# Hardware Formal Verification Coverage Closure and BugHunt Project Report Phase III Final Report

Yuxiang Chen(yc3096), Ao Li(al3483) Columbia University Fall 2016

| <b>TABLE</b> | OF | CON | <b>TENTS</b> |
|--------------|----|-----|--------------|
|              |    |     |              |

| I. OVERVIEW                                        | 2  |
|----------------------------------------------------|----|
| II. FIFO BUG HUNTING                               | 2  |
| Part 1: fifo_transport_single.sv                   | 2  |
| Part 2: fifo_transport_double.sv                   | 6  |
| III. EFFECTIVE PFV FOR ALU VERIFICATION            | 9  |
| Part A: Latency Check                              | 9  |
| Part B: Liveness Property                          | 11 |
| Part C: Vacuous Property                           | 12 |
| Part D: Comprehensive Formal Verification Approach | 13 |
| FPV Plan for Arithmetic Block                      | 13 |
| Test A: Coverages for all Arithmetic Operations    | 14 |
| Test B: Coverages with Specific Data               | 14 |
| Test C: Operations with Valid Latency              | 15 |
| Test D: Operations with Expected Result            | 18 |
| Test E: Reference Model                            | 21 |
| FPV Plan for Logical Block                         | 23 |
| Test A: Coverages for all Logical Operations       | 24 |
| Test B: Coverages with Specific Data               | 24 |
| Test C: Operations with Valid Latency              | 25 |
| Test D: Operations with Expected Result            | 25 |
| Test E: Reference Model                            | 26 |
| FPV Plan for Overall ALU Block                     | 28 |
| Test A: Clock Gating & DFT Scan Disabled           | 29 |
| Test B: Operations with Defeature Clock Relaxed    | 29 |
| Test C: Reference Model                            | 30 |
| Part E: Comparing two alu0 Instances               | 31 |
| Part F: Inconclusive Result & Blackboxes           | 34 |
| Part G: Blackbox Vs. Abstractions                  | 34 |
| IV. CADENCE JASPER TOOL                            | 35 |
| V. CONCLUSION                                      | 37 |
| VI. COLLABORATIONS                                 | 37 |
| VII. ACKNOWLEDGMENT                                | 37 |
| VIII. REFERENCES                                   | 38 |

# I. OVERVIEW

This report describes the third phase of the *Coverage Closure and BugHunt* Project. We aim to apply formal verification skills learned in the previous two phases to much complex designs using commercial tools Mentor Graphics Questa Formal and Cadence Jasper. The project is divided into three tasks, the first task is to formally verify two medium designs called fifo\_transport\_single.sv and fifo\_transport\_double.sv with the instantiation of fifo design from phase II using Questa Formal. The second task is to formally verify a ALU design with a comprehensive formal verification approach and carry out using the Questa Formal tool. The last task is to reproduce task 1 using Cadence Jasper. The report will thoroughly describe the approaches to each task, and the source code can be found from www.columbia.edu/~yc3096/fv.zip.

### **II. FIFO BUG HUNTING**

In first task, we use cover properties and a set of assertions to formally verify two relatively large design, *fifo\_transport\_single.sv* and *fifo\_transport\_double.sv*, which use a combined read/write ctrl signal. The first DUT uses a single instantiation of the faulty *fifo.sv* design from phase II, and the second design uses two instantiations.

### Part 1: fifo\_transport\_single.sv

The *fifo\_transport\_single* uses a single instantiation of the "faulty" fifo design and combined read/write signal. The combined signal *in\_readwrite\_ctrl* is decoded into *in\_read\_ctrl* and *in\_write\_ctrl*, and passed to the fifo instantiation. The assignments below ensures that only and at least one control signal will be set to high.

```
assign in_read_ctrl = !in_readwrite_ctrl;
assign in_write_ctrl = in_readwrite_ctrl;
```

Below is a set of coverage cases declared in the 4-deep, synchronous reset FIFO design(*fifo.sv*). Since the first design only have a depth of 4, we expect only from *fifo\_num\_entries\_1* to *fifo\_num\_entries\_4* to be covered.

```
// uncovered cases
fifo_num_entries_7: cover property (number_of_current_entries == 7);
fifo_num_entries_6: cover property (number_of_current_entries == 6);
fifo_num_entries_5: cover property (number_of_current_entries == 5);
// covered cases
fifo_num_entries_4: cover property (number_of_current_entries == 4);
fifo_num_entries_3: cover property (number_of_current_entries == 3);
fifo_num_entries_2: cover property (number_of_current_entries == 2);
fifo_num_entries_1: cover property (number_of_current_entries == 1);
```

Below is a set of assertions that declared in the 4-deep, synchronous reset FIFO design(*fifo.sv*). Our main purpose in designing these set of assertions is to find corner cases that can lead to FIFO overflow and underflow. We categorized the assertions to reset, full-condition, and empty-condition assertions, and we have three additional interesting FIFO assertions listed in the last category. Synchronous reset assertion:

1. When the FIFO is reset, the **empty** flag should be set, **full** flag, **write\_ptr**, **read\_ptr**, and **num of current entries** should all be set to zero.

FIFO full condition assertions:

- 2. When the FIFO is full, the **full** flag should be set to 1.
- 3. When the FIFO is full, the **empty** flag should be set to 0.
- 4. When the FIFO is has N-1 entries, and write occurs, then full flag should be set to 1.
- 5. When FIFO is full, the **write** control should be zero.

FIFO empty condition assertions:

- 6. When the FIFO is empty, the **empty** flag should be 1.
- 7. When the FIFO is empty, the **full** flag should be set to 0.
- 8. When the FIFO is has 1 entry, and **read** occurs, then **empty** flag should be set to 1.
- 9. When FIFO is empty, the **read** control should be zero.

FIFO other cases

- 10. When the FIFO is NOT full, the **full** and **empty** flags should be set to 0.
- 11. Write pointer should not change list in\_write\_ctrl is 0.
- 12. Read pointer should not change whilst in read\_ctrl is 0.

We declared two assumptions to the top-level design(*fifo\_transport\_single*) to constrain the input control signal: *no push to (but pop out of) the queue whenever full flag set and no pop out of(but push to) the queue whenever empty flag set.* These two constraints are similar to the two assumptions added in phase II. It's important that we only applied the constraints to the top-level input, which is *in\_readwrite\_ctrl*.

We set the FPV questa environment using the Makefile created previously with minor changes. A screenshot of the Makefile is shown below.

```
run: clean compile sva formal debug
VLIB = ${QHOME}/modeltech/plat/vlib
VMAP = ${QHOME}/modeltech/plat/vmap
VLOG = ${QHOME}/modeltech/plat/vlog
TOP LEVEL = fifo_transport_single.sv.orig.sv
SECOND LEVEL = fifo.sv
compile sva:
  $(VLIB) work
  $(VMAP) work work
  $(VLOG) ./src/vlog/${TOP_LEVEL}
  $(VLOG) ./src/vlog/${SECOND_LEVEL}
compile ovl:
  $(VLIB) work
  $(VMAP) work work
  $(VLOG) -sv ./src/vlog/${TOP_LEVEL} \
     +libext+.v+.sv -y ${QHOME}/share/assertion lib/OVL/verilog \
     +incdir+${QHOME}/share/assertion_lib/OVL/verilog
     +define+OVL SVA+OVL ASSERT ON+OVL COVER ON+OVL XCHECK OFF
formal:
  qverify -c -od Output Results -do "\
     do qs files/directives.tcl; \
     formal compile -d fifo transport single\
        -target cover statements;
     formal verify -init qs_files/design.init \
     -effort unlimited -timeout 5m; \
     exit"
debug:
  qverify Output Results/formal verify.db &
clean:
  qverify clean
  \rm -rf work modelsim.ini *.wlf *.log replay* transcript *.db
  \rm -rf Output Results *.tcl
```

To run the formal tool, we first

make run

in command line, and the questa will clean the previous work, compile the design and run formal verification. The FPV result is shown as below. It's shown that all properties are either covered and proved even though we included the faulty FIFO. Note that the first three cases are uncovered because it's a 4-deep FIFO.

| T          | fifo_inst.fifo_num_entries_7                 | sva |
|------------|----------------------------------------------|-----|
| T          | fifo_inst.fifo_num_entries_6                 | sva |
| 🗢 🛄        | fifo_inst.fifo_num_entries_5                 | sva |
| ©          | fifo_inst.fifo_no_read_ptr_change_condition  | sva |
| 0 <b>P</b> | fifo_inst.reset_flags_ptrs                   | sva |
| O P        | fifo_inst.full_fifo_condition                | sva |
| © <u>p</u> | fifo_inst.fifo_no_write_ptr_change_condition | sva |
| © <b>P</b> | fifo_inst.fifo_no_empty_no_full_condition    | sva |
| © <b>P</b> | fifo_inst.fifo_go_full_condition             | sva |
| O P        | fifo_inst.fifo_go_empty_condition            | sva |
| O P        | fifo_inst.fifo_full_not_empty_condition      | sva |
| ©          | fifo_inst.fifo_full_no_write_condition       | sva |
| O P        | fifo_inst.fifo_empty_not_full_condition      | sva |
| O P        | fifo_inst.fifo_empty_no_read_condition       | sva |
| O P        | fifo_inst.empty_fifo_condition               | sva |
|            | fifo_inst.fifo_num_entries_1                 | sva |
|            | fifo_inst.fifo_num_entries_2                 | sva |
| C          | fifo_inst.fifo_num_entries_3                 | sva |
| 😤 💶        | fifo_inst.fifo_num_entries_4                 | sva |
| · • •      | fifo_assume_empty                            | sva |
| ×          | fifo_assume_full                             | sva |
|            | akatas gitana                                |     |

The first transport FIFO design is working despite the bug(in *fifo.sv*) because the top-level combined read/write control signal ensured that at least one of write and read control will be asserted high, and thus will never enter the faulty *else if* state discovered in phase II.

#### Part 2: fifo\_transport\_double.sv

The second step is to verify *fifo\_transport\_double*, which uses two instantiation of the "faulty" 16-deep synchronized FIFO design and a combined read/write signal. The design concatenate the two FIFO and doubled the depth by adding additional control logic on the top-level. To verified the second design, we declared the same set of assertions from part 1, and same two assumptions applied to input(*in\_readwrite\_ctrl*) on the top-level design.

| 0 | R        | fife inst1 empty fife condition               |          |          | fife insta fife num entries 13 |
|---|----------|-----------------------------------------------|----------|----------|--------------------------------|
| 0 |          | fits inst2 full fits and iting                | (A)      |          | fife_inst1_fife_num_entries_12 |
| ۲ | <u> </u> | nio_inst2.ruii_nio_condition                  | · ·      |          | fife inst2 fife num entries 13 |
| O | E        | fifo_inst1.full_fifo_condition                |          |          | fifo_inst2_fifo_num_entries_14 |
| 0 | E        | fifo_inst2.empty_fifo_condition               |          | C        | fifo_inst2_fifo_num_entries_15 |
| * | U        | fifo inst1.fifo num entries 17                |          | C        | fifo inst2.fifo num entries 16 |
|   | U        | fifo inst2.fifo num entries 18                |          | C        | fifo inst1.fifo num entries 10 |
|   |          | fifo inst2 fifo num entries 17                | *        | C        | fifo_inst1.fifo_num_entries_1  |
| - |          | fife inst1 fife num entries 19                | ()       | C        | fifo_inst2.fifo_num_entries_2  |
|   |          |                                               | *        | C        | fifo_inst2.fifo_num_entries_3  |
| O | <u></u>  | fifo_inst2.fifo_go_full_condition             | *        | C        | fifo_inst2.fifo_num_entries_4  |
| O | P        | fifo_inst2.fifo_empty_no_read_condition       | (*       | C        | fifo_inst2.fifo_num_entries_5  |
| 0 | P        | fifo_inst2.fifo_empty_not_full_condition      | *        | C        | fifo_inst2.fifo_num_entries_6  |
| 0 | P        | fifo inst2.fifo full no write condition       | *        | <u> </u> | fifo_inst2.fifo_num_entries_7  |
| 0 | P        | fifo inst2 fifo full not empty condition      | *        | C        | fifo_inst2.fifo_num_entries_8  |
| 0 | D        | fife inst2 fife ac omnty condition            | *        | <u> </u> | fito_inst2.fito_num_entries_9  |
| 0 |          | file_inst2.nio_go_empty_condition             | ()<br>() |          | fito_inst2.fito_num_entries_11 |
| ۲ | <u> </u> | fifo_inst1.reset_flags_ptrs                   | (i)      |          | fife_inct1_fife_num_entries_6  |
| 0 | P        | fifo_inst2.fifo_no_empty_no_full_condition    | · ·      |          | fife inst1 fife num entries 9  |
| 0 | P        | fifo_inst2.fifo_no_read_ptr_change_condition  | •        |          | fifo_inst1_fifo_num_entries_9  |
| O | P        | fifo inst2.fifo no write ptr change condition |          | C        | fifo inst1.fifo num entries 4  |
| o | P        | fifo inst2.reset flags ptrs                   |          | C        | fifo inst1.fifo num entries 3  |
| 0 | P        | fifo inst1 fifo empty no read condition       | *        | C        | fifo inst1.fifo num entries 2  |
| 0 | D        | fife inst1 fife full not empty condition      | ()       | C        | fifo_inst1.fifo_num_entries_16 |
| 0 |          | nio_insci.nio_iuii_noc_empty_condition        | *        | C        | fifo_inst1.fifo_num_entries_15 |
| O | <u></u>  | fifo_inst1.fifo_go_empty_condition            | *        | C        | fifo_inst1.fifo_num_entries_14 |
| O | P        | fifo_inst1.fifo_go_full_condition             | ()       | C        | fifo_inst1.fifo_num_entries_13 |
| 0 | P        | fifo_inst1.fifo_no_empty_no_full_condition    | *        | C        | fifo_inst1.fifo_num_entries_12 |
| 0 | P        | fifo inst1.fifo no read ptr change condition  | *        | C        | fifo_inst1.fifo_num_entries_11 |
| O | P        | fifo inst1 fifo no write ptr change condition | (*       | C        | fifo_inst2.fifo_num_entries_1  |
| 0 | D        | fife inst1 fife empty not full condition      | *        | C        | fito_inst2.fito_num_entries_10 |
| 0 |          | file in the fill and write and think          |          |          | fife assume_empty              |
| ۲ | <u> </u> | nio_inst1.nio_tun_no_write_condition          |          |          | nio_assume_run                 |

The screenshot above shows that the FPV found two firings for each FIFO. By analyzing the *full\_fifo\_condition* property, we found that the failure is caused when the small FIFO is full, and the write and read control signals to the submodule are both set to 0, thus the FIFO entered the unexpected faulty state while both *out\_is\_empty* and *out\_is\_full* are reset to 0.

The waveform visualizer below shows the counterexample illustrating that the *full* flag is not set when the FIFO is full. After reset, the write control is set for 16 cycles, and then the *full* flag is asserted, which caused the write control to pull down in the next cycle. Since the read and write control to the submodule is not directly generated from the *in\_readwrite\_ctrl* from the top level, it is possible that both of them set to 0, which leads to the last *else if* statement in the faulty FIFO. Therefore, the *full* flag is pulled down even though the FIFO is still full.

The another firing, *empty\_fifo\_condition* is also caused by this bug. After filling the FIFO, the read control asserted for a number of cycles until the FIFO is empty, empty flag asserted, and then both read and write control is set to 0, which also leads to the least *else if* statement in the faulty FIFO, so the *empty* flag pulled down even though the FIFO is still empty.

|                                                                                                                                                                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | Megel                                                                       |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------|------------------------------------------------|------------------------------------------------|---------|-------|---------|-------|
|                                                                                                                                                                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | msys                                                                        | 1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |                                                       |                                                |                                                |         |       |         |       |
| 🛛 🔶 Prim                                                                                                                                                        | nary Clocks                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | -                                                                           | ( Primary                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | Clocks )                                              |                                                |                                                |         |       |         |       |
| /f                                                                                                                                                              | fifo_transport_double/clk                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | 1'b0                                                                        |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
| 🚽 🔶 Prop                                                                                                                                                        | perty Signals                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |                                                                             | ( Property                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | Signals )                                             |                                                |                                                |         |       |         |       |
|                                                                                                                                                                 | nsport_double/fifo_inst1/clk                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | 1'b0                                                                        |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
| 🛨 🔶 .                                                                                                                                                           | /number_of_current_entries                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | 5'd16                                                                       | 5'd11                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | 5'd12                                                 | 5'd13                                          | 5'd14                                          | 5'd15   | 5'd16 |         |       |
|                                                                                                                                                                 | double/fifo_inst2/out_is_full                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | 1'b0                                                                        |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
|                                                                                                                                                                 | nsport_double/fifo_inst2/rst                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | 1'b0                                                                        |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
| 🚽 🔶 Con                                                                                                                                                         | trol Point Signals                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |                                                                             | ( Control F                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | Point Signals                                         | ; )                                            |                                                |         |       |         |       |
|                                                                                                                                                                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |                                                                             |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
|                                                                                                                                                                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |                                                                             |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
|                                                                                                                                                                 | Now                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | 55 ns                                                                       | 1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | nhunun                                                | 1111111                                        | uluun                                          | 1111111 | nhunu | 1111111 |       |
| 10                                                                                                                                                              | Cursor 1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | 17.00                                                                       | Uns                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | 5                                                     | UU NS                                          |                                                | 20 NS   | 5     | 40 ns   |       |
|                                                                                                                                                                 | Cuisoi I                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | +7 115                                                                      |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                | 337 ns                                         |         |       | 347     | 115 3 |
|                                                                                                                                                                 | Start                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | LU NS                                                                       |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
|                                                                                                                                                                 | Fire                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | p0 ns                                                                       |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         | 350 n |
| 1                                                                                                                                                               | 192                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                                                                             |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |                                                       |                                                |                                                |         |       |         |       |
| 1                                                                                                                                                               |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |                                                                             | < 1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                                                       |                                                |                                                |         |       |         |       |
| replay:s\                                                                                                                                                       | va 🗙 📰 replay:sval 🗙                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                                                                             | < ∣                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |                                                       |                                                |                                                |         |       |         |       |
| replay:sv                                                                                                                                                       | va × m replay:sval ×                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | erificatio                                                                  | ⊲ I                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | questa/src                                            | /vlog/fifo.sv                                  | - Default -                                    |         |       |         |       |
| replay:sv<br>/user2/fal                                                                                                                                         | va 🔪 📷 replay:sva1 🗙                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | erificatio                                                                  | <ul> <li>✓ I</li> <li>on/phase_iii</li> <li>inst2</li> </ul>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | _questa/src,                                          | /vlog/fifo.sv                                  | - Default 🚍                                    |         |       |         |       |
| replay:sv<br>/user2/fal<br>FF Ln#                                                                                                                               | va x m replay:sval x                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | erificatio                                                                  | <ul> <li>✓ I</li> <li>on/phase_iii</li> <li>inst2</li> <li>o</li> </ul>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | _questa/src,                                          | /vlog/fifo.sv                                  | - Default 🚞                                    |         |       |         |       |
| replay:sv<br>/user2/fal<br>FF Ln#<br>176                                                                                                                        | va X mereplay:sval X<br>115/yc3096/Desktop/formal_v<br>15/yc3096/Desktop/formal_v<br>115/yc3096/Desktop/formal_v                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | erificatio                                                                  | on/phase_iii<br>inst2<br>inst = numbe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | _questa/src,<br>r of curre                            | /vlog/fifo.sv<br>nt entries                    | - Default ==                                   |         |       |         |       |
| J<br>replay:sv<br>/user2/fal<br>FR Ln#<br>176                                                                                                                   | va X meplay:sval X<br>115/yc3096/Desktop/formal_v<br>4 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | erificatio                                                                  | on/phase_iii<br>inst2<br>10<br>a <= numbe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | _questa/src,<br>r_of_curre                            | /vlog/fifo.sv<br>nt_entries                    | - Default ==<br>3 + 1'b1;                      |         |       |         |       |
| replay:sv<br>/user2/fal<br>FF Ln#<br>176<br>177                                                                                                                 | va X replay:sval X<br>115/yc3096/Desktop/formal_v<br>115/yc3096/Desktop/formal_v<br>116<br>number_of_current_<br>5'd16<br>out_is_empty <= 0;                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | erificatio                                                                  | <pre>on/phase_iii inst2 0 3 &lt;= numbe</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | _questa/src,<br>r_of_curre                            | /vlog/fifo.sv<br>nt_entries                    | - Default ==================================== |         |       |         |       |
| replay:sv<br>/user2/fal<br>FF Ln#<br>176<br>177                                                                                                                 | <pre>va X replay:sval X ll15/yc3096/Desktop/formal_v l15/yc3096/Desktop/formal_v l1'h0 number_of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | erificatio                                                                  | on/phase_iii<br>inst2<br>0<br>a <= numbe                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | _questa/src,<br>r_of_curre                            | /vlog/fifo.sv<br>nt_entries                    | - Default ==                                   |         |       |         |       |
| user2/fal<br>FF Ln#<br>176<br>177<br>178                                                                                                                        | <pre>va x replay:sval x ll15/yc3096/Desktop/formal_v l15/yc3096/Desktop/formal_v l'h0 number_of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= (nu 1'b0</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | erificatio                                                                  | <pre>on/phase_iii inst2 0 s &lt;= numbe c_current_</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | _questa/src,<br>r_of_curre<br>entries ==              | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-       | - Default ==                                   |         |       |         |       |
| replay:sv<br>/user2/fal<br>FR Ln#<br>176<br>177<br>178<br>179                                                                                                   | <pre>va x replay:sval x ll15/yc3096/Desktop/formal_v l15/yc3096/Desktop/formal_v l1'h0 number_of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= (nu 1'b0 5' end</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | erificatio                                                                  | <pre>on/phase_iii inst2 o o o c= numbe c_current_</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | _questa/src,<br>r_of_curre<br>entries ==              | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==                                   |         |       |         |       |
| replay:s<br>/user2/fal<br>FF Ln#<br>176<br>177<br>178<br>179<br>180                                                                                             | <pre>va x replay:sval x ll15/yc3096/Desktop/formal_v l15/yc3096/Desktop/formal_v l1'h0 number_of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= (nu 1'b0 5' end else if (-in_read ctr</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | erificatio                                                                  | <pre>on/phase_iii inst2 o o c = numbe c_current_ o vrite_ct</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | _questa/src,<br>r_of_curre<br>entries ==<br>rl) begin | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==<br>; + 1'bl;<br>·1'bl));          |         |       |         |       |
| Implay:s           /user2/fal           FR         Ln#           176           177           178           179           180                                    | <pre>va im replay:sval im replay:sva</pre> | erificatio                                                                  | <pre>on/phase_iii inst2 i0 i &lt;= numbe c_current_ i_write_ct h0</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | _questa/src,<br>r_of_curre<br>entries ==<br>rl) begin | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==<br>; + 1'bl;<br>·1'bl));          |         |       |         |       |
| Implay:sr           replay:sr           ruser2/fal           FF         Ln#           176           177           178           179           180           181 | <pre>va x mereplay:sval x I15/yc3096/Desktop/formal_v I15/yc3096/Desktop/formal_v I10 number of current_ 5'd16 out is_empty &lt;= 0; 1'h0 out is_full &lt;= (nu 1'b0 5' end else if (-in_read_ctr 1'h0 out is_empty &lt;= 0; 1'h0</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | erificatic<br>c fifo<br>1'h<br>entries<br>amber of<br>d16<br>c1 & -ir<br>1' | <pre>on/phase_iii inst2 0</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | _questa/src,<br>r_of_curre<br>entries ==<br>r1) begin | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==<br>s + 1'b1;<br>·1'b1));          |         |       |         |       |
| Implay:s           /user2/fal           FR         Ln#           176           177           178           179           180           181           182        | <pre>va replay:sval x I15/yc3096/Desktop/formal_v I15/yc3096/Desktop/formal_v I160 number_of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= (nu 1'b0 out_is_empty &lt;= 0; 1'h0 out_is_empty &lt;= 0; 1'h0 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= 0; 1'b0</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | erificatio                                                                  | <pre>on/phase_iii inst2 oo oo</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | _questa/src,<br>r_of_curre<br>entries ==<br>rl) begin | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==<br>; + 1'bl;<br>·1'bl));          |         |       |         |       |
| replay:sv<br>/user2/fal<br>FF Ln#<br>176<br>177<br>178<br>179<br>180<br>181<br>182<br>182<br>183                                                                | <pre>va replay:sval x I15/yc3096/Desktop/formal_v I15/yc3096/Desktop/formal_v I'h0 number of_current_ 5'd16 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= (nu 1'b0 out_is_empty &lt;= 0; 1'h0 out_is_empty &lt;= 0; 1'h0 out_is_empty &lt;= 0; 1'h0 out_is_full &lt;= 0; 1'h0 out_is_full &lt;= 0; 1'h0 end</pre>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | erificatio                                                                  | <pre>on/phase_iii inst2 on/phase_iii inst2 on content content</pre> | _questa/src,<br>r_of_curre<br>entries ==<br>rl) begin | /vlog/fifo.sv<br>nt_entries<br>(ENTRIES-<br>16 | - Default ==                                   |         |       |         |       |

We removed the two assignment lines, re-verified the design using the same set of assertions, and now all assertions are proved as shown below. Note that *fifo\_num\_entries\_17* and *fifo\_num\_entries\_18* are uncovered, because both FIFO are 16-deep.

| U          | fifo inst1.fifo num entries 17                 | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst2.fifo_num_entries_3  |
|------------|------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------|
|            | fifo inst1 fifo num entries 18                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_12 |
|            | fife inst2 fife num entries 19                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_13 |
| \$ <b></b> | nio_inst2.nio_num_entries_18                   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_14 |
| T          | fifo_inst2.fifo_num_entries_17                 | The second se | fifo_inst2.fifo_num_entries_15 |
| ©          | fifo_inst2.fifo_go_empty_condition             | Solution                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | fifo_inst2.fifo_num_entries_16 |
| O P        | fifo inst1.full fifo condition                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst1.fifo_num_entries_4  |
| O P        | fifo inst2 empty fifo condition                | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst1.fifo_num_entries_3  |
|            | fife inst2 fife empty no read condition        | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst2.fifo_num_entries_2  |
|            | nio_inst2.nio_empty_no_read_condition          | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst1.fifo_num_entries_8  |
| © <b>2</b> | fifo_inst2.fifo_empty_not_full_condition       |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_4  |
| ©          | fifo_inst2.fifo_full_no_write_condition        |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_5  |
| ©          | fifo inst2.fifo full not empty condition       | * <b>L</b>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  | fifo_inst2.fifo_num_entries_6  |
| 0          | fifo instl.reset flags ptrs                    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst2.fifo_num_entries_7  |
|            | fife inst2 fife as full condition              |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fife inst2 fife num entries 0  |
|            | fife inst2 fife as empty as full condition     |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fife inst1 fife num entries 3  |
|            | nio_inst2.nio_no_empty_no_iuii_condition       |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fife inst2 fife num entries 11 |
| 0          | fifo_inst2.fifo_no_read_ptr_change_condition   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fife inst1 fife num ontrios 9  |
| ©          | fifo_inst2.fifo_no_write_ptr_change_condition  |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst1_fifo_num_entries_7  |
| 0          | fifo inst2.full fifo condition                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst1 fifo_num_entries_16 |
| 0          | fifo inst2 reset flags ptrs                    |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo_inst1 fifo_num_entries_15 |
|            | fife inst1 empty fife condition                |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo inst1.fifo num entries 14 |
|            | fife in sta fife full as units as addition     |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | fifo inst1.fifo num entries 13 |
|            | nio_inst1.nio_iuii_no_write_condition          | Solution                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | fifo inst1.fifo num entries 12 |
| 0          | fifo_inst1.fifo_full_not_empty_condition       | T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T     T         | fifo inst1.fifo num entries 11 |
| ©          | fifo_inst1.fifo_go_empty_condition             | The second se | fifo_inst1.fifo_num_entries_10 |
| 0          | fifo inst1.fifo go full condition              | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst1.fifo_num_entries_1  |
| 0          | fifo inst1 fifo no empty no full condition     | T                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst1.fifo_num_entries_6  |
|            | fife inst1 fife no read ptr change condition   | The second se | fifo_inst1.fifo_num_entries_5  |
|            | file instantion no read prior change condition | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst2.fifo_num_entries_1  |
|            | nio_inst1.fifo_no_write_ptr_change_condition   | C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | fifo_inst2.fifo_num_entries_10 |
| ©          | fifo_inst1.fifo_empty_no_read_condition        | × 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | fifo_assume_empty              |
| • <u>p</u> | fifo_inst1.fifo_empty_not_full_condition       | 🔨 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | fifo_assume_full               |

# **III. EFFECTIVE PFV FOR ALU VERIFICATION**

In this task, we are going to dive into more advanced design verification techniques, bug hunting FPV, which aims to target complex scenarios and discover subtle corner cases that are unlikely to be hit through simulation. We are also going to explore practical issues in setting up an robust FPV environment and effectively using it on our model for bug hunting and full proof. We illustrate this process on an arithmetic logic unit(ALU) design example from the website *formalverificationbook.com* 

### Part A: Latency Check

Our first step is to check whether the latency of all operations in our top-level ALU design is fixed. As we scan through the RTL code, we found that the proper latency for majority cases are 3 clock cycles. Our formal approach is to add assertions to verify all operations(both logical and arithmetic) have a latency of 3 clock cycles.

Based on the given top-level RTL, we have to apply additional assumptions so that behaviors are restricted to checking operations of the choice. We add two assumptions exhibited as followings:

Assumptions

1. Assume the defeaturee bit is driven to be 1. When this bit is 0 and src2 is 0, the clock for arithmetic module is gated. As this bit will be driven to 1 in most real-lie usages, we can safely deprioritize cases where this bit is 0.

defeature\_assume: assume property (@(posedge Clk) (defeature\_addck));

#### 2. Assume all feeding operations are valid and are either arithmetic or logical operation

| lega | l opcode: | assume | property(@(posedge | Clk) | valid arithmetic op | (uopcode) | 11 | valid logical | op(uopcode)) | ; |
|------|-----------|--------|--------------------|------|---------------------|-----------|----|---------------|--------------|---|
|------|-----------|--------|--------------------|------|---------------------|-----------|----|---------------|--------------|---|

#### Coverage & Assertions

To check the latency of each operation, we first use cover property to check whether all potentially operations can be used in our environment. The FPV tool shows that our initial covers on these are successful.

```
genvar j;
generate for (j= OPADD; j<= OPCMP; j++) begin: cover_all_operations
    cover_arithmetic: cover property (@(posedge Clk) ((uopcode == j) ##3 (resultv != 0) ) );
end
endgenerate
genvar k;
generate for (k= OPAND; k<= OPXOR; k++) begin: logical_latency
    cover_logical: cover property (@(posedge Clk) ((uopcode == k) ##3 (resultv != 0) ) );
end
endgenerate
```

Then we assert properties to verify when valid operation and uopv arrive, a valid output signal appears in three cycles. The assertion is proved from formal tool.

valid\_latency3: assert property (@(posedge Clk) ((uopv) |-> ##3 resultv ));

We further investigated the possibilities by checking whether the valid result signal will appear after two clock cycles.

cover\_latency1: cover property (@(posedge Clk) ((uopv) |-> ##1 resultv )); cover\_latency2: cover property (@(posedge Clk) ((uopv) |-> ##2 resultv ));

| ×                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | defeature_assume                          | sva |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------|-----|
| <b>A</b>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | legal_opcode                              | sva |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | cover_all_operations[10].cover_arithmetic | sva |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | cover_all_operations[11].cover_arithmetic | sva |
| Solution                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | cover_all_operations[8].cover_arithmetic  | sva |
| C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | cover_all_operations[9].cover_arithmetic  | sva |
| C                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | cover_latency1                            | sva |
| Solution                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | cover_latency2                            | sva |
| S                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | logical_latency[0].cover_logical          | sva |
| Image: Second | logical_latency[1].cover_logical          | sva |
| The second seco      | logical_latency[2].cover_logical          | sva |
| ©                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | valid_latency3                            | sva |

After formal verifying, these two properties are covered, and the counterexample result is a bit surprising, as we don't expect *resultv* sets to high in two cycles. Bringing up the waveform, we are surprised to see that the *adduopv04* node connected to the flip-flop in arithmetic unit has been always high since reset, hence the cover passes. The reason for the valid bit is high is that the MSFF is not resettable - the flop output can be come out with any value starting from beginning.



Therefore, we can formally prove that all operations have the latency of 3 clock cycles, however, due to the non-resettable issue of the flip-flop, the *resultv* signal could rise earlier than expected. To fix the issue, we need to make the flop resettable. We will explain this in Part D in details.

### Part B: Liveness Property

In this section, we exercise writing liveness properties, one that passes and another one that fails.

a. Passed Liveness Property

Assumption:

- 1. scan debugger is disabled
- 2. Opcodes are either arithmetic or logical operations
- 3. Clock gating is disabled

Assertion: when a valid operation arrives, there will be a result eventually.

```
//Assumption:
Legal_logical_opcode: assume property(@(posedge Clk) (valid_arithmetic_op(uopcode)))|(valid_logical_op(uopcode)));
clock_gating_disable: assume property(@(posedge Clk) (defeature_addck));
disbale_dft_scan: assume property(@(posedge Clk) (dftslovrd == 1'b0));
assume property (@(posedge Clk) (uopv==1 ));
//Assertion:
passed condition: assert property(@(posedge Clk)(uopv) |=> s eventually resultv);
```

#### Verification: the liveness property is proved

| <br>1 | Name                 | Туре | Radius | Clocks | Time |
|-------|----------------------|------|--------|--------|------|
| 00    | upov_condition       | sva  |        | Clk    |      |
|       | Legal_logical_opcode | sva  |        | Clk    |      |
|       | assume_0             | sva  |        | Clk    |      |
|       | clock_gating_disable | sva  |        | Clk    |      |
|       | disbale dft scan     | sva  |        | Clk    |      |

b. Failed Liveness Property

Assumption:

- 1. 1. scan debugger is disabled
- 2. Opcodes are either arithmetic or logical operations
- 3. Clock gating is enabled

Assertion: when a valid operation arrives, there will be a result eventually.

```
//Assumption:
Legal_logical_opcode: assume property(@(posedge Clk)(valid_arithmetic_op(uopcode) )||(valid_logical_op(uopcode)));
clock_gating_disable: assume property(@(posedge Clk) (!defeature_addck));
disbale_dft_scan: assume property(@(posedge Clk) (dftslovrd == 1'b0));
//Assertion:
failed_condition: assert property(@(posedge Clk)((uopv)|=> s_eventually resultv));
```

This liveness property failed, because in this environment, we didn't disable the clock gating, therefore it is possible that the formal tool find a counterexample when clock is gated, and the *resultv* never set to high.

| ) | EX | 00 | failed_condition     | sva | 3 | Clk | 40ns |
|---|----|----|----------------------|-----|---|-----|------|
|   |    |    | Legal_logical_opcode | sva |   | Clk |      |
| • |    |    | clock_gating_disable | sva |   | Clk |      |
| • |    |    | disbale dft scan     | sva |   | Clk |      |

#### **Part C: Vacuous Property**

An important of quality checks is to make sure that we do not have any proofs passing vacuously. In this section, we exercise writing a vacuous property from the ALU design that will lead to a vacuous truth Assumption & Assertion:

```
Legal_logical_opcode: assume property(@(posedge Clk) (valid_arithmetic_op (uopcode))||(valid_logical_op (uopcode)));
clock_gating_disable: assume property(@(posedge Clk) (!defeature_addck));
disable_dft_scan: assume property(@(posedge Clk) (dftslovrd == 1'b0));
uopv_condition: assume property(@(posedge Clk) (uopv==0));
//Assertion:
vacuous_condition: assert property(@(posedge Clk)((uopv)|=> s_eventually resultv));
```

The above property is proved to be vacuously. We say that an implication  $p \rightarrow q$  holds vacuously if p is always false. In te case above, our operation valid bit is assumed to be 0, so it's impossible for uopv to hold ture and result eventually hold false. So the implication is tautology.

|            |          | Name                 | Туре | Radius | Clocks | Time |
|------------|----------|----------------------|------|--------|--------|------|
| • <u>v</u> | $\infty$ | failed_condition     | sva  |        | Clk    |      |
| •          |          | Legal_logical_opcode | sva  |        | Clk    |      |
| s 📖 🕻      |          | clock_gating_disable | sva  |        | Clk    |      |
| 🔨 📖 i      |          | disbale_dft_scan     | sva  |        | Clk    |      |
| < 💶 🛛      |          | uopv condition       | sva  |        | Clk    |      |

### Part D: Comprehensive Formal Verification Approach

| Goals              | Verify the correct behavior of the arithmetic unit, in the absence of unusual activity, such as clock-gating.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
|--------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Properties         | Create cover points that replicate each waveform in the spec that illustrates arithmetic unit behavior.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
|                    | <ul> <li>Assume all operations are arithmetic, blackboxing the logic unit, add an assumption that the logical subunit valid signal <i>logresultv</i> is always 0.</li> <li>Assume clock gating is off.</li> <li>a. Cover each arithmetic operation(ADD, SUB, CMP), alone and back-to-back with another arbitrary operation. Assume only arithmetic operations and src2 is nonzero.</li> <li>b. Cover cases of each operation above with specific data that exercise all bits. Assume dft scan is disabled. For example: <ol> <li>opcode: ADD, src1=32'h7777777, src2=32'h8888888.</li> <li>opcode: SUB, src1=32'h77777777, src2=32'h88888888.</li> <li>opcode: MUL, src1=32'h0000FFFF, src2=32'h7FFFFFFF.</li> <li>opcode: CMP, src1=32'h0, src2=32'hFFFFFFF.</li> </ol> </li> <li>c. Assert that when a valid operation arrives, a valid output appears in three clock cycles.</li> <li>d. Assert that each operation generates the expected results, given specific data.</li> <li>e. Create a reference model, and check that the result in the real RTL matches our reference model.</li> </ul> |
| Complexity Staging | <ul> <li>Initial stages: Blackbox logical subunit, set DSIZE to 8. Disable DFT and clock gating.</li> <li>Stages for improving verification quality if time permits: <ul> <li>a. Allow all DSIZE values</li> <li>b. Allow DFT functionality</li> <li>c. Allow clock-gating</li> </ul> </li> </ul>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
| Exit Criteria      | We exercise all covers and prove our arithmetic unit assertions for correct ALU functionality, under the overconstraints we have specified above.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |

FPV Plan for Arithmetic Block

The syntax to blackbox the logic unit, and constraint the logic subunit result valid *logresultv* is shown below:

#blackbox logic unit
netlist blackbox logical\_subunit
formal netlist constraint logresultv 1'b0

We would start with defining cover properties for typical activities and interesting combinations of basic behaviors in test A and B. Then we define assertions to prove targets(arithmetic operation) according by the specification in test C and D. Lastly, we created a shadow reference model that calculate the core results of the logic, and then compare the result generated by the two units.

#### **Test A: Coverages for all Arithmetic Operations**

Cover each arithmetic operation(ADD, SUB, MUL, CMP), alone and back-to-back with another arbitrary operation. Assume only arithmetic operations and src2 is nonzero.

Assumption:

```
Legal_logical_opcode: assume property(@(posedge Clk) (valid_arithmetic_op (uopcode) ));
src2_value: assume property (@(posedge Clk) (src2!=0 ));
```

Cover Property:

```
genvar k;
generate for (k= OPADD; k<= OPCMP; k++) begin: g1
arithmetic alone:cover property (@(posedge Clk)(uopv & uopcode == k) ##3 resultv ) ;
arithmetic_back2back:cover property (@(posedge Clk)(uopv & uopcode == k) ##1 (uopv)##2 resultv ##1 resultv);
end
endgenerate
```

The result shows that all opcodes can potentially be used in our environment. We have examined the waveform to confirm the fact.

| r <u> </u> | g1[8].arithmetic_alone      | sva | 4 | Clk |
|------------|-----------------------------|-----|---|-----|
| 8 <b>C</b> | g1[8].arithmetic_back2back  | sva | 5 | Clk |
| C          | g1[9].arithmetic_alone      | sva | 4 | Clk |
| r 💶 🕫      | g1[9].arithmetic_back2back  | sva | 5 | Clk |
| ÷ 🔼        | g1[10].arithmetic_alone     | sva | 4 | Clk |
| e 💶        | g1[10].arithmetic_back2back | sva | 5 | Clk |
|            | g1[11].arithmetic_alone     | sva | 4 | Clk |
| e 🗾        | g1[11].arithmetic_back2back | sva | 5 | Clk |
|            | Legal_arithmetic_opcode     | sva |   | Clk |
| <          | src2 value                  | sva |   | Clk |

#### **Test B: Coverages with Specific Data**

Cover cases of each operation above with specific data that exercise all bits. Assume dft scan is disabled. Assumption:

Legal\_logical\_opcode: assume property(@(posedge Clk) (valid\_arithmetic\_op (uopcode) )); src2\_value: assume property (@(posedge Clk) (src2!=0 ));

We designed a set of inputs for each operation to exercise all bits in arithmetic unit. Coverages:

```
valid_adder: cover property (@(posedge Clk)(
   (uopv & uopcode == 0PADD) ##1(src1 == 32'h7777777 & src2 ==32'h888888888) ##2(resultv)));
valid sub: cover property (@(posedge Clk)(
   (uopv & uopcode == 0PSUB) ##1(src1 == 32'hFFFFFFE & src2 ==32'hFFFFFFF) ##2(resultv)));
valid_mul: cover property (@(posedge Clk)(
   (uopv & uopcode == 0PMUL) ##1(src1 == 32'h0000FFFF & src2 ==32'h00010001) ##2(resultv)));
valid cmp: cover property (@(posedge Clk)(
   (uopv & uopcode == 0PCMP) ##1(src1 == 32'h0 & src2 ==32'hFFFFFFFF) ##2(resultv)));
valid back2back adder: cover property (@(posedge Clk)(
   ((uopv & uopcode == OPADD) ##1 (uopv & uopcode == OPADD & uopv & src1 == 32'h7777777 & src2 ==32'h888888888)
   ##1 (uopv & src1 == 32'h77777777 & src2 ==32'h888888888) ##1 resultv ##1 resultv)
)):
valid_back2back_sub: cover property (@(posedge Clk)(
   ((uopv & uopcode == OPSUB) ##1 (uopv & uopcode == OPSUB & uopv & src1 == 32'hFFFFFFE & src2 ==32'hFFFFFFF)
   ##1 (uopv & src1 == 32'hFFFFFFE & src2 ==32'hFFFFFFF) ##1 resultv ##1 resultv)
));
##1 (uopv & src1 == 32'h0000FFFF & src2 ==32'h00010001) ##1 resultv ##1 resultv)
));
valid_back2back_cmp: cover property (@(posedge Clk)(
   ((uopv & uopcode == OPCMP) ##1 (uopv & uopcode == OPCMP & uopv & src1 == 32'h00000000 & src2 ==32'hFFFFFFF)
   ##1 (uopv & src1 == 32'h00000000 & src2 ==32'hFFFFFFF) ##1 resultv ##1 resultv)
));
```

The result shows that both scenarios with our specific data alone and back-to-back with another operations give cover points.

| *                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | Name                  | Туре | Radius | Clocks | Time |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------|------|--------|--------|------|
| The second seco      | valid_adder           | sva  | 4      | Clk    | 50ns |
| The second seco      | valid_back2back_adder | sva  | 5      | Clk    | 60ns |
| The second seco      | valid_back2back_cmp   | sva  | 5      | Clk    | 60ns |
| The second seco      | valid_back2back_mul   | sva  | 5      | Clk    | 60ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | valid_back2back_sub   | sva  | 5      | Clk    | 60ns |
| The second se | valid_cmp             | sva  | 4      | Clk    | 50ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | valid_mul             | sva  | 4      | Clk    | 50ns |
| The second seco      | valid_sub             | sva  | 4      | Clk    | 50ns |
| 🔨 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | Legal_logical_opcode  | sva  |        | Clk    |      |
| 🔨 🚃                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | src2 value            | sva  |        | Clk    |      |

#### **Test C: Operations with Valid Latency**

Assert that when a valid operation arrives, a valid output appears in three clock cycles.

```
genvar p;
generate for (p= OPADD; p<= OPCMP; p++) begin: arithmetic3
arithmetic_assert_3_cycles: assert property(@(posedge Clk)((uopv & uopcode==p) |-> ##3 resultv));
end
endgenerate
```

We receive proofs for the assertions above.

| 0 | P        | arithmetic3[8].arithmetic_assert_3_cycles  | sva | Clk |
|---|----------|--------------------------------------------|-----|-----|
| 0 | <u>P</u> | arithmetic3[9].arithmetic_assert_3_cycles  | sva | Clk |
| 0 | <u></u>  | arithmetic3[10].arithmetic_assert_3_cycles | sva | Clk |
| 0 | P        | arithmetic3[11].arithmetic_assert_3_cycles | sva | Clk |

We also tested cases when clock gating is enabled, when a valid operation arrives, a valid result will not show up in three cycles.

```
Legal_logical_opcode: assume property (@(posedge Clk) (valid_arithmetic_op (uopcode) ));
clock_gating_enable: assume property (@(posedge Clk) (!defeature_addck));
disbale_dft_scan: assume property (@(posedge Clk) (dftslovrd == 1'b0));
src2_value: assume property (@(posedge Clk) (src2==0));
```

#### Assertion:

```
genvar m;
generate for (m= OPADD; m<= OPCMP; m++) begin: g1
    Page176_cover_arithmeticm: assert property (@(posedge Clk) (uopv & (uopcode == m) |-> ##3 !resultv));
end
endgenerate
```

The FPV result shows firings for all four arithmetic operations.

| 🔨 📖        | Legal_logical_opcode             | sva |   | Clk |      |
|------------|----------------------------------|-----|---|-----|------|
| 🔨 📖        | clock_gating_enable              | sva |   | Clk |      |
| 🔨 📖        | disbale_dft_scan                 | sva |   | Clk |      |
| 🔨 📖        | src2_value                       | sva |   | Clk |      |
| 0 <b>E</b> | g1[10].Page176_cover_arithmeticm | sva | 4 | Clk | 40ns |
| 0 E        | g1[11].Page176_cover_arithmeticm | sva | 4 | Clk | 40ns |
| O <b>E</b> | g1[8].Page176_cover_arithmeticm  | sva | 4 | Clk | 40ns |
| O E        | g1[9].Page176 cover arithmeticm  | sva | 4 | Clk | 40ns |
|            |                                  |     |   |     |      |

Bringing up the waveform, and tracing back from the *resultv* signal, we found the *arithresultv* node connected to the flip-flop in arithmetic unit has been always high since reset, hence the assertion fires. The reason for the valid bit is high is again that the MSFF is not resettable - the flop output can be come out with any value starting from beginning.



This issue could lead to more firings in further verification, therefore, we added asynchronous reset to the MSFF. The new RTL for MSFF is shown as below. Then we modified the corresponding RTL for ALU, which takes a rst bit as input, and passes it to it's submodules.

```
// A basic Flip-Flop with asynchronous reset
`define MSFF(q,i,clock,rst) \
    always_ff @(posedge clock or posedge rst) \
    begin \
    if (rst) begin \
        q <= 0; \
    end else begin \
        q <= i; \
    end \
     end \
    end \
     end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \
    end \] \
    end \
    end \
    end \] \
     end \
     end \] \] \] \] \] \
```

After we made the flop resettable and completed these modifications to the ALU to our environment and rerun, we saw a pass to the assertions. We also went back to the previous test, and saw proves as well.

| •                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | Legal_logical_opcode            | sva | Clk | 1 |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------|-----|-----|---|
| <ul> <li>Image: A set of the set of the</li></ul> | clock_gating_enable             | sva | Clk | 1 |
| <                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | disbale_dft_scan                | sva | Clk | 1 |
| < <p>Image: 1 and 1 and</p>   | src2_value                      | sva | Clk | 1 |
| o                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | g1[10].Page176_cover_arithmetic | sva | Clk | 4 |
| 0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | g1[11].Page176_cover_arithmetic | sva | Clk | 4 |
| 0 <b>P</b>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | g1[8].Page176_cover_arithmetic  | sva | Clk | 4 |
| 0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | g1[9].Page176 cover arithmetic  | sva | Clk | 4 |

#### **Test D: Operations with Expected Result**

Then we verify that each arithmetic operation generates the expected results, given specific data. Assumption:

clock gating disable: assume property(@(posedge Clk) (defeature addck));

#### Assertions: valid\_adder: assert property (@(posedge Clk)( (uopv & uopcode == OPADD) ##1(src1 == 32'h8 & src2 ==32'h4) |-> ##2(result == 32'hC))); valid\_sub: assert property (@(posedge Clk)( (uopv & uopcode == OPSUB) ##1(src1 == 32'h8 & src2 ==32'h4) |-> ##2(result == 32'h4))); valid\_mul: assert property (@(posedge Clk)( (uopv & uopcode == OPMUL) ##1(src1 == 32'h8 & src2 ==32'h4) |-> ##2(result == 32'h20))); valid\_cmp: assert property (@(posedge Clk)( (uopv & uopcode == OPCMP) ##1(src1 == 32'h8 & src2 ==32'h4) |-> ##2(result == 32'h20)));

The result shows three unexpected firings for SUB, MUL and CMP operations. We look into each counterexample and find out why the design is not behaving sanely.

|   |         | Name                    | Type | Radius | Clocks | Time |
|---|---------|-------------------------|------|--------|--------|------|
| 0 | F       | valid_cmp               | sva  | 4      | Clk    | 50ns |
| 0 | E       | valid_mul               | sva  | 4      | Clk    | 50ns |
| 0 | E       | valid_sub               | sva  | 4      | Clk    | 50ns |
| 0 | <b></b> | valid_adder             | sva  |        | Clk    |      |
|   |         | defeature always be one | sva  |        | Clk    |      |

Subtraction Firing:

The waveform below shows that when a valid SUB opcode arrives and the two specified operands arrive at the next cycle, then we get an unexpected result of 32'hd(should be 32'h4). We trace back to line 340, and find that although *opsub04* is correctly set, the uninverted *src2inv04* is incorrectly assigned to *result04*.



To fix the issue, we change the assignment in line 331 as following:

if ( opsub04 ) src2inv04 = ~src2mask04;

Multiplication & Comparator Firing:

The waveforms below show that when a valid MUL or CMP opcode arrives and the two specified operands arrive at the next cycle, then we get an unexpected result of 32'h10(MUL) or 32'h04 (CMP), however, the expected result should be 32'h20 and 32'h8 respectively. We follow the same steps as the last task, and found that *src1mask04*, *src2mask04* and *cmpresult04* have the correct values, but the multiplied or compared results are not properly assigned to *result04*. The issue is that the last bit of the multiplied or compared result is assigned to the *dummyout04*. This dummy bit is useful to eliminate the cin bit from ADD/SUB operation, but will cause bug when the operation is multiplication and comparison.



To fix the issue, we change the assignment in line 340 as following:

| result04 = opcmp04 ? cmpresult04 : opmul04 ? | (src1mask04 * src2mask04): | : (src1mask04 + src2inv04 + cin04) ; |
|----------------------------------------------|----------------------------|--------------------------------------|
|----------------------------------------------|----------------------------|--------------------------------------|

We rerun the FPV tool, and all three firings are fixed with the modifications above.

|   |          | clock_gating_disable | sva | Clk |
|---|----------|----------------------|-----|-----|
| 0 | P        | valid_adder          | sva | Clk |
| 0 | P        | valid_cmp            | sva | Clk |
| 0 | <b>p</b> | valid_mul            | sva | Clk |
| 0 | p        | valid_sub            | sva | Clk |
|   |          | 0.00                 |     |     |

We verify another set of data that exercise all bits. Each operation generates the expected result in three cycles.

| valid  | adder: assert    | property (@(posedge Clk)(      |             |                | The Test Test 1114 |                   |                                |                      |
|--------|------------------|--------------------------------|-------------|----------------|--------------------|-------------------|--------------------------------|----------------------|
| (u     | iopv & uopcode = | == OPADD & uopsize == DSIZE32) | ##1(src1 == | 32 ' h77777777 | & src2 ==          | = 32'h88888888)   | -> ##2(result =                | == 32'hFFFFFFF)));   |
| valid  | sub: assert pro  | operty (@(posedge Clk)(        | 1000        |                |                    |                   | 5 250 250                      |                      |
| (u     | iopv & uopcode = | == OPSUB & uopsize == DSIZE32) | ##1(src1 == | 32 'hFFFFFFFE  | & src2 ==          | = 32'hFFFFFFF)    | -> ## <mark>2</mark> (result = | == 32'hFFFFFFF)));   |
| valid_ | mul: assert pro  | operty (@(posedge Clk)(        |             |                |                    |                   | 1                              |                      |
| (U     | iopv & uopcoae = | == OPMUL & uopsize == VSIZE32) | ##1(src1 == | 32'h0000FFFF   | & src2 ==          | = 32,µ00010001)   | -> ##2(result =                | == 32'hFFFFFFFF)));  |
| Vacio  | cmp: assert pro  | - OPCMP & uppcize DETZERR)     | ##1/crc1    | 22160000000    | S crc2             | - 22 hereeree)    | 1 > ##/(rocult -               | 22'bEEEEEE())).      |
| (0     | ioha a nohrone - | == OPCMP & uopsize DSIZESZ/    | ##1(SICI    | 32 1100000000  | a sicz             | - 32 ((FFFFFFFF)) | -> ##2(iesuit -                | 32 INFEFERENCE, ///; |
|        |                  |                                |             |                |                    |                   |                                |                      |
| 0      | D                | valid adder                    |             |                |                    |                   | sva.                           | CIL                  |
| 0      | 3                | Valia_adder                    |             |                |                    |                   | SVG                            | CIK                  |
| O      | P                | valid_cmp                      |             |                |                    |                   | sva                            | Clk                  |
| 0      | P                | valid mul                      |             |                |                    |                   | sva                            | Clk                  |
| -      |                  | i dina_indi                    |             |                |                    |                   | 514                            | oll                  |
| 0      | <b>P</b>         | valid_sub                      |             |                |                    |                   | sva                            | CIK                  |
|        |                  |                                |             |                |                    |                   |                                |                      |
| 1      |                  |                                |             |                |                    |                   |                                |                      |

#### **Test E: Reference Model**

Next we would like to create a reference model, calculating the expected result for each operation without including any of the complexities of a real design such as pipelining, scan, or debug logic.

```
The reference model for arithmetic looks like this:
```

```
module arithmetic reference (Clk, uopv, uopcode, uopsize, src1, src2, arithresultv ref, arithresult ref, rst);
input node Clk;
input node rst;
input node uopv;
input node [3:0] uopcode;
input node [2:0] uopsize;
input node [31:0] src1;
input node [31:0] src2;
output node arithresultv ref;
output node [31:0] arithresult_ref;
node opadd, opsub, opmul, opcmp;
node uopv1, isuop1;
node [3:0] uopcode1;
node [2:0] uopsizel;
node [31:0] result1, result2, resultv1, resultv2;
node isuop;
always comb isuop = ( uopcode == OPADD | uopcode == OPSUB | uopcode == OPMUL | uopcode == OPCMP);
MSFF( uopcode1, uopcode, Clk, rst)
MSFF( uopsize1, uopsize, Clk, rst)
MSFF( resultv1, uopv & isuop, Clk, rst)
always comb begin
  opadd = ( uopcode1 == OPADD );
   opsub = ( uopcode1 == OPSUB );
  opmul = ( uopcode1 == OPMUL );
  opcmp = ( uopcode1 == OPCMP );
end
always comb begin
   unique casex ( 1'b1 )
      opadd : result1 = (src1 + src2);
      opsub : result1 = (src1 - src2);
      opmul : result1 = (src1 * src2);
      opcmp : result1 = (src1 > src2 ) ? src1:src2;
  endcase
end
MSFF( result2, result1, Clk, rst)
MSFF( resultv2, resultv1, Clk, rst)
MSFF( arithresult ref, result2, Clk, rst)
MSFF( arithresultv_ref, resultv2, Clk, rst)
endmodule
```

Once the above module is instantiated to the top-level ALU module, we can add the following assertion to check that the result is the read RTL matches our reference model. We first assume that clock gating is disabled, and the maximum data value is 8 bits.

```
assume_dsize8: assume property (@(posedge Clk) (uopsize == DSIZE08));
assume_src1_size8: assume property (@(posedge Clk) (src1 < 256));
assume_src2_size8: assume property (@(posedge Clk) (src2 < 256));
Legal_arithmetic_opcode: assume property (@(posedge Clk) (valid_arithmetic_op (uopcode) ));
genvar l;
generate for (l= OPADD; l<= OPCMP; l++) begin: eq1
    assert_equi_check1: assert property ((uopv & uopcode == l)|-> ##3(arithresult_ref == result));
    assert_equi_check2: assert property ((uopv & uopcode == l)|-> ##3(arithresult_ref == resultv));
end
endgenerate
```

The two assertions prove that the two units should generate the same outputs, give complete coverage of the data space of all arithmetic operations.

| 🔨 📃        | assume_dsize8              | sva | Clk |
|------------|----------------------------|-----|-----|
| 🔨 📖        | assume_src1_size8          | sva | Clk |
| 🔨 🛄        | assume_src2_size8          | sva | Clk |
| ©          | eq1[8].assert_equi_check1  | sva | Clk |
| ©          | eq1[8].assert_equi_check2  | sva | Clk |
| ©          | eq1[9].assert_equi_check1  | sva | Clk |
| ©          | eq1[9].assert_equi_check2  | sva | Clk |
| ©          | eq1[10].assert_equi_check1 | sva | Clk |
| ©          | eq1[10].assert_equi_check2 | sva | Clk |
| • <b>P</b> | eq1[11].assert_equi_check1 | sva | Clk |
| O P        | eq1[11].assert_equi_check2 | sva | Clk |
| 🔨 🛄        | Legal_arithmetic_opcode    | sva | Clk |

As the time permits, we tried DSIZE with 16 bits, however, we ran into inconclusive issue with the timeout of 30 mins. We received proofs for ADD, SUB and CMP, but the assertion for multiplication obtained an inconclusive result as the time runs out.

```
assume_dsize16: assume property (@(posedge Clk) (uopsize == DSIZE16));
assume_src1_size16: assume property (@(posedge Clk) (src1 < 65536));
assume_src2_size16: assume property (@(posedge Clk) (src2 < 65536));
Legal_arithmetic_opcode: assume property (@(posedge Clk) (valid_arithmetic_op (uopcode) ));
genvar l;
generate for (l= OPADD; l<= OPCMP; l++) begin: eq1
    assert_equi_check1: assert property ((uopv & uopcode == l)|-> ##3(arithresult_ref == result));
    assert_equi_check2: assert property ((uopv & uopcode == l)|-> ##3(arithresult_ref == resultv));
end
endgenerate
```

| •          | assume_dsize16             | sva | Clk   |  |
|------------|----------------------------|-----|-------|--|
| 🔨 🥅 👘      | assume_src1_size16         | sva | Clk   |  |
| 🔨 📖 I      | assume_src2_size16         | sva | Clk   |  |
| ©          | eq1[8].assert_equi_check1  | sva | Clk   |  |
| ©          | eq1[8].assert_equi_check2  | sva | Clk   |  |
| ©          | eq1[9].assert_equi_check1  | sva | Clk   |  |
| © <u>P</u> | eq1[9].assert_equi_check2  | sva | Clk   |  |
| ⊙ <u> </u> | eq1[10].assert_equi_check1 | sva | 3 Clk |  |
| © <b>P</b> | eq1[10].assert_equi_check2 | sva | Clk   |  |
| • <u>P</u> | eq1[11].assert_equi_check1 | sva | Clk   |  |
| ©          | eq1[11].assert_equi_check2 | sva | Clk   |  |
| <          | Legal_arithmetic_opcode    | sva | Clk   |  |

Furthermore, this reference model only covers a subset data sizes and arithmetic operations due to the state complexity. If time permits, we can relax the constraint(DSIZE and clock gating) to further expand the scope of our verification.

| Goals              | Verify the correct behavior of the logical unit, in the absence of unusual activity, such as DFT scan.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Properties         | <ul> <li>Create cover points that replicate each waveform in the spec that illustrates logical unit behavior.</li> <li>Assume all operations are logical operation, blackboxing the arithmetic unit, add an assumption that the arithmetic subunit valid signal <i>arithresultv</i> is always 0.</li> <li>a. Cover each logical operation(AND, OR, XOR), alone and back-to-back with another arbitrary operation. Assume only logical operations.</li> <li>b. Cover cases of each operation above with specific data that exercise all bits. Assume dft scan is disabled. For example:</li> <li>c. Assert that when a valid operation arrives, a valid output appears in three clock cycles, with DFT disabled and enabled.</li> <li>DFT disabled: <ul> <li>i. opcode: AND, src1=32'hFFFFFFF, src2=32'h00000000.</li> <li>iii. opcode: XOR, src1=32'hFFFFFFF, src2=32'h00000000.</li> <li>DFT enabled:</li> <li>iv. opcode: AND, dftdata=32'hFFFFFFF, src2=32'h00000000.</li> <li>v. opcode: COR, dftdata=32'hFFFFFFFF, src2=32'h00000000.</li> </ul> </li> <li>dftdata=32'hFFFFFFFF, src2=32'h00000000.</li> <li>dftdata=32'hFFFFFFFF, src2=32'h00000000.</li> <li>dftdata=32'hFFFFFFFF, src2=32'h00000000.</li> <li>e. Create a reference model, and check that the result in the real RTL matches our reference model.</li> </ul> |
| Complexity Staging | Initial stages: Blackbox logical subunit, set DSIZE to 8. Disable DFT and<br>clock gating.<br>Stages for improving verification quality if time permits:<br>a. Allow all DSIZE values<br>b. Allow DFT functionality                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
| Exit Criteria      | We exercise all possible corner cases for different operation codes to prove<br>our logical block's results are valid and working correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |

#### **FPV Plan for Logical Block**

The syntax to blackbox the arithmetic unit, and constraint the logic subunit result valid *arithresultv* is shown below:

```
# Ignored, blackbox
netlist blackbox arithmetic_subunit
netlist constant arithresultv 1'b0
```

Similar to the previous plan, we would to start with defining cover properties for typical activities and interesting combinations of basic logical behaviors in test A, B and C. Then we define assertions to proof targets(arithmetic operation) according by the specification in test C and D. Lastly, we created a shadow reference model that calculate the core results of the logic, and then compare the result generated by the two units.

#### **Test A: Coverages for all Logical Operations**

Cover each logical operation(AND, OR, XOR), alone and back-to-back with another arbitrary operation. Assume only logical operations.

```
genvar k;
generate for (k= OPAND; k<= OPXOR; k++) begin: g1
arithmetic_alone: cover property (@(posedge Clk)(uopv & uopcode == k) ##3 resultv);
arithmetic_back2back: cover property (@(posedge Clk)(uopv & uopcode == k) ##1 (uopv)##2 resultv ##1 resultv);
end
endgenerate
```

The result shows that all opcodes can potentially be used in our environment. We have examined the waveform to confirm the fact.

| *                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | Name                    | Туре | Radius | Clocks | Time |
|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|------|--------|--------|------|
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | g1[0].logical_alone     | sva  | 4      | Clk    | 50ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | g1[0].logical_back2back | sva  | 5      | Clk    | 60ns |
| The second seco | g1[1].logical_alone     | sva  | 4      | Clk    | 50ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | g1[1].logical_back2back | sva  | 5      | Clk    | 60ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | g1[2].logical_alone     | sva  | 4      | Clk    | 50ns |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | g1[2].logical back2back | sva  | 5      | Clk    | 60ns |

#### Test B: Coverages with Specific Data

Cover cases of each operation above with specific data that exercise all bits. Assume dft scan is disabled.

```
valid and: cover property (@(posedge Clk)(
    (uopv & uopcode == OPAND & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 ==32'hFFFFFFFF) ##2(resultv)));
valid or: cover property (@(posedge Clk)(
    (uopv & uopcode == OPOR & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 ==32'h00000000) ##2(resultv)));
valid xor: cover property (@(posedge Clk)(
    (uopv & uopcode == OPXOR & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 ==32'h00000000) ##2(resultv)));
valid back2back and: cover property (@(posedge Clk)(
    ((uopv & uopcode == OPAND & uopsize == DSIZE32)
    ##1 (uopv & uopcode == OPAND & uopv & src1 == 32'hFFFFFFF & src2 ==32'hFFFFFFF)
    ##1 (uopv & src1 == 32'hFFFFFFF & src2 ==32'hFFFFFFF) ##1 resultv ##1 resultv));
valid back2back or: cover property (@(posedge Clk)(
    ((uopv & uopcode == OPOR & uopsize == DSIZE32)
    ##1 (uopv & uopcode == 0POR & uopv & src1 == 32'hFFFFFFFF & src2 ==32'h00000000)
##1 (uopv & src1 == 32'hFFFFFFF & src2 ==32'h00000000) ##1 resultv ##1 resultv));
valid_back2back_xor: cover property (@(posedge Clk)(
    ((uopv & uopcode == OPXOR & uopsize == DSIZE32)
    ##1 (uopv & uopcode == OPXOR & uopv & src1 == 32'hFFFFFFFF & src2 ==32'h00000000)
    ##1 (uopv & src1 == 32'hFFFFFFF & src2 ==32'h00000000) ##1 resultv ##1 resultv)));
```

The result shows that both scenarios with our specific data alone and back-to-back with another operations give cover points.

|     | valid_and           | sva | 4 | Clk | 50ns |
|-----|---------------------|-----|---|-----|------|
|     | valid_back2back_and | sva | 5 | Clk | 60ns |
| P   | valid_back2back_or  | sva | 5 | Clk | 60ns |
|     | valid_back2back_xor | sva | 5 | Clk | 60ns |
| 8   | valid_or            | sva | 4 | Clk | 50ns |
| 8 0 | valid xor           | sva | 4 | Clk | 50ns |

#### **Test C: Operations with Valid Latency**

Assert that when a valid operation arrives, a valid output appears in three clock cycles.

genvar p; generate for (p= OPAND; p<= OPXOR; p++) begin: logical3 logical\_assert\_3\_cycles: assert property(@(posedge Clk)((uopv & uopcode==p) |-> ##3 resultv)); end endgenerate

Result showing that all logical operations will generate a result with a latency of 3 cycles.

| 0       | <u>P</u> _ | logical3[0].logical_assert_3_cycles | sva | Clk |  |
|---------|------------|-------------------------------------|-----|-----|--|
| 0       |            | logical3[1].logical_assert_3_cycles | sva | Clk |  |
| $\odot$ | <u> </u>   | logical3[2].logical_assert_3_cycles | sva | Clk |  |

#### **Test D: Operations with Expected Result**

Then we verify that each logical operation generates the expected results, given specific data with DFT disabled and enabled.

```
valid and dft disabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPAND & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 == 32'hFFFFFFF & dftslovrd == 1'b0) |-> ##2(result == 32'hFFFFFFFF)
)):
valid or dft disabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPOR & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 == 32'h00000000 & dftslovrd == 1'b0) |-> ##2(result == 32'hFFFFFFFF)
));
valid xor dft disabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPXOR & uopsize == DSIZE32)
    ##1(src1 == 32'hFFFFFFF & src2 == 32'h00000000 & dfts1ovrd == 1'b0) |-> ##2(result == 32'hFFFFFFFF)
));
valid_and_dft_enabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPAND & uopsize == DSIZE32)
    ##1(dftdata == 32'hFFFFFFF & src2 == 32'hFFFFFFF & dftslovrd == 1'b1) |-> ##2(result == 32'hFFFFFFFF)
));
valid or dft enabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPOR & uopsize == DSIZE32)
    ##1(dftdata == 32'hFFFFFFF & src2 == 32'h00000000 & dftslovrd == 1'b1) |-> ##2(result == 32'hFFFFFFFF)
));
valid xor dft enabled: assert property (@(posedge Clk)(
    (uopv & uopcode == OPXOR & uopsize == DSIZE32)
    ##1(dftdata == 32'hFFFFFFF & src2 == 32'h00000000 & dftslovrd == 1'b1) |-> ##2(result == 32'hFFFFFFFF)
));
```

The result shows that in either mode, we see expected result in three cycles.

| 0          | valid_and_dft_disabled | sva | Clk |
|------------|------------------------|-----|-----|
| 0 <b>P</b> | valid_and_dft_enabled  | sva | Clk |
| © <b></b>  | valid_or_dft_disabled  | sva | Clk |
| 0          | valid_or_dft_enabled   | sva | Clk |
| 0          | valid_xor_dft_disabled | sva | Clk |
| 0          | valid xor dft enabled  | sva | Clk |

#### **Test E: Reference Model**

Similar to what we did to the arithmetic unit, we would like to create a reference model for the logical unit, calculating the expected result for each operation without including any of the complexities of a real design such as pipelining.

```
The reference model for logical unit looks like this:
```

```
nodule logical reference (Clk, rst, uopv, uopcode, uopsize, src1, src2, logresulty_ref, logresult_ref, dfts1ovrd, dftdata);
    input node Clk;
    input node rst;
    input node uopv;
    input node [3:0] uopcode;
    input node [2:0] uopsize;
   input node [31:0] src1;
   input node [31:0] src2;
   input node dftslovrd;
   input node [31:0] dftdata;
   output node logresulty ref:
   output node [31:0] logresult ref;
   node opand, opor, opxor;
   node uopv1. isuop1:
   node [3:0] uopcode1;
   node [2:0] uopsizel;
   node [31:0] src1_d, result1, result2, resultv1, resultv2;
   node isuop:
   always_comb begin src1_d = dfts1ovrd ? dftdata : src1; end
   always_comb begin isuop = ( uopcode == OPAND | uopcode == OPOR | uopcode == OPXOR); end
    MSFF( uopcode1, uopcode, Clk, rst)
    `MSFF( uopsize1, uopsize, Clk, rst)
    MSFF( resultv1, uopv & isuop, Clk, rst)
   always comb begin
       opand = ( uopcode1 == OPAND );
       opor = ( uopcode1 == OPOR );
       opxor = ( uopcode1 == OPXOR );
   end
   always comb begin
      unique casex ( 1'b1 )
          opand: result1 = (src1 d & src2);
          opor: result1 = (src1 d | src2);
         opxor: result1 = (src1 d ^ src2);
       endcase
   end
    MSFF( result2, result1, Clk, rst)
    MSFF( resultv2, resultv1, Clk, rst)
MSFF( logresult_ref, result2, Clk, rst)
    MSFF( logresultv ref, resultv2, Clk, rst)
endmodule
```

Once the above module is instantiated to the top-level ALU module, we can add the following assertion to check that the result is the read RTL matches our reference model. We first assume that DFT scan is disabled, and the maximum data value is 8 bits.

We obtained proofs for all assertions under the constraints above. Then we changed the uopsize to DSIZE16 and DSIZE32, along with relaxed src1, src2 and dftdata values. All cases give complete proofs. DSIZE = 8

```
assume_src1_size08: assume property (@(posedge Clk) (src1 < 256));
assume src2 size08: assume property (@(posedge Clk) (src2 < 256));
assume dftdata size08: assume property (@(posedge Clk) (dftdata < 256));
assume dsize08: assume property (@(posedge Clk) (uopsize == DSIZE08));
genvar l;
generate for (l= OPAND: l<= OPXOR: l++) begin: eq1</pre>
    assert equi check result: assert property ((uopv & uopcode == l)|-> ##3(logresult ref == result));
    assert equi check resultv: assert property ((uopv & uopcode == l)|-> ##3(logresultv ref == resultv));
end
endgenerate
```

#### DSIZE = 8

| ×          | assume_dftdata_size8             | sva | Clk | 1 |
|------------|----------------------------------|-----|-----|---|
| 🔨 📖        | assume_dsize8                    | sva | Clk | 1 |
| 🔦 📖        | assume_src1_size8                | sva | Clk | 1 |
| 🔦 📖        | assume_src2_size8                | sva | Clk | 1 |
| © <b>P</b> | eq1[0].assert_equi_check_result  | sva | Clk | 4 |
| ©          | eq1[0].assert_equi_check_resultv | sva | Clk | 4 |
| ©          | eq1[1].assert_equi_check_result  | sva | Clk | 4 |
| • <u>P</u> | eq1[1].assert_equi_check_resultv | sva | Clk | 4 |
| ©          | eq1[2].assert_equi_check_result  | sva | Clk | 4 |
| © <b>P</b> | eq1[2].assert_equi_check_resultv | sva | Clk | 4 |
| 🔦 . 📖      | Legal_arithmetic_opcode          | sva | Clk | 1 |

#### DSIZE = 16

```
assume src1 size16: assume property (@(posedge Clk) (src1 < 65536));
assume_src2_size16: assume property (@(posedge Clk) (src2 < 65536));
assume dftdata size16: assume property (@(posedge Clk) (dftdata < 65536));
assume dsize016: assume property (@(posedge Clk) (uopsize == DSIZE16));
genvar1:
generate for (l= OPAND; l<= OPXOR; l++) begin: eq1
    assert equi check result: assert property ((uopv & uopcode == l)|-> ##3(logresult ref == result));
    assert equi check resulty: assert property ((uopv & uopcode == 1)|-> ##3(logresulty ref == resulty));
end
endgenerate
                    assume_dftdata_size16
                                                                                 Clk
                                                                                                            1
 4
      sva
                    assume dsize16
                                                                                 Clk
 4
      sva
                                                                                                            1
 4
    E.
                    assume src1 size16
                                                                   sva
                                                                                 Clk
                                                                                                            1
                    assume_src2_size16
                                                                                 Clk
                                                                                                            1
                                                                   sva
                    egil01 assert egui check result
                                                                   sva
                                                                                 Clk
                                                                                                            Δ
```

| ~ |          | cdifoliasserc_cdal_encer_resure  | 544 | CIK | - |
|---|----------|----------------------------------|-----|-----|---|
| 0 | <u> </u> | eq1[0].assert_equi_check_resultv | sva | Clk | 4 |
| 0 | <u></u>  | eq1[1].assert_equi_check_result  | sva | Clk | 4 |
| 0 | <u> </u> | eq1[1].assert_equi_check_resultv | sva | Clk | 4 |
| 0 | <u>p</u> | eq1[2].assert_equi_check_result  | sva | Clk | 4 |
| 0 | <u> </u> | eq1[2].assert_equi_check_resultv | sva | Clk | 4 |
| * |          | Legal_arithmetic_opcode          | sva | Clk | 1 |
|   |          |                                  |     |     |   |

#### DSIZE = 32

P

0 P

0 P

assume\_dsize32: assume property (@(posedge Clk) (uopsize == DSIZE32)); genvar l; generate for (l= OPAND; l<= OPXOR; l++) begin: eq1</pre> assert equi check result: assert property ((uopv & uopcode == l)|-> ##3(logresult ref == result)); assert equi check resulty: assert property ((uopv & uopcode == l)|-> ##3(logresulty ref == resulty)); end endgenerate assume\_dsize32 Clk 1 4 sva 0 P eq1[0].assert\_equi\_check\_result sva Clk 4 0 P eq1[0].assert\_equi\_check\_resultv Clk 4 sva 0 \_\_P\_\_ eq1[1].assert\_equi\_check\_result Clk 4 sva eq1[1].assert\_equi\_check\_resultv 0 Clk

eq1[2].assert equi check result

eq1[2].assert\_equi\_check\_resultv

sva

sva

sva

Clk

Clk

4

4

4

| FPV Plan for Overall ALU | Block |
|--------------------------|-------|
|--------------------------|-------|

| Goals              | Verify the correct behavior of the overall ALU with different operation mode, including all DSIZEs, clock-gating and scan/debug feature.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|--------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Properties         | <ul> <li>Create assertions that set various kinds of inputs environment mode to illustrates overall ALU unit behavior by monitoring result valid bit.</li> <li>a. Assume clock gating is defeatured. <ol> <li>Assert that when a valid operation arrives, each operation will generate valid output bit in three clock cycles.</li> <li>Assert that when a valid operation is not arrived, the valid output will not arrive in three cycles.</li> <li>Assert that when opcodes are not valid (neither arithmetical nor logical operations), the valid output will not arrive in three clock cycles.</li> <li>Assert that each operation generates the expected results, given specific data, with DFT disabled.</li> </ol> </li> <li>b. Assume clock gating is relaxed. <ol> <li>Cover cases of when valid arithmetic operation arrives, the valid output does not arrive in three cycles.</li> <li>Assert that when a valid logical operation arrives, the valid output arrives in three cycles.</li> <li>Cover cases of when valid arithmetic operation arrives, the valid output arrives in three cycles.</li> <li>Assert that when a valid logical operation arrives, the valid arithmetic operation arrives, the valid output arrives in three cycles.</li> </ol> </li> </ul> |
| Complexity Staging | Since we have already verified each individual blocks, we would like to test<br>the entire block with much relaxed constraints.<br>Initial stages: set DSIZE to 8. Defeature clock gating and DFT scan.<br>Stages for improving verification quality if time permits:<br>1. Allow DFT functionality<br>2. Allow all DSIZE values                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
| Exit Criteria      | We exercise all possible corner cases for different operation codes to prove<br>our entire ALU block's results are valid and working correctly.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |

Lastly, we remove the blackboxes, and test the entire ALU unit by relaxing some of the initial compromises we made earlier. Below is the actual assumptions and assertions wrote in systemverilog.

### Test A: Clock Gating & DFT Scan Disabled

We first tested the mode when clock gating is disabled, and DFT is also shut off.



The result below shows that all assertions are proved with no counterexample.

| × 💷        | clock_gating_disable      | sva | Clk |
|------------|---------------------------|-----|-----|
| 0 <b>P</b> | no_upov_condition         | sva | Clk |
| 0          | no_valid_opcode_condition | sva | Clk |
| 0          | non_upov_condition        | sva | Clk |
| 0          | valid adder               | sva | Clk |
| ©          | valid_and_dft_disabled    | sva | Clk |
| 0          | valid_cmp                 | sva | Clk |
| 0          | valid_mul                 | sva | Clk |
| 0          | valid or dft disabled     | sva | Clk |
| ©          | valid_sub                 | sva | Clk |
| 0          | valid_xor_dft_disabled    | sva | Clk |
|            |                           |     |     |

#### **Test B: Operations with Defeature Clock Relaxed**

Assume clock gating is relaxed. Cover cases of when valid arithmetic operation arrives, the valid output does not arrive in three cycles. Also add assertions that when a valid logical operation arrives, the valid output arrives in three cycles.

| assume_valid_operation: assume property (@(posedge Clk) | <pre>(valid_arithmetic_op(uopcode)    valid_logical_op(uopcode) ));</pre> |
|---------------------------------------------------------|---------------------------------------------------------------------------|
| arithmetic resultv: cover property (@(posedge Clk)(uopv | & valid arithmetic op(uopcode)  -> ##3 !resultv));                        |
| logical resulty: assert property (@(posedge Clk)(uopv & | <pre>valid logical op(uopcode)  -&gt; ##3 resultv));</pre>                |

The result shows that the coverage property are covered and assertions are proved. Look into the coverage case, the no result happens when src2 is 0, and the clock gating signal is ON. The coverage point is expected.

| 0 | <b>P</b> | logical_resultv        | sva |   | Clk |
|---|----------|------------------------|-----|---|-----|
| - | 0        | arithmetic_resultv     | sva | 4 | Clk |
| * |          | assume_valid_operation | sva |   | Clk |

|                   | Msgs      |                    |          |          |      |  |
|-------------------|-----------|--------------------|----------|----------|------|--|
| 🔶 Primary Clocks  |           | ( Primary Clocks   | )        |          |      |  |
| /alu0/Clk         | -No Data- |                    |          |          |      |  |
| Property Signals  |           | ( Property Signal  | s )      |          |      |  |
| - 🍫 /alu0/Clk     | -No Data- |                    |          |          |      |  |
| /alu0/resultv     | -No Data- |                    |          |          |      |  |
| 🛓 🍫 /alu0/uopcode | -No Data- | 5'b00000           | 5'b01000 | 5'b00000 |      |  |
| alu0/uopv 🏈       | -No Data- |                    |          |          |      |  |
| Control Point Si  |           | ( Control Point Si | gnals )  |          |      |  |
| 🗉 🤣 /alu0/src2    | -No Data- | 32'd0              |          |          |      |  |
| /alu0/defeat      | -No Data- | <del></del>        |          |          | <br> |  |
| /alu0/uopv        | -No Data- |                    |          |          |      |  |
|                   | -No Data- | 5'b00000           | 5'b01000 | 5'b00000 |      |  |
|                   |           |                    |          |          |      |  |
|                   |           |                    |          |          |      |  |

#### **Test C: Reference Model**

Lastly, we combined two reference models in previous two tasks, and generated a shadow model for the entire ALU block. This model includes all 7 operations and DFT scan, however, the clock gating feature is skipped as the specification for this feature remains unclear.

We started with data size of 8 bits, with several assumptions such as assuming valid logical or arithmetic operations, operands smaller than 8 bits value, and disabled clock gating. we added the following assertion to check that the result is the read RTL matches our reference model.

```
assume_dsize8: assume property (@(posedge Clk) (uopsize == DSIZE08));
assume_src1_size8: assume property (@(posedge Clk) (src1 < 256));
assume_src2_size8: assume property (@(posedge Clk) (src2 < 256));
clock_gating_defeatured: assume property (@(posedge Clk) (defeature_addck));
assume_valid_operation: assume property (@(posedge Clk) (valid_arithmetic_op(uopcode) || valid_logical_op(uopcode) ));
genvar l;
genvar l;
generate for (l= OPADD; l<= OPCMP; l++) begin: eq1
    assert_equi_check1: assert property ((uopv & uopcode == l)|-> ##3(result_ref == result));
    assert_equi_check2: assert property ((uopv & uopcode == l)|-> ##3(resultv_ref == resultv));
end
endgenerate
```

The two assertions prove that the two ALU units will generate the same outputs, give complete coverage of the data space of all arithmetic and logical operations with DSIZE08 and defeatured clock gating.

| ©                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | eq1[10].assert_equi_check1 | sva | Clk |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|-----|-----|
| • <u>P</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[10].assert_equi_check2 | sva | Clk |
| • <u>P</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[11].assert_equi_check1 | sva | Clk |
| • <u>P</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[11].assert_equi_check2 | sva | Clk |
| • <u>P</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[8].assert_equi_check1  | sva | Clk |
| • <u>p</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[8].assert_equi_check2  | sva | Clk |
| ©                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | eq1[9].assert_equi_check1  | sva | Clk |
| • <u>P</u>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          | eq1[9].assert_equi_check2  | sva | Clk |
| 💉 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | assume_dsize8              | sva | Clk |
| <ul> <li>Image: A set of the set of the</li></ul> | assume_src1_size8          | sva | Clk |
| 💉 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | assume_src2_size8          | sva | Clk |
| 💉 📖                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 | assume_valid_operation     | sva | Clk |
| ×                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | clock_gating_defeatured    | sva | Clk |

DSIZE = 16:

| ⊙ <u>I</u> | eq1[10].assert_equi_check1 | sva | 3 | Clk |
|------------|----------------------------|-----|---|-----|
| © <b>P</b> | eq1[10].assert_equi_check2 | sva |   | Clk |
| ©          | eq1[11].assert_equi_check1 | sva |   | Clk |
| © <b>P</b> | eq1[11].assert_equi_check2 | sva |   | Clk |
| © <b></b>  | eq1[8].assert_equi_check1  | sva |   | Clk |
| ©          | eq1[8].assert_equi_check2  | sva |   | Clk |
| © <b></b>  | eq1[9].assert_equi_check1  | sva |   | Clk |
| © <b>P</b> | eq1[9].assert_equi_check2  | sva |   | Clk |
| 🔨 📖        | assume_dsize16             | sva |   | Clk |
| 🔨 📖        | assume_src1_size16         | sva |   | Clk |
| ×          | assume_src2_size16         | sva |   | Clk |
| × 📖        | assume_valid_operation     | sva |   | Clk |
| 🔨 📖        | clock_gating_defeatured    | sva |   | Clk |

To further improving our PFV coverages, we tried DSIZE16 with a much longer runtime(3 hours). However, we still run into inconclusive issue for the multiplication due to enormous state space and design complexity. The good thing is that we are able to get proofs for all other operations(ADD, SUB, CMP, AND, OR and XOR) in DSIZE16 and DSIZE32.

### Part E: Comparing Two alu0 Instances

In this section, we create a high-level module named *alu\_cmp*, and instantiate two instances of *alu0* to the top module. Then we assert properties to check whether the outputs *result* and *resultv* are the same from both instances respectively.

The high-level module is looking like this:

```
module alu cmp(Clk, uopv, uopcode, uopsize, src1, src2, defeature addck, dftslovrd, dftdata, rst);
input node Clk, uopv;
input node [4:0] uopcode;
input node [1:0] uopsize;
input node [31:0] src1;
input node [31:0] src2;
input node dftslovrd;
input node defeature addck;
input node [31:0] dftdata;
input node rst;
node
            resultv 1;
node [31:0] result 1;
node
            resultv 2;
node [31:0] result 2;
alu0 alu0 1(
                     .Clk ( Clk ), .uopv ( uopv ), .uopcode ( uopcode ),
                     .uopsize ( uopsize ), .src1 ( src1 ), .src2 ( src2 ),
                     .resultv(resultv 1), .result(result 1), .defeature addck(defeature addck),
                     .dftslovrd(dftslovrd), .dftdata(dftdata), .rst(rst)
            );
alu0 alu0 2(
                     .Clk ( Clk ), .uopv ( uopv ), .uopcode ( uopcode ),
                     .uopsize ( uopsize ), .src1 ( src1 ), .src2 ( src2 ),
                     .resultv(resultv_2), .result(result_2), .defeature_addck(defeature_addck),
                     .dftslovrd(dftslovrd), .dftdata(dftdata), .rst(rst)
            );
       default clocking c0 @(posedge Clk); endclocking
       genvar l;
        generate for (l= OPADD; l<= OPCMP; l++) begin: eq1
            assert equi check1: assert property ((uopv & uopcode == l)|-> ##3(result 1 == result 2));
            assert_equi_check2: assert property ((uopv & uopcode == l)|-> ##3(resultv_1 == resultv_2));
        end
        endgenerate
endmodule // alu comp
```

We obtained four firings as the *result1* and *result2* different from each other, Bringing up the waveform, The counterexample shows that both defeature bit and source2 are 0, and an arithmetic operation asserted at the second cycle. Since the clock is gated, neither logical nor arithmetic unit would be selected. We obtain floating results, thus the two results could be different.

| ed at a state of the state of t | 1 5Vd | 4 | Clk |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------|---|-----|
| eq1[11].assert_equi_check                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 1 sva | 4 | Clk |
| eq1[8].assert_equi_check1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | sva   | 4 | Clk |
| eq1[9].assert_equi_check1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | sva   | 4 | Clk |
| eq1[10].assert_equi_check                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 2 sva |   | Clk |
| eq1[11].assert_equi_check                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 2 sva |   | Clk |
| eq1[8].assert_equi_check2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | sva   |   | Clk |
| eq1[9].assert_equi_check2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | sva   |   | Clk |

This is due to a design issue with the MUX\_2\_1. The MUX output a floating output when *sa* and *sb* are both set to 0. We generally don't want this to happen. Therefore, to fix the problem, we add a default case that set out to 0.

Before:

| // A 2-to-1 mux               |   |
|-------------------------------|---|
| `define MUX2 1(out,sa,a,sb,b) | 1 |
| unique casex ( 1'b1 )         | 1 |
| sa : out = a;                 | 1 |
| sb : out = b;                 | 1 |
| endcase // casex( 1'b1 )      |   |

After:

```
// A 2-to-1 mux
`define MUX2_1(out,sa,a,sb,b)
    unique casex ( 1'b1 )
        sa : out = a;
        sb : out = b;
        default : out = 0;
        endcase // casex( 1'b1 )
```

With the modified MUX2, we rerun the assertion, we obtain another failure. Bringing up the waveform, and tracing back from both instances, we see that after *addopov03* set high, *addopov04 and resultv* are set to high for two cycles as the clock signal is being gated.

Ι

١

١

١

| O NEN | eq1[10].assert_equi_check1 | sva | 6 | Clk |
|-------|----------------------------|-----|---|-----|
| O ZEZ | eq1[11].assert_equi_check1 | sva | 6 | Clk |
| O ZEZ | eq1[8].assert_equi_check1  | sva | 6 | Clk |
| O ZEZ | eq1[9].assert_equi_check1  | sva | 6 | Clk |
| 0     | eq1[10].assert_equi_check2 | sva |   | Clk |
| 0     | eq1[11].assert_equi_check2 | sva |   | Clk |
| 0     | eq1[8].assert_equi_check2  | sva |   | Clk |
| 0     | eg1[9].assert egui check2  | sva |   | Clk |

| 🗕 🔶 Primary Clocks                                  |           | ( Primary Cloo | :ks)        |      |        |      |           |        |        |          |
|-----------------------------------------------------|-----------|----------------|-------------|------|--------|------|-----------|--------|--------|----------|
| /alu_cmp/Clk                                        | 1'b0      |                |             |      |        | 1    |           |        |        |          |
| 🔸 Property Signals                                  |           | ( Property Sig | na s )      |      |        |      |           |        |        |          |
|                                                     | 1'b0      |                |             |      |        |      |           |        |        |          |
| 🖬 🔩 /alu_cmp/alu0_1/result                          | 32'd0     | 32'd0          |             |      |        |      |           |        |        | 32'd6553 |
| 🖬 🔩 /alu_cmp/alu0_2/result                          | 32'd0     | 32'd0          |             |      |        |      |           |        |        | 32'd6553 |
| 🖬 👍 /alu_cmp/uopcode                                | 5'b01010  | 5'b00000       | 5'b010      | 00   | 5'b000 | 00   | 5'b01010  | 5'b000 | 00     |          |
| 🦾 🛷 /alu_cmp/uopv                                   | 1'b1      |                |             |      |        |      |           |        |        |          |
| 🔶 Control Point Signals                             |           | ( Control Poin | t Signals ) |      |        |      |           |        |        |          |
| 🐓 /alu_cmp/uopv                                     | 1'b1      |                |             |      |        |      |           |        |        |          |
| 🖬 🐓 /alu_cmp/uopcode                                | 5'd10     | 5'd0           | 5'd8        |      | 5'd0   |      | 5'd10     | 5'd0   |        |          |
| 🖷 🛷 /alu_cmp/src2                                   | 32'd0     | 32'd0          |             | 32'd | 32'd0  | 32'd | 32'd0     |        | 32'd16 | 32'd0    |
|                                                     | 1'b0      |                |             |      |        |      |           |        |        |          |
| 🛓 🤣 /alu_cmp/uopsize                                | 2'h0      | 2'h0           |             |      | 2'h2   |      | 2'h0      |        |        |          |
| 💼 🥠 /alu_cmp/src1                                   | 32'd30729 | 32'd0          |             |      |        |      | 32'd30729 | 32'd0  |        |          |
| - Added Signals                                     |           |                |             |      |        |      |           |        |        |          |
| /alu_cmp/alu0_2/arithmetic_subunit/arithmetic_unit/ | 1'h0      |                |             |      |        |      |           |        |        | _        |
| /alu_cmp/alu0_2/arithmetic_subunit/arithmetic_unit/ | 1'h1      |                |             |      |        |      |           |        |        |          |
|                                                     |           |                |             |      |        |      |           |        |        |          |

In this case, the floating variable *cin* in the two instances are set to different values, which leads to different arithmetic results. Although it is not a valid arithmetic operation, a false *arithmetic\_resultv* is still passed to the alu0, and *arithmetic\_result* is selected as the output for the ALU unit.



| To fix the floating issue, | we add d | default ca | se for | cin same | asv | what we | did t | to the | MUX2, | then | we ob | otain |
|----------------------------|----------|------------|--------|----------|-----|---------|-------|--------|-------|------|-------|-------|
| proof for all assertions.  |          |            |        |          |     |         |       |        |       |      |       |       |

| ©          | eq1[10].assert_equi_check1 | sva |
|------------|----------------------------|-----|
| ©          | eq1[10].assert_equi_check2 | sva |
| • <u>P</u> | eq1[11].assert_equi_check1 | sva |
| • <u>p</u> | eq1[11].assert_equi_check2 | sva |
| • <u>p</u> | eq1[8].assert_equi_check1  | sva |
| ©          | eq1[8].assert_equi_check2  | sva |
| • <u>p</u> | eq1[9].assert_equi_check1  | sva |
| ©          | eq1[9].assert equi check2  | sva |

In general, when we compare two instances of a design, we can find design problems that caused by floating gates. Because the design can go to multiple states with the same inputs. These are usually unwanted situations.

### Part F: Inconclusive Result & Blackboxes

Inconclusive analysis happens when the formal analysis timed out before proving or disproving the assertion. As the complexity of the design increases, it takes much longer time for the checker to exhaustively reach a conclusive result. Blackboxing is one of the approaches to reduce design state space and complexity.

If we obtained a proof for the design with blackboxed modules, the proof is valid for the target unit. However, we should consider this as one proof apart from many other proofs in our comprehensive FPV plan. On the other hand, if we obtained a counterexample, it could either mean that we have a true bug in our design or we need to add more assumptions related to the blackbox to rectify some false positive situations.

When choosing the potential blackbox candidates, it is very important to think about the data flow through the design and what the effects of a blackbox might be. Since the outputs of a blackbox become free variables, we also need to carefully consider adding new assumptions, so that the blackbox does not appear to be producing faulty signals for the other modules.

#### Part G: Blackbox Vs. Abstractions

While abstraction techniques simplify the state space of the design by reducing the size of logic, blackboxes help to minimize the logic complexity by ignoring submodules that is irrelevant for formal verification. We have used both techniques in our formal verification project. The example of blackbox is blackboxing the logical unit while verifying arithmetic unit while verifying the ALU design. This technique requires making new assumptions such as setting *logresultv* to 0. An example of abstraction is

to reduce the size of counter from 32 bits to 8 bits in FIFO verification, which allow the tool to find the overflow issue at a much lower bound.

### **IV. CADENCE JASPER TOOL**

Our last task is to reproduce task 1 using another popular commercial tool, Cadence Jasper. The biggest difference in term of running the code is to use tcl file rather than Makefile. The tcl file looks like this:

```
# Copyright (C) 2014 Jasper Design Automation, Inc. All Rights
# Reserved. Unpublished -- rights reserved under the copyright
 laws of the United States.
#
# -----
                      .....
# Analyze design under verification files
set ROOT_PATH ../designs/reference_design/verilog_sva
set RTL PATH ${ROOT PATH}/source/design
set PROP_PATH ${ROOT_PATH}/source/properties
analyze -sv \
  ${RTL PATH}/fifo transport single.sv.orig.sv
analyze -sv \
 ${RTL PATH}/fifo.sv
# Analyze property files
#analyze -sv \
# ${PROP PATH}/bindings.sva \
# ${PROP PATH}/v fifo.sva
# Elaborate design and properties
elaborate -top fifo transport single
# Set up Clocks and Resets
clock clk
reset rst
# Get design information to check general complexity
get design info
# Prove properties
# 1st pass: Quick validation of properties with default engines
#set max trace length 10
#prove -all
# 2nd pass: Validation of remaining properties with different engine
set max trace length 50
set prove per property time limit 150m
set engine mode {K I N}
prove -all
# Report proof results
report
```

We wrote a bash script, named run.sh. To run the script, execute:

bash run.sh

The Jasper FPV tool pops up, we obtain a pass for our set of assertions in *fifo\_transport\_single*. Also, we will not reach 5, 6 and 7 entries in the FIFO as we expected

| [    | <embedded> ]</embedded>                                                          |             |     |          |         |
|------|----------------------------------------------------------------------------------|-------------|-----|----------|---------|
| [1]  | fifo transport single.fifo assume empty:precondition1                            | covered     | I   | 1        | 0.001 s |
| [2]  | fifo transport single fifo assume full:precondition1                             | covered     | к   | 5        | 0.002 s |
| [3]  | fifo transport single fifo inst fifo num entries 7                               | unreachable | N   | Infinite | 0.001 s |
| [4]  | fifo transport single.fifo inst.fifo num entries 6                               | unreachable | N   | Infinite | 0.001 s |
| [5]  | fifo transport single.fifo inst.fifo num entries 5                               | unreachable | N   | Infinite | 0.002 s |
| [6]  | fifo transport single fifo inst fifo num entries 4                               | covered     | к   | 1 - 5    | 0.002 s |
| [7]  | fifo transport single.fifo inst.fifo num entries 3                               | covered     | К   | 1 - 4    | 0.002 s |
| [8]  | fifo transport single.fifo inst.fifo num entries 2                               | covered     | к   | 1 - 3    | 0.002 s |
| [9]  | fifo transport single fifo inst fifo num entries 1                               | covered     | к   | 1 - 2    | 0.002 s |
| [10] | fifo transport single.fifo inst.full fifo condition                              | proven      | N   | Infinite | 0.000 s |
| [11] | fifo_transport_single.fifo_inst.full_fifo_condition:precondition1                | covered     | к   | 1 - 5    | 0.002 s |
| [12] | fifo_transport_single.fifo_inst.fifo_full_not_empty_condition                    | proven      | N   | Infinite | 0.001 s |
| [13] | fifo_transport_single.fifo_inst.fifo_full_not_empty_condition:precondition1      | covered     | к   | 1 - 5    | 0.002 s |
| [14] | fifo_transport_single.fifo_inst.fifo_go_full_condition                           | proven      | PRE | Infinite | 0.000 s |
| [15] | fifo_transport_single.fifo_inst.fifo_go_full_condition:precondition1             | covered     | к   | 1 - 4    | 0.002 s |
| [16] | fifo_transport_single.fifo_inst.fifo_full_no_write_condition                     | proven      | I   | Infinite | 0.000 s |
| [17] | fifo_transport_single.fifo_inst.fifo_full_no_write_condition:precondition1       | covered     | к   | 1 - 5    | 0.002 s |
| [18] | fifo_transport_single.fifo_inst.empty_fifo_condition                             | proven      | N   | Infinite | 0.001 s |
| [19] | fifo_transport_single.fifo_inst.empty_fifo_condition:precondition1               | covered     | I   | 1        | 0.001 s |
| [20] | fifo_transport_single.fifo_inst.fifo_empty_not_full_condition                    | proven      | N   | Infinite | 0.001 s |
| [21] | fifo_transport_single.fifo_inst.fifo_empty_not_full_condition:precondition1      | covered     | I   | 1        | 0.001 s |
| [22] | fifo_transport_single.fifo_inst.fifo_go_empty_condition                          | proven      | PRE | Infinite | 0.000 s |
| [23] | fifo_transport_single.fifo_inst.fifo_go_empty_condition:precondition1            | covered     | N   | 2        | 0.000 s |
| [24] | fifo_transport_single.fifo_inst.fifo_empty_no_read_condition                     | proven      | N   | Infinite | 0.000 s |
| [25] | fifo_transport_single.fifo_inst.fifo_empty_no_read_condition:precondition1       | covered     | I   | 1        | 0.001 s |
| [26] | fifo_transport_single.fifo_inst.fifo_no_empty_no_full_condition                  | proven      | N   | Infinite | 0.000 s |
| [27] | fifo_transport_single.fifo_inst.fifo_no_empty_no_full_condition:precondition1    | covered     | к   | 1 - 2    | 0.002 s |
| [28] | fifo_transport_single.fifo_inst.fifo_no_write_ptr_change_condition               | proven      | PRE | Infinite | 0.000 s |
| [29] | fifo_transport_single.fifo_inst.fifo_no_write_ptr_change_condition:precondition1 | covered     | к   | 1 - 5    | 0.002 s |
| [30] | fifo_transport_single.fifo_inst.fifo_no_read_ptr_change_condition                | proven      | PRE | Infinite | 0.000 s |
| [31] | fifo_transport_single.fifo_inst.fifo_no_read_ptr_change_condition:precondition1  | covered     | I   | 1        | 0.001 s |
| 88   |                                                                                  |             |     |          |         |
|      |                                                                                  |             |     |          |         |

Then we tried *fifo\_transport\_double*, which uses two instantiation of the faulty 16-deep synchronized FIFO design and a combined read/write signal. We received several firings.

| × | Assert | fifo_transport_double.fifo_inst1.full_fifo_condition  | Ν      | 1 - 18   |
|---|--------|-------------------------------------------------------|--------|----------|
| × | Assert | fifo_transport_double.fifo_inst1.empty_fifo_condition | 1      | 35       |
| × | Assert | fifo_transport_double.fifo_inst2.full_fifo_condition  | к      | 34       |
| × | Assert | fifo_transport_double.fifo_inst2.empty_fifo_condition | N      | 1 - 2    |
| × | Cover  | fifo_transport_double.fifo_inst1.fifo_num_entries_18  | N (15) | Infinite |
| × | Cover  | fifo_transport_double.fifo_inst1.fifo_num_entries_17  | N (5)  | Infinite |
| × | Cover  | fifo_transport_double.fifo_inst2.fifo_num_entries_18  | N (21) | Infinite |
| × | Cover  | fifo_transport_double.fifo_inst2.fifo_num_entries_17  | N (13) | Infinite |

We bring up the waveform for the first firing. The counterexample shows that the the FIFO Transport keeps adding values to the the first FIFO until it's full and it stops writing. Then both read and write control are set to zero, which reset the full signal to zero, enen though FIFO1 is still filled full with 16 entrities. As we mentioned in the first task, this bug is caused by the last *else if* statment added in the *fifo.sv*. After removing the last part, all firings are gone.

| - Cik                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |     |    | п  | Π  | Π. |    | П  | n. | П  |    |    | n. |    | Π  |    |    |      |   |    |        | n |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|----|------|---|----|--------|---|
| $^{\mbox{\scriptsize $\pi$}}$ <code>:ble.fifo_inst1.full_fifo_condition</code>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |     |    |    |    |    |    |    |    |    |    |    |    |    |    |    |    |      | Ĺ | ĺ. | Ĵ.     |   |
| + fifo_inst1.clk                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |     |    | Π  |    |    |    | П  |    |    |    |    |    |    | L  |    |    |      |   |    |        | 1 |
| Image: Image | *00 | *1 | *2 | *3 | *4 | *5 | *6 | *7 | *8 | *9 | *a | *b | *c | *d | *e | *f | 5'h] | 0 |    |        |   |
| fifo_inst1.out_is_full                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |     |    |    |    |    |    |    |    |    |    |    |    |    |    |    |    |      |   |    | 2<br>2 | 1 |
| 🖷 fifo_inst1.rst                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |     |    |    |    |    |    |    |    |    |    |    |    |    |    |    |    |      |   |    |        | - |
| 1.number_of_current_entries[4]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |     |    |    |    |    |    |    |    |    |    |    |    |    |    |    |    |      |   |    |        |   |
| л fifo1_in_read_ctrl                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |     |    |    |    |    |    |    |    |    |    |    |    |    |    |    |    |      |   |    | 1      |   |
| л fifo1_in_write_ctrl                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |     |    |    | -  |    |    |    |    |    |    |    |    |    | -  |    | -  | 1    |   |    |        |   |

# **V. CONCLUSION**

In this project, we first explored the basic methods, SystemVerilog assertions and line coverages of formal verification through small FIFO design exercise. we also explored the limitations of formal verification in some scenarios that could lead to incomplete verification. Then, we studied two advanced design verification techniques, bug hunting and full proof FPV techniques from Chapter 6 of Formal Verification textbook[1], and applied these techniques to a relatively complex ALU design. Our main tasks are accomplished Mentor Questa, however, we also exploited another commercial industry-standard tools, Cadence's JasperGold in some tasks.

In the phase of ALU verification, we verified each individual block using line coverages, assertions, and reference models. However, due to the complexity of multiplication operation, we were not able to obtain a prove for this operation beyond DSIZE08. Also, because lacking of specification, we were not able to understand what the *defeature\_clock* bit means(it shut down some of the flops when src2=0 and defeature\_clock=0). Therefore, we were not able to verify the correct behavior of the alu0 while it set to zero. However, we found several bugs with this bit drive to 1, including flop resetability issue, MUX output floating issue and incorrect arithmetic operation issue(SUB, MUL and CMP).

With increasing design complexity, verification becomes a very important but costly step of the design flow. As traditional simulation based testing cannot guarantee sufficient coverages, we found formal verification approach appears to be very cost effective in many cases. We particularly found it useful in the process of RTL design, since testbench creation usually is a very slow and error prone task.

# **VI. COLLABORATIONS**

| Name          | Yuxiang Chen(yc3096)                                                                                                                                                                                                                           | Ao Li(al3483)                                                                                                                                                            |
|---------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Contributions | 50%                                                                                                                                                                                                                                            | 50%                                                                                                                                                                      |
| Details       | <ol> <li>Read user manual, search for<br/>relative papar and techniques</li> <li>PFV Plan Adjustment</li> <li>SVA Implementation</li> <li>Debug Firing</li> <li>Report Composing</li> <li>Final Report Polishing and<br/>Adjustment</li> </ol> | <ol> <li>Read Textbook, search for relative<br/>techniques</li> <li>PFV Planning</li> <li>SVA Implementation</li> <li>Debug Firings</li> <li>Report Composing</li> </ol> |

We found the topic to be very attractive and useful, thus both of us worked extremely hard and collaboratively on this project. The detail contributions are listed below:

### VII. ACKNOWLEDGMENT

We would like to thank our professor Michael Theobald for his excellent course Formal Verification of Hardware and Software Systems, Your extensive knowledge, enthusiasm and organization made the class a pleasure to attend and study for. Thank you for completing our Columbia experience. We really appreciate it.

Meanwhile, we also would like to say thank you to our hardworking TAs, Xinhao and Tiezheng for their efforts before the midterm. It is your efforts that make our learning progress to be smooth.

### **VIII. REFERENCES**

[1] E. Seligman, T. Schubert, and M. V. Achutha Kiran Kumar, *Formal verification: An essential Toolkit for modern VLSI design*. United States: Morgan Kaufmann Publishers In, 2015.

[2] C. E. Cummings, "SystemVerilog Assertions Design Tricks and SVA Bind Files," SNUG, 2009.

[3] "SystemVerilog assertions part-i," in *ASIC World*, 2014. [Online]. Available: http://www.asic-world.com/systemverilog/assertions1.html. Accessed: Dec. 20, 2016.

[4] Doulos, "Developing & Delivering KnowHow," *SystemVerilog Assertions Tutorial*. [Online]. Available: https://www.doulos.com/knowhow/sysverilog/tutorial/assertions/. [Accessed: 20-Dec-2016].