Be thankful.

 

Be thankful for brake failure??

 

Holy hell that’s scary. I’m glad you’re okay and had a dash cam to show the experience. If you hired a reconstruction engineer, I imagine you are considering legal action against Volvo, right? There really isn’t an excuse for this type of error from Volvo or its engineers. People are going to get hurt and die due to this level of negligence.

 

Damn, you were lucky there was no car incoming without space to slow down safely.
I’m waiting for the fervent Volvo shills playing it down. Don’t let them get away with it, sue as much as needed, especially if they try to deny any wrongdoing on their end.
Fyi, I had a very scary experience on cruise control where my S90 started abruptly departing from the lane towards incoming traffic.
Never trusting my car again to drive autonomously even for a second.

 

Is this the first case of what is discussed here?

 

Is this the first case of what is discussed here?

On May 13, 2025, the brakes on my 2 month-old 2025.5 Volvo XC90 T8 completely failed and forced me to crash. Both the regenerative braking and the regular braking failed simultaneously.

I have video from the front and rear dash cams showing when the brakes failed, with the car speeding up then crashing on a one lane mountain road. This was a truly terrifying experience. I would like to share the video but cannot find a way to do so.

This was just a few hours after the car received the software update version 3.5.14, (which had been released April 25, 2025) at an authorized Volvo dealer in Monterey County, CA. I was driving down a steep one lane mountain road, and was forced to steer off the road into the side of a hill to avoid going over a cliff.
It resulted in a single-car collision in which the airbags deployed and my tire and rim were shredded, but it could have been much worse.

The next day, May 14, 2025, I contacted Volvo customer care, giving them details about my total brake failure.

After making multiple calls to Volvo customer care without hearing anything back, I hired a forensic accident reconstruction engineer to examine the data from the Event Data Recorder (EDR). He confirmed that “The Pre-Crash data corroborates Mr.
(my name)'s story that the vehicle brakes were not responding while coming down the hill. The speed increases in the five seconds prior to impact; there is no throttle application but there is a service brake application the entire time and no slowing down.”

A Safety recall, NHTSA recall # 25V392 Manufacturer recall # R10329 was initiated due to the Brake Control Module, noting, "Description of the defect or noncompliance:
Affected customers may experience a temporary loss of braking functionality after coasting downhill for at least 1 minute and 40 seconds with “B” drive mode for PHEV vehicles and “One Pedal Drive” mode or BEV vehicles without applying the brake pedal or (to a certain extent) the accelerator pedal. If the
situation occurs, pressing the brake pedal may remove braking functionality entirely."

I have been a loyal Volvo customer, having purchased our first Volvo in 1984.

I buy Volvos for one reason : Safety.

However, this is an illusion, since so much of the car is controlled by software and clearly this is what catastrophically failed on my new Volvo.

Tech revenge.

 

Thanks for sharing. That is very concerning, glad you are ok! It seems like that is precisely the issue that the latest update 3.6.4 addresses. The only aspect that doesn't necessarily line up, is that Volvo stated that the issue could occur after going downhill for over a minute (1 min 40 seconds or something like that). It appears, because you can see your house in the video, that you had just started going downhill. Though you do crash after ~1 min in the video. Were you in "B" Mode?

The issue was obviously serious considering they issued a stop sale for the past few weeks until the update was available, and you were hopefully one of the few that triggered it. I'm glad you are taking legal action, and do believe Volvo will take care of you. I hope and trust that the latest update addressed the issue and it's fixed now. IMO all vehicles, especially the Software heavy vehicles of today are susceptible to unsafe glitches like this, I guess I accept that as an added risk at the expense of having all the positive safety features.

 

That is not my house
I had been going down hill for at least 2 minutes probably longer

 

Ah got it, and you were in "B Mode"? If so, you did meet the specific state in which they stated this can happen. Completely unacceptable, sorry it happened to you. I am glad they fixed it relatively (though it's really never fast enough) quickly.

 

It’s been 5 weeks
Someone could of been killed
Volvo has yet to exam my car
I doubt most owners are even aware of this major Safty issue

 

Thanks for taking the time to share this - scary and utterly unnecessary. Glad you are safe

I doubt most owners are even aware of this major Safty issue

Volvo nagged me in the Infotainment, in the iOS app, and by email to OTA update to 3.6.4 within a day of its release, even after I had already done it. This is the most communication I’ve ever seen about a Senus or AAOS update - and it’s means it still may not be enough

Have you been in touch with Customer Care? i’m curious if their response was appropriate for this. I had a situation last year that felt less like communicating with Volvo of North America and more like someone at 4Imprint who could only drop ships me a Volvo tee shirts.

 

Bloody hell! This is insane... Only 3 weeks ago, I have been driving around in Grindelwald with my family (pregnant wife) on alpine roads with little to no protection... still on Firmware 3.4.15 ...

 

Reviving this one. I’m really glad the OP is getting media on board. Volvo’s mild reactive response to this was wildly unacceptable. I drive countless areas where downhills are 5+ minutes and this would be horrifying.

Exclusive: My Volvo Lost Brakes And Crashed After Software Update | Carscoops

Terrifying moments caught on camera as this XC90 lost braking while it descended a mountain road

www.carscoops.com

 

Anyone have a detailed understanding of modern car software /hardware architecture be able to explain how this type of safety risk could happen due to a software update? I was under the (false) impression that electronic controls and firmware would be separated from the OS to where key systems are independent and a hardware failure like this would not be possible.

For example, the OS can crash or go through a hard reset while the car is running. AC and stereo stop working, but power steering, lights, transmission all continue to work.

I'm concerned about what other critical systems are vulnerable to the same type of failure.

 

Anyone have a detailed understanding of modern car software /hardware architecture be able to explain how this type of safety risk could happen due to a software update? I was under the (false) impression that electronic controls and firmware would be separated from the OS to where key systems are independent and a hardware failure like this would not be possible.

A modern Volvo has over a dozen “computers” - the Infotainment system roughly resembles a PC or tablet, but many of the computers are embedded controllers or similar programmable systems that are running software/firmware but not an OS (RTOS or time sharing) running a presentation layer and one or more applications. I use “computer” loosely here since it’s ambiguous but the updates may touch any/all of them.

My understanding from my own update was that 3.5.14 updated 14 ECUs in addition to AAOS (rtos) and the infotainment stack. From public reporting and release notes, the new firmware for the brake control unit introduced the bug that cased this accident and the 3.6.4 OTA and 3.7 updates are intended to install new BCU firmware without the bug.

it’s not a matter of it being updatable - workshop or otherwise - that caused a problem. Volvo’s QC allowed bad BCU firmware to get pushed through their supply chain into cars out on the road.

if a customer had not been running a full data capture with dashcam when it happened with access to someone involved in accident investigation- this never would have been found or “fixed” so quickly.

If this is the level of QC their software truly goes through, they need to deputize 1000 more customers like the one who discovered this issue.

 

@jeisensc, thanks for the quick reply. I agree. I think we're all incredibly luck this was caught quickly with a relatively minor accident. Beyond the QC failures for a patch like this to get pushed out and cause this type of issue. I'm just blown away that these types of systems are susceptible to human error like this.

If you have key critical systems that can be updated with faulty software, those systems should have some type of built in redundancy so the vehicle can still perform it's basic safety functions.

 

I write robotic software for astronomical instruments, so not in the automotive industry, but I can see how something like this gets through. It's what you might have heard called an "edge case", and those are the absolute worst to catch. Think about all the times you've driven a car, and how many times you've gone down a hill for two minutes just coasting, never braking or touching the gas pedal...it's likely a super rare event in any ICE car. B mode allows more of a coast of course, as it handles the brakes for us, but apparently there was something in the software that turned it off after a certain amount of time, or possibly a certain distance or use, to avoid cooking the brakes. That shouldn't have allowed the car to accelerate though, it should have kicked in as a safety measure and stopped the car, or allowed the brakes to respond...the bug cut off the brake pedal use as well, and that's a huge issue that shouldn't happen.

All of this comes from the inability to test for every single possible thing that might happen, it's just never feasible to test everything. In old cars that wasn't as big of a deal, because the car was as built, and if there was a failure it was usually fixable and that was the end of it. New cars are full of software, so that means each update could have an issue introduced as they try to fix something else, and if the software passes their tests (which should be extensive), they will pass it. The code for everything has these edge cases lurking in them, and finding all of them and fixing them could take an infinite amount of time. And they can be really dangerous...the 737 MAX crashes were basically a software edge case that got through due to poor management and design decisions. Smart code works around it, if something goes outside of a bound the software reacts and shuts stuff down. The brakes should never fail though, pushing the pedal should always slow the car down (unless the actual hardware fails of course), so that should be something that all these car manufacturers think about.

This really could happen in any newer car with a brake by wire system, they all are susceptible to software bugs. I have watchdogs in my code that watch for errors and intervene if something goes wrong...car companies should do likewise, as once cars are automated they aren't going to be driving into the side of a hill to avoid a worse accident. Hopefully this wakes up the industry to go over all of their braking code and make sure that there is no way for it to fail due to software issues.

One other note...if you pull up the parking brake switch while driving it engages and emergency brake mode where you then use the foot brake to slow the car. This does brake hard and can damage the braking system if overused, so emergency only. It's difficult to do that while also driving down a twisty, skinny mountain road, and I don't know if the braking bug might have affected it, but it's something to keep in mind if you end up in a similar situation. Though, I'm not sure if the BEVs have a parking brake switch, so they might not have this capability.

 

but I can see how something like this gets through. It's what you might have heard called an "edge case"

Good points but have to nitpick here: > 1m 40s of driving on a downhill isn’t an edge case (nor a corner case) for a car in 2025

“An edge case is a problem or situation that occurs only at an extreme (maximum or minimum) operating parameter. For example, a stereo speaker might noticeably distort audio when played at its maximum rated volume, even in the absence of other extreme settings or conditions.”

AFAIK the only QA/QC/TQM term that applies in this situation might be “escaped defect”.

 

I write robotic software for astronomical instruments, so not in the automotive industry, but I can see how something like this gets through. It's what you might have heard called an "edge case", and those are the absolute worst to catch. Think about all the times you've driven a car, and how many times you've gone down a hill for two minutes just coasting, never braking or touching the gas pedal...it's likely a super rare event in any ICE car. B mode allows more of a coast of course, as it handles the brakes for us, but apparently there was something in the software that turned it off after a certain amount of time, or possibly a certain distance or use, to avoid cooking the brakes. That shouldn't have allowed the car to accelerate though, it should have kicked in as a safety measure and stopped the car, or allowed the brakes to respond...the bug cut off the brake pedal use as well, and that's a huge issue that shouldn't happen.

All of this comes from the inability to test for every single possible thing that might happen, it's just never feasible to test everything. In old cars that wasn't as big of a deal, because the car was as built, and if there was a failure it was usually fixable and that was the end of it. New cars are full of software, so that means each update could have an issue introduced as they try to fix something else, and if the software passes their tests (which should be extensive), they will pass it. The code for everything has these edge cases lurking in them, and finding all of them and fixing them could take an infinite amount of time. And they can be really dangerous...the 737 MAX crashes were basically a software edge case that got through due to poor management and design decisions. Smart code works around it, if something goes outside of a bound the software reacts and shuts stuff down. The brakes should never fail though, pushing the pedal should always slow the car down (unless the actual hardware fails of course), so that should be something that all these car manufacturers think about.

This really could happen in any newer car with a brake by wire system, they all are susceptible to software bugs. I have watchdogs in my code that watch for errors and intervene if something goes wrong...car companies should do likewise, as once cars are automated they aren't going to be driving into the side of a hill to avoid a worse accident. Hopefully this wakes up the industry to go over all of their braking code and make sure that there is no way for it to fail due to software issues.

One other note...if you pull up the parking brake switch while driving it engages and emergency brake mode where you then use the foot brake to slow the car. This does brake hard and can damage the braking system if overused, so emergency only. It's difficult to do that while also driving down a twisty, skinny mountain road, and I don't know if the braking bug might have affected it, but it's something to keep in mind if you end up in a similar situation. Though, I'm not sure if the BEVs have a parking brake switch, so they might not have this capability.

Good points but have to nitpick here: > 1m 40s of driving on a downhill isn’t an edge case (nor a corner case) for a car in 2025

“An edge case is a problem or situation that occurs only at an extreme (maximum or minimum) operating parameter. For example, a stereo speaker might noticeably distort audio when played at its maximum rated volume, even in the absence of other extreme settings or conditions.”

AFAIK the only QA/QC/TQM term that applies in this situation might be “escaped defect”.

I agree with this. With the amount of mountains I’ve driven on each side of the country, some over 10,000 feet, and in other countries, I can confidently conclude that ~1 min, 40 seconds downhill is not uncommon. I’ve driven mountains that have much, much longer downhills. Many at highway speeds. My favorite Arizona camping spots have downhills that are 5+ minutes.

Even during our first long drive in our 2017 XC90 during our OSD trip. We drove mountains in Switzerland that had much longer downhills.

Definitely a lack of oversight on Volvo by not developing a fail safe system to allow manual braking to always work. It sounds pretty simple from a safety minded manufacturer. But unfortunately, Volvo is losing its way fast with anything from this disaster to their billion dollar losses this quarter. Grim future.

 

Edge cases are not just "real world things that rarely happen", they are also "we never thought of that one". Volvo engineers probably don't coast down mountains that much, and most of their experience is in ICE cars where you either downshift or brake to control speed. Using al electric motor for a brake is still a new concept, so they probably fell back on "coasting for a long time is the same as coasting for a short time" and missed something in the code that put a limit on coasting in B mode. How that also killed the brake pedal is the real question, something in the software must have blocked out the real brakes in B mode so they weren't active anymore (which might have cut off the emergency brake as well).

I have my own edge case....in my 2024 V60 PE, if I drive in B mode with creep mode off but turn on the auto hold function, then tap the accelerator pedal while stopped, the car will start creeping forward and continue moving until I hit the brakes. Or presumably something else, I haven't tested that yet. The car should always obey the creep mode setting, and in B mode it should not continue to move forward if creep is off, ever. It's something that was likely never tested, I guess they assume that drivers won't use auto hold if they are in B mode with creep off. I still need to send this one in one of these days.

It's sadly a state of the world that we are all beta testing software for almost everything. And, in my job the software is always considered last and rushed out because the hardware team doesn't think it's as important and doesn't keep to their schedules. I suspect the same happens pretty much everywhere else, even as software becomes ever more critical, especially in safety...good projects put the software front and center at the beginning to make sure everything works in unison, though even then bugs do happen because programmers are human. And people talk about AI fixing this, but AI largely just copies code created by humans, it's not any better (and arguably worse than even moderately experienced programmers). Things do improve over time, but then new stuff gets added (required for competition) which starts the cycle all over again. Honestly, we're lucky there are not a ton of software related incidents in the world, the few that we already have are worrisome enough.

 

Volvo must have a fail-safe for critical systems like steering and braking. A driver needs to be able to override the computers. In non-adaptive cruise control, tapping the brakes disengages cruise control. In a prior life, I was in a software group that developed large-scale, real-time systems. It’s impossible to think of every situation. Testing can only go so far. That's the reason fail-safe is required. Think of the billions who use Apple iOS and Microsoft Windows and they still find bugs. Apple and Microsoft still issue updates and patches periodically. Volvo has how many owners?

 

Volvo must have a fail-safe for critical systems like steering and braking. A driver needs to be able to override the computers. In non-adaptive cruise control, tapping the brakes disengages cruise control. In a prior life, I was in a software group that developed large-scale, real-time systems. It’s impossible to think of every situation. Testing can only go so far. Think of the billions who use Apple iOS and Microsoft Windows and they still find bugs. Volvo has how many owners?

Yep, there should definitely be a fail safe, and I bet there is but that the bug caused it to be ignored, or a different fail safe (maybe to avoid heating the electric motor) overrode it. Ideally there would be a set test procedure developed by the industry and overseen by the feds that all cars have to pass before anything is released to the public, with the list of tests growing as bugs are found...that kind of oversight just doesn't happen unfortunately.

 

On a related note, I just called my local dealer about this issue. They told me it doesn’t impact my ’24 V60 PE, so I’m “Good to go."

Does anyone know if that is correct?

 

Do you have the updated software? Or are you running something before the software update that caused this? I'm on 3.4.4 which doesn't have the issue (I'm waiting until things with the 3.6.x update have finally settled). I don't know if maybe our cars don't have the brake module that failed or some other difference, but I thought this applied to any Volvos with that software version. So, check your software version, if it's 3.5.14 then I'd go in and have it updated no matter what they said about it.

 

Can check your vin number on the nhtsa website to confirm if your vehicle is affected: https://www.nhtsa.gov/press-releases/volvo-recall-urgent-brake-failure-warning-select-vehicles


My understanding is the issue is related to the brake control unit used in some newer v60 PHEV models. I have a 2024 as well and was not affected.

Wall Street journal posted an article https://www.wsj.com/business/autos/a-steep-mountain-drive-a-brake-failure-and-a-volvo-recall

 

Hope you are doing OK @Volvo_user3521 and thank you for posting to warn others.

What did you end up replacing the XC90 with?

Also curious as to what kind of dash cam set up you had in the XC90 (and do you have a recommendation for installer)? The footage is incredibly clear...