nginx/1.9.9 with modsecurity/2.9.0 crashes with segfault and worker process exited on signal 11

Lukas l at ymx.ch
Sun Jan 10 13:39:34 UTC 2016 

Dear all

Fascinated by nginx, I attempted to integrate it with modsecurity.

Unfortunately, ever when modsecurity is enabled, nginx reports a
sefault in sysmessages.

Searching the web did not reveal any solution, i.e. I switched off
SecAudit* and even started modsecurity without rules -- it continued
crashing.

Thank you for any hint on solving this issue.

Please find next information related to my setup including some logs.

wbr, Lukas

==

My current setup:

Platform: Linux/4.3.3 running on Debian/wheezy

nginx: self-compiled from sources according to
https://blog.stickleback.dk/nginx-modsec-on-ubuntu-14-04-lts/

modsecurity: installed and configured according to
https://www.howtoforge.com/tutorial/install-nginx-with-mod_security-on-ubuntu-15-04/

Relevant Logs:

$ /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.9.9
built by gcc 4.7.2 (Debian 4.7.2-5)
built with OpenSSL 1.0.1e 11 Feb 2013
TLS SNI support enabled
configure arguments: --user=www-data --group=www-data --with-pcre-jit
  --with-ipv6 --with-http_ssl_module
  --add-module=../modsecurity-2.9.0/nginx/modsecurity
  --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid
  --error-log-path=/var/log/nginx/error.log
  --http-log-path=/var/log/nginx/access.log

$ tail error.log
2016/01/10 13:13:34 [notice] 10256#0: ModSecurity: LIBXML compiled version="2.8.0"
2016/01/10 13:13:34 [notice] 10256#0: ModSecurity: Status engine is
    currently disabled, enable it by set SecStatusEngine to On.
2016/01/10 13:13:35 [notice] 10260#0: ModSecurity for nginx
    (STABLE)/2.9.0 (http://www.modsecurity.org/) configured.
2016/01/10 13:13:35 [notice] 10260#0: ModSecurity: APR compiled
    version="1.4.6"; loaded version="1.4.6"
2016/01/10 13:13:35 [notice] 10260#0: ModSecurity: PCRE compiled
    version="8.30 "; loaded version="8.30 2012-02-04"
2016/01/10 13:13:35 [notice] 10260#0: ModSecurity: LIBXML compiled version="2.8.0"
2016/01/10 13:13:35 [notice] 10260#0: ModSecurity: Status engine is
    currently disabled, enable it by set SecStatusEngine to On.
2016/01/10 13:13:38 [alert] 10261#0: worker process 10267 exited on signal 11
2016/01/10 13:13:38 [alert] 10261#0: worker process 10264 exited on signal 11
2016/01/10 13:13:38 [alert] 10261#0: worker process 10265 exited on signal 11

$ dmesg
[605432.202671] nginx[10267]: segfault at 70 ip 08093ba1 sp bfc9a7c0 error 4 in nginx[8048000+123000]
[605432.385414] nginx[10264]: segfault at 70 ip 08093ba1 sp bfc9a7c0 error 4 in nginx[8048000+123000]
[605432.409089] nginx[10265]: segfault at 70 ip 08093ba1 sp bfc9a7c0 error 4 in nginx[8048000+123000]

-- 
Lukas Ruf       <http://www.lpr.ch> | Ad Personam
Consecom  <http://www.consecom.com> | Ad Laborem

More information about the nginx mailing list