Application of dynamic symbolic execution in hybrid fuzzing of binary code for Baikal-M and RISC-V 64 architectures

V. I. Logunova

Ivannikov Institute for System Programming of the RAS

Abstract: Hybrid fuzzing and dynamic symbolic execution have become a vital part of the secure software development lifecycle. Currently, the proportion of code being developed for ARM and RISC-V architectures is constantly increasing, making the task of their effective analysis a top priority. This work is dedicated to solving this task by developing methods for dynamic symbolic execution and hybrid fuzzing for modern RISC architectures – «Baikal-M» (ARM/AArch64) and RISC-V 64. Based on modeling symbolic semantics of machine instructions the developed approaches are integrated into the Sydr tool within the Sydr-Fuzz framework and aim to enhance the efficiency of hybrid fuzzing. Key results include algorithms for processing indirect branches with accurate target addresses determination and RISC-V integer instruction set support in open-source symbolic framework Triton that provides the community with a ready-made foundation for creating dynamic analysis tools.

Keywords: dynamic analysis, dynamic symbolic execution, fuzzing, hybrid fuzzing, instrumentation, binary code analysis

DOI: 10.15514/ISPRAS-2025-37(4)-29