Rust wasm tooling wasm-pack segfaults when built as derivation but works with cargo install

While trying to update wasm-pack ni nixpkgs, I ran into the issue where wasm-pack would segfault when trying to list the version:

$ asm-pack -v
wasm-pack 0.9.1
Ashley Williams <ashley666ashley@gmail.com>
📦 ✨  pack and publish your wasm!

USAGE:
    wasm-pack [FLAGS] [OPTIONS] <SUBCOMMAND>

FLAGS:
    -h, --help       Prints help information
    -q, --quiet      No output printed to stdout
    -V, --version    Prints version information
    -v, --verbose    Log verbosity is based off the number of v used

OPTIONS:
        --log-level <log_level>    The maximum level of messages that should be logged by wasm-pack. [possible values:
                                   info, warn, error] [default: info]

SUBCOMMANDS:
    build      🏗️  build your npm package!
    help       Prints this message or the help of the given subcommand(s)
    login      👤  Add an npm registry user account! (aliases: adduser, add-user)
    new        🐑 create a new project with a template
    pack       🍱  create a tar of your npm package but don't publish!
    publish    🎆  pack up your npm package and publish!
    test       👩🔬  test your wasm!
fish: “wasm-pack -v” terminated by signal SIGSEGV (Address boundary error)

Suspecting that it may be specific to the derivation and not to the upstream package, I tried compiling and installing the tool with cargo install. There, it doesn’t segfault!

Running wasm-pack through gdb shows that the segfault is OpenSSL related, which seems a bit similar to this issue: https://github.com/rustwasm/wasm-pack/issues/650

I wonder why segfault only occurs when I build the tool as a derivation only, even though the dependencies used in both build methods should be the same.

This is the expression for the wasm-pack, updated to version 0.9.1:

{ stdenv
, fetchFromGitHub
, rustPlatform
, pkgconfig
, openssl
, curl
, Security
}:

rustPlatform.buildRustPackage rec {
  pname = "wasm-pack";
  version = "0.9.1";

  src = fetchFromGitHub {
    owner = "rustwasm";
    repo = "wasm-pack";
    rev = "v${version}";
    sha256 = "1rqyfg6ajxxyfx87ar25nf5ck9hd0p12qgv98dicniqag8l4rvsr";
  };

  cargoSha256 = "095gk6lcck5864wjhrkhgnkxn9pzcg82xk5p94br7lmf15y9gc7j";

  nativeBuildInputs = [ pkgconfig ];

  buildInputs = [ openssl ]
    ++ stdenv.lib.optionals stdenv.isDarwin [ curl Security ];

  # Tests fetch external resources and build artifacts.
  # Disabled to work with sandboxing
  doCheck = false;

  meta = with stdenv.lib; {
    description = "A utility that builds rust-generated WebAssembly package";
    homepage = https://github.com/rustwasm/wasm-pack;
    license = with licenses; [ asl20 /* or */ mit ];
    maintainers = [ maintainers.dhkl ];
    platforms = platforms.all;
  };
}

I just realized that I also had the same problem with cargo… the issue was masked because I was compiling the code in debug mode :man_facepalming:.

The segfaults stop happening when I replaced OpenSSL with LibreSSL.

I thought I was having a Nix issue, but it was just OpenSSL!

2 Likes