RE: [sv-ac] Zero/Non-zero delay model (is it same as synchronous vs asynchronous)

Subject: RE: [sv-ac] Zero/Non-zero delay model (is it same as synchronous vs asynchronous)
From: Ambar Sarkar (ambar.sarkar@paradigm-works.com)
Date: Thu Sep 19 2002 - 20:06:54 PDT

Rajeev,
 
I couldn't agree with you more on your basic point about not wanting to
deal with #delays. And I never once said I want the assertions to
consider #delays.
 
However, from your emails, it seems like you are tying asynchronous
semantics to #delays. You *do not* have to have explicit #delays to
specify asynchronous behavior.
 
Let me repeat the basic point I made earlier...can we specify assertions
based on signals that are asynchronous without associating the assertion
with a clock? A typical example would be asserting that a signal holds
it value constant between two other events which may not be clocked at
that level of hierarchy. Notice that this assertion has no reference to
#delay. In such a case, an assert-strobe would make sense. There are
limitations to assert_strobe, as Adam's examples point out, and
hopefully the core language design group will address that.
 
Any event-based simulator (which by definition has
infinite(infinitesimal?) time granularity since it works with scheduled
events as opposed to just discrete units of time) would be easily able
to implement such an assertion.
 
Just making sure we are on the same page.
 
Regards,
 
Ambar
 
 --
Ambar Sarkar Email:
ambar.sarkar@paradigm-works.com
Principal Consulting Engineer Phone: 978-824-1363
Paradigm Works Cell: 508-561-1868

-----Original Message-----
From: owner-sv-ac@eda.org [mailto:owner-sv-ac@eda.org] On Behalf Of
Rajeev Ranjan
Sent: Thursday, September 19, 2002 6:25 PM
To: sv-ac@eda.org
Subject: [sv-ac] Zero/Non-zero delay model (is it same as synchronous vs
asynchronous)

Hello folks --
 
I guess we can take a short break from the issue of "to mandate or not
to mandate" the check names. I wanted to bring up another
controversial issue of synchronous vs asynchronous semantics and
support.
 
As I recall, with our discussion over the phone and via emails, we
still did not get to the same page on our understanding about what we
mean when we use the terms "synchronous" and "asynchronous". I will
refer to the mails sent earlier by Adam Krolnik and Ambar Sarkar.
 
Let me begin with elaborating on what my basic concern is:
 
Consider the following piece of Verilog code:
 
assign c = a ^ b;
always @(d) begin
  a <= #10 d;
  b <= #20 d;
end
 
Assume for a moment that the signal "d" changes every 100th time unit
(e.g. wrt a clock) and has been properly initialized. Now consider the
assertion which states that "c" is always "0". Any verification
technology which builds a zero-delay model of the design will come
back with a "YES"/"PASS" answer for that assertion. However, the
signal "c", if implemented in hardware with the given delay
specification will have a glitch. And an event driven simulator which
has sufficient enough granularity of time instants at which it
evaluates the design will FAIL the assertion (i.e. will identify a
glitch).
 
And that's my fundamental concern. If the analysis of the assertions
within the design is contingent upon evaluating the design at discrete
points which are determined by the explicit delays specified, then we
are going to run into mismatch in results.
 
I think either Erich or Ambar pointed out that by providing a
sufficiently fine grained clock one could expect even a zero-delay
model analysis to produce the same result. That is not true. What
needs to happen is that the computation model needs to take the
individual gate delays into account. And now we are getting in the
territory of higher complexity analysis than the formal analysis of
zero-delay models. I don't intend to go into the details of relative
analysis complexity of a "timed automata" vs "regular DFA". It
suffices to say that formal/semi-formal tools need to build an FSM
model and their capacity of dealing with models with delays will be
highly limited.
 
To some extent (or to a large extent, depending upon the optimization
put into the simulation tools), similar observations are made between
a simulation tool leveraging the cycle-based semantics vs one which is
completely event-driven.
 
So what's the bottomline?
 
I will re-emphasize a point that Adam had made in one of his emails --
we as a committee should create a set of guidelines on using the
assertion constructs -- the scenarios where they work best, scenarios
which could lead to very poor performance, perhaps a difference in
analysis results between tools, etc.
 
And I would propose that one of the item in the guideline should be
assertions should be written to check functionality which are
independent of the gate delays in the RTL.
 
Why is it important/necessary: I could write a whole sermon here --
but the summary is: we are in the very early phase of assertion based
verification methodology and we must do our best to avoid potential
pitfalls that users may get into and avoid situations where their
performance expectations could take a major hit.
 
I would seek feedback from the end users/managers like Adam Krolnik
and Harry Foster who have had extensive experience with assertion
methodology as to a) whether the "delay independent" specification
could limit any of their assertion b) if not, what training/guidelines
they used to ensure that the designers/assertion writers do not make
such mistakes.
 

Thanks for your attention...
 
-rajeev
 
 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Rajeev K. Ranjan Tel: (408) 982-5418
Director, R&D Fax: (408) 982-5443
Real Intent
3910 Freedom Circle, Suite 102A rajeev@realintent.com
Santa Clara, CA 95054 http://www.realintent.com
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

This archive was generated by hypermail 2b28 : Thu Sep 19 2002 - 20:12:47 PDT