Skip to content

Instantly share code, notes, and snippets.

@savannahostrowski

savannahostrowski/load_fast_stencil.h

Created November 5, 2025 04:12
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save savannahostrowski/a37e1c407d8e3b3c2571bf7d24eaeb7a to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save savannahostrowski/a37e1c407d8e3b3c2571bf7d24eaeb7a to your computer and use it in GitHub Desktop.
Download ZIP
A snippet of a JIT stencil for LOAD_FAST on aarch64 MacOS
Raw
load_fast_stencil.h
void
emit__LOAD_FAST(
unsigned char *code, unsigned char *data, _PyExecutorObject *executor,
const _PyUOpInstruction *instruction, jit_state *state)
{
//
// _LOAD_FAST.o: file format mach-o arm64
//
// Disassembly of section __TEXT,__text:
//
// 0000000000000000 <ltmp0>:
// 0: a9bf7bfd stp x29, x30, [sp, #-0x10]!
// 4: 910003fd mov x29, sp
// 8: 91014293 add x19, x20, #0x50
// c: 90000008 adrp x8, 0x0 <ltmp0>
// 000000000000000c: ARM64_RELOC_GOT_LOAD_PAGE21 __JIT_OPARG
// 10: f9400108 ldr x8, [x8]
// 0000000000000010: ARM64_RELOC_GOT_LOAD_PAGEOFF12 __JIT_OPARG
// 14: 92403d08 and x8, x8, #0xffff
// 18: f8687a77 ldr x23, [x19, x8, lsl #3]
// 1c: f10006ff cmp x23, #0x1
// 20: 54000460 b.eq 0xac <ltmp0+0xac>
// 24: 37000117 tbnz w23, #0x0, 0x44 <ltmp0+0x44>
// 28: 79400ee8 ldrh w8, [x23, #0x6]
// 2c: 37100608 tbnz w8, #0x2, 0xec <ltmp0+0xec>
// 30: b94002e8 ldr w8, [x23]
// 34: 31000508 adds w8, w8, #0x1
// 38: b90002e8 str w8, [x23]
// 3c: 54000044 b.mi 0x44 <ltmp0+0x44>
// 40: 94000000 bl 0x40 <ltmp0+0x40>
// 0000000000000040: ARM64_RELOC_BRANCH26 __Py_INCREF_IncRefTotal
// 44: f80086b7 str x23, [x21], #0x8
// 48: 39412a88 ldrb w8, [x20, #0x4a]
// 4c: 71000d1f cmp w8, #0x3
// 50: 540002a0 b.eq 0xa4 <ltmp0+0xa4>
// 54: f9400288 ldr x8, [x20]
// 58: f100051f cmp x8, #0x1
// 5c: 54000580 b.eq 0x10c <ltmp0+0x10c>
// 60: 2a2803e9 mvn w9, w8
// 64: f240053f tst x9, #0x3
// 68: 54000620 b.eq 0x12c <ltmp0+0x12c>
// 6c: 927ff908 and x8, x8, #0xfffffffffffffffe
// 70: f9400509 ldr x9, [x8, #0x8]
// 74: 9000000a adrp x10, 0x0 <ltmp0>
// 0000000000000074: ARM64_RELOC_GOT_LOAD_PAGE21 _PyCode_Type
// 78: f940014a ldr x10, [x10]
// 0000000000000078: ARM64_RELOC_GOT_LOAD_PAGEOFF12 _PyCode_Type
// 7c: eb0a013f cmp x9, x10
// 80: 54000661 b.ne 0x14c <ltmp0+0x14c>
// 84: b9804909 ldrsw x9, [x8, #0x48]
// 88: 8b090e69 add x9, x19, x9, lsl #3
// 8c: cb0902a9 sub x9, x21, x9
// 90: b71001e9 tbnz x9, #0x22, 0xcc <ltmp0+0xcc>
// 94: d343fd29 lsr x9, x9, #3
// 98: b9404108 ldr w8, [x8, #0x40]
// 9c: 6b09011f cmp w8, w9
// a0: 5400016b b.lt 0xcc <ltmp0+0xcc>
// a4: a8c17bfd ldp x29, x30, [sp], #0x10
// a8: 14000031 b 0x16c <ltmp0+0x16c>
// ac: 90000000 adrp x0, 0x0 <ltmp0>
// 00000000000000ac: ARM64_RELOC_PAGE21 l___func__._JIT_ENTRY
// b0: 91000000 add x0, x0, #0x0
// 00000000000000b0: ARM64_RELOC_PAGEOFF12 l___func__._JIT_ENTRY
// b4: 90000001 adrp x1, 0x0 <ltmp0>
// 00000000000000b4: ARM64_RELOC_PAGE21 l_.str
// b8: 91000021 add x1, x1, #0x0
// 00000000000000b8: ARM64_RELOC_PAGEOFF12 l_.str
// bc: 90000003 adrp x3, 0x0 <ltmp0>
// 00000000000000bc: ARM64_RELOC_PAGE21 l_.str.1
// c0: 91000063 add x3, x3, #0x0
// 00000000000000c0: ARM64_RELOC_PAGEOFF12 l_.str.1
// c4: 52800f42 mov w2, #0x7a ; =122
// c8: 94000000 bl 0xc8 <ltmp0+0xc8>
// 00000000000000c8: ARM64_RELOC_BRANCH26 ___assert_rtn
// cc: 90000000 adrp x0, 0x0 <ltmp0>
// 00000000000000cc: ARM64_RELOC_PAGE21 l___func__._JIT_ENTRY
// d0: 91000000 add x0, x0, #0x0
// 00000000000000d0: ARM64_RELOC_PAGEOFF12 l___func__._JIT_ENTRY
// d4: 90000001 adrp x1, 0x0 <ltmp0>
// 00000000000000d4: ARM64_RELOC_PAGE21 l_.str
// d8: 91000021 add x1, x1, #0x0
// 00000000000000d8: ARM64_RELOC_PAGEOFF12 l_.str
// dc: 90000003 adrp x3, 0x0 <ltmp0>
// 00000000000000dc: ARM64_RELOC_PAGE21 l_.str.2
// e0: 91000063 add x3, x3, #0x0
// 00000000000000e0: ARM64_RELOC_PAGEOFF12 l_.str.2
// e4: 52800fc2 mov w2, #0x7e ; =126
// e8: 94000000 bl 0xe8 <ltmp0+0xe8>
// 00000000000000e8: ARM64_RELOC_BRANCH26 ___assert_rtn
// ec: 90000000 adrp x0, 0x0 <ltmp0>
// 00000000000000ec: ARM64_RELOC_PAGE21 l___func__._Py_INCREF_MORTAL
// f0: 91000000 add x0, x0, #0x0
// 00000000000000f0: ARM64_RELOC_PAGEOFF12 l___func__._Py_INCREF_MORTAL
// f4: 90000001 adrp x1, 0x0 <ltmp0>
// 00000000000000f4: ARM64_RELOC_PAGE21 l_.str.6
// f8: 91000021 add x1, x1, #0x0
// 00000000000000f8: ARM64_RELOC_PAGEOFF12 l_.str.6
// fc: 90000003 adrp x3, 0x0 <ltmp0>
// 00000000000000fc: ARM64_RELOC_PAGE21 l_.str.7
// 100: 91000063 add x3, x3, #0x0
// 0000000000000100: ARM64_RELOC_PAGEOFF12 l_.str.7
// 104: 52808202 mov w2, #0x410 ; =1040
// 108: 94000000 bl 0x108 <ltmp0+0x108>
// 0000000000000108: ARM64_RELOC_BRANCH26 ___assert_rtn
// 10c: 90000000 adrp x0, 0x0 <ltmp0>
// 000000000000010c: ARM64_RELOC_PAGE21 l___func__._PyFrame_GetCode
// 110: 91000000 add x0, x0, #0x0
// 0000000000000110: ARM64_RELOC_PAGEOFF12 l___func__._PyFrame_GetCode
// 114: 90000001 adrp x1, 0x0 <ltmp0>
// 0000000000000114: ARM64_RELOC_PAGE21 l_.str.8
// 118: 91000021 add x1, x1, #0x0
// 0000000000000118: ARM64_RELOC_PAGEOFF12 l_.str.8
// 11c: 90000003 adrp x3, 0x0 <ltmp0>
// 000000000000011c: ARM64_RELOC_PAGE21 l_.str.9
// 120: 91000063 add x3, x3, #0x0
// 0000000000000120: ARM64_RELOC_PAGEOFF12 l_.str.9
// 124: 528002a2 mov w2, #0x15 ; =21
// 128: 94000000 bl 0x128 <ltmp0+0x128>
// 0000000000000128: ARM64_RELOC_BRANCH26 ___assert_rtn
// 12c: 90000000 adrp x0, 0x0 <ltmp0>
// 000000000000012c: ARM64_RELOC_PAGE21 l___func__.PyStackRef_AsPyObjectBorrow
// 130: 91000000 add x0, x0, #0x0
// 0000000000000130: ARM64_RELOC_PAGEOFF12 l___func__.PyStackRef_AsPyObjectBorrow
// 134: 90000001 adrp x1, 0x0 <ltmp0>
// 0000000000000134: ARM64_RELOC_PAGE21 l_.str.4
// 138: 91000021 add x1, x1, #0x0
// 0000000000000138: ARM64_RELOC_PAGEOFF12 l_.str.4
// 13c: 90000003 adrp x3, 0x0 <ltmp0>
// 000000000000013c: ARM64_RELOC_PAGE21 l_.str.11
// 140: 91000063 add x3, x3, #0x0
// 0000000000000140: ARM64_RELOC_PAGEOFF12 l_.str.11
// 144: 52805442 mov w2, #0x2a2 ; =674
// 148: 94000000 bl 0x148 <ltmp0+0x148>
// 0000000000000148: ARM64_RELOC_BRANCH26 ___assert_rtn
// 14c: 90000000 adrp x0, 0x0 <ltmp0>
// 000000000000014c: ARM64_RELOC_PAGE21 l___func__._PyFrame_GetCode
// 150: 91000000 add x0, x0, #0x0
// 0000000000000150: ARM64_RELOC_PAGEOFF12 l___func__._PyFrame_GetCode
// 154: 90000001 adrp x1, 0x0 <ltmp0>
// 0000000000000154: ARM64_RELOC_PAGE21 l_.str.8
// 158: 91000021 add x1, x1, #0x0
// 0000000000000158: ARM64_RELOC_PAGEOFF12 l_.str.8
// 15c: 90000003 adrp x3, 0x0 <ltmp0>
// 000000000000015c: ARM64_RELOC_PAGE21 l_.str.10
// 160: 91000063 add x3, x3, #0x0
// 0000000000000160: ARM64_RELOC_PAGEOFF12 l_.str.10
// 164: 528002e2 mov w2, #0x17 ; =23
// 168: 94000000 bl 0x168 <ltmp0+0x168>
// 0000000000000168: ARM64_RELOC_BRANCH26 ___assert_rtn
const unsigned char code_body[364] = {
0xfd, 0x7b, 0xbf, 0xa9, 0xfd, 0x03, 0x00, 0x91,
0x93, 0x42, 0x01, 0x91, 0x08, 0x00, 0x00, 0x90,
0x08, 0x01, 0x40, 0xf9, 0x08, 0x3d, 0x40, 0x92,
0x77, 0x7a, 0x68, 0xf8, 0xff, 0x06, 0x00, 0xf1,
0x60, 0x04, 0x00, 0x54, 0x17, 0x01, 0x00, 0x37,
0xe8, 0x0e, 0x40, 0x79, 0x08, 0x06, 0x10, 0x37,
0xe8, 0x02, 0x40, 0xb9, 0x08, 0x05, 0x00, 0x31,
0xe8, 0x02, 0x00, 0xb9, 0x44, 0x00, 0x00, 0x54,
0x00, 0x00, 0x00, 0x94, 0xb7, 0x86, 0x00, 0xf8,
0x88, 0x2a, 0x41, 0x39, 0x1f, 0x0d, 0x00, 0x71,
0xa0, 0x02, 0x00, 0x54, 0x88, 0x02, 0x40, 0xf9,
0x1f, 0x05, 0x00, 0xf1, 0x80, 0x05, 0x00, 0x54,
0xe9, 0x03, 0x28, 0x2a, 0x3f, 0x05, 0x40, 0xf2,
0x20, 0x06, 0x00, 0x54, 0x08, 0xf9, 0x7f, 0x92,
0x09, 0x05, 0x40, 0xf9, 0x0a, 0x00, 0x00, 0x90,
0x4a, 0x01, 0x40, 0xf9, 0x3f, 0x01, 0x0a, 0xeb,
0x61, 0x06, 0x00, 0x54, 0x09, 0x49, 0x80, 0xb9,
0x69, 0x0e, 0x09, 0x8b, 0xa9, 0x02, 0x09, 0xcb,
0xe9, 0x01, 0x10, 0xb7, 0x29, 0xfd, 0x43, 0xd3,
0x08, 0x41, 0x40, 0xb9, 0x1f, 0x01, 0x09, 0x6b,
0x6b, 0x01, 0x00, 0x54, 0xfd, 0x7b, 0xc1, 0xa8,
0x31, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0x42, 0x0f, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0xc2, 0x0f, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0x02, 0x82, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0xa2, 0x02, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0x42, 0x54, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x90,
0x00, 0x00, 0x00, 0x91, 0x01, 0x00, 0x00, 0x90,
0x21, 0x00, 0x00, 0x91, 0x03, 0x00, 0x00, 0x90,
0x63, 0x00, 0x00, 0x91, 0xe2, 0x02, 0x80, 0x52,
0x00, 0x00, 0x00, 0x94,
};
// 0: '_JIT_ENTRY\x00_LOAD_FAST.c\x00!PyStackRef_IsNull(GETLOCAL(oparg))\x00WITHIN_STACK_BOUNDS()\x00pycore_stackref.h\x00_Py_INCREF_MORTAL\x00pycore_object.h\x00!_Py_IsStaticImmortal(op)\x00_PyFrame_GetCode\x00pycore_interpframe.h\x00!PyStackRef_IsNull(f->f_executable)\x00PyCode_Check(executable)\x00PyStackRef_AsPyObjectBorrow\x00!PyStackRef_IsTaggedInt(ref)\x00'
// 13c: 00 00 00 00
// 140: &PyCode_Type+0x0
// 148: OPARG
const unsigned char data_body[336] = {
0x5f, 0x4a, 0x49, 0x54, 0x5f, 0x45, 0x4e, 0x54,
0x52, 0x59, 0x00, 0x5f, 0x4c, 0x4f, 0x41, 0x44,
0x5f, 0x46, 0x41, 0x53, 0x54, 0x2e, 0x63, 0x00,
0x21, 0x50, 0x79, 0x53, 0x74, 0x61, 0x63, 0x6b,
0x52, 0x65, 0x66, 0x5f, 0x49, 0x73, 0x4e, 0x75,
0x6c, 0x6c, 0x28, 0x47, 0x45, 0x54, 0x4c, 0x4f,
0x43, 0x41, 0x4c, 0x28, 0x6f, 0x70, 0x61, 0x72,
0x67, 0x29, 0x29, 0x00, 0x57, 0x49, 0x54, 0x48,
0x49, 0x4e, 0x5f, 0x53, 0x54, 0x41, 0x43, 0x4b,
0x5f, 0x42, 0x4f, 0x55, 0x4e, 0x44, 0x53, 0x28,
0x29, 0x00, 0x70, 0x79, 0x63, 0x6f, 0x72, 0x65,
0x5f, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x72, 0x65,
0x66, 0x2e, 0x68, 0x00, 0x5f, 0x50, 0x79, 0x5f,
0x49, 0x4e, 0x43, 0x52, 0x45, 0x46, 0x5f, 0x4d,
0x4f, 0x52, 0x54, 0x41, 0x4c, 0x00, 0x70, 0x79,
0x63, 0x6f, 0x72, 0x65, 0x5f, 0x6f, 0x62, 0x6a,
0x65, 0x63, 0x74, 0x2e, 0x68, 0x00, 0x21, 0x5f,
0x50, 0x79, 0x5f, 0x49, 0x73, 0x53, 0x74, 0x61,
0x74, 0x69, 0x63, 0x49, 0x6d, 0x6d, 0x6f, 0x72,
0x74, 0x61, 0x6c, 0x28, 0x6f, 0x70, 0x29, 0x00,
0x5f, 0x50, 0x79, 0x46, 0x72, 0x61, 0x6d, 0x65,
0x5f, 0x47, 0x65, 0x74, 0x43, 0x6f, 0x64, 0x65,
0x00, 0x70, 0x79, 0x63, 0x6f, 0x72, 0x65, 0x5f,
0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x66, 0x72,
0x61, 0x6d, 0x65, 0x2e, 0x68, 0x00, 0x21, 0x50,
0x79, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x52, 0x65,
0x66, 0x5f, 0x49, 0x73, 0x4e, 0x75, 0x6c, 0x6c,
0x28, 0x66, 0x2d, 0x3e, 0x66, 0x5f, 0x65, 0x78,
0x65, 0x63, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65,
0x29, 0x00, 0x50, 0x79, 0x43, 0x6f, 0x64, 0x65,
0x5f, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x28, 0x65,
0x78, 0x65, 0x63, 0x75, 0x74, 0x61, 0x62, 0x6c,
0x65, 0x29, 0x00, 0x50, 0x79, 0x53, 0x74, 0x61,
0x63, 0x6b, 0x52, 0x65, 0x66, 0x5f, 0x41, 0x73,
0x50, 0x79, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74,
0x42, 0x6f, 0x72, 0x72, 0x6f, 0x77, 0x00, 0x21,
0x50, 0x79, 0x53, 0x74, 0x61, 0x63, 0x6b, 0x52,
0x65, 0x66, 0x5f, 0x49, 0x73, 0x54, 0x61, 0x67,
0x67, 0x65, 0x64, 0x49, 0x6e, 0x74, 0x28, 0x72,
0x65, 0x66, 0x29,
};
memcpy(data, data_body, sizeof(data_body));
patch_64(data + 0x140, (uintptr_t)&PyCode_Type);
patch_64(data + 0x148, instruction->oparg);
memcpy(code, code_body, sizeof(code_body));
patch_aarch64_33rx(code + 0xc, (uintptr_t)data + 0x148);
patch_aarch64_trampoline(code + 0x40, 0xb, state);
patch_aarch64_33rx(code + 0x74, (uintptr_t)data + 0x140);
patch_aarch64_21r(code + 0xac, (uintptr_t)data);
patch_aarch64_12(code + 0xb0, (uintptr_t)data);
patch_aarch64_21r(code + 0xb4, (uintptr_t)data + 0xb);
patch_aarch64_12(code + 0xb8, (uintptr_t)data + 0xb);
patch_aarch64_21r(code + 0xbc, (uintptr_t)data + 0x18);
patch_aarch64_12(code + 0xc0, (uintptr_t)data + 0x18);
patch_aarch64_trampoline(code + 0xc8, 0x0, state);
patch_aarch64_21r(code + 0xcc, (uintptr_t)data);
patch_aarch64_12(code + 0xd0, (uintptr_t)data);
patch_aarch64_21r(code + 0xd4, (uintptr_t)data + 0xb);
patch_aarch64_12(code + 0xd8, (uintptr_t)data + 0xb);
patch_aarch64_21r(code + 0xdc, (uintptr_t)data + 0x3c);
patch_aarch64_12(code + 0xe0, (uintptr_t)data + 0x3c);
patch_aarch64_trampoline(code + 0xe8, 0x0, state);
patch_aarch64_21r(code + 0xec, (uintptr_t)data + 0x64);
patch_aarch64_12(code + 0xf0, (uintptr_t)data + 0x64);
patch_aarch64_21r(code + 0xf4, (uintptr_t)data + 0x76);
patch_aarch64_12(code + 0xf8, (uintptr_t)data + 0x76);
patch_aarch64_21r(code + 0xfc, (uintptr_t)data + 0x86);
patch_aarch64_12(code + 0x100, (uintptr_t)data + 0x86);
patch_aarch64_trampoline(code + 0x108, 0x0, state);
patch_aarch64_21r(code + 0x10c, (uintptr_t)data + 0xa0);
patch_aarch64_12(code + 0x110, (uintptr_t)data + 0xa0);
patch_aarch64_21r(code + 0x114, (uintptr_t)data + 0xb1);
patch_aarch64_12(code + 0x118, (uintptr_t)data + 0xb1);
patch_aarch64_21r(code + 0x11c, (uintptr_t)data + 0xc6);
patch_aarch64_12(code + 0x120, (uintptr_t)data + 0xc6);
patch_aarch64_trampoline(code + 0x128, 0x0, state);
patch_aarch64_21r(code + 0x12c, (uintptr_t)data + 0x103);
patch_aarch64_12(code + 0x130, (uintptr_t)data + 0x103);
patch_aarch64_21r(code + 0x134, (uintptr_t)data + 0x52);
patch_aarch64_12(code + 0x138, (uintptr_t)data + 0x52);
patch_aarch64_21r(code + 0x13c, (uintptr_t)data + 0x11f);
patch_aarch64_12(code + 0x140, (uintptr_t)data + 0x11f);
patch_aarch64_trampoline(code + 0x148, 0x0, state);
patch_aarch64_21r(code + 0x14c, (uintptr_t)data + 0xa0);
patch_aarch64_12(code + 0x150, (uintptr_t)data + 0xa0);
patch_aarch64_21r(code + 0x154, (uintptr_t)data + 0xb1);
patch_aarch64_12(code + 0x158, (uintptr_t)data + 0xb1);
patch_aarch64_21r(code + 0x15c, (uintptr_t)data + 0xea);
patch_aarch64_12(code + 0x160, (uintptr_t)data + 0xea);
patch_aarch64_trampoline(code + 0x168, 0x0, state);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment