Changeset 220958 in webkit for trunk/Source/JavaScriptCore/assembler/testmasm.cpp

Timestamp:

Aug 20, 2017, 9:26:40 PM (8 years ago)

Author:

[email protected]

Message:

Enhance MacroAssembler::probe() to allow the probe function to resize the stack frame and alter stack data in one pass.
​https://bugs.webkit.org/show_bug.cgi?id=175688
<rdar://problem/33436870>

Reviewed by JF Bastien.

With this patch, the clients of the MacroAssembler::probe() can now change
stack values without having to worry about whether there is enough room in the
current stack frame for it or not. This is done using the Probe::Context's stack
member like so:

jit.probe([] (Probe::Context& context) {

auto cpu = context.cpu;
auto stack = context.stack();
uintptr_t* currentSP = cpu.sp<uintptr_t*>();

Get a value at the current stack pointer location.
auto value = stack.get<uintptr_t>(currentSP);

Set a value above the current stack pointer (within current frame).
stack.set<uintptr_t>(currentSP + 10, value);

Set a value below the current stack pointer (out of current frame).
stack.set<uintptr_t>(currentSP - 10, value);

Set the new stack pointer.
cpu.sp() = currentSP - 20;

});

What happens behind the scene:

1. the generated JIT probe code will now call Probe::executeProbe(), and Probe::executeProbe() will in turn call the client's probe function.

Probe::executeProbe() receives the Probe::State on the machine stack passed
to it by the probe trampoline. Probe::executeProbe() will instantiate a
Probe::Context to be passed to the client's probe function. The client will
no longer see the Probe::State directly.

2. The Probe::Context comes with a Probe::Stack which serves as a manager of stack pages. Currently, each page is 1K in size. Probe::Context::stack() returns a reference to an instance of Probe::Stack.

3. Invoking get() of set() on Probe::Stack with an address will lead to the following:

1. the address will be decoded to a baseAddress that points to the 1K page that contains that address.

2. the Probe::Stack will check if it already has a cached 1K page for that baseAddress. If so, go to step (f). Else, continue with step (c).

3. the Probe::Stack will malloc a 1K mirror page, and memcpy the 1K stack page for that specified baseAddress to this mirror page.

4. the mirror page will be added to the ProbeStack's m_pages HashMap, keyed on the baseAddress.

5. the ProbeStack will also cache the last baseAddress and its corresponding mirror page in use. With memory accesses tending to be localized, this will save us from having to look up the page in the HashMap.

6. get() will map the requested address to a physical address in the mirror page, and return the value at that location.

7. set() will map the requested address to a physical address in the mirror page, and set the value at that location in the mirror page.

set() will also set a dirty bit corresponding to the "cache line" that
was modified in the mirror page.

4. When the client's probe function returns, Probe::executeProbe() will check if there are stack changes that need to be applied. If stack changes are needed:

1. Probe::executeProbe() will adjust the stack pointer to ensure enough stack space is available to flush the dirty stack pages. It will also register a flushStackDirtyPages callback function in the Probe::State. Thereafter, Probe::executeProbe() returns to the probe trampoline.

2. the probe trampoline adjusts the stack pointer, moves the Probe::State to a safe place if needed, and then calls the flushStackDirtyPages callback if needed.

3. the flushStackDirtyPages() callback iterates the Probe::Stack's m_pages HashMap and flush all dirty "cache lines" to the machine stack. Thereafter, flushStackDirtyPages() returns to the probe trampoline.

4. lastly, the probe trampoline will restore all register values and return to the pc set in the Probe::State.

To make this patch work, I also had to do the following work:

5. Refactor MacroAssembler::CPUState into Probe::CPUState. Mainly, this means moving the code over to ProbeContext.h. I also added some convenience accessor methods for spr registers.

Moved Probe::Context over to its own file ProbeContext.h/cpp.

6. Fix all probe trampolines to pass the address of Probe::executeProbe in addition to the client's probe function and arg.

I also took this opportunity to optimize the generated JIT probe code to
minimize the amount of memory stores needed.

7. Simplified the ARM64 probe trampoline. The ARM64 probe only supports changing either lr or pc (or neither), but not both at in the same probe invocation. The ARM64 probe trampoline used to have to check for this invariant in the assembly trampoline code. With the introduction of Probe::executeProbe(), we can now do it there and simplify the trampoline.

8. Fix a bug in the old ARM64 probe trampoline for the case where the client changes lr. That code path never worked before, but has now been fixed.

9. Removed trustedImm32FromPtr() helper functions in MacroAssemblerARM and MacroAssemblerARMv7.

We can now use move() with TrustedImmPtr, and it does the same thing but in a
more generic way.

10. ARMv7's move() emitter may encode a T1 move instruction, which happens to have

the same semantics as movs (according to the Thumb spec). This means these
instructions may trash the APSR flags before we have a chance to preserve them.

This patch changes MacroAssemblerARMv7's probe() to preserve the APSR register
early on. This entails adding support for the mrs instruction in the
ARMv7Assembler.

10. Change testmasm's testProbeModifiesStackValues() to now modify stack values

the easy way.

Also fixed testmasm tests which check flag registers to only compare the
portions that are modifiable by the client i.e. some masking is applied.

This patch has passed the testmasm tests on x86, x86_64, arm64, and armv7.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• assembler/ARMv7Assembler.h:

(JSC::ARMv7Assembler::mrs):

• assembler/AbstractMacroAssembler.h:
• assembler/MacroAssembler.cpp:

(JSC::stdFunctionCallback):
(JSC::MacroAssembler::probe):

• assembler/MacroAssembler.h:

(JSC::MacroAssembler::CPUState::gprName): Deleted.
(JSC::MacroAssembler::CPUState::sprName): Deleted.
(JSC::MacroAssembler::CPUState::fprName): Deleted.
(JSC::MacroAssembler::CPUState::gpr): Deleted.
(JSC::MacroAssembler::CPUState::spr): Deleted.
(JSC::MacroAssembler::CPUState::fpr): Deleted.
(JSC:: const): Deleted.
(JSC::MacroAssembler::CPUState::fpr const): Deleted.
(JSC::MacroAssembler::CPUState::pc): Deleted.
(JSC::MacroAssembler::CPUState::fp): Deleted.
(JSC::MacroAssembler::CPUState::sp): Deleted.
(JSC::MacroAssembler::CPUState::pc const): Deleted.
(JSC::MacroAssembler::CPUState::fp const): Deleted.
(JSC::MacroAssembler::CPUState::sp const): Deleted.
(JSC::Probe::State::gpr): Deleted.
(JSC::Probe::State::spr): Deleted.
(JSC::Probe::State::fpr): Deleted.
(JSC::Probe::State::gprName): Deleted.
(JSC::Probe::State::sprName): Deleted.
(JSC::Probe::State::fprName): Deleted.
(JSC::Probe::State::pc): Deleted.
(JSC::Probe::State::fp): Deleted.
(JSC::Probe::State::sp): Deleted.

• assembler/MacroAssemblerARM.cpp:

(JSC::MacroAssembler::probe):

• assembler/MacroAssemblerARM.h:

(JSC::MacroAssemblerARM::trustedImm32FromPtr): Deleted.

• assembler/MacroAssemblerARM64.cpp:

(JSC::MacroAssembler::probe):
(JSC::arm64ProbeError): Deleted.

• assembler/MacroAssemblerARMv7.cpp:

(JSC::MacroAssembler::probe):

• assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::armV7Condition):
(JSC::MacroAssemblerARMv7::trustedImm32FromPtr): Deleted.

• assembler/MacroAssemblerPrinter.cpp:

(JSC::Printer::printCallback):

• assembler/MacroAssemblerPrinter.h:
• assembler/MacroAssemblerX86Common.cpp:

(JSC::ctiMasmProbeTrampoline):
(JSC::MacroAssembler::probe):

• assembler/Printer.h:

(JSC::Printer::Context::Context):

• assembler/ProbeContext.cpp: Added.

(JSC::Probe::executeProbe):
(JSC::Probe::handleProbeStackInitialization):
(JSC::Probe::probeStateForContext):

• assembler/ProbeContext.h: Added.

(JSC::Probe::CPUState::gprName):
(JSC::Probe::CPUState::sprName):
(JSC::Probe::CPUState::fprName):
(JSC::Probe::CPUState::gpr):
(JSC::Probe::CPUState::spr):
(JSC::Probe::CPUState::fpr):
(JSC::Probe:: const):
(JSC::Probe::CPUState::fpr const):
(JSC::Probe::CPUState::pc):
(JSC::Probe::CPUState::fp):
(JSC::Probe::CPUState::sp):
(JSC::Probe::CPUState::pc const):
(JSC::Probe::CPUState::fp const):
(JSC::Probe::CPUState::sp const):
(JSC::Probe::Context::Context):
(JSC::Probe::Context::gpr):
(JSC::Probe::Context::spr):
(JSC::Probe::Context::fpr):
(JSC::Probe::Context::gprName):
(JSC::Probe::Context::sprName):
(JSC::Probe::Context::fprName):
(JSC::Probe::Context::pc):
(JSC::Probe::Context::fp):
(JSC::Probe::Context::sp):
(JSC::Probe::Context::stack):
(JSC::Probe::Context::hasWritesToFlush):
(JSC::Probe::Context::releaseStack):

• assembler/ProbeStack.cpp: Added.

(JSC::Probe::Page::Page):
(JSC::Probe::Page::flushWrites):
(JSC::Probe::Stack::Stack):
(JSC::Probe::Stack::hasWritesToFlush):
(JSC::Probe::Stack::flushWrites):
(JSC::Probe::Stack::ensurePageFor):

• assembler/ProbeStack.h: Added.

(JSC::Probe::Page::baseAddressFor):
(JSC::Probe::Page::chunkAddressFor):
(JSC::Probe::Page::baseAddress):
(JSC::Probe::Page::get):
(JSC::Probe::Page::set):
(JSC::Probe::Page::hasWritesToFlush const):
(JSC::Probe::Page::flushWritesIfNeeded):
(JSC::Probe::Page::dirtyBitFor):
(JSC::Probe::Page::physicalAddressFor):
(JSC::Probe::Stack::Stack):
(JSC::Probe::Stack::lowWatermark):
(JSC::Probe::Stack::get):
(JSC::Probe::Stack::set):
(JSC::Probe::Stack::newStackPointer const):
(JSC::Probe::Stack::setNewStackPointer):
(JSC::Probe::Stack::isValid):
(JSC::Probe::Stack::pageFor):

• assembler/testmasm.cpp:

(JSC::testProbeReadsArgumentRegisters):
(JSC::testProbeWritesArgumentRegisters):
(JSC::testProbePreservesGPRS):
(JSC::testProbeModifiesStackPointer):
(JSC::testProbeModifiesStackPointerToInsideProbeStateOnStack):
(JSC::testProbeModifiesStackPointerToNBytesBelowSP):
(JSC::testProbeModifiesProgramCounter):
(JSC::testProbeModifiesStackValues):
(JSC::run):
(): Deleted.
(JSC::fillStack): Deleted.
(JSC::testProbeModifiesStackWithCallback): Deleted.

File:

• trunk/Source/JavaScriptCore/assembler/testmasm.cpp (modified) (27 diffs)

trunk/Source/JavaScriptCore/assembler/testmasm.cpp

@@ -32 +32 @@
 #include "InitializeThreading.h"
 #include "LinkBuffer.h"
+#include "ProbeContext.h"
 #include <wtf/Compiler.h>
 #include <wtf/DataLog.h>
@@ -62 +63 @@
 #endif // ENABLE(MASM_PROBE)
 
+namespace JSC {
+namespace Probe {
+
+JS_EXPORT_PRIVATE void* probeStateForContext(Probe::Context&);
+
+} // namespace Probe
+} // namespace JSC
+
 using namespace JSC;
 
@@ -67 +76 @@
 
 #if ENABLE(MASM_PROBE)
-using CPUState = MacroAssembler::CPUState;
+using CPUState = Probe::CPUState;
 #endif
 
@@ -185 +194 @@
 #endif
 
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeWasCalled = true;
             CHECK_EQ(cpu.gpr(GPRInfo::argumentGPR0), testWord(0));
@@ -227 +236 @@
 
         // Write expected values.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             cpu.gpr(GPRInfo::argumentGPR0) = testWord(0);
@@ -240 +249 @@
 
         // Validate that expected values were written.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             CHECK_EQ(cpu.gpr(GPRInfo::argumentGPR0), testWord(0));
@@ -283 +292 @@
 
         // Write expected values into the registers (except for sp, fp, and pc).
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -299 +308 @@
 
         // Invoke the probe to call a lot of functions and trash register values.
-        jit.probe([&] (Probe::State*) {
+        jit.probe([&] (Probe::Context&) {
             probeCallCount++;
             CHECK_EQ(testFunctionToTrashGPRs(0, 1, 2, 3, 4, 5, 6, 7, 8, 9), 10);
@@ -306 +315 @@
 
         // Validate that the registers have the expected values.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -323 +332 @@
 
         // Restore the original state.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -336 +345 @@
 
         // Validate that the original state was restored.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -354 +363 @@
 }
 
-void testProbeModifiesStackPointer(WTF::Function<void*(Probe::State*)> computeModifiedStack)
+void testProbeModifiesStackPointer(WTF::Function<void*(Probe::Context&)> computeModifiedStackPointer)
 {
     unsigned probeCallCount = 0;
@@ -367 +376 @@
 #elif CPU(ARM_THUMB2) || CPU(ARM_TRADITIONAL)
     auto flagsSPR = ARMRegisters::apsr;
-    uintptr_t flagsMask = 0xf0000000;
+    uintptr_t flagsMask = 0xf8000000;
 #elif CPU(ARM64)
     auto flagsSPR = ARM64Registers::nzcv;
@@ -378 +387 @@
         // Preserve original stack pointer and modify the sp, and
         // write expected values into other registers (except for fp, and pc).
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -397 +406 @@
 
             originalSP = cpu.sp();
-            modifiedSP = computeModifiedStack(context);
+            modifiedSP = computeModifiedStackPointer(context);
             cpu.sp() = modifiedSP;
         });
 
         // Validate that the registers have the expected values.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -416 +425 @@
             for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
                 CHECK_EQ(cpu.fpr<uint64_t>(id), testWord64(id));
-            CHECK_EQ(cpu.spr(flagsSPR), modifiedFlags);
+            CHECK_EQ(cpu.spr(flagsSPR) & flagsMask, modifiedFlags & flagsMask);
             CHECK_EQ(cpu.sp(), modifiedSP);
         });
 
         // Restore the original state.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -436 +445 @@
 
         // Validate that the original state was restored.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -446 +455 @@
             for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
                 CHECK_EQ(cpu.fpr<uint64_t>(id), originalState.fpr<uint64_t>(id));
-            CHECK_EQ(cpu.spr(flagsSPR), originalState.spr(flagsSPR));
+            CHECK_EQ(cpu.spr(flagsSPR) & flagsMask, originalState.spr(flagsSPR) & flagsMask);
             CHECK_EQ(cpu.sp(), originalSP);
         });
@@ -464 +473 @@
 #endif
     for (size_t offset = 0; offset < sizeof(Probe::State); offset += increment) {
-        testProbeModifiesStackPointer([=] (Probe::State* context) -> void* {
-            return reinterpret_cast<uint8_t*>(context) + offset;
+        testProbeModifiesStackPointer([=] (Probe::Context& context) -> void* {
+            return reinterpret_cast<uint8_t*>(probeStateForContext(context)) + offset;
+
         });
     }
@@ -478 +488 @@
 #endif
     for (size_t offset = 0; offset < 1 * KB; offset += increment) {
-        testProbeModifiesStackPointer([=] (Probe::State* context) -> void* {
-            return reinterpret_cast<uint8_t*>(context->cpu.sp()) - offset;
+        testProbeModifiesStackPointer([=] (Probe::Context& context) -> void* {
+            return context.cpu.sp<uint8_t*>() - offset;
         });
     }
@@ -494 +504 @@
     MacroAssemblerCodeRef continuation = compile([&] (CCallHelpers& jit) {
         // Validate that we reached the continuation.
-        jit.probe([&] (Probe::State*) {
+        jit.probe([&] (Probe::Context&) {
             probeCallCount++;
             continuationWasReached = true;
@@ -507 +517 @@
 
         // Write expected values into the registers.
-        jit.probe([&] (Probe::State* context) {
-            probeCallCount++;
-            context->pc() = continuation.code().executableAddress();
+        jit.probe([&] (Probe::Context& context) {
+            probeCallCount++;
+            context.cpu.pc() = continuation.code().executableAddress();
         });
 
@@ -518 +528 @@
 }
 
-struct FillStackData {
+void testProbeModifiesStackValues()
+{
+    unsigned probeCallCount = 0;
     CPUState originalState;
     void* originalSP { nullptr };
     void* newSP { nullptr };
     uintptr_t modifiedFlags { 0 };
-    MacroAssembler::SPRegisterID flagsSPR;
-};
-
-static void fillStack(Probe::State* context)
-{
-    auto& cpu = context->cpu;
-
-    FillStackData& data = *reinterpret_cast<FillStackData*>(context->initializeStackArg);
-    CPUState& originalState = data.originalState;
-    void*& originalSP = data.originalSP;
-    void*& newSP = data.newSP;
-    uintptr_t& modifiedFlags = data.modifiedFlags;
-    MacroAssembler::SPRegisterID& flagsSPR = data.flagsSPR;
-
-    CHECK_EQ(reinterpret_cast<void*>(context->initializeStackFunction), reinterpret_cast<void*>(fillStack));
-    CHECK_EQ(cpu.sp(), newSP);
-
-    // Verify that the probe has put the Probe::State out of harm's way.
-    CHECK_EQ((reinterpret_cast<void*>(context + 1) <= cpu.sp()), true);
-
-    // Verify the CPU state.
-    for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
-        if (isFP(id)) {
-            CHECK_EQ(cpu.gpr(id), originalState.gpr(id));
-            continue;
-        }
-        if (isSpecialGPR(id))
-            continue;
-        CHECK_EQ(cpu.gpr(id), testWord(id));
-    }
-    for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
-        CHECK_EQ(cpu.fpr<uint64_t>(id), testWord64(id));
-    CHECK_EQ(cpu.spr(flagsSPR), modifiedFlags);
-
-    // Fill the stack with values.
-    uintptr_t* p = reinterpret_cast<uintptr_t*>(newSP);
-    int count = 0;
-    while (p < reinterpret_cast<uintptr_t*>(originalSP))
-        *p++ = testWord(count++);
-};
-
-void testProbeModifiesStackWithCallback()
-{
-    unsigned probeCallCount = 0;
-    FillStackData data;
-    CPUState& originalState = data.originalState;
-    void*& originalSP = data.originalSP;
-    void*& newSP = data.newSP;
-    uintptr_t& modifiedFlags = data.modifiedFlags;
-    size_t numberOfExtraEntriesToWrite = 10; // ARM64 requires that this be 2 word aligned.
-    MacroAssembler::SPRegisterID& flagsSPR = data.flagsSPR;
+    size_t numberOfExtraEntriesToWrite { 10 }; // ARM64 requires that this be 2 word aligned.
 
 #if CPU(X86) || CPU(X86_64)
-    flagsSPR = X86Registers::eflags;
+    MacroAssembler::SPRegisterID flagsSPR = X86Registers::eflags;
     uintptr_t flagsMask = 0xc5;
 #elif CPU(ARM_THUMB2) || CPU(ARM_TRADITIONAL)
-    flagsSPR = ARMRegisters::apsr;
-    uintptr_t flagsMask = 0xf0000000;
+    MacroAssembler::SPRegisterID flagsSPR = ARMRegisters::apsr;
+    uintptr_t flagsMask = 0xf8000000;
 #elif CPU(ARM64)
-    flagsSPR = ARM64Registers::nzcv;
+    MacroAssembler::SPRegisterID flagsSPR = ARM64Registers::nzcv;
     uintptr_t flagsMask = 0xf0000000;
 #endif
@@ -590 +552 @@
 
         // Write expected values into the registers.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
+            auto& stack = context.stack();
             probeCallCount++;
 
@@ -609 +572 @@
             cpu.spr(flagsSPR) = modifiedFlags;
 
-            CHECK_EQ(reinterpret_cast<void*>(context->initializeStackFunction), 0);
-
-            // Prepare for initializeStack callback.
-            context->initializeStackFunction = fillStack;
-            context->initializeStackArg = &data;
-
             // Ensure that we'll be writing over the regions of the stack where the Probe::State is.
             originalSP = cpu.sp();
-            newSP = reinterpret_cast<uintptr_t*>(context) - numberOfExtraEntriesToWrite;
+            newSP = reinterpret_cast<uintptr_t*>(probeStateForContext(context)) - numberOfExtraEntriesToWrite;
             cpu.sp() = newSP;
+
+            // Fill the stack with values.
+            uintptr_t* p = reinterpret_cast<uintptr_t*>(newSP);
+            int count = 0;
+            stack.set<double>(p++, 1.23456789);
+            if (is32Bit())
+                p++; // On 32-bit targets, a double takes up 2 uintptr_t.
+            while (p < reinterpret_cast<uintptr_t*>(originalSP))
+                stack.set<uintptr_t>(p++, testWord(count++));
         });
 
         // Validate that the registers and stack have the expected values.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
+            auto& stack = context.stack();
             probeCallCount++;
 
@@ -638 +605 @@
             for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
                 CHECK_EQ(cpu.fpr<uint64_t>(id), testWord64(id));
-            CHECK_EQ(cpu.spr(flagsSPR), modifiedFlags);
+            CHECK_EQ(cpu.spr(flagsSPR) & flagsMask, modifiedFlags & flagsMask);
             CHECK_EQ(cpu.sp(), newSP);
 
-            // Validate the stack with values.
+            // Validate the stack values.
             uintptr_t* p = reinterpret_cast<uintptr_t*>(newSP);
             int count = 0;
+            CHECK_EQ(stack.get<double>(p++), 1.23456789);
+            if (is32Bit())
+                p++; // On 32-bit targets, a double takes up 2 uintptr_t.
             while (p < reinterpret_cast<uintptr_t*>(originalSP))
-                CHECK_EQ(*p++, testWord(count++));
+                CHECK_EQ(stack.get<uintptr_t>(p++), testWord(count++));
         });
 
         // Restore the original state.
-        jit.probe([&] (Probe::State* context) {
-            auto& cpu = context->cpu;
+        jit.probe([&] (Probe::Context& context) {
+            auto& cpu = context.cpu;
             probeCallCount++;
             for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
@@ -708 +678 @@
     RUN(testProbeModifiesStackPointerToNBytesBelowSP());
     RUN(testProbeModifiesProgramCounter());
-    RUN(testProbeModifiesStackWithCallback());
+    RUN(testProbeModifiesStackValues());
 #endif // ENABLE(MASM_PROBE)