English

PortGPT: Towards Automated Backporting Using Large Language Models

Cryptography and Security 2025-10-28 v1

Abstract

Patch backporting, the process of migrating mainline security patches to older branches, is an essential task in maintaining popular open-source projects (e.g., Linux kernel). However, manual backporting can be labor-intensive, while existing automated methods, which heavily rely on predefined syntax or semantic rules, often lack agility for complex patches. In this paper, we introduce PORTGPT, an LLM-agent for end-to-end automation of patch backporting in real-world scenarios. PORTGPT enhances an LLM with tools to access code on-demand, summarize Git history, and revise patches autonomously based on feedback (e.g., from compilers), hence, simulating human-like reasoning and verification. PORTGPT achieved an 89.15% success rate on existing datasets (1815 cases), and 62.33% on our own dataset of 146 complex cases, both outperforms state-of-the-art of backporting tools. We contributed 9 backported patches from PORTGPT to the Linux kernel community and all patches are now merged.

Keywords

Cite

@article{arxiv.2510.22396,
  title  = {PortGPT: Towards Automated Backporting Using Large Language Models},
  author = {Zhaoyang Li and Zheng Yu and Jingyi Song and Meng Xu and Yuxuan Luo and Dongliang Mu},
  journal= {arXiv preprint arXiv:2510.22396},
  year   = {2025}
}

Comments

Accepted by IEEE S&P 2026

R2 v1 2026-07-01T07:05:52.065Z