Well, the problem is pretty simple really.
On my 2.6.16 kernel (non-xen), gdb reports:
crash> whatis pid_hash
struct hlist_head *pid_hash[4];
crash>
On my 2.6.17 xen kernel, gdb shows the new declaration:
crash> whatis pid_hash
struct hlist_head *pid_hash;
crash>
Whereas with your kernel (with the "plen = 4" hack),
gdb returns:
crash> whatis pid_hash
<data variable, no debug info> pid_hash;
crash>
I don't know why the pid_hash debug info is not getting
included in your vmlinux file, i.e., when built with -g.
I note that your kernel was built with gcc 4.0.0, whereas
my non-xen 2.6.16 kernel above was built with gcc 4.1.0,
and the 2.6.17 xen kernel above was built with gcc 4.1.1.
Perhaps there's an issue with the 4.0.0 compiler?
I don't know -- I give up.
Anyway, I guess the only way around it is going to
have to be a hack. The "pid_hash" symbol is there,
and the size of the array can be determined by looking
at the symbol value of the next sequential symbol, and
dividing the address difference by the size of a pointer.
Dave