Formally verified lifting of C-compiled x86-64 binaries

Freek Verbeek, Joshua Bockenek, Zhoulai Fu, Binoy Ravindran

Research output: Chapter in Book/Report/Conference proceedingConference Article in proceedingAcademicpeer-review

Abstract

Lifting binaries to a higher-level representation is an essential step for decompilation, binary verification, patching and security analysis. In this paper, we present the first approach to provably overapproximative x86-64 binary lifting. A stripped binary is verified for certain sanity properties such as return address integrity and calling convention adherence. Establishing these properties allows the binary to be lifted to a representation that contains an overapproximation of all possible execution paths of the binary. The lifted representation contains disassembled instructions, reconstructed control flow, invariants and proof obligations that are sufficient to prove the sanity properties as well as correctness of the lifted representation. We apply this approach to Linux Foundation and Intel's Xen Hypervisor covering about 400K instructions. This demonstrates our approach is the first approach to provably overapproximative binary lifting scalable to commercial off-the-shelf systems. The lifted representation is exportable to the Isabelle/HOL theorem prover, allowing formal verification of its correctness. If our technique succeeds and the proofs obligations are proven true, then - under the generated assumptions - the lifted representation is correct.

Original languageEnglish
Title of host publicationPLDI 2022
Subtitle of host publicationProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation
EditorsRanjit Jhala, Isil Dillig
PublisherAssociation for Computing Machinery
Pages934-949
Number of pages16
ISBN (Print)978-1-4503-9265-5
DOIs
Publication statusPublished - 9 Jun 2022
Event43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2022 - Virtual, Online, United States
Duration: 13 Jun 202217 Jun 2022
https://pldi22.sigplan.org/

Conference

Conference43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2022
Country/TerritoryUnited States
Period13/06/2217/06/22
Internet address

Keywords

  • Binary Analysis
  • Disassembly
  • Formal Verification

Fingerprint

Dive into the research topics of 'Formally verified lifting of C-compiled x86-64 binaries'. Together they form a unique fingerprint.

Cite this