AMBA AXI · Module 17
Wrong LEN / Wrong SIZE
Diagnose AXI bursts whose declared shape is wrong — a mis-set AxLEN (beat count) or AxSIZE (bytes per beat) that makes producer and consumer disagree on how many beats and how wide each is. Why these are 'silent contract' bugs that can hang, truncate, mis-place data, or corrupt the address stream, and the cross-check that catches them.
A missing LAST (17.2) breaks where the burst ends; a wrong AxLEN or AxSIZE breaks what the burst is. AxLEN declares the beat count (LEN+1 beats) and AxSIZE declares the bytes per beat (the transfer width); together they define the burst's shape and its total byte span. When either is wrong — mis-latched, mis-computed, or mis-driven — producer and consumer disagree on the contract itself, and LAST may even fire consistently with the wrong LEN, so the burst looks internally valid while being the wrong shape. This is the most insidious layer of burst bugs: it can hang (like a LAST problem), truncate, mis-place data at wrong addresses, or corrupt the address stream — and the fix requires checking the declared fields against what was intended, not just internal consistency. This chapter diagnoses both.
1. What LEN and SIZE Declare
AxLEN and AxSIZE are the burst's contract. AxLEN = number of beats minus one (so AWLEN=3 means 4 beats). AxSIZE = log2 of the bytes per beat (so AWSIZE=2 means 4 bytes/beat), which must not exceed the data bus width and which positions data on the correct byte lanes. The total bytes moved is (LEN+1) << SIZE, and the per-beat address advance (for INCR) is 1 << SIZE. Get either field wrong and every downstream computation — beat count, addressing, byte lanes, total span — is wrong.
2. Wrong LEN: Beat-Count Mismatch
A wrong AxLEN means producer and consumer disagree on how many beats. If the slave latches (or the master drives) a LEN larger than the actual data, the slave waits for beats that never come → hang (it looks like a missing-LAST hang, but the root is the wrong count). If LEN is smaller than the data, the burst ends early and extra beats are orphaned or misattributed → truncation/corruption (it looks like a premature-LAST problem). The tell-tale that distinguishes wrong-LEN from a LAST-timing bug: here LAST fires consistently with the (wrong) LEN — the burst is internally self-consistent but the declared length itself is wrong.
Wrong AWLEN — self-consistent but wrong-length burst
9 cycles3. Wrong SIZE: Beat-Width and Lane Mismatch
A wrong AxSIZE means producer and consumer disagree on how wide each beat is. The consequences are subtler than wrong-LEN because the beat count may be right while the data is mis-placed: a wrong SIZE changes the per-beat address increment (1 << SIZE) and the byte-lane mapping, so data lands at the wrong addresses or on the wrong byte lanes, and an oversized SIZE (exceeding the bus width) is an outright protocol violation. The total span (LEN+1) << SIZE is also wrong, which for INCR can push the burst across a 4 KB boundary it shouldn't, or misalign a WRAP.
4. The Cross-Check: Declared Fields vs. Intended
Because a wrong LEN/SIZE makes the burst internally self-consistent (the LAST-vs-count check passes, the beats are well-formed), the only way to catch it is to compare the declared fields against what was intended — the reference model's expected transaction (16.4). The scoreboard knows the intended address, length, and size for each transaction (from the test's intent or the address map), so it flags a LEN/SIZE that doesn't match even when the burst is internally valid. Protocol assertions catch the illegal cases (oversized SIZE, span crossing 4 KB), but the wrong-but-legal case needs the reference model.
5. Common Misconceptions
6. Debugging Insight
7. Verification Insight
8. Interview Questions
9. Summary
A wrong AxLEN or AxSIZE breaks what the burst is — its declared shape — as opposed to where it ends (17.2) or whether beats transfer (17.1). AxLEN sets the beat count (LEN+1); AxSIZE sets the bytes per beat (1 << SIZE), the address increment, and the byte-lane mapping; together they set the total span (LEN+1) << SIZE and where LAST should fire — so a single wrong field corrupts beat count, addressing, lanes, and span. Wrong LEN makes producer and consumer disagree on beat count: too large → hang (waits for beats that never come), too small → truncation/corruption — and critically, LAST fires consistently with the wrong LEN, so the burst is internally self-consistent but the wrong shape. Wrong SIZE is subtler: the beat count can be right while data is mis-placed at wrong addresses or lanes (silent corruption), with oversized SIZE being an illegal encoding and a wrong span crossing 4 KB or misaligning a WRAP.
Because a wrong-but-legal LEN/SIZE passes every protocol check (legality and LAST-vs-count), catching it requires two levels: protocol assertions for the illegal cases (oversized SIZE, 4 KB-crossing span, illegal WRAP length), and the reference-model scoreboard comparing declared fields against intent for the wrong-but-legal cases. This is the chapter's deepest lesson — internal consistency is necessary but not sufficient for burst correctness; only an independent statement of intent catches a flawlessly self-consistent but wrong-shaped burst, which is the compliance-vs-correctness split (16.1) made concrete at the field level. Across 17.1→17.3 the bug moves from "a beat won't transfer" to "the end-marker is wrong" to "the declared contract is wrong," each requiring a check one level further from the raw signals. Next, we examine wrong WSTRB — where the data that arrives is corrupted at the byte level.
10. What Comes Next
You can now catch a wrong burst shape; next, byte-level data corruption:
- 17.4 — Wrong WSTRB (coming next) — diagnosing corrupted data from bad byte strobes, where the burst shape is right but individual bytes are written or masked incorrectly.
Previous: 17.2 — Missing LAST. Related: 7.5 — Burst Address Calculation for how SIZE drives the per-beat address, 7.6 — The 4 KB Boundary Rule for the span constraint, and 16.4 — AXI Scoreboards for the reference model that checks shape against intent.