Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Lyra: A Hardware-Accelerated RISC-V Verification Framework with Generative Model-Based Processor Fuzzing

Juncheng Huo, Yunfan Gao, Xinxin Liu, Sa Wang, Yungang Bao, Xitong Gao, Kan Shi

TL;DR

Lyra introduces a GPU-CPU-FPGA co-verification framework for RISC-V that overcomes semantic blindness in traditional fuzzing by training a domain-specialized ISA-aware generator, LyraGen, and executing both DUT and reference on FPGA with on-chip coverage. The training phase builds LyraGen from scratch using a novel token-based RISC-V encoding and supervised <instruction, coverage> data, while the inference phase enforces legality and memory-correctness before hardware-accelerated verification. Empirically, Lyra achieves higher coverage and orders-of-magnitude faster end-to-end verification than state-of-the-art software fuzzers, with lower convergence difficulty as coverage grows. The work demonstrates the practicality of combining ISA-aware generation with FPGA-accelerated differential checking to dramatically accelerate processor verification workflows.

Abstract

As processor designs grow more complex, verification remains bottlenecked by slow software simulation and low-quality random test stimuli. Recent research has applied software fuzzers to hardware verification, but these rely on semantically blind random mutations that may generate shallow, low-quality stimuli unable to explore complex behaviors. These limitations result in slow coverage convergence and prohibitively high verification costs. In this paper, we present Lyra, a heterogeneous RISC-V verification framework that addresses both challenges by pairing hardware-accelerated verification with an ISA-aware generative model. Lyra executes the DUT and reference model concurrently on an FPGA SoC, enabling high-throughput differential checking and hardware-level coverage collection. Instead of creating verification stimuli randomly or through simple mutations, we train a domain-specialized generative model, LyraGen, with inherent semantic awareness to generate high-quality, semantically rich instruction sequences. Empirical results show Lyra achieves up to $1.27\times$ higher coverage and accelerates end-to-end verification by up to $107\times$ to $3343\times$ compared to state-of-the-art software fuzzers, while consistently demonstrating lower convergence difficulty.

Lyra: A Hardware-Accelerated RISC-V Verification Framework with Generative Model-Based Processor Fuzzing

TL;DR

Lyra introduces a GPU-CPU-FPGA co-verification framework for RISC-V that overcomes semantic blindness in traditional fuzzing by training a domain-specialized ISA-aware generator, LyraGen, and executing both DUT and reference on FPGA with on-chip coverage. The training phase builds LyraGen from scratch using a novel token-based RISC-V encoding and supervised <instruction, coverage> data, while the inference phase enforces legality and memory-correctness before hardware-accelerated verification. Empirically, Lyra achieves higher coverage and orders-of-magnitude faster end-to-end verification than state-of-the-art software fuzzers, with lower convergence difficulty as coverage grows. The work demonstrates the practicality of combining ISA-aware generation with FPGA-accelerated differential checking to dramatically accelerate processor verification workflows.

Abstract

As processor designs grow more complex, verification remains bottlenecked by slow software simulation and low-quality random test stimuli. Recent research has applied software fuzzers to hardware verification, but these rely on semantically blind random mutations that may generate shallow, low-quality stimuli unable to explore complex behaviors. These limitations result in slow coverage convergence and prohibitively high verification costs. In this paper, we present Lyra, a heterogeneous RISC-V verification framework that addresses both challenges by pairing hardware-accelerated verification with an ISA-aware generative model. Lyra executes the DUT and reference model concurrently on an FPGA SoC, enabling high-throughput differential checking and hardware-level coverage collection. Instead of creating verification stimuli randomly or through simple mutations, we train a domain-specialized generative model, LyraGen, with inherent semantic awareness to generate high-quality, semantically rich instruction sequences. Empirical results show Lyra achieves up to higher coverage and accelerates end-to-end verification by up to to compared to state-of-the-art software fuzzers, while consistently demonstrating lower convergence difficulty.

Paper Structure

This paper contains 20 sections, 6 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Background and Related Works
  3. Hardware Fuzzing
  4. ML-based Fuzzing
  5. Processor Verification
  6. The Lyra Framework Overview
  7. The Training Phase
  8. Instruction Encoding
  9. Generation of Training Data
  10. Training and Optimization of LyraGen
  11. The Inference Phase
  12. Instruction Legality Checker
  13. Instruction Address Correction
  14. Fine-grained Self-checking with FPGA Acceleration
  15. Evaluation
  16. ...and 5 more sections

Figures (6)

  • Figure 1: (a) Traditional verification flow: all steps implemented in CPU software. (b) Advanced verification flow with software-based fuzzers: enables coverage-guided mutation for better coverage, but suffers from performance bottlenecks and semantic limitations. (c) Proposed Lyra: a heterogeneous verification framework combining a domain-specialized generative model with FPGA acceleration.
  • Figure 2: Overview of the Lyra framework, including the training phase and the inference phase, both running on the same heterogeneous system containing GPU, CPU and FPGA.
  • Figure 3: Comparison of coverage convergence performance between different methods.
  • Figure 4: Comparison of different fuzzing methods to achieve certain coverage targets.
  • Figure 5: Comparison of LyraGen generation performance with different GPU hardware.
  • ...and 1 more figures