Diagnosis of Instruction Hierarchy Failures: A White-Box Repair Framework for Reasoning Language Models

This article introduces a white-box diagnostic framework for instruction hierarchy failures in reasoning language models, which precisely locates failures into three stages: instruction recognition, conflict resolution, and response implementation. It also proposes two training-free self-monitoring mechanisms that can reduce violation rates by 81-99%. This research comes from an arXiv paper (published in June 2026) and is of great significance for AI safety.

Intelligent agents need to handle conflicts between multi-source instructions (system prompts, user inputs, etc.) and follow the highest-priority instruction. However, traditional end-to-end evaluation only focuses on the final result, cannot explain the reasons for non-compliance, and the black-box perspective hinders diagnosis and repair.

White-Box Diagnostic Framework classifies failures into three types: 1. Instruction recognition failure (easy to miss instructions in long contexts); 2. Conflict resolution failure (incorrect judgment of priority or coexistence); 3. Response implementation failure (separation of knowledge and action). Self-Monitoring Mechanisms: parallel input monitor (detects conflicts before generation), sequential output monitor (reviews and repairs after generation), no additional training required.

Evaluations on models such as Gemma-4-31B-IT and Qwen3.6-35B-A3B found: few instruction recognition issues in short contexts, but a significant increase in long contexts; different models have large differences in sensitivity to conflict resolution and response implementation. The monitoring mechanisms can reduce violation rates by 81-99%, e.g., GPT-5.3's static attack rate decreased by 86% and adaptive attack rate decreased by 45%.

This framework provides debugging tools for developers, and the monitoring mechanisms are plug-and-play without fine-tuning. The research reveals the model's characteristic of 'knowing the correct answer but not applying it', pointing the way for architectural improvements. It has far-reaching significance for building trustworthy AI and key decision-making scenarios for intelligent agents.