Saved in:
Bibliographic Details
Main Authors: Abusabha, Omar, Uhm, Jiyong, Abuhmed, Tamer, Koo, Hyungjoon
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2512.14045
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914203367899136
author Abusabha, Omar
Uhm, Jiyong
Abuhmed, Tamer
Koo, Hyungjoon
author_facet Abusabha, Omar
Uhm, Jiyong
Abuhmed, Tamer
Koo, Hyungjoon
contents A function inlining optimization is a widely used transformation in modern compilers, which replaces a call site with the callee's body in need. While this transformation improves performance, it significantly impacts static features such as machine instructions and control flow graphs, which are crucial to binary analysis. Yet, despite its broad impact, the security impact of function inlining remains underexplored to date. In this paper, we present the first comprehensive study of function inlining through the lens of machine learning-based binary analysis. To this end, we dissect the inlining decision pipeline within the LLVM's cost model and explore the combinations of the compiler options that aggressively promote the function inlining ratio beyond standard optimization levels, which we term extreme inlining. We focus on five ML-assisted binary analysis tasks for security, using 20 unique models to systematically evaluate their robustness under extreme inlining scenarios. Our extensive experiments reveal several significant findings: i) function inlining, though a benign transformation in intent, can (in)directly affect ML model behaviors, being potentially exploited by evading discriminative or generative ML models; ii) ML models relying on static features can be highly sensitive to inlining; iii) subtle compiler settings can be leveraged to deliberately craft evasive binary variants; and iv) inlining ratios vary substantially across applications and build configurations, undermining assumptions of consistency in training and evaluation of ML models.
format Preprint
id arxiv_https___arxiv_org_abs_2512_14045
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle A Deep Dive into Function Inlining and its Security Implications for ML-based Binary Analysis
Abusabha, Omar
Uhm, Jiyong
Abuhmed, Tamer
Koo, Hyungjoon
Cryptography and Security
Machine Learning
Programming Languages
A function inlining optimization is a widely used transformation in modern compilers, which replaces a call site with the callee's body in need. While this transformation improves performance, it significantly impacts static features such as machine instructions and control flow graphs, which are crucial to binary analysis. Yet, despite its broad impact, the security impact of function inlining remains underexplored to date. In this paper, we present the first comprehensive study of function inlining through the lens of machine learning-based binary analysis. To this end, we dissect the inlining decision pipeline within the LLVM's cost model and explore the combinations of the compiler options that aggressively promote the function inlining ratio beyond standard optimization levels, which we term extreme inlining. We focus on five ML-assisted binary analysis tasks for security, using 20 unique models to systematically evaluate their robustness under extreme inlining scenarios. Our extensive experiments reveal several significant findings: i) function inlining, though a benign transformation in intent, can (in)directly affect ML model behaviors, being potentially exploited by evading discriminative or generative ML models; ii) ML models relying on static features can be highly sensitive to inlining; iii) subtle compiler settings can be leveraged to deliberately craft evasive binary variants; and iv) inlining ratios vary substantially across applications and build configurations, undermining assumptions of consistency in training and evaluation of ML models.
title A Deep Dive into Function Inlining and its Security Implications for ML-based Binary Analysis
topic Cryptography and Security
Machine Learning
Programming Languages
url https://arxiv.org/abs/2512.14045