Metastability, Explained

Metastability is the heart of every CDC problem. Understand it once and every synchronizer design makes sense.

The marble on a hill picture

Think of a flip-flop deciding its output like a marble balanced on top of a hill. Pushed clearly one way it rolls to 0, clearly the other way it rolls to 1. But if it is nudged right at the peak, it can balance there for a while before finally falling one way. The time it balances is unpredictable. That balancing is metastability.

A flop goes metastable when its data input changes inside the setup or hold window. With an asynchronous source you cannot stop this from happening, only make it extremely unlikely to cause a problem.

It resolves, but in unknown time

A metastable output does settle to a valid 0 or 1 on its own, usually very quickly. The danger is only if downstream logic samples it before it settles. So the fix is always the same idea: give the signal more time to settle before anything uses it.

MTBF - measuring the risk

We quantify metastability risk as Mean Time Between Failures. The more settling time you allow, the exponentially longer the MTBF.

MTBF = e^(t_r / tau) / (T0 * f_clk * f_data)

t_r    = settling time you allow before the signal is used
tau    = device settling time constant (a library property)
T0     = a small device constant (the metastability window)
f_clk  = destination sampling clock frequency
f_data = rate at which the source signal toggles

The key term is the exponential: e to the power of (settling time over tau). Every extra bit of settling time multiplies the MTBF, which is exactly why adding a second flip-flop helps so much.