Skip to content

heap ¤

Modules:

Functions:

Attributes:

current module-attribute ¤

current: MemoryAllocator | None = None

main_arena module-attribute ¤

main_arena = add_heap_param('main-arena', '0', 'the address of main_arena')

thread_arena module-attribute ¤

thread_arena = add_heap_param(
    "thread-arena", "0", "the address pointed by thread_arena"
)

mp_ module-attribute ¤

mp_ = add_heap_param('mp', '0', 'the address of mp_')

tcache module-attribute ¤

tcache = add_heap_param('tcache', '0', 'the address pointed by tcache')

global_max_fast module-attribute ¤

global_max_fast = add_heap_param(
    "global-max-fast", "0", "the address of global_max_fast"
)

symbol_list module-attribute ¤

symbol_list = [main_arena, thread_arena, mp_, tcache, global_max_fast]

heap_chain_limit module-attribute ¤

heap_chain_limit = add_heap_param(
    "heap-dereference-limit",
    8,
    "number of chunks to dereference in each bin",
    param_class=PARAM_UINTEGER,
)

heap_corruption_check_limit module-attribute ¤

heap_corruption_check_limit = add_heap_param(
    "heap-corruption-check-limit",
    64,
    "amount of chunks to traverse for the bin corruption check",
    param_class=PARAM_UINTEGER,
    help_docstring="\nThe bins are traversed both forwards and backwards.\n",
)

extra_hint_for_gdb module-attribute ¤

extra_hint_for_gdb = "\nIn addition, even you have the debug symbols of libc, you might still see the\nfollowing warning when debugging a multi-threaded program:\n```\nwarning: Unable to find libthread_db matching inferior's thread library, thread\ndebugging will not be available.\n```\n\nYou'll need to ensure that the correct `libthread_db.so` is loaded. To do this,\nset the search path using:\n```\nset libthread-db-search-path <path having correct libthread_db.so>\n```\nThen, restart your program to enable proper thread debugging.\n"

resolve_heap_via_heuristic module-attribute ¤

resolve_heap_via_heuristic = add_heap_param(
    "resolve-heap-via-heuristic",
    "auto",
    "the strategy to resolve heap via heuristic",
    help_docstring="Values explained:\n\n+ `auto` - pwndbg will try to use heuristics if debug symbols are missing\n+ `force` - pwndbg will always try to use heuristics, even if debug symbols are available\n+ `never` - pwndbg will never use heuristics to resolve the heap\n\nIf the output of the heap related command produces errors with heuristics, you\ncan try manually setting the libc symbol addresses.\nFor this, see the `heap_config` command output and set the `main_arena`, `mp_`,\n`global_max_fast`, `tcache` and `thread_arena` addresses.\n\nNote: pwndbg will generate more reliable results with proper debug symbols.\nTherefore, when debug symbols are missing, you should try to install them first\nif you haven't already.\n\nThey can probably be installed via the package manager of your choice.\nSee also: https://sourceware.org/gdb/onlinedocs/gdb/Separate-Debug-Files.html .\n\nE.g. on Ubuntu/Debian you might need to do the following steps (for 64-bit and\n32-bit binaries):\n```bash\nsudo apt-get install libc6-dbg\nsudo dpkg --add-architecture i386\nsudo apt-get install libc-dbg:i386\n```\nIf you used setup.sh on Arch based distro you'll need to do a power cycle or set\nenvironment variable manually like this:\n```bash\nexport DEBUGINFOD_URLS=https://debuginfod.archlinux.org\n```\n"
    + extra_hint_for_gdb,
    param_class=PARAM_ENUM,
    enum_sequence=["auto", "force", "never"],
)

add_heap_param ¤

add_heap_param(
    name: str,
    default: Any,
    set_show_doc: str,
    *,
    help_docstring: str = "",
    param_class: int | None = None,
    enum_sequence: Sequence[str] | None = None,
)

update ¤

update() -> None

reset ¤

reset() -> None

resolve_heap ¤

resolve_heap(is_first_run: bool = False) -> None