From ac7b85ff8d0b4fef3d25ccf9b3044347a2c331c7 Mon Sep 17 00:00:00 2001
From: Max Gorog <mgorog@gmail.com>
Date: Sun, 3 May 2026 17:40:37 -0500
Subject: [PATCH] =?UTF-8?q?PIPELINE=20=C2=A75=20step=201=20follow-up:=20en?=
 =?UTF-8?q?able=20perf=20in=20production=20launchers?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The §5 step 1 fixes correct the perf collector's stdout/stderr +
event-name parser bugs, but the launchers
(run_real_vm_demo / run_tier3_demo) never set enable_perf=True, so
production episodes still ship with rows_perf=0 — silently disabled
collector, which is exactly the §1 / §4.4 pattern.

Turn it on in both launchers. Failure modes (perf binary missing,
paranoid level too high) are logged as warnings + return 0 rows
visibly, not silently.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 tools/run_real_vm_demo.py | 11 +++++++++++
 tools/run_tier3_demo.py   |  4 ++++
 2 files changed, 15 insertions(+)

diff --git a/tools/run_real_vm_demo.py b/tools/run_real_vm_demo.py
index 0a6904f..8c10dab 100644
--- a/tools/run_real_vm_demo.py
+++ b/tools/run_real_vm_demo.py
@@ -217,6 +217,17 @@ def main() -> int:
             qmp_socket=qmp_sock if qmp_sock.exists() else None,
             guest_agent_socket=agent_sock if agent_sock.exists() else None,
             bridge_iface=os.environ.get("BRIDGE") or None,
+            # Source 3 (oracle): perf-stat sampling of the qemu PID.
+            # Now that the stdout/stderr + event-name parser bugs are
+            # fixed, perf produces real rows. Per PIPELINE.md §4.4
+            # collectors that emit zero rows shouldn't be in the active
+            # set silently — keeping it default-off was effectively
+            # silencing the source. On x86_64 lab hosts with
+            # perf_event_paranoid <= 2 (cis490 user owns qemu PID), the
+            # collector reads cycles/instructions/page-faults; on hosts
+            # without perf the collector logs a warning and returns 0
+            # rows (visible, not silent).
+            enable_perf=True,
             sample=sample,
         )
 
diff --git a/tools/run_tier3_demo.py b/tools/run_tier3_demo.py
index 1747705..cc2f51a 100644
--- a/tools/run_tier3_demo.py
+++ b/tools/run_tier3_demo.py
@@ -308,6 +308,10 @@ def main() -> int:
             qmp_socket=qmp_sock if qmp_sock.exists() else None,
             guest_agent_socket=agent_sock if agent_sock.exists() else None,
             bridge_iface=os.environ.get("BRIDGE") or None,
+            # Source 3 (oracle): see equivalent in run_real_vm_demo.py.
+            # Now that the perf collector parser is fixed, turn it on
+            # in production rather than leave it silently disabled.
+            enable_perf=True,
             sample=sample,
             exploit_meta={
                 "framework": "metasploit",