ASSERT FvbNorFlashStandaloneMm.c(978): ((BOOLEAN) (0==1))

Hello,

I am trying to do OTA update from R35.6.0 to R35.6.0, (same version) but I get following ASSERT .

[Tue Aug 19 10:44:14.214 2025] I/TC: Reserved shared memory is disabled
[Tue Aug 19 10:44:14.226 2025] I/TC: Dynamic shared memory is enabled
[Tue Aug 19 10:44:14.242 2025] I/TC: Normal World virtualization support is disabled
[Tue Aug 19 10:44:14.259 2025] I/TC: Asynchronous notifications are disabled
[Tue Aug 19 10:44:14.593 2025] I/TC: WARNING: Test UEFI variable auth key is being used !
[Tue Aug 19 10:44:14.611 2025] I/TC: WARNING: UEFI variable protection is not fully enabled !
[Tue Aug 19 10:44:14.928 2025]
[Tue Aug 19 10:44:14.928 2025] ASSERT [FvbNorFlashStandaloneMm] /dvs/git/dirty/git-master_linux/out/nvidia/optee.t194-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(978): ((BOOLEAN)(0==1))

We tested earlier but never faced this issue. Suddenly, since yesterday, this ASSERT started to appear. Could you please let me know the reason ?

FYI: If I do an update from R35.4.1 to R35.6.0, this assert doesn’t appear.

How can I resolve this ?

BRegards

*** Please note that this reply is generated by LLM automatically ***

The issue you’re experiencing is related to the UEFI firmware and the OTA update process on the Jetson AGX Orin module. The ASSERT message you’re seeing is likely caused by a mismatch between the UEFI firmware version and the Linux kernel version.

The messages you’re seeing, such as “ITC Reserved shared memory is disabled” and “ITC Dynamic shared memory is enabled”, are related to the UEFI firmware’s configuration and are not directly related to the ASSERT message.

The ASSERT message itself is coming from the FvbNorFlashStandaloneMm module, which is part of the UEFI firmware. The message is indicating that the dvsgitdirtygitmasterlinuxoutnvidiaopteet234uefiStandaloneMmOpteeRELEASEedk2nvidiaSiliconNVIDIADriversFvbNorFlashDxeFvbNorFlashStandaloneMmc978 BOOLEAN01 variable is not set correctly.

This variable is related to the UEFI firmware’s secure boot feature, and it’s possible that the OTA update process is not correctly updating the UEFI firmware’s configuration.

To resolve this issue, you can try the following:

1. Check the UEFI firmware version: Make sure that the UEFI firmware version is compatible with the Linux kernel version you’re trying to update to. You can check the UEFI firmware version by running the fw_printenv command in the UEFI shell.
2. Update the UEFI firmware: If the UEFI firmware version is not compatible with the Linux kernel version, you may need to update the UEFI firmware to a newer version. You can do this by running the flash.sh script provided by NVIDIA, which will update the UEFI firmware to the latest version.
3. Disable secure boot: If the secure boot feature is enabled, it may be causing the ASSERT message. You can try disabling secure boot by running the fw_setenv secureboot 0 command in the UEFI shell.
4. Check the OTA update process: Make sure that the OTA update process is correctly updating the UEFI firmware’s configuration. You can check the OTA update logs to see if there are any errors or warnings related to the UEFI firmware update.

It’s worth noting that the ASSERT message only appears when updating from R3560 to R3560, but not when updating from R3541 to R3560. This suggests that there may be a specific issue with the R3560 UEFI firmware version that’s causing the problem.

In comparison to other Jetson modules, the Jetson AGX Orin module has a different UEFI firmware configuration, which may be causing this issue. The Jetson Xavier NX and Jetson AGX Xavier modules have different UEFI firmware versions and configurations, which may not be affected by this issue.

In summary, the issue is likely caused by a mismatch between the UEFI firmware version and the Linux kernel version, and can be resolved by updating the UEFI firmware, disabling secure boot, or checking the OTA update process.

*** Please give the thumbs up if you get answers you like. Or provide feedback to help us improve the answer. ***

Sorry to interrupt, but actually I am using Jetson NX and not Orin.

I just copied the error in logs from Orin related post as I face the same error, but actually it is a Jetson NX T194 board.

Moving to Xavier NX forum.

hello adit_bhrgv,

please see-also Assertion issue in UEFI during boot to apply the patches for verification.

I checked the commits for release R35.x . These fixes have been included in R35.6.0 already which I am using.

We are using a Jetson NX custom carrier board A.

Strange this is: This issue didn’t pop up during our testing earlier on carrier board A and the update worked fine. It started to appear only recently out of sudden.
Nothing changed in Software from our side. And the same update works on other vendor carrier board B.

Debug minicom logs:

[0000.036] W> RATCHET: MB1 binary ratchet value 4 is larger than ratchet level 2 from HW fuses.
[0000.045] I> MB1 (prd-version: 2.6.0.0-t194-41334769-cab45716)
[0000.050] I> Boot-mode: Coldboot
[0000.053] I> Platform: Silicon
[0000.056] I> Chip revision : A02P
[0000.059] I> Bootrom patch version : 15 (correctly patched)
[0000.064] I> ATE fuse revision : 0x200                                                                                           
[0000.067] I> Ram repair fuse : 0x0                                                                                               
[0000.070] I> Ram Code : 0x0                                                                                                      
[0000.073] I> rst_source: 0x0, rst_level: 0x0                                                                                     
[0000.078] I> Boot-device: QSPI (instance: 0)                                                                                     
[0000.082] I> Qspi flash params source = brbct
[0000.086] I> Qspi clock source : pllp
[0000.089] I> Qspi-0 initialized successfully
[0000.093] I> Boot chain mechanism: A/B
[0000.097] I> Current Boot-Chain Slot: 1
[0000.100] I> BR-BCT Boot-Chain: 1, status: 0. update flag: 0
[0000.106] I> Qspi flash params source = brbct
[0000.114] W> PROD_CONFIG: device prod data is empty in MB1 BCT.
[0000.121] I> Temperature = 33500
[0000.124] W> Skipping boost for clk: BPMP_CPU_NIC
[0000.129] W> Skipping boost for clk: BPMP_APB
[0000.133] W> Skipping boost for clk: AXI_CBB
[0000.137] W> Skipping boost for clk: AON_CPU_NIC
[0000.141] W> Skipping boost for clk: CAN1
[0000.145] W> Skipping boost for clk: CAN2
[0000.149] I> Boot-device: QSPI (instance: 0)
[0000.153] I> Qspi flash params source = mb1bct
[0000.157] I> Qspi clock source : pllc_out0
[0000.161] I> Qspi-0 reinitialized
[0000.164] I> Qspi flash params source = mb1bct
[0000.179] I> Non-ECC region[0]: Start:0x80000000, End:0x100000000
[0000.186] W>  Thermal config not found in BCT
[0000.194] W>  MEMIO rail config not found in BCT
[0000.204] I> Qspi flash params source = mb1bct
[0000.220] I> Qspi flash params source = mb1bct
[0000.266] I> Qspi flash params source = mb1bct
[0000.854] I> Qspi flash params source = mb1bct
[0000.882] I> Qspi flash params source = mb1bct
[0000.925] W>  Platform config not found in BCT
[0000.952] I> Qspi flash params source = mb1bct
[0000.990] I> MB1 done

����main enter
SPE VERSION #: R01.00.18 Created: Jan 29 2021 @ 14:18:27
HW Function test
Start Scheduler.
in late init
��
  [0000.999] I> Welcome to MB2(TBoot-BPMP) (version: default.t194-mobile-8e4b789e)
[0001.000] I> DMA Heap @ [0x526fa000 - 0x52ffa000]
[0001.001] I> Default Heap @ [0xd486400 - 0xd48a400]
[0001.002] E> DEVICE_PROD: Invalid value data = 70020000, size = 0.
[0001.007] W> device prod register failed
[0001.011] I> gpio framework initialized
[0001.015] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio' driver
[0001.022] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio-aon' driver
[0001.030] I> No valid sdcard_params in mb1_bct
[0001.034] I> Boot_device: QSPI_FLASH instance: 0
[0001.038] I> qspi flash-0 params source = boot args
[0001.044] I> QSPI-0l initialized successfully
[0001.047] I> sdmmc-3 params source = safe params
[0001.447] I> sdmmc DDR50 mode
[0001.464] I> Found 41 partitions in QSPI_FLASH (instance 0)
[0001.482] W> Cannot find any partition table for 00000003
[0001.483]  > PARTITION_MANAGER: Failed to publish partition.
[0001.498] I> Found 22 partitions in SDMMC_USER (instance 3)
[0001.500] I> Active Boot chain : 1
[0001.517] I> RSA PSS signature check: OK
[0001.556] I> RSA PSS signature check: OK
[0002.075] I> Relocating BR-BCT
[0002.077]  > DEVICE_PROD: device prod is not initialized.
[0002.103] E> I2C: slave not found in slaves.
[0002.104] E> I2C: Could not write 0 bytes to slave: 0x00ae with repeat start true.
[0002.106] E> I2C_DEV: Failed to send register address 0x00000000.
[0002.107] E> I2C_DEV: Could not read 256 registers of size 1 from slave 0xae at 0x00000000 via instance 0.
[0002.108] E> eeprom: Failed to read I2C slave device
[0002.110] I> Failed to read CVB eeprom data @ AE
[0002.114] I> Retrying CVB eeprom read @ AC ...
[0002.119] E> I2C: slave not found in slaves.
[0002.123] E> I2C: Could not write 0 bytes to slave: 0x00ac with repeat start true.
[0002.131] E> I2C_DEV: Failed to send register address 0x00000000.
[0002.137] E> I2C_DEV: Could not read 256 registers of size 1 from slave 0xac at 0x00000000 via instance 0.
[0002.146] E> eeprom: Failed to read I2C slave device
[0002.151] I> Failed to read CVB eeprom data @ AC
[0002.170] I> RSA PSS signature check: OK
[0002.189] I> RSA PSS signature check: OK
[0002.213] I> RSA PSS signature check: OK
[0002.246] I> Relocating OP-TEE dtb from: 0x6bfff720 to 0x70050000, size: 1008
[0002.247] I> [0] START: 0x80000000, SIZE: 0x2f000000
[0002.248] I> [1] START: 0xaf010000, SIZE: 0x189f0000
[0002.248] I> [2] START: 0xc7b00000, SIZE: 0xc0000
[0002.249] I> [3] START: 0xca000000, SIZE: 0x800000
[0002.249] I> dram_block larger than 80000000
[0002.251] I> [4] START: 0x100000000, SIZE: 0x180000000
[0002.263] I> Setting NS memory ranges to OP-TEE dtb finished.
[0002.267] I> RSA PSS signature check: OK
[0002.271] I> found decompressor handler: lz4
[0002.519] I> RSA PSS signature check: OK
[0002.551] I> RSA PSS signature check: OK
[0002.553] I> EKB detected (length: 0x410) @ VA:0x52709400
[0002.554] I> Setting EKB blob info to OPTEE dtb finished.
��NOTICE:  BL31: v2.6(release):5e1f8b33d
NOTICE:  BL31: Built : 01:45:47, Aug 28 2024
I/TC: Physical secure memory base 0xcb040000 size 0xf00000
I/TC: 
I/TC: Non-secure external DT found
I/TC: OP-TEE version: 3.22 (gcc version 9.3.0 (Buildroot 2020.08)) #2 Wed Aug 28 08:55:09 UTC 2024 aarch64
I/TC: WARNING: This OP-TEE configuration might be insecure!
I/TC: WARNING: Please check https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html
I/TC: Primary CPU initializing
I/TC: Primary CPU switching to normal world boot
��
  [0003.242] I> Welcome to NVDisp-Init
[0003.243] I> NVDisp-Init version: t194-51f071e0
[0003.243] I> CPU-BL Params @ 0xca020000
[0003.243] I>  0) Base:0x00000000 Size:0x00000000
[0003.244] I>  1) Base:0xc8100000 Size:0x00100000
[0003.244] I>  2) Base:0xc9800000 Size:0x00200000
[0003.244] I>  3) Base:0xc8600000 Size:0x00200000
[0003.247] I>  4) Base:0xc8000000 Size:0x00100000
[0003.251] I>  5) Base:0xc7f00000 Size:0x00100000
[0003.256] I>  6) Base:0xc9400000 Size:0x00400000
[0003.260] I>  7) Base:0xc9000000 Size:0x00400000
[0003.265] I>  8) Base:0xc7e00000 Size:0x00100000
[0003.269] I>  9) Base:0xc7d00000 Size:0x00100000
[0003.274] I> 10) Base:0xca800000 Size:0x00800000
[0003.278] I> 11) Base:0x40000000 Size:0x00040000
[0003.282] I> 12) Base:0xc7c00000 Size:0x00100000
[0003.287] I> 13) Base:0x40046000 Size:0x00002000
[0003.291] I> 14) Base:0x40048000 Size:0x00002000
[0003.296] I> 15) Base:0xaf000000 Size:0x00004000
[0003.300] I> 16) Base:0x4004a000 Size:0x00002000
[0003.305] I> 17) Base:0xc7a00000 Size:0x00100000
[0003.309] I> 18) Base:0x4004c000 Size:0x00002000
[0003.314] I> 19) Base:0xc9a00000 Size:0x00600000
[0003.318] I> 20) Base:0x4004e000 Size:0x00002000
[0003.323] I> 21) Base:0xc7bc0000 Size:0x0000c000
[0003.327] I> 22) Base:0x00000000 Size:0x00000000
[0003.332] I> 23) Base:0xc7be0000 Size:0x00020000
[0003.336] I> 24) Base:0xcc000000 Size:0x02000000
[0003.340] I> 25) Base:0x40050000 Size:0x00002000
[0003.345] I> 26) Base:0x40040000 Size:0x00006000
[0003.349] I> 27) Base:0xc8c00000 Size:0x00400000
[0003.354] I> 28) Base:0xc8400000 Size:0x00200000
[0003.358] I> 29) Base:0xc8800000 Size:0x00400000
[0003.363] I> 30) Base:0xc7bd0000 Size:0x00010000
[0003.367] I> 31) Base:0x00000000 Size:0x00000000
[0003.372] I> 32) Base:0xf8000000 Size:0x08000000
[0003.376] I> 33) Base:0xce000000 Size:0x2a000000
[0003.381] I> 34) Base:0xcb000000 Size:0x01000000
[0003.385] I> 35) Base:0xae000000 Size:0x01000000
[0003.390] I> 36) Base:0xa0000000 Size:0x0e000000
[0003.394] I> 37) Base:0xca000000 Size:0x00800000
[0003.399] I> 38) Base:0x80000000 Size:0x20000000
[0003.403] I> 39) Base:0xb0000000 Size:0x08000000
[0003.407] I> 40) Base:0x00000000 Size:0x00000000
[0003.412] I> 41) Base:0x00000000 Size:0x00000000
[0003.416] I> 42) Base:0xc8200000 Size:0x00200000
[0003.421] I> 43) Base:0x00000000 Size:0x00000000
[0003.425] I> 44) Base:0x00000000 Size:0x00000000
[0003.430] I> 45) Base:0x00000000 Size:0x00000000
[0003.434] GIC-SPI Target CPU: 0
[0003.437] Interrupts Init done
[0003.440] calling constructors
[0003.443] initializing heap
[0003.446] I> Heap: [0xa0a60000 ... 0xadf00000]
[0003.450] initializing threads
[0003.453] initializing timers
[0003.456] creating bootstrap completion thread
[0003.460] top of bootstrap2()
[0003.463] CPU: MIDR: 0x4E0F0040, MPIDR: 0x80000000
[0003.467] initializing platform
[0003.470] E> DEVICE_PROD: Invalid value data = 0, size = 0.
[0003.476] W> device prod register failed
[0003.479] I> Bl_dtb @0xadf00000
[0003.482] I> gpio framework initialized
[0003.495] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio' driver
[0003.500] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio-aon' driver
[0003.506] I> fixed regulator driver initialized
[0003.524] I> register 'maxim' power off handle
[0003.528] I> virtual i2c enabled
[0003.529] I> registered 'maxim,max20024' pmic
[0003.529] I> tegrabl_gpio_driver_register: register 'max20024-gpio' driver
[0003.530] I> Boot-device: QSPI
[0003.530] I> Boot_device: QSPI_FLASH instance: 0
[0003.531] I> configure_qspi_clk: qparams clk_src = 5, clk_div = 0, clk_src_freq = 800000000, interface_freq = 50000000
[0003.542] I> configure_qspi_clk: FORCING INTERFACE_FREQ TO 133000000!!
[0003.549] I> QSPI source rate = 204000 Khz
[0003.552] I> Requested rate for QSPI clock = 34000 Khz
[0003.557] I> BPMP-set rate for QSPI clk = 34000 Khz
[0003.562] I> tx_clk_tap_delay : 0
[0003.565] I> rx_clk_tap_delay : 16
[0003.568] I> QSPI Flash Size = 32 MB
[0003.576] I> Qspi initialized successfully
[0003.576] I> qspi flash-0 params source = boot args
[0003.581] W> No board IDs available
[0003.584] E> Failed to get board id info!
[0003.589] I> sdmmc-3 params source = safe params
[0003.597] I> Found 41 partitions in QSPI_FLASH (instance 0)
[0003.598] W> Cannot find any partition table for 00000003
[0003.603] E> Failed to publish 00000003
[0003.612] I> Found 22 partitions in SDMMC_USER (instance 3)
[0003.635] I> regulator 'vdd-hdmi-5v0' already enabled
[0003.643] I> regulator 'vdd-hdmi-5v0' already enabled
[0003.644] E> tegrabl_display_init_regulator: hdmi cable is not connected
[0003.644] E> tegrabl_display_get_pdata, failed to parse dtb settings
[0003.646] E> cannot find any other nvdisp nodes
[0003.646] E> no valid display unit config found in dtb
[0003.649] W> display init failed
[0003.649] initializing target
[0003.651] calling apps_init()
[0003.654] starting app kernel_boot_app
[0003.657] I> Kernel type = Normal

Jetson UEFI firmware (version 6.0-37391689 built on 2024-08-28T08:47:11+00:00)






























































��I/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled

ASSERT [FvbNorFlashStandaloneMm] /dvs/git/dirty/git-master_linux/out/nvidia/optee.t194-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(978): ((BOOLEAN)(0==1))

hello adit_bhrgv,

could you please share your command-line for OTA payload creation since it’s a customize board.
did you update l4t_generate_ota_package.sh and ota_board_specs.conf for customize board to create OTA payloads?

I don’t think the Assertion 3 issue has been fixed in r35.6.0.
Please apply the patch manually and update the tos image to fix this assertion issue.

Hi,

After merging the patch, the assert error goes away.

But I flashed a Massflash image, then it also writes the QSPI memory.

Is flashing QSPI memory necessary ?

Yes, tos image is included in the secure-os partition, which is on the QSPI.
You can refer to the following part in partition layout file. (e.g. flash_l4t_t194_spi_sd_p3668.xml)

        <partition name="secure-os" type="tos" oem_sign="true">
            <allocation_policy> sequential </allocation_policy>
            <filesystem_type> basic </filesystem_type>
            <size> 2621440 </size>
            <align_boundary> 65536 </align_boundary>
            <file_system_attribute> 0 </file_system_attribute>
            <allocation_attribute> 8 </allocation_attribute>
            <percent_reserved> 0 </percent_reserved>
            <filename> TOSFILE </filename>
            <description> **Required.** Chain A; contains the trusted OS. </description>
        </partition>

Hi Nvidia Team,

We have Jetson devices deployed in the field and currently use a USB stick–based update mechanism to perform system updates.

Current workflow:

• A USB stick containing an update image is inserted into the Jetson

• This triggers a service running on the device that updates:

  • Bootloader components

  • Software image / rootfs partitions on NVMe

• On the next reboot, the device boots with the updated bootloader and NVMe rootfs

• This works reliably and does not require recovery mode or lab access

New requirement:
With our latest software release due to this ASSERT issue , the TOS image needs to be written to QSPI.

Problem:
From our understanding, updating QSPI (including TOS) is normally done via:

• Recovery mode

• USB connection to a host PC

• Flashing via SDK Manager or massflash images

Bringing devices back to the lab to reflash QSPI is costly and not feasible for our deployment model.

Questions:

1. Is it possible to update the QSPI contents (specifically the TOS image) from userspace on a running Jetson system (e.g., via a USB stick )?

2. Does NVIDIA support or recommend any in-field method (such as UEFI capsule updates or other mechanisms) to safely update TOS in QSPI without entering recovery mode?

3. If this is not supported, is there a documented limitation or risk (e.g., security or bricking concerns) that prevents QSPI updates from Linux?

4. What are the recommended best practices for Jetson deployments that require TOS/QSPI updates after devices are already in the field?

Any clarification or references to official documentation would be very helpful.

Thank you.

You could perform either image-based OTA update(for bootloader+rootfs) or capsule update(for bootloader).
Both workflow will update tos image of QSPI.

FYI, the latest Jetpack 5.1.6(r35.6.4) has been released this week.
You can also update to this release w/o applying the fix manually.
Please refer to the following item in Fix Issues of Release Note for details.

image916×180 13.5 KB

After generating the tos-optee_t194.img and placing in bootloader/ folder, I created a bootloader capsule update using below commands:

sudo ./l4t_generate_soc_bup.sh -u $ROOT_DIR/keys/jetson.pem -v $ROOT_DIR/keys/sbk_key.txt t19x
sudo ./generate_capsule/l4t_generate_soc_capsule.sh -i bootloader/payloads_t19x/bl_only_payload -o ./TEGRA_BL.Cap t194

I think this includes the new tos image placed in bootloader folder.

When the bootloader update gets invoked and “Update progress…” goes to 100%, then it gives again the same ASSERT error.

How can I ensure that the BUP capsule contains the newly generated tos.img ?

Thanks

You can check the build date/time of op-tee from the serial console log before and after capsule update.

I checked the timestamps before and after Bootloade update for optee in serial logs.

It is definitely updated. The new date is 2nd Feb,2026 when I last created the tos.img but still it gives the ASSERT error after the Bootloader update goes to 100%..

Jetson UEFI firmware (version 6.0-37391689 built on 2024-08-28T08:47:11+00:00)
ESC   to enter Setup.
F11   to enter Boot Manager Menu.
Enter to continue boot.

Update Progress - 100% **************************************************����
[0000.036] W> RATCHET: MB1 binary ratchet value 4 is larger than ratchet level 2 from HW fuses.
[0000.044] I> MB1 (prd-version: 2.6.0.0-t194-41334769-cab45716)
[0000.049] I> Boot-mode: Coldboot
[0000.052] I> Platform: Silicon
[0000.055] I> Chip revision : A02P
[0000.058] I> Bootrom patch version : 15 (correctly patched)
[0000.063] I> ATE fuse revision : 0x200
[0000.067] I> Ram repair fuse : 0x0
[0000.070] I> Ram Code : 0x0
[0000.072] I> rst_source: 0xb, rst_level: 0x1
[0000.077] I> Boot-device: QSPI (instance: 0)
[0000.081] I> Qspi flash params source = brbct
[0000.085] I> Qspi clock source : pllp
[0000.089] I> Qspi-0 initialized successfully
[0000.093] I> Boot chain mechanism: A/B
[0000.096] I> Current Boot-Chain Slot: 1
[0000.100] I> BR-BCT Boot-Chain: 1, status: 0. update flag: 0
[0000.105] I> Qspi flash params source = brbct
[0000.113] W> PROD_CONFIG: device prod data is empty in MB1 BCT.
[0000.119] I> Temperature = 42000
[0000.122] W> Skipping boost for clk: BPMP_CPU_NIC
[0000.126] W> Skipping boost for clk: BPMP_APB
[0000.130] W> Skipping boost for clk: AXI_CBB
[0000.134] W> Skipping boost for clk: AON_CPU_NIC
[0000.138] W> Skipping boost for clk: CAN1
[0000.142] W> Skipping boost for clk: CAN2
[0000.146] I> Boot-device: QSPI (instance: 0)
[0000.150] I> Qspi flash params source = mb1bct
[0000.154] I> Qspi clock source : pllc_out0
[0000.158] I> Qspi-0 reinitialized
[0000.161] I> Qspi flash params source = mb1bct
[0000.176] I> Non-ECC region[0]: Start:0x80000000, End:0x100000000
[0000.183] W>  Thermal config not found in BCT
[0000.192] W>  MEMIO rail config not found in BCT
[0000.202] I> Qspi flash params source = mb1bct
[0000.217] I> Qspi flash params source = mb1bct
[0000.263] I> Qspi flash params source = mb1bct
[0000.851] I> Qspi flash params source = mb1bct
[0000.879] I> Qspi flash params source = mb1bct
[0000.922] W>  Platform config not found in BCT
[0000.949] I> Qspi flash params source = mb1bct
[0000.987] I> MB1 done

����main enter
SPE VERSION #: R01.00.18 Created: Jan 29 2021 @ 14:18:27
HW Function test
Start Scheduler.
in late init
��
  [0000.997] I> Welcome to MB2(TBoot-BPMP) (version: default.t194-mobile-8e4b789e)
[0000.997] I> DMA Heap @ [0x526fa000 - 0x52ffa000]
[0000.998] I> Default Heap @ [0xd486400 - 0xd48a400]
[0000.999] E> DEVICE_PROD: Invalid value data = 70020000, size = 0.
[0001.004] W> device prod register failed
[0001.008] I> gpio framework initialized
[0001.012] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio' driver
[0001.019] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio-aon' driver
[0001.027] I> No valid sdcard_params in mb1_bct
[0001.031] I> Boot_device: QSPI_FLASH instance: 0
[0001.036] I> qspi flash-0 params source = boot args
[0001.041] I> QSPI-0l initialized successfully
[0001.044] I> sdmmc-3 params source = safe params
[0001.387] I> sdmmc DDR50 mode
[0001.405] I> Found 41 partitions in QSPI_FLASH (instance 0)
[0001.422] W> Cannot find any partition table for 00000003
[0001.423]  > PARTITION_MANAGER: Failed to publish partition.
[0001.439] I> Found 22 partitions in SDMMC_USER (instance 3)
[0001.440] I> Active Boot chain : 1
[0001.457] I> RSA PSS signature check: OK
[0001.501] I> RSA PSS signature check: OK
[0002.073] I> Relocating BR-BCT
[0002.075]  > DEVICE_PROD: device prod is not initialized.
[0002.101] E> I2C: slave not found in slaves.
[0002.102] E> I2C: Could not write 0 bytes to slave: 0x00ae with repeat start true.
[0002.103] E> I2C_DEV: Failed to send register address 0x00000000.
[0002.104] E> I2C_DEV: Could not read 256 registers of size 1 from slave 0xae at 0x00000000 via instance 0.
[0002.105] E> eeprom: Failed to read I2C slave device
[0002.107] I> Failed to read CVB eeprom data @ AE
[0002.112] I> Retrying CVB eeprom read @ AC ...
[0002.117] E> I2C: slave not found in slaves.
[0002.121] E> I2C: Could not write 0 bytes to slave: 0x00ac with repeat start true.
[0002.128] E> I2C_DEV: Failed to send register address 0x00000000.
[0002.134] E> I2C_DEV: Could not read 256 registers of size 1 from slave 0xac at 0x00000000 via instance 0.
[0002.143] E> eeprom: Failed to read I2C slave device
[0002.148] I> Failed to read CVB eeprom data @ AC
[0002.168] I> RSA PSS signature check: OK
[0002.188] I> RSA PSS signature check: OK
[0002.212] I> RSA PSS signature check: OK
[0002.267] I> Relocating OP-TEE dtb from: 0x6bfff720 to 0x70050000, size: 1008
[0002.268] I> [0] START: 0x80000000, SIZE: 0x2f000000
[0002.269] I> [1] START: 0xaf010000, SIZE: 0x189f0000
[0002.269] I> [2] START: 0xc7b00000, SIZE: 0xc0000
[0002.269] I> [3] START: 0xca000000, SIZE: 0x800000
[0002.270] I> dram_block larger than 80000000
[0002.272] I> [4] START: 0x100000000, SIZE: 0x180000000
[0002.284] I> Setting NS memory ranges to OP-TEE dtb finished.
[0002.288] I> RSA PSS signature check: OK
[0002.292] I> found decompressor handler: lz4
[0002.542] I> RSA PSS signature check: OK
[0002.574] I> RSA PSS signature check: OK
[0002.575] I> EKB detected (length: 0x410) @ VA:0x52709400
[0002.577] I> Setting EKB blob info to OPTEE dtb finished.
��NOTICE:  BL31: v2.6(release):DC-04-04-A-5-g6ed6656-dirty
NOTICE:  BL31: Built : 15:45:01, Feb  2 2026
I/TC: Physical secure memory base 0xcb040000 size 0xf00000
I/TC: 
I/TC: Non-secure external DT found
I/TC: OP-TEE version: 3.22 (gcc version 9.3.0 (Buildroot 2020.08)) #2 Mon Feb  2 14:32:00 UTC 2026 aarch64
I/TC: WARNING: This OP-TEE configuration might be insecure!
I/TC: WARNING: Please check https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html
I/TC: Primary CPU initializing
I/TC: Primary CPU switching to normal world boot
��
  [0003.265] I> Welcome to NVDisp-Init
[0003.265] I> NVDisp-Init version: t194-51f071e0
[0003.265] I> CPU-BL Params @ 0xca020000
[0003.266] I>  0) Base:0x00000000 Size:0x00000000
[0003.266] I>  1) Base:0xc8100000 Size:0x00100000
[0003.266] I>  2) Base:0xc9800000 Size:0x00200000
[0003.266] I>  3) Base:0xc8600000 Size:0x00200000
[0003.269] I>  4) Base:0xc8000000 Size:0x00100000
[0003.273] I>  5) Base:0xc7f00000 Size:0x00100000
[0003.278] I>  6) Base:0xc9400000 Size:0x00400000
[0003.282] I>  7) Base:0xc9000000 Size:0x00400000
[0003.287] I>  8) Base:0xc7e00000 Size:0x00100000
[0003.291] I>  9) Base:0xc7d00000 Size:0x00100000
[0003.296] I> 10) Base:0xca800000 Size:0x00800000
[0003.300] I> 11) Base:0x40000000 Size:0x00040000
[0003.305] I> 12) Base:0xc7c00000 Size:0x00100000
[0003.309] I> 13) Base:0x40046000 Size:0x00002000
[0003.314] I> 14) Base:0x40048000 Size:0x00002000
[0003.318] I> 15) Base:0xaf000000 Size:0x00004000
[0003.323] I> 16) Base:0x4004a000 Size:0x00002000
[0003.327] I> 17) Base:0xc7a00000 Size:0x00100000
[0003.332] I> 18) Base:0x4004c000 Size:0x00002000
[0003.336] I> 19) Base:0xc9a00000 Size:0x00600000
[0003.340] I> 20) Base:0x4004e000 Size:0x00002000
[0003.345] I> 21) Base:0xc7bc0000 Size:0x0000c000
[0003.349] I> 22) Base:0x00000000 Size:0x00000000
[0003.354] I> 23) Base:0xc7be0000 Size:0x00020000
[0003.358] I> 24) Base:0xcc000000 Size:0x02000000
[0003.363] I> 25) Base:0x40050000 Size:0x00002000
[0003.367] I> 26) Base:0x40040000 Size:0x00006000
[0003.372] I> 27) Base:0xc8c00000 Size:0x00400000
[0003.376] I> 28) Base:0xc8400000 Size:0x00200000
[0003.381] I> 29) Base:0xc8800000 Size:0x00400000
[0003.385] I> 30) Base:0xc7bd0000 Size:0x00010000
[0003.390] I> 31) Base:0x00000000 Size:0x00000000
[0003.394] I> 32) Base:0xf8000000 Size:0x08000000
[0003.398] I> 33) Base:0xce000000 Size:0x2a000000
[0003.403] I> 34) Base:0xcb000000 Size:0x01000000
[0003.407] I> 35) Base:0xae000000 Size:0x01000000
[0003.412] I> 36) Base:0xa0000000 Size:0x0e000000
[0003.416] I> 37) Base:0xca000000 Size:0x00800000
[0003.421] I> 38) Base:0x80000000 Size:0x20000000
[0003.425] I> 39) Base:0xb0000000 Size:0x08000000
[0003.430] I> 40) Base:0x00000000 Size:0x00000000
[0003.434] I> 41) Base:0x00000000 Size:0x00000000
[0003.439] I> 42) Base:0xc8200000 Size:0x00200000
[0003.443] I> 43) Base:0x00000000 Size:0x00000000
[0003.448] I> 44) Base:0x00000000 Size:0x00000000
[0003.452] I> 45) Base:0x00000000 Size:0x00000000
[0003.456] GIC-SPI Target CPU: 0
[0003.459] Interrupts Init done
[0003.462] calling constructors
[0003.465] initializing heap
[0003.468] I> Heap: [0xa0a60000 ... 0xadf00000]
[0003.472] initializing threads
[0003.475] initializing timers
[0003.478] creating bootstrap completion thread
[0003.482] top of bootstrap2()
[0003.485] CPU: MIDR: 0x4E0F0040, MPIDR: 0x80000000
[0003.490] initializing platform
[0003.493] E> DEVICE_PROD: Invalid value data = 0, size = 0.
[0003.498] W> device prod register failed
[0003.502] I> Bl_dtb @0xadf00000
[0003.505] I> gpio framework initialized
[0003.517] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio' driver
[0003.523] I> tegrabl_gpio_driver_register: register 'nvidia,tegra194-gpio-aon' driver
[0003.529] I> fixed regulator driver initialized
[0003.549] I> register 'maxim' power off handle
[0003.552] I> virtual i2c enabled
[0003.553] I> registered 'maxim,max20024' pmic
[0003.553] I> tegrabl_gpio_driver_register: register 'max20024-gpio' driver
[0003.554] I> Boot-device: QSPI
[0003.554] I> Boot_device: QSPI_FLASH instance: 0
[0003.554] I> configure_qspi_clk: qparams clk_src = 5, clk_div = 0, clk_src_freq = 800000000, interface_freq = 50000000
[0003.564] I> configure_qspi_clk: FORCING INTERFACE_FREQ TO 133000000!!
[0003.571] I> QSPI source rate = 204000 Khz
[0003.574] I> Requested rate for QSPI clock = 34000 Khz
[0003.580] I> BPMP-set rate for QSPI clk = 34000 Khz
[0003.584] I> tx_clk_tap_delay : 0
[0003.587] I> rx_clk_tap_delay : 16
[0003.590] I> QSPI Flash Size = 32 MB
[0003.598] I> Qspi initialized successfully
[0003.599] I> qspi flash-0 params source = boot args
[0003.603] W> No board IDs available
[0003.606] E> Failed to get board id info!
[0003.612] I> sdmmc-3 params source = safe params
[0003.619] I> Found 41 partitions in QSPI_FLASH (instance 0)
[0003.622] W> Cannot find any partition table for 00000003
[0003.625] E> Failed to publish 00000003
[0003.630] I> Found 22 partitions in SDMMC_USER (instance 3)
[0003.656] I> regulator 'vdd-hdmi-5v0' already enabled
[0003.664] I> regulator 'vdd-hdmi-5v0' already enabled
[0003.664] I> hdmi cable connected
[0003.670] W> set volts not configured for 'vdd-1v0'
[0003.677] W> set volts not configured for 'vdd-1v8-hs'
[0003.677] I> retrieved tmds range from prod_list_hdmi_soc
[0003.679] E> cannot find any other nvdisp nodes
[0003.696] I> edid read success
[0003.708] I> edid read success
[0003.709] I> width = 640, height = 480, frequency = 25174825
[0003.709] I> width = 1024, height = 768, frequency = 65000000
[0003.709] I> width = 1920, height = 1200, frequency = 154000000
[0003.710] I> width = 1280, height = 720, frequency = 74250000
[0003.710] I> width = 1920, height = 1080, frequency = 148351648
[0003.715] I> width = 1280, height = 720, frequency = 74175824
[0003.720] I> width = 640, height = 480, frequency = 25174825
[0003.726] I> width = 720, height = 480, frequency = 26973026
[0003.731] I> Best mode Width = 1920, Height = 1080, freq = 148351648
[0003.742] I> hdmi_enable, starting HDMI initialisation
[0003.747] I> hdmi_enable, HDMI initialisation complete
[0003.757] initializing target
[0003.757] calling apps_init()
[0003.758] starting app kernel_boot_app
[0003.759] I> Kernel type = Normal

Jetson UEFI firmware (version 202210.6-4cd68574-dirty built on 2025-12-03T16:17:55+00:00)

��I/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled

ASSERT [FvbNorFlashStandaloneMm] /dvs/git/dirty/git-master_linux/out/nvidia/optee.t194-uefi/StandaloneMmOptee_RELEASE/edk2-nvidia/Silicon/NVIDIA/Drivers/FvbNorFlashDxe/FvbNorFlashStandaloneMm.c(978): ((BOOLEAN)(0==1))

Inspite of Optee getting update after bootloader update, ASSERT error is still there via capsule update method. FLashing via Massflash image doesn’t give this error.

One ques: Do I need to also paste the uefi_jetson_RELEASE.bin in bootloader along with tos-optee_t194.bin while generating BUP ?

I don’t think so, but you can give it a try.

The fix is included in the stmm binary, which is built from UEFI source.
And you need to export the stmm binary when you are builing op-tee and tos image.
Please check if you have applied the change correctly.

I am using the r35.6.0 branch for uefi.

I took this commit (Varint readfix r35.5.0 by gmahadevan · Pull Request #110 · NVIDIA/edk2-nvidia · GitHub for r35.5.0 ) and then replaced the files Library/NvVarIntLibrary/NvVarIntLibrary.c and Drivers/FvbNorFlashDxe/VarIntCheck.c.

But it seems, there are many other changes in r35.6.0 branch compared to the replaced files which were from r35.5.0 fix.

Could you please provide me a patch which I can apply to r35.6.0 directly ?

I am using the r35.6.0 branch for uefi.

I took this commit ( Varint readfix r35.5.0 by gmahadevan · Pull Request #110 · NVIDIA/edk2-nvidia · GitHub for r35.5.0 ) and then replaced the files Library/NvVarIntLibrary/NvVarIntLibrary.c and Drivers/FvbNorFlashDxe/VarIntCheck.c.

But it seems, there are many other changes in r35.6.0 branch compared to the replaced files which were from r35.5.0 fix.

Could you please provide me a patch which I can apply to r35.6.0 directly ?

Steps I followed to generate the tos.img and BUP:

 2090  export EDK2_BUILD_ROOT="/home/sigtest/uefi_debug"
 2091  export EDK2_BUILDROOT_ARGS="-v \"${EDK2_BUILD_ROOT}\":\"${EDK2_BUILD_ROOT}\""
 2092  export EDK2_BUILD_ARGS="-e UEFI_DEBUG_ONLY=yes" 
 2093  alias edk2_docker="docker run -it --rm -w \"\$(pwd)\" ${EDK2_BUILDROOT_ARGS} ${EDK2_USER_ARGS} ${EDK2_BUILD_ARGS} \"${EDK2_DEV_IMAGE}\""
 2094  edk2_docker edk2-nvidia/Platform/NVIDIA/StandaloneMmOptee/build.sh
 2095  cd ..
 2096  edk2_docker edk2-nvidia/Platform/NVIDIA/StandaloneMmOptee/build.sh
 2097  cd images/
 2098  ls
 2099  ls -ltrh
 2100  cp uefi_StandaloneMmOptee_DEBUG.bin /home/sigtest/icmore-jetson/Linux_for_Tegra/bootloader/standalonemm_optee_t194.bin

 2011* export CROSS_COMPILE_AARCH64_PATH=/home/sigtest/l4t-gcc
 2012  export CROSS_COMPILE_AARCH64=/home/sigtest/l4t-gcc/bin/aarch64-buildroot-linux-gnu-
 2013  export UEFI_STMM_PATH=/home/sigtest/icmore-jetson/Linux_for_Tegra/bootloader/standalonemm_optee_t194.bin

 cd source/public/
./optee_src_build.sh -p t194

dtc -I dts -O dtb -o ./optee/tegra194-optee.dtb ./optee/tegra194-optee.dts 
./optee/tegra194-optee.dts:33.17-38.4: Warning (unit_address_format): /efuse@03820000: unit name should not have leading 0s
./optee/tegra194-optee.dts:40.15-45.4: Warning (unit_address_format): /se0@03ac0000: unit name should not have leading 0s
./optee/tegra194-optee.dts:47.20-52.4: Warning (unit_address_format): /se0-rng1@03ae0000: unit name should not have leading 0s

mkdir atf_build
tar -I lbzip2 -C atf_build -xpf atf_src.tbz2

cd atf_build/arm-trusted-firmware

make BUILD_BASE=./build \
       CROSS_COMPILE="${CROSS_COMPILE_AARCH64}" \
       DEBUG=0 LOG_LEVEL=20 PLAT=tegra SPD=opteed TARGET_SOC=t194 V=0
cd ../..

cd ../../
cd nv_tegra/tos-scripts/
 ./gen_tos_part_img.py --monitor ../../source/public/atf_build/arm-trusted-firmware/build/tegra/t194/release/bl31.bin --os ../../source/public/opte
e/build/t194/core/tee-raw.bin --dtb ../../source/public/optee/tegra194-optee.dtb --tostype optee ./tos.img 
Generating Trusted OS Partition Image File
Generate TOS Image File for boot-wrapper.

ls -ltr 
total 2316
-rwxr-xr-x 1 sigtest sig   10995 Aug  6  2025 gen_tos_part_img.py
-rw-r--r-- 1 sigtest sig 1178384 Feb  6 09:43 tos.img
-rw-r--r-- 1 sigtest sig 1177850 Feb  6 09:43 img.bin

cp tos.img /home/sigtest/icmore-jetson/Linux_for_Tegra/bootloader/tos-optee_t194.img

sudo ./l4t_generate_soc_bup.sh -u $ROOT_DIR/keys/sd/icmore-jetson.pem -v $ROOT_DIR/keys/sd/sbk_key.txt t19x
sudo ./generate_capsule/l4t_generate_soc_capsule.sh -i bootloader/payloads_t19x/bl_only_payload -o ./TEGRA_BL.Cap t194


#Copy the TEGRA_BL.Cap to the target and then follow these steps on target:

mkdir -p /opt/nvidia/esp
esp_uuid=$(lsblk -o name,partlabel,uuid | grep "nvme0n1" | awk '{ if($2 == "esp") print $3 }')
if [ -z "$esp_uuid" ]; then
    echo "ERROR: ESP partition not found on NVME!"
    exit 1
fi
#Mount esp partition on NVME
mount UUID=$esp_uuid /opt/nvidia/esp

echo "NVME partitions..."
lsblk

sleep 5

echo "Creating UpdateCapsule folder & copying BL Capsule..."
mkdir -p /opt/nvidia/esp/EFI/UpdateCapsule
cp /Linux_for_Tegra/TEGRA_BL.Cap /opt/nvidia/esp/EFI/UpdateCapsule
ls -ltr /opt/nvidia/esp/EFI/UpdateCapsule

sleep 5

# Set bit2 of OSIndications UEFI variable
echo "Setting bit2 of OSIndications UEFI variable..."
cd /sys/firmware/efi/efivars/ || exit 1
printf "\x07\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00" > /tmp/var_tmp.bin
dd if=/tmp/var_tmp.bin of=OsIndications-8be4df61-93ca-11d2-aa0d-00e098032b8c bs=12; sync

sleep 5

# Unmount the NVME's ESP partition
echo "Unmounting NVME ESP partition..."
umount /opt/nvidia/esp

# Shutdown the system
echo "Shutting down the system..."
sleep 5

shutdown -h now

#Reboot 
After reboot, while booting up the assertion error is still there ! 

Are these steps correct ?

Please apply the change manually instead of replacing the whole file to prevent unexpected issue.

Do you have any concern to update to the latest JP5.1.6(r35.6.4) which I believe that the issue has been fixed?

Please use uefi_StandaloneMmOptee_RELEASE.bin instead.

Have you tried flashing QPSI only and check if there’s similar issue?