LiftFuzz: Validating Binary Lifters through Context-aware Fuzzing with GPT

Analyzing binary code is vital for software engineering and security research, particularly when the source code is unavailable. However, understanding, modifying, and retargeting binary code can be complex tasks. To counter these difficulties, binary lifters have been introduced. These tools translate binary code into Intermediate Representations (IRs), providing several advantages, such as enabling modifications to executables without source code and facilitating code retargetability. So far, accurately developing binary lifters for modern ISAs is universally acknowledged as challenging and error-prone. Existing validation methods mainly concentrate on isolated instructions, overlooking interactions among instructions. In this paper, we introduce LiftFuzz, a novel framework that leverages instruction context-aware fuzzing to validate binary lifters. LiftFuzz harnesses an assembly language model to learn interactions among instructions and generates test cases with the knowledge. LiftFuzz greatly outperforms the baseline, requiring only 1/1000 of the test cases used by the baseline to identify 26 inconsistencies, including a previously uncovered category. LiftFuzz significantly contributes to enhancing the performance of binary lifters, which are frequently employed in binary security applications.