DecompileBench: A Comprehensive Benchmark for Evaluating Decompilers in Real-World Scenarios

TL;DR

DecompileBench is a comprehensive benchmarking framework that evaluates decompilers in real-world scenarios, emphasizing semantic fidelity and human usability, and demonstrates the potential of LLM-based approaches in reverse engineering.

Contribution

It introduces the first real-world, systematic evaluation framework for decompilers, incorporating large-scale function extraction, runtime validation, and LLM-based human-centric assessment.

Findings

LLM-based decompilers outperform commercial tools in code understandability.

Despite lower functionality correctness, LLM approaches show promise for reverse engineering.

DecompileBench is open source to facilitate future research and tool selection.

Abstract

Decompilers are fundamental tools for critical security tasks, from vulnerability discovery to malware analysis, yet their evaluation remains fragmented. Existing approaches primarily focus on syntactic correctness through synthetic micro-benchmarks or subjective human ratings, failing to address real-world requirements for semantic fidelity and analyst usability. We present DecompileBench, the first comprehensive framework that enables effective evaluation of decompilers in reverse engineering workflows through three key components: \textit{real-world function extraction} (comprising 23,400 functions from 130 real-world programs), \textit{runtime-aware validation}, and \textit{automated human-centric assessment} using LLM-as-Judge to quantify the effectiveness of decompilers in reverse engineering workflows. Through a systematic comparison between six industrial-strength decompilers and six recent LLM-powered approaches, we demonstrate that LLM-based methods surpass commercial tools in code understandability despite 52.2% lower functionality correctness. These findings highlight the potential of LLM-based approaches to transform human-centric reverse engineering. We open source \href{https://github.com/Jennieett/DecompileBench}{DecompileBench} to provide a framework to advance research on decompilers and assist security experts in making informed tool selections based on their specific requirements.