Fix for issue 14790 - Crash when using dartium devtools

runtime/vm/stub_code_x64.cc

 // Copyright (c) 2013, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 #include "vm/globals.h"
 #if defined(TARGET_ARCH_X64)
 
 #include "vm/assembler.h"
 #include "vm/compiler.h"
 #include "vm/dart_entry.h"
@@ skipping 234 matching lines @@
   __ movq(CTX, R8);
 
   __ LeaveFrame();
   __ ret();
 }
 
 
 // Input parameters:
 //   R10: arguments descriptor array.
 void StubCode::GenerateCallStaticFunctionStub(Assembler* assembler) {
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   __ pushq(R10);  // Preserve arguments descriptor array.
   // Setup space on stack for return value.
   __ PushObject(Object::null_object(), PP);
   __ CallRuntime(kPatchStaticCallRuntimeEntry, 0);
   __ popq(RAX);  // Get Code object result.
   __ popq(R10);  // Restore arguments descriptor array.
   // Remove the stub frame as we are about to jump to the dart function.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   __ movq(RBX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RBX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   __ jmp(RBX);
 }
 
 
 // Called from a static call only when an invalid code has been entered
 // (invalid because its function was optimized or deoptimized).
 // R10: arguments descriptor array.
 void StubCode::GenerateFixCallersTargetStub(Assembler* assembler) {
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   __ pushq(R10);  // Preserve arguments descriptor array.
   // Setup space on stack for return value.
   __ PushObject(Object::null_object(), PP);
   __ CallRuntime(kFixCallersTargetRuntimeEntry, 0);
   __ popq(RAX);  // Get Code object.
   __ popq(R10);  // Restore arguments descriptor array.
   __ movq(RAX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RAX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ jmp(RAX);
   __ int3();
 }
 
 
 // Input parameters:
 //   R10: smi-tagged argument count, may be zero.
 //   RBP[kParamEndSlotFromFp + 1]: last argument.
 static void PushArgumentsArray(Assembler* assembler) {
   __ LoadObject(R12, Object::null_object(), PP);
@@ skipping 21 matching lines @@
 }
 
 
 // Input parameters:
 //   RBX: ic-data.
 //   R10: arguments descriptor array.
 // Note: The receiver object is the first argument to the function being
 //       called, the stub accesses the receiver from this location directly
 //       when trying to resolve the call.
 void StubCode::GenerateInstanceFunctionLookupStub(Assembler* assembler) {
-  __ EnterStubFrameWithPP();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   __ PushObject(Object::null_object(), PP);  // Space for the return value.
 
   // Push the receiver as an argument.  Load the smi-tagged argument
   // count into R13 to index the receiver in the stack.  There are
   // four words (null, stub's pc marker, saved pp, saved fp) above the return
   // address.
   __ movq(R13, FieldAddress(R10, ArgumentsDescriptor::count_offset()));
   __ pushq(Address(RSP, R13, TIMES_4, (4 * kWordSize)));
 
   __ pushq(RBX);  // Pass IC data object.
   __ pushq(R10);  // Pass arguments descriptor array.
 
   // Pass the call's arguments array.
   __ movq(R10, R13);  // Smi-tagged arguments array length.
   PushArgumentsArray(assembler);
 
   __ CallRuntime(kInstanceFunctionLookupRuntimeEntry, 4);
 
   // Remove arguments.
   __ Drop(4);
   __ popq(RAX);  // Get result into RAX.
-  __ LeaveFrameWithPP();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 DECLARE_LEAF_RUNTIME_ENTRY(intptr_t, DeoptimizeCopyFrame,
                            intptr_t deopt_reason,
                            uword saved_registers_address);
 
 DECLARE_LEAF_RUNTIME_ENTRY(void, DeoptimizeFillFrame, uword last_fp);
 
@@ skipping 52 matching lines @@
   __ movq(RDI, RSP);  // Pass address of saved registers block.
   __ ReserveAlignedFrameSpace(0);
   __ CallRuntime(kDeoptimizeCopyFrameRuntimeEntry, 1);
   // Result (RAX) is stack-size (FP - SP) in bytes.
 
   if (preserve_result) {
     // Restore result into RBX temporarily.
     __ movq(RBX, Address(RBP, saved_result_slot_from_fp * kWordSize));
   }
 
-  // There is a Dart Frame on the stack. We just need the PP.
-  __ movq(PP, Address(RBP, -2 * kWordSize));
-  __ LeaveFrame();
+  // There is a Dart Frame on the stack. We must restore PP and leave frame.
+  __ LeaveDartFrame();
 
   __ popq(RCX);   // Preserve return address.
   __ movq(RSP, RBP);  // Discard optimized frame.
   __ subq(RSP, RAX);  // Reserve space for deoptimized frame.
   __ pushq(RCX);  // Restore return address.
 
   // DeoptimizeFillFrame expects a Dart frame, i.e. EnterDartFrame(0), but there
   // is no need to set the correct PC marker or load PP, since they get patched.
   __ EnterFrame(0);
   __ pushq(Immediate(0));
   __ pushq(PP);
 
   if (preserve_result) {
     __ pushq(RBX);  // Preserve result as first local.
   }
   __ ReserveAlignedFrameSpace(0);
   __ movq(RDI, RBP);  // Pass last FP as parameter in RDI.
   __ CallRuntime(kDeoptimizeFillFrameRuntimeEntry, 1);
   if (preserve_result) {
     // Restore result into RBX.
     __ movq(RBX, Address(RBP, kFirstLocalSlotFromFp * kWordSize));
   }
   // Code above cannot cause GC.
-  // There is a Dart Frame on the stack. We just need the PP.
-  __ movq(PP, Address(RBP, -2 * kWordSize));
-  __ LeaveFrame();
+  // There is a Dart Frame on the stack. We must restore PP and leave frame.
+  __ LeaveDartFrame();
 
   // Frame is fully rewritten at this point and it is safe to perform a GC.
   // Materialize any objects that were deferred by FillFrame because they
   // require allocation.
   __ EnterStubFrame();
   if (preserve_result) {
     __ pushq(RBX);  // Preserve result, it will be GC-d here.
   }
   __ pushq(Immediate(Smi::RawValue(0)));  // Space for the result.
   __ CallRuntime(kDeoptimizeMaterializeRuntimeEntry, 0);
   // Result tells stub how many bytes to remove from the expression stack
   // of the bottom-most frame. They were used as materialization arguments.
   __ popq(RBX);
   __ SmiUntag(RBX);
   if (preserve_result) {
     __ popq(RAX);  // Restore result.
   }
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   __ popq(RCX);  // Pop return address.
   __ addq(RSP, RBX);  // Remove materialization arguments.
   __ pushq(RCX);  // Push return address.
   __ ret();
 }
 
 
 // TOS: return address + call-instruction-size (5 bytes).
 // RAX: result, must be preserved
 void StubCode::GenerateDeoptimizeLazyStub(Assembler* assembler) {
   // Correct return address to point just after the call that is being
   // deoptimized.
   __ popq(RBX);
   __ subq(RBX, Immediate(ShortCallPattern::InstructionLength()));
   __ pushq(RBX);
   GenerateDeoptimizationSequence(assembler, true);  // Preserve RAX.
 }
 
 
 void StubCode::GenerateDeoptimizeStub(Assembler* assembler) {
   GenerateDeoptimizationSequence(assembler, false);  // Don't preserve RAX.
 }
 
 
 void StubCode::GenerateMegamorphicMissStub(Assembler* assembler) {
-  __ EnterStubFrameWithPP();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   // Load the receiver into RAX.  The argument count in the arguments
   // descriptor in R10 is a smi.
   __ movq(RAX, FieldAddress(R10, ArgumentsDescriptor::count_offset()));
   // Three words (saved pp, saved fp, stub's pc marker)
   // in the stack above the return address.
   __ movq(RAX, Address(RSP, RAX, TIMES_4,
                        kSavedAboveReturnAddress * kWordSize));
   // Preserve IC data and arguments descriptor.
   __ pushq(RBX);
   __ pushq(R10);
 
   // Space for the result of the runtime call.
   __ PushObject(Object::null_object(), PP);
   __ pushq(RAX);  // Receiver.
   __ pushq(RBX);  // IC data.
   __ pushq(R10);  // Arguments descriptor.
   __ CallRuntime(kMegamorphicCacheMissHandlerRuntimeEntry, 3);
   // Discard arguments.
   __ popq(RAX);
   __ popq(RAX);
   __ popq(RAX);
   __ popq(RAX);  // Return value from the runtime call (instructions).
   __ popq(R10);  // Restore arguments descriptor.
   __ popq(RBX);  // Restore IC data.
-  __ LeaveFrameWithPP();
+  __ LeaveStubFrame();
 
   Label lookup;
   __ CompareObject(RAX, Object::null_object(), PP);
   __ j(EQUAL, &lookup, Assembler::kNearJump);
   __ addq(RAX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   __ jmp(RAX);
 
   __ Bind(&lookup);
   __ jmp(&StubCode::InstanceFunctionLookupLabel());
 }
@@ skipping 111 matching lines @@
     // RAX: new object.
     // R10: Array length as Smi (preserved for the caller.)
     __ ret();
   }
 
   // Unable to allocate the array using the fast inline code, just call
   // into the runtime.
   __ Bind(&slow_case);
   // Create a stub frame as we are pushing some objects on the stack before
   // calling into the runtime.
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.

[Ivan Posva, 2013/11/07 22:11:58]

Where PP is only used to access null we do not need to load it specifically and
can reuse the one from the caller.

Here and some other places.

[siva, 2013/11/07 23:08:19]

Done.

   // Setup space on stack for return value.
   __ PushObject(Object::null_object(), PP);
   __ pushq(R10);  // Array length as Smi.
   __ pushq(RBX);  // Element type.
   __ CallRuntime(kAllocateArrayRuntimeEntry, 2);
   __ popq(RAX);  // Pop element type argument.
   __ popq(R10);  // Pop array length argument.
   __ popq(RAX);  // Pop return value from return slot.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 // Input parameters:
 //   R10: Arguments descriptor array.
 // Note: The closure object is the first argument to the function being
 //       called, the stub accesses the closure from this location directly
 //       when trying to resolve the call.
 void StubCode::GenerateCallClosureFunctionStub(Assembler* assembler) {
@@ skipping 37 matching lines @@
 
   __ pushq(R10);  // Preserve arguments descriptor array.
   __ pushq(RBX);  // Preserve read-only function object argument.
   __ CallRuntime(kCompileFunctionRuntimeEntry, 1);
   __ popq(RBX);  // Restore read-only function object argument in RBX.
   __ popq(R10);  // Restore arguments descriptor array.
   // Restore RAX.
   __ movq(RAX, FieldAddress(RBX, Function::code_offset()));
 
   // Remove the stub frame as we are about to jump to the closure function.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   __ Bind(&function_compiled);
   // RAX: Code.
   // RBX: Function.
   // R10: Arguments descriptor array.
 
   __ movq(RBX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RBX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   __ jmp(RBX);
 
@@ skipping 15 matching lines @@
   __ movq(R10, FieldAddress(R10, ArgumentsDescriptor::count_offset()));
   PushArgumentsArray(assembler);
 
   __ CallRuntime(kInvokeNonClosureRuntimeEntry, 2);
 
   // Remove arguments.
   __ Drop(2);
   __ popq(RAX);  // Get result into RAX.
 
   // Remove the stub frame as we are about to return.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 // Called when invoking Dart code from C++ (VM code).
 // Input parameters:
 //   RSP : points to return address.
 //   RDI : entrypoint of the Dart function to call.
 //   RSI : arguments descriptor array.
 //   RDX : arguments array.
 //   RCX : new context containing the current isolate pointer.
 void StubCode::GenerateInvokeDartCodeStub(Assembler* assembler) {
   // Save frame pointer coming in.
-  __ EnterStubFrameWithPP();
+  __ EnterFrame(0);
 
   // At this point, the stack looks like:
-  // | saved RC15/PP                                  | <-- RSP / TOS
-  // | "saved PC area" = 0                            |
   // | saved RBP                                      | <-- RBP
   // | saved PC (return to DartEntry::InvokeFunction) |
 
-  // The old frame pointer, the return address, the old R15 (for PP).
-  const intptr_t kInitialOffset = 3;
+  const intptr_t kInitialOffset = 1;
   // Save arguments descriptor array and new context.
   const intptr_t kArgumentsDescOffset = -(kInitialOffset) * kWordSize;
   __ pushq(RSI);
   const intptr_t kNewContextOffset = -(kInitialOffset + 1) * kWordSize;
   __ pushq(RCX);
 
   // Save C++ ABI callee-saved registers.
   __ pushq(RBX);
   __ pushq(R12);
   __ pushq(R13);
   __ pushq(R14);
-  // R15 is already saved above by EnterStubFrameWithPP.
+  __ pushq(R15);
+
+  // We now load the pool pointer(PP) as we are about to invoke dart code and we
+  // could potentially invoke some intrinsic functions which need the PP to be
+  // set up.
+  __ LoadPoolPointer(PP);
 
   // If any additional (or fewer) values are pushed, the offsets in
   // kExitLinkSlotFromEntryFp and kSavedContextSlotFromEntryFp will need to be
   // changed.
 
   // The new Context structure contains a pointer to the current Isolate
   // structure. Cache the Context pointer in the CTX register so that it is
   // available in generated code and calls to Isolate::Current() need not be
   // done. The assumption is that this register will never be clobbered by
   // compiled or runtime stub code.
 
   // Cache the new Context pointer into CTX while executing Dart code.
   __ movq(CTX, Address(RCX, VMHandles::kOffsetOfRawPtrInHandle));
 
   // Load Isolate pointer from Context structure into R8.
   __ movq(R8, FieldAddress(CTX, Context::isolate_offset()));
 
   // Save the top exit frame info. Use RAX as a temporary register.
   // StackFrameIterator reads the top exit frame info saved in this frame.
   // The constant kExitLinkSlotFromEntryFp must be kept in sync with the
   // code below.
-  ASSERT(kExitLinkSlotFromEntryFp == -9);
+  ASSERT(kExitLinkSlotFromEntryFp == -8);
   __ movq(RAX, Address(R8, Isolate::top_exit_frame_info_offset()));
   __ pushq(RAX);
   __ movq(Address(R8, Isolate::top_exit_frame_info_offset()), Immediate(0));
 
   // Save the old Context pointer. Use RAX as a temporary register.
   // Note that VisitObjectPointers will find this saved Context pointer during
   // GC marking, since it traverses any information between SP and
   // FP - kExitLinkSlotFromEntryFp * kWordSize.
   // EntryFrame::SavedContext reads the context saved in this frame.
   // The constant kSavedContextSlotFromEntryFp must be kept in sync with
   // the code below.
-  ASSERT(kSavedContextSlotFromEntryFp == -10);
+  ASSERT(kSavedContextSlotFromEntryFp == -9);
   __ movq(RAX, Address(R8, Isolate::top_context_offset()));
   __ pushq(RAX);
 
   // Load arguments descriptor array into R10, which is passed to Dart code.
   __ movq(R10, Address(RSI, VMHandles::kOffsetOfRawPtrInHandle));
 
   // Load number of arguments into RBX.
   __ movq(RBX, FieldAddress(R10, ArgumentsDescriptor::count_offset()));
   __ SmiUntag(RBX);
 
@@ skipping 37 matching lines @@
   // Uses RCX as a temporary register for this.
   __ popq(RCX);
   __ movq(Address(CTX, Isolate::top_context_offset()), RCX);
 
   // Restore the saved top exit frame info back into the Isolate structure.
   // Uses RDX as a temporary register for this.
   __ popq(RDX);
   __ movq(Address(CTX, Isolate::top_exit_frame_info_offset()), RDX);
 
   // Restore C++ ABI callee-saved registers.
-  // R15 will be restored below by LeaveFrameWithPP.
+  __ popq(R15);
   __ popq(R14);
   __ popq(R13);
   __ popq(R12);
   __ popq(RBX);
 
   // Restore the frame pointer.
-  __ LeaveFrameWithPP();
+  __ LeaveFrame();
 
   __ ret();
 }
 
 
 // Called for inline allocation of contexts.
 // Input:
 // R10: number of context variables.
 // Output:
 // RAX: new allocated RawContext object.
@@ skipping 103 matching lines @@
   // Create a stub frame.
   __ EnterStubFrame();
   __ pushq(R12);  // Setup space on stack for the return value.
   __ SmiTag(R10);
   __ pushq(R10);  // Push number of context variables.
   __ CallRuntime(kAllocateContextRuntimeEntry, 1);  // Allocate context.
   __ popq(RAX);  // Pop number of context variables argument.
   __ popq(RAX);  // Pop the new context object.
   // RAX: new object
   // Restore the frame pointer.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 DECLARE_LEAF_RUNTIME_ENTRY(void, StoreBufferBlockProcess, Isolate* isolate);
 
 // Helper stub to implement Assembler::StoreIntoObject.
 // Input parameters:
 //   RAX: Address being stored
 void StubCode::GenerateUpdateStoreBufferStub(Assembler* assembler) {
@@ skipping 196 matching lines @@
     __ addq(RAX, Immediate(kHeapObjectTag));
     __ ret();
 
     __ Bind(&slow_case);
   }
   if (is_cls_parameterized) {
     __ movq(RAX, Address(RSP, kObjectTypeArgumentsOffset));
     __ movq(RDX, Address(RSP, kInstantiatorTypeArgumentsOffset));
   }
   // Create a stub frame.
-  __ EnterStubFrameWithPP();
+  __ EnterStubFrame(true);  // Uses PP to access class object.
   __ pushq(R12);  // Setup space on stack for return value.
   __ PushObject(cls, PP);  // Push class of object to be allocated.
   if (is_cls_parameterized) {
     __ pushq(RAX);  // Push type arguments of object to be allocated.
     __ pushq(RDX);  // Push type arguments of instantiator.
   } else {
     __ pushq(R12);  // Push null type arguments.
     __ pushq(Immediate(Smi::RawValue(StubCode::kNoInstantiator)));
   }
   __ CallRuntime(kAllocateObjectRuntimeEntry, 3);  // Allocate object.
   __ popq(RAX);  // Pop argument (instantiator).
   __ popq(RAX);  // Pop argument (type arguments of object).
   __ popq(RAX);  // Pop argument (class of object).
   __ popq(RAX);  // Pop result (newly allocated object).
   // RAX: new object
   // Restore the frame pointer.
-  __ LeaveFrameWithPP();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 // Called for inline allocation of closures.
 // Input parameters:
 //   RSP + 16 : receiver (null if not an implicit instance closure).
 //   RSP + 8 : type arguments object (null if class is not parameterized).
 //   RSP : points to return address.
 void StubCode::GenerateAllocationStubForClosure(Assembler* assembler,
                                                 const Function& func) {
   ASSERT(func.IsClosureFunction());
   ASSERT(!func.IsImplicitStaticClosureFunction());
   const bool is_implicit_instance_closure =
       func.IsImplicitInstanceClosureFunction();
   const Class& cls = Class::ZoneHandle(func.signature_class());
   const bool has_type_arguments = cls.NumTypeArguments() > 0;
 
-  __ EnterStubFrameWithPP();  // Uses pool pointer to refer to function.
+  __ EnterStubFrame(true);  // Uses pool pointer to refer to function.
   __ LoadObject(R12, Object::null_object(), PP);
   const intptr_t kTypeArgumentsOffset = 4 * kWordSize;
   const intptr_t kReceiverOffset = 5 * kWordSize;
   const intptr_t closure_size = Closure::InstanceSize();
   const intptr_t context_size = Context::InstanceSize(1);  // Captured receiver.
   if (FLAG_inline_alloc &&
       Heap::IsAllocatableInNewSpace(closure_size + context_size)) {
     Label slow_case;
     Heap* heap = Isolate::Current()->heap();
     __ movq(RAX, Immediate(heap->TopAddress()));
@@ skipping 68 matching lines @@
       __ movq(Address(RAX, Closure::context_offset()), CTX);
     }
 
     // Set the type arguments field in the newly allocated closure.
     __ movq(R10, Address(RSP, kTypeArgumentsOffset));
     __ movq(Address(RAX, Closure::type_arguments_offset()), R10);
 
     // Done allocating and initializing the instance.
     // RAX: new object.
     __ addq(RAX, Immediate(kHeapObjectTag));
-    __ LeaveFrameWithPP();
+    __ LeaveStubFrame();
     __ ret();
 
     __ Bind(&slow_case);
   }
   if (has_type_arguments) {
     __ movq(RCX, Address(RSP, kTypeArgumentsOffset));
   }
   if (is_implicit_instance_closure) {
     __ movq(RAX, Address(RSP, kReceiverOffset));
   }
@@ skipping 14 matching lines @@
     __ popq(RAX);  // Pop receiver.
   } else {
     ASSERT(func.IsNonImplicitClosureFunction());
     __ CallRuntime(kAllocateClosureRuntimeEntry, 2);
     __ popq(RAX);  // Pop type arguments.
   }
   __ popq(RAX);  // Pop the function object.
   __ popq(RAX);  // Pop the result.
   // RAX: New closure object.
   // Restore the calling frame.
-  __ LeaveFrameWithPP();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 // Called for invoking "dynamic noSuchMethod(Invocation invocation)" function
 // from the entry code of a dart function after an error in passed argument
 // name or number is detected.
 // Input parameters:
 //   RSP : points to return address.
 //   RSP + 8 : address of last argument.
 //   RBX : ic-data.
 //   R10 : arguments descriptor array.
 void StubCode::GenerateCallNoSuchMethodFunctionStub(Assembler* assembler) {
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
 
   // Load the receiver.
   __ movq(R13, FieldAddress(R10, ArgumentsDescriptor::count_offset()));
   __ movq(RAX, Address(RBP, R13, TIMES_4, kParamEndSlotFromFp * kWordSize));
 
   __ LoadObject(R12, Object::null_object(), PP);
   __ pushq(R12);  // Setup space on stack for result from noSuchMethod.
   __ pushq(RAX);  // Receiver.
   __ pushq(RBX);  // IC data array.
   __ pushq(R10);  // Arguments descriptor array.
 
   __ movq(R10, R13);  // Smi-tagged arguments array length.
   PushArgumentsArray(assembler);
 
   __ CallRuntime(kInvokeNoSuchMethodFunctionRuntimeEntry, 4);
 
   // Remove arguments.
   __ Drop(4);
   __ popq(RAX);  // Get result into RAX.
 
   // Remove the stub frame as we are about to return.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 // Cannot use function object from ICData as it may be the inlined
 // function and not the top-scope function.
 void StubCode::GenerateOptimizedUsageCounterIncrement(Assembler* assembler) {
   Register ic_reg = RBX;
   Register func_reg = RDI;
   if (FLAG_trace_optimized_ic_calls) {
     __ EnterStubFrame();
     __ pushq(func_reg);     // Preserve
     __ pushq(ic_reg);       // Preserve.
     __ pushq(ic_reg);       // Argument.
     __ pushq(func_reg);     // Argument.
     __ CallRuntime(kTraceICCallRuntimeEntry, 2);
     __ popq(RAX);          // Discard argument;
     __ popq(RAX);          // Discard argument;
     __ popq(ic_reg);       // Restore.
     __ popq(func_reg);     // Restore.
-    __ LeaveFrame();
+    __ LeaveStubFrame();
   }
   __ incq(FieldAddress(func_reg, Function::usage_counter_offset()));
 }
 
 
 // Loads function into 'temp_reg', preserves 'ic_reg'.
 void StubCode::GenerateUsageCounterIncrement(Assembler* assembler,
                                              Register temp_reg) {
   Register ic_reg = RBX;
   Register func_reg = temp_reg;
@@ skipping 33 matching lines @@
   // Check single stepping.
   Label not_stepping;
   __ movq(RAX, FieldAddress(CTX, Context::isolate_offset()));
   __ movzxb(RAX, Address(RAX, Isolate::single_step_offset()));
   __ cmpq(RAX, Immediate(0));
   __ j(EQUAL, &not_stepping, Assembler::kNearJump);
   __ EnterStubFrame();
   __ pushq(RBX);
   __ CallRuntime(kSingleStepHandlerRuntimeEntry, 0);
   __ popq(RBX);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ Bind(&not_stepping);
 
   // Load arguments descriptor into R10.
   __ movq(R10, FieldAddress(RBX, ICData::arguments_descriptor_offset()));
   // Loop that checks if there is an IC data match.
   Label loop, update, test, found, get_class_id_as_smi;
   // RBX: IC data object (preserved).
   __ movq(R12, FieldAddress(RBX, ICData::ic_data_offset()));
   // R12: ic_data_array with check entries: classes and target functions.
   __ leaq(R12, FieldAddress(R12, Array::data_offset()));
@@ skipping 60 matching lines @@
   }
   __ pushq(RBX);  // Pass IC data object.
   __ CallRuntime(handle_ic_miss, num_args + 1);
   // Remove the call arguments pushed earlier, including the IC data object.
   for (intptr_t i = 0; i < num_args + 1; i++) {
     __ popq(RAX);
   }
   __ popq(RAX);  // Pop returned code object into RAX (null if not found).
   __ popq(RBX);  // Restore IC data array.
   __ popq(R10);  // Restore arguments descriptor array.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   Label call_target_function;
   __ cmpq(RAX, R12);
   __ j(NOT_EQUAL, &call_target_function, Assembler::kNearJump);
   // NoSuchMethod or closure.
   // Mark IC call that it may be a closure call that does not collect
   // type feedback.
   __ movb(FieldAddress(RBX, ICData::is_closure_call_offset()), Immediate(1));
   __ jmp(&StubCode::InstanceFunctionLookupLabel());
 
   __ Bind(&found);
@@ skipping 15 matching lines @@
     __ CompareObject(RCX, Object::null_object(), PP);
     __ j(NOT_EQUAL, &is_compiled, Assembler::kNearJump);
     __ EnterStubFrame();
     __ pushq(R10);  // Preserve arguments descriptor array.
     __ pushq(RBX);  // Preserve IC data object.
     __ pushq(RAX);  // Pass function.
     __ CallRuntime(kCompileFunctionRuntimeEntry, 1);
     __ popq(RAX);  // Restore function.
     __ popq(RBX);  // Restore IC data array.
     __ popq(R10);  // Restore arguments descriptor array.
-    __ LeaveFrame();
+    __ LeaveStubFrame();
     __ movq(RCX, FieldAddress(RAX, Function::code_offset()));
     __ Bind(&is_compiled);
   }
   __ movq(RAX, FieldAddress(RCX, Code::instructions_offset()));
   __ addq(RAX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   __ jmp(RAX);
 
   __ Bind(&get_class_id_as_smi);
   Label not_smi;
   // Test if Smi -> load Smi class for comparison.
@@ skipping 109 matching lines @@
   // Check single stepping.
   Label not_stepping;
   __ movq(RAX, FieldAddress(CTX, Context::isolate_offset()));
   __ movzxb(RAX, Address(RAX, Isolate::single_step_offset()));
   __ cmpq(RAX, Immediate(0));
   __ j(EQUAL, &not_stepping, Assembler::kNearJump);
   __ EnterStubFrame();
   __ pushq(RBX);  // Preserve IC data object.
   __ CallRuntime(kSingleStepHandlerRuntimeEntry, 0);
   __ popq(RBX);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ Bind(&not_stepping);
 
   // RBX: IC data object (preserved).
   __ movq(R12, FieldAddress(RBX, ICData::ic_data_offset()));
   // R12: ic_data_array with entries: target functions and count.
   __ leaq(R12, FieldAddress(R12, Array::data_offset()));
   // R12: points directly to the first ic data array element.
   const intptr_t target_offset = ICData::TargetIndexFor(0) * kWordSize;
   const intptr_t count_offset = ICData::CountIndexFor(0) * kWordSize;
 
@@ skipping 14 matching lines @@
   __ j(NOT_EQUAL, &target_is_compiled, Assembler::kNearJump);
 
   __ EnterStubFrame();
   __ pushq(R13);  // Preserve target function.
   __ pushq(RBX);  // Preserve IC data object.
   __ pushq(R13);  // Pass function.
   __ CallRuntime(kCompileFunctionRuntimeEntry, 1);
   __ popq(RAX);  // Discard argument.
   __ popq(RBX);  // Restore IC data object.
   __ popq(R13);  // Restore target function.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ movq(RAX, FieldAddress(R13, Function::code_offset()));
 
   __ Bind(&target_is_compiled);
   // RAX: Target code.
   __ movq(RAX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RAX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   // Load arguments descriptor into R10.
   __ movq(R10, FieldAddress(RBX, ICData::arguments_descriptor_offset()));
   __ jmp(RAX);
 }
@@ skipping 12 matching lines @@
 // RAX: Function.
 void StubCode::GenerateCompileFunctionRuntimeCallStub(Assembler* assembler) {
   __ EnterStubFrame();
   __ pushq(RDX);  // Preserve arguments descriptor array.
   __ pushq(RCX);  // Preserve IC data object.
   __ pushq(RAX);  // Pass function.
   __ CallRuntime(kCompileFunctionRuntimeEntry, 1);
   __ popq(RAX);  // Restore function.
   __ popq(RCX);  // Restore IC data array.
   __ popq(RDX);  // Restore arguments descriptor array.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ ret();
 }
 
 
 //  RBX, R10: May contain arguments to runtime stub.
 //  TOS(0): return address (Dart code).
 void StubCode::GenerateBreakpointRuntimeStub(Assembler* assembler) {
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   // Preserve runtime args.
   __ pushq(RBX);
   __ pushq(R10);
   // Room for result. Debugger stub returns address of the
   // unpatched runtime stub.
   __ LoadObject(R12, Object::null_object(), PP);
   __ pushq(R12);  // Room for result.
   __ CallRuntime(kBreakpointRuntimeHandlerRuntimeEntry, 0);
   __ popq(RAX);  // Address of original.
   __ popq(R10);  // Restore arguments.
   __ popq(RBX);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ jmp(RAX);   // Jump to original stub.
 }
 
 
 //  RBX: ICData (unoptimized static call)
 //  TOS(0): return address (Dart code).
 void StubCode::GenerateBreakpointStaticStub(Assembler* assembler) {
-  __ EnterStubFrame();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   __ LoadObject(R12, Object::null_object(), PP);
   __ pushq(RBX);  // Preserve IC data for unoptimized call.
   __ pushq(R12);  // Room for result.
   __ CallRuntime(kBreakpointStaticHandlerRuntimeEntry, 0);
   __ popq(RAX);  // Code object.
   __ popq(RBX);  // Restore IC data.
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   // Load arguments descriptor into R10.
   __ movq(R10, FieldAddress(RBX, ICData::arguments_descriptor_offset()));
   // Now call the static function. The breakpoint handler function
   // ensures that the call target is compiled.
   __ movq(RBX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RBX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
   __ jmp(RBX);
 }
 
 
 //  TOS(0): return address (Dart code).
 void StubCode::GenerateBreakpointReturnStub(Assembler* assembler) {
   __ EnterStubFrame();
   __ pushq(RAX);
   __ CallRuntime(kBreakpointReturnHandlerRuntimeEntry, 0);
   __ popq(RAX);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   __ popq(R11);  // discard return address of call to this stub.
-  __ LeaveFrameWithPP();
+  __ LeaveDartFrame();
   __ ret();
 }
 
 
 //  RBX: Inline cache data array.
 //  TOS(0): return address (Dart code).
 void StubCode::GenerateBreakpointDynamicStub(Assembler* assembler) {
   __ EnterStubFrame();
   __ pushq(RBX);
   __ CallRuntime(kBreakpointDynamicHandlerRuntimeEntry, 0);
   __ popq(RBX);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
 
   // Find out which dispatch stub to call.
   Label test_two, test_three, test_four;
   __ movq(RCX, FieldAddress(RBX, ICData::num_args_tested_offset()));
   __ cmpq(RCX, Immediate(1));
   __ j(NOT_EQUAL, &test_two, Assembler::kNearJump);
   __ jmp(&StubCode::OneArgCheckInlineCacheLabel());
   __ Bind(&test_two);
   __ cmpl(RCX, Immediate(2));
   __ j(NOT_EQUAL, &test_three, Assembler::kNearJump);
@@ skipping 141 matching lines @@
   __ movq(kExceptionObjectReg, RCX);  // exception object.
   __ movq(RSP, RSI);   // target stack_pointer.
   __ jmp(RDI);  // Jump to the exception handler code.
 }
 
 
 // Calls to the runtime to optimize the given function.
 // RDI: function to be reoptimized.
 // R10: argument descriptor (preserved).
 void StubCode::GenerateOptimizeFunctionStub(Assembler* assembler) {
-  __ EnterStubFrameWithPP();
+  __ EnterStubFrame(true);  // Uses PP to access null object.
   __ LoadObject(R12, Object::null_object(), PP);
   __ pushq(R10);
   __ pushq(R12);  // Setup space on stack for return value.
   __ pushq(RDI);
   __ CallRuntime(kOptimizeInvokedFunctionRuntimeEntry, 1);
   __ popq(RAX);  // Disard argument.
   __ popq(RAX);  // Get Code object.
   __ popq(R10);  // Restore argument descriptor.
   __ movq(RAX, FieldAddress(RAX, Code::instructions_offset()));
   __ addq(RAX, Immediate(Instructions::HeaderSize() - kHeapObjectTag));
-  __ LeaveFrameWithPP();
+  __ LeaveStubFrame();
   __ jmp(RAX);
   __ int3();
 }
 
 
 DECLARE_LEAF_RUNTIME_ENTRY(intptr_t,
                            BigintCompare,
                            RawBigint* left,
                            RawBigint* right);
 
@@ skipping 65 matching lines @@
 void StubCode::GenerateUnoptimizedIdenticalWithNumberCheckStub(
     Assembler* assembler) {
   // Check single stepping.
   Label not_stepping;
   __ movq(RAX, FieldAddress(CTX, Context::isolate_offset()));
   __ movzxb(RAX, Address(RAX, Isolate::single_step_offset()));
   __ cmpq(RAX, Immediate(0));
   __ j(EQUAL, &not_stepping, Assembler::kNearJump);
   __ EnterStubFrame();
   __ CallRuntime(kSingleStepHandlerRuntimeEntry, 0);
-  __ LeaveFrame();
+  __ LeaveStubFrame();
   __ Bind(&not_stepping);
 
   const Register left = RAX;
   const Register right = RDX;
 
   __ movq(left, Address(RSP, 2 * kWordSize));
   __ movq(right, Address(RSP, 1 * kWordSize));
   GenerateIdenticalWithNumberCheckStub(assembler, left, right);
   __ ret();
 }
@@ skipping 16 matching lines @@
   __ movq(right, Address(RSP, 3 * kWordSize));
   GenerateIdenticalWithNumberCheckStub(assembler, left, right);
   __ popq(right);
   __ popq(left);
   __ ret();
 }
 
 }  // namespace dart
 
 #endif  // defined TARGET_ARCH_X64