(StoreDescriptor::NameRegister(),
          Operand(prop->key()->AsLiteral()->value()));
-  __ Pop(StoreDescriptor::ReceiverRegister());
+  PopOperand(StoreDescriptor::ReceiverRegister());
   EmitLoadStoreICSlot(expr->AssignmentSlot());
   CallStoreIC();
 
   PrepareForBailoutForId(expr->AssignmentId(), TOS_REG);
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitNamedSuperPropertyStore(Property* prop) {
   // Assignment to named property of super.
   // x0 : value
   // stack : receiver ('this'), home_object
   DCHECK(prop != NULL);
   Literal* key = prop->key()->AsLiteral();
   DCHECK(key != NULL);
 
-  __ Push(key->value());
-  __ Push(x0);
-  __ CallRuntime((is_strict(language_mode()) ? Runtime::kStoreToSuper_Strict
-                                             : Runtime::kStoreToSuper_Sloppy));
+  PushOperand(key->value());
+  PushOperand(x0);
+  CallRuntimeWithOperands(is_strict(language_mode())
+                              ? Runtime::kStoreToSuper_Strict
+                              : Runtime::kStoreToSuper_Sloppy);
 }
 
 
 void FullCodeGenerator::EmitKeyedSuperPropertyStore(Property* prop) {
   // Assignment to named property of super.
   // x0 : value
   // stack : receiver ('this'), home_object, key
   DCHECK(prop != NULL);
 
-  __ Push(x0);
-  __ CallRuntime((is_strict(language_mode())
-                      ? Runtime::kStoreKeyedToSuper_Strict
-                      : Runtime::kStoreKeyedToSuper_Sloppy));
+  PushOperand(x0);
+  CallRuntimeWithOperands(is_strict(language_mode())
+                              ? Runtime::kStoreKeyedToSuper_Strict
+                              : Runtime::kStoreKeyedToSuper_Sloppy);
 }
 
 
 void FullCodeGenerator::EmitKeyedPropertyAssignment(Assignment* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitKeyedPropertyAssignment");
   // Assignment to a property, using a keyed store IC.
 
   // TODO(all): Could we pass this in registers rather than on the stack?
-  __ Pop(StoreDescriptor::NameRegister(), StoreDescriptor::ReceiverRegister());
+  PopOperands(StoreDescriptor::NameRegister(),
+              StoreDescriptor::ReceiverRegister());
   DCHECK(StoreDescriptor::ValueRegister().is(x0));
 
   Handle<Code> ic =
       CodeFactory::KeyedStoreIC(isolate(), language_mode()).code();
   EmitLoadStoreICSlot(expr->AssignmentSlot());
   CallIC(ic);
 
   PrepareForBailoutForId(expr->AssignmentId(), TOS_REG);
   context()->Plug(x0);
 }
@@ skipping 13 matching lines @@
       VisitForStackValue(expr->obj()->AsSuperPropertyReference()->this_var());
       VisitForStackValue(
           expr->obj()->AsSuperPropertyReference()->home_object());
       EmitNamedSuperPropertyLoad(expr);
     }
   } else {
     if (!expr->IsSuperAccess()) {
       VisitForStackValue(expr->obj());
       VisitForAccumulatorValue(expr->key());
       __ Move(LoadDescriptor::NameRegister(), x0);
-      __ Pop(LoadDescriptor::ReceiverRegister());
+      PopOperand(LoadDescriptor::ReceiverRegister());
       EmitKeyedPropertyLoad(expr);
     } else {
       VisitForStackValue(expr->obj()->AsSuperPropertyReference()->this_var());
       VisitForStackValue(
           expr->obj()->AsSuperPropertyReference()->home_object());
       VisitForStackValue(expr->key());
       EmitKeyedSuperPropertyLoad(expr);
     }
   }
   PrepareForBailoutForId(expr->LoadId(), TOS_REG);
@@ skipping 21 matching lines @@
     { StackValueContext context(this);
       EmitVariableLoad(callee->AsVariableProxy());
       PrepareForBailout(callee, NO_REGISTERS);
     }
     // Push undefined as receiver. This is patched in the method prologue if it
     // is a sloppy mode method.
     {
       UseScratchRegisterScope temps(masm_);
       Register temp = temps.AcquireX();
       __ LoadRoot(temp, Heap::kUndefinedValueRootIndex);
-      __ Push(temp);
+      PushOperand(temp);
     }
     convert_mode = ConvertReceiverMode::kNullOrUndefined;
   } else {
     // Load the function from the receiver.
     DCHECK(callee->IsProperty());
     DCHECK(!callee->AsProperty()->IsSuperAccess());
     __ Peek(LoadDescriptor::ReceiverRegister(), 0);
     EmitNamedPropertyLoad(callee->AsProperty());
     PrepareForBailoutForId(callee->AsProperty()->LoadId(), TOS_REG);
     // Push the target function under the receiver.
-    __ Pop(x10);
-    __ Push(x0, x10);
+    PopOperand(x10);
+    PushOperands(x0, x10);
     convert_mode = ConvertReceiverMode::kNotNullOrUndefined;
   }
 
   EmitCall(expr, convert_mode);
 }
 
 
 void FullCodeGenerator::EmitSuperCallWithLoadIC(Call* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitSuperCallWithLoadIC");
   Expression* callee = expr->expression();
   DCHECK(callee->IsProperty());
   Property* prop = callee->AsProperty();
   DCHECK(prop->IsSuperAccess());
   SetExpressionPosition(prop);
 
   Literal* key = prop->key()->AsLiteral();
   DCHECK(!key->value()->IsSmi());
 
   // Load the function from the receiver.
   const Register scratch = x10;
   SuperPropertyReference* super_ref =
       callee->AsProperty()->obj()->AsSuperPropertyReference();
   VisitForStackValue(super_ref->home_object());
   VisitForAccumulatorValue(super_ref->this_var());
-  __ Push(x0);
+  PushOperand(x0);
   __ Peek(scratch, kPointerSize);
-  __ Push(x0, scratch);
-  __ Push(key->value());
+  PushOperands(x0, scratch);
+  PushOperand(key->value());
 
   // Stack here:
   //  - home_object
   //  - this (receiver)
   //  - this (receiver) <-- LoadFromSuper will pop here and below.
   //  - home_object
-  __ CallRuntime(Runtime::kLoadFromSuper);
+  //  - key
+  CallRuntimeWithOperands(Runtime::kLoadFromSuper);
 
   // Replace home_object with target function.
   __ Poke(x0, kPointerSize);
 
   // Stack here:
   // - target function
   // - this (receiver)
   EmitCall(expr);
 }
 
 
 // Code common for calls using the IC.
 void FullCodeGenerator::EmitKeyedCallWithLoadIC(Call* expr,
                                                 Expression* key) {
   ASM_LOCATION("FullCodeGenerator::EmitKeyedCallWithLoadIC");
   // Load the key.
   VisitForAccumulatorValue(key);
 
   Expression* callee = expr->expression();
 
   // Load the function from the receiver.
   DCHECK(callee->IsProperty());
   __ Peek(LoadDescriptor::ReceiverRegister(), 0);
   __ Move(LoadDescriptor::NameRegister(), x0);
   EmitKeyedPropertyLoad(callee->AsProperty());
   PrepareForBailoutForId(callee->AsProperty()->LoadId(), TOS_REG);
 
   // Push the target function under the receiver.
-  __ Pop(x10);
-  __ Push(x0, x10);
+  PopOperand(x10);
+  PushOperands(x0, x10);
 
   EmitCall(expr, ConvertReceiverMode::kNotNullOrUndefined);
 }
 
 
 void FullCodeGenerator::EmitKeyedSuperCallWithLoadIC(Call* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitKeyedSuperCallWithLoadIC");
   Expression* callee = expr->expression();
   DCHECK(callee->IsProperty());
   Property* prop = callee->AsProperty();
   DCHECK(prop->IsSuperAccess());
   SetExpressionPosition(prop);
 
   // Load the function from the receiver.
   const Register scratch = x10;
   SuperPropertyReference* super_ref =
       callee->AsProperty()->obj()->AsSuperPropertyReference();
   VisitForStackValue(super_ref->home_object());
   VisitForAccumulatorValue(super_ref->this_var());
-  __ Push(x0);
+  PushOperand(x0);
   __ Peek(scratch, kPointerSize);
-  __ Push(x0, scratch);
+  PushOperands(x0, scratch);
   VisitForStackValue(prop->key());
 
   // Stack here:
   //  - home_object
   //  - this (receiver)
   //  - this (receiver) <-- LoadKeyedFromSuper will pop here and below.
   //  - home_object
   //  - key
-  __ CallRuntime(Runtime::kLoadKeyedFromSuper);
+  CallRuntimeWithOperands(Runtime::kLoadKeyedFromSuper);
 
   // Replace home_object with target function.
   __ Poke(x0, kPointerSize);
 
   // Stack here:
   // - target function
   // - this (receiver)
   EmitCall(expr);
 }
 
@@ skipping 18 matching lines @@
     EmitProfilingCounterHandlingForReturnSequence(true);
   }
   Handle<Code> ic =
       CodeFactory::CallIC(isolate(), arg_count, mode, expr->tail_call_mode())
           .code();
   __ Mov(x3, SmiFromSlot(expr->CallFeedbackICSlot()));
   __ Peek(x1, (arg_count + 1) * kXRegSize);
   // Don't assign a type feedback id to the IC, since type feedback is provided
   // by the vector above.
   CallIC(ic);
+  OperandStackDepthDecrement(arg_count + 1);
 
   RecordJSReturnSite(expr);
   // Restore context register.
   __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
   context()->DropAndPlug(1, x0);
 }
 
 
 void FullCodeGenerator::EmitResolvePossiblyDirectEval(int arg_count) {
   ASM_LOCATION("FullCodeGenerator::EmitResolvePossiblyDirectEval");
@@ skipping 28 matching lines @@
     SetExpressionPosition(callee);
       // Generate code for loading from variables potentially shadowed
       // by eval-introduced variables.
       EmitDynamicLookupFastCase(callee, NOT_INSIDE_TYPEOF, &slow, &done);
 
     __ Bind(&slow);
     // Call the runtime to find the function to call (returned in x0)
     // and the object holding it (returned in x1).
     __ Push(callee->name());
     __ CallRuntime(Runtime::kLoadLookupSlotForCall);
-    __ Push(x0, x1);  // Receiver, function.
+    PushOperands(x0, x1);  // Receiver, function.
     PrepareForBailoutForId(expr->LookupId(), NO_REGISTERS);
 
     // If fast case code has been generated, emit code to push the
     // function and receiver and have the slow path jump around this
     // code.
     if (done.is_linked()) {
       Label call;
       __ B(&call);
       __ Bind(&done);
       // Push function.
       // The receiver is implicitly the global receiver. Indicate this
       // by passing the undefined to the call function stub.
       __ LoadRoot(x1, Heap::kUndefinedValueRootIndex);
       __ Push(x0, x1);
       __ Bind(&call);
     }
   } else {
     VisitForStackValue(callee);
     // refEnv.WithBaseObject()
     __ LoadRoot(x10, Heap::kUndefinedValueRootIndex);
-    __ Push(x10);  // Reserved receiver slot.
+    PushOperand(x10);  // Reserved receiver slot.
   }
 }
 
 
 void FullCodeGenerator::EmitPossiblyEvalCall(Call* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitPossiblyEvalCall");
   // In a call to eval, we first call RuntimeHidden_ResolvePossiblyDirectEval
   // to resolve the function we need to call.  Then we call the resolved
   // function using the given arguments.
   ZoneList<Expression*>* args = expr->arguments();
@@ skipping 19 matching lines @@
 
   // Record source position for debugger.
   SetCallPosition(expr);
 
   // Call the evaluated function.
   __ Peek(x1, (arg_count + 1) * kXRegSize);
   __ Mov(x0, arg_count);
   __ Call(isolate()->builtins()->Call(ConvertReceiverMode::kAny,
                                       expr->tail_call_mode()),
           RelocInfo::CODE_TARGET);
+  OperandStackDepthDecrement(arg_count + 1);
   RecordJSReturnSite(expr);
   // Restore context register.
   __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
   context()->DropAndPlug(1, x0);
 }
 
 
 void FullCodeGenerator::VisitCallNew(CallNew* expr) {
   Comment cmnt(masm_, "[ CallNew");
   // According to ECMA-262, section 11.2.2, page 44, the function
@@ skipping 20 matching lines @@
   // Load function and argument count into x1 and x0.
   __ Mov(x0, arg_count);
   __ Peek(x1, arg_count * kXRegSize);
 
   // Record call targets in unoptimized code.
   __ EmitLoadTypeFeedbackVector(x2);
   __ Mov(x3, SmiFromSlot(expr->CallNewFeedbackSlot()));
 
   CallConstructStub stub(isolate());
   __ Call(stub.GetCode(), RelocInfo::CODE_TARGET);
+  OperandStackDepthDecrement(arg_count + 1);
   PrepareForBailoutForId(expr->ReturnId(), TOS_REG);
   // Restore context register.
   __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitSuperConstructorCall(Call* expr) {
   ASM_LOCATION("FullCodeGenerator::EmitSuperConstructorCall");
   SuperCallReference* super_call_ref =
       expr->expression()->AsSuperCallReference();
   DCHECK_NOT_NULL(super_call_ref);
 
   // Push the super constructor target on the stack (may be null,
   // but the Construct builtin can deal with that properly).
   VisitForAccumulatorValue(super_call_ref->this_function_var());
   __ AssertFunction(result_register());
   __ Ldr(result_register(),
          FieldMemOperand(result_register(), HeapObject::kMapOffset));
   __ Ldr(result_register(),
          FieldMemOperand(result_register(), Map::kPrototypeOffset));
-  __ Push(result_register());
+  PushOperand(result_register());
 
   // Push the arguments ("left-to-right") on the stack.
   ZoneList<Expression*>* args = expr->arguments();
   int arg_count = args->length();
   for (int i = 0; i < arg_count; i++) {
     VisitForStackValue(args->at(i));
   }
 
   // Call the construct call builtin that handles allocation and
   // constructor invocation.
   SetConstructCallPosition(expr);
 
   // Load new target into x3.
   VisitForAccumulatorValue(super_call_ref->new_target_var());
   __ Mov(x3, result_register());
 
   // Load function and argument count into x1 and x0.
   __ Mov(x0, arg_count);
   __ Peek(x1, arg_count * kXRegSize);
 
   __ Call(isolate()->builtins()->Construct(), RelocInfo::CODE_TARGET);
+  OperandStackDepthDecrement(arg_count + 1);
 
   RecordJSReturnSite(expr);
 
   // Restore context register.
   __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitIsSmi(CallRuntime* expr) {
@@ skipping 203 matching lines @@
   DCHECK_EQ(3, args->length());
 
   Register string = x0;
   Register index = x1;
   Register value = x2;
   Register scratch = x10;
 
   VisitForStackValue(args->at(0));        // index
   VisitForStackValue(args->at(1));        // value
   VisitForAccumulatorValue(args->at(2));  // string
-  __ Pop(value, index);
+  PopOperands(value, index);
 
   if (FLAG_debug_code) {
     __ AssertSmi(value, kNonSmiValue);
     __ AssertSmi(index, kNonSmiIndex);
     static const uint32_t one_byte_seq_type = kSeqStringTag | kOneByteStringTag;
     __ EmitSeqStringSetCharCheck(string, index, kIndexIsSmi, scratch,
                                  one_byte_seq_type);
   }
 
   __ Add(scratch, string, SeqOneByteString::kHeaderSize - kHeapObjectTag);
   __ SmiUntag(value);
   __ SmiUntag(index);
   __ Strb(value, MemOperand(scratch, index));
   context()->Plug(string);
 }
 
 
 void FullCodeGenerator::EmitTwoByteSeqStringSetChar(CallRuntime* expr) {
   ZoneList<Expression*>* args = expr->arguments();
   DCHECK_EQ(3, args->length());
 
   Register string = x0;
   Register index = x1;
   Register value = x2;
   Register scratch = x10;
 
   VisitForStackValue(args->at(0));        // index
   VisitForStackValue(args->at(1));        // value
   VisitForAccumulatorValue(args->at(2));  // string
-  __ Pop(value, index);
+  PopOperands(value, index);
 
   if (FLAG_debug_code) {
     __ AssertSmi(value, kNonSmiValue);
     __ AssertSmi(index, kNonSmiIndex);
     static const uint32_t two_byte_seq_type = kSeqStringTag | kTwoByteStringTag;
     __ EmitSeqStringSetCharCheck(string, index, kIndexIsSmi, scratch,
                                  two_byte_seq_type);
   }
 
   __ Add(scratch, string, SeqTwoByteString::kHeaderSize - kHeapObjectTag);
@@ skipping 47 matching lines @@
   ZoneList<Expression*>* args = expr->arguments();
   DCHECK(args->length() == 2);
 
   VisitForStackValue(args->at(0));
   VisitForAccumulatorValue(args->at(1));
 
   Register object = x1;
   Register index = x0;
   Register result = x3;
 
-  __ Pop(object);
+  PopOperand(object);
 
   Label need_conversion;
   Label index_out_of_range;
   Label done;
   StringCharCodeAtGenerator generator(object,
                                       index,
                                       result,
                                       &need_conversion,
                                       &need_conversion,
                                       &index_out_of_range,
@@ skipping 24 matching lines @@
   ZoneList<Expression*>* args = expr->arguments();
   DCHECK(args->length() == 2);
 
   VisitForStackValue(args->at(0));
   VisitForAccumulatorValue(args->at(1));
 
   Register object = x1;
   Register index = x0;
   Register result = x0;
 
-  __ Pop(object);
+  PopOperand(object);
 
   Label need_conversion;
   Label index_out_of_range;
   Label done;
   StringCharAtGenerator generator(object,
                                   index,
                                   x3,
                                   result,
                                   &need_conversion,
                                   &need_conversion,
@@ skipping 29 matching lines @@
   for (Expression* const arg : *args) {
     VisitForStackValue(arg);
   }
   PrepareForBailoutForId(expr->CallId(), NO_REGISTERS);
   // Move target to x1.
   int const argc = args->length() - 2;
   __ Peek(x1, (argc + 1) * kXRegSize);
   // Call the target.
   __ Mov(x0, argc);
   __ Call(isolate()->builtins()->Call(), RelocInfo::CODE_TARGET);
+  OperandStackDepthDecrement(argc + 1);
   // Restore context register.
   __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
   // Discard the function left on TOS.
   context()->DropAndPlug(1, x0);
 }
 
 
 void FullCodeGenerator::EmitHasCachedArrayIndex(CallRuntime* expr) {
   ZoneList<Expression*>* args = expr->arguments();
   VisitForAccumulatorValue(args->at(0));
@@ skipping 76 matching lines @@
   __ ObjectUntag(untagged_result, result);
   __ Str(map_reg, MemOperand(untagged_result, HeapObject::kMapOffset));
   __ Stp(empty_fixed_array, empty_fixed_array,
          MemOperand(untagged_result, JSObject::kPropertiesOffset));
   __ Stp(result_value, boolean_done,
          MemOperand(untagged_result, JSIteratorResult::kValueOffset));
   STATIC_ASSERT(JSIteratorResult::kSize == 5 * kPointerSize);
   __ B(&done);
 
   __ Bind(&runtime);
-  __ CallRuntime(Runtime::kCreateIterResultObject);
+  CallRuntimeWithOperands(Runtime::kCreateIterResultObject);
 
   __ Bind(&done);
   context()->Plug(x0);
 }
 
 
 void FullCodeGenerator::EmitLoadJSRuntimeFunction(CallRuntime* expr) {
   // Push undefined as the receiver.
   __ LoadRoot(x0, Heap::kUndefinedValueRootIndex);
-  __ Push(x0);
+  PushOperand(x0);
 
   __ LoadNativeContextSlot(expr->context_index(), x0);
 }
 
 
 void FullCodeGenerator::EmitCallJSRuntimeFunction(CallRuntime* expr) {
   ZoneList<Expression*>* args = expr->arguments();
   int arg_count = args->length();
 
   SetCallPosition(expr);
   __ Peek(x1, (arg_count + 1) * kPointerSize);
   __ Mov(x0, arg_count);
   __ Call(isolate()->builtins()->Call(ConvertReceiverMode::kNullOrUndefined),
           RelocInfo::CODE_TARGET);
+  OperandStackDepthDecrement(arg_count + 1);
 }
 
 
 void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
   ZoneList<Expression*>* args = expr->arguments();
   int arg_count = args->length();
 
   if (expr->is_jsruntime()) {
     Comment cmnt(masm_, "[ CallRunTime");
     EmitLoadJSRuntimeFunction(expr);
 
     // Push the target function under the receiver.
-    __ Pop(x10);
-    __ Push(x0, x10);
+    PopOperand(x10);
+    PushOperands(x0, x10);
 
     for (int i = 0; i < arg_count; i++) {
       VisitForStackValue(args->at(i));
     }
 
     PrepareForBailoutForId(expr->CallId(), NO_REGISTERS);
     EmitCallJSRuntimeFunction(expr);
 
     // Restore context register.
     __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
@@ skipping 13 matching lines @@
       default: {
         Comment cmnt(masm_, "[ CallRuntime for unhandled intrinsic");
         // Push the arguments ("left-to-right").
         for (int i = 0; i < arg_count; i++) {
           VisitForStackValue(args->at(i));
         }
 
         // Call the C runtime function.
         PrepareForBailoutForId(expr->CallId(), NO_REGISTERS);
         __ CallRuntime(expr->function(), arg_count);
+        OperandStackDepthDecrement(arg_count);
         context()->Plug(x0);
       }
     }
   }
 }
 
 
 void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
   switch (expr->op()) {
     case Token::DELETE: {
       Comment cmnt(masm_, "[ UnaryOperation (DELETE)");
       Property* property = expr->expression()->AsProperty();
       VariableProxy* proxy = expr->expression()->AsVariableProxy();
 
       if (property != NULL) {
         VisitForStackValue(property->obj());
         VisitForStackValue(property->key());
-        __ CallRuntime(is_strict(language_mode())
-                           ? Runtime::kDeleteProperty_Strict
-                           : Runtime::kDeleteProperty_Sloppy);
+        CallRuntimeWithOperands(is_strict(language_mode())
+                                    ? Runtime::kDeleteProperty_Strict
+                                    : Runtime::kDeleteProperty_Sloppy);
         context()->Plug(x0);
       } else if (proxy != NULL) {
         Variable* var = proxy->var();
         // Delete of an unqualified identifier is disallowed in strict mode but
         // "delete this" is allowed.
         bool is_this = var->HasThisName(isolate());
         DCHECK(is_sloppy(language_mode()) || is_this);
         if (var->IsUnallocatedOrGlobalSlot()) {
           __ LoadGlobalObject(x12);
           __ Mov(x11, Operand(var->name()));
@@ skipping 42 matching lines @@
         context()->Plug(test->true_label(), test->false_label());
       } else {
         DCHECK(context()->IsAccumulatorValue() || context()->IsStackValue());
         // TODO(jbramley): This could be much more efficient using (for
         // example) the CSEL instruction.
         Label materialize_true, materialize_false, done;
         VisitForControl(expr->expression(),
                         &materialize_false,
                         &materialize_true,
                         &materialize_true);
+        if (!context()->IsAccumulatorValue()) OperandStackDepthIncrement(1);
 
         __ Bind(&materialize_true);
         PrepareForBailoutForId(expr->MaterializeTrueId(), NO_REGISTERS);
         __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
         __ B(&done);
 
         __ Bind(&materialize_false);
         PrepareForBailoutForId(expr->MaterializeFalseId(), NO_REGISTERS);
         __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
         __ B(&done);
@@ skipping 32 matching lines @@
   LhsKind assign_type = Property::GetAssignType(prop);
 
   // Evaluate expression and get value.
   if (assign_type == VARIABLE) {
     DCHECK(expr->expression()->AsVariableProxy()->var() != NULL);
     AccumulatorValueContext context(this);
     EmitVariableLoad(expr->expression()->AsVariableProxy());
   } else {
     // Reserve space for result of postfix operation.
     if (expr->is_postfix() && !context()->IsEffect()) {
-      __ Push(xzr);
+      PushOperand(xzr);
     }
     switch (assign_type) {
       case NAMED_PROPERTY: {
         // Put the object both on the stack and in the register.
         VisitForStackValue(prop->obj());
         __ Peek(LoadDescriptor::ReceiverRegister(), 0);
         EmitNamedPropertyLoad(prop);
         break;
       }
 
       case NAMED_SUPER_PROPERTY: {
         VisitForStackValue(prop->obj()->AsSuperPropertyReference()->this_var());
         VisitForAccumulatorValue(
             prop->obj()->AsSuperPropertyReference()->home_object());
-        __ Push(result_register());
+        PushOperand(result_register());
         const Register scratch = x10;
         __ Peek(scratch, kPointerSize);
-        __ Push(scratch, result_register());
+        PushOperands(scratch, result_register());
         EmitNamedSuperPropertyLoad(prop);
         break;
       }
 
       case KEYED_SUPER_PROPERTY: {
         VisitForStackValue(prop->obj()->AsSuperPropertyReference()->this_var());
         VisitForStackValue(
             prop->obj()->AsSuperPropertyReference()->home_object());
         VisitForAccumulatorValue(prop->key());
-        __ Push(result_register());
+        PushOperand(result_register());
         const Register scratch1 = x10;
         const Register scratch2 = x11;
         __ Peek(scratch1, 2 * kPointerSize);
         __ Peek(scratch2, kPointerSize);
-        __ Push(scratch1, scratch2, result_register());
+        PushOperands(scratch1, scratch2, result_register());
         EmitKeyedSuperPropertyLoad(prop);
         break;
       }
 
       case KEYED_PROPERTY: {
         VisitForStackValue(prop->obj());
         VisitForStackValue(prop->key());
         __ Peek(LoadDescriptor::ReceiverRegister(), 1 * kPointerSize);
         __ Peek(LoadDescriptor::NameRegister(), 0);
         EmitKeyedPropertyLoad(prop);
@@ skipping 62 matching lines @@
   }
 
   // Save result for postfix expressions.
   if (expr->is_postfix()) {
     if (!context()->IsEffect()) {
       // Save the result on the stack. If we have a named or keyed property
       // we store the result under the receiver that is currently on top
       // of the stack.
       switch (assign_type) {
         case VARIABLE:
-          __ Push(x0);
+          PushOperand(x0);
           break;
         case NAMED_PROPERTY:
           __ Poke(x0, kXRegSize);
           break;
         case NAMED_SUPER_PROPERTY:
           __ Poke(x0, 2 * kXRegSize);
           break;
         case KEYED_PROPERTY:
           __ Poke(x0, 2 * kXRegSize);
           break;
@@ skipping 39 matching lines @@
       } else {
         EmitVariableAssignment(expr->expression()->AsVariableProxy()->var(),
                                Token::ASSIGN, expr->CountSlot());
         PrepareForBailoutForId(expr->AssignmentId(), TOS_REG);
         context()->Plug(x0);
       }
       break;
     case NAMED_PROPERTY: {
       __ Mov(StoreDescriptor::NameRegister(),
              Operand(prop->key()->AsLiteral()->value()));
-      __ Pop(StoreDescriptor::ReceiverRegister());
+      PopOperand(StoreDescriptor::ReceiverRegister());
       EmitLoadStoreICSlot(expr->CountSlot());
       CallStoreIC();
       PrepareForBailoutForId(expr->AssignmentId(), TOS_REG);
       if (expr->is_postfix()) {
         if (!context()->IsEffect()) {
           context()->PlugTOS();
         }
       } else {
         context()->Plug(x0);
       }
@@ skipping 15 matching lines @@
       if (expr->is_postfix()) {
         if (!context()->IsEffect()) {
           context()->PlugTOS();
         }
       } else {
         context()->Plug(x0);
       }
       break;
     }
     case KEYED_PROPERTY: {
-      __ Pop(StoreDescriptor::NameRegister());
-      __ Pop(StoreDescriptor::ReceiverRegister());
+      PopOperand(StoreDescriptor::NameRegister());
+      PopOperand(StoreDescriptor::ReceiverRegister());
       Handle<Code> ic =
           CodeFactory::KeyedStoreIC(isolate(), language_mode()).code();
       EmitLoadStoreICSlot(expr->CountSlot());
       CallIC(ic);
       PrepareForBailoutForId(expr->AssignmentId(), TOS_REG);
       if (expr->is_postfix()) {
         if (!context()->IsEffect()) {
           context()->PlugTOS();
         }
       } else {
@@ skipping 110 matching lines @@
   Label* if_false = NULL;
   Label* fall_through = NULL;
   context()->PrepareTest(&materialize_true, &materialize_false,
                          &if_true, &if_false, &fall_through);
 
   Token::Value op = expr->op();
   VisitForStackValue(expr->left());
   switch (op) {
     case Token::IN:
       VisitForStackValue(expr->right());
-      __ CallRuntime(Runtime::kHasProperty);
+      CallRuntimeWithOperands(Runtime::kHasProperty);
       PrepareForBailoutBeforeSplit(expr, false, NULL, NULL);
       __ CompareRoot(x0, Heap::kTrueValueRootIndex);
       Split(eq, if_true, if_false, fall_through);
       break;
 
     case Token::INSTANCEOF: {
       VisitForAccumulatorValue(expr->right());
-      __ Pop(x1);
+      PopOperand(x1);
       InstanceOfStub stub(isolate());
       __ CallStub(&stub);
       PrepareForBailoutBeforeSplit(expr, false, NULL, NULL);
       __ CompareRoot(x0, Heap::kTrueValueRootIndex);
       Split(eq, if_true, if_false, fall_through);
       break;
     }
 
     default: {
       VisitForAccumulatorValue(expr->right());
       Condition cond = CompareIC::ComputeCondition(op);
 
       // Pop the stack value.
-      __ Pop(x1);
+      PopOperand(x1);
 
       JumpPatchSite patch_site(masm_);
       if (ShouldInlineSmiCase(op)) {
         Label slow_case;
         patch_site.EmitJumpIfEitherNotSmi(x0, x1, &slow_case);
         __ Cmp(x1, x0);
         Split(cond, if_true, if_false, NULL);
         __ Bind(&slow_case);
       }
 
@@ skipping 94 matching lines @@
       __ Mov(x1, cp);
       __ RecordWriteField(x0, JSGeneratorObject::kContextOffset, x1, x2,
                           kLRHasBeenSaved, kDontSaveFPRegs);
       __ Add(x1, fp, StandardFrameConstants::kExpressionsOffset);
       __ Cmp(__ StackPointer(), x1);
       __ B(eq, &post_runtime);
       __ Push(x0);  // generator object
       __ CallRuntime(Runtime::kSuspendJSGeneratorObject, 1);
       __ Ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
       __ Bind(&post_runtime);
-      __ Pop(result_register());
+      PopOperand(result_register());
       EmitReturnSequence();
 
       __ Bind(&resume);
       context()->Plug(result_register());
       break;
     }
 
     case Yield::kFinal: {
       // Pop value from top-of-stack slot, box result into result register.
+      OperandStackDepthDecrement(1);
       EmitCreateIteratorResult(true);
       EmitUnwindAndReturn();
       break;
     }
 
     case Yield::kDelegating:
       UNREACHABLE();
   }
 }
 
 
 void FullCodeGenerator::EmitGeneratorResume(Expression *generator,
     Expression *value,
     JSGeneratorObject::ResumeMode resume_mode) {
   ASM_LOCATION("FullCodeGenerator::EmitGeneratorResume");
   Register generator_object = x1;
   Register the_hole = x2;
   Register operand_stack_size = w3;
   Register function = x4;
 
   // The value stays in x0, and is ultimately read by the resumed generator, as
   // if CallRuntime(Runtime::kSuspendJSGeneratorObject) returned it. Or it
   // is read to throw the value when the resumed generator is already closed. x1
   // will hold the generator object until the activation has been resumed.
   VisitForStackValue(generator);
   VisitForAccumulatorValue(value);
-  __ Pop(generator_object);
+  PopOperand(generator_object);
 
   // Store input value into generator object.
   __ Str(result_register(),
          FieldMemOperand(x1, JSGeneratorObject::kInputOffset));
   __ Mov(x2, result_register());
   __ RecordWriteField(x1, JSGeneratorObject::kInputOffset, x2, x3,
                       kLRHasBeenSaved, kDontSaveFPRegs);
 
   // Load suspended function and context.
   __ Ldr(cp, FieldMemOperand(generator_object,
@@ skipping 64 matching lines @@
   __ Push(Smi::FromInt(resume_mode));  // Consumed in continuation.
   __ Push(generator_object, result_register(), x10);
   __ CallRuntime(Runtime::kResumeJSGeneratorObject);
   // Not reached: the runtime call returns elsewhere.
   __ Unreachable();
 
   __ Bind(&done);
   context()->Plug(result_register());
 }
 
+void FullCodeGenerator::PushOperands(Register reg1, Register reg2) {
+  OperandStackDepthIncrement(2);
+  __ Push(reg1, reg2);
+}
+
+void FullCodeGenerator::PushOperands(Register reg1, Register reg2,
+                                     Register reg3) {
+  OperandStackDepthIncrement(3);
+  __ Push(reg1, reg2, reg3);
+}
+
+void FullCodeGenerator::PopOperands(Register reg1, Register reg2) {
+  OperandStackDepthDecrement(2);
+  __ Pop(reg1, reg2);
+}
+
+void FullCodeGenerator::EmitOperandStackDepthCheck() {
+  if (FLAG_debug_code) {
+    int expected_diff = StandardFrameConstants::kFixedFrameSizeFromFp +
+                        operand_stack_depth_ * kPointerSize;
+    __ Sub(x0, fp, jssp);
+    __ Cmp(x0, Operand(expected_diff));
+    __ Assert(eq, kUnexpectedStackDepth);
+  }
+}
 
 void FullCodeGenerator::EmitCreateIteratorResult(bool done) {
   Label allocate, done_allocate;
 
   // Allocate and populate an object with this form: { value: VAL, done: DONE }
 
   Register result = x0;
   __ Allocate(JSIteratorResult::kSize, result, x10, x11, &allocate, TAG_OBJECT);
   __ B(&done_allocate);
 
@@ skipping 67 matching lines @@
     __ LoadNativeContextSlot(Context::CLOSURE_INDEX, x10);
   } else if (closure_scope->is_eval_scope()) {
     // Contexts created by a call to eval have the same closure as the
     // context calling eval, not the anonymous closure containing the eval
     // code.  Fetch it from the context.
     __ Ldr(x10, ContextMemOperand(cp, Context::CLOSURE_INDEX));
   } else {
     DCHECK(closure_scope->is_function_scope());
     __ Ldr(x10, MemOperand(fp, JavaScriptFrameConstants::kFunctionOffset));
   }
-  __ Push(x10);
+  PushOperand(x10);
 }
 
 
 void FullCodeGenerator::EnterFinallyBlock() {
   ASM_LOCATION("FullCodeGenerator::EnterFinallyBlock");
   DCHECK(!result_register().is(x10));
   // Store pending message while executing finally block.
   ExternalReference pending_message_obj =
       ExternalReference::address_of_pending_message_obj(isolate());
   __ Mov(x10, pending_message_obj);
   __ Ldr(x10, MemOperand(x10));
-  __ Push(x10);
+  PushOperand(x10);
 
   ClearPendingMessage();
 }
 
 
 void FullCodeGenerator::ExitFinallyBlock() {
   ASM_LOCATION("FullCodeGenerator::ExitFinallyBlock");
   DCHECK(!result_register().is(x10));
 
   // Restore pending message from stack.
-  __ Pop(x10);
+  PopOperand(x10);
   ExternalReference pending_message_obj =
       ExternalReference::address_of_pending_message_obj(isolate());
   __ Mov(x13, pending_message_obj);
   __ Str(x10, MemOperand(x13));
 }
 
 
 void FullCodeGenerator::ClearPendingMessage() {
   DCHECK(!result_register().is(x10));
   ExternalReference pending_message_obj =
@@ skipping 122 matching lines @@
   }
 
   return INTERRUPT;
 }
 
 
 }  // namespace internal
 }  // namespace v8
 
 #endif  // V8_TARGET_ARCH_ARM64