JOVANA
Library Glossary Getting Started Three Levels Fields How it works Mission
Join the mission
All guides

Setup and Hold: The Two Rules Every Path Must Obey

A flip-flop is like a tollbooth camera: it snaps a photo of the data at the exact instant the clock ticks. For that photo to be sharp, the data must be **steady before the click and steady just after it** — too late and you get a blur, too early and you get the next car. Those two demands are **setup** and **hold**, the only two timing rules a synchronous chip ever has to obey. In eleven minutes you'll see why they pull in opposite directions, why a slow path breaks one and a fast path breaks the other, and why fixing one can quietly break the other.

The flip-flop's two demands: a window around the clock edge

In rung 1 you met the timing path: a launch flip-flop fires data on a clock edge, the data races through some logic, and one clock tick later a capture flip-flop must read a stable value. That story had a comforting vagueness — "the data must arrive in time." This rung makes it sharp. A real flip-flop does not sample the instant the clock rises; it sampling is a tiny physical act of catching electrons in a feedback loop, and that act needs the data to hold still for a sliver of time on both sides of the edge.

Those two slivers have names. The setup time (t_su) is how long the data must already be stable before the clock edge — the run-up. The hold time (t_h) is how long the data must stay stable after the edge — the follow-through. Together they carve out a forbidden zone around every rising edge: a window inside which the data input is simply not allowed to change. Violate it and the flip-flop may capture a half-formed value, a glitch, or — worst of all — drift into metastability, an undecided state hovering between 0 and 1 that can take an unpredictable, sometimes catastrophic, amount of time to resolve.

THE FORBIDDEN WINDOW AROUND ONE CLOCK EDGE

  CLK    ____________|‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
                     ^ capture edge (rising)
                     |
         <-- t_su -->|<-- t_h -->
         ___________|___________
  D      XXXXXXXXXXX|‾‾‾‾‾‾‾‾‾‾‾XXXXXXXXX
         valid &    | valid &   may change
         stable     | stable    again here
                     |
         |<<<<<< must NOT change >>>>>>|
              (the setup/hold window)

  Inside the window the data MUST be steady.
  Break the left edge of it  -> SETUP problem (data too late).
  Break the right edge of it -> HOLD  problem (data too early).
Every capture edge has a small window — t_su before, t_h after — in which the data input must stay rock-steady.

The setup check: data must arrive early enough

Picture a relay race where the baton must be handed over before the whistle blows, with a moment to spare. The launch flip-flop fires the baton (the data) on one clock edge; it runs through the logic; and it must reach the capture flip-flop's door and stand still at least t_su *before* the next clock edge arrives. The setup check asks one question: does the data make it in time, with the setup margin to spare? If the path is too slow, the baton is still in flight when the whistle blows — that is a setup violation.

Let's write it as the chip sees it. The data's arrival time at the capture flop is the launch edge time plus the clock-to-Q delay of the launch flop (t_cq, how long after its own edge the launch flop actually drives its output) plus the combinational logic delay through the path (t_logic). The required time — the deadline — is the capture edge (one clock period T later) minus the setup time we must reserve. The setup check is simply arrival ≤ required.

SETUP CHECK  (the LATE / slow-path check)

  arrival_time   = T_launch + t_cq + t_logic(MAX)
  required_time  = T_capture - t_su            = T_launch + T - t_su

  PASS if:  arrival_time  <=  required_time

  i.e.   t_cq + t_logic(MAX)   <=   T - t_su

  Read it in words:
    "clock-to-Q  +  worst-case logic delay
         must fit inside one clock period,
         minus the setup time we owe the capture flop."

  Note: setup uses the MAXIMUM (slowest) path delay,
        because the worst enemy of a deadline is slowness.
The setup inequality: the launch delay plus the slowest logic must finish before the deadline T − t_su.

The hold check: data must not change too soon

Now flip the worry around. The setup check feared the data arriving too late for *this* clock edge. The hold check fears the data arriving too early — so early that it corrupts the value the capture flop is trying to grab on the same edge it was launched. Here is the subtle part: the launch and capture flops share the clock, so when an edge fires the launch flop, that *same* edge is also the one the capture flop uses to sample. If new data races through the logic so quickly that it reaches the capture flop's door before the old data has been safely latched, the capture flop grabs the wrong value.

So the hold check guards the right edge of that forbidden window. The new data must not arrive until at least t_h after the capture edge. Its arrival time is the *same* launch edge plus t_cq plus the minimum logic delay (the fastest, shortest path — because the danger here is data being too quick). The required time is the capture edge plus the hold time. The hold check is arrival ≥ required — the opposite direction of the setup inequality.

HOLD CHECK  (the EARLY / fast-path check)

  Both flops sample on the SAME edge here (no +T !):

  arrival_time   = T_launch + t_cq + t_logic(MIN)
  required_time  = T_launch + t_h

  PASS if:  arrival_time  >=  required_time

  i.e.   t_cq + t_logic(MIN)   >=   t_h

  Read it in words:
    "new data must take LONGER to arrive than the
         hold time, so the OLD data is safely captured
         before the new data overwrites it."

  Note: hold uses the MINIMUM (fastest) path delay,
        and the clock period T does NOT appear at all.
The hold inequality: the fastest possible new data must still take longer than the hold time — and T plays no part.

A worked example: watching the two rules fight

Numbers make this concrete. Take a path between two flip-flops with a 1 GHz clock, so the period T = 1000 ps. From the cell library: clock-to-Q t_cq = 80 ps, setup time t_su = 50 ps, hold time t_h = 40 ps. The logic between the flops has a worst-case (max) delay of t_logic(max) = 700 ps and, because some inputs take a shortcut through a single gate, a best-case (min) delay of t_logic(min) = 30 ps. Let's run both checks.

GIVEN:  T = 1000 ps   t_cq = 80   t_su = 50   t_h = 40
        t_logic(max) = 700      t_logic(min) = 30   (all ps)

-- SETUP (late check, uses MAX logic) --------------------
  arrival  = t_cq + t_logic(max) = 80 + 700 = 780 ps
  required = T - t_su            = 1000 - 50 = 950 ps
  slack    = required - arrival  = 950 - 780 = +170 ps   PASS
      "Data lands 170 ps before its deadline." Comfortable.

-- HOLD (early check, uses MIN logic, NO T) --------------
  arrival  = t_cq + t_logic(min) = 80 + 30  = 110 ps
  required = t_h                 =            40 ps
  slack    = arrival - required  = 110 - 40  = +70 ps    PASS
      "New data is 70 ps slower than the hold needs." Safe.

Both pass -> this path is clean at 1 GHz.
Both checks on one path: setup compares against T − t_su using the slow path; hold compares against t_h using the fast path.

Now watch them fight. Suppose this path failed setup — say the logic was actually 1000 ps, giving arrival 1080 ps against a required 950 ps, a setup slack of −130 ps. The instinct is to make the logic faster. But what if a junior engineer instead "fixed" it by inserting buffers to *slow the clock arrival* at the launch flop, or worse, what if someone shaves the logic so aggressively that the short path drops to 0 ps? Then the hold arrival becomes 80 + 0 = 80 ps against a required 40 ps — still fine here, but you can feel the tension: anything you do to speed up the long path risks speeding up the short path too, eating into hold margin.

Two violations, two completely different fixes

Because the two checks live on opposite sides of the window and use opposite extremes of the path delay, their cures are opposites too — and confusing them is one of the most common beginner mistakes. A setup violation means the long path is too slow to make the deadline. You fix it by buying time: speed up the logic or relax the deadline.

  1. Fix a setup violation by making the long path faster — resize gates to bigger, stronger drivers; cut logic levels with better synthesis; use lower-threshold (faster, leakier) cells on the critical path; or split the path with pipelining.
  2. Or fix setup by relaxing the deadline — lower the clock frequency (a longer period T), the brute-force escape hatch that trades performance for margin.
  3. Fix a hold violation the opposite way — by making the short path *slower*. The standard tool is buffer (delay) insertion: drop extra cells onto the too-fast path purely to add picoseconds, so the new data no longer beats the hold time.

A hold violation means the short path is too *fast* — new data overwrites the old before it's safely caught. The cure feels almost paradoxical the first time you meet it: you deliberately add delay to a path that already works logically, slowing it down by inserting buffers whose only job is to waste a few picoseconds. You are not adding logic; you are adding length to the racetrack so the runner can't reach the finish line early.

From two rules to one number

Step back and the whole of timing analysis is just these two inequalities, applied to every path on the chip at once. Setup: the slowest data must arrive before T − t_su. Hold: the fastest data must arrive after t_h. One guards against being late, the other against being early; one cares about the clock period, the other ignores it entirely; one is cured by speed, the other by delay. Master the difference and you have the conceptual core of static timing analysis — everything later (clock skew, corners, crosstalk) is a refinement of *how accurately* we compute the arrival and required times in these same two checks.

There is one more step that turns these pass/fail inequalities into the single number engineers actually live by. In each check, take the difference between the required time and the arrival time — that gap is the slack. Positive slack means margin to spare; negative slack means a violation, in exactly the amount you're short. In our worked example the setup slack was +170 ps and the hold slack +70 ps: both positive, both safe. In rung 3 we'll make slack the protagonist, learn to read it line-by-line off a real timing report, and use it to find the one path — the critical path — that sets the speed limit of the entire chip.