Bug 243753

Summary: security/modsecurity3: Segmentation fault when Apache 2.4 start
Product: Ports & Packages Reporter: epopen
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Open ---    
Severity: Affects Some People CC: tommyhp2, w.schwarzenfeld
Priority: ---    
Version: Latest   
Hardware: amd64   
OS: Any   

Description epopen 2020-01-31 09:03:09 UTC 
Hi marius.halden

First,thanks your ports.
I trying to migrate from modsecurity 2 to 3, but encounter problem.
Can help me to debug?

System: Most recent (FreeBSD epopen.com 12.1-RELEASE-p1 FreeBSD 12.1-RELEASE-p1 #7 r335865M: Sat Nov 16 09:04:56 CST 2019) with CLANG 8.0.1
And all of dependence ports update to up latest below list..
www/apache24
security/modsecurity3
security/modsecurity3-apache
lang/gcc9

Get error message as below when apache start..
Performing sanity check on apache24 configuration:
Segmentation fault (core dumped)
Starting apache24.
Segmentation fault (core dumped)
/usr/local/etc/rc.d/apache24: WARNING: failed to start apache24

And tried to debug by GDB but all of debug symbol disappear as below.
(gdb) core httpd.core
[New LWP 101190]
Core was generated by `/usr/local/sbin/httpd'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00000008032a3a18 in ?? ()
(gdb) where
#0  0x00000008032a3a18 in ?? ()
#1  0x00000008024ecc56 in ?? ()
#2  0x0000000802839ea0 in ?? ()
#3  0x00007fffffffc9a0 in ?? ()
#4  0x0000000000000000 in ?? 

BTW prior version ports of modsecurity3.0.3 got same problem, but debug symbol exist as below.
(gdb) core httpd.core
[New LWP 101164]
bCore was generated by `/usr/local/sbin/httpd'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00000008031199e8 in vtable for __cxxabiv1::__si_class_type_info () from /lib/libcxxrt.so.1
(gdb) where
#0  0x00000008031199e8 in vtable for __cxxabiv1::__si_class_type_info () from /lib/libcxxrt.so.1
#1  0x00000008022d3016 in __dynamic_cast () from /usr/local/lib/gcc8/libstdc++.so.6
#2  0x00000008023527b0 in bool std::has_facet<std::ctype<char> >(std::locale const&) () from /usr/local/lib/gcc8/libstdc++.so.6
#3  0x0000000802346004 in std::basic_ios<char, std::char_traits<char> >::_M_cache_locale(std::locale const&) () from /usr/local/lib/gcc8/libstdc++.so.6
#4  0x0000000802346480 in std::basic_ios<char, std::char_traits<char> >::init(std::basic_streambuf<char, std::char_traits<char> >*) ()
   from /usr/local/lib/gcc8/libstdc++.so.6
#5  0x00000008022e69d3 in std::ios_base::Init::Init() () from /usr/local/lib/gcc8/libstdc++.so.6
#6  0x0000000801ec54f0 in ?? () from /usr/local/lib/libmodsecurity.so.3
#7  0x00000008002a60db in objlist_call_init (list=<optimized out>, lockstate=<optimized out>) at /usr/src/libexec/rtld-elf/rtld.c:2678
#8  0x00000008002aa6c9 in dlopen_object (name=0x800be0400 "z\270", <incomplete sequence \325>, fd=<optimized out>, refobj=<optimized out>, lo_flags=2, 
    mode=258, lockstate=0x800000002) at /usr/src/libexec/rtld-elf/rtld.c:3389
#9  0x00000008002a7136 in rtld_dlopen (name=0x800a7c660 "/usr/local/libexec/apache24/mod_security3.so", fd=-1, mode=<optimized out>)
    at /usr/src/libexec/rtld-elf/rtld.c:3264
#10 0x00000008005a3b60 in apr_dso_load () from /usr/local/lib/libapr-1.so.0
#11 0x000000000028e871 in dso_load ()
#12 0x000000000028e594 in load_module ()
#13 0x000000000025b0d5 in invoke_cmd ()
#14 0x0000000000258233 in ap_build_config_sub ()
#15 0x000000000025873b in ap_build_config ()
#16 0x0000000000258e39 in ap_process_resource_config ()
#17 0x000000000025908f in process_resource_config_nofnmatch ()
#18 0x0000000000259419 in process_resource_config_fnmatch ()
#19 0x00000000002592bd in process_resource_config_fnmatch ()
#20 0x00000000002592bd in process_resource_config_fnmatch ()
#21 0x00000000002592bd in process_resource_config_fnmatch ()
#22 0x00000000002592bd in process_resource_config_fnmatch ()
#23 0x00000000002592bd in process_resource_config_fnmatch ()
#24 0x0000000000258fcd in ap_process_fnmatch_configs ()
#25 0x000000000027f200 in include_config ()
#26 0x000000000025b09c in invoke_cmd ()
#27 0x0000000000258233 in ap_build_config_sub ()
#28 0x000000000025873b in ap_build_config ()
#29 0x0000000000258e39 in ap_process_resource_config ()
#30 0x000000000025a2a0 in ap_read_config ()
#31 0x00000000002555e8 in main ()
(gdb)
And posted to official SpiderLabs/ModSecurity-apache (https://github.com/SpiderLabs/ModSecurity-apache/issues/59)
But have not next step.

Thanks you a lot.
Comment 1 Tommy P 2020-03-21 21:22:10 UTC 
I'm also seeing segmentation fault for modsecurity3 on nginx which has same dependency:

LIB_DEPENDS=    libmodsecurity.so:security/modsecurity3
Comment 2 epopen 2021-02-10 11:50:54 UTC 
Today, I think about this issue and gdb output.
I found a keyword 'GCC'

So I tried to remove knob of "USE_GCC= yes" @ security/modsecurity3/Makefile and rebuild.
Apache24 start successful and worked as below message
   [Wed Feb 10 19:36:53.893064 2021] [:notice] [pid 15168:tid 34370637824] ModSecurity: ModSecurity-Apache v0.1.1-beta configured.
   [Wed Feb 10 19:36:53.992024 2021] [mpm_event:notice] [pid 65772:tid 34370637824] AH00489: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1i configured -- resuming normal operations
   [Wed Feb 10 19:36:53.996304 2021] [core:notice] [pid 65772:tid 34370637824] AH00094: Command line: '/usr/local/sbin/httpd'

In the time, minimize configuration.

I realize the knob for a issue as https://github.com/SpiderLabs/ModSecurity/issues/1411
But the issue started at 2017, I do not know the issue still exist or not in 2021.
Confirm possible?

Thanks a lot.