[asterisk-bugs] [JIRA] (ASTERISK-22945) [patch] Memory leak in chan_sip.c with realtime autoclear

Matt Jordan (JIRA) noreply at issues.asterisk.org
Wed Jun 11 20:02:57 CDT 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-22945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=219367#comment-219367 ] 

Matt Jordan commented on ASTERISK-22945:
----------------------------------------

>From the issue description and your comments, I'm not sure I understand the cause of the memory leak, so analyzing the patches isn't going to be terribly easy.

Looking at your refs, I attempted to pair them up:

{noformat}
   0x1b12bb8 +1   chan_sip.c:31137:build_peer (schedule qualify) [@1]


   0x1b12bb8 =1   chan_sip.c:30504:build_peer (allocate a peer struct)
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]

   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]

   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]

   0x1b12bb8 +1   chan_sip.c:5612:realtime_peer (link peer into peers table) [@5]
   0x1b12bb8 -1   chan_sip.c:3352:unlink_peer_from_tables (ao2_unlink of peer from peers table) [@5]

   0x1b12bb8 +1   chan_sip.c:5614:realtime_peer (link peer into peers_by_ip table) [@6]
   0x1b12bb8 -1   chan_sip.c:3354:unlink_peer_from_tables (ao2_unlink of peer from peers_by_ip table) [@4]

   0x1b12bb8 +1   chan_sip.c:29550:sip_poke_peer (adding poke peer ref) [@3]
   0x1b12bb8 -1   chan_sip.c:23543:handle_response_peerpoke (removing poke peer ref) [@6]

   0x1b12bb8 +1   chan_sip.c:29534:sip_poke_peer (setting the relatedpeer field in the dialog) [@2]
   0x1b12bb8 -1   chan_sip.c:6511:__sip_destroy (unsetting a dialog relatedpeer field in sip_destroy) [@6]

   0x1b12bb8 +1   chan_sip.c:5610:realtime_peer (add registration ref) [@4]
   0x1b12bb8 -1   chan_sip.c:15711:expire_register (removing peer ref for expire_register) [@3]

   0x1b12bb8 +1   chan_sip.c:23543:handle_response_peerpoke (adding poke peer ref) [@5]
   0x1b12bb8 -1   chan_sip.c:15726:sip_poke_peer_s (removing poke peer ref) [@2]
{noformat}

The "odd man out" looks to be this ref:
{code}
		/* Startup regular pokes */
		if (!devstate_only && enablepoke) {
			sip_ref_peer(peer, "schedule qualify");
			sip_poke_peer(peer, 0);
		}
{code}

Note that this only happens if {{realtime}} is enabled:

{code}
	if (realtime) {
		int enablepoke = 1;

		if (!sip_cfg.ignore_regexpire && peer->host_dynamic) {
			time_t nowtime = time(NULL);

			if ((nowtime - regseconds) > 0) {
				destroy_association(peer);
				memset(&peer->addr, 0, sizeof(peer->addr));
				peer->lastms = -1;
				enablepoke = 0;
				ast_debug(1, "Bah, we're expired (%d/%d/%d)!\n", (int)(nowtime - regseconds), (int)regseconds, (int)nowtime);
			}
		}

		/* Startup regular pokes */
		if (!devstate_only && enablepoke) {
			sip_ref_peer(peer, "schedule qualify");
			sip_poke_peer(peer, 0);
		}
	}
{code}

It doesn't appear as if your patch deals with this particular ref.

You'd like some more input on your proposed patch, you may want to post it to review-board for further peer review. That being said, ref leaks are tricky, and removing a ref that is not contributing to the leak may result in a crash - so you may want to dig in a bit further to determine what is causing the issue.

> [patch] Memory leak in chan_sip.c with realtime autoclear
> ---------------------------------------------------------
>
>                 Key: ASTERISK-22945
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22945
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 11.6.0
>            Reporter: ibercom
>         Attachments: asterisk11-chan_sip-simplifies.patch, asterisk11.patch, cli-command.txt, memory-allocations.gz
>
>
> I have 2 servers with SIP realtime config and asterisk 1.8 and 11 each one.
> Server 1.8 have about 2000 register peers without obvious problems.
> Server 11 have about 20 register peers and chan_sip.c is constantly leaking memory with each call to the other peers.
> The SIP realtime config is the same:
> rtcachefriends=yes
> rtsavesysname=yes
> rtupdate=yes
> rtautoclear=yes		<< I think than here is the problem
> ignoreregexpire=yes
> When Server 11 look for some peer (not register peer) in sippeers table, it works with this info. Another (+1) static (realtime?) object. When the registration expires, memory leak. You can look for the same peer after some time and asterisk allocates memory again and it isn't freed.
> I have attached cli-command.txt which shows the asterisk's state with only 112 calls processed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list