Corrupting the stack at startup in OpenSSL's `provider_conf_init`

[kvark]

I'm porting Zed to Linux - zed-industries/zed#7343
It's currently crashing on startup even before main is entered.
Call stacks are corrupted until I build with "safestack" sanitizer, in which case it produces the following stack:
openssl-crash2-stack.txt

Strace shows the configuration file read as the last thing:

openat(AT_FDCWD, "/nix/store/l0rxwrg41k3lsdiybf8q0rf3nk430zr8-openssl-3.0.12/etc/ssl/openssl.cnf", O_RDONLY) = 3
newfstatat(3, "", {st_mode=S_IFREG|0444, st_size=12324, ...}, AT_EMPTY_PATH) = 0
read(3, "#\n# OpenSSL example configuratio"..., 4096) = 4096
read(3, "d attributes must be the same, a"..., 4096) = 4096
read(3, "coding of an extension: beware e"..., 4096) = 4096
read(3, " = $insta::certout # insta.cert."..., 4096) = 36
read(3, "", 4096)                       = 0
close(3)                                = 0
futex(0x7f14c78795d8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c787961c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c7879d7c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c7879d74, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f14c78795b8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---

I believe the callstack is coming from curl, which is coming to Zed through this dependency:

isahc = { version = "1.7.2", default-features = false, features = ["static-curl", "text-decoding"] }

Note: was first submitted to sfackler/rust-openssl#2160

[kvark]

Tried removing both features here - makes no difference, still crashes in the same place.

[kvark]

Based on feedback from "gabydd" in Zed Discord, this issue is likely caused by our erroneous build.rs instructions:

        println!("cargo:rustc-env=MACOSX_DEPLOYMENT_TARGET=10.15.7");

        println!("cargo:rerun-if-env-changed=ZED_BUNDLE");
        if std::env::var("ZED_BUNDLE").ok().as_deref() == Some("true") {
            // Find WebRTC.framework in the Frameworks folder when running as part of an application bundle.
            println!("cargo:rustc-link-arg=-Wl,-rpath,@executable_path/../Frameworks");
        } else {
            // Find WebRTC.framework as a sibling of the executable when running outside of an application bundle.
            println!("cargo:rustc-link-arg=-Wl,-rpath,@executable_path");
        }

        // Weakly link ReplayKit to ensure Zed can be used on macOS 10.15+.
        println!("cargo:rustc-link-arg=-Wl,-weak_framework,ReplayKit");

        // Seems to be required to enable Swift concurrency
        println!("cargo:rustc-link-arg=-Wl,-rpath,/usr/lib/swift");

        // Register exported Objective-C selectors, protocols, etc
        println!("cargo:rustc-link-arg=-Wl,-ObjC");

These aren't supposed to be on with Linux. Closing.