search

JonathanSalwan / Triton

Triton is a dynamic binary analysis library. Build your own program analysis tools, automate your reverse engineering, perform software verification or just emulate code.
https://triton-library.github.io
Apache License 2.0
3.4k stars 524 forks source link

Undefined symbols for architecture x86_64: "triton::Context::setConcreteRegisterValue" #1257

Closed vancaho closed 1 year ago

vancaho commented 1 year ago

Hi, I want to use libtriton in my project. I copied the code in example\cmake, and add a line to set concrete value for rax, however it reports a link error:

Undefined symbols for architecture x86_64:
  "triton::Context::setConcreteRegisterValue(triton::arch::Register const&, boost::multiprecision::number<boost::multiprecision::backends::cpp_int_backend<512ul, 512ul, (boost::multiprecision::cpp_integer_type)0, (boost::multiprecision::cpp_int_check_type)0, void>, (boost::multiprecision::expression_template_option)0> const&, bool)", referenced from:
      _main in myproject.cpp.o
ld: symbol(s) not found for architecture x86_64

How to resolve this error?

Here are the source code:

// This is an example about how to compile Triton using its config file.
// See the CMakeLists.txt from this directory.

#include <iostream>
#include <triton/context.hpp>

int main(int ac, const char *av[]) {
  /* Triton's context */
  triton::Context ctx ;
  ctx.setArchitecture(triton::arch::ARCH_X86_64);

  ctx.setConcreteRegisterValue(ctx.registers.x86_rax,0);
  /* Symbolize rax */
  ctx.symbolizeRegister(ctx.registers.x86_rax);

  /* Process an instruction (inc rax) */
  triton::arch::Instruction inst = triton::arch::Instruction(0x40000, "\x48\xff\xc0", 3);
  ctx.processing(inst);

  /* Display instruction's expressions */
  std::cout << inst << std::endl;
  for (const auto& se : inst.symbolicExpressions) {
    std::cout << "    -> " << se << std::endl;
  }

  return 0;
}

Here is the cmakelists.txt file:

# This is an example about how to compile Triton using its config file.
cmake_minimum_required(VERSION 3.20)
project(myproject)
set(CMAKE_CXX_STANDARD 14)
find_package(triton REQUIRED CONFIG)
link_libraries(${TRITON_LIBRARIES})

add_executable(myproject
    myproject.cpp
)
JonathanSalwan commented 1 year ago

Are you compiling on M1? If you are on an Apple silicon, make sure the triton library is compiled in arm64 and x86_64. Or make sure your triton tool is compiled with the same arch than the library. It looks like your libtriton does not have x86_64 symbol because it's probably compiled on arm64 and your try to compile your tool on x64?

vancaho commented 1 year ago

No, the CPU is Intel. I compiled triton according to the tutorial. I run the nm command to look for concreteRegister, here is the output:

libtriton git:(master) ✗ nm -gU /usr/local/lib/libtriton.dylib | grep ConcreteRegister
00000000000072f0 T __ZN6triton4arch12Architecture24setConcreteRegisterValueERKNS0_8RegisterERKN5boost14multiprecision6numberINS6_8backends15cpp_int_backendILj512ELj512ELNS6_16cpp_integer_typeE0ELNS6_18cpp_int_check_typeE0EvEELNS6_26expression_template_optionE0EEEb
000000000009a400 T __ZN6triton4arch3arm5arm328Arm32Cpu24setConcreteRegisterValueERKNS0_8RegisterERKN5boost14multiprecision6numberINS8_8backends15cpp_int_backendILj512ELj512ELNS8_16cpp_integer_typeE0ELNS8_18cpp_int_check_typeE0EvEELNS8_26expression_template_optionE0EEEb
0000000000011630 T __ZN6triton4arch3arm7aarch6410AArch64Cpu24setConcreteRegisterValueERKNS0_8RegisterERKN5boost14multiprecision6numberINS8_8backends15cpp_int_backendILj512ELj512ELNS8_16cpp_integer_typeE0ELNS8_18cpp_int_check_typeE0EvEELNS8_26expression_template_optionE0EEEb
00000000000e5080 T __ZN6triton4arch3x866x86Cpu24setConcreteRegisterValueERKNS0_8RegisterERKN5boost14multiprecision6numberINS7_8backends15cpp_int_backendILj512ELj512ELNS7_16cpp_integer_typeE0ELNS7_18cpp_int_check_typeE0EvEELNS7_26expression_template_optionE0EEEb
00000000000ddf20 T __ZN6triton4arch3x868x8664Cpu24setConcreteRegisterValueERKNS0_8RegisterERKN5boost14multiprecision6numberINS7_8backends15cpp_int_backendILj512ELj512ELNS7_16cpp_integer_typeE0ELNS7_18cpp_int_check_typeE0EvEELNS7_26expression_template_optionE0EEEb
0000000000295d00 T __ZN6triton7Context24setConcreteRegisterValueERKNS_4arch8RegisterERKN5boost14multiprecision6numberINS6_8backends15cpp_int_backendILj512ELj512ELNS6_16cpp_integer_typeE0ELNS6_18cpp_int_check_typeE0EvEELNS6_26expression_template_optionE0EEEb
00000000000070c0 T __ZNK6triton4arch12Architecture24getConcreteRegisterValueERKNS0_8RegisterEb
0000000000099940 T __ZNK6triton4arch3arm5arm328Arm32Cpu24getConcreteRegisterValueERKNS0_8RegisterEb
000000000000cf70 T __ZNK6triton4arch3arm7aarch6410AArch64Cpu24getConcreteRegisterValueERKNS0_8RegisterEb
00000000000e37e0 T __ZNK6triton4arch3x866x86Cpu24getConcreteRegisterValueERKNS0_8RegisterEb
00000000000dbee0 T __ZNK6triton4arch3x868x8664Cpu24getConcreteRegisterValueERKNS0_8RegisterEb
0000000000295810 T __ZNK6triton7Context24getConcreteRegisterValueERKNS_4arch8RegisterEb
vancaho commented 1 year ago

Yeah, it outputs:

libtriton git:(master) ✗ file /usr/local/lib/libtriton.dylib
/usr/local/lib/libtriton.dylib: Mach-O 64-bit dynamically linked shared library x86_64
JonathanSalwan commented 1 year ago

Mmmmh, maybe there is something wrong with Boost definition. When compiling Triton, you have the choice to compile with boost::multiprecision or with wide_integer (-DBOOST_INTERFACE=ON|OFF). How did you compiled the libtriton? Maybe the triton library is compiled without boost whereas your triton tool wants to link with boost definition?

vancaho commented 1 year ago

If I can remember, I compile triton using the following command. The os is macos 13.4 (22F66)

$ git clone https://github.com/JonathanSalwan/Triton
$ cd Triton
$ mkdir build ; cd build
$ cmake ..
$ make -j3
$ sudo make install
vancaho commented 1 year ago

Yeah, I recompiled triton with the -DBOOST_INTERFACE=ON option, then it really works. Thanks very much Jonathan!