Combining Agentic AI and Lightweight Formal Methods To Find Bugs in a Production Hypervisor (PAgE 2026)

Mon 15 - Fri 19 June 2026 Boulder, Colorado, United States

Who

Hiroyuki Katsura, Kayvan Memarian, Peter Sewell

Track

PAgE 2026

Time Zone

The program is currently displayed in (GMT-06:00) Mountain Time (US & Canada).

Use conference time zone: (GMT-06:00) Mountain Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 15 Jun 2026 13:40 - 14:00 at Meadows B - PAgE Session 2

Abstract

This paper explores the combination of lightweight formal methods and agentic AI, specifically to find bugs in a production security-critical hypervisor. Building on the executable-specification framework of Memarian et al.\ for the Android pKVM hypervisor, we use an OpenAI Codex-based agent to write and refine specifications, expressed in the ambient C programming language, for a recent version of pKVM. We use this for bug-finding, with encouraging preliminary results: the agent found four previously unknown and substantial bugs, including violations of the intended page-ownership discipline and bugs that can lead to guest-memory leakage or hypervisor memory corruption. Interestingly, all the bugs claimed by the agent to be serious were actual bugs, without false positives, and the experiment needed less than one month of human work with a ChatGPT Pro subscription.

Hiroyuki Katsura

University of Cambridge

United Kingdom

Kayvan Memarian

University of Cambridge

United Kingdom

Peter Sewell

University of Cambridge

United Kingdom

Time Zone

The program is currently displayed in (GMT-06:00) Mountain Time (US & Canada).

Use conference time zone: (GMT-06:00) Mountain Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 15 Jun
Displayed time zone: Mountain Time (US & Canada) change

13:40 - 15:20	PAgE Session 2PAgE at Meadows B

13:40 20m Talk		Combining Agentic AI and Lightweight Formal Methods To Find Bugs in a Production Hypervisor PAgE Hiroyuki Katsura University of Cambridge, Kayvan Memarian University of Cambridge, Peter Sewell University of Cambridge
14:00 20m Talk		From Workarounds to Root Causes: Experience Using Agentic Workflows to Debug Complex Browser GPU Compiler Stacks PAgE Abhijit Ramesh UC Santa Cruz, Reese Levine University of California at Santa Cruz, Tyler Sorensen University of California at Santa Cruz
14:20 20m Talk		Event-based Design Abstractions for Agent HarnessesRecorded PAgE McCoy Becker , Matin Ghavami Massachusetts Institute of Technology, Fabian Zaiser Massachusetts Institute of Technology, Timothy O'Donnell , Martin C. Rinard Massachusetts Institute of Technology, Joshua B. Tenenbaum Massachusetts Institute of Technology, Vikash Mansinghka Massachusetts Institute of Technology
14:40 20m Talk		Lumos: Let there be Language Model System CertificationRemote PAgE Isha Chaudhary , Vedaant Jain , Prineet Parhar , Kavya Sachdeva , Avaljot Singh University of Illinois Urbana-Champaign, Sayan Ranu , Gagandeep Singh University of Illinois Urbana-Champaign Pre-print
15:00 20m Talk		Lazy Validation and Self-Healing for Agentic ProgramsRemote PAgE Theodoros Tsampouris Aristotle University of Thessaloniki, Eleftherios Ioannidis Microsoft Research, Andreas Symeonidis Aristotle University of Thessaloniki