safe mode right after installing the tweak

[joyas11]

installed the latest release 1.2.1

i dmed you on discord regarding this, maybe we can try fixing it

[joyas11]

Incident Identifier: B20389C3-6B4B-4671-BCE4-EB371F65D7EA CrashReporter Key: e0738ab5d047ea0cc899efb8f9cb9f343e82a97c Hardware Model: iPhone14,2 Process: SpringBoard [2273] Path: /System/Library/CoreServices/SpringBoard.app/SpringBoard Identifier: com.apple.springboard Version: 1.0 (50) Code Type: ARM-64 (Native) Role: Foreground Parent Process: launchd [1] Coalition: com.apple.springboard [1067]

Date/Time: 2024-03-03 07:40:26.1236 +0530 Launch Time: 2024-03-03 07:40:25.7297 +0530 OS Version: iPhone OS 16.0 (20A362) Release Type: User Baseband Version: 2.09.01 Report Version: 104

Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0xdd0db80104850000 -> 0x0000000104850000 (possible pointer authentication failure) Exception Codes: 0x0000000000000001, 0xdd0db80104850000 VM Region Info: 0x104850000 is in 0x10484c000-0x104854000; bytes after start: 16384 bytes before end: 16383 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL MALLOC_LARGE 104834000-10484c000 [ 96K] rw-/rwx SM=PRV
---> TEXT 10484c000-104854000 [ 32K] r-x/rwx SM=COW ...rollPad.dylib DATA_CONST 104854000-104858000 [ 16K] r--/rw- SM=COW ...rollPad.dylib Triggered by Thread: 0

Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 ??? 0xffffff8104850000 ??? 1 UIKitCore 0x1b630484c 63-[_UIApplicationConfigurationLoader _loadInitializationContext]_block_invoke_2 + 204 2 UIKitCore 0x1b63f08dc __UIAPPLICATION_IS_LOADING_INITIALIZATION_INFO_FROM_THE_SYSTEM + 28 3 UIKitCore 0x1b646a4a8 __63-[_UIApplicationConfigurationLoader _loadInitializationContext]_block_invoke + 100 4 libdispatch.dylib 0x1bb259fdc _dispatch_client_callout + 20 5 libdispatch.dylib 0x1bb25b828 _dispatch_once_callout + 32 6 UIKitCore 0x1b60dafec -[_UIApplicationConfigurationLoader _loadInitializationContext] + 152 7 UIKitCore 0x1b6304e60 -[_UIApplicationConfigurationLoader startPreloadInitializationContext] + 40 8 UIKitCore 0x1b6304dd4 -[_UIScreenInitialDisplayConfigurationLoader _startPreloadInitialDisplayContext] + 48 9 UIKitCore 0x1b6170b0c -[_UIScreenInitialDisplayConfigurationLoader initialDisplayContext] + 44 10 UIKitCore 0x1b61709e8 +[UIScreen initialize] + 116 11 libobjc.A.dylib 0x1ad1a0fe0 CALLINGSOME+initialize_METHOD + 24 12 libobjc.A.dylib 0x1ad196230 initializeNonMetaClass + 608 13 libobjc.A.dylib 0x1ad1b0450 initializeAndMaybeRelock(objc_class, objc_object, locker_mixin<lockdebug::lock_mixin >&, bool) + 184 14 libobjc.A.dylib 0x1ad193c78 lookUpImpOrForward + 872 15 libobjc.A.dylib 0x1ad18e0c4 _objc_msgSend_uncached + 68 16 UIKitCore 0x1b68f0aa0 -[_UIDisplayObserver displayMonitor:didConnectIdentity:withConfiguration:] + 72 17 FrontBoardServices 0x1c97a89d8 -[FBSDisplayMonitor _postInitialBookendObserverConnections] + 440 18 FrontBoard 0x1d01c5004 FBSystemShellInitialize + 924 19 SpringBoard 0x1f38a8ecc SBSystemAppMain + 5036 20 dyld 0x104899948 start + 2504

Thread 1: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 2: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 3: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 4 name: Dispatch queue: com.apple.root.user-interactive-qos Thread 4: 0 libsystem_kernel.dylib 0x1f04bfadc semaphore_timedwait_trap + 8 1 libdispatch.dylib 0x1bb25a5f4 _dispatch_sema4_timedwait + 64 2 libdispatch.dylib 0x1bb25abf4 _dispatch_semaphore_wait_slow + 76 3 UIKitServices 0x1c0e476d8 __37-[UISApplicationSupportService start]_block_invoke + 180 4 libdispatch.dylib 0x1bb2584b4 _dispatch_call_block_and_release + 32 5 libdispatch.dylib 0x1bb259fdc _dispatch_client_callout + 20 6 libdispatch.dylib 0x1bb26bb8c _dispatch_root_queue_drain + 684 7 libdispatch.dylib 0x1bb26c284 _dispatch_worker_thread2 + 164 8 libsystem_pthread.dylib 0x2006fcdbc _pthread_wqthread + 228 9 libsystem_pthread.dylib 0x2006fcb98 start_wqthread + 8

Thread 5: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 6: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 7: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 8: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 9: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 10: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 11: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 12 name: Dispatch queue: com.apple.frontboard.profileManager.taskQueue Thread 12: 0 libsystem_kernel.dylib 0x1f04bfb48 mach_msg2_trap + 8 1 libsystem_kernel.dylib 0x1f04d2008 mach_msg2_internal + 80 2 libsystem_kernel.dylib 0x1f04d2248 mach_msg_overwrite + 388 3 libsystem_kernel.dylib 0x1f04c008c mach_msg + 24 4 libdispatch.dylib 0x1bb275364 _dispatch_mach_send_and_wait_for_reply + 540 5 libdispatch.dylib 0x1bb2756ec dispatch_mach_send_with_result_and_wait_for_reply + 60 6 libxpc.dylib 0x20074f8b0 xpc_connection_send_message_with_reply_sync + 240 7 libmis.dylib 0x200b637b0 0x200b5e000 + 22448 8 libmis.dylib 0x200b63680 0x200b5e000 + 22144 9 libxpc.dylib 0x200748c78 xpc_array_apply + 96 10 libmis.dylib 0x200b5f64c MISEnumerateInstalledProvisioningProfiles + 444 11 FrontBoardServices 0x1c97a5e5c soft_MISEnumerateInstalledProvisioningProfiles + 52 12 FrontBoardServices 0x1c978eb14 -[FBSProfileManager _workQueue_reloadProfiles] + 256 13 FrontBoardServices 0x1c978e4d8 __33-[FBSProfileManager startService]_block_invoke + 36 14 libdispatch.dylib 0x1bb2584b4 _dispatch_call_block_and_release + 32 15 libdispatch.dylib 0x1bb259fdc _dispatch_client_callout + 20 16 libdispatch.dylib 0x1bb261694 _dispatch_lane_serial_drain + 672 17 libdispatch.dylib 0x1bb262214 _dispatch_lane_invoke + 436 18 libdispatch.dylib 0x1bb26ce10 _dispatch_workloop_worker_thread + 652 19 libsystem_pthread.dylib 0x2006fcdf8 _pthread_wqthread + 288 20 libsystem_pthread.dylib 0x2006fcb98 start_wqthread + 8

Thread 13: 0 libsystem_pthread.dylib 0x2006fcb90 start_wqthread + 0

Thread 0 crashed with ARM Thread State (64-bit): x0: 0x0000000282b3c000 x1: 0x00000001f38dca94 x2: 0x0000000209ff5758 x3: 0x0b234d81c1fdba84 x4: 0x000000000000000c x5: 0x0000000000000000 x6: 0x000000010000000c x7: 0x0000000000000000 x8: 0x0000000104850000 x9: 0x0000000000000004 x10: 0x00000000000000de x11: 0x00000000000007fb x12: 0x00000000000007fd x13: 0x00000000a36558df x14: 0x00000000a3856000 x15: 0x0000000000056000 x16: 0x00000001ad1bf2c0 x17: 0x0000000000000002 x18: 0x0000000000000000 x19: 0x0000000282b3c000 x20: 0x000000020b38bcd8 x21: 0x000000020a71bcf8 x22: 0x0000000000000003 x23: 0x0000000283c74340 x24: 0x000000000000000b x25: 0x0000000209fae63c x26: 0x0000000104915ee0 x27: 0x0000000282b6cfc0 x28: 0x00000002078fa000 fp: 0x000000016b6d6bd0 lr: 0x00000001f38dcaac sp: 0x000000016b6d6ba0 pc: 0xffffff8104850000 cpsr: 0x60001000 far: 0xdd0db80104850000 esr: 0x56000080 Address size fault

Binary Images: 0x0 - 0xffffffffffffffff ??? unknown-arch <00000000000000000000000000000000> ??? 0x1b5f62000 - 0x1b7728fff UIKitCore arm64e <7b942fa4cb7633759972f58c14492fb4> /System/Library/PrivateFrameworks/UIKitCore.framework/UIKitCore 0x1bb256000 - 0x1bb29cfff libdispatch.dylib arm64e /usr/lib/system/libdispatch.dylib 0x1ad18c000 - 0x1ad1cfc3f libobjc.A.dylib arm64e /usr/lib/libobjc.A.dylib 0x1c9747000 - 0x1c97ecfff FrontBoardServices arm64e <8e15b35ea6143142b34d2c3cbbc13a8b> /System/Library/PrivateFrameworks/FrontBoardServices.framework/FrontBoardServices 0x1d0162000 - 0x1d0203fff FrontBoard arm64e <99be8483519c38e4b474420354cec989> /System/Library/PrivateFrameworks/FrontBoard.framework/FrontBoard 0x1f3803000 - 0x1f42e1fff SpringBoard arm64e <12e42ae7ca313231a7e0cdc10cdbf2c7> /System/Library/PrivateFrameworks/SpringBoard.framework/SpringBoard 0x104884000 - 0x104907fff dyld arm64e <444f50414d494e45444f50414d494e45> /usr/lib/dyld 0x2006fc000 - 0x200707fff libsystem_pthread.dylib arm64e /usr/lib/system/libsystem_pthread.dylib 0x1f04bf000 - 0x1f04f5ffb libsystem_kernel.dylib arm64e /usr/lib/system/libsystem_kernel.dylib 0x1c0e30000 - 0x1c0e5afff UIKitServices arm64e /System/Library/PrivateFrameworks/UIKitServices.framework/UIKitServices 0x200740000 - 0x20077ffff libxpc.dylib arm64e /usr/lib/system/libxpc.dylib 0x200b5e000 - 0x200b71fff libmis.dylib arm64e <0df9034648e23bb0b07c14585e893055> /usr/lib/libmis.dylib 0x10484c000 - 0x104853fff TrollPad.dylib arm64e <8ccb147b6a5332c1b6e9452e1332b27f> /private/preboot/70E3248407569D3871DCAF18D451D7F8EFE272D778687ED779730C23F1078F74F14722BBC41E71EF693485EAFFB36211/dopamine-tHomxs/procursus/usr/lib/TweakInject/TrollPad.dylib

Error Formulating Crash Report: dyld_process_snapshot_create_for_process failed with 5

EOF

this is the springboard crash, sorry i provided the wrong crash log earlier

[jrapf32]

Crashes for me on iPhone XS iOS 16.0.3 with a similar log at the same function.

[jrapf32]

relates to this: line 231:

    // clang forgets to PAC this function, so we need this ugly line
    int hack = 0; if (hack) { abort(); }
    return 1;
}

line 255:

%ctor {
    // Unlock external display support for MDC versions
    void *sbFoundationHandle = dlopen("/System/Library/PrivateFrameworks/SpringBoardFoundation.framework/SpringBoardFoundation", RTLD_GLOBAL);
    // iOS 16.0
    void *extDisplayEnabledFunc = dlsym(sbFoundationHandle, "SBChamoisExternalDisplayControllerIsEnabled");
    if (!extDisplayEnabledFunc) {
        // iOS 16.1.x
        extDisplayEnabledFunc = dlsym(sbFoundationHandle, "SBFIsChamoisExternalDisplayControllerAvailable");
    }
    if (extDisplayEnabledFunc) {
        MSHookFunction((void *)extDisplayEnabledFunc, (void *)hookedExtDisplayEnabledFunc, NULL);
    }

    pref = [TPPrefsObserver new];
}

[khanhduytran0]

@jrapf32 did you try latest build?

[jrapf32]

@jrapf32 did you try latest build?

Yes @khanhduytran0

[jrapf32]

I updated to the most recent commit and it still crashes