[hmac, rtl] Increase coverage through minor RTL restructure #25766
Conversation
hw/ip/hmac/rtl/hmac_core.sv
Outdated
| end else begin | ||
| if (sel_msglen == SelIPadMsg) begin |
There was a problem hiding this comment.
I'm not sure I understand this change: why couldn't this be part of the else if chain that's there already?
There was a problem hiding this comment.
By writing it this way, an uncovered line and branch can be avoided in the else branch.
always_comb begin: assign_sha_message_length
sha_msg_len = '0;
if (!hmac_en_i) begin
// ...
end else if (sel_msglen == SelIPadMsg) begin
// ...
end else if (sel_msglen == SelOPadMsg) begin
// ...
end else
sha_msg_len = '0; // <===== uncovered line and branch
endThere was a problem hiding this comment.
I agree, but I think started with something like this:
if A begin:
...
end else if B begin:
...
end else if C begin:
...
end else begin:
... // Not possible!
endI'd agree with changing it to:
if A begin:
...
end else if B begin:
...
end else begin:
...
end(and adding an assertion that says A || B || C somewhere).
But I think your change is turning it into:
if A begin:
...
end else begin
if B begin:
...
end else begin:
...
end
end(Or have I misunderstood something?)
There was a problem hiding this comment.
You're right. I'll change it.
hw/ip/hmac/rtl/hmac_core.sv
Outdated
| end else begin // SHA384 || SHA512 | ||
| sha_msg_len = message_length_i + BlockSizeSHA512in64; | ||
| end | ||
| end else begin // `SelOPadMsg` |
There was a problem hiding this comment.
I agree with this, but (again) it's probably worth sticking an assertion at the bottom that says the comment is always true :-)
There was a problem hiding this comment.
Having added the assertion (looking at the new failing tests), I see now that the value of digest_size_i may not be SHA2_256, SHA2_384, or SHA2_512 when hmac_en_i is 1. It can also take the value SHA2_NONE. Checking with @martin-velay.
| fifo_st_d = FifoIdle; | ||
| fifo_st_d = fifo_st_q; |
There was a problem hiding this comment.
This isn't really a review comment, but I'm interested! Why is this change needed?
There was a problem hiding this comment.
Assigning a default state at the beginning of the FSM combinatorial block shows up as an uncovered FSM transition in the report.
There was a problem hiding this comment.
Ahah! That makes sense. Although don't we see the "transition" whenever we move to FifoIdle?
There was a problem hiding this comment.
True, I don't understand why the default state assignment is marked as an uncovered transition.
There was a problem hiding this comment.
IIRC the FSM transition is covered but the tool identifies the default case statement as having no effect.
|
To breathe some life into this, how about this strategy: We only change one of the conditional always_comb begin: assign_sha_message_length
sha_msg_len = '0;
if (!hmac_en_i) begin
sha_msg_len = message_length_i;
// HASH = (o_pad || HASH_INTERMEDIATE (i_pad || msg))
// message length for HASH_INTERMEDIATE = block size (i_pad) + message length
end else if (sel_msglen == SelIPadMsg) begin
if (digest_size_i == SHA2_256) begin
sha_msg_len = message_length_i + BlockSizeSHA256in64;
end else if ((digest_size_i == SHA2_384) || (digest_size_i == SHA2_512)) begin
sha_msg_len = message_length_i + BlockSizeSHA512in64;
end else begin
sha_msg_len = '0; // <== THIS LINE/BRANCH IS COVERED
end
end else begin // `SelOPadMsg`
// message length for HASH = block size (o_pad) + HASH_INTERMEDIATE digest length
if (digest_size_i == SHA2_256) begin
sha_msg_len = BlockSizeSHA256in64 + 64'd256;
end else if (digest_size_i == SHA2_384) begin
sha_msg_len = BlockSizeSHA512in64 + 64'd384;
end else begin // SHA512
sha_msg_len = BlockSizeSHA512in64 + 64'd512;
end
end
endKeep the changes alongside assertions in With this we have 100% line coverage. What's left are two exclusion agreed upon in #24692 for missing else branches in |
andrea-caforio
force-pushed
the
hmac-plug-coverage-holes
branch
from
83e03aa to
8ebbf11
Compare
andrea-caforio
force-pushed
the
hmac-plug-coverage-holes
branch
from
8ebbf11 to
b9211c0
Compare
|
Can someone take a look at this? There is one unrelated test |
There was a problem hiding this comment.
Thanks for the update @andrea-caforio. This looks mostly good but I have some comments regarding indentation and some of the assertions.
Also, what do you mean by:
the unreachability exclusions for the default FSM states
when talking about what's left? Can you elaborate on this please?
hw/ip/hmac/rtl/hmac_core.sv
Outdated
| // Assertions // | ||
| //////////////// | ||
|
|
||
| `ASSERT(ValidSelRdata_A, hmac_en_i |-> sel_rdata != 2'b11) |
There was a problem hiding this comment.
instead of sel_rdata != 2'b11 please write sel_rdata inside {SelIPad, SelOPad, SelFifo}. This more robust. The point of using an enum here is exactly to not care about the precise encoding.
hw/ip/hmac/rtl/hmac_core.sv
Outdated
| if (digest_size_i == SHA2_256) begin | ||
| sha_msg_len = message_length_i + BlockSizeSHA256in64; | ||
| end else if ((digest_size_i == SHA2_384) || (digest_size_i == SHA2_512)) begin | ||
| sha_msg_len = message_length_i + BlockSizeSHA512in64; | ||
| end else begin | ||
| sha_msg_len = '0; | ||
| end |
There was a problem hiding this comment.
The indentation is off here: it should be 2 spaces instead of 4.
hw/ip/hmac/rtl/hmac_core.sv
Outdated
| end else begin | ||
| sha_msg_len = '0; |
There was a problem hiding this comment.
I don't think this is really necessary as this is the default assignment (See line 208). Can you please confirm?
There was a problem hiding this comment.
The tricky thing here is the fact that it is possible that digest_size_i == SHA2_NONE when hmac_en_i && sel_msglen == SelIPadMsg, which is incompatible with the assertion for the other branch sel_msglen == SelOPadMsg where digest_size_i == SHA2_NONE is an impossible value.
It's a rare occurrence but I've encountered it in some of the tests.
There was a problem hiding this comment.
Ah now I understand. Thanks for explaining.
Can you please add a comment for that and correct the indentation?
hw/ip/prim/rtl/prim_sha2_pad.sv
Outdated
| `ASSERT(ValidDigestModeFlag_A, sel_data inside {Pad80, LenHi, LenLo} |-> | ||
| digest_mode_flag_q inside {SHA2_256, SHA2_384, SHA2_512}) |
There was a problem hiding this comment.
This should be extended to also cover the case on Line 357. Because inc_txcount can be high without sel_data inside {Pad80, LenHi, LenLo}.
Thank you for the review @vogelpi. What I'm referring to here are uncovered branches with respect to the default FSM states. There are three of them:
All other FSM default states branches have been excluded in the |
Thanks this is now clear. For other and hardened modules/FSMs we trigger those default statements by injecting errors into the sparsely encoded FSM states. We don't do this here because the HMAC FSMs are not hardened. All clear now. |
In light of the V3 signoff, this commits adapts certain RTL parts that induced uncoverable coverage holes. There are two types of changes: 1. Removal of dangling else branches that are impossible to cover. 2. Removal of uncoverable FSM default state assignments. Both changes have no functional impact and are only cosmetic in nature in order to attain the demanded coverage thresholds. See lowRISC#24692, for a detailed discussion of these changes. Signed-off-by: Andrea Caforio <[email protected]>
andrea-caforio
force-pushed
the
hmac-plug-coverage-holes
branch
from
b9211c0 to
785e853
Compare
In light of the V3 signoff, this commits adapts certain RTL parts that induced uncoverable coverage holes. There are two types of changes:
Both changes have no functional impact and are only cosmetic in nature in order to attain the demanded coverage thresholds. See #24692, for a detailed discussion of these changes.