mirror of
https://github.com/asterisk/asterisk.git
synced 2026-05-08 06:09:37 +00:00
f616affc2a
When a PJSIP endpoint is configured with set_var invoking a dialplan function (e.g. PJSIP_HEADER(add,...)), chan_pjsip_new() calls pbx_builtin_setvar_helper() while holding the channel lock. For function-style variables, this dispatches to ast_func_write() which, in the case of PJSIP_HEADER, calls ast_sip_push_task_wait_serializer() -- blocking synchronously while the channel lock is held. If a concurrent operation (ARI, AMI, rtp_check_timeout) traverses the channels container via ast_channel_get_by_name(), it acquires the container lock then tries to lock individual channels in the iteration callback (by_uniqueid_cb/by_name_cb). When the serializer thread also needs the container lock, a circular dependency forms: channel_lock -> serializer_wait -> container_lock -> channel_lock This causes a complete Asterisk freeze. In the observed case, 36 threads were blocked on the container lock until res_freeze_check triggered SIGABRT after its 30-second timeout. Unlock the channel before iterating endpoint channel_vars so that dialplan functions can block without holding the channel lock. Re-lock the channel for ast_channel_stage_snapshot_done() so the batched snapshot is published under lock and captures the full channel state including the variables set during the loop. Fixes: #1872