Device freezing after installing new substrate

[AtifChy]

After installing new cydia substrate i reboot and rejailbroke my device. After sometimes my device got frozen and i was forced to hard reboot my device. After reboot, i rejailbroke my device and after sometimes my device froze again. I used restore rootfs but the freezing issue is still not fixed.

I am using iPhone 6, iOS 11.3.1 Unc0ver v2.1.0 (latest one)

I also found some users with same issue. It mostly happening with older devices.

[soum91]

This a severe issue but I doubt it’s related to unc0ver. Affecting more and more people if you see the subreddit. Because this all caused by new Substrate update. I guess only @Saurik can solve this. I have downgraded substrate to dummy version and resorted back to substitute. I have tried and failed to communicate with Saurik. Just hope @pwn20wndstuff will talk to Saurik about this.

[Cryptiiiic]

@atifchy Please export your diagnostics from the unc0ver app settings tab. Then post it here. The freezing is most likely caused by a tweak. As shown here.

[soum91]

@cryptiiiic, people are reporting freezing on freshly restored RootFS no tweaks installed! It’s substrate’s own problem, I guess. Whenever I switch back to substitute, everything works perfect. No freeze at all with same tweaks!

[Ultra03]

This seems to be a Substrate problem on A7/A8 devices, even with no tweaks installed. @soum91 Which device do you have?

[Chasewhip8]

Problem seen on Iphone X 11.3.1 Unc0ver v2.1.0 (latest one). Browsing and created a new tab, safari froze at first so I exited and killed it and attempted to open safari again to see just a black screen. Exiting safari landed me on the springboard and at the attempt to launch twitter the device fully froze and needed a hard reset. Tweaks are installed so this could be unrelated. Just mentioning it here if anyone else experiences it we can cross reference tweaks to hopefully locate a culprit.

[soum91]

I can confirm that since I’m on i6+ @ultra03. And thought probably I’m only one to encounter this first. I had freezing within the 30mins of Saurik’s releasing substrate. @chasewhip8, saw few other people complaining about it being on iPhone X.

[BiasShadow]

@Cryptiiiic, people are reporting freezing on freshly restored RootFS no tweaks installed! It’s substrate’s own problem, I guess. Whenever I switch back to substitute, everything works perfect. No freeze at all with same tweaks!

How are you going back to Substitute? I tried removing substrate (previous version) but its a dependency for Substitute.

[Chasewhip8]

Downgrade it to the dummy version

[AtifChy]

@BiasShadow downgrade cydia substrate

[BiasShadow]

@atifchy I tried that but it kills my tweaks when I downgrade and try to go back to substitute.

[KMamedoff]

Anything new?

[Chasewhip8]

Queue a downgrade of substrate to the dummy version and install substitute in one action. Is there a way we could give Saurik a better diagnostic of this problem

[Chasewhip8]

This issue appears to only affect me with heavy safari (most likely webkit) usage. Completely stable when not using it a lot I’m one sitting

[Chasewhip8]

Can now 100% confirm the issue is related to webkit and the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue. Music still continues to play in the background however phone calls do not come through along with any user input.

[BiasShadow]

Downgrading substrate auto installs substitute, but substitute doesn’t work after that. It just goes into a safe mode like state but not actually in safe mode. As far as the issue, it’s not only related to safari. This freezing issue has happened to other apps (at least for me). I’ve also seen this when I’m trying to do anything like copy, pasting, selecting, etc...

[KMamedoff]

Downgrading substrate auto installs substitute, but substitute doesn’t work after that. It just goes into a safe mode like state but not actually in safe mode. As far as the issue, it’s not only related to safari. This freezing issue has happened to other apps (at least for me). I’ve also seen this when I’m trying to do anything like copy, pasting, selecting, etc...

I cannot figure out how to remove Substrate after ending up with both substrate and Substitute.

[BiasShadow]

You can just remove substrate like you would any other tweak, but doing that ends up removing all tweaks including substitute. I’ve been asking this and no one has been able to give a straight answer on it.

[KMamedoff]

So there is no way of removing Substrate without removing all of your tweaks. It would be really nice to hear something from pwn20wnd about Substrate update.

[bhupendpatil]

@KMamedoff There is a way

• Just to go your newly installed substrate modify>downgrade to the dummy one(which just automatically downloads substitute);
• then reboot your device and re jailbreak it.

none tweak is removed.

[BiasShadow]

@bhupendpatil I don’t think you read up. Downgrading substrate to dummy and installing substitute doesn’t work. It kills tweaks. I’ve done the same instructions you posted and it doesn’t fix anything.

[soum91]

@BiasShadow, you don’t have any idea what you did wrong I guess. Tweaks only get removed if you REMOVE it! This happens when you remove one those basic dependency of the tweaks like Substrate, Substrate Safe Mode.

I downgraded Substrate like 10-12 times while trying to find out the reason of substrate freeze fix. Never had a single tweak removed!

[KMamedoff]

@KMamedoff There is a way

• Just to go your newly installed substrate modify>downgrade to the dummy one(which just automatically downloads substitute);
• then reboot your device and re jailbreak it.

none tweak is removed.

Thank you.

[BiasShadow]

I never removed any tweaks. That’s why I’ve been explaining the issue with downgrading and such. Downgrading Substrate to dummy installs substitute. In this state (even after rebooting and rejailbreaking) tweaks do not work. Removing substrate removes all tweaks including substitute. You can’t have just substitute like before because substrate is a dependency of substitute. No one has been able to provide any information on this except giving the same information that is already been stated. If there is a different, missed action, then that’s what I have been asking for. Like I said, I’ve done exactly what has been instructed multiple times in this thread.

[KMamedoff]

I never removed any tweaks. That’s why I’ve been explaining the issue with downgrading and such. Downgrading Substrate to dummy installs substitute. In this state (even after rebooting and rejailbreaking) tweaks do not work. Removing substrate removes all tweaks including substitute. You can’t have just substitute like before because substrate is a dependency of substitute. No one has been able to provide any information on this except giving the same information that is already been stated. If there is a different, missed action, then that’s what I have been asking for. Like I said, I’ve done exactly what has been instructed multiple times in this thread.

Tweaks are working as shey should after downgrading to dummy version of Substrate.

[BiasShadow]

Then yea I don’t know what’s going on my end.

[KMamedoff]

Maybe you disabled "Load Tweaks" in unc0ver preferences?

[BiasShadow]

No, I don’t know what it is. I’m at a loss, it’s been a bumpy ride with Unc0ver. Pretty much the same since early Electra days although my stability has been slightly better now than before. I still have pretty often resprings and reboots. I’ve done a restore and that hasn’t fixed anything either.

[KMamedoff]

Enable this.

[BiasShadow]

Yea I have that enabled by default. Good news though. I tried following the same steps again (because why not) and after 11 (stopped counting) post jailbreak respring loops, it finally worked. Hopefully respring loops aren’t a common thing from now on. Like damn, as soon as the jailbreak said “jailbroken” it went right into a respring loop before even restarting and going to the home screen.

[KMamedoff]

Respring loop has never been a common thing with unc0ver though. Most likely your tweaks are causing it.

[BiasShadow]

Unc0ver has issues with CarPlay per various others who have the same issue. There’s also a thread dedicated to “long resprings” aka respring loops. It very much exists in Unc0ver.

[saurik]

@Chasewhip8 Can you say more about "the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue"?

[KMamedoff]

@Chasewhip8 Can you say more about "the same steps found to overload jailbreakd on electra found by Jake will reproduce the issue"?

He is talking about this.

[saurik]

OK, I've managed to replicate the issue in that thread: thanks for the clear steps to reproduce the issue! At its core, this behavior happens because amfid and substrated are being killed at the same time (which it would be nice to just avoid as much as possible, but I have so far totally failed to make JetsamPriority protect my process; earlier versions of substrated weren't using launchd: I wonder if that might have helped protect it, but I don't know enough about Jetsam); but like, as what Substrate is doing (and has been for years now) is essentially using amfid to provision executable pages, it fails to initialize itself (because, and this is silly, it accidentally needs executable pages to run at all? this is trivially fixable) and then (theoretically, if it got this far, which it doesn't) fails to hook the xpcproxy for amfid (as I'm doing this using "the full machinery", which needs executable pages). I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

[soum91]

Thank God, finally you got your hand on this apparently unfixable issue, Saurik! No one ever got this I guess. I really believe you will eventually fix it so there won’t any kernel panic induced reboot! This is why there is no alternative to Saurik!

[pwn20wndstuff]

Thank you @saurik!

[Chasewhip8]

Glad my finding helped, should have referenced the original electra issue but disk s have time. Thank you.

[zoeyronain]

@parrotgeek1 I'm pretty sure launchd is a built in part of iOS written by apple.

[Chasewhip8]

This would prevent the process being killed but there is probrably a reasan for them not doing this.

[pwn20wndstuff]

@parrotgeek1 This is not correct. Substrate does no longer hook posix_spawn(). And increasing the amount of code that goes into launchd would only help with increasing the chances of it crashing and the device going down in flames.

[pwn20wndstuff]

@parrotgeek1 I believe Saurik is working on a blog post about how the new Cydia Substrate works. You should definitely read that once it comes out.

[saurik]

@parrotgeek1 I can't put all of the logic of substrate into launchd as it does not have the correct entitlements.

@pwn20wndstuff (You are incorrect, on all counts ;P.)

[KMamedoff]

@saurik is it fixable?

[saurik]

@KMamedoff

I think I will have some time to fix both of these issues tomorrow night (I can provide a more limited hook for xpcproxy and then special-case amfid).

[pwn20wndstuff]

@saurik Are you still hooking posix_spawn() for DYLD_INSERT_LIBRARIES? I am confused with that.

[pwn20wndstuff]

@saurik We can inject entitlements to launchd, although that would require a dirty hack ;(.

[pwn20wndstuff]

I am horribly confused about the fact that some people are "reportadly" running Cydia Substrate and the jailbreak's own posix_spawn hook at the same time :\ .

[saurik]

@pwn20wndstuff I am also somewhat confused by that, but Substrate is essentially three parts: an injector (which has slowly gotten more intricate over the past decade, but generally has the goal of getting some code running into as many processes as possible), a loader (which is a stupidly-simple dylib that iterates a folder and decides what extensions to load) and a hooker (which has to be able to edit code and create executable pages); what I'm guessing they are doing is running substrated (so Substrate's hooker works), but not letting it hook its injector into the system (instead using their existing injector to inject Substrate's loader).

[AldeabAhmed]

what we can say? thanks man:) @saurik

[viggou]

@saurik We can inject entitlements to launchd, although that would require a dirty hack ;(.

What is this dirty hack you speak of?