segfault at 0 ip 00007fdb9bdfa746 sp 00007fff7c0475f8 error 4 in libc-2.23.so

[KfirManSnunit]

Hello,
I've been trying for a while to figure out what cause the problem for unkilled worker, without success.
It started to happen since I installed ModSecurity-nginx according to this guide:
https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/

I've seen these cases:
#19
#29
And it did not work for me.
It happens randomly and without any action on our part like "restart\reload\nginx -t"... And usually not during rush hours.

The nginx error.log show:
2018/11/17 21:31:04 [alert] 23669#23669: worker process 17191 exited on signal 11 (core dumped)
2018/11/17 21:33:09 [alert] 23669#23669: worker process 17852 exited on signal 11 (core dumped)

The syslog show:
Nov 17 21:26:56 kernel: [340028.785042] nginx[17191]: segfault at 0 ip 00007fdb9bdfa746 sp 00007fff7c0475f8 error 4 in libc-2.23.so[7fdb9bd6f000+1c0000]
Nov 17 21:33:09 kernel: [340401.577572] nginx[17852]: segfault at 0 ip 00007fdb9bdfa746 sp 00007fff7c047678 error 4 in libc-2.23.so[7fdb9bd6f000+1c0000]

ps aux | grep nginx
root 15837 0.0 0.0 12944 1032 pts/0 S+ 09:12 0:00 grep --color=auto nginx
nginx 17186 0.8 3.1 1194640 1034896 ? S Nov14 50:05 nginx: worker process
nginx 17187 1.2 3.1 1194640 1039008 ? R Nov14 71:05 nginx: worker process
nginx 17188 1.8 3.1 1194640 1039072 ? S Nov14 102:29 nginx: worker process
nginx 17189 2.5 3.1 1194640 1039072 ? S Nov14 143:18 nginx: worker process
nginx 17190 4.0 3.1 1194640 1039072 ? R Nov14 228:49 nginx: worker process
nginx 17192 10.2 3.1 1194640 1039072 ? R Nov14 575:35 nginx: worker process
nginx 17193 12.0 3.1 1194640 1039072 ? R Nov14 677:13 nginx: worker process
nginx 18228 5.0 3.1 1194640 1039008 ? R Nov17 35:40 nginx: worker process
root 23669 0.0 3.0 1170036 1013272 ? Ss Nov14 0:17 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 23672 0.3 2.0 821436 667072 ? S Nov14 22:44 nginx: worker process is shutting down
nginx 23673 0.4 2.0 843064 688668 ? S Nov14 27:37 nginx: worker process is shutting down

Nginx Status:
Active connections: 463
server accepts handled requests
2009265 2009265 19419989
Reading: 2 Writing: 1300 Waiting: 321

My environment:
Ubuntu: 16.04.5
Nginx: 1.15.5
ModSecurity-nginx: 1.0.0

I have an open case at nginx support forum:
https://trac.nginx.org/nginx/ticket/1650

Can you confirm that this bug related to ModSecurity-nginx connector?

I can see that in https://github.com/SpiderLabs/ModSecurity-nginx/blob/master/CHANGES you plan to release new version, Does it include a fix to this problem?

If I re-compile the connector it will include the fixes mentioned in CHANGES?

Regards,
Kfir Man

[defanator]

@KfirManSnunit could you please provide a backtrace from one of coredumps? TIA.

[victorhora]

@KfirManSnunit can you also share your version of libModSecurity?

One issue that was known to be causing segfault was addressed here owasp-modsecurity/ModSecurity@fa5f378. Make sure your libModSecurity version have this commit applied. This one is already part of the latest release (3.0.3).

Also, you mention that you're running ModSecurity-nginx: 1.0.0., In case you have not cloned from master but used the 1.0.0 release version. There's important fixes there that you should consider in case you don't have them on your build.

[KfirManSnunit]

Thanks victorhora,
A little sloppy on my part but it seems to me that my problem was that every nginx upgrade I forget about the libmodsecuriy completely and upgrade only the connector.
The last time the libmodsecurity compile on that server was in July 2018.

I have re-compile both, libmodsecurity and ModSecurity-nginx connector from:
https://github.com/SpiderLabs/ModSecurity/tree/v3/master
https://github.com/SpiderLabs/ModSecurity-nginx

And so far 24h without nginx processes that are killed by segfault.
I'll let it work for a few days in a row and I'll update the results here.

[KfirManSnunit]

It has been almost two days without nginx processes killed by segfault Or any other error.
Moreover, after the update, WAF rules that were there all the time and were not enforced were suddenly start enforced And the load times have improved significantly.
Everything seems to be working better after the update.

I'll update in a few days if the segfault error is finally resolved.

[KfirManSnunit]

It has been several days without reload/restart nginx And no segfault Or any other error.
I confirm that after the update to the latest libmodsecurity and ModSecurity-nginx connector the problem has been solved!

[victorhora]

That's great news @KfirManSnunit. The community really appreciate you coming back here to let us know of your positive outcome and closing the issue. Thanks! :)

[KfirManSnunit]

Hi All,
The problem is back :(
I'm using:
nginx: v1.17.6
latest libmodsecurity from: https://github.com/SpiderLabs/ModSecurity v3/master
latest nginx conector from: https://github.com/SpiderLabs/ModSecurity-nginx.git

After further testing it was found that it was ModSecurity.
I have tested nginx without ModSecurity for 24h and no segfault, But as soon as I start up the service with ModSecurity I get segfault and nginx worker is killed.

syslog:
Nov 25 13:41:59 varnish62 kernel: [485324.474746] nginx[10347]: segfault at 0 ip 00007ffbbfa58646 sp 00007fff7c0c0d38 error 4 in libc-2.27.so[7ffbbf9a7000+1e7000]
Nov 25 13:43:00 varnish62 kernel: [485385.358807] nginx[10346]: segfault at 0 ip 00007ffbbfa58646 sp 00007fff7c0c0d38 error 4 in libc-2.27.so[7ffbbf9a7000+1e7000]

nginx log:
2019/11/25 13:41:59 [alert] 10345#10345: worker process 10347 exited on signal 11 (core dumped)
2019/11/25 13:43:00 [alert] 10345#10345: worker process 10346 exited on signal 11 (core dumped)

I use COMODO WAF v3 rules, Could there be a problem with the COMODO rules that could cause a problem?
Any other set of rules recommended?

Regards,
Kfir Man

[KfirManSnunit]

Still no success...
My nginx workers are still killed And cause my statistics of active connections a mess!!

My env info:
Ubuntu 18.04.3
Uname Output: Linux varnish62 4.15.0-70-generic #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Nginx v1.17.6
Latest libmodsecurity
Latest ModSecurity-nginx
COMODO WAF set rules v3

This is the stak trace from valgrind: "valgrind --leak-check=full -v nginx"

==15423== Memcheck, a memory error detector
==15423== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==15423== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==15423== Command: nginx
==15423==
--15423-- Valgrind options:
--15423-- --leak-check=full
--15423-- -v
--15423-- Contents of /proc/version:
--15423-- Linux version 4.15.0-70-generic (buildd@lgw01-amd64-055) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1)) #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019
--15423--
--15423-- Arch and hwcaps: AMD64, LittleEndian, amd64-cx16-rdtscp-sse3
--15423-- Page sizes: currently 4096, max supported 4096
--15423-- Valgrind library directory: /usr/lib/valgrind
--15423-- Reading syms from /usr/sbin/nginx
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/ld-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/ld-2.27.so ..
--15423-- .. CRC mismatch (computed 1b7c895e wanted 2943108a)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/ld-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/valgrind/memcheck-amd64-linux
--15423-- Considering /usr/lib/valgrind/memcheck-amd64-linux ..
--15423-- .. CRC mismatch (computed c25f395c wanted 0a9602a8)
--15423-- object doesn't have a symbol table
--15423-- object doesn't have a dynamic symbol table
--15423-- Scheduler: using generic scheduler lock implementation.
--15423-- Reading suppressions file: /usr/lib/valgrind/default.supp
==15423== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-15423-by-root-on-???
==15423== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-15423-by-root-on-???
==15423== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-15423-by-root-on-???
==15423==
==15423== TO CONTROL THIS PROCESS USING vgdb (which you probably
==15423== don't want to do, unless you know exactly what you're doing,
==15423== or are doing some strange experiment):
==15423== /usr/lib/valgrind/../../bin/vgdb --pid=15423 ...command...
==15423==
==15423== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==15423== /path/to/gdb nginx
==15423== and then give GDB the following command
==15423== target remote | /usr/lib/valgrind/../../bin/vgdb --pid=15423
==15423== --pid is optional if only one valgrind process is running
==15423==
--15423-- REDIR: 0x401f2f0 (ld-linux-x86-64.so.2:strlen) redirected to 0x58060901 (???)
--15423-- REDIR: 0x401f0d0 (ld-linux-x86-64.so.2:index) redirected to 0x5806091b (???)
--15423-- Reading syms from /usr/lib/valgrind/vgpreload_core-amd64-linux.so
--15423-- Considering /usr/lib/valgrind/vgpreload_core-amd64-linux.so ..
--15423-- .. CRC mismatch (computed 4b63d83e wanted 670599e6)
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so
--15423-- Considering /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so ..
--15423-- .. CRC mismatch (computed a4b37bee wanted 8ad4dc94)
--15423-- object doesn't have a symbol table
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x0401f2f0 (strlen ) R-> (0000.0) 0x58060901 ???
--15423-- new: 0x0401f2f0 (strlen ) R-> (2007.0) 0x04c32db0 strlen
--15423-- REDIR: 0x401d360 (ld-linux-x86-64.so.2:strcmp) redirected to 0x4c33ee0 (strcmp)
--15423-- REDIR: 0x401f830 (ld-linux-x86-64.so.2:mempcpy) redirected to 0x4c374f0 (mempcpy)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libdl-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libdl-2.27.so ..
--15423-- .. CRC mismatch (computed bd82fa02 wanted d1fdccc9)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libdl-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libpthread-2.27.so
--15423-- Considering /usr/lib/debug/.build-id/28/c6aade70b2d40d1f0f3d0a1a0cad1ab816448f.debug ..
--15423-- .. build-id is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libcrypt-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--15423-- .. CRC mismatch (computed 8955bf71 wanted 17b36cbd)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libpcre.so.3.13.3
--15423-- Considering /lib/x86_64-linux-gnu/libpcre.so.3.13.3 ..
--15423-- .. CRC mismatch (computed 23718752 wanted 0e9b5133)
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libssl.so.1.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libz.so.1.2.11
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libc-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libc-2.27.so ..
--15423-- .. CRC mismatch (computed b1c74187 wanted 042cc048)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libc-2.27.so ..
--15423-- .. CRC is valid
--15423-- REDIR: 0x611cc70 (libc.so.6:memmove) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd40 (libc.so.6:strncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cf50 (libc.so.6:strcasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b790 (libc.so.6:strcat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd70 (libc.so.6:rindex) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611e7c0 (libc.so.6:rawmemchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cde0 (libc.so.6:mempcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cc10 (libc.so.6:bcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd00 (libc.so.6:strncmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b800 (libc.so.6:strcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cd40 (libc.so.6:memset) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x613a0f0 (libc.so.6:wcschr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bca0 (libc.so.6:strnlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b870 (libc.so.6:strcspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cfa0 (libc.so.6:strncasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b840 (libc.so.6:strcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611d0e0 (libc.so.6:memcpy@@GLIBC_2.14) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bda0 (libc.so.6:strpbrk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b7c0 (libc.so.6:index) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bc70 (libc.so.6:strlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61266c0 (libc.so.6:memrchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cff0 (libc.so.6:strcasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cbe0 (libc.so.6:memchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x613aeb0 (libc.so.6:wcslen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611c050 (libc.so.6:strspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cf20 (libc.so.6:stpncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cef0 (libc.so.6:stpcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611e7f0 (libc.so.6:strchrnul) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611d040 (libc.so.6:strncasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61af8a0 (libc.so.6:__memcpy_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cb20 (libc.so.6:strstr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61af970 (libc.so.6:__memmove_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x612f330 (libc.so.6:__strrchr_sse2) redirected to 0x4c32790 (__strrchr_sse2)
--15423-- REDIR: 0x612f620 (libc.so.6:__strlen_sse2) redirected to 0x4c32d30 (__strlen_sse2)
--15423-- REDIR: 0x6115070 (libc.so.6:malloc) redirected to 0x4c2faa0 (malloc)
--15423-- REDIR: 0x6135b50 (libc.so.6:__stpcpy_sse2_unaligned) redirected to 0x4c36200 (__stpcpy_sse2_unaligned)
--15423-- REDIR: 0x6139440 (libc.so.6:__mempcpy_sse2_unaligned) redirected to 0x4c37130 (mempcpy)
--15423-- REDIR: 0x6115950 (libc.so.6:free) redirected to 0x4c30cd0 (free)
--15423-- REDIR: 0x6139460 (libc.so.6:memcpy@GLIBC_2.2.5) redirected to 0x4c34060 (memcpy@GLIBC_2.2.5)
--15423-- REDIR: 0x611c590 (libc.so.6:__GI_strstr) redirected to 0x4c37760 (__strstr_sse2)
--15423-- REDIR: 0x620dfc0 (libc.so.6:__memcmp_sse4_1) redirected to 0x4c35d50 (__memcmp_sse4_1)
--15423-- REDIR: 0x6127e70 (libc.so.6:__strcmp_sse2_unaligned) redirected to 0x4c33da0 (strcmp)
--15423-- REDIR: 0x6139870 (libc.so.6:__memset_sse2_unaligned) redirected to 0x4c365d0 (memset)
--15423-- REDIR: 0x62044f0 (libc.so.6:__strcasecmp_sse42) redirected to 0x4c335f0 (strcasecmp)
--15423-- REDIR: 0x6116c30 (libc.so.6:realloc) redirected to 0x4c31cb0 (realloc)
--15423-- REDIR: 0x6134540 (libc.so.6:__strcpy_sse2_unaligned) redirected to 0x4c32dd0 (strcpy)
--15423-- REDIR: 0x612ef00 (libc.so.6:__strchr_sse2) redirected to 0x4c328d0 (__strchr_sse2)
--15423-- REDIR: 0x6129970 (libc.so.6:__memchr_sse2) redirected to 0x4c33f80 (memchr)
--15423-- REDIR: 0x6203510 (libc.so.6:__strncmp_sse42) redirected to 0x4c33570 (__strncmp_sse42)
--15423-- REDIR: 0x62060a0 (libc.so.6:__strncasecmp_sse42) redirected to 0x4c336d0 (strncasecmp)
--15423-- REDIR: 0x6118d70 (libc.so.6:posix_memalign) redirected to 0x4c31f60 (posix_memalign)
--15423-- REDIR: 0x6118030 (libc.so.6:calloc) redirected to 0x4c31a70 (calloc)
--15423-- Reading syms from /usr/lib/nginx/modules/ngx_http_modsecurity_module.so
--15423-- Reading syms from /usr/local/modsecurity/lib/libmodsecurity.so.3.0.3
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.5.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libGeoIP.so.1.6.12
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/librt-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/librt-2.27.so ..
--15423-- .. CRC mismatch (computed 16979484 wanted f9e041e3)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/librt-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libyajl.so.2.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libm-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libm-2.27.so ..
--15423-- .. CRC mismatch (computed 7feae033 wanted b29b2508)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libm-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libgcc_s.so.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libnghttp2.so.14.15.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libidn2.so.0.3.3
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/librtmp.so.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libpsl.so.5.2.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libnettle.so.6.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgnutls.so.30.14.10
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.8
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.10.8
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libicuuc.so.60.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/liblzma.so.5.2.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhogweed.so.4.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.3.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.5
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libcom_err.so.2.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libresolv-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libresolv-2.27.so ..
--15423-- .. CRC mismatch (computed 4f654d8d wanted bb34a537)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libresolv-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libicudata.so.60.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libkeyutils.so.1.5
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimntlm.so.0.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libasn1.so.8.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhcrypto.so.4.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libroken.so.18.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libwind.so.0.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimbase.so.1.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhx509.so.5.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6
--15423-- object doesn't have a symbol table
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x611bcd0 (libc.so.6:strncat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x6139450 (libc.so.6:__memcpy_chk_sse2_unaligned) redirected to 0x4c375e0 (__memcpy_chk)
--15423-- REDIR: 0x7e00240 (libstdc++.so.6:operator new(unsigned long)) redirected to 0x4c30110 (operator new(unsigned long))
--15423-- REDIR: 0x612f120 (libc.so.6:__strchrnul_sse2) redirected to 0x4c37020 (strchrnul)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_compat-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--15423-- .. CRC mismatch (computed afe25112 wanted 3a92b55b)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_nis-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--15423-- .. CRC mismatch (computed 310534dc wanted 22d60ee8)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnsl-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnsl-2.27.so ..
--15423-- .. CRC mismatch (computed 5dfb2e24 wanted a9b787f5)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnsl-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_files-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--15423-- .. CRC mismatch (computed 5cdb0f74 wanted 1b4e69e7)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--15423-- .. CRC is valid
--15423-- REDIR: 0x7dfe380 (libstdc++.so.6:operator delete(void*)) redirected to 0x4c311d0 (operator delete(void*))
--15423-- REDIR: 0x62081b0 (libc.so.6:__strpbrk_sse42) redirected to 0x4c37860 (strpbrk)
--15423-- REDIR: 0x7e002f0 (libstdc++.so.6:operator new[](unsigned long)) redirected to 0x4c30830 (operator new[](unsigned long))
--15423-- REDIR: 0x7dfe3b0 (libstdc++.so.6:operator delete) redirected to 0x4c316d0 (operator delete)
--15423-- REDIR: 0x6138db0 (libc.so.6:__strstr_sse2_unaligned) redirected to 0x4c376e0 (strstr)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_dns-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--15423-- .. CRC mismatch (computed eb6c1db9 wanted a28abbc0)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--15423-- .. CRC is valid
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] still could not bind()
--15423-- Discarding syms at 0x6871380-0x6872b88 in /usr/lib/nginx/modules/ngx_http_modsecurity_module.so due to munmap()
--15423-- Discarding syms at 0xf3032a0-0xf3091c4 in /lib/x86_64-linux-gnu/libnss_compat-2.27.so due to munmap()
--15423-- Discarding syms at 0xf50e070-0xf5150d9 in /lib/x86_64-linux-gnu/libnss_nis-2.27.so due to munmap()
--15423-- Discarding syms at 0xf71c090-0xf729807 in /lib/x86_64-linux-gnu/libnsl-2.27.so due to munmap()
--15423-- Discarding syms at 0xf934350-0xf93ad7f in /lib/x86_64-linux-gnu/libnss_files-2.27.so due to munmap()
--15423-- Discarding syms at 0x14744f80-0x1474879b in /lib/x86_64-linux-gnu/libnss_dns-2.27.so due to munmap()
==15423==
==15423== HEAP SUMMARY:
==15423== in use at exit: 161,957 bytes in 428 blocks
==15423== total heap usage: 935,107 allocs, 934,679 frees, 67,881,781 bytes allocated
==15423==
==15423== Searching for pointers to 428 not-freed blocks
==15423== Checked 1,291,176 bytes
==15423==
==15423== 32 bytes in 1 blocks are definitely lost in loss record 6 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B2C8D8: yy::seclang_parser::parse() (seclang-parser.yy:319)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423== by 0x131310: main (in /usr/sbin/nginx)
==15423==
==15423== 62 (32 direct, 30 indirect) bytes in 1 blocks are definitely lost in loss record 9 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B6DE00: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1275)
==15423== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423==
==15423== 73 (32 direct, 41 indirect) bytes in 1 blocks are definitely lost in loss record 10 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B7EE94: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:143)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423== by 0x131310: main (in /usr/sbin/nginx)
==15423==
==15423== 1,024 bytes in 1 blocks are definitely lost in loss record 15 of 27
==15423== at 0x4C31E76: memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x4C31F91: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x1553DE: ngx_memalign (in /usr/sbin/nginx)
==15423== by 0x1339EB: ngx_create_pool (in /usr/sbin/nginx)
==15423== by 0x130E4F: main (in /usr/sbin/nginx)
==15423==
==15423== 1,957 (800 direct, 1,157 indirect) bytes in 25 blocks are definitely lost in loss record 20 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B6EE2B: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1247)
==15423== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423==
==15423== LEAK SUMMARY:
==15423== definitely lost: 1,920 bytes in 29 blocks
==15423== indirectly lost: 1,228 bytes in 27 blocks
==15423== possibly lost: 0 bytes in 0 blocks
==15423== still reachable: 158,809 bytes in 372 blocks
==15423== suppressed: 0 bytes in 0 blocks
==15423== Reachable blocks (those to which a pointer was found) are not shown.
==15423== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==15423==
==15423== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)
==15423== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)

Any help will be appreciated!