nginx-c-module-debugging
SKILL.md
nginx.org C Module Debugging Best Practices
Comprehensive debugging guide for nginx C modules, derived from the official nginx development documentation and production debugging experience. Contains 45 rules across 8 categories, prioritized by impact to guide systematic diagnosis of crashes, memory bugs, and behavioral issues in nginx modules.
Companion skills: This skill complements nginx-c-module-best-practices (correctness) and nginx-c-module-perf-reliability (performance). This skill covers debugging and diagnosis.
When to Apply
Reference these guidelines when:
- Diagnosing nginx worker crashes (segfaults, SIGABRT, SIGSEGV)
- Finding memory bugs (use-after-free, leaks, pool corruption, buffer overruns)
- Setting up GDB and core dump analysis for nginx
- Tracing request flow through phases, subrequests, and filter chains
- Instrumenting nginx modules with debug logging and dynamic tracing tools
Rule Categories by Priority
| Priority | Category | Impact | Prefix |
|---|---|---|---|
| 1 | Crash Diagnosis & Signals | CRITICAL | crash- |
| 2 | Memory Bug Detection | CRITICAL | memdbg- |
| 3 | GDB & Core Dump Analysis | HIGH | gdb- |
| 4 | Request Flow Tracing | HIGH | trace- |
| 5 | Debug Logging Patterns | MEDIUM-HIGH | dbglog- |
| 6 | State & Lifecycle Debugging | MEDIUM | state- |
| 7 | Dynamic Tracing Tools | MEDIUM | probe- |
| 8 | Build & Sanitizer Configuration | LOW-MEDIUM | build- |
Quick Reference
1. Crash Diagnosis & Signals (CRITICAL)
crash-segfault-signature- Identify Segfault Crash Signature from Signal and Addresscrash-null-deref-pattern- Recognize NULL Pointer Dereference Patterns in nginx Modulescrash-double-free-finalize- Diagnose Double Finalize Crashes from Request Reference Countcrash-stack-overflow- Detect Stack Overflow from Recursive Subrequest or Filter Chainscrash-worker-exit-log- Extract Crash Context from Worker Exit Log Messagescrash-error-page-redirect- Avoid Crashes from error_page Internal Redirect Context Invalidation
2. Memory Bug Detection (CRITICAL)
memdbg-use-after-free- Detect Use-After-Free from Pool Destruction Timingmemdbg-pool-leak-pattern- Identify Pool Memory Leak Patterns from Growing Worker RSSmemdbg-slab-corruption- Diagnose Shared Memory Slab Corruption from Multi-Worker Crashesmemdbg-cleanup-handler-leak- Detect Resource Leaks from Missing Pool Cleanup Handlersmemdbg-buffer-overrun- Find Buffer Overrun from ngx_pnalloc Size Miscalculationmemdbg-temp-pool-misuse- Avoid Storing Long-Lived Pointers in Temporary Poolsmemdbg-valgrind-pool-trace- Use Valgrind Pool-Level Tracing to Find Leaked Allocations
3. GDB & Core Dump Analysis (HIGH)
gdb-coredump-setup- Configure Core Dump Generation for nginx Worker Crashesgdb-attach-worker- Attach GDB to a Running nginx Worker Processgdb-backtrace-read- Read nginx Backtrace to Identify Crash Module and Phasegdb-inspect-request- Inspect ngx_http_request_t Fields in GDB for Request Stategdb-memory-buffer-extract- Extract Debug Log from Memory Buffer Using GDB Scriptgdb-watchpoint-corruption- Use GDB Watchpoints to Catch Memory Corruption at Write Time
4. Request Flow Tracing (HIGH)
trace-phase-handler-flow- Trace Request Through HTTP Phase Handlerstrace-subrequest-tree- Map Subrequest Parent-Child Relationships for Debuggingtrace-filter-chain-order- Trace Filter Chain Execution Order and Data Flowtrace-upstream-callback-seq- Trace Upstream Callback Sequence for Proxy Debuggingtrace-event-handler-chain- Trace Event Handler Execution for Connection Debuggingtrace-config-inheritance- Trace Configuration Inheritance Through Server and Location Blocks
5. Debug Logging Patterns (MEDIUM-HIGH)
dbglog-debug-mask- Use Correct Debug Mask for Targeted Log Filteringdbglog-debug-connection- Use debug_connection to Isolate Single-Client Debug Outputdbglog-memory-buffer- Use Memory Buffer Logging to Capture Debug Output Without Disk I/Odbglog-log-action-string- Set Log Action String for Context in Error Messagesdbglog-format-ngx-str- Format ngx_str_t Correctly in Debug Log Messages
6. State & Lifecycle Debugging (MEDIUM)
state-connection-lifecycle- Track Connection State Transitions for Lifecycle Debuggingstate-upstream-state-machine- Debug Upstream Module State by Logging Transition Pointsstate-timer-leak- Detect Timer Leaks from Events Not Removed Before Pool Destructionstate-event-flag-debug- Inspect Event Flags to Debug Unexpected Handler Invocationstate-request-count-track- Track Request Reference Count to Debug Premature Destruction
7. Dynamic Tracing Tools (MEDIUM)
probe-strace-syscall- Use strace to Trace System Call Patterns in nginx Workersprobe-dtrace-request- Trace Request Processing with DTrace pid Providerprobe-systemtap-pool- Trace Memory Pool Allocations with SystemTapprobe-ebpf-latency- Measure Per-Function Latency with eBPF Probesprobe-strace-fd-leak- Detect File Descriptor Leaks with strace and /proc
8. Build & Sanitizer Configuration (LOW-MEDIUM)
build-debug-flags- Compile nginx with Full Debug Symbols and No Optimizationbuild-asan-configure- Build nginx with AddressSanitizer for Memory Error Detectionbuild-single-process- Use Single-Process Mode for Simplified Debuggingbuild-valgrind-suppressions- Use nginx Valgrind Suppressions to Reduce False Positivesbuild-debug-palloc- Enable NGX_DEBUG_PALLOC for Fine-Grained Pool Allocation Tracking
How to Use
Read individual reference files for detailed explanations and code examples:
- Section definitions - Category structure and impact levels
- Rule template - Template for adding new rules
Reference Files
| File | Description |
|---|---|
| references/_sections.md | Category definitions and ordering |
| assets/templates/_template.md | Template for new rules |
| metadata.json | Version and reference information |
Weekly Installs
2
Repository
pproenca/dot-skillsGitHub Stars
68
First Seen
Feb 13, 2026
Security Audits
Installed on
amp2
opencode2
kimi-cli2
codex2
github-copilot2
claude-code2