Database Users

myTouch G2 - Infinite boot loop/force close

Hi all,
I installed the CyanogenMod on the phone and went to install a theme on it. After I did the 'install sdcard: update.zip', it just stayed at the special 'android' screen for well over 30 minutes before I pulled the battery out. I was look at 'adb logcat' and noticed that it was repeating the same thing over and over, that's why I gave up.
Code:
I/ServiceManager( 117): service 'activity.senders' died
I/ServiceManager( 117): service 'activity.providers' died
I/ServiceManager( 117): service 'permission' died
E/installd( 124): eof
E/installd( 124): failed to read size
I/installd( 124): closing connection
I/Zygote ( 1319): Exit zygote because system server (1320) has terminated
I/DEBUG ( 119): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *
**
I/DEBUG ( 119): Build fingerprint: 'tmobile/opal/sapphire/sapphire:1.5/COC10/
150449:user/ota-rel-keys,release-keys'
I/DEBUG ( 119): pid: 1330, tid: 1336 >>> /system/bin/bootanimation <<<
I/DEBUG ( 119): signal 11 (SIGSEGV), fault addr 41593000
I have RAv1.2.1G installed on the phone and can boot to it. I made a Nandroid backup but I guess I lost it or my sdcard corrupted it, because it's gone and the sdcard is blank.
I tried to wipe and redo the install of the CyanoMod but it results in the same boot loop. Once, and I have yet to replicate this, I was able to actually get into the initial Green Android setup, but everything I did caused a 'force close' prompt. I could not get out of the setup screen at all.
I'm not sure what I can do here. I believe the phone is rooted, I used the one-touch root to install the recovery console. When I go to 'adb shell' I can see a '#' and not a '$', I guess it's rooted. However, I cannot 'fastboot boot <image>' at all, says: downloading 'boot.img'... FAILED (remote: not allow)
Any ideas on what I can do to restore this to either its initial state or get a new ROM loaded?
Thanks.

Here are some more details about the phone:
Code:
PVT 32B
HBOOT 1-33.0006
T-Mobile US

Suggestion.
Considering you have "lost" the original backup from Nandroid of your T-Mobile standard (Cupcake v1.5) - you don't have very many options.
I would suggest that you perform a wipe, re-flash, install, then DATA wipe within the phone itself...NOT from the recovery image.
After that, try and flash a NORMAL, stable, and completely HERO-free ROM...for instance - Cyanogen's latest. Go from there.

I reflashed with the SAPPIMG.nbh file for the phone. It's back to factory defaults now. I guess I'll make a goldcard and root it properly. Just need to find out what works and what does not.

Suggestion.
himom said:
I reflashed with the SAPPIMG.nbh file for the phone. It's back to factory defaults now. I guess I'll make a goldcard and root it properly. Just need to find out what works and what does not.
Click to expand...
Click to collapse
Go ahead and use the One-Click Root Method while it's still available for utilization. It's far superior to the Gold Card process. Not to mention less steps, easier, safer, etc. That's just my opinion.

That's what I used before. I guess it's not compatible with the ROMs I wanted to install:
http://forum.xda-developers.com/showthread.php?t=550785
And some other I can't seem to find a link for.
Just to be clear, I need to install Cyanogen 4.0.4 and then install the theme?

Yes, be sure to have a ROM ported and applied to your device prior to pushing a theme to it.
Good luck.

Thanks. Last thing, do you have any recommendations for a 32B ROM? Everything I'm seeing is for 32A, which is disappointing for the time being.
Thanks again.

Cyanogen ALL-DAY!
His work is brilliant. Simple, fast, reliable, etc.
Check this out:
http://www.cyanogenmod.com
There you have it, everything you'll need for the future of your device.

[Q] Wi-Fi connection fails (do not activate)

Every time I try to activate wifi the following error appears in logcat:
Code:
I/WifiManager( 1421): setWifiEnabled : true
I/WifiService( 879): setWifiEnabled: true pid=1421, uid=10141
E/WifiHW ( 879): ##################### set firmware type 0 #####################
E/WifiHW ( 879): Cannot open "/data/.cid.info": No such file or directory
E/WifiHW ( 879): ==========[WIFI] Station firmware load ===========
D/SSRMv2:Monitor( 879): SIOP:: AP = 400 (read only)
E/WifiHW ( 879): return of insmod : ret = -1, No such device
E/WifiStateMachine( 879): Failed to load driver
D/WfdService( 879): intent recieved android.net.wifi.WIFI_STATE_CHANGED
D/STATUSBAR-NetworkController( 1421): onReceive() - RSSI_CHANGED_ACTION, WIFI_STATE, NETWORK_STATE
D/STATUSBAR-NetworkController( 1421): Nothing, mRoamingIconId = 0
I/elm ( 2716): MainReceiver.onReceive() : android.net.wifi.WIFI_STATE_CHANGED
E/WifiStateMachine( 879): sendErrorBroadcast code:10
E/WifiController( 879): Wi-Fi driver is unstable. Received CMD_STATEMACHINE_RESET
I/elm ( 2716): MainReceiver.onReceive() END - - - - - : android.net.wifi.WIFI_STATE_CHANGED
D/elm ( 2716): ELMEngine.getInstance().
I/DownloadNowBroadcastReceiver( 3770): onReceive
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.TMNetworkReceiver() Enter 1 main
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.StartTMHandler - enter
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.StartTMHandler - exit
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.onReceive() Enter
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.onReceive() Action android.net.wifi.WIFI_STATE_CHANGED
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.onReceive() UnHandled
D/TMSERVER/TMNetworkReceiver( 3738): TMNetworkReceiver.onReceive() Exit
D/MTPRx ( 4799): DRIVER_TIME_OUT 60s lapsed
and I tried all sorts of wifi fixers available in the forum without success. After some research I found the following post:
http://forum.xda-developers.com/showthread.php?t=1652702
what makes me think it's a problem with the driver.
The solution was found by this user:
I fixed this issue by copying libhardware_legacy.so from my OEM ROM to the ported ROM. Rebooted and WiFi worked just fine
Click to expand...
Click to collapse
I would like to know how to apply this solution to the GT-I9505. I must confess I do not think there is a solution to my problem, so any suggestion will be very welcome.
I am using Stock 4.3
Thanks in advance

Must have something similar I've gone 3 days without WiFi
I'll give this a go and get back to you. :good:
Edit: What a random series of events!
I looked at the line in your Logcat 'E/WifiHW ( 879): Cannot open "/data/.cid.info": No such file or directory' and when I looked I did have this file so deleted it and tried Wifi, nothing.
So I tried to replace that 'libhardware_legacy.so' file, but without thinking about it I'd taken it from a stock TW rom when I'm on a AOKP based rom. Doh!
Of course, it didn't boot and then I was left thinking "Oh ****"
I then tried flashing an old Android 4.2 rom I had on my SDCard but I did it lazily by only formatting the system and clearing Cache and Dalvik.
When I restarted it showed the boot image and then did nothing, so I went back into recovery and restored the system partition from a backup I created the other day (But whilst it was broken) of the same ROM I was on at the beginning of this post.
When it booted again it had a weird corrupted image, from my experience that's normally Kernel related, I also had a copy of KT Kernel on my SDCard, so flashed that, then wiped Cache and Dalvik
Low and behold when it finally booted, I went into settings and there was Wifi switched on and had found all my local Wifis. I got it to connect and ran some speed tests. Also restarted the phone and switched it on and off to make sure it wasn't just a fluke or hoax and now it seems I'm all sorted!
.... But for how long....

Pulse654321 said:
Must have something similar I've gone 3 days without WiFi
I'll give this a go and get back to you. :good:
Edit: What a random series of events!
I looked at the line in your Logcat 'E/WifiHW ( 879): Cannot open "/data/.cid.info": No such file or directory' and when I looked I did have this file so deleted it and tried Wifi, nothing.
So I tried to replace that 'libhardware_legacy.so' file, but without thinking about it I'd taken it from a stock TW rom when I'm on a AOKP based rom. Doh!
Of course, it didn't boot and then I was left thinking "Oh ****"
I then tried flashing an old Android 4.2 rom I had on my SDCard but I did it lazily by only formatting the system and clearing Cache and Dalvik.
When I restarted it showed the boot image and then did nothing, so I went back into recovery and restored the system partition from a backup I created the other day (But whilst it was broken) of the same ROM I was on at the beginning of this post.
When it booted again it had a weird corrupted image, from my experience that's normally Kernel related, I also had a copy of KT Kernel on my SDCard, so flashed that, then wiped Cache and Dalvik
Low and behold when it finally booted, I went into settings and there was Wifi switched on and had found all my local Wifis. I got it to connect and ran some speed tests. Also restarted the phone and switched it on and off to make sure it wasn't just a fluke or hoax and now it seems I'm all sorted!
.... But for how long....
Click to expand...
Click to collapse
You are lucky!
Can you explain the process of extract 'libhardware_legacy.so from a stock ROM and flash it on lhe device?
About lhe kernel, i Tried them all with no success.
Thank tou!

arleybarros said:
You are lucky!
Can you explain the process of extract 'libhardware_legacy.so from a stock ROM and flash it on lhe device?
About lhe kernel, i Tried them all with no success.
Thank tou!
Click to expand...
Click to collapse
Well I actually took it from a ROM that was in zip format, that you can flash in CWM so was quite easy. I've included it for you to try. It may not work the same as mine so make sure you have a backup to revert to!
And the KT kernel I used was KT-SGS4-JB4.3-AOSP-INTL-11.14.2013, but you'll need the TW version if you're on stock ROM? That version can be downloaded Here.

Pulse654321 said:
Well I actually took it from a ROM that was in zip format, that you can flash in CWM so was quite easy. I've included it for you to try. It may not work the same as mine so make sure you have a backup to revert to!
And the KT kernel I used was KT-SGS4-JB4.3-AOSP-INTL-11.14.2013, but you'll need the TW version if you're on stock ROM? That version can be downloaded Here.
Click to expand...
Click to collapse
I really appreciate the help, but this also did not work. I'm starting to think I have a hardware problem. is possible to diagnose it via ADB?

I'm thinking that I must have a problem with the permissions of folders and partitions, because the file "/ data / .cid.info" should be created automatically (if I'm not mistaken) and here, no matter what I do, this file is not available.
Could someone show me how to check the correct permissions for the folders and partitions?

Yeah that's really odd. The file is recreated for me when I was deleting it before and restarting. I'm not sure which file browser I'm using atm. 2 secs and I'll get some pictures up and the permissions for folders.
This is the file manager I'm using, should work ok. Hopefully it works with root features.
I've included pictures of permissions for folders, hopefully they help.

Whoops mis interpreted the pictures
Cat you give an example of what should be in the .cid.info?

[DEV] Root for Thor with CVE-2014-7911 and CVE-2014-4322

Hi,
I found information about CVE-2014-7911 and CVE-2014-4322, so I fought this should also work on our Amazon devices with Fire OS 4.5.x. I googled and found this: http://packetstormsecurity.com/files/130112/android-root.zip .It seems that someone had already this idea. I also found out that this method was already used for other devices in this forum. I'm trying to get the source in the zip file to run but it seems that it needs some modifications for Fire OS.
It seems that Fire OS uses a amazon.os.AmazonUserManager instead of Androids UserManager. Has somebody an idea to get information about this class? It looks like that the interface is not found in the Amazon Fire SDK. Has somebody more experience that me with that SDK?
Hope someone is able to help me with this. Root for this device would sincerely improve it in my eyes
Please edit this post so the link will be usable. I do not fulfill the 10 posts restriction.

Follow up to previous post.
I was able to change the code so it will not crash on FireOS. The actual UserManager is in the field mDelegate of the AmazonUserManager.
The change would be:
Code:
UserManager um2 = (UserManager) ctx.getSystemService(Context.USER_SERVICE);
Field fDelegate = um2.getClass().getDeclaredField("mDelegate");
fDelegate.setAccessible(true);
UserManager um = (UserManager) fDelegate.get(um2);
What I achieved is a reset of the device. So I think the ROP chain is wrong for this device. Has somebody ideas in this direction?
EDIT: A right ROP chain on my device (Version 4.5.2) seems to be:
Code:
static int rop_chain_THOR[] = {0x0004eab0,0x000247a4+4+1,0x0003cf90+8,0x0002553d};
Sadly somehow it is still not working.

It seems that we are really able to implement CVE-2014-7911 to work on Fire OS. Attached you will find the log of a crash.
For me it looks like the binary of CVE-2014-4322 is being started but crashes. Could it be that it is not started correctly or that Amazon did already patch CVE-2014-4322?
I will have a further look on this, but I don't have enough time to bring this to a ready solution in a short time. Maybe someone with more experience can have a look on it?
Greetings Phate

why you do not put this in the dev section?
I pretty sure that our devs @vortox , @ggow and @Cpasjuste could help us

ONYXis said:
why you do not put this in the dev section?
I pretty sure that our devs @vortox , @ggow and @Cpasjuste could help us
Click to expand...
Click to collapse
I do not have the permission to create a thread there. Would be nice some mod could move this thread.

I really hope that one of these will work...

Hi, I'll try to take a look this week if I find the time.

Cpasjuste said:
Hi, I'll try to take a look this week if I find the time.
Click to expand...
Click to collapse
This is great. I hope that you can see something.
I confirmed that CVE-2014-7911 is working (with some modifications). The binary of the second stage is started. I could not yet confirm that it is started with system privileges. This would be one of the next steps. Maybe by doing something, that only system can do?
CVE-2014-4322 crashes during the privilege escalation. Maybe Am*zon did something different and we need to change the code.
The second crash of system_server (that causes the partly reset of the device) is normal and is caused by CVE-2014-7911.

More followup:
I added some logcat traces to the binary to be able to find where the second stage crashes.
It is here:
Code:
void* addr = mmap(intArr[0],4096,PROT_READ|PROT_WRITE|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS,-1,0);
*(int*)addr = 0xE3500000;
*((int*)((int)addr+4)) = 0xe1a0f00e;
memcpy(addr,shell_code2,400);
mmap() and ioctl before are returning 0xffffffff. I really need to find time to read me into this exploit to understand how it works to find a solution to this.
But I confirmed that the binary is running as system user. getuid() reports 1000.
Log is attached. Binary shows itself in the log with the tag msm-ndk.

mmap followup
So I did some digging and was able to duplicate the crash at mmap just as Phate123 however I took it a step further and was able to get it to run through but it doesn't appear to actually escalate to root so the mount doesn't work.
In order to get it to not crash you can change the mmap to the following
void* addr = mmap(intArr[0],4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
Unfortunately this either breaks the exploit or it doesn't work on the 4.5.2. Anyway maybe this will help someone else. I have spent too much time getting this far without any real results and I am way out of my league when it comes to things like mmap.

@awinston: Thx for your reply.
The problem is not mmap. The call to ioctl returns a wrong pointer. It is used again here in inArr[0]. Because of that the call to mmap does not work.
You are right in thinking that this does maybe mean the exploit will not work on 4.5.2 because it is already fixed. But this is yet to confirm. there might be still hope.

ioctl pointer question
So I have been doing more research and cobbling together a variety of the exploits and I wanted to know if I am headed in the right direction, or not, considering I am struggling to understand what I am doing exactly
Here is my most recent log cat attempt
02-13 16:18:13.319 4324-4324/? D/TAG﹕ ROOTUID 1000
02-13 16:18:13.319 4324-4324/? D/TAG﹕ Tzwidevine: 0, app_id: -1098148004
02-13 16:18:13.319 4324-4324/? D/TAG﹕ Keymaster: -1, app_id: 2
02-13 16:18:13.319 4324-4324/? D/TAG﹕ QSEECOM_IOCTL_SEND_CMD_REQ return 0x1 0x1
02-13 16:18:13.319 4324-4324/? D/TAG﹕ ioctl return 0x0
02-13 16:18:13.319 4324-4324/? D/TAG﹕ mmap return 0x400ef000
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xe59f0004
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xe92d0001
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xe8bd8000
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0x40023d2d
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xb5006803
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xd503005a
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0x6122280
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xe0014313
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0x85b005b
02-13 16:18:13.319 4324-4324/? D/TAG﹕ 0xbd0018c0
02-13 16:18:13.319 4324-4324/? D/TAG﹕ QSEECOM_IOCTL_SEND_CMD_REQ
02-13 16:18:13.329 4324-4324/? D/TAG﹕ return 0x1 0x1
02-13 16:18:13.329 4324-4324/? D/TAG﹕ ioctl return 0xffffffff
02-13 16:18:13.329 4324-4324/? D/TAG﹕ ROOTUID 1000
You will notice ioctl returns 0x0 initially which in turn allows me to mmap but it is still not escalating to root. Does this look like what you might expect if I am going in the right direction? That being said if this is promising the next question I have is about the PTMS_FOPS static. I have found versions for 4.4.2, 4.4.4 and 5.0.0 and some unknown version. I have tried all with the same result. Is it possible that we need one for 4.4.3 since that is what 4.5.2 is running?
Anyway if I am barking up the wrong tree just let me know, wanted to throw it out there to see what anyone thought.
Alternatively this means that maybe 4.5.2 isn't vulnerable to this exploit.

I am pretty sure that 4.5.2 is vulnerable. I say this because the qseecom.c provided by Amazon here for 4.5.2 seems to be very close (only some cosmetic changes) to commits 568757f02d9a243bad7f70cebfa414c4a65f361f and ed45a48430e7f67e1648d45514989af0e04f0e97 from Code Aurora.
I did a diff with all the revisions and these two came up with only 3 lines different to the qseecom.c that Amazon released.
I also extracted the kernel image from bootimg.bin and grep-ed after the new format strings included by the patches. The fact that nothing showed up strongly suggests that the kernel build doesn't include the patches.
Now the only step that remains is to get the addresses of the exported symbols (mainly ptmx_fops). The simple way would have been to boot the kernel and get what we need from /proc/kallsyms. Unfortunately the addresses aren't shown by default and the restriction must be dropped by "echo 0 > /proc/sys/kernel/kptr_restrict" as root. As I don't think there is anyone currently running a pre-rooted 4.5.2 rom, the only option remaining is to disassemble the kernel. I hope I'll manage to do this today.

p1gl3t said:
I am pretty sure that 4.5.2 is vulnerable. I say this because the qseecom.c provided by Amazon here for 4.5.2 seems to be very close (only some cosmetic changes) to commits 568757f02d9a243bad7f70cebfa414c4a65f361f and ed45a48430e7f67e1648d45514989af0e04f0e97 from Code Aurora.
Click to expand...
Click to collapse
I would not be sure about that. I don't think the provided source does match the actual implementation 100 percent.
p1gl3t said:
I did a diff with all the revisions and these two came up with only 3 lines different to the qseecom.c that Amazon released.
I also extracted the kernel image from bootimg.bin and grep-ed after the new format strings included by the patches. The fact that nothing showed up strongly suggests that the kernel build doesn't include the patches.
Click to expand...
Click to collapse
This is good news. This could really mean that this might really work.
p1gl3t said:
Now the only step that remains is to get the addresses of the exported symbols (mainly ptmx_fops). The simple way would have been to boot the kernel and get what we need from /proc/kallsyms. Unfortunately the addresses aren't shown by default and the restriction must be dropped by "echo 0 > /proc/sys/kernel/kptr_restrict" as root. As I don't think there is anyone currently running a pre-rooted 4.5.2 rom, the only option remaining is to disassemble the kernel. I hope I'll manage to do this today.
Click to expand...
Click to collapse
I will try that too, but I'm not sure about which symbols are needed and if I'm able to find them.

p1gl3t said:
As I don't think there is anyone currently running a pre-rooted 4.5.2 rom, the only option remaining is to disassemble the kernel. I hope I'll manage to do this today.
Click to expand...
Click to collapse
Cpasjuste posted a 4.5.2 version for TWRP...
Maybe this helps you with testing...

4.5.2 Kernel addresses and symbols
Code:
[+]mmap
mem=b6553000 length=010cad08 offset=09ab5000
[+]kallsyms_addresses=c0aec330
count=00016d24
[+]kallsyms_num_syms=00016d24
[+]kallsyms_names=c0b477d0
[+]kallsyms_markers=c0c4d070
[+]kallsyms_token_table=c0c4d630
[+]kallsyms_token_index=c0c4d9f0
[+]kallsyms_lookup_name
Code:
c11bf690 ptmx_fops
Full list of symbols see attachement

@awinston
Would you mind trying your code changing the define of PTMX_FOPS in the top of the source to 0xc11bf690?
Also would you share the changes you did to it?

Phate123 said:
@awinston
Would you mind trying your code changing the define of PTMX_FOPS in the top of the source to 0xc11bf690?
Also would you share the changes you did to it?
Click to expand...
Click to collapse
Attached as msm3.c
Tried but doesn't seem to work. Feel free to give what I have a try, maybe I am missing something obvious. One oddity is that QSEECOM_IOCTL_APP_LOADED_QUERY_REQ only seems to work after a hard restart. Not sure what that means. Another thing to note is that this version of the exploit is considerably different than some of the other versions I have seen floating around so maybe making some more changes to this one will prove fruitful. The biggest change I made was adding the QSEECOM_IOCTL_APP_LOADED_QUERY_REQ along with some changes to the ion_alloc_data. These changes seem to match more closely the giefroot version that was reverse engineered.

4.5.3 update
Just got 4.5.3 pushed, crap. WARNING to others, not sure what this means for this potential exploit.

Phate123 said:
4.5.2 Kernel addresses and symbols
Code:
[+]mmap
mem=b6553000 length=010cad08 offset=09ab5000
[+]kallsyms_addresses=c0aec330
count=00016d24
[+]kallsyms_num_syms=00016d24
[+]kallsyms_names=c0b477d0
[+]kallsyms_markers=c0c4d070
[+]kallsyms_token_table=c0c4d630
[+]kallsyms_token_index=c0c4d9f0
[+]kallsyms_lookup_name
Code:
c11bf690 ptmx_fops
Full list of symbols see attachement
Click to expand...
Click to collapse
For thor-ship_452-kitkat-build I got C11BF250 b ptmx_fops. Here you have all the symbols and here is the IDA script (credits go to Igor Skochinsky).
---------- Post added at 10:02 PM ---------- Previous post was at 10:00 PM ----------
awinston said:
Just got 4.5.3 pushed, crap. WARNING to others, not sure what this means for this potential exploit.
Click to expand...
Click to collapse
Do a factory reset to delete the downloaded ota and try to use a proxy to block the requests.

Omni for MSM8974

Hello I am trying to port the beloved OmniRom to my device which is a KLTE (Samsung Galaxy S5) I have successfully built the ROM from source using kernel and device configs from CM and of course some fixes and cherry picking. The issue I have now is that the ROM will not boot.
I stays at my carrier logo (Samsung) so it does not even let me cat-log. I tried to install the ROM and then restored a backup of Cyanogenmods system directory. It boots to android but all apps forceclose. I did this to see if it was an issue with the boot image and since it can boot to a different system partition I don't believe its a boot.img issue or kernel issue for that matter. Or is it?
Any help getting this to boot would be appreciated. I can provide build logs and my device repo if needed.

gigoo25 said:
Hello I am trying to port the beloved OmniRom to my device which is a KLTE (Samsung Galaxy S5) I have successfully built the ROM from source using kernel and device configs from CM and of course some fixes and cherry picking. The issue I have now is that the ROM will not boot.
I stays at my carrier logo (Samsung) so it does not even let me cat-log. I tried to install the ROM and then restored a backup of Cyanogenmods system directory. It boots to android but all apps forceclose. I did this to see if it was an issue with the boot image and since it can boot to a different system partition I don't believe its a boot.img issue or kernel issue for that matter. Or is it?
Any help getting this to boot would be appreciated. I can provide build logs and my device repo if needed.
Click to expand...
Click to collapse
MSM8974 is our first CAF chipset we're working on supporting.
I'd suggest looking at the Oppo find7/msm8974-common repos as nearly all initial CAF 8974 work is being done on the Find7.
you need android-5.1-caf branches for frameworks/av and frameworks/native for a CAF device until I finish the merge effort

Entropy512 said:
MSM8974 is our first CAF chipset we're working on supporting.
I'd suggest looking at the Oppo find7/msm8974-common repos as nearly all initial CAF 8974 work is being done on the Find7.
you need android-5.1-caf branches for frameworks/av and frameworks/native for a CAF device until I finish the merge effort
Click to expand...
Click to collapse
Thank you! That explains a lot. Maybe you can help me again? I keep coming across building with legacy opposed to CAF and to change it in the configs... What configs are they talking about?
Sent from my SM-G900T using XDA Free mobile app

gigoo25 said:
Thank you! That explains a lot. Maybe you can help me again? I keep coming across building with legacy opposed to CAF and to change it in the configs... What configs are they talking about?
Sent from my SM-G900T using XDA Free mobile app
Click to expand...
Click to collapse
You mean AOSP HALs? It's pretty rare for a CAF device to work with vanilla AOSP HALs.
It's the various QCOM_blah_VARIANT flags - 8974s are caf-bfam

Entropy512 said:
You mean AOSP HALs? It's pretty rare for a CAF device to work with vanilla AOSP HALs.
It's the various QCOM_blah_VARIANT flags - 8974s are caf-bfam
Click to expand...
Click to collapse
Updated my repo to 5.1 source but still getting errors. Here is the device configs that I am using. I am getting the same errors throughout.
First error was
Code:
frameworks/base/core/jni/android_view_Surface.cpp:206:14: error: 'class android::Surface' has no member named 'setDirtyRect'
surface->setDirtyRect(&rect);
Which I solved by cherry-picking THIS
Next I get an error that msmcal-hwdep.h is not found not sure how to fix this yet...
I recreated my devices config from scratch and uploaded it to git... Maybe you can take a look when you have some free time? It would mean alot! https://github.com/Gigoo25/android_device_samsung_klte

gigoo25 said:
Updated my repo to 5.1 source but still getting errors. Here is the device configs that I am using. I am getting the same errors throughout.
First error was
Code:
frameworks/base/core/jni/android_view_Surface.cpp:206:14: error: 'class android::Surface' has no member named 'setDirtyRect'
surface->setDirtyRect(&rect);
Which I solved by cherry-picking THIS
Next I get an error that msmcal-hwdep.h is not found not sure how to fix this yet...
I recreated my devices config from scratch and uploaded it to git... Maybe you can take a look when you have some free time? It would mean alot! https://github.com/Gigoo25/android_device_samsung_klte
Click to expand...
Click to collapse
msmcal_hwdep - look at the stiff in your kernel source under include/ - all of that header-y stuff in some of the Kconfigs
You shouldn't be cherrypicking that, I'm not sure why Max even put that up. Until I finish the CAF av/native merge, anyone declaring QCOM_HARDWARE should be using the android-5.1-caf branches of av and native

Entropy512 said:
msmcal_hwdep - look at the stiff in your kernel source under include/ - all of that header-y stuff in some of the Kconfigs
You shouldn't be cherrypicking that, I'm not sure why Max even put that up. Until I finish the CAF av/native merge, anyone declaring QCOM_HARDWARE should be using the android-5.1-caf branches of av and native
Click to expand...
Click to collapse
Awesome! alright will look into that
Sent from my SM-G900T using XDA Free mobile app

Entropy512 said:
msmcal_hwdep - look at the stiff in your kernel source under include/ - all of that header-y stuff in some of the Kconfigs
You shouldn't be cherrypicking that, I'm not sure why Max even put that up. Until I finish the CAF av/native merge, anyone declaring QCOM_HARDWARE should be using the android-5.1-caf branches of av and native
Click to expand...
Click to collapse
Having issues compiling the camera I get the error
Code:
device/samsung/klte/camera/CameraWrapper.cpp: In function 'char* camera_fixup_setparams(int, const char*)':
device/samsung/klte/camera/CameraWrapper.cpp:161:20: error: 'KEY_DIS' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_DIS, android::CameraParameters::DIS_DISABLE);
^
device/samsung/klte/camera/CameraWrapper.cpp:161:56: error: 'DIS_DISABLE' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_DIS, android::CameraParameters::DIS_DISABLE);
^
device/samsung/klte/camera/CameraWrapper.cpp:162:20: error: 'KEY_ZSL' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_OFF);
^
device/samsung/klte/camera/CameraWrapper.cpp:162:56: error: 'ZSL_OFF' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_OFF);
^
device/samsung/klte/camera/CameraWrapper.cpp:164:20: error: 'KEY_ZSL' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_ON);
^
device/samsung/klte/camera/CameraWrapper.cpp:164:56: error: 'ZSL_ON' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_ON);
^
make: *** [/home/rob/android/omni51/out/target/product/klte/obj/SHARED_LIBRARIES/camera.msm8974_intermediates/CameraWrapper.o] Error 1
make: *** Waiting for unfinished jobs...
Is this a framework issue?

gigoo25 said:
Having issues compiling the camera I get the error
Code:
device/samsung/klte/camera/CameraWrapper.cpp: In function 'char* camera_fixup_setparams(int, const char*)':
device/samsung/klte/camera/CameraWrapper.cpp:161:20: error: 'KEY_DIS' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_DIS, android::CameraParameters::DIS_DISABLE);
^
device/samsung/klte/camera/CameraWrapper.cpp:161:56: error: 'DIS_DISABLE' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_DIS, android::CameraParameters::DIS_DISABLE);
^
device/samsung/klte/camera/CameraWrapper.cpp:162:20: error: 'KEY_ZSL' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_OFF);
^
device/samsung/klte/camera/CameraWrapper.cpp:162:56: error: 'ZSL_OFF' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_OFF);
^
device/samsung/klte/camera/CameraWrapper.cpp:164:20: error: 'KEY_ZSL' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_ON);
^
device/samsung/klte/camera/CameraWrapper.cpp:164:56: error: 'ZSL_ON' is not a member of 'android::CameraParameters'
params.set(android::CameraParameters::KEY_ZSL, android::CameraParameters::ZSL_ON);
^
make: *** [/home/rob/android/omni51/out/target/product/klte/obj/SHARED_LIBRARIES/camera.msm8974_intermediates/CameraWrapper.o] Error 1
make: *** Waiting for unfinished jobs...
Is this a framework issue?
Click to expand...
Click to collapse
Looks like maybe some missing Samsung patches

Entropy512 said:
Looks like maybe some missing Samsung patches
Click to expand...
Click to collapse
I appreciate all the help you have been giving me in trying to port Omni to the KLTE! I could not have done it without you!
I ended up having a booting and working build when I removed the camera and RIL
RIL gives me an error of
Code:
frameworks/opt/telephony/../../../device/samsung/klte/ril/telephony/java/com/android/internal/telephony/KlteRIL.java:282: error: no suitable constructor found for SignalStrength(int,int,int,int,int,int,int,int,int,int,int,int,int,boolean)
return new SignalStrength(gsmSignalStrength, gsmBitErrorRate, cdmaDbm, cdmaEcio, evdoDbm,
^
constructor SignalStrength.SignalStrength(Parcel) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(SignalStrength) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(int,int,int,int,int,int,int,boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(int,int,int,int,int,int,int,int,int,int,int,int,boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength() is not applicable
(actual and formal argument lists differ in length)
Note: Some input files use or override a deprecated API.
Note: Recompile with -Xlint:deprecation for details.
Note: Some input files use unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
1 error
It should be a frameworks/opt/telephony issue correct? Except it doesn't display the full file path?

gigoo25 said:
I appreciate all the help you have been giving me in trying to port Omni to the KLTE! I could not have done it without you!
I ended up having a booting and working build when I removed the camera and RIL
RIL gives me an error of
Code:
frameworks/opt/telephony/../../../device/samsung/klte/ril/telephony/java/com/android/internal/telephony/KlteRIL.java:282: error: no suitable constructor found for SignalStrength(int,int,int,int,int,int,int,int,int,int,int,int,int,boolean)
return new SignalStrength(gsmSignalStrength, gsmBitErrorRate, cdmaDbm, cdmaEcio, evdoDbm,
^
constructor SignalStrength.SignalStrength(Parcel) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(SignalStrength) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(int,int,int,int,int,int,int,boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(int,int,int,int,int,int,int,int,int,int,int,int,boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength(boolean) is not applicable
(actual and formal argument lists differ in length)
constructor SignalStrength.SignalStrength() is not applicable
(actual and formal argument lists differ in length)
Note: Some input files use or override a deprecated API.
Note: Recompile with -Xlint:deprecation for details.
Note: Some input files use unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
1 error
It should be a frameworks/opt/telephony issue correct? Except it doesn't display the full file path?
Click to expand...
Click to collapse
It looks like the KLTE actually specifies its own RIL subclass (interesting trick, I've never seen that before) and that subclass is depending on something in frameworks/opt/tel that Omni doesn't have.
Either find the missing patch in f/opt/tel or figure out how to adapt KlteRIL.java

Entropy512 said:
It looks like the KLTE actually specifies its own RIL subclass (interesting trick, I've never seen that before) and that subclass is depending on something in frameworks/opt/tel that Omni doesn't have.
Either find the missing patch in f/opt/tel or figure out how to adapt KlteRIL.java
Click to expand...
Click to collapse
I seem to have gotten everything working fine besides the camera. The app and libraries compile fine but when the rom boots I cannot see it in the app drawer. When I try to launch it through the lockscreen it just force closes. Not sure what could be causing the problem? All the permissions seem to be checking out, and messing with the BoardConfiv and Device make files has not seemed to help. Any suggestions on how to fix this? Could it be a framework issue?

gigoo25 said:
I seem to have gotten everything working fine besides the camera. The app and libraries compile fine but when the rom boots I cannot see it in the app drawer. When I try to launch it through the lockscreen it just force closes. Not sure what could be causing the problem? All the permissions seem to be checking out, and messing with the BoardConfiv and Device make files has not seemed to help. Any suggestions on how to fix this? Could it be a framework issue?
Click to expand...
Click to collapse
Look through the logcat for camera errors, especially any errors about missing libraries.
Not appearing in app drawer indicates that Android doesn't think there is a camera present. There are 2349734297320 different things that could cause this - missing camera HAL dependency, kernel/HAL mismatch, many other things.

Entropy512 said:
Look through the logcat for camera errors, especially any errors about missing libraries.
Not appearing in app drawer indicates that Android doesn't think there is a camera present. There are 2349734297320 different things that could cause this - missing camera HAL dependency, kernel/HAL mismatch, many other things.
Click to expand...
Click to collapse
Here is what I found in the logcat
Code:
--------- beginning of crash
[ 06-01 20:08:07.366 3437: 3437 E/AndroidRuntime ]
FATAL EXCEPTION: main
Process: com.android.camera2, PID: 3437
java.lang.RuntimeException: Unable to start activity ComponentInfo{com.android.camera2/com.android.camera.CameraActivity}: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.android.camera.util.PhotoSphereHelper$PanoramaViewHelper.onStart()' on a null object reference
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2325)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2387)
at android.app.ActivityThread.access$800(ActivityThread.java:151)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1303)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:135)
at android.app.ActivityThread.main(ActivityThread.java:5254)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)
Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.android.camera.util.PhotoSphereHelper$PanoramaViewHelper.onStart()' on a null object reference
at com.android.camera.CameraActivity.onStartTasks(CameraActivity.java:1885)
at com.android.camera.util.QuickActivity.onStart(QuickActivity.java:111)
at android.app.Instrumentation.callActivityOnStart(Instrumentation.java:1236)
at android.app.Activity.performStart(Activity.java:6006)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2288)
... 10 more

gigoo25 said:
Here is what I found in the logcat
Code:
--------- beginning of crash
[ 06-01 20:08:07.366 3437: 3437 E/AndroidRuntime ]
FATAL EXCEPTION: main
Process: com.android.camera2, PID: 3437
java.lang.RuntimeException: Unable to start activity ComponentInfo{com.android.camera2/com.android.camera.CameraActivity}: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.android.camera.util.PhotoSphereHelper$PanoramaViewHelper.onStart()' on a null object reference
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2325)
at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2387)
at android.app.ActivityThread.access$800(ActivityThread.java:151)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1303)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:135)
at android.app.ActivityThread.main(ActivityThread.java:5254)
at java.lang.reflect.Method.invoke(Native Method)
at java.lang.reflect.Method.invoke(Method.java:372)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)
Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'void com.android.camera.util.PhotoSphereHelper$PanoramaViewHelper.onStart()' on a null object reference
at com.android.camera.CameraActivity.onStartTasks(CameraActivity.java:1885)
at com.android.camera.util.QuickActivity.onStart(QuickActivity.java:111)
at android.app.Instrumentation.callActivityOnStart(Instrumentation.java:1236)
at android.app.Activity.performStart(Activity.java:6006)
at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2288)
... 10 more
Click to expand...
Click to collapse
Pretty much - if you can't figure out what is wrong from reading a logcat, most likely, you can't figure out what parts of the logcat are relevant and which are not.
That excerpt basically tells me nothing.
I assume that was from trying to forcefully start the camera with no camera actually present as far as Android was concerned. That's a symptom, not the root cause of the problem. Based on what you've described, the root cause of the problem will likely be visible even if no attempt is made to use the camera.

Entropy512 said:
Pretty much - if you can't figure out what is wrong from reading a logcat, most likely, you can't figure out what parts of the logcat are relevant and which are not.
That excerpt basically tells me nothing.
I assume that was from trying to forcefully start the camera with no camera actually present as far as Android was concerned. That's a symptom, not the root cause of the problem. Based on what you've described, the root cause of the problem will likely be visible even if no attempt is made to use the camera.
Click to expand...
Click to collapse
I've been messing around with the device configurations and logcats. I I think I have found the culprit for my camera not working. It shows that it loads the module but then fails to open it? Is this a CameraWrapper issue? Still trying to fix the camera so I can use this as a daily build but I have limited experience as a developer.
EDIT: Also the camera shows up on first boot but then disappears and says that the application is not installed. I'm trying to logcat it but not sure how to do that on the first boot without allowing my PC
EDIT2: From the looks of it searching the web it seems to be an issue with frameworks/av/camera/CameraParameters.cpp & frameworks/av/camera/include/CameraParameters.h
Code:
I/CameraService( 381): CameraService started (pid=381)
I/CameraService( 381): Loaded "MSM8974 Camera Wrapper" camera module
I/CameraWrapper( 381): camera_get_number_of_cameras
I/CameraWrapper( 381): check_vendor_module
I/PackageManager( 741): /system/priv-app/MmsService changed; collecting certs
I/PackageManager( 741): /system/priv-app/OmniSwitch changed; collecting certs
E/HAL ( 381): load: module=/system/lib/hw/camera.vendor.msm8974.so
E/HAL ( 381): dlopen failed: cannot locate symbol "_ZN7android16CameraParameters25KEY_DYNAMIC_RANGE_CONTROLE" referenced by "camera.vendor.msm8974.so"...
E/CameraWrapper( 381): failed to open vendor camera module

gigoo25 said:
I've been messing around with the device configurations and logcats. I I think I have found the culprit for my camera not working. It shows that it loads the module but then fails to open it? Is this a CameraWrapper issue? Still trying to fix the camera so I can use this as a daily build but I have limited experience as a developer.
EDIT: Also the camera shows up on first boot but then disappears and says that the application is not installed. I'm trying to logcat it but not sure how to do that on the first boot without allowing my PC
EDIT2: From the looks of it searching the web it seems to be an issue with frameworks/av/camera/CameraParameters.cpp & frameworks/av/camera/include/CameraParameters.h
Code:
I/CameraService( 381): CameraService started (pid=381)
I/CameraService( 381): Loaded "MSM8974 Camera Wrapper" camera module
I/CameraWrapper( 381): camera_get_number_of_cameras
I/CameraWrapper( 381): check_vendor_module
I/PackageManager( 741): /system/priv-app/MmsService changed; collecting certs
I/PackageManager( 741): /system/priv-app/OmniSwitch changed; collecting certs
E/HAL ( 381): load: module=/system/lib/hw/camera.vendor.msm8974.so
E/HAL ( 381): dlopen failed: cannot locate symbol "_ZN7android16CameraParameters25KEY_DYNAMIC_RANGE_CONTROLE" referenced by "camera.vendor.msm8974.so"...
E/CameraWrapper( 381): failed to open vendor camera module
Click to expand...
Click to collapse
Looks like a patch for CameraParameters needed by your device is missing since no one has tried to bring that device up before, or hasn't tried bringing it up with 5.x
Since it's a Qualcomm-based device and likely using CAF repos, you'll probably have to patch frameworks/av-caf and not frameworks/av - see https://lists.omnirom.org/pipermail/maintainers/2015-June/000101.html for details (we need to add this info to the wiki...)

Entropy512 said:
Looks like a patch for CameraParameters needed by your device is missing since no one has tried to bring that device up before, or hasn't tried bringing it up with 5.x
Since it's a Qualcomm-based device and likely using CAF repos, you'll probably have to patch frameworks/av-caf and not frameworks/av - see https://lists.omnirom.org/pipermail/maintainers/2015-June/000101.html for details (we need to add this info to the wiki...)
Click to expand...
Click to collapse
So I would have to split av into two folders then applying I believe THIS patch to av-caf in order to compile it properly?
Also does native-caf branch still have to be merged before compiling?

gigoo25 said:
So I would have to split av into two folders then applying I believe THIS patch to av-caf in order to compile it properly?
Also does native-caf branch still have to be merged before compiling?
Click to expand...
Click to collapse
Well, the splitting of av is already done. Native is already merged with ifdefs (it didn't require nearly as much ifdefing as av, so we have a "unified" CAF+AOSP native). The only thing that is needed for device maintainers is adding av-caf to omni.dependencies - see the maintainers list post I linked to, or look at the Oppo find7 history.
So once you're pulling in av-caf via omni.dependencies, you should be able to apply that patch to av-caf and then submit it to Gerrit for review.
You might want to start idling in IRC, #omni is where most device maintainers are (in fact, all maintainers for supported devices idle their routinely, it's now a requirement for maintainers to routinely idle in IRC so they can see what's going on/people can ping them with questions.)

Entropy512 said:
Well, the splitting of av is already done. Native is already merged with ifdefs (it didn't require nearly as much ifdefing as av, so we have a "unified" CAF+AOSP native). The only thing that is needed for device maintainers is adding av-caf to omni.dependencies - see the maintainers list post I linked to, or look at the Oppo find7 history.
So once you're pulling in av-caf via omni.dependencies, you should be able to apply that patch to av-caf and then submit it to Gerrit for review.
You might want to start idling in IRC, #omni is where most device maintainers are (in fact, all maintainers for supported devices idle their routinely, it's now a requirement for maintainers to routinely idle in IRC so they can see what's going on/people can ping them with questions.)
Click to expand...
Click to collapse
Turns out I might of fixed the problem. Instead of messing with frameworks/av I can just override it with a file inside include/camera? Looking back at the Cyanogenmod repo for my device THIS is present while in my source it is not.
Compiling now. Will post results after.

Fix for constant rebooting after upgrade to 2.1.0

**TLDR** - If your shield keeps rebooting after the 2.1.0 update, unplug your ethernet cable and/or disable your wifi as a temporary fix.
I recently got a 16GB model. After the latest firmware update (to 2.1.0) I started to get constant rebooting. My first thought was to use fastboot to get back to 2.0.0 - I believe you can do this without wiping your user data, as the official images are signed with the nvidia key and I believe their bootloader would allow you to downgrade - can anyone confirm this? See https: // developer .nvidia. com/ gameworksdownload (sorry, can't link with <10 posts...) for nvidia 2.0.0 image.
However I wanted to see what was happening first. Running
Code:
$ adb logcat
...lots of output
...the system just rebooted, so let's watch the logs!
D/AndroidRuntime( 4318): Shutting down VM
E/AndroidRuntime( 4318): *** FATAL EXCEPTION IN SYSTEM PROCESS: main
E/AndroidRuntime( 4318): java.lang.IndexOutOfBoundsException: Invalid index 0, size is 0
E/AndroidRuntime( 4318): at java.util.ArrayList.throwIndexOutOfBoundsException(ArrayList.java:255)
E/AndroidRuntime( 4318): at java.util.ArrayList.get(ArrayList.java:308)
E/AndroidRuntime( 4318): at com.android.server.pm.PackageManagerService$PMLocationListener.getCountryFromLocation(PackageManagerService.java:14375)
E/AndroidRuntime( 4318): at com.android.server.pm.PackageManagerService$PMLocationListener.onLocationChanged(PackageManagerService.java:14282)
E/AndroidRuntime( 4318): at android.location.LocationManager$ListenerTransport._handleMessage(LocationManager.java:281)
E/AndroidRuntime( 4318): at android.location.LocationManager$ListenerTransport.access$000(LocationManager.java:210)
E/AndroidRuntime( 4318): at android.location.LocationManager$ListenerTransport$1.handleMessage(LocationManager.java:226)
E/AndroidRuntime( 4318): at android.os.Handler.dispatchMessage(Handler.java:104)
E/AndroidRuntime( 4318): at android.os.Looper.loop(Looper.java:135)
E/AndroidRuntime( 4318): at com.android.server.SystemServer.run(SystemServer.java:276)
E/AndroidRuntime( 4318): at com.android.server.SystemServer.main(SystemServer.java:177)
E/AndroidRuntime( 4318): at java.lang.reflect.Method.invoke(Native Method)
E/AndroidRuntime( 4318): at java.lang.reflect.Method.invoke(Method.java:372)
E/AndroidRuntime( 4318): at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
E/AndroidRuntime( 4318): at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698)
I/Process ( 4318): Sending signal. PID: 4318 SIG: 9
E/installd( 226): eof
E/installd( 226): failed to read size
I/installd( 226): closing connection
For those of you that don't speak stacktrace or android internals, what happened here is that something (presumably, my network state tracker noticed either an IP change or something else from my ethernet) sent a message to the internal LocationManager saying "something happened, update your location estimate". In the process of doing this LocationManager crashes, and then the entire android framework crashes in response to this critical component (system_server) crash. Then the init binary helpfully restarts everything, and in a few minutes it crashes again.
Unplugging the ethernet cable has resulted in a stable system. I haven't experienced the crash while on WiFi, but I wouldn't rule it out yet.
While I have not looked in extreme detail, my suspicion is that something about the firmware update broke google mobile services - I see an error trying to mount the data for GMS in the logs, and noticed the stacktrace above seems to be failing when the LocationManager uses the PackageManager which uses installd which then fails with some kind of file read.
Code:
E/Vold ( 206): Failed to find mounted volume for /storage/sdcard1/Android/data/com.google.android.gms/files/
W/Vold ( 206): Returning OperationFailed - no handler for errno 0
W/ContextImpl( 6163): Failed to ensure directory: /storage/sdcard1/Android/data/com.google.android.gms/files

Turning off location services seems to stop this too
I'm 100% that no ethernet stops the rebooting (got a few hours of testing and no crashes). Tried turning off location services after I saw the logs of the error, and I've had about 30 min with no crashes, so that's obviously a much more preferred way to address this issue until nvidia fixes the bug

well interesting to know about this issue.

slammertime said:
I'm 100% that no ethernet stops the rebooting (got a few hours of testing and no crashes). Tried turning off location services after I saw the logs of the error, and I've had about 30 min with no crashes, so that's obviously a much more preferred way to address this issue until nvidia fixes the bug
Click to expand...
Click to collapse
Has having locations services turned off solved the random restarts for you inevitably?

Yes, it seems so

Sorry for resurrecting an old thread, but I'm still having this issue.
Tried disabling location, changing languages, every other suggestion here and elsewhere online.. still getting reboots ~3-5 mins after the system starts, and random lockups. Only started happening post 2.1. The device is basically unusable at this point.
I'm just about to factory wipe/reinstall. Is there any other solution?

Same
grivad said:
Sorry for resurrecting an old thread, but I'm still having this issue.
Tried disabling location, changing languages, every other suggestion here and elsewhere online.. still getting reboots ~3-5 mins after the system starts, and random lockups. Only started happening post 2.1. The device is basically unusable at this point.
I'm just about to factory wipe/reinstall. Is there any other solution?
Click to expand...
Click to collapse
I am having the same issue. Talked to support, and they told me to unpair, and reset my devices that were attached to it, and unplug the hdmi and power, and still no dice.

peppy6582 said:
I am having the same issue. Talked to support, and they told me to unpair, and reset my devices that were attached to it, and unplug the hdmi and power, and still no dice.
Click to expand...
Click to collapse
I got sick of it, wiped the device, and did a fresh install of 2.1 (IIRC, whatever factory image was available a few weeks back) and applied the OTA once prompted. Zero issues since. It took some time installing and configuring everything again, but having a completely stable device made it worth it. It was unusable before, as it'd reboot every few minutes no matter what it was doing.
It looks like they have the 3.0 image up now, if you're thinking of reinstalling as well.
https://developer.nvidia.com/shield-open-source

grivad said:
I got sick of it, wiped the device, and did a fresh install of 2.1 (IIRC, whatever factory image was available a few weeks back) and applied the OTA once prompted. Zero issues since. It took some time installing and configuring everything again, but having a completely stable device made it worth it. It was unusable before, as it'd reboot every few minutes no matter what it was doing.
It looks like they have the 3.0 image up now, if you're thinking of reinstalling as well.
https://developer.nvidia.com/shield-open-source
Click to expand...
Click to collapse
Yeah, I actually did that, with a fastboot -w after the system.img part, just to make sure.

hey guys, do you still have the problem with the random reboot?
I have the same problem with the 500gb version but I didn't root this device or whatever, it isn't even my intention to root it.
Any idea what it is?? Nvidia want to send me a new one (or refurbished item) but I have like the idea that it will not be solved if I get a new one.
I read to much people with the same problems, even on 2 links I read from someone who got a new one and the problem was still there :s
I'm a little scared to send it back , because I fear it will not be solved.
Any idea guys???