FS#79822 - [pwndbg] pwndbg wants a virtualenv, but no venv provided.
Attached to Project:
Arch Linux
Opened by astro angelfish (astro_angelfish) - Saturday, 30 September 2023, 12:23 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:20 GMT
Opened by astro angelfish (astro_angelfish) - Saturday, 30 September 2023, 12:23 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:20 GMT
|
Details
Description:
pwndbg in arch linux version is unable to launch with `Cannot find Pwndbg virtualenv directory: /usr/share/pwndbg/.venv: please re-run setup.sh`. The upstream had already fixed it in commit https://github.com/pwndbg/pwndbg/commit/f3914e26968ca3cc0a1f06a29cd54913beb662ff with an environment variable check but had not released it yet, but is likely to release in October 2023. The package is unlikely to be available until the next release unless invoking its `setup.sh` to create a virtual environment as a temporary fix or build directly from source. Additional info: * package version(s) > 2023.07.17-1 * config and/or log files etc. > not available * link to upstream bug report, if any > not available. but there are a few related issues at https://github.com/pwndbg/pwndbg/issues/1866, https://github.com/pwndbg/pwndbg/issues/1847 Steps to reproduce: 1. Do `pacman -S pwndbg` 2. Do `echo source /usr/share/pwndbg/gdbinit.py > ~/.gdbinit` 3. Do `gdb`, and pwndbg refuses to start since no virtual environment is provided. |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:20 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/pwndbg/issues/1
Saturday, 25 November 2023, 20:20 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/pwndbg/issues/1
```
Traceback (most recent call last):
File "/usr/share/pwndbg/gdbinit.py", line 76, in <module>
import pwndbg # noqa: F401
^^^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/pwndbg/__init__.py", line 9, in <module>
import pwndbg.commands
File "/usr/lib/python3.11/site-packages/pwndbg/commands/__init__.py", line 17, in <module>
from pwndbg.heap.ptmalloc import DebugSymsHeap
File "/usr/lib/python3.11/site-packages/pwndbg/heap/ptmalloc.py", line 19, in <module>
import pwndbg.disasm
File "/usr/lib/python3.11/site-packages/pwndbg/disasm/__init__.py", line 40, in <module>
"rv32": CS_ARCH_RISCV,
```
It seems to be related with old version of python-capstone (https://archlinux.org/packages/extra/x86_64/python-capstone/), which is 4.0.2 and had already been flagged out of date. The missing constant is introduced at 5.0.0.
I think a virtual environment is recommended before the python-capstone package updates.
By the way I guess pwndbg also wants gdb-pt-dump in the same directory since I saw the `gdbinit.py` registers it into path of python.
So I suggest a temporary fix is creating a virtual environment for pwndbg instead of using environment of system.
python-pyocd [1] and ropper [2] appear to be the only issues with updating capstone.
[1] https://github.com/pyocd/pyOCD/issues/1598
[2] https://github.com/sashs/Ropper/blob/v1.13.8/requirements.txt#L1
But I also noticed a few packages wants legacy capstone when trying to test on real machine: `radare2` and `rizin`
At upstream of rizin it is likely to have already added support to capstone v5 in at most v0.7.0 while arch package is still at v0.6.2
Radare2 is also OK when build directly from source.
Should they be flagged out of date?
After testing pwndbg I also built them from upstream repository directly in the docker and found they works fine for me, but I did not change any of their PKGBUILDs because I forgot that. So I think they might need a rebuild in arch package repository when updating.
Maybe I'd better to test them by modifying their PKGBUILDs now.
I've partially tried to manually set up the venv, but then the local `pip install -e <path to python lib>` fails presumably because we don't copy the `pyproject.toml` during install.
Really, if we're going to use this package, then the `PKGBUILD` needs to be updated.
As a side note, the `PKGBUILD` also seems to have a superfluous `sed` command.
Should the build actually make use of the provided `setup.sh`? I'm inclined to say no.
But then we need to handle the `venv` logic somehow?
Should we enforce a `venv` as though we had used `setup.sh`?
Or would it be sufficient to `patch` the `gdbinit.py` (until the next release I guess) to at least include the `PWNDBG_PLEASE_SKIP_VENV` check?
Then we can default to setting that and skip the `venv` entirely - or offer a choice.
[1]: https://github.com/pwndbg/pwndbg/commit/f3914e26968ca3cc0a1f06a29cd54913beb662ff
Will post any discoveries.
But now getting an error: `ModuleNotFoundError: No module named 'pwndbg'`. Possibly unrelated and potentially masking whether or not the patch helps.
Have to try and solve this first.
`pacman -Qi python-capstone`, etc are showing the `v5` packages.
[1]: https://github.com/pwndbg/pwndbg/commit/f3914e26968ca3cc0a1f06a29cd54913beb662ff
[2]: PKGBUILD.diff
But of course only with the `v5` binaries for `capstone` and `python-capstone`.
So presumably we now only need wait for those packages to be updated in the official repo?