Changeset 61572 in vbox for trunk/src/VBox

Timestamp:

Jun 8, 2016 12:03:35 PM (9 years ago)

Author:

vboxsync

Message:

Debugger/Digger/Linux: Use an alternative needle (kobjec) to get at the kernel symbol table as seen on older x86 kernels

File:

• trunk/src/VBox/Debugger/DBGPlugInLinux.cpp (modified) (4 diffs)

trunk/src/VBox/Debugger/DBGPlugInLinux.cpp

@@ -1411 +1411 @@
 }
 
-
-/**
- * @copydoc DBGFOSREG::pfnInit
- */
-static DECLCALLBACK(int)  dbgDiggerLinuxInit(PUVM pUVM, void *pvData)
-{
-    PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
-    Assert(!pThis->fValid);
-
-    /*
-     * Assume 64-bit kernels all live way beyond 32-bit address space.
-     */
-    pThis->f64Bit = pThis->AddrLinuxBanner.FlatPtr > UINT32_MAX;
+/**
+ * Tries to find and load the kernel symbol table with the given needle.
+ *
+ * @returns VBox status code.
+ * @param   pThis               The Linux digger data.
+ * @param   pUVM                The user mode VM handle.
+ * @param   pabNeedle           The needle to use for searching.
+ * @param   cbNeedle            Size of the needle in bytes.
+ */
+static int dbgDiggerLinuxFindSymbolTableFromNeedle(PDBGDIGGERLINUX pThis, PUVM pUVM, uint8_t const *pabNeedle, size_t cbNeedle)
+{
+    int rc = VINF_SUCCESS;
 
     /*
@@ -1433 +1432 @@
     while (cbLeft > 4096)
     {
-        static const uint8_t s_abNeedle[] = "kobj";
         DBGFADDRESS          HitAddr;
-        int rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &CurAddr, cbLeft, 1 /*uAlign*/,
-                               s_abNeedle, sizeof(s_abNeedle) - 1, &HitAddr);
+        rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &CurAddr, cbLeft, 1 /*uAlign*/,
+                           pabNeedle, cbNeedle, &HitAddr);
         if (RT_FAILURE(rc))
             break;
-        if (dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, s_abNeedle, sizeof(s_abNeedle) - 1))
+        if (dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
         {
             /* There will be another hit near by. */
             DBGFR3AddrAdd(&HitAddr, 1);
             rc = DBGFR3MemScan(pUVM, 0 /*idCpu*/, &HitAddr, LNX_MAX_KALLSYMS_NAMES_SIZE, 1 /*uAlign*/,
-                               s_abNeedle, sizeof(s_abNeedle) - 1, &HitAddr);
+                               pabNeedle, cbNeedle, &HitAddr);
             if (   RT_SUCCESS(rc)
-                && dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, s_abNeedle, sizeof(s_abNeedle) - 1))
+                && dbgDiggerLinuxIsLikelyNameFragment(pUVM, &HitAddr, pabNeedle, cbNeedle))
             {
                 /*
@@ -1468 +1466 @@
          * Advance.
          */
-        RTGCUINTPTR cbDistance = HitAddr.FlatPtr - CurAddr.FlatPtr + sizeof(s_abNeedle) - 1;
+        RTGCUINTPTR cbDistance = HitAddr.FlatPtr - CurAddr.FlatPtr + cbNeedle;
         if (RT_UNLIKELY(cbDistance >= cbLeft))
         {
@@ -1477 +1475 @@
         DBGFR3AddrAdd(&CurAddr, cbDistance);
 
+    }
+
+    return rc;
+}
+/**
+ * @copydoc DBGFOSREG::pfnInit
+ */
+static DECLCALLBACK(int)  dbgDiggerLinuxInit(PUVM pUVM, void *pvData)
+{
+    PDBGDIGGERLINUX pThis = (PDBGDIGGERLINUX)pvData;
+    Assert(!pThis->fValid);
+
+    /*
+     * Assume 64-bit kernels all live way beyond 32-bit address space.
+     */
+    pThis->f64Bit = pThis->AddrLinuxBanner.FlatPtr > UINT32_MAX;
+
+    static const uint8_t s_abNeedle[] = "kobj";
+    int rc = dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedle, sizeof(s_abNeedle) - 1);
+    if (RT_FAILURE(rc))
+    {
+        /* Try alternate needle (seen on older x86 Linux kernels). */
+        static const uint8_t s_abNeedleAlt[] = "kobjec";
+        dbgDiggerLinuxFindSymbolTableFromNeedle(pThis, pUVM, s_abNeedleAlt, sizeof(s_abNeedleAlt) - 1);
     }