From 1014555b2762674a03116c27a2a83f3eaa1743b7 Mon Sep 17 00:00:00 2001 From: hc-github-team-secure-vault-core <82990506+hc-github-team-secure-vault-core@users.noreply.github.com> Date: Mon, 6 Nov 2023 10:48:43 -0500 Subject: [PATCH] backport of commit 7ec3867eea2ad3c405f15f9ab5447618685739cf (#24031) Co-authored-by: Nick Cabatoff --- changelog/24027.txt | 3 +++ vault/expiration.go | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) create mode 100644 changelog/24027.txt diff --git a/changelog/24027.txt b/changelog/24027.txt new file mode 100644 index 000000000..d276928f9 --- /dev/null +++ b/changelog/24027.txt @@ -0,0 +1,3 @@ +```release-note:bug +expiration: Fix fatal error "concurrent map iteration and map write" when collecting metrics from leases. +``` diff --git a/vault/expiration.go b/vault/expiration.go index cf205d0e0..c62eed980 100644 --- a/vault/expiration.go +++ b/vault/expiration.go @@ -884,7 +884,7 @@ func (m *ExpirationManager) Stop() error { // for the next ExpirationManager to handle them. newStrategy := ExpireLeaseStrategy(expireNoop) m.expireFunc.Store(&newStrategy) - oldPending := m.pending + oldPending := &m.pending m.pending, m.nonexpiring, m.irrevocable = sync.Map{}, sync.Map{}, sync.Map{} m.leaseCount = 0 m.uniquePolicies = make(map[string][]string) @@ -2490,7 +2490,7 @@ func (m *ExpirationManager) WalkTokens(walkFn ExpirationWalkFunction) error { } m.pendingLock.RLock() - toWalk := []sync.Map{m.pending, m.nonexpiring} + toWalk := []*sync.Map{&m.pending, &m.nonexpiring} m.pendingLock.RUnlock() for _, m := range toWalk { @@ -2519,7 +2519,7 @@ func (m *ExpirationManager) walkLeases(walkFn leaseWalkFunction) error { } m.pendingLock.RLock() - toWalk := []sync.Map{m.pending, m.nonexpiring} + toWalk := []*sync.Map{&m.pending, &m.nonexpiring} m.pendingLock.RUnlock() for _, m := range toWalk {