segfault at 0 ip 00007ffbbfa58646 sp 00007fff7c0c0d38 error 4 in libc-2.27.so

[KfirManSnunit]

Hello,
I've been trying for a while to figure out what cause the problem for unkilled worker, without success.
It started to happen since I installed ModSecurity-nginx according to this guide:
https://www.nginx.com/blog/compiling-and-installing-modsecurity-for-open-source-nginx/

I've seen these cases:
#19
#29
And it did not work for me.
It happens randomly and without any action on our part like "restart\reload\nginx -t"... And usually not during rush hours.

I've open this issue: owasp-modsecurity/ModSecurity-nginx#136
That set as "duplicate/invalid" buy way?

My env info:
Ubuntu 18.04.3
Uname Output: Linux varnish62 4.15.0-70-generic #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Nginx v1.17.6
Latest libmodsecurity
Latest ModSecurity-nginx
COMODO WAF set rules v3

syslog:
Nov 25 13:41:59 varnish62 kernel: [485324.474746] nginx[10347]: segfault at 0 ip 00007ffbbfa58646 sp 00007fff7c0c0d38 error 4 in libc-2.27.so[7ffbbf9a7000+1e7000]
Nov 25 13:43:00 varnish62 kernel: [485385.358807] nginx[10346]: segfault at 0 ip 00007ffbbfa58646 sp 00007fff7c0c0d38 error 4 in libc-2.27.so[7ffbbf9a7000+1e7000]

nginx log:
2019/11/25 13:41:59 [alert] 10345#10345: worker process 10347 exited on signal 11 (core dumped)
2019/11/25 13:43:00 [alert] 10345#10345: worker process 10346 exited on signal 11 (core dumped)

This is the stak trace from valgrind: "valgrind --leak-check=full -v nginx"

==15423== Memcheck, a memory error detector
==15423== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==15423== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==15423== Command: nginx
==15423==
--15423-- Valgrind options:
--15423-- --leak-check=full
--15423-- -v
--15423-- Contents of /proc/version:
--15423-- Linux version 4.15.0-70-generic (buildd@lgw01-amd64-055) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1)) #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019
--15423--
--15423-- Arch and hwcaps: AMD64, LittleEndian, amd64-cx16-rdtscp-sse3
--15423-- Page sizes: currently 4096, max supported 4096
--15423-- Valgrind library directory: /usr/lib/valgrind
--15423-- Reading syms from /usr/sbin/nginx
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/ld-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/ld-2.27.so ..
--15423-- .. CRC mismatch (computed 1b7c895e wanted 2943108a)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/ld-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/valgrind/memcheck-amd64-linux
--15423-- Considering /usr/lib/valgrind/memcheck-amd64-linux ..
--15423-- .. CRC mismatch (computed c25f395c wanted 0a9602a8)
--15423-- object doesn't have a symbol table
--15423-- object doesn't have a dynamic symbol table
--15423-- Scheduler: using generic scheduler lock implementation.
--15423-- Reading suppressions file: /usr/lib/valgrind/default.supp
==15423== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-15423-by-root-on-???
==15423== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-15423-by-root-on-???
==15423== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-15423-by-root-on-???
==15423==
==15423== TO CONTROL THIS PROCESS USING vgdb (which you probably
==15423== don't want to do, unless you know exactly what you're doing,
==15423== or are doing some strange experiment):
==15423== /usr/lib/valgrind/../../bin/vgdb --pid=15423 ...command...
==15423==
==15423== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==15423== /path/to/gdb nginx
==15423== and then give GDB the following command
==15423== target remote | /usr/lib/valgrind/../../bin/vgdb --pid=15423
==15423== --pid is optional if only one valgrind process is running
==15423==
--15423-- REDIR: 0x401f2f0 (ld-linux-x86-64.so.2:strlen) redirected to 0x58060901 (???)
--15423-- REDIR: 0x401f0d0 (ld-linux-x86-64.so.2:index) redirected to 0x5806091b (???)
--15423-- Reading syms from /usr/lib/valgrind/vgpreload_core-amd64-linux.so
--15423-- Considering /usr/lib/valgrind/vgpreload_core-amd64-linux.so ..
--15423-- .. CRC mismatch (computed 4b63d83e wanted 670599e6)
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so
--15423-- Considering /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so ..
--15423-- .. CRC mismatch (computed a4b37bee wanted 8ad4dc94)
--15423-- object doesn't have a symbol table
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x0401f2f0 (strlen ) R-> (0000.0) 0x58060901 ???
--15423-- new: 0x0401f2f0 (strlen ) R-> (2007.0) 0x04c32db0 strlen
--15423-- REDIR: 0x401d360 (ld-linux-x86-64.so.2:strcmp) redirected to 0x4c33ee0 (strcmp)
--15423-- REDIR: 0x401f830 (ld-linux-x86-64.so.2:mempcpy) redirected to 0x4c374f0 (mempcpy)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libdl-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libdl-2.27.so ..
--15423-- .. CRC mismatch (computed bd82fa02 wanted d1fdccc9)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libdl-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libpthread-2.27.so
--15423-- Considering /usr/lib/debug/.build-id/28/c6aade70b2d40d1f0f3d0a1a0cad1ab816448f.debug ..
--15423-- .. build-id is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libcrypt-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--15423-- .. CRC mismatch (computed 8955bf71 wanted 17b36cbd)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libpcre.so.3.13.3
--15423-- Considering /lib/x86_64-linux-gnu/libpcre.so.3.13.3 ..
--15423-- .. CRC mismatch (computed 23718752 wanted 0e9b5133)
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libssl.so.1.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libz.so.1.2.11
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libc-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libc-2.27.so ..
--15423-- .. CRC mismatch (computed b1c74187 wanted 042cc048)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libc-2.27.so ..
--15423-- .. CRC is valid
--15423-- REDIR: 0x611cc70 (libc.so.6:memmove) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd40 (libc.so.6:strncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cf50 (libc.so.6:strcasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b790 (libc.so.6:strcat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd70 (libc.so.6:rindex) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611e7c0 (libc.so.6:rawmemchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cde0 (libc.so.6:mempcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cc10 (libc.so.6:bcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bd00 (libc.so.6:strncmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b800 (libc.so.6:strcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cd40 (libc.so.6:memset) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x613a0f0 (libc.so.6:wcschr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bca0 (libc.so.6:strnlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b870 (libc.so.6:strcspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cfa0 (libc.so.6:strncasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b840 (libc.so.6:strcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611d0e0 (libc.so.6:memcpy@@GLIBC_2.14) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bda0 (libc.so.6:strpbrk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611b7c0 (libc.so.6:index) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611bc70 (libc.so.6:strlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61266c0 (libc.so.6:memrchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cff0 (libc.so.6:strcasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cbe0 (libc.so.6:memchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x613aeb0 (libc.so.6:wcslen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611c050 (libc.so.6:strspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cf20 (libc.so.6:stpncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cef0 (libc.so.6:stpcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611e7f0 (libc.so.6:strchrnul) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611d040 (libc.so.6:strncasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61af8a0 (libc.so.6:__memcpy_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x611cb20 (libc.so.6:strstr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--15423-- REDIR: 0x61af970 (libc.so.6:__memmove_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x612f330 (libc.so.6:__strrchr_sse2) redirected to 0x4c32790 (__strrchr_sse2)
--15423-- REDIR: 0x612f620 (libc.so.6:__strlen_sse2) redirected to 0x4c32d30 (__strlen_sse2)
--15423-- REDIR: 0x6115070 (libc.so.6:malloc) redirected to 0x4c2faa0 (malloc)
--15423-- REDIR: 0x6135b50 (libc.so.6:__stpcpy_sse2_unaligned) redirected to 0x4c36200 (__stpcpy_sse2_unaligned)
--15423-- REDIR: 0x6139440 (libc.so.6:__mempcpy_sse2_unaligned) redirected to 0x4c37130 (mempcpy)
--15423-- REDIR: 0x6115950 (libc.so.6:free) redirected to 0x4c30cd0 (free)
--15423-- REDIR: 0x6139460 (libc.so.6:memcpy@GLIBC_2.2.5) redirected to 0x4c34060 (memcpy@GLIBC_2.2.5)
--15423-- REDIR: 0x611c590 (libc.so.6:__GI_strstr) redirected to 0x4c37760 (__strstr_sse2)
--15423-- REDIR: 0x620dfc0 (libc.so.6:__memcmp_sse4_1) redirected to 0x4c35d50 (__memcmp_sse4_1)
--15423-- REDIR: 0x6127e70 (libc.so.6:__strcmp_sse2_unaligned) redirected to 0x4c33da0 (strcmp)
--15423-- REDIR: 0x6139870 (libc.so.6:__memset_sse2_unaligned) redirected to 0x4c365d0 (memset)
--15423-- REDIR: 0x62044f0 (libc.so.6:__strcasecmp_sse42) redirected to 0x4c335f0 (strcasecmp)
--15423-- REDIR: 0x6116c30 (libc.so.6:realloc) redirected to 0x4c31cb0 (realloc)
--15423-- REDIR: 0x6134540 (libc.so.6:__strcpy_sse2_unaligned) redirected to 0x4c32dd0 (strcpy)
--15423-- REDIR: 0x612ef00 (libc.so.6:__strchr_sse2) redirected to 0x4c328d0 (__strchr_sse2)
--15423-- REDIR: 0x6129970 (libc.so.6:__memchr_sse2) redirected to 0x4c33f80 (memchr)
--15423-- REDIR: 0x6203510 (libc.so.6:__strncmp_sse42) redirected to 0x4c33570 (__strncmp_sse42)
--15423-- REDIR: 0x62060a0 (libc.so.6:__strncasecmp_sse42) redirected to 0x4c336d0 (strncasecmp)
--15423-- REDIR: 0x6118d70 (libc.so.6:posix_memalign) redirected to 0x4c31f60 (posix_memalign)
--15423-- REDIR: 0x6118030 (libc.so.6:calloc) redirected to 0x4c31a70 (calloc)
--15423-- Reading syms from /usr/lib/nginx/modules/ngx_http_modsecurity_module.so
--15423-- Reading syms from /usr/local/modsecurity/lib/libmodsecurity.so.3.0.3
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.5.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libGeoIP.so.1.6.12
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/librt-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/librt-2.27.so ..
--15423-- .. CRC mismatch (computed 16979484 wanted f9e041e3)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/librt-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libyajl.so.2.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libm-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libm-2.27.so ..
--15423-- .. CRC mismatch (computed 7feae033 wanted b29b2508)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libm-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libgcc_s.so.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libnghttp2.so.14.15.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libidn2.so.0.3.3
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/librtmp.so.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libpsl.so.5.2.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libnettle.so.6.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgnutls.so.30.14.10
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.8
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.10.8
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libicuuc.so.60.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/liblzma.so.5.2.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhogweed.so.4.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.3.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.5
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libcom_err.so.2.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libresolv-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libresolv-2.27.so ..
--15423-- .. CRC mismatch (computed 4f654d8d wanted bb34a537)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libresolv-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libicudata.so.60.2
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /lib/x86_64-linux-gnu/libkeyutils.so.1.5
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimntlm.so.0.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libasn1.so.8.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhcrypto.so.4.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libroken.so.18.1.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libwind.so.0.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimbase.so.1.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libhx509.so.5.0.0
--15423-- object doesn't have a symbol table
--15423-- Reading syms from /usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6
--15423-- object doesn't have a symbol table
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x611bcd0 (libc.so.6:strncat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==15423== WARNING: new redirection conflicts with existing -- ignoring it
--15423-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--15423-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--15423-- REDIR: 0x6139450 (libc.so.6:__memcpy_chk_sse2_unaligned) redirected to 0x4c375e0 (__memcpy_chk)
--15423-- REDIR: 0x7e00240 (libstdc++.so.6:operator new(unsigned long)) redirected to 0x4c30110 (operator new(unsigned long))
--15423-- REDIR: 0x612f120 (libc.so.6:__strchrnul_sse2) redirected to 0x4c37020 (strchrnul)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_compat-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--15423-- .. CRC mismatch (computed afe25112 wanted 3a92b55b)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_nis-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--15423-- .. CRC mismatch (computed 310534dc wanted 22d60ee8)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnsl-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnsl-2.27.so ..
--15423-- .. CRC mismatch (computed 5dfb2e24 wanted a9b787f5)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnsl-2.27.so ..
--15423-- .. CRC is valid
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_files-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--15423-- .. CRC mismatch (computed 5cdb0f74 wanted 1b4e69e7)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--15423-- .. CRC is valid
--15423-- REDIR: 0x7dfe380 (libstdc++.so.6:operator delete(void*)) redirected to 0x4c311d0 (operator delete(void*))
--15423-- REDIR: 0x62081b0 (libc.so.6:__strpbrk_sse42) redirected to 0x4c37860 (strpbrk)
--15423-- REDIR: 0x7e002f0 (libstdc++.so.6:operator new[](unsigned long)) redirected to 0x4c30830 (operator new[](unsigned long))
--15423-- REDIR: 0x7dfe3b0 (libstdc++.so.6:operator delete) redirected to 0x4c316d0 (operator delete)
--15423-- REDIR: 0x6138db0 (libc.so.6:__strstr_sse2_unaligned) redirected to 0x4c376e0 (strstr)
--15423-- Reading syms from /lib/x86_64-linux-gnu/libnss_dns-2.27.so
--15423-- Considering /lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--15423-- .. CRC mismatch (computed eb6c1db9 wanted a28abbc0)
--15423-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--15423-- .. CRC is valid
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] still could not bind()
--15423-- Discarding syms at 0x6871380-0x6872b88 in /usr/lib/nginx/modules/ngx_http_modsecurity_module.so due to munmap()
--15423-- Discarding syms at 0xf3032a0-0xf3091c4 in /lib/x86_64-linux-gnu/libnss_compat-2.27.so due to munmap()
--15423-- Discarding syms at 0xf50e070-0xf5150d9 in /lib/x86_64-linux-gnu/libnss_nis-2.27.so due to munmap()
--15423-- Discarding syms at 0xf71c090-0xf729807 in /lib/x86_64-linux-gnu/libnsl-2.27.so due to munmap()
--15423-- Discarding syms at 0xf934350-0xf93ad7f in /lib/x86_64-linux-gnu/libnss_files-2.27.so due to munmap()
--15423-- Discarding syms at 0x14744f80-0x1474879b in /lib/x86_64-linux-gnu/libnss_dns-2.27.so due to munmap()
==15423==
==15423== HEAP SUMMARY:
==15423== in use at exit: 161,957 bytes in 428 blocks
==15423== total heap usage: 935,107 allocs, 934,679 frees, 67,881,781 bytes allocated
==15423==
==15423== Searching for pointers to 428 not-freed blocks
==15423== Checked 1,291,176 bytes
==15423==
==15423== 32 bytes in 1 blocks are definitely lost in loss record 6 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B2C8D8: yy::seclang_parser::parse() (seclang-parser.yy:319)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423== by 0x131310: main (in /usr/sbin/nginx)
==15423==
==15423== 62 (32 direct, 30 indirect) bytes in 1 blocks are definitely lost in loss record 9 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B6DE00: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1275)
==15423== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423==
==15423== 73 (32 direct, 41 indirect) bytes in 1 blocks are definitely lost in loss record 10 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B7EE94: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:143)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423== by 0x131310: main (in /usr/sbin/nginx)
==15423==
==15423== 1,024 bytes in 1 blocks are definitely lost in loss record 15 of 27
==15423== at 0x4C31E76: memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x4C31F91: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x1553DE: ngx_memalign (in /usr/sbin/nginx)
==15423== by 0x1339EB: ngx_create_pool (in /usr/sbin/nginx)
==15423== by 0x130E4F: main (in /usr/sbin/nginx)
==15423==
==15423== 1,957 (800 direct, 1,157 indirect) bytes in 25 blocks are definitely lost in loss record 20 of 27
==15423== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==15423== by 0x6B6EE2B: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1247)
==15423== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==15423== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==15423== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==15423== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==15423== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==15423== by 0x6871B4D: ???
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x16724D: ??? (in /usr/sbin/nginx)
==15423== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==15423== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==15423==
==15423== LEAK SUMMARY:
==15423== definitely lost: 1,920 bytes in 29 blocks
==15423== indirectly lost: 1,228 bytes in 27 blocks
==15423== possibly lost: 0 bytes in 0 blocks
==15423== still reachable: 158,809 bytes in 372 blocks
==15423== suppressed: 0 bytes in 0 blocks
==15423== Reachable blocks (those to which a pointer was found) are not shown.
==15423== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==15423==
==15423== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)
==15423== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)

To Reproduce
None

Rule Set

• Running public rule set of COMODO WAF v3

Any help will be appreciated!

[KfirManSnunit]

That is the output of: "valgrind --leak-check=full --show-leak-kinds=all -v nginx"

==19276== Memcheck, a memory error detector
==19276== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==19276== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==19276== Command: nginx
==19276==
--19276-- Valgrind options:
--19276-- --leak-check=full
--19276-- --show-leak-kinds=all
--19276-- -v
--19276-- Contents of /proc/version:
--19276-- Linux version 4.15.0-70-generic (buildd@lgw01-amd64-055) (gcc version 7.4.0 (Ubuntu 7.4.0-1ubuntu1~18.04.1)) #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019
--19276--
--19276-- Arch and hwcaps: AMD64, LittleEndian, amd64-cx16-rdtscp-sse3
--19276-- Page sizes: currently 4096, max supported 4096
--19276-- Valgrind library directory: /usr/lib/valgrind
--19276-- Reading syms from /usr/sbin/nginx
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/ld-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/ld-2.27.so ..
--19276-- .. CRC mismatch (computed 1b7c895e wanted 2943108a)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/ld-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /usr/lib/valgrind/memcheck-amd64-linux
--19276-- Considering /usr/lib/valgrind/memcheck-amd64-linux ..
--19276-- .. CRC mismatch (computed c25f395c wanted 0a9602a8)
--19276-- object doesn't have a symbol table
--19276-- object doesn't have a dynamic symbol table
--19276-- Scheduler: using generic scheduler lock implementation.
--19276-- Reading suppressions file: /usr/lib/valgrind/default.supp
==19276== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-19276-by-root-on-???
==19276== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-19276-by-root-on-???
==19276== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-19276-by-root-on-???
==19276==
==19276== TO CONTROL THIS PROCESS USING vgdb (which you probably
==19276== don't want to do, unless you know exactly what you're doing,
==19276== or are doing some strange experiment):
==19276== /usr/lib/valgrind/../../bin/vgdb --pid=19276 ...command...
==19276==
==19276== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==19276== /path/to/gdb nginx
==19276== and then give GDB the following command
==19276== target remote | /usr/lib/valgrind/../../bin/vgdb --pid=19276
==19276== --pid is optional if only one valgrind process is running
==19276==
--19276-- REDIR: 0x401f2f0 (ld-linux-x86-64.so.2:strlen) redirected to 0x58060901 (???)
--19276-- REDIR: 0x401f0d0 (ld-linux-x86-64.so.2:index) redirected to 0x5806091b (???)
--19276-- Reading syms from /usr/lib/valgrind/vgpreload_core-amd64-linux.so
--19276-- Considering /usr/lib/valgrind/vgpreload_core-amd64-linux.so ..
--19276-- .. CRC mismatch (computed 4b63d83e wanted 670599e6)
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so
--19276-- Considering /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so ..
--19276-- .. CRC mismatch (computed a4b37bee wanted 8ad4dc94)
--19276-- object doesn't have a symbol table
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x0401f2f0 (strlen ) R-> (0000.0) 0x58060901 ???
--19276-- new: 0x0401f2f0 (strlen ) R-> (2007.0) 0x04c32db0 strlen
--19276-- REDIR: 0x401d360 (ld-linux-x86-64.so.2:strcmp) redirected to 0x4c33ee0 (strcmp)
--19276-- REDIR: 0x401f830 (ld-linux-x86-64.so.2:mempcpy) redirected to 0x4c374f0 (mempcpy)
--19276-- Reading syms from /lib/x86_64-linux-gnu/libdl-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libdl-2.27.so ..
--19276-- .. CRC mismatch (computed bd82fa02 wanted d1fdccc9)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libdl-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libpthread-2.27.so
--19276-- Considering /usr/lib/debug/.build-id/28/c6aade70b2d40d1f0f3d0a1a0cad1ab816448f.debug ..
--19276-- .. build-id is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libcrypt-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--19276-- .. CRC mismatch (computed 8955bf71 wanted 17b36cbd)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libcrypt-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libpcre.so.3.13.3
--19276-- Considering /lib/x86_64-linux-gnu/libpcre.so.3.13.3 ..
--19276-- .. CRC mismatch (computed 23718752 wanted 0e9b5133)
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libssl.so.1.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libz.so.1.2.11
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libc-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libc-2.27.so ..
--19276-- .. CRC mismatch (computed b1c74187 wanted 042cc048)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libc-2.27.so ..
--19276-- .. CRC is valid
--19276-- REDIR: 0x611cc70 (libc.so.6:memmove) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bd40 (libc.so.6:strncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cf50 (libc.so.6:strcasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611b790 (libc.so.6:strcat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bd70 (libc.so.6:rindex) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611e7c0 (libc.so.6:rawmemchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cde0 (libc.so.6:mempcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cc10 (libc.so.6:bcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bd00 (libc.so.6:strncmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611b800 (libc.so.6:strcmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cd40 (libc.so.6:memset) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x613a0f0 (libc.so.6:wcschr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bca0 (libc.so.6:strnlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611b870 (libc.so.6:strcspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cfa0 (libc.so.6:strncasecmp) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611b840 (libc.so.6:strcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611d0e0 (libc.so.6:memcpy@@GLIBC_2.14) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bda0 (libc.so.6:strpbrk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611b7c0 (libc.so.6:index) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611bc70 (libc.so.6:strlen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x61266c0 (libc.so.6:memrchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cff0 (libc.so.6:strcasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cbe0 (libc.so.6:memchr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x613aeb0 (libc.so.6:wcslen) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611c050 (libc.so.6:strspn) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cf20 (libc.so.6:stpncpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cef0 (libc.so.6:stpcpy) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611e7f0 (libc.so.6:strchrnul) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611d040 (libc.so.6:strncasecmp_l) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x61af8a0 (libc.so.6:__memcpy_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x611cb20 (libc.so.6:strstr) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
--19276-- REDIR: 0x61af970 (libc.so.6:__memmove_chk) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--19276-- REDIR: 0x612f330 (libc.so.6:__strrchr_sse2) redirected to 0x4c32790 (__strrchr_sse2)
--19276-- REDIR: 0x612f620 (libc.so.6:__strlen_sse2) redirected to 0x4c32d30 (__strlen_sse2)
--19276-- REDIR: 0x6115070 (libc.so.6:malloc) redirected to 0x4c2faa0 (malloc)
--19276-- REDIR: 0x6135b50 (libc.so.6:__stpcpy_sse2_unaligned) redirected to 0x4c36200 (__stpcpy_sse2_unaligned)
--19276-- REDIR: 0x6139440 (libc.so.6:__mempcpy_sse2_unaligned) redirected to 0x4c37130 (mempcpy)
--19276-- REDIR: 0x6115950 (libc.so.6:free) redirected to 0x4c30cd0 (free)
--19276-- REDIR: 0x6139460 (libc.so.6:memcpy@GLIBC_2.2.5) redirected to 0x4c34060 (memcpy@GLIBC_2.2.5)
--19276-- REDIR: 0x611c590 (libc.so.6:__GI_strstr) redirected to 0x4c37760 (__strstr_sse2)
--19276-- REDIR: 0x620dfc0 (libc.so.6:__memcmp_sse4_1) redirected to 0x4c35d50 (__memcmp_sse4_1)
--19276-- REDIR: 0x6127e70 (libc.so.6:__strcmp_sse2_unaligned) redirected to 0x4c33da0 (strcmp)
--19276-- REDIR: 0x6139870 (libc.so.6:__memset_sse2_unaligned) redirected to 0x4c365d0 (memset)
--19276-- REDIR: 0x62044f0 (libc.so.6:__strcasecmp_sse42) redirected to 0x4c335f0 (strcasecmp)
--19276-- REDIR: 0x6116c30 (libc.so.6:realloc) redirected to 0x4c31cb0 (realloc)
--19276-- REDIR: 0x6134540 (libc.so.6:__strcpy_sse2_unaligned) redirected to 0x4c32dd0 (strcpy)
--19276-- REDIR: 0x612ef00 (libc.so.6:__strchr_sse2) redirected to 0x4c328d0 (__strchr_sse2)
--19276-- REDIR: 0x6129970 (libc.so.6:__memchr_sse2) redirected to 0x4c33f80 (memchr)
--19276-- REDIR: 0x6203510 (libc.so.6:__strncmp_sse42) redirected to 0x4c33570 (__strncmp_sse42)
--19276-- REDIR: 0x62060a0 (libc.so.6:__strncasecmp_sse42) redirected to 0x4c336d0 (strncasecmp)
--19276-- REDIR: 0x6118d70 (libc.so.6:posix_memalign) redirected to 0x4c31f60 (posix_memalign)
--19276-- REDIR: 0x6118030 (libc.so.6:calloc) redirected to 0x4c31a70 (calloc)
--19276-- Reading syms from /usr/lib/nginx/modules/ngx_http_modsecurity_module.so
--19276-- Reading syms from /usr/local/modsecurity/lib/libmodsecurity.so.3.0.3
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.5.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libGeoIP.so.1.6.12
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/librt-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/librt-2.27.so ..
--19276-- .. CRC mismatch (computed 16979484 wanted f9e041e3)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/librt-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libxml2.so.2.9.4
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libyajl.so.2.1.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libm-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libm-2.27.so ..
--19276-- .. CRC mismatch (computed 7feae033 wanted b29b2508)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libm-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libgcc_s.so.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libnghttp2.so.14.15.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libidn2.so.0.3.3
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/librtmp.so.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libpsl.so.5.2.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libnettle.so.6.4
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libgnutls.so.30.14.10
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2.10.8
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2.10.8
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libicuuc.so.60.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/liblzma.so.5.2.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libunistring.so.2.1.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libhogweed.so.4.4
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0.3.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libtasn1.so.6.5.5
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.3.3
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libk5crypto.so.3.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libcom_err.so.2.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5support.so.0.1
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libresolv-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libresolv-2.27.so ..
--19276-- .. CRC mismatch (computed 4f654d8d wanted bb34a537)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libresolv-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libsasl2.so.2.0.25
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libgssapi.so.3.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libicudata.so.60.2
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libffi.so.6.0.4
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /lib/x86_64-linux-gnu/libkeyutils.so.1.5
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimntlm.so.0.1.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libkrb5.so.26.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libasn1.so.8.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libhcrypto.so.4.1.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libroken.so.18.1.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libwind.so.0.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libheimbase.so.1.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libhx509.so.5.0.0
--19276-- object doesn't have a symbol table
--19276-- Reading syms from /usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6
--19276-- object doesn't have a symbol table
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--19276-- REDIR: 0x611bcd0 (libc.so.6:strncat) redirected to 0x4a2a6e0 (_vgnU_ifunc_wrapper)
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
==19276== WARNING: new redirection conflicts with existing -- ignoring it
--19276-- old: 0x06139450 (__memcpy_chk_sse2_un) R-> (2030.0) 0x04c375e0 __memcpy_chk
--19276-- new: 0x06139450 (__memcpy_chk_sse2_un) R-> (2024.0) 0x04c36fa0 __memmove_chk
--19276-- REDIR: 0x6139450 (libc.so.6:__memcpy_chk_sse2_unaligned) redirected to 0x4c375e0 (__memcpy_chk)
--19276-- REDIR: 0x7e00240 (libstdc++.so.6:operator new(unsigned long)) redirected to 0x4c30110 (operator new(unsigned long))
--19276-- REDIR: 0x612f120 (libc.so.6:__strchrnul_sse2) redirected to 0x4c37020 (strchrnul)
--19276-- Reading syms from /lib/x86_64-linux-gnu/libnss_compat-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--19276-- .. CRC mismatch (computed afe25112 wanted 3a92b55b)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_compat-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libnss_nis-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--19276-- .. CRC mismatch (computed 310534dc wanted 22d60ee8)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_nis-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libnsl-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libnsl-2.27.so ..
--19276-- .. CRC mismatch (computed 5dfb2e24 wanted a9b787f5)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnsl-2.27.so ..
--19276-- .. CRC is valid
--19276-- Reading syms from /lib/x86_64-linux-gnu/libnss_files-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--19276-- .. CRC mismatch (computed 5cdb0f74 wanted 1b4e69e7)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_files-2.27.so ..
--19276-- .. CRC is valid
--19276-- REDIR: 0x7dfe380 (libstdc++.so.6:operator delete(void*)) redirected to 0x4c311d0 (operator delete(void*))
--19276-- REDIR: 0x62081b0 (libc.so.6:__strpbrk_sse42) redirected to 0x4c37860 (strpbrk)
--19276-- REDIR: 0x7e002f0 (libstdc++.so.6:operator new[](unsigned long)) redirected to 0x4c30830 (operator new[](unsigned long))
--19276-- REDIR: 0x7dfe3b0 (libstdc++.so.6:operator delete) redirected to 0x4c316d0 (operator delete)
--19276-- REDIR: 0x6138db0 (libc.so.6:__strstr_sse2_unaligned) redirected to 0x4c376e0 (strstr)
--19276-- Reading syms from /lib/x86_64-linux-gnu/libnss_dns-2.27.so
--19276-- Considering /lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--19276-- .. CRC mismatch (computed eb6c1db9 wanted a28abbc0)
--19276-- Considering /usr/lib/debug/lib/x86_64-linux-gnu/libnss_dns-2.27.so ..
--19276-- .. CRC is valid
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address already in use)
nginx: [emerg] bind() to 0.0.0.0:1337 failed (98: Address already in use)
nginx: [emerg] still could not bind()
--19276-- Discarding syms at 0x6871380-0x6872b88 in /usr/lib/nginx/modules/ngx_http_modsecurity_module.so due to munmap()
--19276-- Discarding syms at 0xf3032a0-0xf3091c4 in /lib/x86_64-linux-gnu/libnss_compat-2.27.so due to munmap()
--19276-- Discarding syms at 0xf50e070-0xf5150d9 in /lib/x86_64-linux-gnu/libnss_nis-2.27.so due to munmap()
--19276-- Discarding syms at 0xf71c090-0xf729807 in /lib/x86_64-linux-gnu/libnsl-2.27.so due to munmap()
--19276-- Discarding syms at 0xf934350-0xf93ad7f in /lib/x86_64-linux-gnu/libnss_files-2.27.so due to munmap()
--19276-- Discarding syms at 0x14744f80-0x1474879b in /lib/x86_64-linux-gnu/libnss_dns-2.27.so due to munmap()
==19276==
==19276== HEAP SUMMARY:
==19276== in use at exit: 161,957 bytes in 428 blocks
==19276== total heap usage: 935,107 allocs, 934,679 frees, 67,881,781 bytes allocated
==19276==
==19276== Searching for pointers to 428 not-freed blocks
==19276== Checked 1,291,176 bytes
==19276==
==19276== 6 bytes in 1 blocks are still reachable in loss record 1 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x15533E: ngx_alloc (in /usr/sbin/nginx)
==19276== by 0x130EC8: main (in /usr/sbin/nginx)
==19276==
==19276== 16 bytes in 1 blocks are still reachable in loss record 2 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x15533E: ngx_alloc (in /usr/sbin/nginx)
==19276== by 0x130E88: main (in /usr/sbin/nginx)
==19276==
==19276== 30 bytes in 1 blocks are indirectly lost in loss record 3 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B5B9EC: void std::__cxx11::basic_string<char, std::char_traits, std::allocator >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) [clone .isra.96] (basic_string.tcc:219)
==19276== by 0x6B6DE25: _M_construct_aux<char*> (basic_string.h:236)
==19276== by 0x6B6DE25: _M_construct<char*> (basic_string.h:255)
==19276== by 0x6B6DE25: basic_string (basic_string.h:440)
==19276== by 0x6B6DE25: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1275)
==19276== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276==
==19276== 32 bytes in 1 blocks are still reachable in loss record 4 of 27
==19276== at 0x4C31B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4E3D7E4: _dlerror_run (dlerror.c:140)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276== by 0x131895: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 32 bytes in 1 blocks are still reachable in loss record 5 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4012C94: allocate_dtv_entry (dl-tls.c:582)
==19276== by 0x4012C94: allocate_and_init (dl-tls.c:607)
==19276== by 0x4012C94: tls_get_addr_tail (dl-tls.c:787)
==19276== by 0x4019A27: __tls_get_addr (tls_get_addr.S:55)
==19276== by 0x6B97D64: call_once<modsecurity::UniqueId::uniqueId()::<lambda()> > (mutex:676)
==19276== by 0x6B97D64: uniqueId (unique_id.h:41)
==19276== by 0x6B97D64: modsecurity::ModSecurity::ModSecurity() (modsecurity.cc:81)
==19276== by 0x6B982EA: msc_init (modsecurity.cc:494)
==19276== by 0x6871677: ???
==19276== by 0x1670EA: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 32 bytes in 1 blocks are definitely lost in loss record 6 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B2C8D8: yy::seclang_parser::parse() (seclang-parser.yy:319)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 41 bytes in 1 blocks are indirectly lost in loss record 7 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B7D5DC: void std::__cxx11::basic_string<char, std::char_traits, std::allocator >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) [clone .isra.86] (basic_string.tcc:219)
==19276== by 0x6B7EEB3: _M_construct_aux<char*> (basic_string.h:236)
==19276== by 0x6B7EEB3: _M_construct<char*> (basic_string.h:255)
==19276== by 0x6B7EEB3: basic_string (basic_string.h:440)
==19276== by 0x6B7EEB3: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:143)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 47 bytes in 1 blocks are still reachable in loss record 8 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x40063B6: open_path (dl-load.c:2035)
==19276== by 0x40091EC: _dl_map_object (dl-load.c:2229)
==19276== by 0x400E311: openaux (dl-deps.c:63)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x400E617: _dl_map_object_deps (dl-deps.c:249)
==19276== by 0x4014F48: dl_open_worker (dl-open.c:278)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276==
==19276== 62 (32 direct, 30 indirect) bytes in 1 blocks are definitely lost in loss record 9 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B6DE00: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1275)
==19276== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276==
==19276== 73 (32 direct, 41 indirect) bytes in 1 blocks are definitely lost in loss record 10 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B7EE94: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:143)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 176 bytes in 2 blocks are still reachable in loss record 11 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x400BD10: add_dependency (dl-lookup.c:711)
==19276== by 0x400BD10: _dl_lookup_symbol_x (dl-lookup.c:910)
==19276== by 0x400CAF8: elf_machine_rela (dl-machine.h:308)
==19276== by 0x400CAF8: elf_dynamic_do_Rela (do-rel.h:137)
==19276== by 0x400CAF8: _dl_relocate_object (dl-reloc.c:258)
==19276== by 0x40150BC: dl_open_worker (dl-open.c:382)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276== by 0x131895: ??? (in /usr/sbin/nginx)
==19276==
==19276== 528 bytes in 1 blocks are still reachable in loss record 12 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4014462: add_to_global (dl-open.c:105)
==19276== by 0x4015473: dl_open_worker (dl-open.c:527)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276== by 0x131895: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276==
==19276== 552 bytes in 1 blocks are still reachable in loss record 13 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x60FCE49: __fopen_internal (iofopen.c:65)
==19276== by 0x60FCE49: fopen@@GLIBC_2.2.5 (iofopen.c:89)
==19276== by 0x6C16DAC: modsecurity::utils::SharedFiles::add_new_handler(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (shared_files.cc:60)
==19276== by 0x6C1728D: modsecurity::utils::SharedFiles::open(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (shared_files.cc:137)
==19276== by 0x6B9F873: modsecurity::debug_log::DebugLogWriter::open(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (debug_log_writer.cc:37)
==19276== by 0x6B3CC93: yy::seclang_parser::parse() (seclang-parser.yy:1513)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276==
==19276== 552 bytes in 1 blocks are still reachable in loss record 14 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x60FCE49: __fopen_internal (iofopen.c:65)
==19276== by 0x60FCE49: fopen@@GLIBC_2.2.5 (iofopen.c:89)
==19276== by 0x6C16DAC: modsecurity::utils::SharedFiles::add_new_handler(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (shared_files.cc:60)
==19276== by 0x6C1728D: modsecurity::utils::SharedFiles::open(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (shared_files.cc:137)
==19276== by 0x6B95AE5: modsecurity::audit_log::writer::Parallel::init(std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (parallel.cc:80)
==19276== by 0x6B941AA: modsecurity::audit_log::AuditLog::init(std::__cxx11::basic_string<char, std::char_traits, std::allocator >) (audit_log.cc:240)
==19276== by 0x6B9E748: modsecurity::RulesProperties::mergeProperties(modsecurity::RulesProperties*, modsecurity::RulesProperties*, std::__cxx11::basic_ostringstream<char, std::char_traits, std::allocator >) (rules_properties.h:442)
==19276== by 0x6B9C776: modsecurity::Rules::loadFromUri(char const) (rules.cc:104)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276==
==19276== 1,024 bytes in 1 blocks are definitely lost in loss record 15 of 27
==19276== at 0x4C31E76: memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4C31F91: posix_memalign (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x1553DE: ngx_memalign (in /usr/sbin/nginx)
==19276== by 0x1339EB: ngx_create_pool (in /usr/sbin/nginx)
==19276== by 0x130E4F: main (in /usr/sbin/nginx)
==19276==
==19276== 1,157 bytes in 25 blocks are indirectly lost in loss record 16 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B5B9EC: void std::__cxx11::basic_string<char, std::char_traits, std::allocator >::_M_construct<char*>(char*, char*, std::forward_iterator_tag) [clone .isra.96] (basic_string.tcc:219)
==19276== by 0x6B6EE50: _M_construct_aux<char*> (basic_string.h:236)
==19276== by 0x6B6EE50: _M_construct<char*> (basic_string.h:255)
==19276== by 0x6B6EE50: basic_string (basic_string.h:440)
==19276== by 0x6B6EE50: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1247)
==19276== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276==
==19276== 1,408 bytes in 44 blocks are still reachable in loss record 17 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4016027: _dl_close_worker.part.0 (dl-close.c:395)
==19276== by 0x4016AA9: _dl_close_worker (dl-close.c:125)
==19276== by 0x4016AA9: _dl_close (dl-close.c:842)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D0B2: dlclose (dlclose.c:46)
==19276== by 0x131EF5: ??? (in /usr/sbin/nginx)
==19276== by 0x133A85: ngx_destroy_pool (in /usr/sbin/nginx)
==19276== by 0x144405: ngx_init_cycle (in /usr/sbin/nginx)
==19276== by 0x131310: main (in /usr/sbin/nginx)
==19276==
==19276== 1,779 bytes in 44 blocks are still reachable in loss record 18 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x401D329: strdup (strdup.c:42)
==19276== by 0x4018656: _dl_load_cache_lookup (dl-cache.c:315)
==19276== by 0x4009382: _dl_map_object (dl-load.c:2255)
==19276== by 0x400E311: openaux (dl-deps.c:63)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x400E617: _dl_map_object_deps (dl-deps.c:249)
==19276== by 0x4014F48: dl_open_worker (dl-open.c:278)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276==
==19276== 1,826 bytes in 45 blocks are still reachable in loss record 19 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x400C3E7: _dl_new_object (dl-object.c:163)
==19276== by 0x40069A4: _dl_map_object_from_fd (dl-load.c:943)
==19276== by 0x4008FFB: _dl_map_object (dl-load.c:2389)
==19276== by 0x400E311: openaux (dl-deps.c:63)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x400E617: _dl_map_object_deps (dl-deps.c:249)
==19276== by 0x4014F48: dl_open_worker (dl-open.c:278)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276==
==19276== 1,957 (800 direct, 1,157 indirect) bytes in 25 blocks are definitely lost in loss record 20 of 27
==19276== at 0x4C3017F: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x6B6EE2B: yylex(modsecurity::Parser::Driver&) (seclang-scanner.ll:1247)
==19276== by 0x6B2D5CF: yy::seclang_parser::parse() (seclang-parser.cc:1161)
==19276== by 0x6B7EEFD: modsecurity::Parser::Driver::parse(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&, std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:154)
==19276== by 0x6B7F27E: modsecurity::Parser::Driver::parseFile(std::__cxx11::basic_string<char, std::char_traits, std::allocator > const&) (driver.cc:185)
==19276== by 0x6B9C750: modsecurity::Rules::loadFromUri(char const*) (rules.cc:98)
==19276== by 0x6B9CA84: msc_rules_add_file (rules.cc:346)
==19276== by 0x6871B4D: ???
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x16724D: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276== by 0x1440EB: ngx_init_cycle (in /usr/sbin/nginx)
==19276==
==19276== 2,086 bytes in 1 blocks are still reachable in loss record 21 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x15533E: ngx_alloc (in /usr/sbin/nginx)
==19276== by 0x158831: ngx_init_setproctitle (in /usr/sbin/nginx)
==19276== by 0x1589E2: ngx_os_init (in /usr/sbin/nginx)
==19276== by 0x13106B: main (in /usr/sbin/nginx)
==19276==
==19276== 2,160 bytes in 1 blocks are still reachable in loss record 22 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x155271: ngx_strerror_init (in /usr/sbin/nginx)
==19276== by 0x130A5F: main (in /usr/sbin/nginx)
==19276==
==19276== 3,030 bytes in 135 blocks are still reachable in loss record 23 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x1552D7: ngx_strerror_init (in /usr/sbin/nginx)
==19276== by 0x130A5F: main (in /usr/sbin/nginx)
==19276==
==19276== 4,064 bytes in 1 blocks are still reachable in loss record 24 of 27
==19276== at 0x4C31B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x400ACF9: do_lookup_unique (dl-lookup.c:251)
==19276== by 0x400ACF9: do_lookup_x (dl-lookup.c:527)
==19276== by 0x400B1EE: _dl_lookup_symbol_x (dl-lookup.c:813)
==19276== by 0x400CAF8: elf_machine_rela (dl-machine.h:308)
==19276== by 0x400CAF8: elf_dynamic_do_Rela (do-rel.h:137)
==19276== by 0x400CAF8: _dl_relocate_object (dl-reloc.c:258)
==19276== by 0x40150BC: dl_open_worker (dl-open.c:382)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276==
==19276== 14,568 bytes in 45 blocks are still reachable in loss record 25 of 27
==19276== at 0x4C31B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x4011E85: _dl_check_map_versions (dl-version.c:274)
==19276== by 0x401524B: dl_open_worker (dl-open.c:284)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276== by 0x131895: ??? (in /usr/sbin/nginx)
==19276== by 0x1469B1: ngx_conf_parse (in /usr/sbin/nginx)
==19276==
==19276== 53,243 bytes in 45 blocks are still reachable in loss record 26 of 27
==19276== at 0x4C31B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x400C100: _dl_new_object (dl-object.c:73)
==19276== by 0x40069A4: _dl_map_object_from_fd (dl-load.c:943)
==19276== by 0x4008FFB: _dl_map_object (dl-load.c:2389)
==19276== by 0x400E311: openaux (dl-deps.c:63)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x400E617: _dl_map_object_deps (dl-deps.c:249)
==19276== by 0x4014F48: dl_open_worker (dl-open.c:278)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276==
==19276== 72,704 bytes in 1 blocks are still reachable in loss record 27 of 27
==19276== at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==19276== by 0x7DFC415: ??? (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.25)
==19276== by 0x4010732: call_init (dl-init.c:72)
==19276== by 0x4010732: _dl_init (dl-init.c:119)
==19276== by 0x40151FE: dl_open_worker (dl-open.c:522)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x40147C9: _dl_open (dl-open.c:605)
==19276== by 0x4E3CF95: dlopen_doit (dlopen.c:66)
==19276== by 0x61E52DE: _dl_catch_exception (dl-error-skeleton.c:196)
==19276== by 0x61E536E: _dl_catch_error (dl-error-skeleton.c:215)
==19276== by 0x4E3D734: _dlerror_run (dlerror.c:162)
==19276== by 0x4E3D050: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==19276== by 0x131895: ??? (in /usr/sbin/nginx)
==19276==
==19276== LEAK SUMMARY:
==19276== definitely lost: 1,920 bytes in 29 blocks
==19276== indirectly lost: 1,228 bytes in 27 blocks
==19276== possibly lost: 0 bytes in 0 blocks
==19276== still reachable: 158,809 bytes in 372 blocks
==19276== suppressed: 0 bytes in 0 blocks
==19276==
==19276== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)
==19276== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)

[KfirManSnunit]

And this is my nginx.conf file:

load_module modules/ngx_http_modsecurity_module.so;

user  nginx nginx;
worker_processes auto;

#Fix for error 502 from Nginx
worker_rlimit_nofile 30000;

events {
    worker_connections  1024;
}

http {
        include       mime.types;
        default_type  application/octet-stream;
        # https://stackoverflow.com/questions/6236078/how-to-clear-the-cache-of-nginx
        # sendfile on , May casue cache of content even if proxy_cache isn't used
        sendfile                        off; # causes it not to block on disk I/O, but, instead, report back that the data are not in memory.
        tcp_nopush                      on; # sending the response header and the beginning of a file in one packet.
        tcp_nodelay                     on; # enabled on SSL connections, for unbuffered proxying, and for WebSocket proxying.
        types_hash_max_size             2048; # Sets the maximum size of the types hash tables.
        server_tokens                   off; # emitting nginx version on error pages and in the “Server” response header field.
        keepalive_timeout               15; # assigns the timeout value for keep-alive connections with the client.
        client_body_timeout             12; # Defines a timeout for reading client request body.
        client_header_timeout           12; # Defines a timeout for reading client request header.
        send_timeout                    10; # sets a timeout for transmitting a response to the client.
        reset_timedout_connection       on; # This helps avoid keeping an already closed socket with filled buffers.
        client_max_body_size            20m; # maximum allowed size for a client request.
        client_body_buffer_size         10k; # handles the client buffer size (POST actions, such as form submissions) sent to NGINX.
        client_header_buffer_size       1k; # handless the client header size.
        large_client_header_buffers     4 16k; # maximum number of buffers for large client headers.

        ##
        # Gzip Settings
        ##

        #gzip_disable "msie6";
        gzip  off;

        # redirect server error pages to the static page /50x.html
        #
        error_page 400 /400.html;
        error_page 401 /401.html;
        error_page 403 /403.html;
        error_page 404 /var/www/html/404.html;
        error_page 500 /500.html;
        error_page 502 /502.html;
        error_page 504 /504.html;

        ##
        # Header Settings
        ##

        # Security Header - Up to consideration
        #add_header X-Content-Type-Options nosniff;

        #Proxy hide headers of nginx & backend web servers
        proxy_hide_header server;
        proxy_hide_header via;
        proxy_buffers 16 16k;
        proxy_buffer_size 16k;

        ##
        # Global Proxy Settings
        ##

        proxy_redirect off;

        ##
        # SSL Settings - HTTPS server
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
        proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        proxy_ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
        ssl_stapling                    on;
        ssl_stapling_verify             on;
        ssl_session_cache               shared:SSL:10m;
        ssl_prefer_server_ciphers       on;
        ssl_session_timeout             1d;
        ssl_session_tickets             off;
        resolver                        8.8.8.8 8.8.4.4 valid=300s;
        resolver_timeout                10s;
        ssl_dhparam                     /etc/nginx/cert/dhparams.pem;
        ssl_buffer_size                 20k;
        ssl_trusted_certificate         /etc/nginx/ssl/Lets-Encrypt-Authority-X3.pem;

        ##
        # Logs
        ##

        log_format  main  '$remote_addr - $remote_user [$time_local] $http_host "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for" "upstream_cache_status" "$request_time" "$msec"';

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log warn;

        ##
        # ModSecurity Rules
        ##

        modsecurity on;
        modsecurity_rules_file /usr/local/cwaf/nginx/modsec2_nginx.conf;

        ##
        # Virtual Host Configs
        ##

        #include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

}

[zimmerle]

Hi @KfirManSnunit

Do you happens to have the core dump?

[KfirManSnunit]

Hi @zimmerle
The only way I was able to get a stak trace is by valgrind.
On this server I run the deb package from nginx mainline repo without debug symbols.

This is the output of:
gdb --pid 6938 (nginx worker pid)

root@varnish62:~# gdb --pid 6938
GNU gdb (Ubuntu 8.1-0ubuntu3.2) 8.1.0.20180409-git
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 6938
Reading symbols from /usr/sbin/nginx...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libdl-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libpthread.so.0...Reading symbols from /usr/lib/debug/.build-id/28/c6aade70b2d40d1f0f3d0a1a0cad1ab816448f.debug...done.
done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Reading symbols from /lib/x86_64-linux-gnu/libcrypt.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libcrypt-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libpcre.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libssl.so.1.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libc-2.27.so...done.
done.
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/ld-2.27.so...done.
done.
Reading symbols from /etc/nginx/modules/ngx_http_modsecurity_module.so...done.
Reading symbols from /usr/local/modsecurity/lib/libmodsecurity.so.3...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libGeoIP.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/librt.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/librt-2.27.so...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libxml2.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libyajl.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libstdc++.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libm.so.6...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libm-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libgcc_s.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libnghttp2.so.14...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libidn2.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/librtmp.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libpsl.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libnettle.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgnutls.so.30...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicuuc.so.60...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/liblzma.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libunistring.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhogweed.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgmp.so.10...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libtasn1.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libk5crypto.so.3...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libcom_err.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5support.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libresolv.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libresolv-2.27.so...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libsasl2.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgssapi.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicudata.so.60...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libffi.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libkeyutils.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libheimntlm.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5.so.26...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libasn1.so.8...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhcrypto.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libroken.so.18...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libwind.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libheimbase.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhx509.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libsqlite3.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_compat.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_compat-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_nis.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_nis-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnsl.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnsl-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_files.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_files-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_dns.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_dns-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_systemd.so.2...(no debugging symbols found)...done.
__GI___libc_malloc (bytes=24) at malloc.c:3033
3033 malloc.c: No such file or directory.

This is the output of 6950 pid:
root@varnish62:~# gdb --pid 6950
GNU gdb (Ubuntu 8.1-0ubuntu3.2) 8.1.0.20180409-git
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type "help".
Type "apropos word" to search for commands related to "word".
Attaching to process 6950
Reading symbols from /usr/sbin/nginx...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libdl-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libpthread.so.0...Reading symbols from /usr/lib/debug/.build-id/28/c6aade70b2d40d1f0f3d0a1a0cad1ab816448f.debug...done.
done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Reading symbols from /lib/x86_64-linux-gnu/libcrypt.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libcrypt-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libpcre.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libssl.so.1.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libc-2.27.so...done.
done.
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/ld-2.27.so...done.
done.
Reading symbols from /etc/nginx/modules/ngx_http_modsecurity_module.so...done.
Reading symbols from /usr/local/modsecurity/lib/libmodsecurity.so.3...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libGeoIP.so.1...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/librt.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/librt-2.27.so...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libxml2.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/liblua5.1.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libyajl.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libstdc++.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libm.so.6...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libm-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libgcc_s.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libnghttp2.so.14...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libidn2.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/librtmp.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libpsl.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libnettle.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgnutls.so.30...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicuuc.so.60...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/liblzma.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libunistring.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhogweed.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgmp.so.10...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libtasn1.so.6...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libk5crypto.so.3...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libcom_err.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5support.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libresolv.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libresolv-2.27.so...done.
done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libsasl2.so.2...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libgssapi.so.3...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libicudata.so.60...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libffi.so.6...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libkeyutils.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libheimntlm.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libkrb5.so.26...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libasn1.so.8...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhcrypto.so.4...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libroken.so.18...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libwind.so.0...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libheimbase.so.1...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libhx509.so.5...(no debugging symbols found)...done.
Reading symbols from /usr/lib/x86_64-linux-gnu/libsqlite3.so.0...(no debugging symbols found)...done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_compat.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_compat-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_nis.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_nis-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnsl.so.1...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnsl-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_files.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_files-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_dns.so.2...Reading symbols from /usr/lib/debug//lib/x86_64-linux-gnu/libnss_dns-2.27.so...done.
done.
Reading symbols from /lib/x86_64-linux-gnu/libnss_systemd.so.2...(no debugging symbols found)...done.
0x00007f7ee66d1b77 in epoll_wait (epfd=81, events=0x56227a375140, maxevents=512, timeout=47088) at ../sysdeps/unix/sysv/linux/epoll_wait.c:30
30 ../sysdeps/unix/sysv/linux/epoll_wait.c: No such file or directory.
(gdb)

Hope this will helps.
Or you have another offer to get the coredump.

[zimmerle]

It will be way better to have the debug symbols and the gdb-backtrace by the time that the process crash.

[KfirManSnunit]

And if I rebuild NGINX with "--widht-debug" flag you think it will behave the same as the package installed with apt?

[martinhsv]

Hi @KfirManSnunit ,

The flag '--with-debug' can, in some cases, make a segfault go away (depending on the type of bug), but I don't think that's what he means.

Have a look at:

Enabling Core Dumps (https://docs.nginx.com/nginx/admin-guide/monitoring/debugging/#enabling-core-dumps)
and
Obtaining Backtrace From a Core Dump File (https://docs.nginx.com/nginx/admin-guide/monitoring/debugging/#backtrace)

This won't alter the resulting executable in the same way that '--with-debug' can.

[KfirManSnunit]

Sill not manage to build nginx with debug, but a new error appear today:

terminate called after throwing an instance of 'std::runtime_error'
what(): random_device::random_device(const std::string&)
2019/12/18 09:15:52 [alert] 31845#31845: worker process 31846 exited on signal 6 (core dumped)
terminate called after throwing an instance of 'std::runtime_error'
what(): random_device::random_device(const std::string&)
2019/12/18 09:17:38 [alert] 31845#31845: worker process 31847 exited on signal 6 (core dumped)
terminate called after throwing an instance of 'std::runtime_error'
what(): random_device::random_device(const std::string&)

When the exited on signal 6 happens the number of active connections is up to 1000-4000+ In fact, there are only 350+-

2019/12/18 08:45:18 [alert] 12902#12902: worker process 12905 exited on signal 11 (core dumped)
2019/12/18 08:46:19 [alert] 12902#12902: worker process 12908 exited on signal 11 (core dumped)

When the exited on signal 11 happens the number of reading connections is between 2-8 And the active connections is up to 1000-2000+ that in fact, there are only 350+-

Hope this information can help,
As this is production server I still need to get approve to run the build version with debug symbols...

[KfirManSnunit]

@martinhsv
I had a typo in the question about with-debug flag...
I thought core dump files could not be exported without rebuilding with-debug flag.
Thanks

@zimmerle
This is the output of the core file create by nginx according to the guidelines at:
https://docs.nginx.com/nginx/admin-guide/monitoring/debugging/#enabling-core-dumps

GNU gdb (Ubuntu 8.1-0ubuntu3.2) 8.1.0.20180409-git
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/.
Find the GDB manual and other documentation resources online at:
http://www.gnu.org/software/gdb/documentation/.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/nginx...(no debugging symbols found)...done.
[New LWP 1659]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `nginx: worker process '.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:120
120 ../sysdeps/x86_64/multiarch/../strlen.S: No such file or directory.
(gdb) backtrace
0 __strlen_sse2 () at ../sysdeps/x86_64/multiarch/../strlen.S:120
1 0x00007f52fae84420 in std::char_traits::length (__s=0x0) at /usr/include/c++/7/bits/char_traits.h:320
2 std::__cxx11::basic_string<char, std::char_traits, std::allocator >::assign (__s=0x0, this=0x55bd9dc56f88) at /usr/include/c++/7/bits/basic_string.h:1428
3 std::__cxx11::basic_string<char, std::char_traits, std::allocator >::operator= (__s=0x0, this=0x55bd9dc56f88) at /usr/include/c++/7/bits/basic_string.h:694
4 modsecurity::Transaction::processURI (this=0x55bd9dc553f0, uri=uri@entry=0x0, method=method@entry=0x55bd9e3f8496 "GET", http_version=http_version@entry=0x7f52fb1c1d32 "1.1")
at transaction.cc:391
5 0x00007f52fae85385 in modsecurity::msc_process_uri (transaction=, uri=uri@entry=0x0, protocol=protocol@entry=0x55bd9e3f8496 "GET",
http_version=http_version@entry=0x7f52fb1c1d32 "1.1") at transaction.cc:1869
6 0x00007f52fb1c1ac3 in ngx_http_modsecurity_rewrite_handler (r=0x55bd9e3f7630) at ../ModSecurity-nginx/src/ngx_http_modsecurity_rewrite.c:136
7 0x000055bd98ab951c in ngx_http_core_rewrite_phase ()
8 0x000055bd98ab4d9d in ngx_http_core_run_phases ()
9 0x000055bd98abb3bb in ngx_http_internal_redirect ()
10 0x000055bd98abc1b7 in ngx_http_special_response_handler ()
11 0x000055bd98abed3a in ngx_http_finalize_request ()
12 0x000055bd98abf851 in ngx_http_process_request_uri ()
13 0x000055bd98ac022d in ?? ()
14 0x000055bd98aa784b in ?? ()
15 0x000055bd98a9dde6 in ngx_process_events_and_timers ()
16 0x000055bd98aa5b21 in ?? ()
17 0x000055bd98aa40b2 in ngx_spawn_process ()
18 0x000055bd98aa51d0 in ?? ()
19 0x000055bd98aa6512 in ngx_master_process_cycle ()
20 0x000055bd98a7d50c in main ()
(gdb)

nginx log:
2019/12/23 09:18:52 [alert] 5770#5770: worker process 5781 exited on signal 11 (core dumped)

syslog:
Dec 23 09:18:52 varnish62 kernel: [2888704.587951] nginx[5781]: segfault at 0 ip 00007f01d006e646 sp 00007fff63c36678 error 4 in libc-2.27.so[7f01cffbd000+1e7000]

I also checked other core dump files and the output looks the same...
Is there anything else you need me to do to be able to debug this issue?

Thanks,
Kfir

[martinhsv]

Hi @KfirManSnunit
Thank you very much for the backtrace.

Although it's not clear to me what combination of configuration and request is resulting in that execution path, there is at least a fairly obvious robustness issue in the code that we could mitigate.

I'll do a bit more investigation sometime over the next couple of days and get back to you.

[KfirManSnunit]

Hi @martinhsv
10 days ago I made an update to Nginx 1.17.7 and since then the error was not repeated.
I can confirm that this bug is exist on versions 1.17.1 to 1.17.6 of Nginx And maybe before (And it's possible to see it only at a load of over 450 active connections).

Another thing that may be related, The error logs of all websites was full of warnings like:
upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp/5/89/0000257895 while reading upstream.
I found that the buffer was set to only 16k so all the responses written to files instead of memory, That was causing a load and a decrease in disk performance.

Thanks in advance,
Kfir

[martinhsv]

Hi @KfirManSnunit ,

Thank you very much for the update.

Based on that information, I'm not very likely to do further investigation. It sounds likely that there was an underlying bug in nginx code (possibly only in the non-stable version 1.17) that they have since corrected.

Per my comment last week, in the coming days a small change may get merged into the ModSecurity nginx connector to exit more gracefully if that use case should arise again in future.

[zimmerle]

@martinhsv patch is now merged! thank you guys.