Cannot get Bash on iOS 15.0

[iarchiveml]

I've restored iOS 15.0, edited launchd.plist and added bash.plist to /System/Library/LaunchDaemons however bash is not starting. There are no APFS Snapshots to rename. Boot command: ../qemu-system-aarch64 -s -M t8030,trustcache-filename=15.0/static_tc,ticket-filename=15.0/root_ticket.der -kernel 15.0/kernelcache.research.iphone12b -dtb 15.0/Firmware/all_flash/DeviceTree.n104ap.im4p -append "debug=0x14e kextlog=0xffff serial=3 -v wdt=-1 launchd_unsecure_cache=1" -initrd 15.0/038-42528-639.dmg -cpu max -smp 4 -m 4G -serial mon:stdio -drive file=nvme.1,format=raw,if=none,id=drive.1 -device nvme-ns,drive=drive.1,bus=nvme-bus.0,nsid=1,nstype=1,logical_block_size=4096,physical_block_size=4096 -drive file=nvme.2,format=raw,if=none,id=drive.2 -device nvme-ns,drive=drive.2,bus=nvme-bus.0,nsid=2,nstype=2,logical_block_size=4096,physical_block_size=4096 -drive file=nvme.3,format=raw,if=none,id=drive.3 -device nvme-ns,drive=drive.3,bus=nvme-bus.0,nsid=3,nstype=3,logical_block_size=4096,physical_block_size=4096 -drive file=nvme.4,format=raw,if=none,id=drive.4 -device nvme-ns,drive=drive.4,bus=nvme-bus.0,nsid=4,nstype=4,logical_block_size=4096,physical_block_size=4096 -drive file=nvram,if=none,format=raw,id=nvram -device apple-nvram,drive=nvram,bus=nvme-bus.0,nsid=5,nstype=5,id=nvram,logical_block_size=4096,physical_block_size=4096 -drive file=nvme.6,format=raw,if=none,id=drive.6 -device nvme-ns,drive=drive.6,bus=nvme-bus.0,nsid=6,nstype=6,logical_block_size=4096,physical_block_size=4096 -drive file=nvme.7,format=raw,if=none,id=drive.7 -device nvme-ns,drive=drive.7,bus=nvme-bus.0,nsid=7,nstype=8,logical_block_size=4096,physical_block_size=4096 -monitor telnet:127.0.0.1:1235,server,nowait Log: fastsim_is_enabled:9457: ================ fastsim is enabled ================ apfs_vfsop_mount:2354: mounted volume: Preboot /dev/disk0s1s4 on /private/preboot (apfs, local, nodev, nosuid, read-only, journaled, noatime, nobrowse) com.apple.xpc.launchd|2022-04-17 08:16:14.555550 : Doing boot task: data-protection init_data_protection: No SEP present on this device com.apple.xpc.launchd|2022-04-17 08:16:14.814353 : Doing boot task: finish-obliteration Obliterator: In INIT check IORegistryEntryGetProperty failed, may be does not exist Obliterator: No obliteration needed, continue booting, returning 0 com.apple.xpc.launchd|2022-04-17 08:16:15.028039 : Doing boot task: commit-boot-mode com.apple.xpc.launchd|2022-04-17 08:16:15.029260 : boot-mode committed: (null) com.apple.xpc.launchd|2022-04-17 08:16:15.030008 : Doing boot task: restore-datapartition com.apple.xpc.launchd|2022-04-17 08:16:15.033256 : restore-datapartition: optional boot task not present com.apple.xpc.launchd|2022-04-17 08:16:15.046458 : Doing boot task: mount-phase-2 mount: found boot container: /dev/disk0s1, data volume: /dev/disk0s1s2 env: 1 spaceman_metazone_init:191: disk0s1 metazone for device 0 of size 262143 blocks (encrypted: 8126454-8257525 unencrypted: 8257525-8388597) spaceman_datazone_init:625: disk0s1 allocation zone on dev 0 for allocations of 1 blocks starting at paddr 4096000 spaceman_datazone_init:625: disk0s1 allocation zone on dev 0 for allocations of 2 blocks starting at paddr 32768 spaceman_datazone_init:625: disk0s1 allocation zone on dev 0 for allocations of 3 blocks starting at paddr 65536 spaceman_datazone_init:625: disk0s1 allocation zone on dev 0 for allocations of 4 blocks starting at paddr 98304 dev_dump:256: Aggregate constructed: dev= di=0 dv_num_slice=15 dv_num_slice_blk=589824 dv_num_lslice_blk=131061 migrate_media_keys_if_needed:1254: disk0s1 no media keys to migrate spaceman_scan_free_blocks:3171: disk0s1 scan took 0.015712 s (no trims) mount: failed to migrate Media Keys, error = c002 handle_mount:654: disk0s1s2 vol-uuid: 61706673-7575-6964-0040-766F6C756D01 block size: 4096 block count: 8388597 (unencrypted; flags: 0x1; features: 8.0.2) handle_mount:667: disk0s1s2 setting dev block size to 4096 from 512 nx_volume_group_update:7713: disk0s1s2 Volume Data is not in a volume group fastsim_is_enabled:9457: ================ fastsim is enabled ================ apfs_vfsop_mount:2354: mounted volume: Data /dev/disk0s1s2 on /private/var (apfs, local, nodev, nosuid, journaled, noatime) handle_mount:654: disk0s1s5 vol-uuid: E3918FE6-47D6-43AD-9A10-058CDC596EB4 block size: 4096 block count: 8388597 (unencrypted; flags: 0x1; features: 8.0.2) handle_mount:667: disk0s1s5 setting dev block size to 4096 from 512 nx_volume_group_update:7707: disk0s1s5 Volume Update role c0 Not a System or data volume fastsim_is_enabled:9457: ================ fastsim is enabled ================ apfs_vfsop_mount:2354: mounted volume: Update /dev/disk0s1s5 on /private/var/MobileSoftwareUpdate (apfs, local, nodev, nosuid, journaled, noatime, nobrowse) handle_mount:654: disk0s1s3 vol-uuid: 61706673-7575-6964-0140-766F6C756D02 block size: 4096 block count: 8388597 (unencrypted; flags: 0x1; features: 8.0.2) handle_mount:667: disk0s1s3 setting dev block size to 4096 from 512 nx_volume_group_update:7707: disk0s1s3 Volume Hardware role 140 Not a System or data volume fastsim_is_enabled:9457: ================ fastsim is enabled ================ apfs_vfsop_mount:2354: mounted volume: Hardware /dev/disk0s1s3 on /private/var/hardware (apfs, local, nodev, nosuid, journaled, noatime, nobrowse) com.apple.xpc.launchd|2022-04-17 01:16:16.033083 : Doing boot task: init-with-data-volume com.apple.xpc.launchd|2022-04-17 01:16:16.095901 : Doing boot task: MSUEarlyBootTask spaceman_scan_free_blocks:3153: disk0s1 scan took 1.025618 s, trims took 0.983285 s spaceman_scan_free_blocks:3155: disk0s1 6089571 blocks free in 17906 extents spaceman_scan_free_blocks:3163: disk0s1 6089571 blocks trimmed in 17906 extents (54 us/trim, 18210 trims/s) spaceman_scan_free_blocks:3166: disk0s1 trim distribution 1:12171 2+:1962 4+:2516 16+:796 64+:310 256+:151 MSUEarlyBootTask: MSUEarlyBootTask running main: Content from the ramdisk will be present at /private/var/MobileSoftwareUpdate//2b906ac48e7b89aa76bdc77cf2eb46a52a5cfc4d863d676f515d4c2a3fcd87c5203e5dc133c771fde7038ea4513d4dd6-MSUData if it exists MSUEarlyBootTask: I have nothing to do. Goodbye!! com.apple.xpc.launchd|2022-04-17 01:16:16.328821 : Doing boot task: fips Tracing: disabled FIPSPOST_USER [270726780] fipspost_post:155: [FIPSPOST][Module-ID] Apple corecrypto Module v12.0 [Apple ARM, User, Software, SL1] FIPSPOST_USER [270839121] fipspost_post:165: PASSED: (4 ms) - fipspost_post_hmac FIPSPOST_USER [271036682] fipspost_post:166: PASSED: (12 ms) - fipspost_post_integrity FIPSPOST_USER [271068000] fipspost_post:172: PASSED: (14 ms) - fipspost_post_indicator FIPSPOST_USER [271078926] fipspost_post:173: PASSED: (14 ms) - fipspost_post_aes_ecb FIPSPOST_USER [271088853] fipspost_post:174: PASSED: (15 ms) - fipspost_post_aes_cbc FIPSPOST_USER [271452097] fipspost_post:175: PASSED: (30 ms) - fipspost_post_rsa_sig FIPSPOST_USER [272340780] fipspost_post:176: PASSED: (67 ms) - fipspost_post_ecdsa FIPSPOST_USER [272388121] fipspost_post:177: PASSED: (69 ms) - fipspost_post_ecdh FIPSPOST_USER [272413658] fipspost_post:178: PASSED: (70 ms) - fipspost_post_aes_ccm FIPSPOST_USER [272428439] fipspost_post:179: PASSED: (70 ms) - fipspost_post_aes_cmac FIPSPOST_USER [272438097] fipspost_post:180: PASSED: (71 ms) - fipspost_post_hkdf FIPSPOST_USER [272933219] fipspost_post:182: PASSED: (91 ms) - fipspost_post_pbkdf FIPSPOST_USER [272942512] fipspost_post:183: PASSED: (92 ms) - fipspost_post_kdf_ctr FIPSPOST_USER [272960731] fipspost_post:184: PASSED: (93 ms) - fipspost_post_aes_gcm FIPSPOST_USER [272973585] fipspost_post:185: PASSED: (93 ms) - fipspost_post_aes_xts FIPSPOST_USER [273002609] fipspost_post:186: PASSED: (94 ms) - fipspost_post_tdes_ecb FIPSPOST_USER [273011609] fipspost_post:187: PASSED: (95 ms) - fipspost_post_drbg_ctr FIPSPOST_USER [273026219] fipspost_post:188: PASSED: (95 ms) - fipspost_post_drbg_hmac FIPSPOST_USER [282071512] fipspost_post:190: PASSED: (472 ms) - fipspost_post_ffdh FIPSPOST_USER [282638439] fipspost_post:191: PASSED: (496 ms) - fipspost_post_rsa_enc_dec FIPSPOST_USER [282641804] fipspost_post:210: all tests PASSED (496 ms) com.apple.xpc.launchd|2022-04-17 01:16:16.953443 : Doing boot task: keybag ** DIAGNOSTICS MODE ENABLED, SKIP INIT **** com.apple.xpc.launchd|2022-04-17 01:16:17.201197 : Doing boot task: usermanagerd com.apple.xpc.launchd|2022-04-17 01:16:17.203375 : usermanagerd: optional boot task not present com.apple.xpc.launchd|2022-04-17 01:16:17.228387 : launchd logging initialized. name: com.apple.xpc.launchd pid: 1 com.apple.xpc.launchd|2022-04-17 01:16:17.248288 : Doing boot task: xpcroleaccountd com.apple.xpc.launchd|2022-04-17 01:16:17.385264 : Doing boot task: init_featureflags com.apple.xpc.launchd|2022-04-17 01:16:17.902870 : Doing boot task: fud fud: Early Boot fud: -[FudEarlyBoot doFUDEarlyBoot:](): Starting Early Boot fud: No Early Boot Accessories fud: -[FudEarlyBoot doFUDEarlyBoot:](): End Early Boot fud: Exitng Early Boot com.apple.xpc.launchd|2022-04-17 01:16:18.438675 : Doing boot task: tzinit com.apple.xpc.launchd|2022-04-17 01:16:18.574303 : Doing boot task: finish-restore com.apple.xpc.launchd|2022-04-17 01:16:18.697320 : Doing boot task: finish-demo-restore com.apple.xpc.launchd|2022-04-17 01:16:18.821920 : Doing boot task: sysstatuscheck com.apple.xpc.launchd|2022-04-17 01:16:18.947177 : Doing boot task: prng_seedctl kern.prng.user_reseed_count: (-1) (2) No such file or directory failed to load virtual random: (-147) (-536870212) com.apple.xpc.launchd|2022-04-17 01:16:19.088041 : Doing boot task: launchd_cache_loader 0 Found valid port: 2307 Valid: 1 1 Found valid port: 0 Valid: 0 2 Found valid port: 0 Valid: 0 Using default cache paths Code: /System/Library/xpc/launchd.plist Sig: /System/Library/xpc/launchd.plist.sig Using unsecure cache: /System/Library/xpc/launchd.plist Trying to send bytes to launchd: 2307 16384 Sending validated cache to launchd Cache sent to launchd successfully com.apple.xpc.launchd|2022-04-17 01:16:19.388631 : launchd UUID: D1C385F5-82FE-32CD-9F8F-2C4A3A640895 com.apple.xpc.launchd|2022-04-17 01:16:19.388733 : Early boot complete. Continuing system boot. 000021.115717 AppleOLYHAL_log.A[1] AppleOLYHALPortInterfacePCIeAMFM::initWithProvider: amfm not matched 000021.122704 wlan0.A[4] deferredStart@2734: Lowered adjustBusy(-1), getBusyState() -> 4

[asdfugil]

there appears to be log before the first line you posted

[iarchiveml]

That's the output from boot process around launchd area

[asdfugil]

try removing some entries from /System/Library/xpc/launchd.plist

[iarchiveml]

Yeah i've done that. Could you possibly send over your launchd.plist file?

[iarchiveml]

Issue solved, use procursus bootstrap instead of checkra1n bootstrap.