Large language models (LLMs) demonstrate remarkable capabilities in natural language understanding and generation. Despite being trained on large-scale, high-quality data, LLMs still fail to outperform traditional static analysis tools in specialized domains like smart contract vulnerability detection. To address this issue, this paper proposes a post-training algorithm based on atomic task decomposition and fusion. This algorithm aims to achieve combinatorial generalization under limited data by decomposing complex reasoning tasks. Specifically, we decompose the reentrancy vulnerability detection task into four linearly independent atomic tasks: identifying external calls, identifying state updates, identifying data dependencies between external calls and state updates, and determining their data flow order. These tasks form the core components of our approach. By training on synthetic datasets, we generate three compiler-verified datasets. We then employ the Slither tool to extract structural information from the control flow graph and data flow graph, which is used to fine-tune the LLM's adapter. Experimental results demonstrate that low-rank normalization fusion with the LoRA adapter improves the LLM's reentrancy vulnerability detection accuracy to 98.2%, surpassing state-of-the-art methods. On 31 real-world contracts, the algorithm achieves a 20% higher recall than traditional analysis tools.

翻译：大语言模型在自然语言理解与生成方面展现出卓越能力。尽管经过大规模高质量数据训练，大语言模型在智能合约漏洞检测等专业领域仍难以超越传统静态分析工具。为解决此问题，本文提出基于原子任务分解与融合的后训练算法。该算法通过分解复杂推理任务，旨在实现有限数据下的组合泛化。具体而言，我们将重入漏洞检测任务分解为四个线性无关的原子任务：识别外部调用、识别状态更新、识别外部调用与状态更新的数据依赖关系，以及确定其数据流顺序。这些任务构成我们方法的核心组件。通过在合成数据集上进行训练，我们生成了三个经编译器验证的数据集。随后采用Slither工具从控制流图和数据流图中提取结构信息，用于微调大语言模型的适配器。实验结果表明，结合LoRA适配器的低秩归一化融合将大语言模型的重入漏洞检测准确率提升至98.2%，超越了现有最优方法。在31个真实合约上，该算法的召回率较传统分析工具高出20%。