Intel® Quartus® Prime Standard Edition User Guide: Design Compilation

ID 683283
Date 9/24/2018
Public
Document Table of Contents

3.4.12. Safe State Machine

The Safe State Machine logic option and corresponding syn_encoding attribute value safe specify that the software must insert extra logic to detect an illegal state, and force the transition of the state machine to the reset state.

A finite state machine can enter an illegal state—meaning the state registers contain a value that does not correspond to any defined state. By default, the behavior of the state machine that enters an illegal state is undefined. However, you can set the syn_encoding attribute to safe or use the Safe State Machine logic option if you want the state machine to recover deterministically from an illegal state. The software inserts extra logic to detect an illegal state, and forces the transition of the state machine to the reset state. You can use this logic option when the state machine enters an illegal state. The most common cause of an illegal state is a state machine that has control inputs that come from another clock domain, such as the control logic for a clock-crossing FIFO, because the state machine must have inputs from another clock domain. This option protects only state machines (and not other registers) by forcing them into the reset state. You can use this option if your design has asynchronous inputs. However, Altera recommends using a synchronization register chain instead of relying on the safe state machine option.

The safe state machine value does not use any user-defined default logic from your HDL code that corresponds to unreachable states. Verilog HDL and VHDL enable you to specify a behavior for all states in the state machine explicitly, including unreachable states. However, synthesis tools detect if state machine logic is unreachable and minimize or remove the logic. Synthesis tools also remove any flag signals or logic that indicate such an illegal state. If the software implements the state machine as safe, the recovery logic added by Intel® Quartus® Prime Integrated Synthesis forces its transition from an illegal state to the reset state.

You can set the Safe State Machine logic option globally, or on individual state machines. To set this logic option, click Assignments > Settings > Compiler Settings > Advanced Settings (Synthesis).

Table 18.  Setting the syn_encoding safe attribute on a State Machine in HDL
HDL Code
Verilog HDL
reg [2:0] my_fsm /* synthesis syn_encoding = "safe" */;
Verilog-2001 and SystemVerilog
(* syn_encoding = "safe" *) reg [2:0] my_fsm;
VHDL
ATTRIBUTE syn_encoding OF my_fsm : TYPE IS "safe";

If you specify an encoding style, separate the encoding style value in the quotation marks with the safe value with a comma, as follows: "safe, one-hot" or "safe, gray".

Safe state machine implementation can result in a noticeable area increase for your design. Therefore, Altera recommends that you set this option only on the critical state machines in your design in which the safe mode is necessary, such as a state machine that uses inputs from asynchronous clock domains. You may not need to use this option if you correctly synchronize inputs coming from other clock domains.

Note: If you create the safe state machine assignment on an instance that the software fails to recognize as a state machine, or an entity that contains a state machine, the software takes no action. You must restructure the code, so that the software recognizes and infers the instance as a state machine.