Orin NX hangs on optee (r35.5.0)

Hi guys, I met the same problem as that in this with r35.5.0 on our custom board

ASSERT [VariableStandaloneMm] /dvs/git/dirty/git-master_linux/out/nvidia/optee.t234-uefi/StandaloneMmOptee_RELEASE/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c(3264): !(((INTN)(RETURN_STATUS)(Status)) < 0)

I check the heap size, which has already changed:

static const unsigned int stmm_heap_size = 750 * SMALL_PAGE_SIZE;

The problem occurs after abount 529 reboot cycles.

After the problem occurred, the reboot print is as following:

ÿäI/TC: Reserved shared memory is disabled
I/TC: Dynamic shared memory is enabled
I/TC: Normal World virtualization support is disabled
I/TC: Asynchronous notifications are disabled
E/TC:?? 00 
E/TC:?? 00 User mode data-abort at address 0x40 (translation fault)
E/TC:?? 00  esr 0x92000005  ttbr0 0x200027c1ba000   ttbr1 0x00000000   cidr 0x0
E/TC:?? 00  cpu #0          cpsr 0x60000000
E/TC:?? 00  x0  00000000405e0000 x1  0000000000000000
E/TC:?? 00  x2  0000000000000020 x3  00000000405f5c58
E/TC:?? 00  x4  00000000405f5c57 x5  00000000405d9410
E/TC:?? 00  x6  00000000000000fc x7  00000000000000fc
E/TC:?? 00  x8  00000000000000fc x9  0000000000000000
E/TC:?? 00  x10 0000a00000001000 x11 0000000000000040
E/TC:?? 00  x12 0000000000000000 x13 4200004000000000
E/TC:?? 00  x14 0000000000000000 x15 0000000000000000
E/TC:?? 00  x16 00000000400491f8 x17 00000000000000f8
E/TC:?? 00  x18 0000000000000000 x19 00000000405ef160
E/TC:?? 00  x20 00000000405f5c58 x21 00000000405e0000
E/TC:?? 00  x22 0000000000000020 x23 000000000000003f
E/TC:?? 00  x24 00000000405f5c57 x25 0000000000000000
E/TC:?? 00  x26 0000000000001000 x27 0000000000040000
E/TC:?? 00  x28 0000000040508000 x29 00000000405f5bb0
E/TC:?? 00  x30 0000000040500370 elr 00000000405d9494
E/TC:?? 00  sp_el0 00000000405f5bb0
E/TC:?? 00  region  0: va 0x0000000040000000 pa 0x000000027c042000 size 0x002000 flags ---R-X
E/TC:?? 00  region  1: va 0x0000000040002000 pa 0x000000027c190000 size 0x001000 flags ---RW-
E/TC:?? 00  region  2: va 0x0000000040004000 pa 0x000000027c240000 size 0x03f000 flags r-xR--
E/TC:?? 00  region  3: va 0x0000000040043000 pa 0x000000027c27f000 size 0x001000 flags rw----
E/TC:?? 00  region  4: va 0x0000000040044000 pa 0x000000027c280000 size 0x00b000 flags r-x---
E/TC:?? 00  region  5: va 0x000000004004f000 pa 0x000000027c28b000 size 0x001000 flags rw----
E/TC:?? 00  region  6: va 0x0000000040050000 pa 0x000000027c28c000 size 0x001000 flags r-x---
E/TC:?? 00  region  7: va 0x0000000040051000 pa 0x000000027c28d000 size 0x2b3000 flags r-xR--
E/TC:?? 00  region  8: va 0x0000000040304000 pa 0x000000027c540000 size 0x1fc000 flags rw-RW-
E/TC:?? 00  region  9: va 0x0000000040500000 pa 0x000000027c73c000 size 0x008000 flags r-x---
E/TC:?? 00  region 10: va 0x0000000040508000 pa 0x000000027c744000 size 0x001000 flags rw-RW-
E/TC:?? 00  region 11: va 0x0000000040509000 pa 0x000000027c745000 size 0x001000 flags r-x---
E/TC:?? 00  region 12: va 0x000000004050a000 pa 0x000000027c746000 size 0x002000 flags rw-RW-
E/TC:?? 00  region 13: va 0x000000004050c000 pa 0x000000027c748000 size 0x005000 flags r-x---
E/TC:?? 00  region 14: va 0x0000000040511000 pa 0x000000027c74d000 size 0x001000 flags rw-RW-
E/TC:?? 00  region 15: va 0x0000000040512000 pa 0x000000027c74e000 size 0x001000 flags r-x---
E/TC:?? 00  region 16: va 0x0000000040513000 pa 0x000000027c74f000 size 0x0c3000 flags rw-RW-
E/TC:?? 00  region 17: va 0x00000000405d6000 pa 0x000000027c812000 size 0x00a000 flags r-x---
E/TC:?? 00  region 18: va 0x00000000405e0000 pa 0x000000027c81c000 size 0x001000 flags rw-RW-
E/TC:?? 00  region 19: va 0x00000000405e1000 pa 0x000000027c81d000 size 0x001000 flags r-x---
E/TC:?? 00  region 20: va 0x00000000405e2000 pa 0x000000027c81e000 size 0x002000 flags rw-RW-
E/TC:?? 00  region 21: va 0x00000000405e4000 pa 0x000000027c820000 size 0x006000 flags r-x---
E/TC:?? 00  region 22: va 0x00000000405ea000 pa 0x000000027c826000 size 0x001000 flags rw-RW-
E/TC:?? 00  region 23: va 0x00000000405eb000 pa 0x000000027c827000 size 0x001000 flags r-x---
E/TC:?? 00  region 24: va 0x00000000405ec000 pa 0x000000027c828000 size 0x01f000 flags rw-RW-
E/TC:?? 00  region 25: va 0x000000004060b000 pa 0x000000027c847000 size 0x015000 flags rw-RW-
E/TC:?? 00  region 26: va 0x0000000040620000 pa 0x000000000c198000 size 0x001000 flags rw----
E/TC:?? 00  region 27: va 0x0000000040621000 pa 0x0000000003270000 size 0x010000 flags rw----
E/TC:?? 00  region 28: va 0x0000000040631000 pa 0x000000000c390000 size 0x002000 flags rw----
ÿá






















ÿäERROR:   Exception reason=0 syndrome=0xbe000011
ERROR:   **************************************
ERROR:   RAS Uncorrectable Error in IOB, base=0xe010000:
ERROR:   	Status = 0xec000612
ERROR:   SERR = Error response from slave: 0x12
ERROR:   	IERR = CBB Interface Error: 0x6
ERROR:   	Overflow (there may be more errors) - Uncorrectable
ERROR:   	MISC0 = 0xc4520040
ERROR:   	MISC1 = 0x94c860000000000
ERROR:   	MISC2 = 0x0
ERROR:   	MISC3 = 0x0
ERROR:   	ADDR = 0x8000000003270000
ERROR:   **************************************
ERROR:   sdei_dispatch_event returned -1
Unhandled Exception in EL3.
x30            = 0x0000000050011384
x0             = 0x0000000000000000
x1             = 0x0000000000000000
x2             = 0x000000005000d1b8
x3             = 0x0000000000000047
x4             = 0x0000000000000000
x5             = 0x0000000000000043
x6             = 0x0000000000000001
x7             = 0x0000000000000000
x8             = 0x000000005000b7ec
x9             = 0x0000000000000000
x10            = 0x0000000264a6c000
x11            = 0x0000000264a9dfff
x12            = 0x0000000000000000
x13            = 0x000000000002700f
x14            = 0x00000002694f00a8
x15            = 0x000000026e555000
x16            = 0x0000000268654cd4
x17            = 0x0000000001e80008
x18            = 0x0000000000000000
x19            = 0x0000000003270000
x20            = 0x000000000000001c
x21            = 0x00000002694f0000
x22            = 0x000000000000001d
x23            = 0x00000002694f00a8
x24            = 0x0000000003270000
x25            = 0x0000000000000001
x26            = 0x0000000000000001
x27            = 0x0000000000000000
x28            = 0x0000000000000001
x29            = 0x000000026e9fe520
scr_el3        = 0x000000000003073d
sctlr_el3      = 0x00000000b0cd183f
cptr_el3       = 0x0000000000000000
tcr_el3        = 0x0000000080823518
daif           = 0x00000000000003c0
mair_el3       = 0x00000000004404ff
spsr_el3       = 0x00000000600003cd
elr_el3        = 0x0000000050011384
ttbr0_el3      = 0x0000000050026ac1
esr_el3        = 0x0000000002000000
far_el3        = 0x0000000000000000
spsr_el1       = 0x0000000000000000
elr_el1        = 0x0000000000000000
spsr_abt       = 0x0000000000000000
spsr_und       = 0x0000000000000000
spsr_irq       = 0x0000000000000000
spsr_fiq       = 0x0000000000000000
sctlr_el1      = 0x0000000030d00800
actlr_el1      = 0x0000000000000000
cpacr_el1      = 0x0000000000300000
csselr_el1     = 0x0000000000000000
sp_el1         = 0x0000000000000000
esr_el1        = 0x0000000000000000
ttbr0_el1      = 0x0000000000000000
ttbr1_el1      = 0x0000000000000000
mair_el1       = 0x0000000000000000
amair_el1      = 0x0000000000000000
tcr_el1        = 0x0000000000000000
tpidr_el1      = 0x0000000000000000
tpidr_el0      = 0x0000000080000000
tpidrro_el0    = 0x0000000000000000
par_el1        = 0x0000000000000800
mpidr_el1      = 0x0000000081000000
afsr0_el1      = 0x0000000000000000
afsr1_el1      = 0x0000000000000000
contextidr_el1 = 0x0000000000000000
vbar_el1       = 0x0000000000000000
cntp_ctl_el0   = 0x0000000000000005
cntp_cval_el0  = 0x000000000c1197a4
cntv_ctl_el0   = 0x0000000000000000
cntv_cval_el0  = 0x0000000000000000
cntkctl_el1    = 0x0000000000000000
sp_el0         = 0x00000002687db2f0
isr_el1        = 0x0000000000000040
cpuectlr_el1   = 0xa000000b40543000
gicd_ispendr regs (Offsets 0x200 - 0x278)
 Offset:			value
0000000000000200:		0x0000000000000000
0000000000000204:		0x0000000000000000
0000000000000208:		0x0000000000000000
000000000000020c:		0x0000000000000000
0000000000000210:		0x0000000000000000
0000000000000214:		0x0000000000000000
0000000000000218:		0x0000000000010000
000000000000021c:		0x0000000000020000
0000000000000220:		0x0000000000000000
0000000000000224:		0x0000000000000000
0000000000000228:		0x0000000000000000
000000000000022c:		0x0000000000000000
0000000000000230:		0x0000000000000000
0000000000000234:		0x0000000000000000
0000000000000238:		0x0000000000000000
000000000000023c:		0x0000000000000000
0000000000000240:		0x0000000000000000
0000000000000244:		0x0000000000000000
0000000000000248:		0x0000000000000000
000000000000024c:		0x0000000000000000
0000000000000250:		0x0000000000000000
0000000000000254:		0x0000000000000000
0000000000000258:		0x0000000000000000
000000000000025c:		0x0000000000000000
0000000000000260:		0x0000000000000000
0000000000000264:		0x0000000000000000
0000000000000268:		0x0000000000000000
000000000000026c:		0x0000000000000000
0000000000000270:		0x0000000000000000
0000000000000274:		0x0000000000000000
0000000000000278:		0x0000000000000000
000000000000027c:		0x0000000000000000

Here is the last four boot log:
assert_variablestandalonemm.log (375.2 KB)

I wonder that what’s the reason of this problem and how to solve it?

That seems to be a known issue, and wull be fixed in the next release.

Hi, kayccc. Would you mind giving us the patch for this revision?

please try this patch to your optee.

diff --git a/core/arch/arm/kernel/stmm_sp.c b/core/arch/arm/kernel/stmm_sp.c
index 1d6344d..6441c03 100644
--- a/core/arch/arm/kernel/stmm_sp.c
+++ b/core/arch/arm/kernel/stmm_sp.c
@@ -77,7 +77,7 @@
 static const uint16_t ffa_storage_id = 4U;
 
 static const unsigned int stmm_stack_size = 4 * SMALL_PAGE_SIZE;
-static const unsigned int stmm_heap_size = 750 * SMALL_PAGE_SIZE;
+static const unsigned int stmm_heap_size = 1024 * SMALL_PAGE_SIZE;
 static const unsigned int stmm_sec_buf_size = 21 * SMALL_PAGE_SIZE;
 static const unsigned int stmm_ns_comm_buf_size = 21 * SMALL_PAGE_SIZE;
 
1 Like

Hi Wayne. Thanks for your patch, and I’ll try it. Also, I want to know why does the heap get into shortage after a lot of restarts.

Is this still an issue to support? Any result can be shared?

Sorry for the late response.

As we only have one module. At the moment, we are trying to solve another problem. By the way, would you mind explaining the need of increasing the heap size.

With about 4000 reboot tests, the problem does not show up.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.