If we allocate a callee-save register that the parent function had
not also allocated, change its value, and then call a function
that then unwinds, the unwinder would pass the new (incorrect)
value of the callee save register to the next frame.

We either need to
- make sure callee-save registers are restored before any potentially-throwing
  callsite, or
- make the unwinder able to restore these registers for us, potentially
  by writing our own exception unwinder.

For now, the easiest thing to do is to disallow allocation of those registers.
(I'm not even sure how much we allocate them at all at the moment.)