Post on 03-Jan-2016
Sugar 2.0 and TestWizard 2.0 An Introduction
R90943035 杜威廷R91943060 鍾智能
Hardware / Software Co-Design Term Project
Outline
• Sugar 2.0:– Introduction
– Examples
• TestWizard 2.0:– Introduction
– Tasks
– Thread and tag
– Examples
• Sugar converter– Introduction
– Conversion example
• Cadence Support– Support example
• Conclusion
Introduction to Sugar 2.0
• Specification Language used by IBM
• Accellera Property Specification Language (PSL)– Describe properties that required of the
design under Verification
Motivation and Goals
• Conventional specification language both ambiguous and unverifiable
• PSL was developed to:– Write specification which are both easy to read
and mathematically precise– Used for functional specification and input to
functional verification tool– Can validate design in dynamic (simulation) or
static (formal) way– Measure the quality of verification process
Functional Specification
• Can capture requirement both overall behavior of a design and assumptions
• A PSL consists of assertions regarding properties of a design under a set of assumptions.
• Property:– Boolean expression– Sequential expression– Temporal operator
Functional Specification(cont’d)
• Boolean expression:
• Sequential expression:
• Temporal operator
ena || enb
{reg;ack;!cancel}
always{reg;ack;!cancel}
(next[2] (ena || enb))
Functional Specification(cont’d)
Assert always{reg;ack;!cancel}
(next[2] (ena || enb))
Functional verification
• State that req is a pulse signalalways (req -> next !req)
start
onereg
error
!req
!req
req req
Simple FSM for the property
Linear and Branching Fragment
• Universal vs. Existential formula
• Universal:– Useful for reasoning about design under
verificaiton
• Existential:– Useful for reasoning about environment
Strong and Weak operators
• Strong (liveness) operators– Some terminating condition eventually occur. (a until! b)
– Typically more expensive (in terms of computation time and memory requirement)
• Weak (safety) operators• Doesn't make any requirements regarding
eventuality.(a until b)– Problem: How to implement in simulation? It makes no
difference.
Sugar-Based Verification Tool
Source Tool Function
@HDL @Verifier/@Designer,
see flow Formal Property Checker
0-In Design Automation CheckerWare Library of Protocol
Checkers
Avery Design TestWizard Assertion checking
integrated in testbench automation tool
Cadence Verification Cockpit Complete ABV
Solution(dynamic and static assertion checking)
… … …
Introduction to TestWizard 2.0
• Verilog/VHDL Enhancements for Sugar Support• Assertion-based verification
– Temporal property specification
– Simulation-based assertion checking
• More effective than conventional HDL-only methods
• Same language for design and verification – synergy• Based on current existing IEEE Verilog and VHDL standards• No major ramp up time compared to proprietary HVLs• 200% more simulator efficient than Vera or Verisity• Works on all Verilog and VHDL simulators today
Assertions
• “On the Fly” protocolverification of System-level and Interface protocols
• Powerful & concise temporal property semantics to Verilog/VHDL
• Repeating sequences
• Temporal ranges• Conditional
sequences• Logical or/and
• Highly reusable • Comparable to Sugar
(Accellera FPSL WG)• Sugar-to-TestWizard translator
available soon
Basic Introduction
• Assertions in TestWizard 2.0 are also called “Sequence”• Provided as Verilog user defined system tasks/functions or
VHDL procedure calls• Sequence function returns “handle” to construct complex
temporal logic property• An event is considered “true” if the signal’s value is one• A sequence is succeeded if no rule is violated, otherwise it is
failed• Supports synchronous/asynchronous/multi-clock rules• Added threads and tags for better temporal logic management
Timing Constraint Tasks
• seq_handle= $tb_seq(clock, list of events)– Events should occur in order. If clock is specified, check events at clock
edge. If clock is “0”, it is asynchronous checking
• seq_handle= $tb_seq1(clock, list of events)– Events should occur in order at every successive clock edge
• seq_handle= $tb_seq_range(clock, range, event);– Event should occur within range of clocks– $tb_seq_range($tb_posedge(clk), $tb_range(1, 3), a);
• seq_handle= $tb_seq_within(cond, event)– Cond must be true throughout the event
• seq_handle= $tb_seq_before(event1, event2)– Event1 must occur before event2
Timing Constraint Tasks(cont’d)
• $tb_seq_withinseq(window_seq, test_seq)– test_seq must start after window_seq starts, and finish before window_seq
finishes
• seq_handle= $tb_seq_range_start(clock, range, event)– The first event in the sequence must occur within time range
• seq_handle= $tb_seq_now(event)– The event must occur when the task is triggered
• seq_handle= $tb_seq_now_start(event)– The first event in the sequence must occur when the task is triggered
Flow Control Tasks
• seq_handle= $tb_seq_repeat(repeat_count, repeat_event[, finish_event])
– Repeat_event must repeat repeat_count times before finish_event occurs– $tb_seq_repeat($tb_range(3, 8), a, b);
• seq_handle= $tb_seq_if(cond, true_event, false_event)– If cond is true, it will choose true_event, otherwise choose false_event
• seq_handle= $tb_seq_ifseq(cond_event, true_event, false_event)– If cond_event finishes true, it will choose true_event, otherwise choose
false_event
• seq_handle = $tb_seq_imply(clock, cond_seq, check_seq)– If cond_seq ends successfully, then start to check check_seq. Otherwise
do nothing
Flow Control Tasks(cont’d)
• seq_handle = $tb_seq_imply0(cond_seq, check_seq)– When the first event of cond_seq executes, check_seq will start to be
checked. If cond_seq fails, nothing will happen. If cond_seq succeeds, the result of check_seq will determine the result of $tb_seq_imply0.
Logic Related Tasks
• seq_handle= $tb_seq_and(list of events)– All the events must become true at the same time for its own event to be
true
• seq_handle= $tb_seq_par(list of events)– All checks begin at the same time, and all events must succeed
• seq_handle= $tb_seq_or(list of events)– Any of the events from other $tb_seqs must be true for its own event to be
true
• seq_handle= $tb_seq_not(event)– Its own event is true only if event fails
Thread and Tag
• Why thread?– There can be multiple temporal logic streams flowing concurrently
– For example, in a sequence “a b c d e”, all of the following may exist: “a b c d e, a b c d e, a b c d e”
– Need a way to distinguish between them
– Every thread has its unique ID
• Why tag?– Attach information to your temporal logic rules
– Information flows with your temporal logic streams!
– For example, split completion in PCI-X, unique ID is saved
• Sugar doesn't have similar property.
Tag Examplea b c d e
tag
u v w x1 2 21
Initial u= 1, v= 2
a b c d ea b c d e
11 2 21 tag1=1
a b c d e
1 2 1 2 21 tag1=1,tag2=2
a b c d e
1 2 1 1 2 21 tag1=1,tag2=2
w=1
a b c d e
1 2 1 2 1 2 21 tag1=1,tag2=2
w=1, x=2
Thread Control Tasks(cont’d)
• $tb_seq_trigger(seq_handle, result_var[, num_threads])– Starts a sequence checking. If any of the threads succeeds, bit0 of
result_var will toggle. If any thread fails, bit1 of result_var will toggle
• $tb_seq_disable(list of seq_handles)– Stop the sequence checking
• $tb_seq_disable_thread(seq_handle[, thread_id(s)])– Stop some of the threads in the sequence
• thread_id = $tb_seq_thread_find(seq_handle, tag_handle, match_value, from_thread_id)
– Find the thread with which value saved in tag matches match_value
Thread Control Tasks(cont’d)
• thread_id = $tb_seq_thread_iterate(seq_handle, isw, from_thread_id)– Find active thread, succeeded thread, or failed thread
• seq_handle= $tb_seq_thread_getid(variable)– Get the ID of the thread
Tag Tasks
• tag_handle= $tb_seq_tag_new(variable[, list])– Associate the tag with the variable
• seq_handle= $tb_seq_tag_save(tag_handle(s))– Save the variable values to tags
• seq_handle= $tb_seq_tag_load(source_tag_handle, variable)– Load the value previously saved in source_tag and save it to the variable
• seq_handle= $tb_seq_tag_compare(type, tag_handle_1, tag_handle_2[, step])
– Compare the 2 values associated with the tags– Type can be ==, <, <=, >, >=, !=
Tag Tasks(cont’d)
• seq_handle = $tb_seq_tag_event(event, type, tag, variable[, step])– When "event" occurs, the value saved in tag is compared with the variable.
If match, generate true event
• $tb_seq_thread_tag(seq_handle, thread_id, tag_handle, local_var [, tag_handle, local_var])
– Save the value stored in the tag_handle to local_var pair by pair, given the sequence_handle and a specific thread_id
Example 1To check event a followed by b within [2:5] @posedge(clk), then event"c, d, e" must repeat [1:3] times before z within [1:4] @posedge(clk2). Then if sequence "f, g" succeeds, check "h1, i1", else check "h2, i2". And then it is followed by j
handle1= $tb_seq_range($tb_posedge(clk), $tb_range(2, 5), b);handle2= $tb_seq(0, c, d, e);handle3= $tb_seq_repeat($tb_range(1, 3), handle2, z);handle4= $tb_seq_range($tb_posedge(clk2), $tb_range(1, 4), handle3);handle5= $tb_seq(0, f, g);handle6= $tb_seq(0, h1, i1);handle7= $tb_seq(0, h2, i2);handle8= $tb_seq_ifseq(handle5, handle6, handle7);handle9= $tb_seq(0, a, handle1, handle4, handle8, j);$tb_seq_trigger(handle9, result_event);
Example 2• Use Verilog to assist• Sugar:{high_pri_req->next_event_e(grant)[1..8](dst == high_pri)}
• English:After high_pri_req, we expect dst == high_pri to occur on one of the 1st through 8th occurrence of grant
int i = 1;int j = 8;assign event1 = dst == high_pri;h1 = $tb_seq_thread_getid(Vevent1_trigger);h2 = $tb_seq(0,true,h1,Vevent1_end);h3 = $tb_seq_range_start($tb_posedge(clock),0,h2);h4 = $tb_seq_imply(0,high_pri_req,h3);
Example 2(cont’d)
always @(Vevent1_trigger) grant_count_start = 1;
always @(posedge clock)begin
if(grant_count_start == 1)begin
if(grant == 1)grant_count = grant_count + 1;
if(grant_count > j)grant_count_start = 0;
end
if((grant_count_start == 1)&&(grant_count >= i)&&(grant_count <= j))begin
if(event1 == true)Vevent1_end = 1;
else if(grant_count == j)$display("error at %t", $stime);
endend
Design Example - SuperMonitor
• A PCI/PCI-X/PCI-Express verification environment developed with TestWizard
• Used to test designs on PCI/PCI-X/PCI-Express bus• Verification example – PCI/PCI-X/PCI-Express bridge
– Connects two PCI-X buses and a PCI-Express bus– Uses TestWizard Sequence to write assertions to check
PCI protocols– Uses TestWizard transaction database and Sequence to
implement end-to-end checker– Block diagram: See next slide
Sugar Converter
• Converter Sugar property to TestWizard automatically.
• Sugar vs. TestWizard– Vunit <-> Module– Property <-> A sequence which should be
triggered.
Rule Table
• …• Sugar: next event1
(Forward one clock cycle).
Sequence:reg true = 1;$tb_seq1(clock, true, event1);
• …
Conversion Example
Sugar example:
vunit unit1{
property property1 = (Signal_a | Signal_b)@new_clock;
}
Converted Verilog code :
module unit1 (
clock,
rst,
new_clock,
Signal_a,
Signal_b
);
input clock;
input rst;
input new_clock;
input Signal_a;
input Signal_b;
Conversion Example(cont’d)reg [1:0] result1 = 0;
reg flag1 = 0;
integer h1_1, h1_2, h1_3;
initial
begin
h1_2 = $tb_seq($tb_posedge(new_clock), Signal_a );
h1_3 = $tb_seq($tb_posedge(new_clock), Signal_b );
h1_1 = $tb_seq_or( h1_2, h1_3 );
end
always @(posedge rst)
begin
if(flag1 == 0)
flag1 = 1;
else if(flag1 == 1)
$tb_seq_disable(h1_1);
$tb_seq_trigger(h1_1, result1);
end
Conversion Example(cont’d)always @(result1[0])
begin
if($stime != 0)
$display("error at %t ", $stime);
end
always @(result1[1])
begin
if($stime != 0)
$display("success at %t ", $stime);
end
endmodule
Usage
• Put conversion module into the module which want to verify.
Cadence NC_Verilog
• Dynamic Assertion-Based Verification
• It’s doesn't convert Sugar language into Verilog style
• Directly compile with the module which want to verify
Usagemodule;
…
// Declare a property call “MY_ASSERTION”
// pargma property MY_ASSERTION = <interesting event
// or sequence of events>
// Tell the simulator to creat an assertion from
// the MY_ASSERTION property.
// pragma assert MY_ASSERTION;
…
endmodule
Conclusions
• TestWizard uses native Verilog/VHDL syntax– Easy to learn: No need to learn another language– Portable: Works with all major simulators– Fast: Integrated with simulators directly through
PLI, no interpreter in between
• Tags and threads make temporal logic properties more powerful than ever
• Low readability• Complicated
Reference
• IEEE Std 1076, 2000 edition, 2000.• IEEE Std 1364-2001, 2001.• Cindy Eisner and Dana Fisman, Sugar 2.0 Proposal Presented to
Accellera Formal Verification Technical Committee, March 20, 2002• IBM, Guide to Sugar Formal specification Language Version 1.3.1,
November 2000• Accellera, Sugar Formal Specification Language Reference Manual
Draft Version x.y(Draft 2), May 17, 2002• Accellera, Sugar Formal Specification Language Reference Manual
Version 1.0, January 31, 2003• http://www.haifa.il.ibm.com/projects/verification/focs/index.html• Cadnece, Writing and Using Assertions in Cadence’s Dynamic
Assertion-Based Verification for NV-Verilog, Version 4.1, November, 2002