In the aftermath of DARPA’s AIxCC, one thing has become clear: LLMs are now powerful enough to identify 0-days and fix them at scale, but these systems rely almost entirely on high-quality source code. Give them binaries without source code and their program comprehension collapses.

Decompilation should bridge this gap by recovering source from binaries yet today’s decompilers often produce lossy, misleading code that sends LLMs down the wrong path. In this talk I connect lessons from AIxCC with ongoing research in binary decompilation, showing that enabling LLM-driven cyber reasoning on binaries requires more than “best-effort” guessing and demands high-fidelity, near-source recovery.

Using case studies from autonomous patching, I demonstrate how even small decompilation errors derail otherwise capable LLMs and how improving decompilation quality directly boosts success rates. Finally, I present two open-source tools: the angr decompiler and our improved AIxCC PatcherY patching system which has been preliminarily extended to work on binaries. Together they chart a path toward a future where LLMs can reason about and repair software even when source is nowhere to be found.