[05.09.2012] Got Brickbug ? v1.2

Search This thread

jackster137

Member
Jun 8, 2012
15
2
What device?

After further research, uninstalling/deleting files is safe - Samsung ICS devices do NOT mount their filesystems with the "discard" option.

Wiping is the primary method of damage - also Samsung has replaced most devices damaged by this bug (it's kind of inconsistent, but if you fry when doing a wipe on a stock unrooted device it's almost guaranteed they will cover it.)

Flashing ZIPs in recovery and nandroid restoring can't be done with stock unrooted devices, those are the main other danger cases.

I would have edited my post but because I am a new member I had a time restriction

I have an N7000 16gb

Thanks for the info
 

Entropy512

Senior Recognized Developer
Aug 31, 2007
14,088
25,086
Owego, NY
Hey guys, Skyrocket (I727) definitely has this bug too. I unfortunately triggered it and bricked my device. Attached is a screenshot of Chainfire's utility on a loaner Skyrocket.

And I verified with Hercules owners that their T989's have the same emmc chip and firmware version as Skyrocket. I assume the bug is there too.
Yup. One thing I just remembered though is that unlike most Samsungs, the Skyrocket and T989 have separate recovery and kernel partitions. So if your recovery partition uses a Gingerbread recovery and kernel you should be fine. (To be safe - since you have source for Gingerbread kernels, have your devs remove MMC_CAP_ERASE from the kernel in drivers/mmc/host/mshci.c). This should ensure that even flashing ICS zips with ICS update-binary is safe.)

So I'm on darkside beta 7.1 with the1727 kernel, what the hell should I do? Throw my phone off my 24 story balcony and get a new one through insurance?

Sent from my SGH-T989
See above. You're PROBABLY fine as long as your recovery stays with a Gingerbread kernel/recovery AND your filesystems are NOT mounted with the "discard" option. So far, it's operations in recovery that include a format (wipe, nandroid restore, some CWM zip flashes) that cause problems.


My N7000 32GB has the same emmc as yours (VZL00M 0x1A).
I have tried flashing ICS LPY and LP9, no problem so far.
Whether this variant is affected is unknown.
 

CosmoDroid

Senior Member
Jan 14, 2012
353
283
I fall in the "damn lucky" category...Did around 5-10 wipes from Stock Recovery with an affected chip....nd still I'm SAFE...I mean my Note's SAFE...!!! :D Currently using Franco kernel with the MMC_CAP_ERASE command removed... :)
 

qazibasit

Senior Member
Mar 24, 2012
884
114
infected

My note is infected with this bug. I have never known my phone has this bug and every time i flash a new rom i wipe my data in the recovery both pre and post flashing. I never experienced this prob thank God but for the future need advice i am on criskelo rom v5.1 ics. Should ibgo back to GB??????
 

louisebb

Senior Member
Jan 1, 2008
80
5
Samsung should recall all phones they sold with this chip and replace it!

Sent from my GT-N7000 using xda premium
 
  • Like
Reactions: CamoGeko

alejandromsa

Senior Member
Dec 2, 2011
91
49
62
Jakarta
OPPO Find X5 Pro
Damn my note's doomed, this is my 2nd replacement from Samsung & it still has the bug, i'm on franco kernel r5.
Time to roll back to GB till its safe, lol

Sent from my GT-N7000 using xda premium
 

Attachments

  • uploadfromtaptalk1339186588346.jpg
    uploadfromtaptalk1339186588346.jpg
    30.6 KB · Views: 464

stesteste

Senior Member
Apr 12, 2011
1,209
317
Me to is there anyone with note who can post a safe screeny think I will go to Franco 5 instead of default rrv4.1 kernal

galaxy note
 

Attachments

  • uploadfromtaptalk1339188801649.jpg
    uploadfromtaptalk1339188801649.jpg
    41.6 KB · Views: 464

ashkan_mc

Senior Member
Sep 7, 2009
479
33
Berlin
So once the chip is infected with the brick bug, it doesn't matter if we change the ROM and we have it anyway?

I mean I was on official ICS and I ran the app and it told me the chip is in danger and I reverted back to GB and I checked it again with the app and it still says I have the problem !
 

KennyLegend

Senior Member
Jan 13, 2011
5,785
1,193
Cork
So once the chip is infected with the brick bug, it doesn't matter if we change the ROM and we have it anyway?

I mean I was on official ICS and I ran the app and it told me the chip is in danger and I reverted back to GB and I checked it again with the app and it still says I have the problem !

Yes but on .GB the kernel protects u because it doesn't activate the emmc_cap_erase command so on GB u are totally safe. On ics the emmc_cap_erase command might be used if u wipe data or format etc

On the other hand, if u use a kernel that has that command removed , you are safe. Read Entropy comments above for clarification.

Sent from my GT-I9300 using xda premium
 

ashkan_mc

Senior Member
Sep 7, 2009
479
33
Berlin
Yes but on .GB the kernel protects u because it doesn't activate the emmc_cap_erase command so on GB u are totally safe. On ics the emmc_cap_erase command might be used if u wipe data or format etc

On the other hand, if u use a kernel that has that command removed , you are safe. Read Entropy comments above for clarification.

Sent from my GT-I9300 using xda premium

This bug is related to memory card ? because since some time ago, I have some irregularities when I connect the phone to my pc ... sometimes out of no where and suddenly, the usb connection cuts off and I have to reconnect it again ... odd a little bit :confused:
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 424
    As you are all probably aware, the SGS2 and SGNote variants suffer from a bug that may brick your device when a certain erase method is used.

    A thread with a lot of background about this issue can be found here:
    http://xdaforums.com/showthread.php?t=1644364

    Attached is a simple APK that reads out your chip's type and CID, and lets you know if we know that chip is dangerous or safe.

    Just uninstall again after using.

    Most SGS2's and Note's have "bad" chips (its actually the firmware that's bad). This is only dangerous if your kernel is dangerous as well. Gingerbread kernels are usually OK, Samsung ICS kernels are usually (bad on Note, good on SGS2 if released before July), custom ICS kernels: look in the kernel's thread. This is a simplification. See Entropy512's excellent post with some further details about which kernels are what.

    Obviously, this comes "as-is", we're not responsible what you do with your device, etc. No rights can be derived from the output of the program!

    Internal data used:
    MAG4FA, VYL00M, or KYL00M fwrev 0x12 || 0x19 --> known bad
    MAG4FA, VYL00M, or KYL00M fwrev >= 0x25 --> probably safe
    MAG4FA, VYL00M, or KYL00M fwrev != 0x12 && != 0x19 && < 0x25 --> probably bad
    M8G2FA, MBG8FA, MCGAFA, VAL00M, VZL00M --> probably bad (mentioned in patch code)
    Everything else: unknown chip

    News - 08.06.2012
    Samsung: "Patches will be out in form of new official ROMs and also sourcecode releases after testing, which might take some time."

    Changelog
    05-09-2012 - v1.2
    - Added chips mentioned in patch code ( http://xdaforums.com/showpost.php?p=31124285&postcount=785 )

    08.06.2012 - v1.1
    - fwrev 0x12 is also known bad

    (v1.0: 6750; v1.1: 34315)
    134
    It would be beneficial to provide more information on the brick bug to avoid some people getting unnecessarily scared (such as most I9100 users).

    This bug requires three things for you to be in danger, and ALL of these conditions must be met for danger:
    1) A defective eMMC chip/fwrev that is unable to handle eMMC ERASE commands (command 38) properly. (I'll provide a link with more detail on the nature of the bug later) - This condition is the one Chainfire's new app checks for. By the way, M8G2FA fwrev 0x11 (seen on some Kindle Fires) is also suspected of being defective.
    2) A recovery binary that attempts to erase partitions when formatting them. Most ICS recovery binaries fit in this category, most Gingerbread recoveries do not attempt to perform an erase operation so are safe. Note that also, an affected update-binary in a ZIP could be a cause of problems too. (e.g. flashing a firmware that has an ICS update-binary and formats the partition could cause a problem even with a "safe" recovery.) So a kernel can be repacked with a "safe" CWM (such as the most recent CF-Root releases) but it will still only be partially safe.
    3) A kernel that allows attempts to erase a partition to actually happen. (as opposed to reporting "not supported" and doing nothing.) - A common way of rendering a kernel safe is to remove MMC_CAP_ERASE from the capability flags in drivers/mmc/mshci.c

    As of June 6, 2012, this is what I know as far as kernels that meet condition 3:
    • All GT-I9100 ICS leaks and official releases prior to July 2012 are SAFE (MMC_CAP_ERASE not present)
    • New GT-I9100 ICS leaks and official releases (starting in July 2012) are UNSAFE - That's right, Samsung ADDED the trigger conditions for this bug to newer releases such as XXLQ5. So much for "we're working on a fix"...
    • All kernels based on GT-I9100 ICS Update4 sources are SAFE (MMC_CAP_ERASE not present) - This includes all CM9 nightlies for SGH-I777, GT-I9100, and GT-N7000, all GT-I9100 custom kernels I am aware of, and all SGH-I777 custom kernels I am aware of
    • All GT-N7000 ICS leaks are UNSAFE
    • All GT-N7000 ICS official kernels are UNSAFE
    • All kernels built from the GT-N7000 sources are UNSAFE unless the following condition is met:
    • MMC_CAP_ERASE is removed from the capability flags in drivers/mmc/host/mshci.c - check the kernel features for this. Franco.kernel R3 and later and all Speedmod ICS releases are SAFE due to this.
    • All SHW-M250S/K/L ICS kernels are suspected to be UNSAFE
    • All SHW-M250S/K/L ICS source releases as of this date are UNSAFE (SHW-M250L Update4 was the cause of the SiyahKernel 3.1rc6 incident. Other Siyah releases are SAFE)
    • All SPH-D710 ICS releases as of this date are UNSAFE - Rumor has it that the official OTA may have a fixed kernel, but it is recommended to consider this kernel UNSAFE until source code is released and can be reviewed.
    • The SGH-I777 UCLD3 leak is UNSAFE, as is most likely every other leak for that device. Fortunately nearly everyone is using I9100 Update4-based custom kernels.
    • SGH-I727 and SGH-T989 ICS leaks are UNSAFE - However as these two devices use separate recovery and operational kernels, if you have a Gingerbread recovery/kernel, you should be safe regardless of what you are booting for normal operation.

    It's hard to get ALL of the cases and evaluate them, but in general in terms of levels of danger (As of June 6, 2012 - this could change with time):
    SPH-D710 users are in the most danger - They have no official ICS releases AND the I9100 Update4 source base can't be used to build a usable kernel for their device without major developer work
    GT-N7000 users are second on the list - They are the only ones outside of Korea to receive official ICS updates that trigger the eMMC firmware defect. However, I9100 Update4 sources required only minor work to create "safe" kernels, and developers know the proper procedure for rendering the official N7000 Update3 source drop "safe"
    SGH-I777 users are next - I777 leaks proved to be dangerous a month or so ago. However, the SGH-I777 required the least amount of work to be able to use the GT-I9100 Update4 source base, and as a result, with the exception of the leaks themselves, nearly all I777 ICS kernels are based off of safe source code bases.
    GT-I9100 users are in the least danger - No leak, official binary release, or source code release for this device has been dangerous. Only one I9100 kernel has ever proven dangerous and that was quickly pulled by its developer.

    I am not evaluating the SHW-M250S/K/L in the above list, as while I know their source and binaries are dangerous, the language/culture barrier means we have very little information on how this fiasco is panning out for those users.

    UPDATE:
    We have at least one confirmed report of this bug occurring with KYL00M fwrev 0x12 on a Samsung Skyrocket (SGH-I727) with their ICS leak kernels
    In addition, Samsung Hercules (SGH-T989) has the same fwrev and I've been told that they have observed bricks of this type with their ICS leaks

    UPDATE 2:
    I've received an email from a contact at Samsung who has indicated they are working on some sort of fix to be deployed to devices with an "UNSAFE" configuration listed above. I have requested that I receive an explicit list of which binary builds contain this fix, as without that I cannot know for sure which builds are fixed and which are not. Fixes are not yet deployed to affected devices.

    UPDATE 3:
    So much for the claims of working on a fix above... Not only have fixes not been deployed to any kernel for any device I am aware of, but Samsung added the trigger conditions to the XXLQ5 build for GT-I9100. Yes, that is correct - a device previously unaffected by this bug is now UNSAFE.
    23
    Hi fellow Androidians, how about a worldwide petition letter to Samsung. Below I've made a draft, feel free to amend accordingly.

    Yeah, because *that* is going to help :rolleyes:

    We already know Samsung is working on this. We know how to fix the problem in custom kernels. We know Samsung replaces devices that are bricked this way.

    Also, technically the chip isn't faulty, the chip's firmware is faulty. The problem is that updating the firmware on those chips is a really nasty affair you really don't want end-users to be doing, unless it has gone through some very rigorous testing.

    What possible use would it be to exchange all the Note's out there with new models with fixed firmwares, if they can just as well release a software update (that we know they are working on) that accomplishes the same thing ?

    What exactly do you want to happen here, aside from wasting a metric ****ton of Samsung's money, which we'll all have to pay extra on the next device to recuperate these funds ?

    This problem is something us "tweakers" need to be aware of for now, until it is fixed. Normal users will rarely if ever even run into this issue, and if they do, Samsung will replace the unit under warranty. Us tweakers have been warned, we know how to work around it, and we know a fix is coming - what could you possibly want beyond that ?
    18
    is this something you want us to run to collect the results or is it for our own information? :)

    It is for your own information... there's no testing involved or anything, it just pulls some info from the device, and shows it on screen for you.
    10
    It's important to understand that the source of this problem is bad firmware in the eMMC chip. There is nothing technically wrong with the kernel itself. The eMMC claims to support a method of erasure that causes it to write bad data when it's used.

    To achieve safety, you either fix the chip so that it supports the method it claims to properly or avoid using that method of erasure.

    Cyanogenmod 9 is safe because it doesn't erase using that method. They use their own kernel built from their own source code.

    Samsung ICS kernels are not safe because they call the best method the eMMC claims to support when erasing, which is bugged within the chip's firmware.

    Anyone who uses the official Samsung ICS kernel or the ICS leaks of Samsung's kernel are at risk. Chainfire's kernel is risky because Chainfire uses Samsung's official kernels and adds Clockwork Mod to them at the binary level. He doesn't have source to modify to make his kernels safe. Samsung must make their kernel safe before Chainfire can release a safe one himself. What Chainfire has done is modify the recovery so that it won't ask the kernel to erase the eMMC in a potentially dangerous way, but it won't stop sources other than that recovery from asking for a potentially bricking erase operation because the kernel hasn't been modified and will still do it if asked to.

    Because we know something of which versions of the eMMC chip are affected by this flaw, we can determine if a user is at risk simply by asking the chip to identify itself.

    Decompiling a kernel is a completely different ball of wax. I wouldn't hold my breath for a tool that can do that and identify if your kernel is patched or not. Besides that, the source of the problem is now known with certainty and can be avoided by not flashing Samsung kernels until Samsung gets off their lazy butt and fixes theirs, or provides the code that can be used to fix the eMMC chip that is the source of all our troubles.