From eab5051788f6111adb88268a784af0c981616579 Mon Sep 17 00:00:00 2001
From: Hangliang Lai <laihangliang1@huawei.com>
Date: Tue, 11 Apr 2023 09:32:24 +0800
Subject: [PATCH] perf top: Expand the range of multithreaded phase

In __cmd_top(), perf_set_multithreaded() is used to enable
pthread_rwlock, thus down_read() and down_write () are not nops,
handling concurrency problems

Then 'perf top' uses perf_set_singlethreaded(), switching to the single
threaded phase, assuming that no thread concurrency will happen later.

However, a use after free problem could occur in the single threaded
phase, the concurrent procedure is this:

display_thread                              process_thread
--------------                              --------------
thread__comm_len
  -> thread__comm_str
    -> __thread__comm_str(thread)
                                            thread__delete
                                             -> comm__free
                                              -> comm_str__put
                                               -> zfree(&cs->str)
    -> thread->comm_len = strlen(comm);

Since in single thread phase, perf_singlethreaded is true, down_read()
and down_write() do nothing to avoid concurrency problems.

This patch moves the perf_set_singlethreaded() call to the function tail
to expand the multithreaded phase range, making display_thread() and
process_thread() concurrency safe.

Reviewed-by: Yunfeng Ye <yeyunfeng@huawei.com>
Signed-off-by: Hangliang Lai  <laihangliang1@huawei.com>
Co-developed-by: Wenyu Liu <liuwenyu7@huawei.com>
Acked-by: Namhyung Kim <namhyung@kernel.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Feilong Lin <linfeilong@huawei.com>
Cc: Hewenliang <hewenliang4@huawei.com>
Cc: Ian Rogers <irogers@google.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/20230411013224.2079-1-laihangliang1@huawei.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
 tools/perf/builtin-top.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/perf/builtin-top.c b/tools/perf/builtin-top.c
index 3162bad0d17d2..5d448c36ed22b 100644
--- a/tools/perf/builtin-top.c
+++ b/tools/perf/builtin-top.c
@@ -1276,8 +1276,7 @@ static int __cmd_top(struct perf_top *top)
 				    top->evlist->core.threads, true, false,
 				    top->nr_threads_synthesize);
 
-	if (top->nr_threads_synthesize > 1)
-		perf_set_singlethreaded();
+	perf_set_multithreaded();
 
 	if (perf_hpp_list.socket) {
 		ret = perf_env__read_cpu_topology_map(&perf_env);
@@ -1355,6 +1354,7 @@ out_join:
 out_join_thread:
 	cond_signal(&top->qe.cond);
 	pthread_join(thread_process, NULL);
+	perf_set_singlethreaded();
 	return ret;
 }
 
-- 
2.30.2