[PATCH] gnu: perf-tools: Patch executable paths

Olivier Dion wrote on 5 Aug 2022 17:49

Recipients:(address . guix-patches@gnu.org)

Message-ID:0c2a00011b37de03efc17626123ce1571b103c7a.1659714518.git.olivier.dion@polymtl.ca

* gnu/packages/instrumentation.scm (perf-tools): Add patch phase.
[phases]: Add patch-paths.
---
 gnu/packages/instrumentation.scm | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

Toggle diff (23 lines)diff --git a/gnu/packages/instrumentation.scm b/gnu/packages/instrumentation.scm
index f52cf11505..95724f976b 100644
--- a/gnu/packages/instrumentation.scm
+++ b/gnu/packages/instrumentation.scm
@@ -308,7 +308,15 @@ (define-public perf-tools
                (base32 "1ab735idi0h62yvhzd7822jj3555vygixv4xjrfrdvi8d2hhz6qn"))))
     (build-system copy-build-system)
     (arguments
-     `(#:install-plan
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'patch-paths
+           (lambda _
+             (substitute* '("execsnoop" "killsnoop" "kernel/funcslower")
+               (("/usr/bin/gawk") (which "awk")))
+             (substitute* '"execsnoop"
+               (("/usr/bin/getconf") (which "getconf"))))))
+       #:install-plan
        ',(append
           (map (cut list <> "bin/")
                '("disk/bitesize"
-- 
2.37.1

Mathieu Othacehe wrote on 6 Aug 2022 15:37

Recipients:(name . Olivier Dion)(address . olivier.dion@polymtl.ca)(name . bug#57008)(address . 57008@debbugs.gnu.org)

Message-ID:877d3lebms.fsf@gnu.org

Hello Olivier,

Toggle quote (3 lines)

> * gnu/packages/instrumentation.scm (perf-tools): Add patch phase.

> [phases]: Add patch-paths.

Somehow I still have the same error. Here a complete report:

Toggle snippet (147 lines)mathieu@meije ~/guix [env]$ sudo bash -x execsnoop
+ tracing=/sys/kernel/debug/tracing
+ flock=/var/tmp/.ftrace-lock
+ wroteflock=0
+ opt_duration=0
+ duration=
+ opt_name=0
+ name=
+ opt_time=0
+ opt_reexec=0
+ opt_argc=0
+ argc=8
+ max_argc=16
+ ftext=
+ trap : INT QUIT TERM PIPE HUP
+ getopts a:d:hrt opt
+ shift 0
+ ((  0  ))
+ ((  0  ))
+ ((  opt_pid && opt_name  ))
+ ((  opt_pid  ))
+ ((  opt_name  ))
+ ((  opt_file  ))
+ ((  opt_argc && argc > max_argc  ))
+ ((  opt_duration  ))
+ echo 'Tracing exec()s. Ctrl-C to end.'
Tracing exec()s. Ctrl-C to end.
+ ((  opt_duration  ))
+ [[ -x /gnu/store/55q02v1a3qz8n7rlhy3jva9qjkfwj8y0-gawk-5.1.0/bin/awk ]]
+ awk=gawk
+ cd /sys/kernel/debug/tracing
+ [[ -e /var/tmp/.ftrace-lock ]]
+ echo 25361
+ wroteflock=1
+ [[ -x /gnu/store/bxh206gz379wkn8cvb2ghlkvpqgwfd2v-gcc-toolchain-10.3.0/bin/getconf ]]
++ getconf LONG_BIT
+ bits=64
+ ((  offset = bits / 8  ))
+ makeprobe sys_execve
+ func=sys_execve
+ kname=execsnoop_sys_execve
+ kprobe='p:execsnoop_sys_execve sys_execve'
+ i=0
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_sys_execve sys_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string +0(+64(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ echo nop
+ echo p:execsnoop_sys_execve sys_execve '+0(+0(%si)):string' '+0(+8(%si)):string' '+0(+16(%si)):string' '+0(+24(%si)):string' '+0(+32(%si)):string' '+0(+40(%si)):string' '+0(+48(%si)):string' '+0(+56(%si)):string' '+0(+64(%si)):string'
+ makeprobe stub_execve
+ func=stub_execve
+ kname=execsnoop_stub_execve
+ kprobe='p:execsnoop_stub_execve stub_execve'
+ i=0
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_stub_execve stub_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string +0(+64(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ echo p:execsnoop_stub_execve stub_execve '+0(+0(%si)):string' '+0(+8(%si)):string' '+0(+16(%si)):string' '+0(+24(%si)):string' '+0(+32(%si)):string' '+0(+40(%si)):string' '+0(+48(%si)):string' '+0(+56(%si)):string' '+0(+64(%si)):string'
+ makeprobe do_execve
+ func=do_execve
+ kname=execsnoop_do_execve
+ kprobe='p:execsnoop_do_execve do_execve'
+ i=0
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ kprobe='p:execsnoop_do_execve do_execve +0(+0(%si)):string +0(+8(%si)):string +0(+16(%si)):string +0(+24(%si)):string +0(+32(%si)):string +0(+40(%si)):string +0(+48(%si)):string +0(+56(%si)):string +0(+64(%si)):string'
+ ((  i++  ))
+ ((  i < argc + 1  ))
+ echo p:execsnoop_do_execve do_execve '+0(+0(%si)):string' '+0(+8(%si)):string' '+0(+16(%si)):string' '+0(+24(%si)):string' '+0(+32(%si)):string' '+0(+40(%si)):string' '+0(+48(%si)):string' '+0(+56(%si)):string' '+0(+64(%si)):string'
+ edie 'ERROR: adding a kprobe for execve. Exiting.'
+ echo 'ERROR: adding a kprobe for execve. Exiting.'
ERROR: adding a kprobe for execve. Exiting.
+ exec

Any idea why?

Thanks,

Mathieu

Olivier Dion wrote on 6 Aug 2022 16:45

Recipients:(name . Mathieu Othacehe)(address . othacehe@gnu.org)(name . bug#57008)(address . 57008@debbugs.gnu.org)

Message-ID:87les1ph1o.fsf@laura

On Sat, 06 Aug 2022, Mathieu Othacehe <othacehe@gnu.org> wrote:

Toggle quote (7 lines)

> Hello Olivier,

>> * gnu/packages/instrumentation.scm (perf-tools): Add patch phase.

>> [phases]: Add patch-paths.

> Somehow I still have the same error. Here a complete report:

Right. There's still a problem with kprobe and execsnoop. However,

this patch does fix some other scripts that are using awk and getconf.

Toggle quote (2 lines)

> Any idea why?

The only thing I can think of is that the symbol used by execsnoop for
instrumenting the kernel was changed and is not in /proc/kallsyms.  I'll
try to dig that later this week.

-- 
Olivier Dion
oldiob.dev

Ludovic Courtès wrote on 31 Aug 2022 23:05

Re: bug#57008: [PATCH] gnu: perf-tools: Patch executable paths

Recipients:(name . Olivier Dion)(address . olivier.dion@polymtl.ca)

Message-ID:87edww9l9b.fsf@gnu.org

Hi Olivier & Mathieu,

Olivier Dion <olivier.dion@polymtl.ca> skribis:

Toggle quote (3 lines)

> * gnu/packages/instrumentation.scm (perf-tools): Add patch phase.

> [phases]: Add patch-paths.

[...]

Toggle quote (5 lines)

> + (substitute* '("execsnoop" "killsnoop" "kernel/funcslower")

> + (("/usr/bin/gawk") (which "awk")))

> + (substitute* '"execsnoop"

> + (("/usr/bin/getconf") (which "getconf"))))))

I went ahead and applied a modified version of this patch that uses

‘search-input-file’ instead of ‘which’.

Thanks,

Ludo’.

Closed

Mathieu Othacehe wrote on 1 Sep 2022 17:38

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)

Message-ID:874jxr3y14.fsf@gnu.org

Hey,

Toggle quote (3 lines)

> I went ahead and applied a modified version of this patch that uses

> ‘search-input-file’ instead of ‘which’.

Thanks Ludo! Olivier, any progress on the execsnoop issue :) ?

Mathieu

Closed

Olivier Dion wrote on 1 Sep 2022 17:56

Recipients:(address . 57008-done@debbugs.gnu.org)

Message-ID:87czcf3x6e.fsf@laura

On Thu, 01 Sep 2022, Mathieu Othacehe <othacehe@gnu.org> wrote:

Toggle quote (7 lines)

> Hey,

>> I went ahead and applied a modified version of this patch that uses

>> ‘search-input-file’ instead of ‘which’.

> Thanks Ludo! Olivier, any progress on the execsnoop issue :) ?

Nope. I did not had time to check it again sorry :-/

Maybe there's somehing missing on the kernel side. I will would check

that /sys/kernel/debug/tracing/events has the tracepoints used by

execsnoop and that the tracers ftrace and kprobe are correctly

configured.

Olivier Dion

oldiob.dev

Closed

Your comment

This issue is archived.

To comment on this conversation send an email to 57008@debbugs.gnu.org

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date