We released new Pwndbg: https://github.com/pwndbg/pwndbg/releases/tag/2025.05.30 !

Among others it brings:
- New & improved kernel debugging commands (buddydump, msr, slab) and more x64 regs in context
- New command for dealing with armcm exceptions: dump-register-frame
- Disasm now shows an ✘ marker for emulated branches we know won't be taken
- Improved disasm for ARM, MIPS and LoongArch64 architectures
- Initial support for the IBM s390x architecture
- IDA sync integration fixes

And also cool portable one-liner installers:
$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Want to support us? Sponsor us at https://github.com/sponsors/pwndbg !

#pwning #gdb #ctfs #lldb #security #ctf #pwndbg

🎉 Behold, yet another attempt to make #debugging "fun" by ditching the decades-old, well-established #GDB and #LLDB for a shiny terminal interface. Because who needs reliable tools when you can have a hipster debugger that promises to revolutionize... absolutely nothing? 🙃
https://github.com/al13n321/nnd #fun #terminalinterface #hipsterdebugger #HackerNews #ngated

Nnd – a TUI debugger alternative to GDB, LLDB

https://github.com/al13n321/nnd

#HackerNews #Nnd #TUI #debugger #GDB #LLDB #programming

Finally I got debugging with nvim, clang and lldb working in Neovim. Including preLaunchTasks, CMakePresets...
Now I need to clean up the build process.
One thing that seems absolutely essential is to add the nvim-dap-lldb to the mix.
But for now it just works and I can move on from here.
#gamedev #neovim #cpp #clang #lldb #linux #vulkan

I will be giving a talk on Pwndbg open source development in ~1h on a local Python meeetup!

It will be livestreamed on: https://www.youtube.com/live/euK_S81Qnuo?si=EhZ-WhnP-4yZRElE

#ctf #gdb #pwndbg #lldb

[Перевод] Отладка приложения, которое не хочет, чтобы его отлаживали

Недавно я столкнулся с приложением , которое: Блокирует прикрепление к нему отладчиков. Выполняет преждевременный выход при попытках инъецирования кода. Приводит к вылету телефона целиком, если запустить её со включённым джейлбрейком (!). По последнему пункту: кто вообще так делает??? Всё, что мы делаем (например, выполняем моддинг TikTok , чтобы он показывал только видео с котиками, или устраняем торможения в чужих приложениях), требует возможности исследования работы приложения. Но в приложениях для iOS очень часто используются дополнительные защиты от любопытных глаз, например, обнаружение джейлбрейка или обфускация кода . Похоже, это приложение стало на удивление интересной комбинацией всего перечисленного. Намного более сложной, чем можно было бы ожидать от обычного старого виджет-приложения.

https://habr.com/ru/companies/ruvds/articles/883942/

#ios #обратная_разработка #разработка_под_ios #lldb #flex #frida #патчинг #ruvds_перевод

Faster Debugging for Massive MSVC-Based Projects in CLion
#Clang #CLion #News #Debugger #Eap #Lldb #Msvc

https://blog.jetbrains.com/clion/2025/02/lldb-msvc-improvements/

We really want to take automation in Swift Package and Xcode projects into a better place:

1. You should be able to build and test your projects in the most optimal way and get telemetry to improve things.
2. You should be able to extend automation with your own workflows in Swift and be able to debug them with #LLDB
3. You should be able to virtualise the execution of the workflows locally.
4. You should be able to run workflows virtualised in a remote environment like you did locally.

Fresh article on how to build, #RE, #debug, and #recon #XPC services on #macOS with an #XCode #Programming walkthrough (#C and #NSXPC APIs). Plus actual #debugging tips with #LLDB. If you are into #macOS/#iOS, this one's for you - #code included.
Enjoy!

https://karol-mazurek.medium.com/xpc-programming-on-macos-7e1918573f6d?sk=v2%2F21c4e9c7-40a5-43dd-804b-0d8f9bc4e94c

In #lldb by default a backtrace shows not just the $pc and function name, but also which objfile that pc/func are in. Like "exename" or "libc.so" or whatever. Is there a way to get #gnu #gdb to do this? (Or am I going to have to submit a patch myself? :P )

I like writing articles that help myself not once afterwards.

This case is because of being a rare user of #lldb for #rustlang #debugging.

https://blog.ego.team/programming/rust-debugger-intro.html

If I was on gdb, that print would have done:
```
(gdb) print &a
$1 = (struct a *) 0x7fffffffe4f8
```

which means that I can then use $1 in later expressions to use that value, so then I can do:
```
(gdb) watch $1->a
Watchpoint 2: $1->a
```
and it just works.

None of that happens w/ lldb.

And none of the guides that talk about how to convert gdb to lldb mention how to deal w/ these deficiencies.

#lldb

Ok, I just found out that when you print stuff, lldb doesn't actually print things properly.
```
(lldb) run
[...]
-> 10 struct a a = (struct a){};
[...]
Target 0: (t) stopped.
(lldb) print &a
(a *) 0x000000016fdff1b8
(lldb) print ((a *) 0x000000016fdff1b8)->a
error: <user expression 1>:1:6: expected expression
((a *) 0x000000016fdff1b8)->a
^
(lldb) print ((struct a *) 0x000000016fdff1b8)->a
(int) 4266848
```

I also just realized that lldb doesn't keep a history of values printed.

#lldb

First time debugged something small but real with #LLDB

Found the bug purely by accident just because LLDB's interface is so ugly (just different?) compared to what we're all used to in IDEs

CLion 2024.3 EAP 3: OpenCV Image Viewer and the Ability to Attach the Debugger to an Unstarted Process
#Clang #CLion #Eap #News #Clionnova #Debugger #Gdb #Lldb #Opencv

https://blog.jetbrains.com/clion/2024/10/2024-3-eap-3/

LLDB does not support reverse debugging yet. As far as I know, there are two ways to implement reverse debugging: one is record and replay, such as the rr tool, which can be considered as read-only; the other is "true" reverse, which can "roll back->modify the state->run again". The latter is not necessarily more useful than the former. For example, some nondeterministic bugs can be reproduced 100% using record and replay, but may not be reproduced by running it again with "true" reverse.

#LLDB #LLVM

• В таком открывшемся окне #VSCode на вкладке расширений придётся включить уже имеющиеся/установленные расширения, чтобы они скопировались внутрь контейнера. Т.е. работают он реально там на сервере, а не тут локально.
• Некоторым расширениям нужны всякие вещи, вроде #LSP сервера, #lldb / #gdb, иногда lldb-mi. Всё это внутрь контейнера придётся устанавливать самостоятельно, ручками.
• Использовать расширение Dev Containers получится лишь на официальной Visual Studio Code — в таких вариантах как #Code-OSS, #VSCodium и #Uncoded оно просто не доступно. А если его установить через скаченный #VSIX, то работать не будет.

• Работать с кодом получается, равно как и обычным образом, как если бы тулчейн и библиотеки не находились внутри контейнера;
• Поддерживаются как обычные #Docker -контейнеры так и #rootless варианты контейнеров — соответственно, и #Podman -контейнеры тоже (которые априори #rootless );
• Не обязательно заморачиваться с .devcontainer/devcontainer.json в проекте, можно подключаться из #VSCode к любому контейнеру — запустится новое окно редактора.

"dev.containers.dockerSocketPath": "unix:///run/user/100500/docker.sock",
"docker.environment": {
    "DOCKER_HOST": "unix:///run/user/100500/docker.sock"
},

$ systemctl status --user docker.socket
... 
     Listen: /run/user/100500/docker.sock (Stream)

So problem seems to be solved. The reason was in different initiation of memory data structures. I wrongly assumed that structure was zeroed. Now it works without any problem.
But #OpenBSD #LLDB still cannot attach to running process, breaks with `Out of memory` and core dump. Maybe I should look Ito that core … using LLDB 😂.

@matuzalem here's a release to test 😉 I'm pretty sure it won't crash, but can't guarantee. It's been examined a lot, also with #lldb and #valgrind, but doesn't have any automated tests so far. I'm still undecided about investing the time and effort to change that, would need to pick a library/framework first (C doesn't offer any testing capabilities in the language) and then, while a few modules like the unicode string functions are perfectly unit-testable, the whole project is a large "event processor" (like any GUI application) and depends on these external events, so a *lot* of tedious mocking would be required for better test coverage ...

edit: btw, fixed a weird bug before releasing this, it was possible to enter a state where processing X11 events stopped (requesting to minimize with the WM ignoring the request). Not a crash, but a bug 😅

How Conditional Breakpoints Work
https://werat.dev/blog/how-conditional-breakpoints-work/
#ycombinator #blog #developer #personal #debugging #debuggers #visual_studio #lldb #expression_evaluation #lldb_eval #raddbg #delve