perf sched: Replace (void*)1 sentinel with proper runtime allocation
map__findnew_thread() marks color-pid threads by storing (void*)1 as
the thread private data via thread__set_priv(). This sentinel value
causes two problems:
1. thread__get_runtime() returns (void*)1 as a struct thread_runtime
pointer. Any field access (e.g. tr->shortname) dereferences address
1, which is an unmapped page — immediate segfault.
2. cmd_sched() registers free() as the thread priv destructor, so thread
cleanup calls free((void*)1) — undefined behavior that corrupts the
heap on many allocators.
Fix by adding a 'color' flag to struct thread_runtime and allocating a
real runtime struct for color-pid threads. thread__has_color() now
checks the flag instead of relying on priv being non-NULL.
Reported-by: sashiko-bot <sashiko-bot@kernel.org> Fixes: 58a606149c60d5da ("perf sched: Avoid union type punning undefined behavior") Reviewed-by: Ian Rogers <irogers@google.com> Cc: Ian Rogers <irogers@google.com> Assisted-by: Claude:claude-opus-4.6 Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>