Line Coverage for Module : rom_ctrl_fsm
Cond Coverage for Module : rom_ctrl_fsm
FSM Coverage for Module : rom_ctrl_fsm
State, Transition and Sequence Details for FSM :: state_q
Branch Coverage for Module : rom_ctrl_fsm
Branches:
Branches:
Branches:
Branches:
Branches:
Branches:
Branches:
Branches:
Branches:
Assert Coverage for Module : rom_ctrl_fsm
Assertion Details
LastImpliesValid_A
RelAddrWide_A
SecCmCFILinear_A
u_state_regs_A
| Line No. | Total | Covered | Percent | |
|---|---|---|---|---|
| TOTAL | 58 | 58 | 100.00 | |
| ALWAYS | 138 | 3 | 3 | 100.00 |
| ALWAYS | 141 | 19 | 19 | 100.00 |
| ALWAYS | 209 | 3 | 3 | 100.00 |
| CONT_ASSIGN | 216 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 217 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 220 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 223 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 224 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 231 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 232 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 233 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 239 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 241 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 242 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 243 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 247 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 251 | 1 | 1 | 100.00 |
| ALWAYS | 261 | 5 | 5 | 100.00 |
| ALWAYS | 270 | 3 | 3 | 100.00 |
| CONT_ASSIGN | 277 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 278 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 279 | 1 | 1 | 100.00 |
| ALWAYS | 288 | 3 | 3 | 100.00 |
| CONT_ASSIGN | 304 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 307 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 309 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 310 | 1 | 1 | 100.00 |
| CONT_ASSIGN | 312 | 1 | 1 | 100.00 |
137138 3/3 `PRIM_FLOP_SPARSE_FSM(u_state_regs, state_d, state_q, fsm_state_e, ReadingLow) Tests: T1 T2 T3 | T1 T2 T3 | T1 T2 T3
PRIM_FLOP_SPARSE_FSM(u_state_regs, state_d, state_q, fsm_state_e, ReadingLow): 138.1 `ifdef SIMULATION 138.2 prim_sparse_fsm_flop #( 138.3 .StateEnumT(fsm_state_e), 138.4 .Width($bits(fsm_state_e)), 138.5 .ResetValue($bits(fsm_state_e)'(ReadingLow)), 138.6 .EnableAlertTriggerSVA(1), 138.7 .CustomForceName("state_q") 138.8 ) u_state_regs ( 138.9 .clk_i ( clk_i ), 138.10 .rst_ni ( rst_ni ), 138.11 .state_i ( state_d ), 138.12 .state_o ( ) 138.13 ); 138.14 always_ff @(posedge clk_i or negedge rst_ni) begin 138.15 1/1 if (!rst_ni) begin Tests: T1 T2 T3 138.16 1/1 state_q <= ReadingLow; Tests: T1 T2 T3 138.17 end else begin 138.18 1/1 state_q <= state_d; Tests: T1 T2 T3 138.19 end 138.20 end 138.21 u_state_regs_A: assert property (@(posedge clk_i) disable iff ((!rst_ni) !== '0) (state_q === u_state_regs.state_o)) 138.22 else begin 138.23 `ifdef UVM 138.24 uvm_pkg::uvm_report_error("ASSERT FAILED", "u_state_regs_A", uvm_pkg::UVM_NONE, 138.25 "../src/lowrisc_ip_rom_ctrl_0.1/rtl/rom_ctrl_fsm.sv", 138, "", 1); 138.26 `else 138.27 $error("%0t: (%0s:%0d) [%m] [ASSERT FAILED] %0s", $time, `__FILE__, `__LINE__, 138.28 `PRIM_STRINGIFY(u_state_regs_A)); 138.29 `endif 138.30 end 138.31 `else 138.32 prim_sparse_fsm_flop #( 138.33 .StateEnumT(fsm_state_e), 138.34 .Width($bits(fsm_state_e)), 138.35 .ResetValue($bits(fsm_state_e)'(ReadingLow)), 138.36 .EnableAlertTriggerSVA(1) 138.37 ) u_state_regs ( 138.38 .clk_i ( `PRIM_FLOP_CLK ), 138.39 .rst_ni ( `PRIM_FLOP_RST ), 138.40 .state_i ( state_d ), 138.41 .state_o ( state_q ) 138.42 ); 138.43 `endif139 140 always_comb begin 141 1/1 state_d = state_q; Tests: T1 T2 T3 142 1/1 fsm_alert = 1'b0; Tests: T1 T2 T3 143 144 1/1 unique case (state_q) Tests: T1 T2 T3 145 ReadingLow: begin 146 // Switch to ReadingHigh when counter_lnt is true and kmac_rom_rdy_i & kmac_rom_vld_o 147 // (implying that the transaction went through) 148 1/1 if (counter_lnt && kmac_rom_rdy_i && kmac_rom_vld_o) begin Tests: T1 T2 T3 149 1/1 state_d = ReadingHigh; Tests: T1 T2 T3 150 end MISSING_ELSE 151 end 152 153 ReadingHigh: begin 154 1/1 unique case ({kmac_done_i, counter_done}) Tests: T1 T2 T3 155 1/1 2'b01: state_d = RomAhead; Tests: T1 T2 T4 156 1/1 2'b10: state_d = kmac_err_i ? Invalid : KmacAhead; Tests: T3 T5 T11 157 1/1 2'b11: state_d = kmac_err_i ? Invalid : Checking; Tests: T61 T62 T63 158 default: ; // No change 159 endcase 160 end 161 162 RomAhead: begin 163 2/2 if (kmac_done_i) state_d = kmac_err_i ? Invalid : Checking; Tests: T1 T2 T4 | T1 T2 T4 MISSING_ELSE 164 end 165 166 KmacAhead: begin 167 2/2 if (counter_done) state_d = Checking; Tests: T3 T5 T11 | T3 T5 T11 MISSING_ELSE 168 end 169 170 Checking: begin 171 2/2 if (checker_done) state_d = Done; Tests: T1 T2 T3 | T1 T2 T3 MISSING_ELSE 172 end 173 174 Done: begin 175 // Final state 176 end 177 178 default: begin 179 // An invalid state (includes the explicit Invalid state) 180 fsm_alert = 1'b1; 181 state_d = Invalid; 182 end 183 endcase 184 185 // Consistency checks for done signals. 186 // 187 // If checker_done is high in a state other than Checking or Done then something has gone wrong 188 // and we ran the check early. Similarly, counter_done should only be high after we've left 189 // ReadingLow. Finally, kmac_done_i should only be high in ReadingHigh or RomAhead. If any of 190 // these consistency requirements don't hold, jump to the Invalid state. This will also raise an 191 // alert on the following cycle. 192 // 193 // SEC_CM: CHECKER.CTRL_FLOW.CONSISTENCY 194 1/1 if ((checker_done && !(state_q inside {Checking, Done})) || Tests: T1 T2 T3 195 (counter_done && state_q == ReadingLow) || 196 (kmac_done_i && !(state_q inside {ReadingHigh, RomAhead}))) begin 197 1/1 state_d = Invalid; Tests: T1 T2 T3 198 end MISSING_ELSE 199 200 // Jump to an invalid state if sending out an alert for any other reason 201 // 202 // SEC_CM: CHECKER.FSM.LOCAL_ESC 203 1/1 if (alert_o) begin Tests: T1 T2 T3 204 1/1 state_d = Invalid; Tests: T11 T12 T31 205 end MISSING_ELSE 206 end 207 208 // Check that the FSM is linear and does not contain any loops
ASSERT_FPV_LINEAR_FSM(SecCmCFILinear_A, state_q, fsm_state_e): 209.1 `ifdef INC_ASSERT 209.2 bit SecCmCFILinear_A_cond; 209.3 always_ff @(posedge clk_i or posedge !rst_ni) begin 209.4 1/1 if (!rst_ni) begin Tests: T1 T2 T3 209.5 1/1 SecCmCFILinear_A_cond <= 0; Tests: T1 T2 T3 209.6 end else begin 209.7 1/1 SecCmCFILinear_A_cond <= 1; Tests: T1 T2 T3 209.8 end 209.9 end 209.10 property SecCmCFILinear_A_p; 209.11 fsm_state_e initial_state; 209.12 (!$stable(state_q) & SecCmCFILinear_A_cond, initial_state = $past(state_q)) |-> 209.13 (state_q != initial_state) until (!rst_ni == 1'b1); 209.14 endproperty 209.15 SecCmCFILinear_A: assert property (@(posedge clk_i) disable iff ((0) !== '0) (SecCmCFILinear_A_p)) 209.16 else begin 209.17 `ifdef UVM 209.18 uvm_pkg::uvm_report_error("ASSERT FAILED", "SecCmCFILinear_A", uvm_pkg::UVM_NONE, 209.19 "../src/lowrisc_ip_rom_ctrl_0.1/rtl/rom_ctrl_fsm.sv", 209, "", 1); 209.20 `else 209.21 $error("%0t: (%0s:%0d) [%m] [ASSERT FAILED] %0s", $time, `__FILE__, `__LINE__, 209.22 `PRIM_STRINGIFY(SecCmCFILinear_A)); 209.23 `endif 209.24 end 209.25 `endif210 211 // The in_state_done signal is supposed to be true iff we're in FSM state Done. Grabbing just the 212 // bottom 4 bits of state_q is equivalent to "mubi4_bool_to_mubi(state_q == Done)" except that it 213 // doesn't have a 1-bit signal on the way. 214 logic [9:0] state_q_bits; 215 logic unused_state_q_top_bits; 216 1/1 assign state_q_bits = {state_q}; Tests: T1 T2 T3 217 1/1 assign unused_state_q_top_bits = ^state_q_bits[9:4]; Tests: T1 T2 T3 218 219 mubi4_t in_state_done; 220 1/1 assign in_state_done = mubi4_t'(state_q_bits[3:0]); Tests: T1 T2 T3 221 222 // Route digest signals coming back from KMAC straight to the CSRs 223 1/1 assign digest_o = kmac_digest_i; Tests: T1 T2 T3 224 1/1 assign digest_vld_o = kmac_done_i; Tests: T1 T2 T3 225 226 // Snoop on ROM reads to populate EXP_DIGEST, one word at a time 227 logic reading_top; 228 logic [AW-1:0] rel_addr_wide; 229 logic [TAW-1:0] rel_addr; 230 231 1/1 assign reading_top = (state_q == ReadingHigh || state_q == KmacAhead) & ~counter_done; Tests: T1 T2 T3 232 1/1 assign rel_addr_wide = counter_data_addr - TopStartAddr; Tests: T1 T2 T3 233 1/1 assign rel_addr = rel_addr_wide[TAW-1:0]; Tests: T1 T2 T3 234 235 // The top bits of rel_addr_wide should always be zero if we're reading the top bits (because TAW 236 // bits should be enough to encode the difference between counter_data_addr and TopStartAddr) 237 `ASSERT(RelAddrWide_A, exp_digest_vld_o |-> ~|rel_addr_wide[AW-1:TAW]) 238 logic unused_top_rel_addr_wide; 239 1/1 assign unused_top_rel_addr_wide = |rel_addr_wide[AW-1:TAW]; Tests: T1 T2 T3 240 241 1/1 assign exp_digest_o = rom_data_i; Tests: T1 T2 T3 242 1/1 assign exp_digest_vld_o = reading_top; Tests: T1 T2 T3 243 1/1 assign exp_digest_idx_o = rel_addr; Tests: T1 T2 T3 244 245 // The 'done' signal for pwrmgr is asserted once we get into the Done state. The 'good' signal 246 // compes directly from the checker. 247 1/1 assign pwrmgr_data_o = '{done: in_state_done, good: checker_good}; Tests: T1 T2 T3 248 249 // Pass the digest all-at-once to the keymgr. The loose check means that glitches will add 250 // spurious edges to the valid signal that can be caught at the other end. 251 1/1 assign keymgr_data_o = '{data: digest_i, valid: mubi4_test_true_loose(in_state_done)}; Tests: T1 T2 T3 252 253 // KMAC rom data interface 254 logic kmac_rom_vld_d, kmac_rom_vld_q; 255 always_comb begin 256 // There will be valid data to pass to KMAC on each cycle after a counter request has gone out 257 // when we were in state ReadingLow. That data goes out (causing us to drop the valid signal) if 258 // KMAC was ready. Note that this formulation allows kmac_rom_vld_q to be high even if we're not 259 // in the ReadingLow state: if something goes wrong and we get faulted into Invalid then we'll 260 // still correctly send the end of the KMAC transaction. 261 1/1 kmac_rom_vld_d = kmac_rom_vld_q; Tests: T1 T2 T3 262 1/1 if (kmac_rom_rdy_i) begin Tests: T1 T2 T3 263 1/1 kmac_rom_vld_d = 0; Tests: T1 T2 T3 264 end MISSING_ELSE 265 1/1 if (counter_read_req && state_q == ReadingLow && !counter_lnt) begin Tests: T1 T2 T3 266 1/1 kmac_rom_vld_d = 1; Tests: T1 T2 T3 267 end MISSING_ELSE 268 end 269 always_ff @(posedge clk_i or negedge rst_ni) begin 270 1/1 if (!rst_ni) begin Tests: T1 T2 T3 271 1/1 kmac_rom_vld_q <= 0; Tests: T1 T2 T3 272 end else begin 273 1/1 kmac_rom_vld_q <= kmac_rom_vld_d; Tests: T1 T2 T3 274 end 275 end 276 277 1/1 assign counter_data_rdy = kmac_rom_rdy_i | (state_q inside {ReadingHigh, KmacAhead}); Tests: T1 T2 T3 278 1/1 assign kmac_rom_vld_o = kmac_rom_vld_q; Tests: T1 T2 T3 279 1/1 assign kmac_rom_last_o = counter_lnt; Tests: T1 T2 T3 280 281 // The "last" flag is signalled when we're reading the last word in the first part of the ROM. As 282 // a quick consistency check, this should only happen when the "valid" flag is also high. 283 `ASSERT(LastImpliesValid_A, kmac_rom_last_o |-> kmac_rom_vld_o, 284 clk_i, !rst_ni || (state_q == Invalid)) 285 286 // Start the checker when transitioning into the "Checking" state 287 always_ff @(posedge clk_i or negedge rst_ni) begin 288 1/1 if (!rst_ni) begin Tests: T1 T2 T3 289 1/1 start_checker_q <= 1'b0; Tests: T1 T2 T3 290 end else begin 291 1/1 start_checker_q <= (state_q != Checking) && (state_d == Checking); Tests: T1 T2 T3 292 end 293 end 294 295 // The counter is supposed to run from zero up to the top of memory and then tell us that it's 296 // done with the counter_done signal. We would like to be sure that no-one can fiddle with the 297 // counter address once the hash has been computed (if they could subvert the mux as well, this 298 // would allow them to generate a useful wrong address for a fetch). Fortunately, doing so would 299 // cause the counter_done signal to drop again and we *know* that it should stay high when our FSM 300 // is in the Done state. 301 // 302 // SEC_CM: CHECKER.CTR.CONSISTENCY 303 logic unexpected_counter_change; 304 1/1 assign unexpected_counter_change = mubi4_test_true_loose(in_state_done) & !counter_done; Tests: T1 T2 T3 305 306 // We keep control of the ROM mux from reset until we're done. 307 1/1 assign rom_select_bus_o = in_state_done; Tests: T1 T2 T3 308 309 1/1 assign rom_addr_o = counter_read_addr; Tests: T1 T2 T3 310 1/1 assign rom_req_o = counter_read_req; Tests: T1 T2 T3 311 312 1/1 assign alert_o = fsm_alert | checker_alert | unexpected_counter_change; Tests: T1 T2 T3
Cond Coverage for Module : rom_ctrl_fsm
| Total | Covered | Percent | |
|---|---|---|---|
| Conditions | 55 | 54 | 98.18 |
| Logical | 55 | 54 | 98.18 |
| Non-Logical | 0 | 0 | |
| Event | 0 | 0 |
LINE 148
EXPRESSION (counter_lnt && kmac_rom_rdy_i && kmac_rom_vld_o)
-----1----- -------2------ -------3------
| -1- | -2- | -3- | Status | Tests |
|---|---|---|---|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Covered | T2,T6,T49 |
| 1 | 1 | 0 | Not Covered | |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 156
EXPRESSION (kmac_err_i ? Invalid : KmacAhead)
-----1----
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T3,T5,T11 |
| 1 | Covered | T11,T31,T64 |
LINE 157
EXPRESSION (kmac_err_i ? Invalid : Checking)
-----1----
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T62,T63,T52 |
| 1 | Covered | T61 |
LINE 163
EXPRESSION (kmac_err_i ? Invalid : Checking)
-----1----
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T4 |
| 1 | Covered | T12,T53,T36 |
LINE 194
EXPRESSION
Number Term
1 (checker_done && ((!(state_q inside {Checking, Done})))) ||
2 (counter_done && (state_q == ReadingLow)) ||
3 (kmac_done_i && ((!(state_q inside {ReadingHigh, RomAhead})))))
| -1- | -2- | -3- | Status | Tests |
|---|---|---|---|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T1,T2,T3 |
| 0 | 1 | 0 | Covered | T25,T26,T60 |
| 1 | 0 | 0 | Covered | T25,T26,T27 |
LINE 194
SUB-EXPRESSION (checker_done && ((!(state_q inside {Checking, Done}))))
------1----- -------------------2------------------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T25,T26,T27 |
LINE 194
SUB-EXPRESSION (counter_done && (state_q == ReadingLow))
------1----- -----------2-----------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T25,T26,T60 |
LINE 194
SUB-EXPRESSION (state_q == ReadingLow)
-----------1-----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 194
SUB-EXPRESSION (kmac_done_i && ((!(state_q inside {ReadingHigh, RomAhead}))))
-----1----- ----------------------2----------------------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 231
EXPRESSION (((state_q == ReadingHigh) || (state_q == KmacAhead)) & ((~counter_done)))
--------------------------1------------------------- --------2--------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 231
SUB-EXPRESSION ((state_q == ReadingHigh) || (state_q == KmacAhead))
------------1----------- -----------2----------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T3,T5,T11 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 231
SUB-EXPRESSION (state_q == ReadingHigh)
------------1-----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 231
SUB-EXPRESSION (state_q == KmacAhead)
-----------1----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T3,T5,T11 |
LINE 265
EXPRESSION (counter_read_req && (state_q == ReadingLow) && ((!counter_lnt)))
--------1------- -----------2----------- --------3-------
| -1- | -2- | -3- | Status | Tests |
|---|---|---|---|---|
| 0 | 1 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | 1 | Covered | T1,T2,T3 |
| 1 | 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | 1 | Covered | T1,T2,T3 |
LINE 265
SUB-EXPRESSION (state_q == ReadingLow)
-----------1-----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 277
EXPRESSION (kmac_rom_rdy_i | (state_q inside {ReadingHigh, KmacAhead}))
-------1------ --------------------2--------------------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 0 | Covered | T1,T2,T3 |
| 0 | 1 | Covered | T1,T2,T6 |
| 1 | 0 | Covered | T1,T2,T3 |
LINE 291
EXPRESSION ((state_q != Checking) && (state_d == Checking))
----------1---------- ----------2----------
| -1- | -2- | Status | Tests |
|---|---|---|---|
| 0 | 1 | Covered | T1,T2,T3 |
| 1 | 0 | Covered | T1,T2,T3 |
| 1 | 1 | Covered | T1,T2,T3 |
LINE 291
SUB-EXPRESSION (state_q != Checking)
----------1----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 291
SUB-EXPRESSION (state_d == Checking)
----------1----------
| -1- | Status | Tests |
|---|---|---|
| 0 | Covered | T1,T2,T3 |
| 1 | Covered | T1,T2,T3 |
LINE 312
EXPRESSION (fsm_alert | checker_alert | unexpected_counter_change)
----1---- ------2------ ------------3------------
| -1- | -2- | -3- | Status | Tests |
|---|---|---|---|---|
| 0 | 0 | 0 | Covered | T1,T2,T3 |
| 0 | 0 | 1 | Covered | T25,T27,T50 |
| 0 | 1 | 0 | Covered | T28,T25,T26 |
| 1 | 0 | 0 | Covered | T11,T12,T31 |
FSM Coverage for Module : rom_ctrl_fsm
| Total | Covered | Percent | ||
|---|---|---|---|---|
| States | 7 | 7 | 100.00 | (Not included in score) |
| Transitions | 13 | 13 | 100.00 | |
| Sequences | 0 | 0 |
State, Transition and Sequence Details for FSM :: state_q
| states | Line No. | Covered | Tests |
| Checking | 157 | Covered | T1,T2,T3 |
| Done | 171 | Covered | T1,T2,T3 |
| Invalid | 156 | Covered | T11,T12,T31 |
| KmacAhead | 156 | Covered | T3,T5,T11 |
| ReadingHigh | 149 | Covered | T1,T2,T3 |
| ReadingLow | 145 | Covered | T1,T2,T3 |
| RomAhead | 155 | Covered | T1,T2,T4 |
| transitions | Line No. | Covered | Tests |
| Checking->Done | 171 | Covered | T1,T2,T3 |
| Checking->Invalid | 197 | Covered | T26,T27,T50 |
| Done->Invalid | 197 | Covered | T25,T26,T27 |
| KmacAhead->Checking | 167 | Covered | T3,T5,T11 |
| KmacAhead->Invalid | 197 | Covered | T65,T66,T67 |
| ReadingHigh->Checking | 157 | Covered | T62,T63,T52 |
| ReadingHigh->Invalid | 156 | Covered | T11,T31,T61 |
| ReadingHigh->KmacAhead | 156 | Covered | T3,T5,T11 |
| ReadingHigh->RomAhead | 155 | Covered | T1,T2,T4 |
| ReadingLow->Invalid | 197 | Covered | T28,T25,T26 |
| ReadingLow->ReadingHigh | 149 | Covered | T1,T2,T3 |
| RomAhead->Checking | 163 | Covered | T1,T2,T4 |
| RomAhead->Invalid | 163 | Covered | T12,T53,T36 |
Branch Coverage for Module : rom_ctrl_fsm
| Line No. | Total | Covered | Percent | |
|---|---|---|---|---|
| Branches | 33 | 33 | 100.00 | |
| IF | 138 | 2 | 2 | 100.00 |
| CASE | 144 | 17 | 17 | 100.00 |
| IF | 194 | 2 | 2 | 100.00 |
| IF | 203 | 2 | 2 | 100.00 |
| IF | 209 | 2 | 2 | 100.00 |
| IF | 262 | 2 | 2 | 100.00 |
| IF | 265 | 2 | 2 | 100.00 |
| IF | 270 | 2 | 2 | 100.00 |
| IF | 288 | 2 | 2 | 100.00 |
138 `PRIM_FLOP_SPARSE_FSM(u_state_regs, state_d, state_q, fsm_state_e, ReadingLow) -1- ==> ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
144 unique case (state_q) -1- 145 ReadingLow: begin 146 // Switch to ReadingHigh when counter_lnt is true and kmac_rom_rdy_i & kmac_rom_vld_o 147 // (implying that the transaction went through) 148 if (counter_lnt && kmac_rom_rdy_i && kmac_rom_vld_o) begin -2- 149 state_d = ReadingHigh; ==> 150 end MISSING_ELSE ==> 151 end 152 153 ReadingHigh: begin 154 unique case ({kmac_done_i, counter_done}) -3- 155 2'b01: state_d = RomAhead; ==> 156 2'b10: state_d = kmac_err_i ? Invalid : KmacAhead; -4- ==> ==> 157 2'b11: state_d = kmac_err_i ? Invalid : Checking; -5- ==> ==> 158 default: ; // No change ==> 159 endcase 160 end 161 162 RomAhead: begin 163 if (kmac_done_i) state_d = kmac_err_i ? Invalid : Checking; -6- -7- ==> ==> MISSING_ELSE ==> 164 end 165 166 KmacAhead: begin 167 if (counter_done) state_d = Checking; -8- ==> MISSING_ELSE ==> 168 end 169 170 Checking: begin 171 if (checker_done) state_d = Done; -9- ==> MISSING_ELSE ==> 172 end 173 174 Done: begin ==> 175 // Final state 176 end 177 178 default: begin 179 // An invalid state (includes the explicit Invalid state) 180 fsm_alert = 1'b1; ==>
Branches:
| -1- | -2- | -3- | -4- | -5- | -6- | -7- | -8- | -9- | Status | Tests |
|---|---|---|---|---|---|---|---|---|---|---|
| ReadingLow | 1 | - | - | - | - | - | - | - | Covered | T1,T2,T3 |
| ReadingLow | 0 | - | - | - | - | - | - | - | Covered | T1,T2,T3 |
| ReadingHigh | - | 2'b01 | - | - | - | - | - | - | Covered | T1,T2,T4 |
| ReadingHigh | - | 2'b10 | 1 | - | - | - | - | - | Covered | T11,T31,T64 |
| ReadingHigh | - | 2'b10 | 0 | - | - | - | - | - | Covered | T3,T5,T11 |
| ReadingHigh | - | 2'b11 | - | 1 | - | - | - | - | Covered | T61 |
| ReadingHigh | - | 2'b11 | - | 0 | - | - | - | - | Covered | T62,T63,T52 |
| ReadingHigh | - | default | - | - | - | - | - | - | Covered | T1,T2,T3 |
| RomAhead | - | - | - | - | 1 | 1 | - | - | Covered | T12,T53,T36 |
| RomAhead | - | - | - | - | 1 | 0 | - | - | Covered | T1,T2,T4 |
| RomAhead | - | - | - | - | 0 | - | - | - | Covered | T1,T2,T4 |
| KmacAhead | - | - | - | - | - | - | 1 | - | Covered | T3,T5,T11 |
| KmacAhead | - | - | - | - | - | - | 0 | - | Covered | T3,T5,T11 |
| Checking | - | - | - | - | - | - | - | 1 | Covered | T1,T2,T3 |
| Checking | - | - | - | - | - | - | - | 0 | Covered | T1,T2,T3 |
| Done | - | - | - | - | - | - | - | - | Covered | T1,T2,T3 |
| default | - | - | - | - | - | - | - | - | Covered | T11,T12,T31 |
194 if ((checker_done && !(state_q inside {Checking, Done})) || -1- 195 (counter_done && state_q == ReadingLow) || 196 (kmac_done_i && !(state_q inside {ReadingHigh, RomAhead}))) begin 197 state_d = Invalid; ==> 198 end MISSING_ELSE ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
203 if (alert_o) begin -1- 204 state_d = Invalid; ==> 205 end MISSING_ELSE ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T11,T12,T31 |
| 0 | Covered | T1,T2,T3 |
209 `ASSERT_FPV_LINEAR_FSM(SecCmCFILinear_A, state_q, fsm_state_e) -1- ==> ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
262 if (kmac_rom_rdy_i) begin -1- 263 kmac_rom_vld_d = 0; ==> 264 end MISSING_ELSE ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
265 if (counter_read_req && state_q == ReadingLow && !counter_lnt) begin -1- 266 kmac_rom_vld_d = 1; ==> 267 end MISSING_ELSE ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
270 if (!rst_ni) begin -1- 271 kmac_rom_vld_q <= 0; ==> 272 end else begin 273 kmac_rom_vld_q <= kmac_rom_vld_d; ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
288 if (!rst_ni) begin -1- 289 start_checker_q <= 1'b0; ==> 290 end else begin 291 start_checker_q <= (state_q != Checking) && (state_d == Checking); ==>
Branches:
| -1- | Status | Tests |
|---|---|---|
| 1 | Covered | T1,T2,T3 |
| 0 | Covered | T1,T2,T3 |
Assert Coverage for Module : rom_ctrl_fsm
| Total | Attempted | Percent | Succeeded/Matched | Percent | |
|---|---|---|---|---|---|
| Assertions | 4 | 4 | 100.00 | 4 | 100.00 |
| Cover properties | 0 | 0 | 0 | ||
| Cover sequences | 0 | 0 | 0 | ||
| Total | 4 | 4 | 100.00 | 4 | 100.00 |
Assertion Details
| Name | Attempts | Real Successes | Failures | Incomplete |
| LastImpliesValid_A | 50861356 | 2484 | 0 | 0 |
| RelAddrWide_A | 50861356 | 10760 | 0 | 0 |
| SecCmCFILinear_A | 50861356 | 5144 | 0 | 1250 |
| u_state_regs_A | 50861356 | 50687253 | 0 | 0 |
LastImpliesValid_A
| Name | Attempts | Real Successes | Failures | Incomplete |
|---|---|---|---|---|
| Total | 50861356 | 2484 | 0 | 0 |
| T1 | 24784 | 1 | 0 | 0 |
| T2 | 24978 | 2 | 0 | 0 |
| T3 | 17588 | 1 | 0 | 0 |
| T4 | 17521 | 1 | 0 | 0 |
| T5 | 17442 | 1 | 0 | 0 |
| T6 | 25824 | 2 | 0 | 0 |
| T7 | 18052 | 1 | 0 | 0 |
| T8 | 25686 | 1 | 0 | 0 |
| T9 | 25886 | 1 | 0 | 0 |
| T10 | 17562 | 1 | 0 | 0 |
RelAddrWide_A
| Name | Attempts | Real Successes | Failures | Incomplete |
|---|---|---|---|---|
| Total | 50861356 | 10760 | 0 | 0 |
| T1 | 24784 | 8 | 0 | 0 |
| T2 | 24978 | 8 | 0 | 0 |
| T3 | 17588 | 8 | 0 | 0 |
| T4 | 17521 | 8 | 0 | 0 |
| T5 | 17442 | 8 | 0 | 0 |
| T6 | 25824 | 8 | 0 | 0 |
| T7 | 18052 | 8 | 0 | 0 |
| T8 | 25686 | 8 | 0 | 0 |
| T9 | 25886 | 8 | 0 | 0 |
| T10 | 17562 | 8 | 0 | 0 |
SecCmCFILinear_A
| Name | Attempts | Real Successes | Failures | Incomplete |
|---|---|---|---|---|
| Total | 50861356 | 5144 | 0 | 1250 |
| T11 | 33235 | 2 | 0 | 4 |
| T12 | 49587 | 3 | 0 | 4 |
| T13 | 52436 | 4 | 0 | 4 |
| T21 | 17529 | 0 | 0 | 4 |
| T22 | 17424 | 0 | 0 | 4 |
| T23 | 25668 | 0 | 0 | 4 |
| T31 | 0 | 2 | 0 | 0 |
| T32 | 0 | 8 | 0 | 0 |
| T33 | 0 | 8 | 0 | 0 |
| T34 | 0 | 8 | 0 | 0 |
| T36 | 0 | 3 | 0 | 0 |
| T48 | 16540 | 0 | 0 | 4 |
| T49 | 24742 | 0 | 0 | 4 |
| T53 | 0 | 3 | 0 | 0 |
| T54 | 0 | 3 | 0 | 0 |
| T58 | 25420 | 0 | 0 | 4 |
| T59 | 17765 | 0 | 0 | 4 |
u_state_regs_A
| Name | Attempts | Real Successes | Failures | Incomplete |
|---|---|---|---|---|
| Total | 50861356 | 50687253 | 0 | 0 |
| T1 | 24784 | 24702 | 0 | 0 |
| T2 | 24978 | 24908 | 0 | 0 |
| T3 | 17588 | 17507 | 0 | 0 |
| T4 | 17521 | 17460 | 0 | 0 |
| T5 | 17442 | 17381 | 0 | 0 |
| T6 | 25824 | 25768 | 0 | 0 |
| T7 | 18052 | 17957 | 0 | 0 |
| T8 | 25686 | 25623 | 0 | 0 |
| T9 | 25886 | 25814 | 0 | 0 |
| T10 | 17562 | 17462 | 0 | 0 |