Libdebug

Changelog: libdebug 0.8 - 🍣 Chutoro Nigiri 🍣

Features
- **Process/Thread Snapshots & Diffs**: Take snapshots of the execution state of the debuggee and compare them across different points in time.
- **Multiprocessing Support**: Automatically manage child processes created via `fork()`, attaching new debuggers to them. This behavior can be customized with the `Debugger` parameter `follow_children`.
- **Find References Between Memory Maps**: Introduced `d.memory.find_pointers` to identify all pointers in a memory region that reference another region, useful for detecting memory leaks in cybersecurity applictions.
- **SIGTRAP Signal Handling**: Now it is possible to catch SIGTRAP signals, excluding those directly related to debugging, exposing only unrecognized signals from the process or external sources.
- **Defaulted Fast Memory Access (`fast_memory=True`)**: Improves performance of memory access. Can be disabled using the `fast_memory` parameter in `Debugger`.
- **New Terminal Autodetection for `d.gdb(open_in_new_process=True)`**: Ensures GDB opens correctly in a newly detected terminal without user-defined commands.
- **Automatic Symbol Resolution for Unspecified Backing Files**: When no specific file is set, symbols are resolved for all memory maps, with a warning due to potential performance impact.

Other Improvements
- **Migration from CFFI to Nanobind**.
- **Refined Exception Handling**: Standardized across the codebase for improved consistency.
- **Improved IDE Support**: Enhancements to improve autocompletion and code suggestions.
- **Exposed `zombie` attribute in `ThreadContext`**: Allows users to check if a thread is a zombie.

Bug Fixes
- **Fixed Memory Leaks**: Resolved multiple leaks across various libdebug modules.
- **Fixed `SymbolList` Slicing**: Properly supports slice operations.
- **Improved `debuginfod` Handling**: Enhanced caching logic when a file is not available on `debuginfod`, improving compatibility with other binaries that use `debuginfod` on your system.
- **Fixed Resource Access Issues After Detach**.
- **Resolved Object Collisions in Event Handling**: Addressed key-collision issues in event-related objects (e.g., `SyscallHandler`, `SignalCatcher`).
- **Fixed Binary Path Resolution**: Prevents incorrect binary paths in certain edge cases.
- **Improved `d.gdb` for Edge Cases**: Fixed several inconsistencies in execution.
- **Fixed `step`, `finish`, and `next` Operations in Callbacks**: Now executed correctly.
- **Enhanced Stability & Performance Optimizations**.

Testing & CI
- **CI Support for arm64 & Ubuntu 24.04**: Improved compatibility and test automation.

Documentation
- **Added Documentation for New Features**.
- **Updated Contributing Guidelines**.
- **Fixed Broken Links & Missing Pydocs**.
- **Added Reference to Published Research Poster at a Top Conference**.

New Contributors
- collodel
- myasn1k

Features:
- **Interactive Mode**: Introducing `PipeManager.interactive` mode!
- **Enhanced Performance**: `PipeManager` has been updated for significantly improved performance. New options are available; refer to the updated documentation for more details.
- **Legacy FP Support**: Added support for legacy x86 floating-point registers (mmx/st).
- **Enhanced AVX Register Support**: Improved support for AVX x86 registers.
- **Full i386 Support (Alpha)**: Full support for i386 over amd64 introduced as an alpha feature.
- **Native i386 Support (Alpha)**: Introduced native i386 support as an alpha feature.
- **Event Notification System**: Alerts users when the process stops during specific operations.
- **Automatic Process Termination**: The debuggee is now automatically terminated when the libdebug script ends. This behavior can be modified using the `kill_on_exit` option in the debugger.
- **String Representations**: Added string representation for `Debugger`, `ThreadContext`, and `Registers` objects.
- **Enhanced Pretty Printing**: New pretty prints introduced and improvements made to existing ones.
- `d.print_maps` is deprecated and will be removed in future releases. Use `d.pprint_maps` instead. Moreover, it has a more colorful output.
- `t.pprint_regs` is now available.
- Improved `d.pprint_syscalls`, which now includes the thread originating the syscall and more.
- `t.pprint_backtrace` is now available.
- **Search in Memory**: New memory search functionality: `t.memory.find()`.
- **Filtering**: New filters for memory maps (`d.maps.filter()`) and register content (`t.regs.filter()`).
- **Symbols access**: Access and filter executable symbols, including libraries, with `d.symbols` and `d.symbols.filter()`.
- **Syscall and Signal Handling**: Enhanced handling for all syscalls and catching all signals with "*", "all", or "ALL".
- **Empty Callback**: Now you can create empty callbacks by setting `callback=True`.
- **Enhanced GDB support**
- `d.gdb` can now run non-blocking with `blocking=False`. Refer to the documentation for more details.
- `d.gdb` now automatically detects the terminal in most cases.
- Option to omit the breakpoint migration when using `d.gdb`.
- **More Registers**: Access to segment registers and CPU flags.
- **Pipe redirect**: You can now choose whether to redirect pipes when running the process using `d.run`.

Documentation:
- **Complete Rewrite**: The documentation has been completely revised and rewritten.

Bug Fixing
- **Debugging Symbols**: Improved logging and error handling for debuginfod symbols download system.
- **Watchpoint Handling**: `hit_on` for watchpoints now works correctly.
- **Stack Unwinding**: Enhanced error handling that avoids certain exceptions.
- **Memory and Attach Handling**: Resolved race conditions with `fast_memory=True` and `d.attach`.
- **Threaded Process Attach**: Improved attach functionality for multi-threaded processes.
- **Internal Debugger Conflicts**: Resolved dictionary conflicts in some edge cases.
- **Signal Management**: Improved RT signals management.
- **Terminal Compatibility**: Enhanced support of `d.gdb` on various terminals.
- **Path resolution**: Improved path resolution for the argv path passed to the debugger.
- **Detach and Kill**: Now you cannot kill a process after detaching from it.
- Many other fixes.

Others
- **IDE Improvements**: Typing fixes to enhance usability and IDE suggestions.
- **AARCH64 Support**: Upgraded from alpha to beta.
- **ASLR**: Enabled by default.
- **Symbol Level**: Default `sym_level` set to 5.
- **Custom Exceptions**: Introduced custom exception for attach operations without `ptrace_scope`.
- **Public Debugger Access**: Now accessible from `ThreadContext` (`d.debugger`).
- **Base Alias**: `MemoryMap.start` now has an alias called `base`

Test:
- **New Test Suite**: More consistent across different architectures.
- **Python 3.13 Support**: Added in CI.

**Full Changelog**: https://github.com/libdebug/libdebug/compare/0.6.0...0.7.0

What's Changed

Features
- Introduced full support for AArch64
- Added support for vector registers (AVX)
- Added the `debugger.next` feature, which works similarly to GDB's next instruction
- Added an optional memory access mode (fast memory), which improves speed during memory operations
- Process is now killed automatically when the script ends (can be disabled in debugger APIs)

Tests
- Updated the test suite with more tests

Documentation
- Updated the documentation to reflect the new features
- Added a DOI and updated the citation reference

Fixes
- Unwind manager fixes
- Fixed an issue with d.run() when anti-debug escaping is active

**Full Changelog**: https://github.com/libdebug/libdebug/compare/0.5.4...0.6.0

What's Changed

Hotfixes
- A hotfix for the `_background_invalid_call` function, which is called when a user tries to call an unsupported libdebug function in a callback. It did not correctly handle a variadic number of (positional) arguments.
- Better management of edge cases in the `get_return_address` function.
- Solved a problem with the breakpoint disable option if called right after the installation of the breakpoint.

Performance Optimizations
- A slight optimization in the performance and logic of breakpoints.
- Memory access latency improvements with absolute addresses.

Additional Improvements
- An info message is now displayed when symbols are downloaded from debuginfod.
- Now the backtrace function has a new parameter to choose to return either a list of addresses or symbols. Additionally, a public pretty print for the backtrace has been added.
- Rationalized the debugging levels.

Tests and Examples
- Added use case examples to show how to use libdebug in different contexts.
- Added benchmark tests on event handling, related results, and comparison with GDB Python API.

Documentation
- Updated the documentation for the new `logging` system.

**Full Changelog**: https://github.com/libdebug/libdebug/compare/0.5.3...0.5.4

What's Changed

- Fixed post-mortem register access

**Full Changelog**: https://github.com/libdebug/libdebug/compare/0.5.2...0.5.3

What's Changed
- Fixed GDB migration command (d.gdb) not working

-------------
**Full Changelog**: https://github.com/libdebug/libdebug/compare/0.5.1...0.5.2