[05.09.2012] Got Brickbug ? v1.2

Search This thread

Chainfire

Moderator Emeritus / Senior Recognized Developer
Oct 2, 2007
11,452
87,856
www.chainfire.eu
As you are all probably aware, the SGS2 and SGNote variants suffer from a bug that may brick your device when a certain erase method is used.

A thread with a lot of background about this issue can be found here:
http://xdaforums.com/showthread.php?t=1644364

Attached is a simple APK that reads out your chip's type and CID, and lets you know if we know that chip is dangerous or safe.

Just uninstall again after using.

Most SGS2's and Note's have "bad" chips (its actually the firmware that's bad). This is only dangerous if your kernel is dangerous as well. Gingerbread kernels are usually OK, Samsung ICS kernels are usually (bad on Note, good on SGS2 if released before July), custom ICS kernels: look in the kernel's thread. This is a simplification. See Entropy512's excellent post with some further details about which kernels are what.

Obviously, this comes "as-is", we're not responsible what you do with your device, etc. No rights can be derived from the output of the program!

Internal data used:
MAG4FA, VYL00M, or KYL00M fwrev 0x12 || 0x19 --> known bad
MAG4FA, VYL00M, or KYL00M fwrev >= 0x25 --> probably safe
MAG4FA, VYL00M, or KYL00M fwrev != 0x12 && != 0x19 && < 0x25 --> probably bad
M8G2FA, MBG8FA, MCGAFA, VAL00M, VZL00M --> probably bad (mentioned in patch code)
Everything else: unknown chip

News - 08.06.2012
Samsung: "Patches will be out in form of new official ROMs and also sourcecode releases after testing, which might take some time."

Changelog
05-09-2012 - v1.2
- Added chips mentioned in patch code ( http://xdaforums.com/showpost.php?p=31124285&postcount=785 )

08.06.2012 - v1.1
- fwrev 0x12 is also known bad

(v1.0: 6750; v1.1: 34315)
 

Attachments

  • GotBrickbug-v1.2.apk
    26.7 KB · Views: 50,900
Last edited:

nameejokerx

Senior Member
Dec 4, 2008
691
139
Cyberjaya
Owh damn..
Im in danger..
Someone please help my note.. At least until note 2 out..
Maybe i need to be careful now..
Thanks chainfire..

Update: no wonder sometime i hv half brick my note.
 
Last edited:
S

samit.mahap

Guest
my s2 status

Feels like danger boy from million dollar baby:D
 

Attachments

  • Screenshot_2012-06-05-22-02-32.jpg
    Screenshot_2012-06-05-22-02-32.jpg
    35.2 KB · Views: 18,488

Ogy77

Senior Member
Oct 2, 2011
1,537
226
Serbia
VYL00M - 0x19 And me too have this on my SGSII,is this so bad or not,becouse I think sell my SGSII???
 

LaCroyx

Senior Member
May 26, 2012
414
104
Bucharest
0x19 but no worries, i flashed roms like 100 times and no issues so far. Just stick with the instructions and no problems
 

chrisrotolo

Senior Member
Nov 3, 2010
1,905
462
Corona, CA
Samsung Galaxy S23 Ultra
app seems to work on my galaxy tab plus GT-P6200.
I haz brick bugg.
i think i noticed a problem factory reseting quite a few times back on stock honeycomb.
im on CM9 now.
This is good information to know. I read the original article too.
Thanks @chainfire! and everyone who helped.
 

Attachments

  • Screenshot_2012-06-05-13-23-39.jpg
    Screenshot_2012-06-05-13-23-39.jpg
    19.9 KB · Views: 3,847

Ogy77

Senior Member
Oct 2, 2011
1,537
226
Serbia
app seems to work on my galaxy tab plus GT-P6200.
I haz brick bugg.
i think i noticed a problem factory reseting quite a few times back on stock honeycomb.
im on CM9 now.
This is good information to know. I read the original article too.
Thanks @chainfire! and everyone who helped.

Good to know,but solution for this is...?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 424
    As you are all probably aware, the SGS2 and SGNote variants suffer from a bug that may brick your device when a certain erase method is used.

    A thread with a lot of background about this issue can be found here:
    http://xdaforums.com/showthread.php?t=1644364

    Attached is a simple APK that reads out your chip's type and CID, and lets you know if we know that chip is dangerous or safe.

    Just uninstall again after using.

    Most SGS2's and Note's have "bad" chips (its actually the firmware that's bad). This is only dangerous if your kernel is dangerous as well. Gingerbread kernels are usually OK, Samsung ICS kernels are usually (bad on Note, good on SGS2 if released before July), custom ICS kernels: look in the kernel's thread. This is a simplification. See Entropy512's excellent post with some further details about which kernels are what.

    Obviously, this comes "as-is", we're not responsible what you do with your device, etc. No rights can be derived from the output of the program!

    Internal data used:
    MAG4FA, VYL00M, or KYL00M fwrev 0x12 || 0x19 --> known bad
    MAG4FA, VYL00M, or KYL00M fwrev >= 0x25 --> probably safe
    MAG4FA, VYL00M, or KYL00M fwrev != 0x12 && != 0x19 && < 0x25 --> probably bad
    M8G2FA, MBG8FA, MCGAFA, VAL00M, VZL00M --> probably bad (mentioned in patch code)
    Everything else: unknown chip

    News - 08.06.2012
    Samsung: "Patches will be out in form of new official ROMs and also sourcecode releases after testing, which might take some time."

    Changelog
    05-09-2012 - v1.2
    - Added chips mentioned in patch code ( http://xdaforums.com/showpost.php?p=31124285&postcount=785 )

    08.06.2012 - v1.1
    - fwrev 0x12 is also known bad

    (v1.0: 6750; v1.1: 34315)
    134
    It would be beneficial to provide more information on the brick bug to avoid some people getting unnecessarily scared (such as most I9100 users).

    This bug requires three things for you to be in danger, and ALL of these conditions must be met for danger:
    1) A defective eMMC chip/fwrev that is unable to handle eMMC ERASE commands (command 38) properly. (I'll provide a link with more detail on the nature of the bug later) - This condition is the one Chainfire's new app checks for. By the way, M8G2FA fwrev 0x11 (seen on some Kindle Fires) is also suspected of being defective.
    2) A recovery binary that attempts to erase partitions when formatting them. Most ICS recovery binaries fit in this category, most Gingerbread recoveries do not attempt to perform an erase operation so are safe. Note that also, an affected update-binary in a ZIP could be a cause of problems too. (e.g. flashing a firmware that has an ICS update-binary and formats the partition could cause a problem even with a "safe" recovery.) So a kernel can be repacked with a "safe" CWM (such as the most recent CF-Root releases) but it will still only be partially safe.
    3) A kernel that allows attempts to erase a partition to actually happen. (as opposed to reporting "not supported" and doing nothing.) - A common way of rendering a kernel safe is to remove MMC_CAP_ERASE from the capability flags in drivers/mmc/mshci.c

    As of June 6, 2012, this is what I know as far as kernels that meet condition 3:
    • All GT-I9100 ICS leaks and official releases prior to July 2012 are SAFE (MMC_CAP_ERASE not present)
    • New GT-I9100 ICS leaks and official releases (starting in July 2012) are UNSAFE - That's right, Samsung ADDED the trigger conditions for this bug to newer releases such as XXLQ5. So much for "we're working on a fix"...
    • All kernels based on GT-I9100 ICS Update4 sources are SAFE (MMC_CAP_ERASE not present) - This includes all CM9 nightlies for SGH-I777, GT-I9100, and GT-N7000, all GT-I9100 custom kernels I am aware of, and all SGH-I777 custom kernels I am aware of
    • All GT-N7000 ICS leaks are UNSAFE
    • All GT-N7000 ICS official kernels are UNSAFE
    • All kernels built from the GT-N7000 sources are UNSAFE unless the following condition is met:
    • MMC_CAP_ERASE is removed from the capability flags in drivers/mmc/host/mshci.c - check the kernel features for this. Franco.kernel R3 and later and all Speedmod ICS releases are SAFE due to this.
    • All SHW-M250S/K/L ICS kernels are suspected to be UNSAFE
    • All SHW-M250S/K/L ICS source releases as of this date are UNSAFE (SHW-M250L Update4 was the cause of the SiyahKernel 3.1rc6 incident. Other Siyah releases are SAFE)
    • All SPH-D710 ICS releases as of this date are UNSAFE - Rumor has it that the official OTA may have a fixed kernel, but it is recommended to consider this kernel UNSAFE until source code is released and can be reviewed.
    • The SGH-I777 UCLD3 leak is UNSAFE, as is most likely every other leak for that device. Fortunately nearly everyone is using I9100 Update4-based custom kernels.
    • SGH-I727 and SGH-T989 ICS leaks are UNSAFE - However as these two devices use separate recovery and operational kernels, if you have a Gingerbread recovery/kernel, you should be safe regardless of what you are booting for normal operation.

    It's hard to get ALL of the cases and evaluate them, but in general in terms of levels of danger (As of June 6, 2012 - this could change with time):
    SPH-D710 users are in the most danger - They have no official ICS releases AND the I9100 Update4 source base can't be used to build a usable kernel for their device without major developer work
    GT-N7000 users are second on the list - They are the only ones outside of Korea to receive official ICS updates that trigger the eMMC firmware defect. However, I9100 Update4 sources required only minor work to create "safe" kernels, and developers know the proper procedure for rendering the official N7000 Update3 source drop "safe"
    SGH-I777 users are next - I777 leaks proved to be dangerous a month or so ago. However, the SGH-I777 required the least amount of work to be able to use the GT-I9100 Update4 source base, and as a result, with the exception of the leaks themselves, nearly all I777 ICS kernels are based off of safe source code bases.
    GT-I9100 users are in the least danger - No leak, official binary release, or source code release for this device has been dangerous. Only one I9100 kernel has ever proven dangerous and that was quickly pulled by its developer.

    I am not evaluating the SHW-M250S/K/L in the above list, as while I know their source and binaries are dangerous, the language/culture barrier means we have very little information on how this fiasco is panning out for those users.

    UPDATE:
    We have at least one confirmed report of this bug occurring with KYL00M fwrev 0x12 on a Samsung Skyrocket (SGH-I727) with their ICS leak kernels
    In addition, Samsung Hercules (SGH-T989) has the same fwrev and I've been told that they have observed bricks of this type with their ICS leaks

    UPDATE 2:
    I've received an email from a contact at Samsung who has indicated they are working on some sort of fix to be deployed to devices with an "UNSAFE" configuration listed above. I have requested that I receive an explicit list of which binary builds contain this fix, as without that I cannot know for sure which builds are fixed and which are not. Fixes are not yet deployed to affected devices.

    UPDATE 3:
    So much for the claims of working on a fix above... Not only have fixes not been deployed to any kernel for any device I am aware of, but Samsung added the trigger conditions to the XXLQ5 build for GT-I9100. Yes, that is correct - a device previously unaffected by this bug is now UNSAFE.
    23
    Hi fellow Androidians, how about a worldwide petition letter to Samsung. Below I've made a draft, feel free to amend accordingly.

    Yeah, because *that* is going to help :rolleyes:

    We already know Samsung is working on this. We know how to fix the problem in custom kernels. We know Samsung replaces devices that are bricked this way.

    Also, technically the chip isn't faulty, the chip's firmware is faulty. The problem is that updating the firmware on those chips is a really nasty affair you really don't want end-users to be doing, unless it has gone through some very rigorous testing.

    What possible use would it be to exchange all the Note's out there with new models with fixed firmwares, if they can just as well release a software update (that we know they are working on) that accomplishes the same thing ?

    What exactly do you want to happen here, aside from wasting a metric ****ton of Samsung's money, which we'll all have to pay extra on the next device to recuperate these funds ?

    This problem is something us "tweakers" need to be aware of for now, until it is fixed. Normal users will rarely if ever even run into this issue, and if they do, Samsung will replace the unit under warranty. Us tweakers have been warned, we know how to work around it, and we know a fix is coming - what could you possibly want beyond that ?
    18
    is this something you want us to run to collect the results or is it for our own information? :)

    It is for your own information... there's no testing involved or anything, it just pulls some info from the device, and shows it on screen for you.
    10
    It's important to understand that the source of this problem is bad firmware in the eMMC chip. There is nothing technically wrong with the kernel itself. The eMMC claims to support a method of erasure that causes it to write bad data when it's used.

    To achieve safety, you either fix the chip so that it supports the method it claims to properly or avoid using that method of erasure.

    Cyanogenmod 9 is safe because it doesn't erase using that method. They use their own kernel built from their own source code.

    Samsung ICS kernels are not safe because they call the best method the eMMC claims to support when erasing, which is bugged within the chip's firmware.

    Anyone who uses the official Samsung ICS kernel or the ICS leaks of Samsung's kernel are at risk. Chainfire's kernel is risky because Chainfire uses Samsung's official kernels and adds Clockwork Mod to them at the binary level. He doesn't have source to modify to make his kernels safe. Samsung must make their kernel safe before Chainfire can release a safe one himself. What Chainfire has done is modify the recovery so that it won't ask the kernel to erase the eMMC in a potentially dangerous way, but it won't stop sources other than that recovery from asking for a potentially bricking erase operation because the kernel hasn't been modified and will still do it if asked to.

    Because we know something of which versions of the eMMC chip are affected by this flaw, we can determine if a user is at risk simply by asking the chip to identify itself.

    Decompiling a kernel is a completely different ball of wax. I wouldn't hold my breath for a tool that can do that and identify if your kernel is patched or not. Besides that, the source of the problem is now known with certainty and can be avoided by not flashing Samsung kernels until Samsung gets off their lazy butt and fixes theirs, or provides the code that can be used to fix the eMMC chip that is the source of all our troubles.