DSV: Disassembly Soundness Validation Without Assuming a Ground Truth

Disassembly is a crucial step in binary security, reverse engineering, and binary verification. Various studies in these fields use disassembly tools and hypothesize that the reconstructed disassembly is correct. However, disassembly is a challenging and undecidable problem. Even state-of-the-art industrial disassemblers suffer from issues ranging from incorrectly recovered instructions to incorrectly assessing which addresses belong to instructions and which to data. We thus present DSV: a systematic and automated approach to validate whether the output of a disassembler is sound with respect to the binary. No source code, debugging information, or annotations are required. We apply DSV to 102 binaries of Coreutils with eight different state-of-the-art disassemblers from academia and industry. DSV is able to find soundness issues in the output of all these disassemblers. Using DSV to validate the output of a disassembler increases trust in any research effort built on top of it.