1 / 39

Clock Domain Crossing (CDC)

Gain insights on clock domain crossing (CDC), basic synchronizers, datapaths, and more. Learn about risks, sync techniques, and checks with tools like Conformal. Understand off-by-one issues and grey codes in this comprehensive lecture. Stay informed in the field.

pkenneth
Download Presentation

Clock Domain Crossing (CDC)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Clock Domain Crossing (CDC) Erik Seligman CS 510, Lecture 17, March 2009

  2. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  3. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  4. What Is A Clock Domain Crossing (CDC)? • Different clocks within a single design • Many possible reasons, here are a few: • Complying with multiple protocols • SoC Integration: IP from many sources • Saving area/power, limiting fast clock use • Dangers when signals cross domains • Incorrect functionality if not synced • Not properly covered by validation

  5. Review: Setup & Hold Time • Each flop has a setup and hold time • Setup time: Time before clk edge • Hold time: Time after clk edge • Data expected ready by setup time, and stable during hold time clk data_good bad_setup bad_hold

  6. Problems At Asynchronous Clock Domain Crossings • When does new value arrive? • Source clk not coordinated with dest clk • Chance of arriving in setup/hold window • What does this mean? • Possibility of ‘metastable’ (halfway) state • Value may settle either way • Multiple fanouts may detect different values 1 1 good 0 0 bad

  7. Why Discuss in FV Class? • CDC is low hanging fruit for FV vendor • Needs deeper analysis than typical linting • But light checks compared to hardcore FV  CDC often done with FV tools • Mentor 0in, Cadence Conformal, RealIntent • In other direction, Lint vendors expanding to CDC: Synopsys LEDA, Atrenta Spyglass • Some CDC checks may add assertions • For checking in simulation or FV

  8. CDC Checks in Simulation • Simulation: inject random metastability • Useful, but hard to get right • Sometimes delay a value change • Allow 1-cycle value to be missed • Depends on # of random tests • Technique beyond scope of this class • Class is on formal methods!

  9. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  10. How To Safely Cross Domains? • Require synchronizer: structure to reduce risk of metastability • Simplest synchronizer: two flops • Metastability very unlikely: second flop will choose a value if first is metastable • One-cycle uncertainty in transition • Account for in the logic! f3 data f1 f2 out ck ck2

  11. Basic CDC Checks • Structural: Identify asynchronous CDCs • Note: synchronous signals are OK, little metastability risk if properly timed • But same-frequency != synchronous • If no synchronizer, report error • Functional: Assert signal held long enough • Due to uncertainty of capture time • Hold for 2+ receiver cycles: create assert • May need longer depending on relative freq • More detailed discussion in TOV lecture

  12. Another Check: Combo Logic data[2] f1a ck f3 data[1] f1b f2 out[1] ck ck2 • Why is combo logic bad on sync path?

  13. Another Check: Combo Logic data[2] f1a 0->1 ck 0? f3 data[1] f1b f2 out[1] 0->1 ck ck2 • Why is combo logic bad on sync path? • Remember: uncertain capture time • Suppose f1a and f1b both transition 01

  14. Another Check: Combo Logic data[2] f1a 0->1, but slower ck 1 f3 data[1] f1b f2 out[1] 0->1 ck ck2 • Why is combo logic bad on sync path? • Remember: uncertain capture time • Suppose f1a and f1b both transition 01 • For an instant, maybe f1a!=f1b… •  f2 == 1

  15. Danger: False Negatives! • CDC can be a ‘noisy’ check • Many reported unsynced crossings are OK • Common reasons for false negatives?

  16. Danger: False Negatives! • CDC can be a ‘noisy’ check • Many reported unsynced crossings are OK • Common reasons for false negatives? • Constant signals (VSS, VCC) • Near-constant signals • Parameters set during reset & never changed • Reset pins! • Alternate-mode signals • Valid in only some operating modes, includes clk • Scan and other ultra-slow interfaces • Use your tool carefully & specify these things! • “Blind” run rarely seen as valuable • Don’t waste DE time reporting bogus errors

  17. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  18. Datapaths & Off-By-One Issue f3 data[2] f1 f2 out[2] ck ck2 f3 data[1] f1 f2 out[1] ck ck2 f3 out[0] data[0] f1 f2 ck ck2 • What happens on transition from 000 to 111?

  19. Datapath Problem • Each synchronizer may be off by a cycle • All are independent • So during transition from 000 to 111, may sense 001, 010, 011, … or any other value! • Can we solve thru logic requirements? • Need to make sure only one bit can change • Then we know only real values are seen

  20. Grey Codes: A Functional Solution • Common solution to datapath issue • Allow only one bit to change at a time • Thus, any value seen *did* actually appear • From 000, can only go to: 100,010,001 • And if the bit changes a cycle soon/late, only a real value is seen • 2-bit grey codes example: 00,01,11,10 • Can check with generated assertions • Functional (FPV-like) check in general

  21. SVA Assertion: Grey Code • “Signal foo[6:0] is grey-coded” • Can you translate to SVA?

  22. SVA Assertion: Grey Code • “Signal foo[6:0] is grey-coded” • Can you translate to SVA? gc_assert: assert property ( $countones(foo ^ $past(foo)) <= 1);

  23. Reconvergence Problem • More general view of datapath issue • Problem: reconvergence of synced bits • CDC checks can flag cases • Is there a better way to synchronize? • Such that grey codes aren’t needed • Yes! • Have control signal coordinate data with mux

  24. Mux-Based Sync f3 data[1] f1 out[1] ck ck2 out[0] data[0] f1 f3 ck en

  25. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  26. Handshake/FIFO Protocols • Clock freq maybe configurable / unknown • Hard to design previous syncs for all cases • Hard to properly check for all cases • Maybe sometimes overconservative • Solution: handshake protocols • Sender stores data in FIFO • Explicit request/response for data • More logic & harder to check, but powerful

  27. Handshake Sync Example (From Cadence white paper, see References)

  28. Agenda • Introduction to Clock Domain Crossing (CDC) • Basic Synchronizers • Datapaths and Reconvergence • Handshake Synchronization • Checking CDCs With Conformal

  29. Conformal CDC Checks • Included with Conformal license • That’s why we have it! • Set up env for Conformal version 8 • zsh • source ~eseligma/startup.cadence8 • Start lec with ‘-verify’ option • Actually runs separate core binary • Don’t try to do FEV in same session

  30. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase -extract add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  31. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase –extract add clock 0 clk1 add clock 0 clk2 set sys mode verify add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  32. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase –extract add clock 0 clk1 add clock 0 clk2 set sys mode verify add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  33. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase –extract add clock 0 clk1 add clock 0 clk2 set sys mode verify add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  34. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase –extract add clock 0 clk1 add clock 0 clk2 set sys mode verify add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  35. Sample LEC CDC Do File(Structural Checks) read design <RTL design> set clock_domain rule -derived -either_phase –extract add clock 0 clk1 add clock 0 clk2 set sys mode verify add synchronization rule dff_sync -dff 2 infinity -sync_chain buffer -cdc_path buffer single_destination -from -all -to -all add synchronization rule all2allmux2 -mux 0 0 -cdc_path buffer single_destination -from -all -to -all set cdc option -convergence_check add cdc check -structural -source -all -destination -all -from -all -to -all validate

  36. Debugging with Tools Menu: Clock Domain Crossing

  37. Diagnosing A Missing Sync

  38. Diagnosing A Convergence Issue

  39. References / Further Reading • http://www.edadesignline.com/howto/205201913;jsessionid=Y5OIFHG055FBKQSNDLPSKHSCJUNN2JVN?pgno=1 • http://w2.cadence.com/whitepapers/cdc_wp.pdf • http://www.techonline.com/article/pdf/showPDFinIE.jhtml?id=2069034541 • http://www.design-reuse.com/articles/9482/reducing-false-errors-in-clock-domain-crossing-analysis.html

More Related