def to_string(self):
hi = color_title("struct heap_info {")
hi += "\n{:13} = ".format("ar_ptr")
val = format_address(self.val['ar_ptr'])
hi += color_value("{:#x}".format(val))
hi += "\n{:13} = ".format("prev")
val = format_address(self.val['prev'])
hi += color_value("{:#x}".format(val))
hi += "\n{:13} = ".format("size")
val = format_address(self.val['size'])
hi += color_value("{:#x}".format(val))
hi += "\n{:13} = ".format("mprotect_size")
val = format_address(self.val['mprotect_size'])
hi += color_value("{:#x}".format(val))
return hi
def to_string(self):
mc = color_title("struct malloc_chunk {")
mc += "\n{:11} = ".format("prev_size")
val = format_address(self.val['prev_size'])
mc += color_value("{:#x}".format(val))
mc += "\n{:11} = ".format("size")
val = format_address(self.val['size'])
mc += color_value("{:#x}".format(val))
mc += "\n{:11} = ".format("fd")
val = format_address(self.val['fd'])
mc += color_value("{:#x}".format(val))
mc += "\n{:11} = ".format("bk")
val = format_address(self.val['bk'])
mc += color_value("{:#x}".format(val))
mc += "\n{:11} = ".format("fd_nextsize")
val = format_address(self.val['fd_nextsize'])
mc += color_value("{:#x}".format(val))
mc += "\n{:11} = ".format("bk_nextsize")
val = format_address(self.val['bk_nextsize'])
mc += color_value("{:#x}".format(val))
return mc
def __str__(self):
ms = color_title("struct malloc_state {")
ms += "\n{:16} = ".format("mutex")
ms += color_value("{:#x}".format(self.mutex))
ms += "\n{:16} = ".format("flags")
ms += color_value("{:#x}".format(self.flags))
ms += "\n{:16} = ".format("fastbinsY")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("top")
ms += color_value("{:#x}".format(self.top))
ms += "\n{:16} = ".format("last_remainder")
ms += color_value("{:#x}".format(self.last_remainder))
ms += "\n{:16} = ".format("bins")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("binmap")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("next")
ms += color_value("{:#x}".format(self.next))
ms += "\n{:16} = ".format("next_free")
ms += color_value("{:#x}".format(self.next_free))
if self.version >= 2.23:
ms += "\n{:16} = ".format("attached_threads")
ms += color_value("{:#x}".format(self.attached_threads))
ms += "\n{:16} = ".format("system_mem")
ms += color_value("{:#x}".format(self.system_mem))
ms += "\n{:16} = ".format("max_system_mem")
ms += color_value("{:#x}".format(self.max_system_mem))
return ms
def __str__(self):
mp = color_title("struct malloc_par {")
mp += "\n{:16} = ".format("trim_threshold")
mp += color_value("{:#x}".format(self.trim_threshold))
mp += "\n{:16} = ".format("top_pad")
mp += color_value("{:#x}".format(self.top_pad))
mp += "\n{:16} = ".format("mmap_threshold")
mp += color_value("{:#x}".format(self.mmap_threshold))
mp += "\n{:16} = ".format("arena_test")
mp += color_value("{:#x}".format(self.arena_test))
mp += "\n{:16} = ".format("arena_max")
mp += color_value("{:#x}".format(self.arena_max))
mp += "\n{:16} = ".format("n_mmaps")
mp += color_value("{:#x}".format(self.n_mmaps))
mp += "\n{:16} = ".format("n_mmaps_max")
mp += color_value("{:#x}".format(self.n_mmaps_max))
mp += "\n{:16} = ".format("max_n_mmaps")
mp += color_value("{:#x}".format(self.max_n_mmaps))
mp += "\n{:16} = ".format("no_dyn_threshold")
mp += color_value("{:#x}".format(self.no_dyn_threshold))
mp += "\n{:16} = ".format("mmapped_mem")
mp += color_value("{:#x}".format(self.mmapped_mem))
mp += "\n{:16} = ".format("max_mmapped_mem")
mp += color_value("{:#x}".format(self.max_mmapped_mem))
if self.version <= 2.23:
mp += "\n{:16} = ".format("max_total_mem")
mp += color_value("{:#x}".format(self.max_total_mem))
mp += "\n{:16} = ".format("sbrk_base")
mp += color_value("{:#x}".format(self.sbrk_base))
return mp
def __str__(self):
if self.prev_size == 0 and self.size == 0:
return ""
elif self.fd is None and self.bk is None:
ret = color_title("struct malloc_chunk {")
ret += "\n{:11} = ".format("prev_size")
ret += color_value("{:#x}".format(self.prev_size))
ret += "\n{:11} = ".format("size")
ret += color_value("{:#x}".format(self.size))
if self.data is not None:
if self.SIZE_SZ == 4:
ret += "\n{:11} = ".format("data")
ret += color_value("{}".format(self.data))
ret += "\n{:11} = ".format("raw")
ret += color_value("{}".format(struct.pack(
"<%dI" % len(self.data),
*self.data)))
elif self.SIZE_SZ == 8:
ret += "\n{:11} = ".format("data")
ret += color_value("{}".format(self.data))
ret += "\n{:11} = ".format("raw")
ret += color_value("{}".format(struct.pack(
"<%dQ" % len(self.data),
*self.data)))
return ret
else:
mc = color_title("struct malloc_chunk {")
mc += "\n{:11} = ".format("prev_size")
mc += color_value("{:#x}".format(self.prev_size))
mc += "\n{:11} = ".format("size")
mc += color_value("{:#x}".format(self.size))
mc += "\n{:11} = ".format("fd")
mc += color_value("{:#x}".format(self.fd))
mc += "\n{:11} = ".format("bk")
mc += color_value("{:#x}".format(self.bk))
mc += "\n{:11} = ".format("fd_nextsize")
mc += color_value("{:#x}".format(self.fd_nextsize))
mc += "\n{:11} = ".format("bk_nextsize")
mc += color_value("{:#x}".format(self.bk_nextsize))
return mc
def __str__(self):
if self.prev_size == 0 and self.size == 0:
return ""
elif self.fd is None and self.bk is None:
ret = color_title("struct malloc_chunk {")
ret += "\n{:11} = ".format("prev_size")
ret += color_value("{:#x}".format(self.prev_size))
ret += "\n{:11} = ".format("size")
ret += color_value("{:#x}".format(self.size))
if self.data is not None:
if self.SIZE_SZ == 4:
ret += "\n{:11} = ".format("data")
ret += color_value("{}".format(self.data))
ret += "\n{:11} = ".format("raw")
ret += color_value("{}".format(
struct.pack("<%dI" % len(self.data), *self.data)))
elif self.SIZE_SZ == 8:
ret += "\n{:11} = ".format("data")
ret += color_value("{}".format(self.data))
ret += "\n{:11} = ".format("raw")
ret += color_value("{}".format(
struct.pack("<%dQ" % len(self.data), *self.data)))
return ret
else:
mc = color_title("struct malloc_chunk {")
mc += "\n{:11} = ".format("prev_size")
mc += color_value("{:#x}".format(self.prev_size))
mc += "\n{:11} = ".format("size")
mc += color_value("{:#x}".format(self.size))
mc += "\n{:11} = ".format("fd")
mc += color_value("{:#x}".format(self.fd))
mc += "\n{:11} = ".format("bk")
mc += color_value("{:#x}".format(self.bk))
mc += "\n{:11} = ".format("fd_nextsize")
mc += color_value("{:#x}".format(self.fd_nextsize))
mc += "\n{:11} = ".format("bk_nextsize")
mc += color_value("{:#x}".format(self.bk_nextsize))
return mc
def invoke(self, arg, from_tty):
"Specify an optional arena addr: print_bin_layout main_arena=0x12345"
ptm = ptmalloc(debugger=self.dbg)
if ptm.SIZE_SZ == 0:
ptm.set_globals()
if len(arg) == 0:
print_error("Please specify the free bin to dump")
return
try:
if arg.find("main_arena") == -1:
main_arena = self.dbg.read_variable("main_arena")
main_arena_address = self.dbg.format_address(
main_arena.address)
else:
# XXX: fixme
arg = arg.split()
for item in arg:
if item.find("main_arena") != -1:
if len(item) < 12:
print_error("Malformed main_arena parameter")
return
else:
main_arena_address = int(item[11:], 16)
except RuntimeError:
print_error("No frame is currently selected.")
return
except ValueError:
print_error("Debug glibc was not found.")
return
if main_arena_address == 0:
print_error("Invalid main_arena address (0)")
return
ar_ptr = malloc_state(main_arena_address,
debugger=self.dbg,
version=self.version)
ptm.mutex_lock(ar_ptr)
# print_title("Bin Layout")
if int(arg) == 0:
print_error("bin_at(0) does not exist")
return
b = ptm.bin_at(ar_ptr, int(arg))
first = ptm.first(malloc_chunk(b, inuse=False, debugger=self.dbg))
p = malloc_chunk(first, inuse=False, debugger=self.dbg)
print_once = True
print_str = ""
count = 0
while p.address != int(b):
if print_once:
print_once = False
print_str += "--> "
print_str += color_value("[bin {}]".format(int(arg)))
count += 1
print_str += " <--> "
print_str += color_value("{:#x}".format(int(p.address)))
count += 1
p = malloc_chunk(ptm.first(p), inuse=False, debugger=self.dbg)
if len(print_str) != 0:
print_str += " <--"
print(print_str)
print("|{}|".format(" " * (len(print_str) - 2 - count * 12)))
print("{}".format("-" * (len(print_str) - count * 12)))
else:
print_value("Bin {} ".format(int(arg)), end="")
print("empty")
ptm.mutex_unlock(ar_ptr)
def to_string(self):
ms = color_title("struct malloc_state {")
ms += "\n{:16} = ".format("mutex")
val = format_address(self.val['mutex'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("flags")
val = format_address(self.val['flags'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("fastbinsY")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("top")
val = format_address(self.val['top'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("last_remainder")
val = format_address(self.val['last_remainder'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("bins")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("binmap")
ms += color_value("{}".format("{...}"))
ms += "\n{:16} = ".format("next")
val = format_address(self.val['next'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("next_free")
val = format_address(self.val['next_free'])
ms += color_value("{:#x}".format(val))
# XXX: attached_threads added in glibc 2.23
try:
# compute val first so we force a gdb.error
val = format_address(self.val['attached_threads'])
ms += "\n{:16} = ".format("attached_threads")
ms += color_value("{:#x}".format(val))
except gdb.error:
# not in this glibc version
pass
ms += "\n{:16} = ".format("system_mem")
val = format_address(self.val['system_mem'])
ms += color_value("{:#x}".format(val))
ms += "\n{:16} = ".format("max_system_mem")
val = format_address(self.val['max_system_mem'])
ms += color_value("{:#x}".format(val))
return ms
def to_string(self):
mp = color_title("struct malloc_par {")
mp += "\n{:16} = ".format("trim_threshold")
val = format_address(self.val['trim_threshold'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("top_pad")
val = format_address(self.val['top_pad'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("mmap_threshold")
val = format_address(self.val['mmap_threshold'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("arena_test")
val = format_address(self.val['arena_test'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("arena_max")
val = format_address(self.val['arena_max'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("n_mmaps")
val = format_address(self.val['n_mmaps'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("n_mmaps_max")
val = format_address(self.val['n_mmaps_max'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("max_n_mmaps")
val = format_address(self.val['max_n_mmaps'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("no_dyn_threshold")
val = format_address(self.val['no_dyn_threshold'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("mmapped_mem")
val = format_address(self.val['mmapped_mem'])
mp += color_value("{:#x}".format(val))
mp += "\n{:16} = ".format("max_mmapped_mem")
val = format_address(self.val['max_mmapped_mem'])
mp += color_value("{:#x}".format(val))
# XXX: max_total_mem removed in glibc 2.24
try:
# compute val first so we force a gdb.error
val = format_address(self.val['max_total_mem'])
mp += "\n{:16} = ".format("max_total_mem")
mp += color_value("{:#x}".format(val))
except gdb.error:
# not in this glibc version
pass
mp += "\n{:16} = ".format("sbrk_base")
val = format_address(self.val['sbrk_base'])
mp += color_value("{:#x}".format(val))
return mp
def invoke(self, arg, from_tty):
"Specify an optional arena addr: print_bin_layout main_arena=0x12345"
ptm = ptmalloc(debugger=self.dbg)
if ptm.SIZE_SZ == 0:
ptm.set_globals()
if len(arg) == 0:
print_error("Please specify the free bin to dump")
return
try:
if arg.find("main_arena") == -1:
main_arena = self.dbg.read_variable("main_arena")
main_arena_address = self.dbg.format_address(
main_arena.address)
else:
# XXX: fixme
arg = arg.split()
for item in arg:
if item.find("main_arena") != -1:
if len(item) < 12:
print_error("Malformed main_arena parameter")
return
else:
main_arena_address = int(item[11:], 16)
except RuntimeError:
print_error("No frame is currently selected.")
return
except ValueError:
print_error("Debug glibc was not found.")
return
if main_arena_address == 0:
print_error("Invalid main_arena address (0)")
return
ar_ptr = malloc_state(main_arena_address, debugger=self.dbg,
version=self.version)
ptm.mutex_lock(ar_ptr)
# print_title("Bin Layout")
if int(arg) == 0:
print_error("bin_at(0) does not exist")
return
b = ptm.bin_at(ar_ptr, int(arg))
first = ptm.first(malloc_chunk(b, inuse=False, debugger=self.dbg))
p = malloc_chunk(first, inuse=False, debugger=self.dbg)
print_once = True
print_str = ""
count = 0
while p.address != int(b):
if print_once:
print_once = False
print_str += "--> "
print_str += color_value("[bin {}]".format(int(arg)))
count += 1
print_str += " <--> "
print_str += color_value("{:#x}".format(int(p.address)))
count += 1
p = malloc_chunk(ptm.first(p), inuse=False, debugger=self.dbg)
if len(print_str) != 0:
print_str += " <--"
print(print_str)
print("|{}|".format(" " * (len(print_str) - 2 - count*12)))
print("{}".format("-" * (len(print_str) - count*12)))
else:
print_value("Bin {} ".format(int(arg)), end="")
print("empty")
ptm.mutex_unlock(ar_ptr)