University of Minnesota

Twin Cities Campus

System-Level Modeling and Verification for Communications System Verilog Assertions Lecture 1 Prof. Xiaofang Zhou ASIC & Systems, Dept. of Microeletronics FUDAN University Shanghai, CHINA

Outline

What's Assertion Immediate assertions Concurrent assertions Class

constructor & destructor copy, type cast, arry, this inheritance, access label & protected, virtual class data, friend, type cast, overload operators

Templates
function template class template

Homeworks
2

What's Assertion
Assertion is a description of a property of the design. During simulation, the assertion fails if:
the expected property does not happen some forbidden property happened

Verilog, week in assertion checks:

How to describe the Wishbone property: ACK_I shall goes high for 1 clock cycle, after STB_I is asserted?

SystemVerilog Assertion (SVA) can easily

describe relation between signals Good control over time

Exampel: Verilog vs. SVA

$rose(a) |-> ##[1:3] $rose(b)
In verilog: always @(posedge a) begin repeat (1) @(posedge clk); fork: a_to_b begin @(posedge b) $display(Success . . . ); disable a_to_b; end begin repeat (3) @posedge clk); $display(Error . . . ); disable a_to_b; end join end In SVA: a_to_b_chk: assert property @(posedge clk) $rose(a) |-> ##[1:3] $rose(b)
Ref: S. Vijayaraghavan M. Ramanathan, A Practical Guild for SystemVerilog Assertions, Springer 2005 4

SVA and Scheduling

Preponed
From previous time slot

Assertion variables are sample.

Prepone (sample) ...... Active (design) ...... Observed (assertions) Reactive (testbench)
To next time slot

Observed
Property expressions are evaluated.

Loop back if more events

Reactive
Pass/fail code are scheduled.

Immediate assertions
Placed in procedural blocks Used only with dynamic simulation
always_comb begin a_ab : assert ( a || b ); end

Example, Immediate SVA

module ImmSVA; reg reg reg a; b; c;

always_comb begin c = a || b; a_ab : assert ( a || b ) else $display($time, "Fail"); end

initial #10 #10 #10 #10 #10 #10; end begin a = 0; a = 1; a = 1; a = 0; a = 0; b b b b b = = = = = 0; 0; 1; 1; 0;

lt defau e h t rwrite n fails. e v o h branc en assertio 'else' s wh n o i t c a

0Fail 10Fail 50Fail

endmodule
7

Concurrent assertions
Beased on clock cycles Test expression is evaluated at clock edges Placed in procedural block, a module, an

interface or a program definition. Use with static (formal) and dynamic verification tools
P_a_or_b_is_high: assert property (@(posedge clk) (a || b));
8

Example I, Concurrent SVA

edge. k c o l c every reg clk, rst; n t o k pled a ht reg a; Ch ec m a s reg b; rtion n, rig Asse oned" regio ge, get always #50 clk = ~clk; "Prep he clock ed . t ue before t stable val P_a_or_b_is_high: assert property os (@(posedge clk) (a || b)) the m l code on $display($time,"\tOk!!\t", a, b); after /fai , s n s o a i p g e else slot. tive" r e c a m i e $display($time,"\tFail\t", a, b); t R " e ck edg o l c e th always @(posedge clk or posedge rst)
module CCTSVA; if (rst == 1'b1) {a, b} <= 2'b0; else {a, b} <= {a, b} + 2'b01; initial begin clk = 1'b1; rst = 1'b0; # 220 rst = 1'b1; # 200 rst = 1'b0; end endmodule

0 100 200 300 400 500 600 700 800 900 1000

Fail Fail Fail Fail Fail Fail Ok!! Ok!! Ok!! Fail Ok!!

xx xx xx 00 00 01 10 11 00 01 10

Example II, Concurrent SVA

module CCTSVA; reg clk, rst; reg a; reg b; always #50 clk = ~clk;

P_a_or_b_is_high: assert property (@(posedge clk) (a || b)) $display($time,"\tOk!!\t", a, b); else $display($time,"\tFail\t", a, b);
always @(posedge clk or posedge rst) if (rst == 1'b1) {a, b} <= 2'b0; else {a, b} <= #20 {a, b} + 2'b01; initial begin clk = 1'b1; rst = 1'b0; # 220 rst = 1'b1; # 200 rst = 1'b0; end endmodule

200

400

600

800

1000

0 100 200 300 400 500 600 700 800 900 1000

Fail Fail Fail Fail Fail Fail Ok!! Ok!! Ok!! Fail Ok!!

xx xx xx 00 00 00 01 10 11 00 01

10

Steps of SVA

sequence: combination of several events, either on the same clock edge or over a period of time
sequence name_of_sequence; test_expression; endsequence

property: combination of several sequences

property name_of_property; test_expression; or complex_sequence_expressions ; endproperty

assert: check the property during simulation

assertion_name: assert property ( property_name);

Put everything in one level is also allowed:

P_STB_to_ACK: assert property (@(posedge CLK_I) $rose(STB_I) |-> ##[1:3] $rose(ACK_O));

11

edge expressions
Monitor the transition of signal value from one clock cycle to the next True if LSB of signal/expr changed to 1 $rose(bool_expr or signal) True if LSB of signal/expr changed to 0 $fall(bool_expr or signal) True if value of signal/expr did not change $stable(bool_expr or signal)
sequence s_stb; @(posedge clk) $rose(STB_I); endsequence
12

Formal arguments
Arguments allowed in sequence definition

sequence s_arg(x, y); x ##1 y; endsequence;

Arguments in a property

13

Sequences with timing relationship

'##' means clock cycle delays check if STB is 1, and 2 clock cycles later ACK is 1
sequence s_seq; @(posedge clk) STB ##2 ACK; endsequence sequence s_seq STB ##2 ACK; property p_seq; endsequence property p_seq s_seq; @(posedge clk) s_seq; endproperty endproperty a_seq: asset property(p_seq); property p_seq @(posedge clk) STB ##2 ACK; endproperty

14

starting point, end point

Sequence can be labeled as .ended
.ended Concatenate sequences at the end point instead of the starting point Without .ended label, SVA reports assertion at the starting point of sequences.
sequence s_seq STB ##2 ACK; Endsequence property p_seq_starting @(posedge clk) s_seq; endproperty sequence s_seq STB ##2 ACK; endsequence property p_seq_ended @(posedge clk) s_seq.ended; endproperty
15

Forbidden property, Action block

Put a keywork 'not' to borbidden a property
n_seq: asset property not @(posedge clk) STB ##2 ACK;

Overwrite default action with action block

a_seq: asset property @(posedge clk) STB ##2 ACK $display($time, "Pass"); else $display($time, "Fail");
16

Implication operator
@(posedge clk) STB ##2 ACK;

Pass when STB is 1 and ##2 ACK is 1 Fail when STB is 0 (Wrong starting point)
@(posedge clk) STB |-> ##2 ACK;

Pass when STB is 1 and ##2 ACK is 1

a real success

Pass when STB is 0 (Ignore wrong starting pnt)

a vacuous success

Fail when STB is 1 and ##2 ACK is not 1

17

antecedent |-> |=> consequent

Overlapped implication: ant |-> con
If ant is true, con is evaluated at the same clock step

Non-overlapped implication: ant |=> con

If ant is true, con is evaluated at the next clock cycle.

Implication with a fixed delay:

ant |-> ##delay con |-> |=> can only be used at property level.
18

Using if/else with implication

property p_if_else; @(posedge clk) (a || b) |-> if (a) (c ##1 d) else (c ##2 d); endproperty the 'if' branch has a priority, i.e. when both a and b are high, 'if' branch got checked. ?: property p_tri @(posedge clk) cond ? x == y : x == z; endproperty
19

Nested implication
Several conditions leads to a final

consequence a_ISR: asset property @(posedge clk) S_INTERRUPT |-> ##1 S_WRITE |-> ##1 S_READ;

20

Timing windows, ##[low:upper]

Wishbone bus: STB_I goes high, and then ACK_I goes high for 1 clock cycle
To avoid comb-loop, assume ACK_I will not goes high the same clock cycle STB_I asserted. Assume ACK_I must reply within 100 cycles.

a_SAFE_WB: asset property @(posedge clk) S_NEW_STB |-> ##[1:100] ACK_I ##1 !ACK_I
indow w d e erlapp v a f te r 1 o r d o d n f n a ] u , 0 o h 10 es hig oes low pper b o u [0: g o I n _ ACK le, it g means c ] y c $ : k 1 [ cloc
21

Parameterized SVA checker

Involved verilog parameter in properties

module xyz(..); parameter delay = 2; property p_delay; @(posedge clk) x |=> ##delay y; endproperty aa: assert property(p_delay); endmodule module zzz(..); Gen_chk #(.delay(1)) i1(..); Gen_chk i2(..);

22

true, $past()
`true is a placeholder and always success
sequence s @(posedge clk) a ##2 b ##3 `true; // seq s is prolonged endsequence

$past check previous value of signals

sequence s @(posedge clk) a |-> ($past(b, 2) == 1b1); // $past(sig or expr, number of clock cyc) endsequence // default is $past(,1)

$past(sig/expr, clk cyc, gate signal)

23

Consecutive repetition
Match continuously for a number of clocks
STB ##1 STB ##1 STB STB [*3]

Repeat sequences
(x ##2 y) ##1 (x ##2 y) ##1 (x ##2 y) (x ##2 y)[*3]

Num. of repeat could be a window

a[*1:3] // a or (a ##1 a) or (a ##1 a ##1 a) something[1:$] // $ means no upper limit
24

Goto and non-consecutive repetition

Goto repetition
Only expression not sequence allowed matches can be intermittent. Last match is the end of entire sequence matching [->n]

Non-consecutive repetition
similar to goto repetition Last match needn't to be the end of entire sequence matching. [=n] @(posedge clk) x |-> ##1 (y[->3]) ##1 z @(posedge clk) x |-> ##1 (y[=3]) ##1 z
25

"and" construct

Combine two sequences by "and"

Both sequences have the same starting point They can have different ending points

sequence sx; @(posedge clk) x##[1:2] y; endsequence sequence sy; @(posedge clk) s || a; endsequence property p; @(posedge clk) sx and sy; endproperty a: assert property(p);
26

"intersect" construct
Combine two sequences by "intersect"
Both sequences have the same starting point They also must have the same end point i.e. two sequences with the same length

To control the length of a sequence sequence ss; a ##[1:$] b ##[2:$] c; endsequence; property pp; @(posedge clk) 1[*10:20] intersect ss; endproperty; a_pp: assert property(pp);

27

"or", "firstmatch" construct

Combine two sequences by "or"
succeed when either of the sequence succeeds.

When or and seq. contains timewidows,

there may exists more than one matches. "first_match" tells SV to discard other matches when first sequence match if found.
28

"throughout" construct
Implication|-> |=>checks for precondition once. "throughout" checks the condition holds true during the evaluation of entire sequence (condition_expr) throughout (sequence)

a_SAFE_WB: asset property @(posedge clk) S_NEW_STB |-> (STB_I) throughout (##[1:100] ACK_I ##1 !ACK_I)
29

"within" construct seq1 within seq2 seq1 happens within the start and completion of seq2
start matching point of seq2 must happen before that of seq1 Ending matching point of seq1 must happen before that of seq2

a_ASYN_RAM_WR: assert property @(posedge clk) WR within CS

30

Some built-in system functions

checks the expression is one-hot
$onehot(expression)

checks if one-hot or zero

$onehot0(expression)

chesks if any bit is X or Z

$isunknown(expression)

Counts the number of bits that are high

$countones(expression)

31

"disable iff" construct

To skip some unrelated conditions, you can use the "disable iff". property blah;

@(posedge CLK) disable iff (RST_N == 1'b0) $..... endproperty a_blah: assert property(blah);
In the above sample, the checker will issue vacuous successes when RST_N is low.
32

Arguments in property
Formal arguments

property blah(a, b); @(posedge clk) a |-> b; endproperty; aa : assert property(blah(stb, cs));

33

Multiple clocking
SVA allows a seq. or prop. to have multiple clock definitions for sampling individual signals or subseq.

property bar; @(posedge CLK1) WRITE ##1 @(posedge CLK2) READ eneproperty
only ##1 or |=> allowed between multiple clocks. Using ##0, ##2, |-> are illegal.
34

"matched" construct
@(posedge clk_b) (seq_a).matched |=> seq_b sequence s_a; @posedge clka) $rose(req); endsequence;

sequence s_b; @posedge clkb) $rose(ack); endsequence; property p_match; @(posedge clk2) s_a.matched |=> s_b; eneproperty
35

"expect" construct
"expect" wait for a property initial begin #1000 ; expect (@(posedge clk) ##[1:100] STB_I == 1'b1) $display($time, "STB asserted\n"); else begin $display($time, "no STB\n"); $finish(); end end
36

Local Variables, Subroutine calls

Comma list
assign local variables in comma list call subroutines in comma list

property foo; int addr; @(posedge CLK) (WB_WRITE, addr = ADR_I) |-> ##[1:$] (WB_READ and (addr == ADR_I), $display("bla bla bla"); ) endproperty
37

Embed vs. Bind

Embed or in-line the checker in design Separate checker and bind it to a module bind module_or_instance_name_of_design checker_name checker_instance_name design_signals;

module top; bind top.ram1 ram_checker r1(a, b, c); endmodule

38

References
S. Vijayaraghavan, M. Ramanathan, A Practical Guide for SystemVerilog Assertions, Springer Science+Business Media, Inc 2005 (, SystemVerilog Assertions 2006) SystemVerilog 3.1a Language Referece Manual, Accellera Organization, Inc, 2004 S. Sutherland, S. Davidmann, P. Flake, SystemVerilog for Design, 2nd ed, Springer 2006

39

Thank You

40