Agentic Verification of Software Systems

TL;DR

This paper introduces AutoRocq, an autonomous LLM agent that iteratively verifies software programs by collaborating with the Rocq theorem prover, demonstrating promising results on benchmarks and Linux kernel modules.

Contribution

It presents the first LLM-based program verification agent that learns on-the-fly and collaborates with a theorem prover for proof refinement, unlike prior training-dependent methods.

Findings

Effective automated verification on SV-COMP benchmarks.

Successful verification of Linux kernel modules.

Autonomous proof refinement improves verification accuracy.

Abstract

Automatically generated code is gaining traction recently, owing to the prevalence of Large Language Models (LLMs). Further, the AlphaProof initiative has demonstrated the possibility of using AI for general mathematical reasoning. Reasoning about computer programs (software) can be accomplished via general mathematical reasoning; however, it tends to be more structured and richer in contexts. This forms an attractive proposition, since then AI agents can be used to reason about voluminous code that gets generated by AI. In this work, we present a first LLM agent, AutoRocq, for conducting program verification. Unlike past works, which rely on extensive training of LLMs on proof examples, our agent learns on-the-fly and improves the proof via an iterative refinement loop. The iterative improvement of the proof is achieved by the proof agent communicating with the Rocq (formerly Coq) theorem prover to get additional context and feedback. The final result of the iteration is a proof derivation checked by the Rocq theorem prover. In this way, our proof construction involves autonomous collaboration between the proof agent and the theorem prover. This autonomy facilitates the search for proofs and decision-making in deciding on the structure of the proof tree. Experimental evaluation on SV-COMP benchmarks and on Linux kernel modules shows promising efficacy in achieving automated program verification. As automation in code generation becomes more widespread, we posit that our proof agent can be potentially integrated with AI coding agents to achieve a generate and validate loop, thus moving closer to the vision of trusted automatic programming.