Wasmtime GitHub notifications bot (Mar 28 2026 at 00:10): Wasmtime GitHub notifications bot (Mar 28 2026 at 00:10):fitzgen opened PR #12862 from fitzgen:select-declare-needs-stack-map to bytecodealliance:main:
The
selectand typedselectWasm operators create new SSA values in Cranelift but were not callingdeclare_value_needs_stack_mapon the result when the operand type is a GC reference. This meant the result, when kept on the Wasm operand stack (not stored in a local variable), would not appear in stack maps at subsequent safepoints.If a GC collection occurred at such a safepoint, the collector would not see the
select's result as a live GC root and could free the referenced object, leading to use-after-free.The fix checks
select's operand types for reference types and declares the result as requiring inclusion in stack maps when needed.<!--
Please make sure you include the following information:
If this work has been discussed elsewhere, please include a link to that
conversation. If it was discussed in an issue, just mention "issue #...".Explain why this change is needed. If the details are in an issue already,
this can be brief.Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.htmlPlease ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->
Wasmtime GitHub notifications bot (Mar 28 2026 at 00:10):fitzgen requested wasmtime-compiler-reviewers for a review on PR #12862.
Wasmtime GitHub notifications bot (Mar 28 2026 at 00:10):fitzgen requested wasmtime-core-reviewers for a review on PR #12862.
Wasmtime GitHub notifications bot (Mar 28 2026 at 00:10):fitzgen requested cfallin for a review on PR #12862.
Wasmtime GitHub notifications bot (Mar 28 2026 at 14:26):cfallin submitted PR review:
Good find!
Wasmtime GitHub notifications bot (Mar 28 2026 at 14:26):cfallin created PR review comment:
Could we wrap this predicate up in another environ helper? Something like
environ.ty_needs_stack_map(ty)? The embedded match in a closure in an if is a little awkward otherwise
Wasmtime GitHub notifications bot (Mar 30 2026 at 11:43):fitzgen updated PR #12862.
Wasmtime GitHub notifications bot (Mar 30 2026 at 11:43):fitzgen has enabled auto merge for PR #12862.
Wasmtime GitHub notifications bot (Mar 30 2026 at 12:40):fitzgen updated PR #12862.
Wasmtime GitHub notifications bot (Mar 30 2026 at 12:53):fitzgen added PR #12862 Fix select missing stack map declarations for GC refs to the merge queue.
Wasmtime GitHub notifications bot (Mar 30 2026 at 15:04):fitzgen merged PR #12862.
Wasmtime GitHub notifications bot (Mar 30 2026 at 15:04):fitzgen removed PR #12862 Fix select missing stack map declarations for GC refs from the merge queue.
Last updated: Apr 13 2026 at 00:25 UTC