fails to load on startup with "NameError: name 'CS_ARCH_RISCV' is not defined"

[FalcoGer]

Description

I just updated pwndbg and ran setup.sh. Afterwards gdb just fails to load pwndbg.

GNU gdb (Ubuntu 12.0.90-0ubuntu1) 12.0.90
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Traceback (most recent call last):
  File "/home/username/repositories/hacking/pwndbg/gdbinit.py", line 71, in <module>
    import pwndbg  # noqa: F401
  File "/home/username/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/__init__.py", line 9, in <module>
    import pwndbg.commands
  File "/home/username/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/commands/__init__.py", line 17, in <module>
    from pwndbg.heap.ptmalloc import DebugSymsHeap
  File "/home/username/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/heap/ptmalloc.py", line 19, in <module>
    import pwndbg.disasm
  File "/home/username/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/disasm/__init__.py", line 40, in <module>
    "rv32": CS_ARCH_RISCV,
NameError: name 'CS_ARCH_RISCV' is not defined. Did you mean: 'CS_ARCH_MIPS'?

Steps to reproduce

1. run setup.sh
2. run gdb
3. ???
4. no profit!

My setup

OS: Ubuntu Mate 22.04
pwndbg: 0fbe6cf
gdb: GNU gdb (Ubuntu 12.0.90-0ubuntu1) 12.0.90

~/.gdbinit

# prevent history from being all over the filesystem
set history save on
set history filename ~/.gdb_history
set history size 8192
set history remove-duplicates unlimited
# leave history expansion off (! character)

# prevent brain from exploding
set disassembly-flavor intel

# show registers, stack and instruction pointer when stopping

# not required with gef/pwndbg
# define hook-stop
#     info registers rax rbx rcx rdx rsi rdi rbp rsp rip eflags
#     x /64wx $rsp
#     x /3i $rip
# end

# load extensions
# source ~/repositories/hacking/peda/peda.py
source ~/repositories/hacking/exploitable/exploitable/exploitable.py
# source ~/repositories/hacking/gef/gef.py
source ~/repositories/hacking/pwndbg/gdbinit.py

[disconnect3d]

Hi, it seems to me that you are running an old version of casptone. We updated this dependency recently and here is where the constant should come from.

Can you try to re-run setup.sh?

[disconnect3d]

Hmm... that was #1790, weird that a different constant is missing here

[FalcoGer]

I did rerun setup and it didn't help.

These capstone packages are installed:

$ apt list --installed | grep capstone

libcapstone-dev/jammy,now 4.0.2-5 amd64 [installed]
libcapstone4/jammy,now 4.0.2-5 amd64 [installed,automatic]

after running setup, the following python packages are installed in the virtual environment.

$ source .venv/bin/activate
$ pip freeze
bcrypt==4.0.1
capstone==5.0.0.post1
certifi==2023.7.22
cffi==1.15.1
charset-normalizer==3.2.0
colored-traceback==0.3.0
cryptography==41.0.3
idna==3.4
intervaltree==3.1.0
Mako==1.2.4
MarkupSafe==2.1.3
packaging==23.1
paramiko==3.3.1
plumbum==1.8.2
psutil==5.9.5
pwndbg @ file:///home/username/repositories/hacking/pwndbg
pwntools==4.10.0
pycparser==2.21
pyelftools==0.29
Pygments==2.15.0
PyNaCl==1.5.0
pyserial==3.5
PySocks==1.7.1
python-dateutil==2.8.2
requests==2.31.0
ROPGadget==7.2
rpyc==5.3.1
six==1.16.0
sortedcontainers==2.4.0
tabulate==0.9.0
typing_extensions==4.6.1
unicorn==2.0.1.post1
urllib3==2.0.4

[FalcoGer]

Also I'm not trying to debug a RISC program, I don't even have a RISC V processor anywhere near me. I only care about x86 and x86_64 and very occasionally aarch64. The error above happens when starting gdb without any parameters. It also happens when starting with an x86_64 executable

[disconnect3d]

Can you show ./.venv/bin/pip freeze executed in Pwndbg dir?

[disconnect3d]

Nvm, you showed it. Weird

[disconnect3d]

# source ~/repositories/hacking/peda/peda.py
source ~/repositories/hacking/exploitable/exploitable/exploitable.py
# source ~/repositories/hacking/gef/gef.py
source ~/repositories/hacking/pwndbg/gdbinit.py

Can yo try without sourcing exploitable.py? Can it be that it puts some sys.path entry which is before Pwndbg's sys.path and so wrong capstone is used?

[FalcoGer]

i commented it out, same error occurs.

[disconnect3d]

@FalcoGer Can you show the output of this command?:

gdb --nx --ex 'source ~/repositories/hacking/pwndbg/gdbinit.py' --ex 'pi import capstone; print(capstone.__version__)'

[FalcoGer]

Well there is the problem. Or at least the symptom of it. How would I fix that though?

GNU gdb (Ubuntu 12.0.90-0ubuntu1) 12.0.90
Copyright (C) 2022 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word".
Traceback (most recent call last):
  File "/home/paul/repositories/hacking/pwndbg/gdbinit.py", line 71, in <module>
    import pwndbg  # noqa: F401
  File "/home/paul/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/__init__.py", line 9, in <module>
    import pwndbg.commands
  File "/home/paul/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/commands/__init__.py", line 17, in <module>
    from pwndbg.heap.ptmalloc import DebugSymsHeap
  File "/home/paul/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/heap/ptmalloc.py", line 19, in <module>
    import pwndbg.disasm
  File "/home/paul/repositories/hacking/pwndbg/.venv/lib/python3.10/site-packages/pwndbg/disasm/__init__.py", line 40, in <module>
    "rv32": CS_ARCH_RISCV,
NameError: name 'CS_ARCH_RISCV' is not defined. Did you mean: 'CS_ARCH_MIPS'?
4.0.2

[FalcoGer]

What's more...

$ source .venv/bin/activate
$ python
Python 3.10.12 (main, Jun 11 2023, 05:26:28) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import capstone
>>> print(capstone.__version__)
5.0.0

[FalcoGer]

however when I do this

deactivate
python -c 'import capstone; print(capstone.__version__)'

it prints 4.0.2

[disconnect3d]

Well there is the problem. Or at least the symptom of it. How would I fix that though?

...
    "rv32": CS_ARCH_RISCV,
NameError: name 'CS_ARCH_RISCV' is not defined. Did you mean: 'CS_ARCH_MIPS'?
4.0.2

For some reason it still sees old capstone.

[disconnect3d]

@FalcoGer can you join our discord? may be easier to diagnoze all this (https://discord.gg/yxrAYkfvsy)

[disconnect3d]

TL;DR: It turns out that we push the venv lib path at the end of sys.path and the system's deps are faster, so if someone has a system capstone installed, it may get used first.

[disconnect3d]

An easy fix can be to do .insert(0, ..) instead of .append(..) here:

pwndbg/gdbinit.py

Lines 53 to 54 in 0fbe6cf

	sys.path.append(directory)
	sys.path.append(gdbpt)

[FalcoGer]

Made PR #1872