# prealloc (reserve pre-allocated pools) ### Command > prealloc ### Syntax > prealloc \[Type (string)] \[Count (hex)] ### Description Reserves a specified number of pre-allocated pools. This command is mainly used to assist in the pre-allocation of pools for [**instant events**](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events). In some cases, you need to reserve multiple pools to be used in vmx-root mode. This command will allocate these pools in **PASSIVE\_LEVEL**. {% hint style="info" %} HyperDbg tries to minimize the request for this command by allocating pools whenever your system is in **PASSIVE\_LEVEL**. {% endhint %} ### Parameters **\[Type (string)]** The type of pool(s) to be reserved. | Type | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **thread-interception** | Used for storing details of processes with thousands of threads | | **monitor** | **!monitor** command's extra pages | | **epthook** | **!ephook** command's extra pages | | **epthook2** | **!ephook2** command's extra pages | | **regular-event** | Regular [instant events](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events) | | **big-event** | Big [instant events](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events) | | **regular-safe-buffer** | Regular event safe buffers ([$buffer](https://docs.hyperdbg.org/commands/scripting-language/assumptions-and-evaluations#pseudo-registers)) for [instant events](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events) | | **big-safe-buffer** | Big event safe buffers ([$buffer](https://docs.hyperdbg.org/commands/scripting-language/assumptions-and-evaluations#pseudo-registers)) for [instant events](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events) | **\[Count (hex)]** Number of pool(s) to be allocated and reserved. ### Examples Imagine we want to pre-allocate and reserve **0x10** number of pools for the '[!monitor](https://docs.hyperdbg.org/commands/extension-commands/monitor)' command. If we're operating in the [Debugger Mode](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/operation-modes#debugger-mode), first we need to reserve and allocate pools for a [regular event](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events), then we need to allocate the same amount of pools for the memory **monitor** EPT hooks. ``` 0: kHyperDbg> prealloc regular-event 10 the requested pools are allocated and reserved 0: kHyperDbg> prealloc monitor 10 the requested pools are allocated and reserved ``` Again if we want to pre-allocate and reserve **0x10** number of pools for the '[!epthook](https://docs.hyperdbg.org/commands/extension-commands/epthook)' command. If we're operating in the [Debugger Mode](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/operation-modes#debugger-mode), first we need to reserve and allocate pools for a [regular event](https://docs.hyperdbg.org/tips-and-tricks/misc/instant-events), then we need to allocate the same amount of pools for the memory **epthook** EPT hooks. ``` 0: kHyperDbg> prealloc regular-event 10 the requested pools are allocated and reserved 0: kHyperDbg> prealloc epthook 10 the requested pools are allocated and reserved ``` Assume we need to pre-allocate and [reserve a safe buffer](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/how-to-create-an-action#pre-allocated-buffers) for an event in the [Debugger Mode](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/operation-modes#debugger-mode). We can use the following command. ``` 0: kHyperDbg> prealloc regular-safe-buffer 1 the requested pools are allocated and reserved ``` ### IOCTL This function works by calling **DeviceIoControl** with `IOCTL = IOCTL_RESERVE_PRE_ALLOCATED_POOLS`, you have to send it in the following structure. ```c typedef struct _DEBUGGER_PREALLOC_COMMAND { DEBUGGER_PREALLOC_COMMAND_TYPE Type; UINT64 Count; UINT32 KernelStatus; } DEBUGGER_PREALLOC_COMMAND, *PDEBUGGER_PREALLOC_COMMAND; ``` You should only fill the **Type** and **Count** of the above structure when the IOCTL returns from the kernel, other parts of this structure are filled with appropriate **KernelStatus**. The **Type** can be from the following enum: ``` typedef enum _DEBUGGER_PREALLOC_COMMAND_TYPE { DEBUGGER_PREALLOC_COMMAND_TYPE_MONITOR, DEBUGGER_PREALLOC_COMMAND_TYPE_THREAD_INTERCEPTION, } DEBUGGER_PREALLOC_COMMAND_TYPE; ``` ### Remarks This command will continue the debuggee for some time (in Debugger Mode). This means that you lose the current context (registers & memory) after executing this command. ### Requirements None ### Related None --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.hyperdbg.org/commands/debugging-commands/prealloc.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.