[asterisk-bugs] [JIRA] (ASTERISK-22945) [patch] Memory leak in chan_sip.c with realtime autoclear

ibercom (JIRA) noreply at issues.asterisk.org
Mon Mar 10 12:49:06 CDT 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-22945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=216275#comment-216275 ] 

ibercom edited comment on ASTERISK-22945 at 3/10/14 12:48 PM:
--------------------------------------------------------------

You're right.
I haven't been able to analyze correctly /tmp/refs.
The comment (schedule qualify) has me confused.

{noformat}
==============
Problem: net Refcount not zero for object 1b12bb8
Object 1b12bb8 history:
   0x1b12bb8 =1   chan_sip.c:30504:build_peer (allocate a peer struct)
   0x1b12bb8 +1   chan_sip.c:31137:build_peer (schedule qualify) [@1]
   0x1b12bb8 +1   chan_sip.c:29534:sip_poke_peer (setting the relatedpeer field in the dialog) [@2]
   0x1b12bb8 +1   chan_sip.c:29550:sip_poke_peer (adding poke peer ref) [@3]
   0x1b12bb8 +1   chan_sip.c:5610:realtime_peer (add registration ref) [@4]
   0x1b12bb8 +1   chan_sip.c:5612:realtime_peer (link peer into peers table) [@5]
   0x1b12bb8 +1   chan_sip.c:5614:realtime_peer (link peer into peers_by_ip table) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]
   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]
   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from function_sippeer, just before return) [@7]
   0x1b12bb8 -1   chan_sip.c:23543:handle_response_peerpoke (removing poke peer ref) [@6]
   0x1b12bb8 +1   chan_sip.c:23543:handle_response_peerpoke (adding poke peer ref) [@5]
   0x1b12bb8 -1   chan_sip.c:6511:__sip_destroy (unsetting a dialog relatedpeer field in sip_destroy) [@6]
   0x1b12bb8 -1   chan_sip.c:3352:unlink_peer_from_tables (ao2_unlink of peer from peers table) [@5]
   0x1b12bb8 -1   chan_sip.c:3354:unlink_peer_from_tables (ao2_unlink of peer from peers_by_ip table) [@4]
   0x1b12bb8 -1   chan_sip.c:15711:expire_register (removing peer ref for expire_register) [@3]
   0x1b12bb8 -1   chan_sip.c:15726:sip_poke_peer_s (removing poke peer ref) [@2]
==============
{noformat}

But here, who is responsible for this ref leak ?



was (Author: ibercom):
You're right.
I haven't been able to analyze correctly /tmp/refs.
The comment (schedule qualify) has me confused.

{noformat}
==============
Problem: net Refcount not zero for object 1b12bb8
Object 1b12bb8 history:
   0x1b12bb8 =1   chan_sip.c:30504:build_peer (allocate a peer struct)
   0x1b12bb8 +1   chan_sip.c:31137:build_peer (schedule qualify) [@1]
   0x1b12bb8 +1   chan_sip.c:29534:sip_poke_peer (setting the relatedpeer field
in the dialog) [@2]
   0x1b12bb8 +1   chan_sip.c:29550:sip_poke_peer (adding poke peer ref) [@3]
   0x1b12bb8 +1   chan_sip.c:5610:realtime_peer (add registration ref) [@4]
   0x1b12bb8 +1   chan_sip.c:5612:realtime_peer (link peer into peers table) [@5
]
   0x1b12bb8 +1   chan_sip.c:5614:realtime_peer (link peer into peers_by_ip tabl
e) [@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from functio
n_sippeer, just before return) [@7]
   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [
@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from functio
n_sippeer, just before return) [@7]
   0x1b12bb8 +1   chan_sip.c:5661:sip_find_peer_full (ao2_find in peers table) [
@6]
   0x1b12bb8 -1   chan_sip.c:22097:function_sippeer (sip_unref_peer from functio
n_sippeer, just before return) [@7]
   0x1b12bb8 -1   chan_sip.c:23543:handle_response_peerpoke (removing poke peer
ref) [@6]
   0x1b12bb8 +1   chan_sip.c:23543:handle_response_peerpoke (adding poke peer re
f) [@5]
   0x1b12bb8 -1   chan_sip.c:6511:__sip_destroy (unsetting a dialog relatedpeer
field in sip_destroy) [@6]
   0x1b12bb8 -1   chan_sip.c:3352:unlink_peer_from_tables (ao2_unlink of peer fr
om peers table) [@5]
   0x1b12bb8 -1   chan_sip.c:3354:unlink_peer_from_tables (ao2_unlink of peer fr
om peers_by_ip table) [@4]
   0x1b12bb8 -1   chan_sip.c:15711:expire_register (removing peer ref for expire
_register) [@3]
   0x1b12bb8 -1   chan_sip.c:15726:sip_poke_peer_s (removing poke peer ref) [@2]
==============
{noformat}

But, who is responsible for this ref leak ?


> [patch] Memory leak in chan_sip.c with realtime autoclear
> ---------------------------------------------------------
>
>                 Key: ASTERISK-22945
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22945
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 11.6.0
>            Reporter: ibercom
>         Attachments: asterisk11.patch, cli-command.txt, memory-allocations.gz
>
>
> I have 2 servers with SIP realtime config and asterisk 1.8 and 11 each one.
> Server 1.8 have about 2000 register peers without obvious problems.
> Server 11 have about 20 register peers and chan_sip.c is constantly leaking memory with each call to the other peers.
> The SIP realtime config is the same:
> rtcachefriends=yes
> rtsavesysname=yes
> rtupdate=yes
> rtautoclear=yes		<< I think than here is the problem
> ignoreregexpire=yes
> When Server 11 look for some peer (not register peer) in sippeers table, it works with this info. Another (+1) static (realtime?) object. When the registration expires, memory leak. You can look for the same peer after some time and asterisk allocates memory again and it isn't freed.
> I have attached cli-command.txt which shows the asterisk's state with only 112 calls processed.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list