Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10): Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen opened PR #13228 from fitzgen:handle-aliases-in-safepoint-spiller-rewrite-use to bytecodealliance:main:
The
rewrite_usemethod of the safepoint spiller was not checking for value aliases, and therefore some uses of needs-stack-map values would not be reloaded from their associated stack slot. Note that, because the liveness analysis does correctly analyze alias values and will always correctly spill them at safepoints, this could not result in any bug with non-moving collectors (where reloading after safepoints is unnecessary), like those that Wasmtime has today.However, with the introduction of a moving collector in https://github.com/bytecodealliance/wasmtime/pull/13107, this lack-of-reload bug in the safepoint spiller does trigger bugs in Wasmtime (and, reassuringly, our testing and fuzzing infrastructure finds it ~immediately). Uses of a non-reloaded GC reference are stale because the object they previously pointed to moved but the non-reloaded GC reference was not updated to point to the object's new location, resulting in use-after-move bugs.
The fix for the safepoint spiller is simple: resolve aliases before rewriting uses. This commit additionally sprinkles some debug assertions throughout all the safepoint spiller code to double check that we have already resolved aliases and are no longer dealing with alias values in, e.g., our current set of live values in the liveness analysis.
<!--
Please make sure you include the following information:
If this work has been discussed elsewhere, please include a link to that
conversation. If it was discussed in an issue, just mention "issue #...".Explain why this change is needed. If the details are in an issue already,
this can be brief.Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.htmlPlease ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->
Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen requested uweigand for a review on PR #13228.
Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen requested wasmtime-compiler-reviewers for a review on PR #13228.
Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen unassigned uweigand from PR #13228 Handle alias values in SafepointSpiller::rewrite_use.
Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen requested cfallin for a review on PR #13228.
Wasmtime GitHub notifications bot (Apr 29 2026 at 13:10):fitzgen requested wasmtime-compiler-reviewers for a review on PR #13228.
Wasmtime GitHub notifications bot (Apr 29 2026 at 15:15)::thumbs_up: cfallin submitted PR review:
LGTM; good find!
Wasmtime GitHub notifications bot (Apr 29 2026 at 15:15):cfallin added PR #13228 Handle alias values in SafepointSpiller::rewrite_use to the merge queue
Wasmtime GitHub notifications bot (Apr 29 2026 at 15:44)::check: cfallin merged PR #13228.
Wasmtime GitHub notifications bot (Apr 29 2026 at 15:44):cfallin removed PR #13228 Handle alias values in SafepointSpiller::rewrite_use from the merge queue
Last updated: May 03 2026 at 22:13 UTC