pwndbg/pwndbg 2026.02.18 on GitHub

This is a hotfix release for the 2026.02.17 recent release.

This release brings A LOT: radare2-inspired branch visualization in nearpc disassembly, new decompiler integration (supporting IDA, Binary Ninja, Ghidra and angr), stack variable annotations from debug info, new kernel debugging commands: kmem-trace for tracing allocations, kcurrent/kfile/pagewalk to dump kernel tasks info or memory pages information; LLDB core file support, new compact register display modes and many fixes and improvements.

We also release:

debuginfod client enabled by default in Pwndbg portable releases
niche-elf, a fast library to build minimal ELFs with symbols, used in Pwndbg

The portable release also sets the DEBUGINFOD_URLS=debuginfod.pwndbg.re to a debuginfod server we developed which contains debug symbols from multiple different mainstream distros (ubuntu, centos, nix, debian, fedora, opensuse, systemtap, archlinux and others). We will open source the server soon.

Branch visualization showcase:

See What's changed below for more info. Big thanks to everyone who made this possible!

Also, please sponsor the project to let us keep improving!

Quick install

Install Pwndbg portable on Linux or macOS (choose one line for GDB or LLDB):

curl --proto '=https' --tlsv1.2 -LsSf 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
curl --proto '=https' --tlsv1.2 -LsSf 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Homebrew package (macOS only; choose one line for GDB or LLDB):

brew install pwndbg/tap/pwndbg-gdb  # only allows for remote debugging of ELFs
brew install pwndbg/tap/pwndbg-lldb

Nix package manager (Linux/macOS; choose one line for GDB or LLDB):

nix shell github:pwndbg/pwndbg  # this is pwndbg-gdb
nix shell github:pwndbg/pwndbg#pwndbg-lldb

Other options:

Want specific distro and architecture package? Check out setup docs and download the specific asset below.
Want latest development version? See install from source.

What's changed

Breaking Changes

Removed deprecated underscore command aliases (e.g. heap_config -> heap-config) (#3383)
Replaced all pwndbg.aglib.regs["x"] bracket access with pwndbg.aglib.regs.read_reg("x") (#3440)
Dropped ppc64 big-endian portable release (#3424)

Debuginfod Server

We developed and open-sourced our own debuginfod server, written in Zig, and host it at debuginfod.pwndbg.re. It is now enabled by default in our gdb-for-pwndbg release and in portable releases. If you use your own system GDB, you can enable it manually by setting the DEBUGINFOD_URLS environment variable. This means debug symbols for system libraries are automatically fetched when available, making debugging significantly easier out of the box.

Disassembly

Branch visualization - visualize branch sources and targets in nearpc output using Unicode characters, inspired by radare2. Enabled by default, disable with -n | -no-branch flag (#3361)
Disassemble entire function - nearpc -f <funcname> can now display all instructions of a function at once (#3736)

nearpc -r and nearpc -t parameters - control the number of previous instructions (-r) and total instructions (-t) displayed (#3357)

Decompiler Integration

We now use decomp2dbg for decompiler integration/synchronization - and support IDA, Binary Ninja, Ghidra and angr-management as decompiler backend. Symbols are added to the debugger, function locals appear in annotations and the stack, and the decompiled code is shown in the appropriate context panel. Works with both GDB and LLDB (#3401). See https://pwndbg.re/dev/tutorials/decompiler-integration/ for more information.

Context & Display

Reworked compact register displays - Added set show-compact-regs very|harcut modes for a more condensed view (#3535)

set show-compact-regs very:

set show-compact-regs hardcut:

Stack variables from debug info - when debug info is present, stack variable names and offsets are displayed in the context (#3451)

Added ctx -a - to display all context sections at once (#3580)
Added last signal context panel - to display the last signal received by the debugee (#3532)
Added set context-backtrace-hex on - to configure offset values to be displayed in hexadecimal in the backtrace context panel (#3754)
Added context-tui-adjust-height on|off for GDB - that determines if sections fill full height of terminal in TUI mode (#3511)
Added set vis-skip-repeating-val on|off - that makes the vis command skip repeated lines with ... ↓ N repeated lines skipped text (#3504)
Linux Kernel Debugging
Added kmem-trace command - to trace allocations and frees for the SLUB and buddy Linux kernel allocators (#3379)

Added kcurrent [pid] [-set], kfile [pid] [-fd [fd]] - to display info about current or given kernel task, file descriptors accessible by current or given kernel task (#3370)
The pagewalk can now walk pagetables of different kernel tasks - when debug info exists (#3370)
Speed up page table scanning (#3394)
Added support for CONFIG_SLAB_VIRTUAL and SLUB for kernel >= 6.18 (#3689)
Fixed kernel panicking due to GDB superblock bug (#3694)
Added various kernel debugging performance and stability fixes (#3575, #3390)

LLDB

Added support for core file loading and debugging (#3605)
Added starti command (#3593)
Added hint for System Integrity Protection (SIP) on macOS when launch/attach fails (#3710)

General

Added support for Intel PKU (Memory Protection Keys for Userspace) violations - we now show detailed info message on protection key violations (#3531)
Added hexdump -C {py,c} flag to dump memory as Python or C code arrays (#3337)
The patch command now supports more architectures as we use Zig for that (#3419)
Added libc abstraction layer to make it easier to add new libc implementations (#3637)
Added syntax highlighting for decompiled code with IDA Pro (#3367)
Improved ropgadget integration with colors etc. (#3528)
**The vmmap now shows more pages when working with core files (#3544)
Improved glibc 2.42 support (#3464)
We now warn user when they try to run Pwndbg with LD_LIBRARY_PATH/LD_PRELOAD envvars that may break it (#3287)
We now look for XDG_CONFIG_HOME envvar for the gdbinit file (#3462)

Architectures

Added PowerPC branch resolution and emulation (#3426)
Added Sparc branch following - follow branches for Sparc architecture (#3657)
We now detect more MIPS architecture variants (#3664)
Added support to install Pwndbg on armv8l (32-bit mode on aarch64 CPU) to install.sh (#3609)

Other

The portable release now uses GDB/LLDB packages from PyPI (#3425)
We replaced lief with niche-elf for optimized addition of symbols to the debugger (#3565)
The gdbinit can now be used without requiring a virtual environment (#3554)

Fixes

Fix reading unmapped pages in IDT - limit to 256 entries per Intel spec (#3739)
Fix nearpc selection of previous instructions for variable-length instruction architectures (#3363)
Fix vmmap indicator overwriting the 0x address prefix (#3422)
Fix aarch64_be disassembly - ARM instructions are always little-endian (#3423)
Fix handling of O_NONBLOCK in IODriverPlainText (#3443)
Fix debugger-aware parsing for int arguments in subcommands (#3432)
Fix plist to support pointer-sized integer fields like size_t (#3453)
Fix Frame.sp() in GDB (#3633)
Fix glibc version setter (#3623)
Fix caching source file when loading new objfile into process (#3610)
Fix get_file() checking relative paths (#3386)
Fix signal getting on continue (#3684)
Fix cache signature erasure (#3688)
Fix errno handling and LLDB TLS resolution (#3686)
Catch PermissionError when reading local gdbinit (#3716)
Ensure hexdump count > 0 (#3733)
Fix kernel_vmmap performance when symbol file is not added (#3390)
Fix apropos in GDB - show command description instead of usage (#3510)
Fix xinfo and argument parsing in general (#3541)
Fix hijack fd (#3529)
Register read fix - correctly mask register using the real register size (#3437)
Prevent infinite recursion in kernel paging logic (#3515)
Rewrite info files to maintenance info target-sections (#3542)

...and many many many more! See the Full Changelog here: 2025.10.20...2026.02.18

Want Pwndbg to keep moving fast, or, a talk about it? Sponsor us!