Replace all asserts & assumes with macros from assertions.svh
#233
Conversation
|
@michael-platzer thanks for the PR :) I will not be able to review this before Monday, but I will definitely have a look then. |
michael-platzer
force-pushed
the
michael-platzer/feature/use-assert-macros
branch
3 times, most recently
from
a255334
to
edcce0a
Compare
|
I reckon that this is a pretty large PR. @niwis Would you rather have me split this into multiple smaller PRs? Perhaps starting with the changes to |
There was a problem hiding this comment.
Thanks for the PR @michael-platzer!
It looks good to me for the most part.
One thing I would perhaps change, is to move all include statements at the beginning of the files, rather than within the modules. I believe this is more consistent with other include statements and better aligned with one's expectation on where to find included files. Also, for files defining multiple modules e.g. cdc_2phase_clearable this would mean we only need to include it once.
Could we also move COMMON_CELLS_ASSERTS_OFF to assertions.svh for consistency? As of now, some but not all assertions would be disabled, which I think would go against expectation.
Finally, in the PR description (and later in the changelog) I would mention that some assertions which did not define a disable iff condition now do after aligning them to use the ASSERT macro, and I would list the files affected by this change (e.g. stream_to_mem.sv).
Partially reproducible with the following sed command: sed -zi 's/\nmodule/\n`include "common_cells\/assertions.svh"\n\nmodule/g' `grep assert src/*.sv` Requires extensive cleanup.
Mainly reproducible with the following sed command: sed -zi 's/\([a-zA-Z_][a-zA-Z0-9_]*\)[ \t\r\n]*:[ \t\r\n]*assert *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*disable *iff *([~!]\([^)]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*)[ \t\r\n]*else[ \t\r\n]*\$fatal[ \t\r\n]*(1,[ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSERT(\1, \4, \2, !\3, \5)/g' src/*.sv Some manual cleanup required for one assertions without message, as well as removal of redundant parenthesis via: sed -i 's/`ASSERT(\([^,]*\), (\([^,]*\)),/`ASSERT(\1, \2,/g' src/*.sv
Mainly reproducible with the following sed command (as well as a similar variant that matches assertions with $error instead of $fatal): sed -zi 's/assert *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*disable *iff *([~!]\([^)]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*)[ \t\r\n]*else[ \t\r\n]*\$fatal[ \t\r\n]*(1,[ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSERT(NAME_ME, \3, \1, !\2, \4)/g' src/*.sv This needs to be followed by some manual cleanup. In particular, all NAME_ME occurences need to be replaced with a suitable assertion name. In addition, some assertions were not disabled during reset (and used $error instead of $fatal), which required a slightly modified sed command to match these: sed -zi 's/assert *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*)[ \t\r\n]*else[ \t\r\n]*\$error[ \t\r\n]*([ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSERT(NAME_ME, \2, \1, !rst_ni, \3)/g' src/*.sv Again, some instances of redundant parenthesis could be replaced via: sed -i 's/`ASSERT(\([^,]*\), (\([^,]*\)),/`ASSERT(\1, \2,/g' src/*.sv
Partially reproducible with the following sed command: sed -zi 's/\([a-zA-Z_][a-zA-Z0-9_]*\)[ \t\r\n]*:[ \t\r\n]*assert *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*disable *iff *([~!]\([^)]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSERT(\1, \4, \2, !\3)/g' src/*.sv Additionally, the following sed command can be used for unnamed variants without a reset: sed -zi 's/assert *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSERT(\NAME_ME, \2, \1, !rst_ni)/g' src/*.sv Requires cleanup. In particular, all occurences of NAME_ME need to be replaced with suitable names for the asserted properties.
Reproducible with the following sed command for named assumes: sed -zi 's/\([a-zA-Z_][a-zA-Z0-9_]*\)[ \t\r\n]*:[ \t\r\n]*assume *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*disable *iff *([~!]\([^)]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*)[ \t\r\n]*else[ \t\r\n]*\$fatal[ \t\r\n]*(1,[ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSUME(\1, \4, \2, !\3, \5)/g' src/*.sv And the following sed command for unnamed assumes without reset and with $error instead of $fatal: sed -zi 's/assume *property[ \t\r\n]*([ \t\r\n]*@(posedge *\([a-zA-Z_][a-zA-Z0-9_]*\))[ \t\r\n]*\([^;]*\)[ \t\r\n]*)[ \t\r\n]*else[ \t\r\n]*\$error[ \t\r\n]*([ \t\r\n]*\([^;]*\)[ \t\r\n]*);/`ASSUME(NAME_ME, \2, \1, !rst_ni, \3)/g' src/*.sv Requires cleanup to replace NAME_ME with a suitable property name. Redundant parenthesis can be removed with the following command: sed -i 's/`ASSUME(\([^,]*\), (\([^,]*\)),/`ASSUME(\1, \2,/g' src/*.sv
Mainly reproducible with the following sequence of sed commands: sed -i '/initial begin/,/end/ s/ assert[ \t\r\n]*([ \t\r\n]*\(.*\))/`ASSERT_INIT(NAME_ME, \1, /g' src/*.sv sed -zi 's/`ASSERT_INIT(\([^,]*\), \([^,]*\),[ \t\r\n]*else[ \t\r\n]*\$fatal[ \t\r\n]*(1,[ \t\r\n]*\([^;]*\);/`ASSERT_INIT(\1, \2, \3/g' src/*.sv Requires some cleanup. In particular, all instances of NAME_ME must be replaced by sensible assertion names.
No sed magic here. This change was done manually.
Mainly reproducible with the following sed command: sed -i 's/initial assert(\([^;]*\));/`ASSERT_INIT(NAME_ME, \1)/g' src/*.sv Requires some cleanup. NAME_ME must be replaced with a sensible assertion name.
Again no sed magic, change applied manually.
Assertions are now disabled if SYNTHESIS is defined within the assertions.svh header.
Use $sformatf() to compose a formatted string before passing it as descriptive message to the assertions macros.
Use $sformatf() to compose a formatted string before passing it as descriptive message to the assertions macros.
Avoid line-length lint warnings by distributing ASSERT macros over multiple lines, in particular moving log messages to the next line and shortening some of the messages.
michael-platzer
force-pushed
the
michael-platzer/feature/use-assert-macros
branch
from
edcce0a
to
ed55c2a
Compare
|
Thanks a lot @colluca and @phsauter for the reviews!
Agree, for the assertion macros this makes more sense, since they are intended to be defined globally anyways.
We could, but IMHO that is not consistent and would defeat the purpose to disable assertions in the
Good point, will add that. |
|
With the help of The compiled list of changes that could be added to next release changelog is as follows:
|
|
Please note that |
michael-platzer
force-pushed
the
michael-platzer/feature/use-assert-macros
branch
from
17746ff
to
f69ec8d
Compare
There was a problem hiding this comment.
Thank you very much @michael-platzer! Also @colluca and @phsauter for your thorough reviews! As far as I can tell, all changes are backwards-compatible. In particular, no new fatals were introduced. Could you confirm? In that case, I think this does not require a major release. Please let me know if you have any objections.
To the best of my knowledge, they should be.
That, I can confirm with certainty. Some |
This PR replaces all assertions (and assumes) in the common cells sources with macros from
assertions.svh.Additionally, the
assertions.svhitself is modified as follows:registers.svh.`ifndef VERILATORis removed because Verilator has supported assertions for a while now.SYNTHESIS) is added (so even if a tool defines, e.g.,SYNTHESIS, it still has the option to forcefully enable assertions by also definingASSERTS_OVERRIDE_ONnow — yes, there are tools out there that require that 🙄)."".In order to replace all the assertions in the sources while avoiding typos and other oversights as best as possible, I have replaced almost all of them using sed commands. The specific commands used for each change are part of the respective commit messages.
Some noteworthy subtle changes that go along with this move:
assertions.svhrequire that all assertions have a name, so I added one for all those who did not have one (and I tried to hard to keep them consistent).$fatal,$error, and sometimes$warningto report failing assertions. The macros inassertions.svhuniversally use$errorand all instances of$fatalare now changed to$error. I reviewed all those that used$warningbut since they all appear to be pretty critical issues as well, they now also use the macros which report an$error(the affected files aresrc/addr_decode_dync.sv,src/cdc_fifo_gray_clearable.sv,src/multiaddr_decode.sv, andsrc/spill_register_flushable.sv, so the authors of these @WRoenninger, @fabianschuiki, @zarubaf, @meggiman, and @colluca might want to take a look).assert initialorassert finalare now immediate assertions in ainitialorfinalblock, respectively.src/rr_arb_tree.sv,src/stream_omega_net.sv, andsrc/stream_xbar.svpreviously used a default disable (e.g.,default disable iff (~rst_ni);), which btw is also not supported by Verilator. Each assertion macro has andisable iff !rst_niinstead, so I removed those.Also, the following files make use of assertions in a pretty advanced/adventurous way (which btw also causes Verilator 5.018 to fail as reported in #229):
src/addr_decode_dync.sv: Includes a hugealwaysblock withassumes all over the place.src/multiaddr_decode.sv: Again analwaysblock with anassumein it.I'd like to ask the respective authors (@WRoenninger and @colluca) to review the changes to these files (you are of course welcome to review changes to the other files as well).
Merging this PR closes #232.