CIR+CVN: Bridging LLM Semantic Understanding and Petri-Net Verification for Concurrent Programs
This work addresses the problem of verifying concurrent programs for developers, but it is incremental as it builds on existing verification and LLM-assisted approaches with a focus on a specific artifact boundary.
The paper tackles the difficulty of verifying concurrent programs by introducing a specification-driven architecture where an LLM synthesizes a concurrency artifact from natural-language requirements, which is then mechanically translated to a Petri net for exhaustive verification and targeted repair. The method was evaluated on 9 bounded-concurrency patterns, showing support for iterative bug detection and repair while using goal reachability to filter incomplete repairs.
Recovering concurrency structure directly from source code is difficult because shared-resource identity and protection relations are often obscured by aliasing, ownership, and API-specific idioms. We therefore study a specification-driven, model-first verification architecture for LLM-assisted concurrent program construction. Instead of verifying arbitrary source code, a large language model first synthesizes a verification-oriented concurrency artifact from a natural-language requirement or system specification. The first formalism, the Concurrency Intermediate Representation (Cir), is a statement-level, alias-free model in which shared resources are globally named, protection relations are explicit, and each statement carries a stable identifier. The second formalism, the Concurrency Verification Net (Cvn), is a weighted place/transition Petri net with a finite global store and three-valued guards for data-dependent branching. A validated Cir artifact is translated mechanically to Cvn, explored exhaustively, and any counterexample is mapped back to statement identifiers to guide targeted repair. To reduce the risk of bug-free but behavior-dropping repairs, acceptance additionally applies a lightweight goal-reachability check over designated critical outcomes. We formalize both representations, prove translation-correspondence results for deadlock and signal-loss analysis, define a two-layer checking architecture with 61 static rules and 5 analysis predicates, and evaluate the pipeline on 9 representative bounded-concurrency patterns. The results show that the method supports iterative bug detection and repair on Cir artifacts and that goal reachability helps filter semantically incomplete repairs. The trust boundary of the present work is the generated Cir artifact rather than arbitrary source code.