runtime: skip nil Ps in allp during cleanup flush

cleanupQueue.Flush is reachable from mallocgc via sweepAssist. Normally
allp will continue all valid Ps, but procresize itself increases the
size of allp and then allocates new Ps to place in allp. If we get
perfectly unlucky, the new(p) allocations will complete sweeping and
cleanupQueue.Flush will dereference a nil pointer from allp. Avoid this
by skipping nil Ps.

I've looked through every other use of allp and none of them appear to
be reachable from procresize.

Change-Id: I6a6a636cab49ef268eb8fcd9ff9a96790d9c5685
Reviewed-on: https://go-review.googlesource.com/c/go/+/676515
Auto-Submit: Michael Pratt <mpratt@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Michael Knyszek <mknyszek@google.com>

diff --git a/src/runtime/mcleanup.go b/src/runtime/mcleanup.go
index 5cbae156baeb90f1407a9ccc2e7e12ac8c788c57..c368730c5765e322aec7333fc914890a03d197aa 100644 (file)
--- a/src/runtime/mcleanup.go
+++ b/src/runtime/mcleanup.go
@@ -457,6 +457,13 @@ func (q *cleanupQueue) flush() {
        // new cleanup goroutines.
        var cb *cleanupBlock
        for _, pp := range allp {
+               if pp == nil {
+                       // This function is reachable via mallocgc in the
+                       // middle of procresize, when allp has been resized,
+                       // but the new Ps not allocated yet.
+                       missing++
+                       continue
+               }
                b := pp.cleanups
                if b == nil {
                        missing++