Direct Instruction Injection

Concept

A testing concept used in the TestRIG work on randomized RISC-V CPU verification. In the cited paper, Direct Instruction Injection is the basis that lets QCVEngine use QuickCheck-style shrinking on instruction sequences, with additional smart shrinking, non-shrinkable setup sequences, and embedded assertions.

First seen 5/29/2026

Last seen 6/8/2026

Evidence 10 chunks

Wiki v1

WIKI

Overview

Direct Instruction Injection is described in the cited TestRIG paper as part of randomized testing for RISC-V CPUs. In that workflow, it enables the testing engine to rely primarily on QuickCheck's built-in shrinking strategies for failing instruction sequences, with extra domain-specific shrinking logic added on top.

Role in shrinking counterexamples

After QCVEngine finds a counterexample, QuickCheck applies list shrinking by removing subsequences and retesting. The paper states that the authors augmented this with smart shrinking functions that not only eliminate instructions but also transform them to simplify the sequence.

One concrete example in the paper shows a failing instruction sequence being reduced first by ordinary list shrinking and then further minimized by propagating an instruction's output register to a later operand. That transformation enables another shrinking pass and produces a smaller failing program.

READ FULL ARTICLE →

NEIGHBORHOOD

2 nodes · 1 edges

graph · Direct Instruction Injection · depth=1

RELATIONSHIPS

7 connections

TestRIG ← uses 100% 6e

TestRIG uses Direct Instruction Injection (DII) as a protocol for injecting instructions into RISC-V processors.

TestRIG ← implements 100% 4e

TestRIG uses Direct Instruction Injection as its core mechanism for injecting instructions into CPU implementations.

UCAM-CL-TR-984 ← uses 100% 3e

Direct Instruction Injection (DII) is used as a protocol for testing RISC-V processors via TestRIG.

Randomized Testing of RISC-V CPUs using Direct Instruction Injection ← introduces 100% 2e

The paper introduces Direct Instruction Injection as the core mechanism of TestRIG.

QCVEngine ← uses 100% 2e

QCVEngine uses Direct Instruction Injection to decouple instruction stream from control flow.

RVFI-DII part of → 100% 1e

Direct Instruction Injection is the input component of the RVFI-DII interface.

RVFI-DII ← uses 100% 1e

RVFI-DII combines RVFI trace output with Direct Instruction Injection input.

LINKED ENTITIES

1 links

TestRIG IMPLEMENTS Extracted graph relationship

CITATIONS

5 sources

5 citations — click to expand

[1] Direct Instruction Injection is presented in the cited work as part of randomized testing of RISC-V CPUs. Randomized Testing of RISC-V CPUs using Direct

[2] Direct Instruction Injection allows the system to primarily rely on QuickCheck's built-in shrinking strategies. Randomized Testing of RISC-V CPUs using Direct

[3] The paper augments shrinking with smart shrinking functions that both eliminate instructions and transform them to simplify the sequence, including propagating an output register to later input operands. Randomized Testing of RISC-V CPUs using Direct

[4] Sequences can be annotated as non-shrinkable to preserve initialization and avoid trivial counterexamples caused by differing initial state, such as uninitialized floating-point registers. Randomized Testing of RISC-V CPUs using Direct

[5] Sequences can include assertions, making failure possible without a divergence; such sequences do not require tandem verification to discover a failure. Randomized Testing of RISC-V CPUs using Direct