Undecimus: Device freezing after installing new substrate

This a severe issue but I doubt it’s related to unc0ver. Affecting more and more people if you see the subreddit. Because this all caused by new Substrate update. I guess only @Saurik can solve this. I have downgraded substrate to dummy version and resorted back to substitute. I have tried and failed to communicate with Saurik. Just hope @pwn20wndstuff will talk to Saurik about this.

@atifchy Please export your diagnostics from the unc0ver app settings tab. Then post it here. The freezing is most likely caused by a tweak.

As shown here.

@cryptiiiic, people are reporting freezing on freshly restored RootFS no tweaks installed! It’s substrate’s own problem, I guess. Whenever I switch back to substitute, everything works perfect. No freeze at all with same tweaks!

This seems to be a Substrate problem on A7/A8 devices, even with no tweaks installed. @soum91 Which device do you have?

Problem seen on Iphone X 11.3.1 Unc0ver v2.1.0 (latest one).
Browsing and created a new tab, safari froze at first so I exited and killed it and attempted to open safari again to see just a black screen. Exiting safari landed me on the springboard and at the attempt to launch twitter the device fully froze and needed a hard reset.
Tweaks are installed so this could be unrelated. Just mentioning it here if anyone else experiences it we can cross reference tweaks to hopefully locate a culprit.

I can confirm that since I’m on i6+ @ultra03. And thought probably I’m only one to encounter this first. I had freezing within the 30mins of Saurik’s releasing substrate.
@chasewhip8, saw few other people complaining about it being on iPhone X.

@Cryptiiiic, people are reporting freezing on freshly restored RootFS no tweaks installed! It’s substrate’s own problem, I guess. Whenever I switch back to substitute, everything works perfect. No freeze at all with same tweaks!

How are you going back to Substitute? I tried removing substrate (previous version) but its a dependency for Substitute.

Downgrade it to the dummy version

@BiasShadow downgrade cydia substrate

@atifchy I tried that but it kills my tweaks when I downgrade and try to go back to substitute.

Anything new?

Queue a downgrade of substrate to the dummy version and install substitute in one action. Is there a way we could give Saurik a better diagnostic of this problem

This issue appears to only affect me with heavy safari (most likely webkit) usage. Completely stable when not using it a lot I’m one sitting

Can now 100% confirm the issue is related to webkit and the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue. Music still continues to play in the background however phone calls do not come through along with any user input.

Downgrading substrate auto installs substitute, but substitute doesn’t work after that. It just goes into a safe mode like state but not actually in safe mode. As far as the issue, it’s not only related to safari. This freezing issue has happened to other apps (at least for me). I’ve also seen this when I’m trying to do anything like copy, pasting, selecting, etc...

Downgrading substrate auto installs substitute, but substitute doesn’t work after that. It just goes into a safe mode like state but not actually in safe mode. As far as the issue, it’s not only related to safari. This freezing issue has happened to other apps (at least for me). I’ve also seen this when I’m trying to do anything like copy, pasting, selecting, etc...

I cannot figure out how to remove Substrate after ending up with both substrate and Substitute.

You can just remove substrate like you would any other tweak, but doing that ends up removing all tweaks including substitute. I’ve been asking this and no one has been able to give a straight answer on it.

So there is no way of removing Substrate without removing all of your tweaks. It would be really nice to hear something from pwn20wnd about Substrate update.

@KMamedoff There is a way

• Just to go your newly installed substrate modify>downgrade to the dummy one(which just automatically downloads substitute);
• then reboot your device and re jailbreak it.

none tweak is removed.

@bhupendpatil I don’t think you read up. Downgrading substrate to dummy and installing substitute doesn’t work. It kills tweaks. I’ve done the same instructions you posted and it doesn’t fix anything.

@BiasShadow, you don’t have any idea what you did wrong I guess. Tweaks only get removed if you REMOVE it! This happens when you remove one those basic dependency of the tweaks like Substrate, Substrate Safe Mode.

I downgraded Substrate like 10-12 times while trying to find out the reason of substrate freeze fix. Never had a single tweak removed!

@KMamedoff There is a way

• Just to go your newly installed substrate modify>downgrade to the dummy one(which just automatically downloads substitute);
• then reboot your device and re jailbreak it.

none tweak is removed.

Thank you.

I never removed any tweaks. That’s why I’ve been explaining the issue with downgrading and such. Downgrading Substrate to dummy installs substitute. In this state (even after rebooting and rejailbreaking) tweaks do not work. Removing substrate removes all tweaks including substitute. You can’t have just substitute like before because substrate is a dependency of substitute. No one has been able to provide any information on this except giving the same information that is already been stated. If there is a different, missed action, then that’s what I have been asking for. Like I said, I’ve done exactly what has been instructed multiple times in this thread.

I never removed any tweaks. That’s why I’ve been explaining the issue with downgrading and such. Downgrading Substrate to dummy installs substitute. In this state (even after rebooting and rejailbreaking) tweaks do not work. Removing substrate removes all tweaks including substitute. You can’t have just substitute like before because substrate is a dependency of substitute. No one has been able to provide any information on this except giving the same information that is already been stated. If there is a different, missed action, then that’s what I have been asking for. Like I said, I’ve done exactly what has been instructed multiple times in this thread.

Tweaks are working as shey should after downgrading to dummy version of Substrate.

Then yea I don’t know what’s going on my end.

Maybe you disabled "Load Tweaks" in unc0ver preferences?

No, I don’t know what it is. I’m at a loss, it’s been a bumpy ride with Unc0ver. Pretty much the same since early Electra days although my stability has been slightly better now than before. I still have pretty often resprings and reboots. I’ve done a restore and that hasn’t fixed anything either.

Enable this.

Yea I have that enabled by default. Good news though. I tried following the same steps again (because why not) and after 11 (stopped counting) post jailbreak respring loops, it finally worked. Hopefully respring loops aren’t a common thing from now on. Like damn, as soon as the jailbreak said “jailbroken” it went right into a respring loop before even restarting and going to the home screen.

Respring loop has never been a common thing with unc0ver though. Most likely your tweaks are causing it.

Unc0ver has issues with CarPlay per various others who have the same issue. There’s also a thread dedicated to “long resprings” aka respring loops. It very much exists in Unc0ver.

@Chasewhip8 Can you say more about "the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue"?

@Chasewhip8 Can you say more about "the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue"?

He is talking about this.

OK, I've managed to replicate the issue in that thread: thanks for the clear steps to reproduce the issue! At its core, this behavior happens because amfid and substrated are being killed at the same time (which it would be nice to just avoid as much as possible, but I have so far totally failed to make JetsamPriority protect my process; earlier versions of substrated weren't using launchd: I wonder if that might have helped protect it, but I don't know enough about Jetsam); but like, as what Substrate is doing (and has been for years now) is essentially using amfid to provision executable pages, it fails to initialize itself (because, and this is silly, it accidentally needs executable pages to run at all? this is trivially fixable) and then (theoretically, if it got this far, which it doesn't) fails to hook the xpcproxy for amfid (as I'm doing this using "the full machinery", which needs executable pages). I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

Thank God, finally you got your hand on this apparently unfixable issue, Saurik! No one ever got this I guess. I really believe you will eventually fix it so there won’t any kernel panic induced reboot!
This is why there is no alternative to Saurik!

Thank you @saurik!

Glad my finding helped, should have referenced the original electra issue but disk s have time. Thank you.

@parrotgeek1 I'm pretty sure launchd is a built in part of iOS written by apple.

This would prevent the process being killed but there is probrably a reasan for them not doing this.

@parrotgeek1 This is not correct. Substrate does no longer hook posix_spawn(). And increasing the amount of code that goes into launchd would only help with increasing the chances of it crashing and the device going down in flames.

@parrotgeek1 I believe Saurik is working on a blog post about how the new Cydia Substrate works. You should definitely read that once it comes out.

@parrotgeek1 I can't put all of the logic of substrate into launchd as it does not have the correct entitlements.

@pwn20wndstuff (You are incorrect, on all counts ;P.)

@saurik is it fixable?

@KMamedoff

I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

@saurik Are you still hooking posix_spawn() for DYLD_INSERT_LIBRARIES? I am confused with that.

@saurik We can inject entitlements to launchd, although that would require a dirty hack ;(.

I am horribly confused about the fact that some people are "reportadly" running Cydia Substrate and the jailbreak's own posix_spawn hook at the same time :\ .

@pwn20wndstuff I am also somewhat confused by that, but Substrate is essentially three parts: an injector (which has slowly gotten more intricate over the past decade, but generally has the goal of getting some code running into as many processes as possible), a loader (which is a stupidly-simple dylib that iterates a folder and decides what extensions to load) and a hooker (which has to be able to edit code and create executable pages); what I'm guessing they are doing is running substrated (so Substrate's hooker works), but not letting it hook its injector into the system (instead using their existing injector to inject Substrate's loader).

what we can say? thanks man:) @saurik

@saurik We can inject entitlements to launchd, although that would require a dirty hack ;(.

What is this dirty hack you speak of?

@viggou changning entitlements on kernel, however messing with launchd is not a great idea due to how important it is, if something happens to launchd whole device panics.

Is launchd even getting modified at all with substrated in place?

@Chasewhip8 It was on all previous versions of substrate, but I believe the new one doesn't specifically just inject to launchd, instead it hooks posix_spawn & execve globally, so substrate will load into everything executed by anything instead of just things executed by launchd

The specific issue described in the thread (that involves the Twitter reproduction; which may very well have been totally unrelated to the initial report) has been fixed in Substrate 0.9.7010 (though I have no idea if what I have done in this update is a good idea or not ;P time may tell).

The specific issue described in the thread (that involves the Twitter reproduction; which may very well have been totally unrelated to the initial report) has been fixed in Substrate 0.9.7010 (though I have no idea if what I have done in this update is a good idea or not ;P time may tell).

Thank you. There was a freezing issue on A7/A8 devices. Is that fixed?

@KMamedoff Judging from the fact that the Twitter bug blows up your RAM making iOS kill random daemons (ok not really random), including substrated/jailbreakd & amfid, I'd suppose that is the same bug, because those are exactly the devices with less RAM and thus, more likely for iOS to kill daemons

@saurik I have been testing the new update for about 20 minutes or so by performing various tests and so far, the device is still up and hasn’t frozen yet (I have rebooted after the installation)

Device: iPX (11.1.2)

Issue:
Updated substrate, Cydia forced closed after, reinstalled unc0ver (expired), rebooted device. Device booted, jailbroke the device and stuck in loop until the device restarts or force reboot.

Test1:
Disable tweaks in unc0ver all is well.

Test2:
Disabling tweaks via iCleaner. _Current tweaks running on this device._
Flipswitch
hid-support (no idea)
hid-support (yes there is two)
iCleaner
PreferenceLoader
RocketBootstrap
Substrate SafeMode
Unc0ver Jailbreak Resources.

Test3:
Other user is testing by turning daemon reload off in U0

I have another user on my discord iPX (11.1.2) same issue.

_Just in from the other user: "The fourth time with daemon reload off it booted right into substrate"_

Device: iPX (11.1.2)

Issue:
Updated substrate, Cydia forced closed after, reinstalled unc0ver (expired), rebooted device. Device booted, jailbroke the device and stuck in loop until the device restarts or force reboot.

Test1:
Disable tweaks in unc0ver all is well.

Test2:
Disabling tweaks via iCleaner. _Current tweaks running on this device._
Flipswitch
hid-support (no idea)
hid-support (yes there is two)
iCleaner
PreferenceLoader
RocketBootstrap
Substrate SafeMode
Unc0ver Jailbreak Resources.

I have another user on my discord iPX (11.1.2) same issue.

Odd, I have a few more tweaks than your device, however I haven't been put into a respring-loop. Users are suggesting disabling the "Reload System Daemons" toggle in unc0ver to temporarily fix the problem. A _bunch_ of users are reporting this issue in the r/Jb Discord.

EDIT: Rebooted, jailbroke, lead to instant respring loop.

I can confirm issue seems fixed but device enters a respring loop after the update. However only with certain tweaks or tweak combos, I tried with a few tweaks and after ldrestart everything was fine but things like Rocketbootstrap or Watchdog cause a respring loop.

Seems like tweaks that hook into daemons cause this, and obviously disabling reload system daemons will make those tweaks not inject, hence issue is "fixed"

@jakeajames I have Rocket Bootstrap installed and (ldrestart&)& works for me :(.

I can confirm issue seems fixed but device enters a respring loop after the update. However only with certain tweaks or tweak combos, I tried with a few tweaks and after ldrestart everything was fine but things like Rocketbootstrap or Watchdog cause a respring loop.

Seems like tweaks that hook into daemons cause this, and obviously disabling reload system daemons will make those tweaks not inject, hence issue is "fixed"

I have Rocket Bootstrap, Flipswitch, PreferenceLoader, Substrate SafeMode, Unc0ver Jailbreak Resources installed and my iphone 7 11.3.1 device works just fine.

This seems very weird then @saurik. i literally tried only rocketbootstrap with nothing else and got a respring loop

@jakeajames Are you getting crashlogs stored?

@KMamedoff Judging from the fact that the Twitter bug blows up your RAM making iOS kill random daemons (ok not really random), including substrated/jailbreakd & amfid, I'd suppose that is the same bug, because those are exactly the devices with less RAM and thus, more likely for iOS to kill daemons

That bug seems to be not fixed.

11.1.2 (iPX) every tweak disabled in iCleaner. Still loops.

It is possible that Substrate itself is breaking the ability to store crashlogs. Can someone maybe try this build of Substrate, which goes out of its way to not mess with CrashReporter? (Essentially: if you are getting a "loop", and not a "stuck", then you should be able to get a crash report.)

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7010+scr_iphoneos-arm.deb

@saurik Could you host 0.9.7000 for users to downgrade to? Respring-loop issue seems to be happening only on iP8 and up.

Device: iP6s (11.3.1)
0.9.7010+
Everything is okay after this update!
and yeah I have rebooted after the installation

@FivePixels Oh: I forgot the -m flag to dpkg-scanpackages: that should be fixed now. (FWIW, I'm testing on an iPhone X.)

@pro-cydia The only difference between 0.9.7010 and 0.9.7010+ I just posted is that the + variant doesn't inject into CrashReporter.

@saurik I updated to the new Substrate version and after rebooting and rejailbreaking, I was stuck in a respring loop. Then I force rebooted my phone, rejailbroke it again and bang! it worked! No more respring loop. Also it's worth mentioning that I did NOT toggle off the "reload system daemons" option. It just worked.

I do not (ever) get a respring loop (while having trouble tweaks like watchdogpro etc, hundreds of packages installed) if I jailbreak without tweaks and load tweaks afterwards. On the "bad" substrate, rebooted and latest unc0ver. For what it's worth. iPX 11.4b3.

@saurik.

errors iphone 6 11.3.1.

substrated.wakeups_resource-2018-12-29-011904

https://justpaste.it/4ho11

https://pastebin.com/vPQ3M380

jetsam
https://pastebin.com/HcuJxUJF
https://pastebin.com/QK9rwsEf

analysitcs rebooted my phone
https://pastebin.com/hq6tewMN

@saurik

My crashlog on iPhone X - substrated.wakeups

https://pastebin.com/ApMKNhE7

@lanigc While the wakeups kill is super annoying, it should be harmless? What is really weird is that I'm seeing jailbreakd in your process list (in addition to substrated); can you explain what settings you are using with what version of what jailbreak tool?

Uncover 2.0.2

substrate http://apt.saurik.com/beta/substrate11/mobilesubstrate_0.9.7010_iphoneos-arm.deb

Uncover 2.0.2

substrate http://apt.saurik.com/beta/substrate11/mobilesubstrate_0.9.7010_iphoneos-arm.deb

You should install 2.1.0.

@lanigc The developers of unc0ver had said that they only expected versions 2.1.0 and later to work with Substrate.

Okey. thanks

@saurik your new version of substrate works with unc0ver v2.0.2 on my iPhone 7 running 11.3

Hi, Im using Ipx after i updated to the new substrate im unable to rejailbreak because of respring loop. Any suggestions? Thanks

Everything fine with substrate 0.9.7010 and unc0ver 2.1.0 with 15+ tweaks.
Rejailbroke completely fine...

iPhone 6 (11.3.1) froze when opening any app. Using latest 2.1 beta with new substrate update.

Tested 0.9.7010 too, looks fine on iPhone 6S, iOS 11.3.1

Ok, so I rebooted after installing the update and had a respring loop. Force shutdown the device and then re-jailbroke with the same settings. The device sat in the respring for a little longer than usual but it succeeded into the OS as normal.
https://hastebin.com/azibokovow.makefile

I have pushed 0.9.7011 with an attempt to prevent Substrate from being killed by Jetsam.

(FWIW, I realize that a lot of people are saying they have experienced a "respring loop"—as in, SpringBoard starting over and over again, but crashing each time—but not a single person has provided evidence of this: all I've seen is evidence of is a single attempt to restart all daemons getting "stuck"; I have managed to replicate this behavior, and it is due to a window of opportunity where Substrate being killed while waiting for a mach port to recycle leads to the process it is hooking not starting.)

Just upgraded it on my personal device (iPhone 7 on iOS 11.3.1 with the latest unc0ver 2.1.0 Pre-Release) and it’s working (I have never had issues with the last update in the first place though.).

0.9.7011 fine in iPhone 7 iOS 1131 with rebooting and rejailbreaking

@saurik The reason why we keep telling everyone to be on 2.0.0 or later (Not 2.1.0 btw) is because the older versions didn’t use MobileSubstrate’s new ServerPlugins functionality for MSUnrestrict0() (For applying sandbox/setuid/task_for_pid patches to processes) older versions used jailbreakd along with a dirty posix_spawn() hook to do this job and obviously weren’t effective on the entire system

Sorry for not enough evidence @saurik , however, what evidence would have been proper for this? Anyways, testing the update now. Thanks again.

Was able to install 0.9.7011 on iPX 11.1.2 and 11.3.1 without it looping after reboot.

Can confirm the update has no problems.
Very good work.

@saurik, I guess the actual issue of #165 has not been fixed that’s occurring on A7/A8 devices. It seems issue discovered the james’ has been fixed for other devices but not completely fixed for those low ram devices. Although number freezes has been reduced while actively using the phone. I had freeze even in safemode on my i6+. And the weirdest bug that I first time I faced with the 0.9.7000 has occurred once again with 0.9.7011 too. This happens when the device is locked. The device acts really weirdly, becomes unresponsive as if it’s turned off. Display won’t turn on, no charging chime when charging plugged in. This finally ends up in kernel panic and the phone reboots. If you want I can provide you the kernel panic log. Please do something about this problem, Saurik.

Yea the issue still exist on iPhone X 11.3.1 with only Uncover Jailbreak Resources, safe mode, CrashReporter, and iCleaner Pro enabled in Cydia Substrate Addons. Tried opening PayPal, but it crashed

@BiasShadow
this thread is for freezing issue ..

for PayPal crash use PalBreak

As far as a respring loop, I don’t know the proper terminology, but I’ve experienced times where springboard would crash and be stuck in that state (endless spinning) and then reboot. This has happened most when using CarPlay (with or without CarBridge). These “loops” have also happened after jail breaking since substrate update where as soon as Jailbreak has success, it goes to load springboard (initial), but never finishes and then crashes into a reboot

So the freeze in safemode is occurring when a cydia installed app is opened. The device just freezes when the icon is tapped.

@yaf3i this thread includes apps. The substrate update affects apps too. It’s all in the thread. Also, the PayPal issue occurs after substrate and occurs for other apps too.

make sure you are on 2.1.0 and latest version of Substrate (7011)

PayPal crash cause of JB detection use PalBreak for JB detection bypass

I wouldn’t have posted if there was an update

PayPal isn’t crashing because of Jailbreak detection. All apps have worked before update

If what you’re saying is true, then some how apps I used daily randomly started crashing even when they don’t receive updates. PayPal isn’t the only app.

Sometimes when I use Xcode to build and app my device becomes unresponsive and reboots.

@saurik iPhone 5S and 6 users are still reporting freezing issues that appear to be much more brutal even after the latest update (Freezing just a few minutes after jailbreaking.)... Do you have any clue about what the issue may be yet? If not, I can find some helpful people who are having this issue and redirect them here to help you identify it

@saurik I got a Reddit user to provide syslog from their iPhone 6 that has freezing issues with Substrate and have noticed that kernel repeatedly logs this message till the system freezes "vnode: table is full"!

@soum91 the panic log would be helpful.

@chasewhip8 & @pwn20wndstuff I have “panic-full” log if it helps; iPhone 6 11.3.1

@pwn20wndstuff

Do you have any clue about what the issue may be yet?

I pretty much have "no clue": like, I have one idea, and I am almost 100% sure that it is wrong.

I got a Reddit user to provide syslog...

Do you know if this includes the output from ASL? (Substrate logs its status and errors to ASL.)

vnode: table is full

This is really interesting... it either means that substrated is being rapidly started and restarted over and over again (maybe it is crashing!), or it means that the memory layout of these devices is somehow different in a way that is messing with my ability to construct deterministic hooks.

@saurik In addition to that, I have also noticed that the devices that are having the "vnode: table is full" issue have significantly less capacity for vnodes (kern.maxvnodes=3700 compared to kern.maxvnodes=4700 on the other devices.). Perhaps, are you mapping too many files? It’s also worth mentioning that host_page_size() is known to lie on those devices, just saying in case you have an important check that depends on it. Also, while I was writing this comment, the reddit user finished testing my (temporary) advice (Increasing kern.maxvnodes.) and has reported that the device was running smooth now

It seems like this isn’t quite a system lockup but a kernel panic. May need to ask them for a panic log too

I’ve experienced times where springboard would crash and be stuck in that state (endless spinning) and then reboot.

@BiasShadow Yeah, so that doesn't sound anything like a "loop": that just sounds like it is "freezing". If anyone has an actual "loop" that is going to be like, a five minute fix with the right kind of log; but if you are having it just freeze, then that is much more complex to diagnose.

Tried opening PayPal, but it crashed

OK: I've replicated this issue. This is definitely unrelated, and is something I've seen before (but not nearly so brutally). What is happening is PayPal is using an Objective-C category to hook code that is a dependency of loading the "main bundle". I will try to fix this one today.

Substrate causes some system daemons to act weird and hog CPU (including 7011) on A11 devices. Daemons such as diagnosticd, mobilewatchdog, aggregated are the main ones that cause the battery drain. The problem seems to have disappeared after going back to Electra 1.0.4+Substitute from unc0ver 2.1.0 + 7011 Substrate.

@perrycucko This issue is caused by tweaks. We have already discussed about this on Twitter and Reddit

@saurik It’s been over 30 minutes or so since the tester increased kern.maxvnodes on their device. According to them, they haven’t experienced any issue yet whereas before doing this, their system would fall down in flames every 10 minutes or so

It’s also worth mentioning that host_page_size() is known to lie on those devices, just saying in case you have an important check that depends on it.

@pwn20wndstuff This is quite likely going to cause me some kind of problem.

Can someone run the following program and give me the output?

https://cache.saurik.com/random/github-20181229/pagesizes

@saurik The only case I know where host_page_size() lies is the iPad Air 2 and iPad Mini 4. iPad Air 2 is A8X and Mini 4 A8. yalu102 relied on that for the KPP bypass, and those devices were a special case, Todesco had to hardcode the fact that they use 4K pages, unlike 16K which is reported by host_page_size(). However I own an iPad Air 2 and haven't noticed any issues like those people are saying "every 10 minutes" or so. I only encountered one random freeze today (for the first time in unc0ver) and nothing similar since. Tried to replicate it by triggering the Twitter bug, but after three times in a row of memory pressure device is still working with no problems.

@saurik I just got someone with an iPhone 6 to run it. Results are interesting

sysctl(hw.machine) = iPhone7,2
sysctl(kern.osrelease) = 17.5.0
sysctl(kern.osproductversion) = 11.3.1
vm_kernel_page_size = 4096
host_page_size() = 4096
getpagesize() = 16384
sysctl(vm.pagesize) = 4096
sysctl(hw.pagesize) = 16384
sysctl(hw.pagesize32) = 16384

@saurik Also, while we are all confused with this, the Reddit user that increased kern.maxvnodes limit finally got a panic again (It took a while this time). This was obviously not a fix anyway

@saurik Do you have any idea about the confusing output? Is Substrate even affected by this?

Another person’s output:

64 sysctl(hw.machine) = iPhone7,2
64 sysctl(kern.osrelease) = 17.5.0
64 sysctl(kern.osproductversion) = 11.3.1
64 vm_kernel_page_size = 4096
64 vm_page_size = 16384
64 host_page_size() = 4096
64 getpagesize() = 16384
64 sysctl(vm.pagesize) = 4096
64 sysctl(hw.pagesize) = 16384
64 sysctl(hw.pagesize32) = 16384
32 = 86 [Bad CPU type in executable]

I got enough outputs from iPhone7,2’s (iPhone 6)

Here's mine, keeping in mind this is theoretically wrong, as iPad Air 2 uses 4K pages

64 sysctl(hw.machine) = iPad5,3
64 sysctl(kern.osrelease) = 17.5.0
64 sysctl(kern.osproductversion) = 11.3.1
64 ProductVersion = 11.3.1
64 vm_kernel_page_size = 16384
64 vm_page_size = 16384
64 host_page_size() = 16384
64 getpagesize() = 16384
64 sysctl(vm.pagesize) = 16384
64 sysctl(hw.pagesize) = 16384
64 sysctl(hw.pagesize32) = 16384
32 = 86 [Bad CPU type in executable]

@jakeajames Was this distinction from iOS 10? Like, is the thing you are talking about an issue that Luca was running into while working on iOS 10 jailbreaks? (Or maybe the issue is just if you are sitting in the kernel trying to do really low-level attacks?) I'm just confused, as based on what I'm seeing with other devices, I'd have considered the 64-bit processes to be at least internally consistent (so it almost doesn't matter what is being reported): like, I am struggling to come up with a way to actually cause a 4k page in a 64-bit process on a device that I know has 4k pages.

In the most recent version of pagesizes I've added an attempt to experimentally verify the page size with vm_remap. Can you run the latest version on your iPad Air 2?

I have also started doing an audit of everything I do in Substrate with respect to page sizes. I've found a couple places where I'm like "maybe this could be wrong?"; but again, the only scenarios would be when dealing with 64-bit/32-bit cross-process interaction :(.

FWIW, this is the output from an iPhone 6+ running iOS 8.0.

64 sysctl(hw.machine) =  iPhone7,1
64 sysctl(hw.machine) =  iPhone7,1
64 sysctl(kern.osrelease) =  14.0.0
64 sysctl(kern.osproductversion) = :(
64 ProductVersion = 8.0
64 vm_kernel_page_size = 4096
64 vm_page_size = 16384
64 host_page_size() = 4096
64 getpagesize() = 16384
64 sysctl(vm.pagesize) = 4096
64 sysctl(hw.pagesize) = 16384
64 sysctl(hw.pagesize32) = :(
64 vm_remap = 16384
32 sysctl(hw.machine) =  iPhone7,1
32 sysctl(kern.osrelease) =  14.0.0
32 sysctl(kern.osproductversion) = :(
32 ProductVersion = 8.0
32 vm_kernel_page_size = 4096
32 vm_page_size = 4096
32 host_page_size() = 4096
32 getpagesize() = 4096
32 sysctl(vm.pagesize) = 4096
32 sysctl(hw.pagesize) = 4096
32 sysctl(hw.pagesize32) = :(
32 vm_remap = 4096

@saurik, Luca's issue was related to the KPP bypass which needed to know kernel page sizes in order to correctly work, he was relying on host_page_size and at the end he did this hack:
https://github.com/kpwn/yalu102/blob/master/yalu102/pte_stuff.h#L66. It could however be related to low-level things as you said, because Ian Beer's empty_list exploit also utilizes host_page_size() and on my Air 2 it almost never works if I change the result to 4K, that is very weird and confusing indeed.

Here's new output:

64 sysctl(hw.machine) = iPad5,3
64 sysctl(kern.osrelease) = 17.5.0
64 sysctl(kern.osproductversion) = 11.3.1
64 ProductVersion = 11.3.1
64 vm_kernel_page_size = 16384
64 vm_page_size = 16384
64 host_page_size() = 16384
64 getpagesize() = 16384
64 sysctl(vm.pagesize) = 16384
64 sysctl(hw.pagesize) = 16384
64 sysctl(hw.pagesize32) = 16384
64 vm_remap = 16384
32 = 86 [Bad CPU type in executable]

So, the error log for substrated is stored in /var/tmp, which is semi-unuseful. This is a debug build of Substrate which 1) moves the log to /Library/Substrate (so you need to make that folder) and 2) turns on MSDebug in substrated (which causes it to spam every single operation it is doing to the log).

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7012~b1+3.g0d39cb1+lsl_iphoneos-arm.deb

@pwn20wndstuff Do you think that you can get a user that is running out of vnodes to run this (after creating /Library/Substrate; if that folder isn't there they go to /var/tmp still), and then send a copy of the logs (potentially all of the multiple logs, as maybe substrated is crashing over and over again)?

(FWIW, these logs would be useful to obtain from anyone else who is experiencing freezing issues.)

@saurik On it

(This version does really log a lot ;P.)

Just had my second freeze on substrate. Noticed one small fact which may or may not be useful, while hard-rebooting a very small timeframe before the apple logo my device sort of "unfreezed", it triggered all the touch events I had sent while on the frozen state, this happened the first time as well

Edit: I'll try that new build tomorrow and see if I can get it to freeze again. Now it's kinda late

@jakeajames this happens to me whenever I froze using substitute.

... and then send a copy of the logs (potentially all of the multiple logs, as maybe substrated is crashing over and over again)?

@saurik I have collected a couple of logs. What's the best non-public way of sending them to you? Link via email?

@DeathIsUnknown logs are fine to be sent publicly. It’s just logging substrated

@Chasewhip8 Sorry, I'd rather err on the side of caution regarding log files whose content I can't proof for private data, regardless of what they're meant to and not meant to contain.

@saurik Sent you an email with a link to some logs.

I mean sure, however logs are in plain text.

Link via email?

@DeathIsUnknown That works!

logs are fine to be sent publicly. It’s just logging substrated

This log includes the names of programs that you are running; there is a potential for that to be sensitive information. It is also theoretically possible to figure out what extensions the user has installed that are using MSHookFunction (but that would be extremely difficult), which a user might consider sensitive.

I mean sure, however logs are in plain text.

FWIW, these logs contain large blocks of binary data (which should all be code, though, not data, so other than contributing to the identification of software, it won't include any private information).

My bad, was not aware of that.

Sent you an email with a link to some logs.

@DeathIsUnknown (Oh, lol: I had seen your comment and was already analyzed your log before getting around to later writing that comment.)

So, I think I was able to figure out what was going on from your logs!! I think this build (which still has all of the crazy logging plus even some more logging that I had turned off before that would have been useful) might work; would you mind trying it out?

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7012~b1+6.gf040135+lsl_iphoneos-arm.deb

(Note: I am still analyzing the potential of a vnode caching issue; these logs are showing a lot of unique executable pages... I would expect fewer than 50, but this is showing well over a thousand.)

would you mind trying it out?

@saurik Done. See your email inbox.

@DeathIsUnknown Thanks!! It is weird that amfid seems to just stop responding. One option is that it crashed, but I don't see CrashReporter trying to start in these logs. It also could have wedged, but I don't think the stuff I inject into it can wedge :/. Another option is that I managed to use up all of your vnodes, as there definitely are thousands of hooks being allocated here... I've finished a build that, with an annoying tradeoff (I didn't implement the full mechanism I'd like for this to handle concurrent hooks), ensures that it never accidentally creates the same hook multiple times when there are rushes to hook many processes at the same time. Can you try this build?

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7012~b1+7.gfbd45be+lsl_iphoneos-arm.deb

I have ıphone 6. My phone 11.1.2 unc0ver 2.1.0, Cydia substrate freezing and white screen:(( 0.9.7000,0.9.7010 and 7011...How can I do..?

Can you try this build?

@saurik New logs sent. Sorry for the delay.

@DeathIsUnknown Thanks!! Like, seriously: this is so so so helpful. And this is actually going great: the fixes I made in the previous builds for the overall message system to be working (which I think account for the occasional issues on random devices), and now I'm able to see very clearly what is going on with the vnode leak (which I'm presuming is the issue that is affecting some hardware but not other hardware): the issue is that hooks I'm making in processes aren't deterministic on your device due to some difference in accessible memory regions. (What device do you have, btw?)

I've added a change that might fix this problem, and a ton of logging to this part of the system (in case it doesn't work, and to help me verify this fix is correct: I even try the old mechanism and then log my way through the new one to verify what is going on) to this build; would you mind trying this one? (Watch me have made something really dumb in this one, like a typo, or not leaving myself quite enough room.)

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7012~b1+10.g384b5bc+lsl_iphoneos-arm.deb

OK: now that I know what I'm looking for, I've realized I can replicate the behavior on iOS 8.0. (It is stupid, as I'd noticed this issue already while testing a while back and added a workaround, which I thought would be "no worse than older versions of Substrate", but in fact it is worse as these newer versions of Substrate can't get rid of vnodes once allocated. I guess I need to build a garbage collector for hooks that tracks processes still using them to mitigate similar corner cases :/.)

Regardless, I think I fixed this issue "correctly" in 0.9.7012.

What device do you have, btw?

I was the first one to run your pagesizes script. iPhone 6 (128GB) A1586, iOS 11.3.1
sysctl(hw.machine) = iPhone7,2
sysctl(kern.osrelease) = 17.5.0
sysctl(kern.osproductversion) = 11.3.1

would you mind trying this one?

I gave it a quick try over a couple of hours, but didn't run into any freezing. I can test some more tomorrow.

I gave it a quick try over a couple of hours, but didn't run into any freezing. I can test some more tomorrow.

I second this. I have an iPhone 6 64GB on 11.3.1.

Have you looked into fixing the PayPal issue yet?

@pwn20wndstuff This has been fixed in 0.9.7013.

@saurik Should a system reboot be required after the update to restart substrated?

@saurik Thank you once again. - I have deleted my comment since @sbingner confused me in Discord telling me that it was their jailbreak detection right after I made that comment -.- (The comment was about the PayPal issue).

I was told by a user on Twitter that this new update also fixes "Instagram Stories", which was something that I was getting questioned about for a long time

@Chasewhip8 When you upgrade to a new version of Substrate it will immediately install and run the new version of substrated (which, to be honest, might be really bad ;P).

@Chasewhip8 When you upgrade to a new version of Substrate it will immediately install and run the new version of substrated (which, to be honest, might be really bad ;P).

What’s so bad about it?

I'm on the latest version of substrate I think and it works smoothly better than substitute I can tell ya that much

@KMamedoff It might not be really bad! I don't know. I am just concerned that the live upgrade procedure is sketchy (which is why I note in the depiction that users should consider rebooting if they are running into weird issues after an upgrade).

@saurik if I run into any issues with the new update I'll let you know

Did update to the latest and haven't seen any crash for the past hour (I'm using a 6+ [A1522] 64GB 11.3.1). Will do some extensive testing later.

@saurik I know this is unrelated to the topic but: What does Cydia Eraser need to be updated except for getting a slice for arm64? I am willing to collect all firmware urls if it is just about it.

What does Cydia Eraser need to be updated...

@pwn20wndstuff I don't know until I start to do the update. I actually have that on my todo list. (The URLs are automatically scavenged by my servers, so I actually can generate that part with a database query; but sometimes Apple changes the file format, and sometimes there are quirks with the new firmware or the jailbreak or something. I simply didn't have a jailbreak for a long time where I felt like I was actually able to install an app easily... now that you do I intend to release an update.)

...except for getting a slice for arm64?

(For build environment reasons this is going to be weirdly annoying :/.)

Cydia Substrate 0.9.7020:
We can confirm there's no issues with any thing "freezing, crashing"
tested on = iP6(11.3)
tested on = iP6S(11.3.1)

@saurik I see... If you can compile it for arm64, just know that I am willing to test it

@saurik Also, since Substrate (rewrite) finally seems to be stable, do you plan on moving it to Telesphoreo and creating a separate repo for iOS 11 users (non-beta) after more testing?

And once the update is out of beta unc0ver will officially switch users over and completely remove jailbreakd?

The one thing missing for me now with this rock solid stable Substrate is getting the HSBC UK app to work.. it’s fine with Substitute using LaunchInSafeMode but I don’t want to go back to that ever again if I can help it..

@Chasewhip8 I am planning on releasing 2.1.0 in a bit which will conpletely kill jailbreakd

@tiggerite They are most likely checking if Substrate is loaded onto their process

Awesome. Great to see. Awesome work by everyone involved.

Also, since Substrate (rewrite) finally seems to be stable, do you plan on moving it to Telesphoreo and creating a separate repo for iOS 11 users (non-beta) after more testing?

@pwn20wndstuff It will not be in "Telesphoreo" (that is the project for my command line tool suite, which I will no longer maintain; it happens to share a repository with the core Cydia repository: a new repository URL would be a Cydia-only-no-Telesphoreo repository). I will probably create a less-beta repository for this new generation of stuff that has very little in it if this actually seems to work for like, at least a day or so ;P.

Deleted post Becuse once restart after update could not reproduce crash.

Ok @saurik what about WinterBoard?
Any plans to update it for iOS 11 🤔

My battery information doesn't load anymore, any fix for this

@Saurik, where can we find the dev file? I had tried one that you posted and tried downgrading back to substitute, but now Cydia won’t even open. Even when jailbreaking with no tweaks and such

Edit: nevermind, not even restore rootfs fixes Cydia crashing.

@61Halim I use iPhone6 (11.3.1) with 0.9.7020 it’s perfect for me so far

For the past latest versions (11 -> 13), my device would freeze after a while and go into safe mode (I would wake up with my phone in safe mode). Any logs I can send of this? Or is it fixed in .20? I just updated.

For the past latest versions (11 -> 13), my device would freeze after a while and go into safe mode (I would wake up with my phone in safe mode). Any logs I can send of this? Or is it fixed in .20? I just updated.

The latest version should be stable. Just use a couple of hours and send log if it crashes.

Saurik, I didn’t expect this moment to happen but: I can officially say that the freezing issue is fixed!! My phone has already a 3 days uptime which was just impossible with Substitute or older version of Substrate (my phone has been freezing DAILY or even a few times a day!!). Thank you very very much for your work. I really really appreciate it. My jailbreak is finally stable. BTW. My device is iPhone 7 on iOS 11.3.1

Whomever it may concern. iPhone 7 iOS 11.1.2 newest Unc0ver and Substrate still getting the freezes forcing to reboot unless I hard reboot but release right before Apple logo. It happens mostly in Cydia when downloading a new package or removing a source as well as watching a YouTube video it will freeze and reboot. Any way I can send more info to help with the problem?

No more freezing and crashing after hours of usage...

24 hour without any freezing until the last hour i got freezing while updating sources in cydia despite i changed videosubscriptionsd to videosubscriptionsd.bak
iph 6+ 11.3.1. any help please..

Just got a freeze, only happens when scrolling past videos on facebook, very rare on other apps. running the latest version of 2.1, previously it hadn't happened for at least 2 days though.
iPhone 8+ 64GB
iOS 11.3.1
unc0ver 2.1
app phone crashed on was facebook.

Can you consistently reproduce this @LunaFr0st , if so what are the exact steps.

@LunaFr0st did you find any crash report in CrashReporter?

@Chasewhip8 it usually happens when im on facebook app for 15+ minutes and scroll past a few videos in a row from what I remember, can't exactly remember, but if It happens again I will post my steps leading up to the freeze/lag and eventual crash.

@atifchy crash reporter hasn't reported the a crash on facebook app for almost a month now even though I got one yesterday and today.

Apparently Ladbrokes (betting app) crashed an hour ago causes were cydia substrate, anemoneUIKit, libCSColorPicker,librocketbootstrap,libsubstitute.0,tweakloader and it seems to be the same for the rest of the apps that are reported crashing but usually the app just closes on me and boots me to springboard, which the only apps i've seen crashed my phone entirely were twitter and facebook.

upon my phone crashing again i'll try write down whatever happened before it crashed but it is usually whenever multiple videos show up in a row in my feed from what i can remember.

@saurik Is it possible for you to send a new build of the latest Cydia Substrate with more debugging enabled? Some people are still reporting freezing issues, the most common report is the device becoming unresponsive and eventually restarting while Cydia is refreshing sources (Which I also experienced myself but wasn’t able to get any logs since I wasn’t able to reproduce). I will try to get someone to reproduce this issue and send you the contents of /Library/Substrate or get them to talk directly with you on this issue

@pwn20wndstuff I just experienced the same issue where it froze and rebooted while refreshing sources in Cydia. Let me know if I can be any help in troubleshooting.

for me it was 'fixed' or 'workarounded' after I renamed my videosubscriptionsd to videosubscriptionsd.bak, with a reJB after.

@saurik I have gotten enough reports to be sure that "videosubscriptionsd" occasionally crashes on iOS 11 (Not related to jailbreak). It could possibly make sense to blacklist "videosubscriptionsd" from Substrate's loader

@pwn20wndstuff videosubscriptionsd crashes on iOS 11 even if the device hadn't been jailbroken. This is a bug in Apple's underlying software. (edit:) Oh, you said that; then I'm not sure what the reason would be to blacklist it from Substrate's loader.

...causes were cydia substrate, anemoneUIKit, libCSColorPicker, librocketbootstrap, libsubstitute.0, tweakloader and it seems to be the same for the rest of the apps that are reported crashing...

@LunaFr0st Well, you have still have Substitute installed and actively being used to do stuff... that is likely going to cause freezing and crashing issues (as you either still have jailbreakd running somehow or you are going to end up with invalid processes: either way).

How would I remove it, tried to remove Substitute via cydia and it went to uninstall all of my tweaks. I don't have jailbreakd installed either no idea what it does.

@LunaFr0st jailbreakd is bundled with electra I believe. Just use latest unc0ver and install substrate. and reboot and re-JB, then jailbreakd should not be active then. at least this is what I have tried on my side.

@liuxuan30 Any idea why LunaFr0st says they can't uninstall Substitute?

@LunaFr0st can we get a list of your installed packages. @liuxuan30 Unc0ver is also bundled with jailbreakd I believe and when substrate is in use it does not load it.

@liuxuan30 I am using the latest unc0ver, and as far as i am aware substrate is installed, i did a rootfs thingo when installed unc0ver for the first time after using electra,
@Chasewhip8 https://pastebin.com/HBbNG9VT

When going to remove substitute this happens https://imgur.com/YI8cuHE

When you upgrade to actual Substrate it should remove Substitute - if you have the dummy package installed and try to remove Substitute without upgrading to MobileSubstrate it will try to remove all tweaks.

You have to add saurik’s beta repo. It doesn’t get installed by the jailbreak.

Sam

On Jan 2, 2019, at 6:42 PM, Cody <[email protected]notifications@github.com> wrote:

When going to remove substitute this happens https://imgur.com/YI8cuHE

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/pwn20wndstuff/Undecimus/issues/165#issuecomment-451054907, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AAVo5U763_MB-oJ_aJJnw9OmtEexlQntks5u_Yo4gaJpZM4ZYOZE.

after about an hour of trying to get sauriks repo to work, i finally found it http://apt.saurik.com/beta/substrate11 for anyone that was struggling to find it like myself as apt.saurik.com doesn't want to add itself to cydia anymore. I install substrate and it removed substitute so hoping that fixes the issues i was getting if not ill make an update on the situation and anything that may help.

@LunaFr0st yes saurik's original repo is blocked (I think) because it would conflict with a lot of packages that are in the unc0ver default repository.

@sbingner @pwn20wndstuff I think your team should check the latest code, I think it contains some bugs, because when i re-jailbreak with the latest code(master repo), my device (iPhone 6 on 11.3.1)forever respring.

This is an issue with an outdated substrate. @eziochiu jailbreak with reload system daemons off (and or load tweaks off, can’t remember), and update substrate to the latest version.

@Chasewhip8 Unfortunately, I installed the latest cydia substrate from saurik's beta repo before upgrade the jailbreak tool

@eziochiu does disabling load tweaks in the unc0ver settings fix the issue?

@Chasewhip8 Yes, if i disabling load tweaks and tap jailbreak, the device won't respring, then i can open cydia, but if i enable load tweaks, the device will forever respring

@eziochiu When you say "forever respring", do you mean it is taking forever for SpringBoard to start (it is stuck) or are you saying SpringBoard keeps trying to start and then fails and retried (it is in a loop)? Is there a crashlog of any form?

@saurik I can't recognize if it's stuck or loop, I find some panic log in crashReporter, I hope it worked for you
panic-full-2019-01-03-133013.zip

@pwn20wndstuff @saurik I have deleted videosubscriptionsd exec and daemon since day one but my iPhone 7 11.3.1 froze today while refreshing sources in Cydia. I don't know if it is helpful but here is my latest crash log.
stacks-2019-01-03-171033.ips.zip

@saurik 2 days passed since I installed substrate. I noticed that my battery is draining quickly. So, i checked in CocoaTop and found many useless daemons are running in background draining battry and taking too much ram. My springboard started lagging a little bit.

Device: iPhone 6 (11.3.1)
Latest substrate and unc0ver

Didn’t face any freeze.

@saurik I think is the new cydia substrate’s problem, because when I jailbreak with disable load tweak, downgrade substrate to 0.9.6301+dummy and re-jailbreak with enable load tweak, my device can respring correctly and everything work fine.

@eziochiu do you have begonecia?

@pwn20wndstuff I experienced the same thing yesterday while attempting to unlock with Touch ID, but mine froze and eventually panicked. I can provide the full panic crash log if you would like.

@colereynolds Please do so

@pwn20wndstuff Attached is a zip of both panic logs from yesterday morning. Both mention a WDT timeout, so I assume they’re from when Cydia froze on me while refreshing sources and when it froze while I was trying to unlock.
Panic Logs.zip

@saurik So these "WDT Timeout"’s are interesting..

You probably have a tweak that breaks things loaded. Substitute gave everything a lot of debug flags that also decreases device security. SCOthman was one known issue, it would cause that.

Sam

On Jan 3, 2019, at 4:54 AM, eziochiu <[email protected]notifications@github.com> wrote:

@saurikhttps://github.com/saurik I think is the new cydia substrate’s problem, because when I jailbreak with disable load tweak, downgrade substrate to 0.9.6301+dummy and re-jailbreak with enable load tweak, my device can respring correctly and everything work fine.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHubhttps://github.com/pwn20wndstuff/Undecimus/issues/165#issuecomment-451166336, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AAVo5ZPcZx0W-crCiwOoQ_5_zSeQQOHfks5u_hmTgaJpZM4ZYOZE.

@KMamedoff That stackshot is not useful (I think you just hit a few buttons in the right order while booting, as this is a very very early state of the system, seemingly well before a jailbreak could have been executed).

@pwn20wndstuff (I presume "WDT" just stands for Watch Dog Timer.)

@eziochiu This panic log is just a log of Unc0ver's exploit failing. I'm still guessing you have a broken extension.

@colereynolds So, one thing these panic logs are showing is that substrated is still running, so that's good? In the first log, it isn't even doing anything (it is entirely just waiting for commands). In both logs, there are a lot of processes (including key recent ones) that are blocked on something recent (in the first, Cydia, and in the second, mediaserverd) through a kernel mutex, but I don't even know if that's weird.

Can you all try installing this version of Substrate? It will avoid accidentally breaking CrashReporter, and also log a ton of stuff to /Library/Substrate (so make that folder).

https://cache.saurik.com/substrate/debs/mobilesubstrate_0.9.7020+lsl+scr_iphoneos-arm.deb

Note that these logs are kind of ludicrously verbose and will not be automatically deleted by anything. This command will delete all of these logs (it technically could delete other stuff? I doubt it, as having a .log file named "Substrate*" seems rare, but I provide this warning very explicitly anyway).

find /var/tmp /Library /System/Library/Substrate ~mobile/Containers -name '[sS]ubstra*.log' -exec rm -fv {} +

Installed it. Will inform if anything happens.

@saurik I just installed it and created the directory but don’t see any logs being generated yet. Either way, I’ll let you know if it freezes and panics again.

Edit: I rebooted and see the logs now. Will continue to monitor.

@saurik I just installed it and created the directory but don’t see any logs being generated yet. Either way, I’ll let you know if it freezes and panics again.

Reboot and re-jailbreak your device.

@Chasewhip8 sorry for a late reply due to my timezone.

I was referring implicitly jailbreakd is not bundled in unc0ver is because I didn't see it under /electra, compare to my electra device:
electra:

iOS:/electra root# ps -ax|grep jail
  375 ??         0:11.46 /electra/jailbreakd

iOS:/electra root# ls
amfid_payload.dylib*  inject_criticald*  jailbreakd_client*   pspawn_payload.dylib*
helloworld*           jailbreakd*        libjailbreak.dylib*

but with unc0ver on a fresh iPhone(never used electra), /electra only has below:

iOS:/electra root# ls
amfid_payload.dylib  ca-certificates.deb  libjailbreak.dylib@  offsets.plist  openssh.deb  openssl.deb

And compared to what saurik said the freezing issue is in jailbreakd, I suppose unc0ver is not using jailbreakd and not bundled. can someone explain does unc0ver use jailbreakd or any details?

@saurik yeah, you are right, i think i installed some broken tweaks. i have installed cydia substrate 0.9.7020+ and if my device freezes and panics again, i will show you the logs

@liuxuan30 unc0ver will not use jailbreakd if you use substrate. But if you downgrade to substitute, it will start using jailbrekd again.

Yes I am aware of this. I wasn’t asking any questions I think?

Deamons crashing because of substrate. Here’s the crash log.
https://pastebin.com/rBEAhLk1

@Ali522 You have an extension installed that it is freaking something out (I have no clue if this is a bug in Substrate parsing it or if the file is so broken that the kernel is getting angry since we purposefully aren't trying to force validity); if you can figure out which file it is I would love to get a copy of the extension so I can figure out if I should be fixing anything.

@Ali122, what was the last tweaks you installed? When did this all start? Try uninstalling one by one and check. And report it to Saurik if you have found it. I heard tweaks by limneos werecausing some issues. Try removing CallbarX.

I think i have found the tweak that’s messageheadx1
Should I inform this to saurik?

I think i have found the tweak that’s messageheadx1 Should I inform this to saurik?

Yes you should. You should send crash logs to him. Preferably crash logs generated with this substrate update.

Deamon still crashed after removing messageheadxi

@Ali122 have you tried removing CallbarX?

Yes I did and I disabled all of my tweaks from icleaner but still
duetexpertd is 139.1%

On Fri, 4 Jan 2019 at 2:31 PM, Jay Freeman (saurik) <
[email protected]> wrote:

@Ali522 https://github.com/Ali522 You have an extension installed that
it is freaking something out (I have no clue if this is a bug in Substrate
parsing it or if the file is so broken that the kernel is getting angry
since we purposefully aren't trying to force validity); if you can figure
out which file it is I would love to get a copy of the extension so I can
figure out if I should be fixing anything.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/pwn20wndstuff/Undecimus/issues/165#issuecomment-451394952,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AMGv4j_A37I4QoP_ydyOhiJmt7L35ht7ks5u_x9egaJpZM4ZYOZE
.

I have disabled all tweaks using icleaner but that deamon is still
overreacting

@pwn20wndstuff I just experienced the same issue where it froze and rebooted while refreshing sources in Cydia. Let me know if I can be any help in troubleshooting.

@Saurik, are you aware of this? I had 5 days uptime and was really glad that I was not experiencing any of the issues people stating here. But I was just hit with a kernel panic that was caused by freeze when I tried to add repo from safari. The my kernel panic also mentions ‘WDT timeout’.
Should I attach the panic log?

Yes I did and I disabled all of my tweaks from icleaner...

@Ali122 I seriously doubt that iCleaner disables the extension in a way that causes it to not be picked up by this parsing step: you need to actually remove the extension (and should really never use iCleaner). (And again, please give me the file or tell me precisely where I can find the file when you figure out what file is causing this behavior.)

are you aware of this?

@soum91 Yes... and I wrote this giant comment, specifically referencing the WDT.

https://github.com/pwn20wndstuff/Undecimus/issues/165#issuecomment-451319412

Is it a known issue, that after awhile, SpringBoard crashes and resprings when opening a new app? This will create a JetSamEvent log, and I can tell right before it's about to happen.. Opening folders becomes super laggy and I know that an app opening will make a respring imminent. This issue started with Electra.

I installed the latest version of unc0ver 2.1, and the latest Cydia Substrate, often restarted, replaced with unc0ver 2.0.2 and the latest Cydia Substrate, no problem, crashreport did not get the log

So I used restore rootfs bit still that deamon is freaking out. No tweaks
only cydia substrate and cocoatop are installed.

This isn’t a general support thread guys... Please read the thread and comment if your issue applies.

This thread isn't for reporting random issues, this thread is for Substrate freezing/rebooting issues. If you don't listen to this, you will get blocked.

I am interested in seeing more panic logs from the WDT timeout. I am not sure I will learn more from mere panic logs (like, it would be better if I could get logs from that build of Substrate with logs I posted here), but there are some patterns I am looking at and feel like I am getting value from.

I am interested in seeing more panic logs from the WDT timeout. I am not sure I will learn more from mere panic logs (like, it would be better if I could get logs from that build of Substrate with logs I posted here), but there are some patterns I am looking at and feel like I am getting value from.

My device froze while building an app with Xcode. Here are the crash logs. Freezing happened some time between Jan 6 00:59-01:01.

@KMamedoff can you also send the panic log if you got it?

@KMamedoff can you also send the panic log if you got it?

I have only two log files but none of them between 00:59-01:01.

I am interested in seeing more panic logs from the WDT timeout. I am not sure I will learn more from mere panic logs (like, it would be better if I could get logs from that build of Substrate with logs I posted here), but there are some patterns I am looking at and feel like I am getting value from.

Another crash during Xcode app development between Jan 6 3:46-3:48.

so I used restore rootfs and deamons are still freaking out. I have no tweaks installed only substrate and cocoatop. Here are the logs with the special build of susbtrate, and I was wondering if I can install more tweaks @saurik
substrated-0-280.log

substrated-0-1150.log

substrated-0-215.log
substrated-0-217.log

substrated-0-254.log

@Saurik, I found the reason of my kernel panics! As I said I had 5 days uptime. Later I installed Safari Plus and I forgot. Then I had 2 kernel panics. This tweaks also caused issue with substitute. It caused infinite respring loop or made sb to fail to load. And now kernel panic with Substrate. I removed it and dont have any panics so far. So you may want to install Safari Plus, Saurik.

Below are my two panic logs:

https://pastebin.com/K9XbHXgb
https://pastebin.com/y38njT4t

ok so I got freeze with the new build of susbtrate, nothing in crashreporter.

Here are the logs from /library/substrate
substrated-0-248.log
substrated-0-289.log
substrated-0-333.log

OK, I've managed to replicate the issue in that thread: thanks for the clear steps to reproduce the issue! At its core, this behavior happens because amfid and substrated are being killed at the same time (which it would be nice to just avoid as much as possible, but I have so far totally failed to make JetsamPriority protect my process; earlier versions of substrated weren't using launchd: I wonder if that might have helped protect it, but I don't know enough about Jetsam); but like, as what Substrate is doing (and has been for years now) is essentially using amfid to provision executable pages, it fails to initialize itself (because, and this is silly, it accidentally needs executable pages to run at all? this is trivially fixable) and then (theoretically, if it got this far, which it doesn't) fails to hook the xpcproxy for amfid (as I'm doing this using "the full machinery", which needs executable pages). I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

OK, I've managed to replicate the issue in that thread: thanks for the clear steps to reproduce the issue! At its core, this behavior happens because amfid and substrated are being killed at the same time (which it would be nice to just avoid as much as possible, but I have so far totally failed to make JetsamPriority protect my process; earlier versions of substrated weren't using launchd: I wonder if that might have helped protect it, but I don't know enough about Jetsam); but like, as what Substrate is doing (and has been for years now) is essentially using amfid to provision executable pages, it fails to initialize itself (because, and this is silly, it accidentally needs executable pages to run at all? this is trivially fixable) and then (theoretically, if it got this far, which it doesn't) fails to hook the xpcproxy for amfid (as I'm doing this using "the full machinery", which needs executable pages). I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

While I was forced to quit Jailbreaking and accepted the day has come that that @saurik have given more than my respect and loyalty. He gave me the opportunity to educate myself more than I realized. It’s so much more than the tweaks who are such huge improvement. But I also figured it out that those tweaks were useless since I’m more in control and can do anything with Trrminal, which also used to fix errors and I figured how the Jailbreak community has getting the improvements to make it easier to people who obviously breaking their iPhones and asking for help. But since I managed it all without getting help. I restored my iOS multiple times a day because I needed that to understand. Debian.

So @saurik I really want to thank you for your dedication and all the things you were sharing and being so generous while you never failed to protect Cydia at all. I’m waiting for you when people are realizing that it was fun about the try (Electra?) but Instead they don’t respect you whle you said there was something to fix and people didn’t appreciate or knowing that you are above the level of ‘fix’. that’s why I think al those those people are thanking you so much are just being fake. They are grateful for you because they actually thinking that you are helping them. But at the end up with unstable fake cydia and you are laughing at them for being so stupid and makes them forever depending on you.

I love you!

PS: I realize more how you are just not deserving this. You are still feeling like to help ppl to give answers on their questions while you don’t own them

Hello. I was brought here by @Samgisaninja from Discord after discussing an issue I've been having with Safe Mode Substrate. When I leave Safe Mode, my lock screen is still stuck on the black screen that is with Safe Mode when it loads. It takes several resprings to get it back. They predicted that it may be a MobileSafety bug and I should let @saurik know about this.

Edit: I would like to mention that I attempted to go and leave Safe Mode after updating to 2.1.1. At first, I noticed my lock screen wallpaper would pop up as I slide up to unlock my screen. As I left, my lock screen was there. After usage, I tried it again, and this time, my lock screen wallpaper didn't show up at all. As I left, my lock screen wallpaper was gone once again.

This time, I attempted to reboot my phone to see if it would come back, and surprisingly it didn't. I don't know if it's related to MobileSafety or not. Just noting just in case it is.

Edit 2: I had a crashing experience with a tweak and I was testing out what triggered it to crash. As I repeatedly went and left Safe Mode to figure it out, my home screen disappeared as well. After I was done, I tried respringing to get my home screen and lock screen back, but no luck. After I reinstalled RocketBootStrap, my lock screen and home screen worked again.

I’ve had a weird problem today, my phone was running normally and then apps started to load without tweaks (it looked like substrate was not being loaded to them). I did a respring and then no tweaks were working (it was literally like my phone was in the safe mode but without this black background and “exit safe mode” popup. I had to reboot and rejailbreak and everything was normal again. It happened only once

Just had my first freeze using substrate. Opened Hulu and the screen quickly dimmed and crashed to springboard and then after another app launch a complete freeze and forced to hard reset. I was not running the other substrate build sadly.

@saurik I experienced a freeze and reboot earlier while Cydia was refreshing sources. Attached are the Substrate logs and panic crash dump. I grabbed all of the Substrate logs that were modified today because I don’t know which ones were from before the reboot. Hopefully you can sort it out.😬
Substrate Logs.zip
panic-full-2019-01-11-155651.257.ips.txt

@pwn20wndstuff / @saurik - Any update? I know pwn posted some comments a week or so ago about some findings but they appear to be gone now...

iPhone 7 iOS 11.1.2 Unc0ver 2.2.0 b7. The random reboots have become quite more frequent after this update. The phone cannot go through the night without rebooting fully and asking to enter in the passcode. As well as when I am jailbroken if I am listening to YouTube or just audible or put to much load on the phone it reboots without warning. Any help would be greatly appreciated

@saurik, is it ok that I can post logs for Substrate actively running on Meridian so some issues can be fixed, like tweaks not hooking in stock apps or some not hooking at all? Rest is good!

Problems with iPhone X (MQAG2B/A) as well.
Running on iOS 12.1.2 (16C101)

I got my phone frozen on the stage when it is rebooting itself after the unc0ver installation, so I had to do the hard reboot. And then Cydia works only 1 out of 10 times. And the last attempt end up with the error message;
Error (Fatal)
Errno: 12
Test: init_kernel(kread, kernel_base, NULL) == ERR_SUCCESS
Filename: JailbreakVievController.m
Line: 833
Function: Jailbreak
Description: Faled to initialize
patchfinder64

Error log:

[] unc0ver Version: 3.0.0~b34
[] Darwin Kernel Version 18.2.0: Mon Nov 12 20:32:02 PST 2018; root:xnu-4903.232.2~1/RELEASE_ARM64_T8015
[] Bundled Resources Version: 1.0~b4
[] STATUS: Exploiting (1/38)
[] Loading preferences...
[] Successfully loaded preferences.
[] STATUS: Exploiting (2/38)
[] Exploiting kernel_task...
[+] memory_size: 2960130048
[D] platform: iPhone10,6 16C101
[+] created 1024 pipes
[+] created 8000 ports
[+] sprayed 16777216 bytes to 1024 pipes in kalloc.16384
[+] created 3564 vouchers
[+] sprayed 444019712 bytes to 11 ports in kalloc.1024
[+] stashed voucher pointer in thread
.................................................................................................................................................................................................................................................................................................................................................................
[+] sprayed 740032512 bytes of OOL ports to 8 ports in kalloc.32768
[+] recovered voucher port 0xc0f for freed voucher
[+] adding references to the freed voucher to change the OOL port pointer
[+] receiving the OOL ports will leak port 0x1e8f03
[+] received voucher port 0xc0f in OOL ports
[+] voucher overlapped at offset 0x26c0
[+] received fake port 0x1cab
[+] port is at pipe index 256
[+] got ip_requests at 0xffffffe006d54720
[+] fake port is at offset 13272
[+] base port is at 0xffffffe0073a73d8
[+] kernel_task is at 0xffffffe0007cdc20
[+] done! port 0x1cab is tfp0
[] kCFCoreFoundationVersionNumber: 1561.000000
[] offsets selected for iOS 12.0 or above
[] tfp0: 0x1cab
[] kernel_base: 0xfffffff00ce30000
[] kernel_slide: 0x0000000005e2c000
[] Successfully exploited kernel_task.
[] STATUS: Exploiting (3/38)
[] Initializing patchfinder64...
[*] __assert(12:init_kernel(kread, kernel_base, NULL) == ERR_SUCCESS)@JailbreakViewController.m:833[jailbreak]

@ilyaochnev that error isn't related to Substrate.

#165-448332136 Issue is caused by bad tweaks(most pirate tweaks violate this rule). Closing this because its old and tweak devs have had plenty of time to fix accordingly. Substrate is no only enabled on iOS 11.