SVA: throughout corner case | sig1 must be stable throughout sig2

Question

Hello,

I want to write an assertion that says 'sig1 must be stable when sig2 is asserted'.

Here is my solution:

property sig1_stable_throughout_sig2 (logic sig1, sig2);
     $rose(sig2) |=> $stable(sig1) throughout !sig2[->1];
endproperty //sig1_stable_throughout_sig2

This assertion works very well, except for the case when sig1 exactly follows sig2 and deasserts in the same clock cycle as sig2.

My understanding is that the assertion requires that sig1 be stable even at the clock which deasserts sig1 (i.e at the negedge of sig1).

Is there a way to make the assertion run until one clock before sig2 deasserts? Or, any other way I could take care of this failure?

Thanks,
Ankit

Answer 1

Ankit Bhange

Full Access

9 posts

May 26, 2021 at 4:17 pm

property sig1_stable_throughout_sig2 (logic sig1, sig2);
     disable iff (!sig2)
     $rose(sig2) |=> $stable(sig1) throughout !sig2[->1];
endproperty //sig1_stable_throughout_sig2

Disabling the assertion when sig2 goes down seems to do the trick. Is this approach correct?

Thanks
-Ankit

Answer 2

Solution

ben@SystemVerilog.us

Full Access

2342 posts

May 26, 2021 at 11:18 pm

In reply to Ankit Bhange:

Quote:

Disabling the assertion when sig2 goes down seems to do the trick. Is this approach correct?

NO!

// The throughout operator specifies that a signal (expression) must hold throughout a sequence.
 ( b throughout R )[/b] is equivalent to [b]( b [*0:$] intersect R ) 
// Use the 
sequenc1 interesect sequence2 // and sequence1 is 
 ($stable(sig1)[*1:$] ##1 !sig2) // Thus, if sig2==0 after 4 cycles, 
//                          the consequent thread that will match will be 
 ($stable(sig1)[*3] ##1 !sig2 // sig2==0 at cycle 4 
 
property sig1_stable_throughout_sig2 (logic sig1, sig2);
     $rose(sig2) |-> ##1 ($stable(sig1)[*1:$] ##1 !sig2) intersect !sig2[->1];
endproperty 
// As mentioned in a previous post, I prefer to use |-> ##1 instead |=> 
// See my next post

Ben Cohen
http://www.systemverilog.us/
For training, consulting, services: contact http://cvcblr.com/home.html
** SVA Handbook 4th Edition, 2016 ISBN 978-1518681448
...
1) SVA Package: Dynamic and range delays and repeats https://rb.gy/a89jlh
2) Free books: Component Design by Example https://rb.gy/9tcbhl
Real Chip Design and Verification Using Verilog and VHDL($3) https://rb.gy/cwy7nb
3) Papers:
- Understanding the SVA Engine,
https://verificationacademy.com/verification-horizons/july-2020-volume-16-issue-2
- SVA Alternative for Complex Assertions
https://verificationacademy.com/news/verification-horizons-march-2018-issue
- SVA in a UVM Class-based Environment
https://verificationacademy.com/verification-horizons/february-2013-volume-9-issue-1/SVA-in-a-UVM-Class-based-Environment

Answer 3

ben@SystemVerilog.us

Full Access

2342 posts

May 27, 2021 at 12:03 am

In reply to ben@SystemVerilog.us:

Another option is to use the until
An until property of the non-overlapping form (i.e., until, s_until) evaluates to true if property_expr1 evaluates to true at every clock tick beginning with the starting clock tick of the evaluation attempt and continuing until at least one tick before a clock tick where property_expr2 (called the terminating property) evaluates to true.

property_expr1 until property_expr2
property sig1_stable_throughout_sig2 (logic sig1, sig2);
     $rose(sig2) |=> $stable(sig1) until !sig2; // Need the |=> because the until is a property
endproperty 
// same as 
$rose(sig2) |=> $stable(sig1)[*0:$] ##1 !sig2; // also OK.

Answer 4

Ankit Bhange

Full Access

9 posts

June 03, 2021 at 10:52 pm

Thanks, Ben. The assertion seems to be working now.

Answer 5

Ankit Bhange

Full Access

9 posts

June 11, 2021 at 5:00 pm

In reply to ben@SystemVerilog.us:

Hello Ben,

What about this way of writing the assertion?

property sig1_stable_throughout_sig2 (logic sig1, sig2);
     $rose(sig2) |-> $stable(sig1) throughout ($rose(sig2) ##1 sig2[*1:$] ##1 $fell(sig2));
endproperty //sig1_stable_throughout_sig2

Thanks,
Ankit

Answer 6

ben@SystemVerilog.us

Full Access

2342 posts

June 12, 2021 at 12:08 pm

In reply to Ankit Bhange:
Consider the following model where all 3 assertions are different. The annotated assertion thread viewer address cases that demonstrate why they are different. It is always preferable to test the assertions in a small model using constrained-random tests.

module top;
  timeunit 1ns;  timeprecision 100ps;    
  `include "uvm_macros.svh"
  import uvm_pkg::*;
  bit clk, sig1, sig2;
 
  initial forever #10 clk = !clk; 
  ap_sig1_stable_throughout_sig2 : assert property(@(posedge clk)  
     $rose(sig2) |=> ($stable(sig1)[*1:$] ##1 !sig2) intersect !sig2[->1]);    
 
 
  ap_until_sig1_stable_throughout_sig2: assert property(@(posedge clk)       
     $rose(sig2) |=> $stable(sig1) until !sig2); // Need the |=> because the until is a property 
 
  ap_sig1_stable_throughout_sig2_B : assert property(@(posedge clk) 
    $rose(sig2) |=>  $stable(sig1) throughout (sig2[*1:$] ##1 $fell(sig2)) ); 
 
  initial begin
    repeat (200) begin
      @(posedge clk);
      if (!randomize(sig1, sig2) with {
        sig1 dist {1'b1 := 10, 1'b0 := 1};
        sig2 dist {1'b1 := 6,  1'b0 := 1};
      })
        `uvm_error("MYERR", "This is a randomize error");
    end
    $finish;
  end
endmodule

http://SystemVerilog.us/vf/ingersect.png

ap_sig1_stable_throughout_sig2 : assert property(@(posedge clk)
$rose(sig2) |=> ($stable(sig1)[*1:$] ##1 !sig2) intersect !sig2[->1]);
------------------------------
http://SystemVerilog.us/vf/until2.png

ap_until_sig1_stable_throughout_sig2: assert property(@(posedge clk)
$rose(sig2) |=> $stable(sig1) until !sig2);

---------------
http://SystemVerilog.us/vf/sig2b2.png

ap_sig1_stable_throughout_sig2_B : assert property(@(posedge clk)
$rose(sig2) |=> $stable(sig1) throughout (sig2[*1:$] ##1 $fell(sig2)) );
----------------------
Ben Cohen
http://www.systemverilog.us/
For training, consulting, services: contact http://cvcblr.com/home.html
** SVA Handbook 4th Edition, 2016 ISBN 978-1518681448
...
1) SVA Package: Dynamic and range delays and repeats https://rb.gy/a89jlh
2) Free books: Component Design by Example https://rb.gy/9tcbhl
Real Chip Design and Verification Using Verilog and VHDL($3) https://rb.gy/cwy7nb
3) Papers:
- Understanding the SVA Engine,
https://verificationacademy.com/verification-horizons/july-2020-volume-16-issue-2
- SVA Alternative for Complex Assertions
https://verificationacademy.com/news/verification-horizons-march-2018-issue
- SVA in a UVM Class-based Environment
https://verificationacademy.com/verification-horizons/february-2013-volume-9-issue-1/SVA-in-a-UVM-Class-based-Environment

Answer 7

ben@SystemVerilog.us

Full Access

2342 posts

June 13, 2021 at 7:45 am

In reply to ben@SystemVerilog.us:

Oops on comment for the last assertion
https://photos.app.goo.gl/V3JorxBcfZpph3WX9

Answer 8

Himanshu m soni

Full Access

9 posts

June 14, 2021 at 12:53 am

In reply to ben@SystemVerilog.us:

Hi
We usually use $stable(signa_name) to see a signal must be stable in from previous clk cycle. How to check that a signal must be stable within clk cycle

Answer 9

Ankit Bhange

Full Access

9 posts

June 14, 2021 at 8:59 pm

In reply to ben@SystemVerilog.us:

Thank you for the thorough explanation, Ben. It seems like

ap_until_sig1_stable_throughout_sig2: assert property(@(posedge clk)       
     $rose(sig2) |=> $stable(sig1) until !sig2); // Need the |=> because the until is a property

is what meets my requirements. However, for some reason I am getting a syntax error when trying to use the 'until' property. I think it is a tool issue.
Could you share any alternatives for until?

Thanks,
Ankit

Answer 10

ben@SystemVerilog.us

Full Access

2342 posts

June 15, 2021 at 10:11 am

In reply to Ankit Bhange:
An until property of the non-overlapping form (i.e., until, s_until) evaluates to true if property_expr1 evaluates to true at every clock tick beginning with the starting clock tick of the evaluation attempt and continuing until at least one tick before a clock tick where property_expr2 (called the terminating property) evaluates to true. The until, s_until operators have an implicit repetition until the terminating condition (i.e., property_expr2) occurs. Specifically, with a strong until (e.g., s_until), if the simulation completes but the terminating condition is pending, the assertion fails, unlike the weak until where the assertion is evaluated as vacuously true.

$rose(req) |=> busy until ready); // Enhanced readability, and Identical to
// $rose(req) |=> busy[*0:$] ##1 ready ; // equivalent property expression
// Thus, 
ap_until_sig1_stable_throughout_sig2: assert property(@(posedge clk)       
     $rose(sig2) |=> $stable(sig1) until !sig2); 
// can be written as 
ap_until_sig1_stable_throughout_sig2: assert property(@(posedge clk)       
     $rose(sig2) |=> $stable(sig1)[*0:$] ##1 !sig2); 
// When sig2==0, sig1 need not be stable

Languages & Standards

Methodologies

Techniques & Tools

Universal Verification Methodology (UVM)

Featured Courses

Additional Courses

Formal-Based Techniques

Analog/Mixed Signal

UVM Forum

SystemVerilog Forum

Coverage Forum

Additional Forums

Implementation Patterns

Specification Patterns

Pattern Resources

UVM Cookbook

Coding Guidelines & Deployment

Coverage Cookbook

Featured & and Upcoming

On-Demand Library

Recording Archive

Conferences & WRG

Siemens EDA Learning Center

Blog & News

Verification Horizons Publication

About Us

Training

Solution

Portfolio

Explore

Siemens

Contact