/// <summary>
/// Loads the results for the current page.
/// </summary>
private void LoadScanResults()
{
Snapshot snapshot = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshot, this.ActiveType);
IList <ScanResult> newAddresses = new List <ScanResult>();
if (snapshot != null)
{
UInt64 startIndex = Math.Min(ScanResultsViewModel.PageSize * this.CurrentPage, snapshot.ElementCount);
UInt64 endIndex = Math.Min((ScanResultsViewModel.PageSize * this.CurrentPage) + ScanResultsViewModel.PageSize, snapshot.ElementCount);
for (UInt64 index = startIndex; index < endIndex; index++)
{
SnapshotElementIndexer element = snapshot[index];
String label = element.GetElementLabel() != null?element.GetElementLabel().ToString() : String.Empty;
Object currentValue = element.HasCurrentValue() ? element.LoadCurrentValue() : null;
Object previousValue = element.HasPreviousValue() ? element.LoadPreviousValue() : null;
String moduleName = String.Empty;
UInt64 address = Query.Default.AddressToModule(element.BaseAddress, out moduleName);
PointerItem pointerItem = new PointerItem(baseAddress: address, dataType: this.ActiveType, moduleName: moduleName, value: currentValue);
newAddresses.Add(new ScanResult(new PointerItemView(pointerItem), previousValue, label));
}
}
this.Addresses = new FullyObservableCollection <ScanResult>(newAddresses);
// Ensure results are visible
this.IsVisible = true;
this.IsSelected = true;
this.IsActive = true;
}
/// <summary>
/// Starts the scan using the current constraints.
/// </summary>
private void StartScan()
{
// Create a constraint manager that includes the current active constraint
ConstraintNode scanConstraints = this.ActiveConstraint.Clone();
if (!scanConstraints.IsValid())
{
Logger.Log(LogLevel.Warn, "Unable to start scan with given constraints");
return;
}
DataType dataType = ScanResultsViewModel.GetInstance().ActiveType;
// Collect values
TrackableTask <Snapshot> valueCollectorTask = ValueCollector.CollectValues(
SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshotOrPrefilter, dataType));
TaskTrackerViewModel.GetInstance().TrackTask(valueCollectorTask);
// Perform manual scan on value collection complete
valueCollectorTask.OnCompletedEvent += ((completedValueCollection) =>
{
Snapshot snapshot = valueCollectorTask.Result;
TrackableTask <Snapshot> scanTask = ManualScanner.Scan(
snapshot,
scanConstraints);
TaskTrackerViewModel.GetInstance().TrackTask(scanTask);
SnapshotManager.SaveSnapshot(scanTask.Result);
});
}
private void StartScan(int index, Int64 searchAddress, bool validatingProcess = false)
{
if (index > 0)
{
SnapshotManager.ClearSnapshots();
}
ConstraintNode scanConstraints = new ScanConstraint(ScanConstraint.ConstraintType.Equal, searchAddress, dataType);
TrackableTask <Snapshot> valueCollectorTask = ValueCollector.CollectValues(
SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshotOrPrefilter, dataType),
TrackableTask.UniversalIdentifier);
valueCollectorTask.OnCompletedEvent += ((completedValueCollectionTask) =>
{
Snapshot snapshot = valueCollectorTask.Result;
TrackableTask <Snapshot> scanTask = ManualScanner.Scan(
snapshot,
scanConstraints,
TrackableTask.UniversalIdentifier);
SnapshotManager.SaveSnapshot(scanTask.Result);
snapshot = scanTask.Result;
scannedAddresses.Add(new List <Int64>());
if (snapshot != null)
{
for (UInt64 i = 0; i < snapshot.ElementCount; ++i)
{
SnapshotElementIndexer element = snapshot[i];
Object currentValue = element.HasCurrentValue() ? element.LoadCurrentValue() : null;
Object previousValue = element.HasPreviousValue() ? element.LoadPreviousValue() : null;
String moduleName = String.Empty;
UInt64 address = Query.Default.AddressToModule(element.BaseAddress, out moduleName);
PointerItem pointerItem = new PointerItem(baseAddress: address, dataType: dataType, moduleName: moduleName, value: currentValue);
pointerItem.ForceResolveAddress();
scannedAddresses[index].Add(Int64.Parse(pointerItem.AddressSpecifier, NumberStyles.HexNumber, CultureInfo.CurrentCulture));
}
}
int nextIteration = index + 1;
if (nextIteration < addressesToFind.Count)
{
StartScan(nextIteration, addressesToFind[nextIteration], validatingProcess);
}
else
{
SearchLogic(validatingProcess);
}
});
}
/// <summary>
/// Begins the value collection.
/// </summary>
private void CollectValues()
{
DataType dataType = ScanResultsViewModel.GetInstance().ActiveType;
TrackableTask <Snapshot> valueCollectTask = ValueCollector.CollectValues(
SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshotOrPrefilter, dataType));
TaskTrackerViewModel.GetInstance().TrackTask(valueCollectTask);
SnapshotManager.SaveSnapshot(valueCollectTask.Result);
}
/// <summary>
/// Gets the snapshot generated by the prefilter.
/// </summary>
/// <returns>The snapshot generated by the prefilter.</returns>
public Snapshot GetPrefilteredSnapshot(DataType dataType)
{
Snapshot snapshot = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromSettings, dataType);
foreach (ISnapshotPrefilter prefilter in this.Prefilters)
{
snapshot = prefilter.Apply(snapshot);
}
return(snapshot);
}
protected void OnBegin()
{
// Initialize labeled snapshot
this.Snapshot = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshotOrPrefilter, DataType.Int32).Clone("Change Counter");
this.Snapshot.LabelDataType = DataType.UInt16;
if (this.Snapshot == null)
{
return;
}
// Initialize change counts to zero
this.Snapshot.SetElementLabels <UInt16>(0);
this.ScanCount = 0;
}
protected void OnBegin()
{
this.InitializeObjects();
// Initialize labeled snapshot
this.Snapshot = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromActiveSnapshotOrPrefilter, DataType.Int32).Clone("Input Correlator");
this.Snapshot.LabelDataType = DataType.Int16;
if (this.Snapshot == null)
{
//// this.Cancel();
return;
}
// Initialize with no correlation
this.Snapshot.SetElementLabels <Int16>(0);
this.TimeOutIntervalMs = ScanSettings.Default.InputCorrelatorTimeOutInterval;
}
public void IsCleverInFindingOldSnaps()
{
var index = 42L;
var term = 2L;
File.WriteAllText(_mgr.GetTempFileNameForIndexAndTerm(index - 1, term), "");
File.WriteAllText(_mgr.GetTempFileNameForIndexAndTerm(index + 1, term), "");
File.WriteAllText(_mgr.GetTempFileNameForIndexAndTerm(index - 2, term), "");
File.WriteAllText(_mgr.GetFinalFileNameForIndexAndTerm(index, term), "");
var perv = _mgr.GetPreviousSnapshots();
var lastIndex = _mgr.GetLastSnapshot().LastIncludedIndex;
Assert.Equal(2, perv.Count());
foreach (var f in perv)
{
Assert.True(_mgr.GetSnapshot(f).LastIncludedIndex < index);
}
}
/// <summary>
/// Performs a pointer scan for a given address.
/// </summary>
/// <param name="address">The address for which to perform a pointer scan.</param>
/// <param name="maxOffset">The maximum pointer offset.</param>
/// <param name="depth">The maximum pointer search depth.</param>
/// <param name="alignment">The pointer scan alignment.</param>
/// <returns>Atrackable task that returns the scan results.</returns>
public static TrackableTask <PointerBag> Scan(UInt64 address, UInt32 maxOffset, Int32 depth, Int32 alignment)
{
TrackableTask <PointerBag> pointerScanTask = TrackableTask <PointerBag> .Create(PointerScan.Name, out UpdateProgress updateProgress, out CancellationToken cancellationToken);
return(pointerScanTask.With(Task.Factory.StartNew <PointerBag>(() =>
{
try
{
cancellationToken.ThrowIfCancellationRequested();
PointerSize pointerSize = Processes.Default.IsOpenedProcess32Bit() ? PointerSize.Byte4 : PointerSize.Byte8;
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
// Step 1) Create a snapshot of the target address
Snapshot targetAddress = new Snapshot(new SnapshotRegion[] { new SnapshotRegion(new ReadGroup(address, pointerSize.ToSize(), pointerSize.ToDataType(), alignment), 0, pointerSize.ToSize()) });
// Step 2) Collect static pointers
Snapshot staticPointers = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromModules, pointerSize.ToDataType());
TrackableTask <Snapshot> valueCollector = ValueCollector.CollectValues(staticPointers);
staticPointers = valueCollector.Result;
// Step 3) Collect heap pointers
Snapshot heapPointers = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromHeaps, pointerSize.ToDataType());
TrackableTask <Snapshot> heapValueCollector = ValueCollector.CollectValues(heapPointers);
heapPointers = heapValueCollector.Result;
// Step 3) Build levels
IList <Level> levels = new List <Level>();
if (depth > 0)
{
// Create 1st level with target address and static pointers
levels.Add(new Level(targetAddress, staticPointers));
// Initialize each level with all static addresses and all heap addresses
for (Int32 index = 0; index < depth - 1; index++)
{
levels.Add(new Level(heapPointers, staticPointers));
}
}
// Exit if canceled
cancellationToken.ThrowIfCancellationRequested();
// Step 4) Rebase to filter out unwanted pointers
PointerBag newPointerBag = new PointerBag(levels, maxOffset, pointerSize);
TrackableTask <PointerBag> pointerRebaseTask = PointerRebase.Scan(newPointerBag, readMemory: false, performUnchangedScan: false);
PointerBag rebasedPointerBag = pointerRebaseTask.Result;
// Exit if canceled
cancellationToken.ThrowIfCancellationRequested();
stopwatch.Stop();
Logger.Log(LogLevel.Info, "Pointer scan complete in: " + stopwatch.Elapsed);
return rebasedPointerBag;
}
catch (OperationCanceledException ex)
{
Logger.Log(LogLevel.Warn, "Pointer scan canceled", ex);
}
catch (Exception ex)
{
Logger.Log(LogLevel.Error, "Error performing pointer scan", ex);
}
return null;
}, cancellationToken)));
}
/// <summary>
/// Performs a pointer scan for a given address.
/// </summary>
/// <param name="address">The address for which to perform a pointer scan.</param>
/// <param name="maxOffset">The maximum pointer offset.</param>
/// <param name="depth">The maximum pointer search depth.</param>
/// <param name="alignment">The pointer scan alignment.</param>
/// <param name="taskIdentifier">The unique identifier to prevent duplicate tasks.</param>
/// <returns>Atrackable task that returns the scan results.</returns>
public static TrackableTask <PointerBag> Scan(UInt64 newAddress, Int32 alignment, PointerBag oldPointerBag, String taskIdentifier = null)
{
try
{
return(TrackableTask <PointerBag>
.Create(PointerRetargetScan.Name, taskIdentifier, out UpdateProgress updateProgress, out CancellationToken cancellationToken)
.With(Task <PointerBag> .Run(() =>
{
try
{
cancellationToken.ThrowIfCancellationRequested();
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
// Step 1) Create a snapshot of the new target address
Snapshot targetAddress = new Snapshot(new SnapshotRegion[] { new SnapshotRegion(new ReadGroup(newAddress, oldPointerBag.PointerSize.ToSize(), oldPointerBag.PointerSize.ToDataType(), alignment), 0, oldPointerBag.PointerSize.ToSize()) });
// Step 2) Collect heap pointers
Snapshot heapPointers = SnapshotManager.GetSnapshot(Snapshot.SnapshotRetrievalMode.FromHeaps, oldPointerBag.PointerSize.ToDataType());
TrackableTask <Snapshot> heapValueCollector = ValueCollector.CollectValues(heapPointers);
heapPointers = heapValueCollector.Result;
// Step 3) Rebuild levels
IList <Level> levels = new List <Level>();
if (oldPointerBag.Depth > 0)
{
// Create 1st level with target address and previous static pointers
levels.Add(new Level(targetAddress, oldPointerBag.Levels.First().StaticPointers));
// Copy over all old static pointers, and replace the heaps with a full heap
foreach (Level level in oldPointerBag.Levels.Skip(1))
{
levels.Add(new Level(heapPointers, level.StaticPointers));
}
}
// Exit if canceled
cancellationToken.ThrowIfCancellationRequested();
// Step 4) Perform a rebase from the old static addresses onto the new heaps
PointerBag newPointerBag = new PointerBag(levels, oldPointerBag.MaxOffset, oldPointerBag.PointerSize);
TrackableTask <PointerBag> pointerRebaseTask = PointerRebase.Scan(newPointerBag, readMemory: true, performUnchangedScan: true);
PointerBag rebasedPointerBag = pointerRebaseTask.Result;
stopwatch.Stop();
Logger.Log(LogLevel.Info, "Pointer retarget complete in: " + stopwatch.Elapsed);
return rebasedPointerBag;
}
catch (OperationCanceledException ex)
{
Logger.Log(LogLevel.Warn, "Pointer retarget canceled", ex);
}
catch (Exception ex)
{
Logger.Log(LogLevel.Error, "Error performing pointer retarget", ex);
}
return null;
}, cancellationToken)));
}
catch (TaskConflictException ex)
{
Logger.Log(LogLevel.Warn, "A pointer scan is already scheduled.");
throw ex;
}
}
