SIGSEGV when ESM import() loads large CJS webpack bundle (merve regression in v24.14.0) #62212
Description
Version
v24.14.0
Platform
Darwin 25.2.0 arm64 (macOS, Apple Silicon)
Subsystem
esm, module
What steps will reproduce the bug?
ESM import() of a large (~3.18 MB) CJS webpack/ncc bundle causes a segmentation fault (SIGSEGV) on Node v24.14.0. The same file loads successfully on v24.13.0 and via CJS require() on v24.14.0.
The bundle is generated by @vercel/ncc and follows the standard webpack bundle pattern:
require('./sourcemap-register.js');(()=>{var __webpack_modules__={
// ~500 modules across 503 lines, heavily minified, ~3.18MB total
};
// ... webpack runtime ...
module.exports = __webpack_exports__;
})();Steps to reproduce:
# With any large ncc/webpack CJS bundle saved as bundle.js (~1-3MB+):
# Works on v24.13.0:
node --input-type=module -e "import('./bundle.js').then(() => console.log('ok'))"
# ok
# Segfaults on v24.14.0:
node --input-type=module -e "import('./bundle.js').then(() => console.log('ok'))"
# (no output, exit code 139 / SIGSEGV)CJS require() works fine on v24.14.0:
node -e "require('./bundle.js'); console.log('ok')"
# okThe specific package that I encountered the problem with in in private registry, but the issue is likely reproducible with any sufficiently large/complex ncc-bundled CJS module.
How often does it reproduce? Is there a required condition?
100% reproducible.
Key conditions:
- The CJS module must be loaded via ESM
import()(notrequire()) - The bundle must be large enough (~1MB+) — a truncated first half (~1.59MB) of the 3.18MB bundle still crashes, but the first quarter (~795KB) does not
- The crash is pattern-specific, not purely size-based — synthetic large CJS files with simple
exports.x = ...patterns do not crash
What is the expected behavior? Why is that the expected behavior?
The CJS module should load successfully via ESM import(), as it does on v24.13.0. A segfault should never occur regardless of module content.
What do you see instead?
The process terminates immediately with SIGSEGV (exit code 139 on macOS/Linux). No error message, no stack trace, no output at all.
Bisected to
This regression was introduced by the replacement of cjs-module-lexer with merve in #61456 (commit 68da144b4e), which landed in v24.14.0.
Evidence:
- v24.13.0 (uses
cjs-module-lexer): ✅ works - v24.14.0 (uses
merve): ❌ SIGSEGV require()on v24.14.0 (bypasses the CJS lexer): ✅ worksimport()on v24.14.0 (uses the CJS lexer to detect named exports): ❌ SIGSEGV
The CJS module lexer is invoked when ESM import() loads a CJS module to analyze its exports. The crash occurs during this analysis phase, before any module code executes.
Additional information
Workaround: Use createRequire() from node:module to load the CJS module instead of ESM import:
import { createRequire } from 'node:module';
const require = createRequire(import.meta.url);
const pkg = require('the-large-cjs-package');cc @anonrig (merve author)