Skip to content
STIMSMITH

Watchpoint Instruction

Concept

In the MorFuzz processor-fuzzing workflow, watchpoint instructions are inserted at specific locations in sequence patterns to expose the device under test's internal state and improve observability during stimulus-template execution.

First seen 5/27/2026
Last seen 6/6/2026
Evidence 3 chunks
Wiki v1

WIKI

Overview

A watchpoint instruction is described in the MorFuzz evidence as an instruction inserted into generated instruction sequences at specific locations to expose the internal state of the device under test (DUT). Its stated purpose is to enhance observability during processor fuzzing. [C1]

Role in MorFuzz

READ FULL ARTICLE →

NEIGHBORHOOD

No graph connections found for this entity yet. It may appear in future ingestion runs.

explore full graph →

RELATIONSHIPS

3 connections
MorFuzz ← uses 100% 3e
MorFuzz uses watchpoint instructions inserted at specific locations to enhance observability of the DUT's internal state.
Stimulus Template ← uses 90% 1e
Stimulus template uses watchpoint instructions to expose the DUT's internal state.
Stimulus Template ← uses 100% 1e
The stimulus template uses watchpoint instructions to enhance observability.

LINKED ENTITIES

2 links
MorFuzz USES Extracted graph relationship
Stimulus Template USES Extracted graph relationship

CITATIONS

4 sources
4 citations — click to collapse
[1] C1: Watchpoint instructions are inserted at specific locations to expose DUT internal state and enhance observability. MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation
[2] C2: MorFuzz generates template instructions at block granularity and uses manually constructed sequence patterns in testing blocks to constrain instruction types and reach desired test points. MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation
[3] C3: MorFuzz uses instructions that read the floating-point exception flag CSR after a floating-point instruction sequence to check whether the exception flag is set correctly. MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation
[4] C4: Template instructions support the memory layout of the stimulus template, are later filled with meaningful values by MorFuzz, and the fuzzer manages stimulus-template control flow through the fuzzing execution environment. MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation