Related
(Avis aux intéressés, j'ai traduit mon message en français, et reparti une discussion sur Frandroid.)
Hello,
I managed to map the partitions on the Gio 5660M (Bell Canada, 2.3.4, MUGK3) in order to extract an ODIN flashable complete stock backup.
I have also made a stock, rooted ROM backup by working in a hex editor. Other tools that helped the mapping were Winmerge, to do file comparisons with an Euro 5660 ROM, and Notepad++ for string searches.
Those with a 5660M that are experiencing issues after flashing Euro 5660 ROMs that have been posted here now have the possibility of flashing back their original radio and kernel.
ROM development and deployment is going to be safer going forward.
I copied the blocks with the dd command as follows:
dd if=/dev/block/bml1 of=/sdcard/bml1 bs=4096
WARNING!!! DO NOT dd /dev/block/stl5 as there have been multiple reports of bricking following reading it. We already know that this block contains the EFS partition, including the SIM-lock code. You can however dd bml5 without issue from a "live" phone. If you absolutely want stl5, you may get it by using a rooted custom recovery.
From what I've gathered bml is essentially a lower level interface to the same blocks accessed by stl, but the results differ somewhat in resulting file size.
Here are the results:
Code:
/dev/block/bml1 MIBIB
/dev/block/bml2 QCSBL
/dev/block/bml3 OEMSBL
/dev/block/bml4 AMSS
/dev/block/bml6 Essentially empty, with a FSR_STL string at the beginning.
/dev/block/bml7 arm11boot
/dev/block/bml8 boot.img. My initial assumption was based on the .ops file supplied with the Euro ROM I've done my comparisons with. This has since been confirmed with actual flashing.
/dev/block/bml9 recovery.img for the same reasons as above.
/dev/block/bml10 Essentially empty. Mine has a BMC string at the beginning which matches the CSC code on this phone, followed by an ON and an OFF.
/dev/block/bml11 Empty. \xFF all around.
/dev/block/bml12 Seems to contain the same RFS data as stl12, but with an additional 8 megs of data/padding, not readable by MagicISO.
/dev/block/bml13 Like 12 above, but user data
/dev/block/bml14 As above, but the almost empty partition
/dev/block/stl1 cannot open for read
/dev/block/stl2 cannot open for read
/dev/block/stl3 cannot open for read
/dev/block/stl4 cannot open for read
/dev/block/stl6 Empty: contains only \xFF
/dev/block/stl7 cannot open for read
/dev/block/stl8 cannot open for read
/dev/block/stl9 cannot open for read
/dev/block/stl10 cannot open for read
/dev/block/stl11 cannot open for read
/dev/block/stl12 system.rfs - is flashable as-is once tarballed. Also contains the CSC files as we're taking this from a "live" installation, contrary to an OEM provided image. (My image is also rooted for the same reason.)
/dev/block/stl13 data.rfs - User data partition
/dev/block/stl14 cache.rfs - Odin hangs when I try to flash it. Use CWM and dd back into place from the SD card.
From what I see we can't repartition our phones like the GT-I9000 guys do, so there are no PIT files to worry about. Only the OPS files which ODIN uses. We're not able to flash with Heimdall in its current configuration as it requires a PIT file.
GT-S5660M_MUGKG3_stock_rooted_ROM_v2.7z (101.46 MB)
Un7-Zip, flash tarball with Odin using the "One Package" option. Tested working on my phone. I think it goes without saying that flashing this is at your own risk.
(PDA: S5660MUGKG3 PHONE: S5660MUGKG3 CSC: S5660MBMCKG3)
Tutorial on flashing with Odin, with link for the appropriate version for our phone.
I've released my custom 5660M ROM, ArpegGioMod.
Goodbye,
Darkshado
Wow,
Thank you very much. The screen brightness issues and problems connecting to the mobile 3G network were very troublesome.
I will be flashing this ROM back to my s5660m.
THANK YOU!
STATUS UPDATE:
I have successfully flashed the image to my phone, i had to rename factory.rfs to system.rfs in order for ODIN to flash successfully. Also, it may not be important but I noticed that your image is missing the csc.rfs file.
I copied it from another ROM but it still didn't take it.
Even with the CSC.RFS file missing, it SEEMS to work GREAT! No more screen issues or 3G problems so far, I will keep you updated!
Again, thank you for uploading this, Hopefully soon there will be a CM7 for the s5660m!
Cool! Please, pretty please let me know as soon as possible how it turns out. When do you plan on trying this? This afternoon or later tonight?
Depending on how much you feel at ease with experimenting, you might be able to make a modified OPS file and new tar archive to flash only AMSS and boot.img to your system. Boot in recovery to wipe cache and dalvik-cache, then reboot the phone in normal mode. *If* things go according to plan you'd be left with a custom ROM'ed and functional phone. Otherwise just flash the whole thing back to stock.
Good luck,
Darkshado
Coolty said:
STATUS UPDATE:
I have successfully flashed the image to my phone, i had to rename factory.rfs to system.rfs in order for ODIN to flash successfully. Also, it may not be important but I noticed that your image is missing the csc.rfs file.
I copied it from another ROM but it still didn't take it.
Even with the CSC.RFS file missing, it SEEMS to work GREAT! No more screen issues or 3G problems so far, I will keep you updated!
Again, thank you for uploading this, Hopefully soon there will be a CM7 for the s5660m!
Click to expand...
Click to collapse
Great! You just made my day!
About the missing CSC file: CSC is an acronym for Carrier/Country Specific Code. The csc.rfs file is a partition image file that, as far as I can tell, is merged with the contents of the system.rfs partition. In our case, the CSC file would contain the APN settings, as well as the Bell proprietary apps like self-serve and remote PVR.
Instead, since I took the system partition from a live phone, the CSC content is already in the system.rfs partition. I think the idea behind this is that Samsung can release new CSC packages without having to update the whole firmware when "new" carriers add the phone to their lineup.
I'll see if I can edit the RFS partitions, (maybe by mounting them on the phone directly?) if so, I would be able to unroot, and make that separate CSC partition as well. That would make the backup completely stock, as if it came right from Samsung.
Another, simpler solution would be to modify the OPS file to skip the CSC partition.
One question: did you re-tar each file individually for ODIN to take them?
CM7 port: I'd love to have one on that phone as well, but I'm not in a position to tackle that project, yet. The good news is that since we now have a way to bring the phone back to stock, we can experiment safely.
Goodbye,
Darkshado
Depending on how much you feel at ease with experimenting, you might be able to make a modified OPS file and new tar archive to flash only AMSS and boot.img to your system. Boot in recovery to wipe cache and dalvik-cache, then reboot the phone in normal mode. *If* things go according to plan you'd be left with a custom ROM'ed and functional phone. Otherwise just flash the whole thing back to stock.
Click to expand...
Click to collapse
I will try this as well, will let you know the status of that as soon as I get to that. I am pretty confident with flashing phones by now
One question: did you re-tar each file individually for ODIN to take them?
Click to expand...
Click to collapse
No, I use linux so it was an easy process of copying the factory.rfs to my HDD, renaming it to system.rfs, deleting factory.rfs from TAR, and then adding system.rfs to the TAR file.
Let me know if you want me to try anything else, as I have access to linux and am pretty knowledgeable when it comes to things of that nature.
I can confirm that replacing amss and boot.img for 5660m from custom firmware meant for the 5660 works perfectly. I am using this tar: GioPro-1_2-LITE-by_ZimniY-S5660XXKQ6_S5660XXKQ5_S5660SEBKQ1.tar AND the GioPro 1.3 update zip. No screen issues or 3G problems. If you like I can upload the edited ROM for ODIN.
Step by Step guide for Noobs?
Hello,
My Samsung Gio S5660M is on an infinite loop.
Will this method fix the issue?
Can someone kindly give a step-by-step guide to this method (starting from what software/driver needed)?
Thanks a lot.
red02 said:
Hello,
My Samsung Gio S5660M is on an infinite loop.
Will this method fix the issue?
Can someone kindly give a step-by-step guide to this method (starting from what software/driver needed)?
Thanks a lot.
Click to expand...
Click to collapse
Why is your phone stuck in an infinite loop? What did you do to cause this?
did you somehow overwrote stl5(the efs partition afaik) while trying to unlock your phone?
Coolty said:
I can confirm that replacing amss and boot.img for 5660m from custom firmware meant for the 5660 works perfectly. I am using this tar: GioPro-1_2-LITE-by_ZimniY-S5660XXKQ6_S5660XXKQ5_S5660SEBKQ1.tar AND the GioPro 1.3 update zip. No screen issues or 3G problems. If you like I can upload the edited ROM for ODIN.
Click to expand...
Click to collapse
if you could post it, that would be much appreciated!!
steez003 said:
if you could post it, that would be much appreciated!!
Click to expand...
Click to collapse
I am currently in the process of uploading the edited TAR file to megaupload. The file is rather large so it may take another hour or so to complete. I will update this post when it is completed.
EDIT:
Here you go! GioPro 1.2 LITE edited for use with the Samsung Galaxy s5660m
Gio Pro 1.2 LITE updated for canadian s5660m by coolty
Coolty said:
Why is your phone stuck in an infinite loop? What did you do to cause this?
did you somehow overwrote stl5(the efs partition afaik) while trying to unlock your phone?
Click to expand...
Click to collapse
Hello Coolty,
Yes, that's exactly what happened. I tried to unlock it using Andorid Terminal Emulator, and although it gave me the unlock code, it fell into infinite loop upon restart.
Will your uploaded file fix this problem?
What would possibly provide a detailed guide on how to use the file?
Thanks.
red02 said:
Hello Coolty,
Yes, that's exactly what happened. I tried to unlock it using Andorid Terminal Emulator, and although it gave me the unlock code, it fell into infinite loop upon restart.
Will your uploaded file fix this problem?
What would possibly provide a detailed guide on how to use the file?
Thanks.
Click to expand...
Click to collapse
Hi,
I'm not one for explaining things in great detail, but the basic breakdown of the things you need (google is your friend) are:
1) Odin_Multi_Downloader_v4.42
2) The USB drivers for your phone (Hint: Samsung Kies)
3) OPS File (for this phone, I recommend GIO_v1.0.OPS)
4) Either a single TAR file or multiple files (eg, appboot, PDA, etc) For the file I am uploading it will be a single TAR file which is a package that includes all the things needed.
Then, you just remove the battery in your phone, unplug it from USB or wall charger, put battery back in, hold vol down + HOME + power until you see a screen (you may have to press a vol key after that, read the screen to see if you need to) Your screen on the phone should say DOWNLOADING... This is when you:
1) connect phone to computer via USB after installing drivers (kies, usb driver)
2) make sure kies is closed
3) run ODIN
4) choose the proper OPS file
5) click single package
6) choose the TAR file you want to flash to your phone
That's it!
EDIT:
I am providing some forum links that may better explain how to do what you need done:
How to unbrick (for samsung ACE, but applies to the 5660m) http://forum.xda-developers.com/showthread.php?t=1071970
How to use ODIN to flash your phone: http://forum.xda-developers.com/showpost.php?p=16979859&postcount=549
And of course, the great bible of GIO 5660 links and information: http://forum.xda-developers.com/showthread.php?t=1209425
I have updated my previous post to include the download link to the fixed rom for use with the s5660m.
(search for "s5660m by coolty" on the forums to find it)
Coolty said:
I am currently in the process of uploading the edited TAR file to megaupload. The file is rather large so it may take another hour or so to complete. I will update this post when it is completed.
EDIT:
Here you go! GioPro 1.2 LITE edited for use with the Samsung Galaxy s5660m
Gio Pro 1.2 LITE updated for canadian s5660m by coolty
Click to expand...
Click to collapse
Thanks! I ended up flashing my phone and I have run into a problem. For some reason Wifi won't work in GioPro. It says 'Turning on...' and then it will say 'Error'. Any ideas?
Thanks
Will this help at at all with a blank IMEI? I assume this would only help for people flashing back to stock firmware or recovering from a non-bootable or reboot loop phone?
steez003 said:
Thanks! I ended up flashing my phone and I have run into a problem. For some reason Wifi won't work in GioPro. It says 'Turning on...' and then it will say 'Error'. Any ideas?
Thanks
Click to expand...
Click to collapse
I'm also running into the same issue
Sent from my Nexus S using XDA App
Thats why i recommend you guys always do a factory reset before and after flashing , these glitches , like gps issue , wifi , stuck on boot logo , won't happen if you properly fectory reset before and after flashing....
Waqasshazad: Maybe wiping the caches will help, but the issues might be due to running a 5660 on a 5660M as well. We know the kernels and modems aren't compatible, it may go a bit further. By the way, it's spelled factory.
MacrossFX: I've seen mentions of people dd'ing their stl5 partition into a file and then back on the phone, but I'm unsure this worked in the end. I'm afraid your only solution might involve a shipment to the service center...
ClockworkMod Recovery for the Samsung Galaxy Gio GT-S5660
http://forum.xda-developers.com/showpost.php?p=16980117&postcount=559
May be this can backup for you , too with s5660m , i have tested on Gt s5660 and it worked perfectly fine..
waqasshahzad1986 said:
Thats why i recommend you guys always do a factory reset before and after flashing , these glitches , like gps issue , wifi , stuck on boot logo , won't happen if you properly fectory reset before and after flashing....
Click to expand...
Click to collapse
I followed your instructional video and did do a factory reset before and after. Maybe i'll try reflashing it again tonight and see what happens.
Hello,
In this thread I will teach you every method I had to use to root any Spreadtrum devices, Starting with the riskless ones to the reckless ones.
I have to warn you that the last root method (using ResearchDownload to load a modified system.img) may be dangerous ! (because of possible partition table changes)
The others methods are pretty safe, don't be afraid by them if you do exactly what I wrote.
Theses processors are also named SP6820 and SP8810, it's exactly the same processor, it's just some misnaming from Chinese sellers.
Theses methods do work on the newest Spreadtrum CPUs, like the SC7710 (the 3G WCDMA model), and the more powerful SC8825/SC6825 (dual core).
Why buying a Spreadtrum based phone ?
They are really cheap, and they work amazingly well ! They can play some games and emulators very well, that's unexpected for such low end devices (50$ or less)
They usually only have 256MB of RAM but despite that, they still runs well ! (I tested a lot of games and some 3D games are working flawlessly, pretty amazing) - I discovered that they are using zram (or other swap methods) to provide more RAM by compressing it when needed. That's pretty neat and really helps with such a small amount of RAM !
They are very good as a portable multimedia device, to read mails, browsing the web, play some games, mp3, videos.
As a 2G phone they are competent, but the 2G modem is not as good as the one in MTK processors. (It takes longer to load something in the same conditions)
Boot very fast, and have decent battery life. (3-4 hours of video out of a 1200 mAh battery - 5-6 hours out of a 1800 mAh)
Why you should not ?
Not true anymore, but they were extremely difficult to root in some cases.
They don't seem to be well tested ... You can have a microphone so quiet nobody will be able to ear you. But it's easy to fix as you can see here: http://forum.xda-developers.com/showthread.php?p=38731407
They don't have any form of usable 3G support. (except the SC7710 who have WCDMA 850/2100 compatibility)
They usually have only 256MB of RAM again. So that can be a problem when you are, for example, using Opera Mobile Classic with more than 3 tabs. And make the transition between apps longer.
SC6820 and SC8810 model are all using Android 2.x, even if some are marketed as Android 4.0 phone (very big and blatant lie !)
They usually use android 2.3, but some are only Android 2.2 phones ! (The fake Android 4.0.3 for instance is usually only android 2.2)
SC6825 and SC8825 seems to only have a (real this time) Android 4.0.3 firmware. 4.1 are better is often advertised, but it's again ... lies ... Android 4.0 is not really suitable for phones with only 256 MB of RAM, so SC6825/8825 phones are pretty rough on the edges. Using more than one tab on the default web browser is asking for troubles for example.
They all use the MocorDroid Firmware. It's some kind of fork of Android that use NON-Standards and sometime buggy Launchers and they often use alternative keyboards like Go Keyboard which is kind of a bad choice considering the RAM and ROM constraints on theses devices ...
The only difference between the SC6820 and the SC8810 is the support for the Chinese form of 3G.
If you don't live in china, that means this two processors are essentially the same. (Don't trust sellers, the 8810 is NOT WCDMA "3G" compatible)
Some phones with the fake Android 4.0.3 based on 2.3.5 will brick themselves nearly 2 months after you first used it. It's a really weird behavior of this early Spreadtrum firmware. So if you have this firmware, just do whatever it takes to root it, make a backup and install CWM as soon as possible to be able to recover from this possible breakage. It's only a problem with a fraction of Spreadtrum phones, but you will be very happy if you have installed CWM before encountering it ^^ (applicable only if you bought one in 2012)
A lot of fakery in the Spreadtrum scene. For example fake MTK6515/MTK6572 phones that are in fact just SC6820/SC6825 phones with a firmware modified to lie its processor ID to populars android benchmarking tools like Antutu Benchmark.
If you are searching for a 512MB RAM phone, you'd better go for an MTK(6575/6572 or better) Phone. As you will never find a real 512MB Spreadtrum phone in the jungle of lies you are looking at ...
On all model with 2.3.5 based firmware (SC6820 and SC8810 essentially), you can have a lot of problems with the SIM card detection on some sim cards. For example I can't call somebody with mine, but I can answer a call or send/receive SMS ... Very weird bug ...
This bug seems to be related on the type a sim card you have. With some their is no problem at all.
I can confirm that it's working flawlessly on SC6825 and 8825 based phones with the real 4.0.3 based firmware.
Why rooting it ?
Because a lot of them come with a lot of sh*tty softwares, including the bad launcher and keyboard.
Because they can come with a "Virus" that can send SMS messages to china (so you have to pay for unwanted international SMS cost)
I myself have this Virus on one of my phones, as of now, I haven't noticed anything unusual. Just the useless, unkillable com.android.caivs.app process eating 15 MB of RAM doing nothing. (It is a significant waste of ram on such devices)
(As of now I only seen this malware on Feiteng devices - You can share your experience with this thing down bellow)
More about CAIVS here: http://web.archive.org/web/20110812021151/http://www.cseed.cn/chinese/news/portfolio2.htm
That virus was on most of the earliest Spreadtrum phones but don't seem to be a worry nowadays. But I haven't tried any new Feiteng devices. They were so poor in quality that I will never buy feiteng again so find it by yourselves if you feel adventurous xD
How-to do that ?!
If you are lucky you will be able to root your phone by traditional means.
If you are not, you can root them by manually adding the root utilities to the ROM.
I will describe every methods that you should try in order of difficulty and risks.
Before doing any of that, go to the android setting -> applications -> Development -> Check USB Debugging.
Universal Root utilities
Theses methods are safe, and the second one is, as of now, working on every Spreadtrum phones flawlessly !
1.1 - Z4Root
Just try z4root !
http://forum.xda-developers.com/showthread.php?t=833953
z4root is a little tool to root Android 2.2 and sometime work on 2.3
It's known to work on devices with the fake Android 4.0.3 based on 2.2 and MocorDroid 2.2.2
It may work on more of them, just try, there is no risks at all.
Make sure you have at least 50 MB of available space on the /data partition before trying this. (not the SDCard, the Applications Space)
Try a temporary root to see if it works, then you can do the permanent root.
You will maybe have to try it 2 or 3 times before it works.
Even if it doesn't work, reboot the phone after this. Because it can eat your battery while running in the backgroung if it fails.
1.2 - vRoot
vRoot is a chinese tool to root many devices !
It's proved to work very well with Spreadtrum (and MTK) devices. I used it successfully on a lot of Spreadtrum devices, even the most recent ones (SC8825).
You only need a Windows Computer (I personally use it on Windows 7 32bits).
Then download it from here: http://www.mgyun.com/en/getvroot
Install it and then open it.
As of now you only need to plug your USB cable to your computer, and then click on the Root button. (you don't need to do anything else, don't touch your phone)
Once it's done and the phone rebooted you will be rooted !
The root app is some kind of custom chinese one, but it's working properly.
Don't try to replace it with SuperSU as SuperSU don't seem to work properly on Spreadtrum devices.
If you want to understand what the root app is saying, try to set the language on your device to English.
2 - Custom Firmware Flash
Please never use any custom firmware available in .pac file format ! Or at least, don't use them before doing a full backup of your current firmware !
Feiteng A7100 (only if you have the mt6515_c910_ht_en_4.0_v01 rom/firmware on it !!! If not, don't touch it, you will end up with a brick ! Or screen reversed, or other strange bugs): http://forum.xda-developers.com/showthread.php?t=2149396
If you have a Feiteng A7100 I really recommend NOT TO USE this rom ! Why ? Because it only works on a fraction of A7100, newer releases of the same phone don't use the same firmware. With this tutorial here, you can root your A7100 easily and way safer. Please go to "4-" on this tutorial to know how to root your A7100.
If you append to find some others Custom roms for spreadtrum devices, or are making one, please send me a PM, I will link them here.
3 - Fastboot to the rescue !
If every fast, simple and secure methods are not working, then this will be difficult my friend !
3.1 - Find Fasboot
First, let check if we have fastboot in your phone !
Fastboot is a little tool inside the bootloader. It's here to help you flash the firmware.
Not every Spreatrum phones have it, so let's check if you are lucky !
You can access it by powering on the phone up while holding a key.
First power off your phone.
Then hold some button like volume+
while pressing this button, press and hold down the power button.
Keep holding the two buttons until the screen light up.
You should now have something on your screen. Maybe a system diagnostic tool (a menu with a set of system tests, that's totally useless) or maybe the recovery mode (a screen with a warning sign, and now your phone is stuck here until you pull out the battery) or, and that means victory, a screen that says "Fastboot".
If you are not on fastboot, but are on the Recovery or the System Test, turn the phone off again and try another button press at boot time exactly like I said before.
This time, try the Home button if you have one, or the Volume-.
You should also try buttons combinations. Like volume up and down at the same time. Home + vol Up, etc and maybe the 3 at the same time ...
(if you just boot as if nothing was pressed, you maybe have to unplug the battery, wait for a while and put it back before powering the phone on. Theses things are also not working when the usb/charging cable is plugged in - if some keys combinations are not doing anything, it's perfectly fine, it means they don't trigger any hidden boot mode)
If nothing bring fastboot up, you have to use the Spreadtrum Debug tool "ResearchDownload" ...
So Skip to "4-" ! ^^
3.2 - Install the drivers
If you append to find Fastboot, we will have to install the PC part of it !
Like every android phone, you have to install adb and his drivers to access the Android Debug Bridge.
You can find them and learn how they work here: http://dottech.org/21534/how-to-ins...ows-computer-for-use-with-your-android-phone/
On Ubuntu or Debian Linux you just have to install them that way:
Code:
sudo apt-get install android-tools-adb android-tools-fastboot
You also have to install the phone drivers if you are using Windows:
ADB Drivers: http://www.mediafire.com/download.php?c5nf3rlhxmxhu4x
Debug Drivers: http://www.mediafire.com/download.php?2tyg0k2xp3ejgyg
Mirror: http://www.mediafire.com/?o9km8vl287ev24j
Then you will have to tell adb what phone to use. By that I mean adding the PCI ID to a text file to tell adb that this peripheral is compatible.
The Spreadtrum PCI ID is 0x1782
add this line to "Your user directory/.android/adb_usb.ini"
Code:
0x1782
3.3 - Using fastboot to load CWM (Clockwork Mod)
CWM work on some of theses Spreadtrum devices, most of the time, the screen is reversed, but it works !
On some phone, you will be presented with a blank screen, but CWM will work ... That will just be very difficult to navigate ... (don't bother and use another method if you append to be in this boat)
Here are the recovery images available for Spreadtrum device to my knowledge:
* http://www.mediafire.com/download.php?u6uyignmdcpillt - extracted from a random SC6820 that I don't remember
* http://www.mediafire.com/download.php?bosnfcq9n65mtc5 - i9270+
* http://www.mediafire.com/download.php?xem49dy5dh99ml0 - 5830, S5830, Q5830, Q206 and GT-N9300 (maybe more)
* http://www.mediafire.com/download.php?adfwq6b5268qb58 - S9300 (SC6820A S3 Clone)
* http://www.mediafire.com/download.php?y2f7aaan4b00l1m - Feiteng GT-A7100 and probably more Feiteng devices.
* http://www.mediafire.com/download.php?lg7m6v49efzpnjk - 6500-TV or S560
* http://www.mediafire.com/download.php?6xn977jjsuusjan - N9300 (I9300 Clone)
* http://www.mediafire.com/download.php?d68wc334qn47tdd - S930 or N8820
If your device is not listed or the one for your device doesn't work, try them all, even if your phone is SC6820 and the recovery was made for SC8810, if none are working, we will have to flash the entire system partition, which is a lot more difficult and dangerous ...
Flashing CWM to the phone:
Linux Only: Initialize ADB:
Code:
sudo adb kill-server
sudo adb start-server
Boot your phone in fastboot mode.
Be sure your device shows up:
Code:
fastboot devices
if your device show up, it's time to flash
Code:
fastboot flash recovery recovery.img
It's flashed ! Let's reboot now.
Code:
fastboot reboot
Start on CWM, if it works, you can start to root the phone !
Download this patch: http://www.mediafire.com/download.php?131nsw87afzwb5v
Put it on the root of your SD Card.
Now you will have to boot on CWM, he is on the same key combination than the old useless recovery was. (Most of the time Volume- and Power)
You can also try this command with adb:
Code:
adb reboot recovery
Now it's the perfect time to do a full backup of your firmware with CWM, so please do so, that can come in handy. (please go to the end of this tutorial after rooting your phone to know how to make a FULL backup. CWM will only make a partial one.)
choose apply update.zip
Choose the file you have put on your sd card before
Apply it then reboot.
This update.zip have pushed everything needed to root your phone in the right place, you should be rooted now !
If you have an error like:"Can't mount /sdcard" you may have to try with another SD Card and be sure your SD Card if formated as Fat32.
3.4 - Using Fastboot to load a modified system partition image
Please follow the instructions down bellow on how to "5 - Create a rooted system partition image"
When you have done your Rooted system partition image, flash it like that:
Code:
sudo fastboot devices
#if your device show up, it's time to flash
Code:
sudo fastboot flash system system.img
#It's flashed ... Now let's reboot with all the apprehension of the world
Code:
sudo fastboot reboot
If it boots (should boot), you will be up and rooting !
4 - Spreadtrum ResearchDownload tool to the rescue !
First, if you have fastboot, use fastboot ! It's simple, more reliable, faster. It's bottomline better !
If you don't have fastboot or can't figure out how to bring him up on your phone despite trying for about an hour. This tool will most likely work.
First, you should use Windows XP 32bits. Even real XP or in virtualbox.
It might work on windows 7 32 bits and 64 bits but you will have to tweak the system to allow installation of non signed devices drivers ...
ResearchDownload work as this:
First you start the Channelserver - This thing is here to make a bridge between the tools and the driver.
Then you start ResearchDownload.
Now you can make a full firmware flash (you should not !! It's a terrible idea !) or flash a single partition. But to do that, unfortunately, you should have a compatible set of fdl files.
Finding them on google is impossible, you have to extract them from your full firmware .pac file.
If you can't find your firmware on the Internet, you will have to try every single one you can find from others firmwares. I gathered all the fdl files I could find in a single package, so it won't be that difficult.
It's highly probable that you will find one that will work with your phone. This thing have to boot the phone and flash the Nand Flash chip. I'm pretty sure there is not a lot of different ways to do this on a single processor.
I really don't know the risks of using a wrong fdl set. But we haven't seen any risks at all yet. Some will work on your phone, others will just do nothing. You will just have to try every single one until one work.
I named the folders with the names of the phones I know working with theses. So it will be easier to find the good one. (A7100, 6500-TV, 5830, Q206 and S930 users will feel very lucky ^^)
4.1 - Learn how ResearchDownload Work
First you have to install the drivers, you can find them here:
ADB Drivers: http://www.mediafire.com/download.php?c5nf3rlhxmxhu4x
Debug Drivers: http://www.mediafire.com/download.php?2tyg0k2xp3ejgyg
Then you have to plug your phone to your computer with your micro usb cable. Your phone have to be powered on.
Be sure every pieces of hardware are detected and installed correctly.
As you can see, this phone is not just detected as an ADB device, or as a mass storage device.
It actually have an internal serial port to usb adapter !
In other words that means this processor provide a way to flash his nand very easily even if it is fully bricked. It's a rare and pretty good feature you don't see that often. In fact, most of the time you have to solder a real serial port yourself on the phone motherboard, then have to use a Serial to USB adapter to have this level of access to the hardware.
So yes, back to tutorial.
Now you will have to unplug your phone and turn it off.
You have to download the debug tools, you can download them here: http://www.mediafire.com/download.php?rngukh111vqfr8h
First you have to start the channel server, you will have to disable your firewall for this app, it's because this tool use a network protocol to communicate with the other tools.
Then open ResearchDownload.
ResearchDownload is a weird flashing utility, it can open a .pac firmware file and can make a .pac out of .img files. You also can flash .img files and that's what we will do. But unfortunately it can't make a full backup ... So be careful !
The cog logo is here to let you open a .pac file. We don't need that as we probably don't have it.
The "two cogs logo" let you configure the flash utility.
Click on this to bring a new window.
On the download settings window, click on select product then choose your type of phone. (SC8810 or SC6820, it doesn't really matters if you take the wrong one out of those two.)
Then uncheck "Select All Files" as you don't have any of theses.
You can see FDL1 and FDL2 are still checked, and you don't have those files ...
As they are needed to start the Flash utility, we will have to find them.
I came across only 3 different FDL1 files, but for theses FDL1 it seems every phone have his own FDL2.
You will have to find the ones that work for you.
Here is an archive of nearly every FDLs available: http://www.mediafire.com/download.php?c6q2gxobccv32oj
Choose one FDL1, and one FDL2 located in the same folder. (you can choose a File with a right click on the FileName blank space in front of FDL1)
Click on OK.
Then click on the "Play button" saying start download.
It may show some warning, it's not a problem.
Now, press Volume Down on your phone, then you have to plug it on the USB Port, still holding the button.
You can release the button when the flash begins.
You may have to press an other button than Volume-. Some phones are reported to use the Home Button instead.
You may also have to remove, wait a while, and reinsert the battery before holding volume- or after the flashing procedure to be able to start the phone.
If ResearchDownload shows you an error or timeout, try another set of FDLs Files. Keep trying until you find one pair that work !
If it works the flashing process should start right away. Just a millisecond after Windows have detected and initialized the device when you plugged it.
When you have the right FDLs, you can go to the next step, flashing something useful ^^ (we haven't flashed anything as of now, just been searching for a compatible flashing bios)
If your working FDLs folder does not have the name of your phone, please tell me what phone you have and what FDLs you used so I can rename them.
4.2 - Using ResearchDownload to load CWM (Clockwork Mod)
Do exactly as said before, but check the "Recovery" checkbox on Download Settings. and choose one of theses CWM images:
* http://www.mediafire.com/download.php?y2f7aaan4b00l1m - Feiteng GT-A7100 and probably more Feiteng devices.
* http://www.mediafire.com/download.php?lg7m6v49efzpnjk - 6500-TV or S560
* http://www.mediafire.com/download.php?6xn977jjsuusjan - N9300 (I9300 Clone)
* http://www.mediafire.com/download.php?d68wc334qn47tdd - S930 or N8820
* http://www.mediafire.com/download.php?xem49dy5dh99ml0 - 5830, S5830, Q5830, Q206 and GT-N9300 (maybe more)
* http://www.mediafire.com/download.php?bdl1qr7orsj4ebr - extracted from a random SC6820 that I don't remember
* http://www.mediafire.com/download.php?6g1t6057p6c8wpt - i9720+
* http://www.mediafire.com/download.php?adfwq6b5268qb58 - S9300 (SC6820A S3 Clone)
When you flashed one successfully, try to boot on recovery (Usually by holding Volume- while holding the power button until the screen light up).
If your device is not listed or the one for your device doesn't work, try them all, even if your phone is SC6820 and the recovery was made for SC8810, if none are working, we will have to flash the entire system partition, which is a lot more difficult and dangerous ...
Download this patch: http://www.mediafire.com/download.php?131nsw87afzwb5v
Put it on the root of your SD Card.
Now you will have to boot on CWM, remember, he is on the same key combination than the old useless recovery was.
You can also try this command with adb:
Code:
adb reboot recovery
Now it's the perfect time to do a full backup of your firmware with CWM, so please do so, that can come in handy. (please go to the end of this tutorial after rooting your phone to know how to make a FULL backup. CWM will only make a partial one.)
choose apply update.zip
Choose the file you have put on your sd card before
Apply it then reboot.
This update.zip have pushed everything needed to root your phone in the right place, you should be rooted now !
If you have an error like:"Can't mount /sdcard" you may have to try with another SD Card and be sure your SD Card if formated as Fat32.
4.3 - Using ResearchDownload to load a modified system partition image
Now we are in deep **** ! This can be tedious ... You will need to drink a lot of coffee, then you will probably pull your hair off, but it's possible to root every single Spreadtrum devices this way !
Please follow the instructions down bellow on how to "5 - Create a rooted system partition image"
When you have done your Rooted system partition image, reboot on Windows, then flash it like that:
Do exactly as said on the paragraph on how ResearchDownload works, but check the "System" checkbox on Download Settings, and choose your modified system.img file to flash it on the device.
As it is still not tested at all, you will have to pray some kind of Spreadtrum God and hope it will be successful ...
The first boot after the flash can be very VERY long. It's perfectly normal.
After the flash is done, please make a full backup (see bellow how you can do that), so I can make a Clockwork recovery partition working with your phone.
You may need to flush your data partition with CWM to avoid some crazy bugs after the flash. You will have theses bugs because of the partitions realignment that might occurs as a result of using a slightly different FDL set as the manufacturer.
Don't even try to do a factory settings reset before installing CWM, as I don't know what monster can lie ahead if you do a factory reset without any working recovery installed
(If your phone doesn't boot after the flash, it is possible to flush the data and cache partition with ResearchDownload. I will explain it, if needed !)
5 - Create a rooted system partition image
Please always try the CWM method first ! There is no risks at all to destroy your phone if the recovery is not working. Here we are making a new system image to flash on the system partition, this partition contain the Android operating system. I will try to explain everything as good as I can, but if you make a mistake, if you don't read my warnings, you can brick your phone very easily !
That will be difficult ... And you will have to use a Linux computer, or Linux in Virtualbox, or in a Live CD, basically you will need Linux somewhere on your computer ^^
Why ? Because we will have to preserve unix permissions on an extracted tar archive ! Trust me, you will probably brick your phone if you do that on windows ...
#Install ADB
Code:
sudo apt-get install android-tools-adb android-tools-fastboot
#Configure ADB
Code:
mkdir ~/.android
Code:
echo 0x1782 > ~/.android/adb_usb.ini
#Start the ADB server
Code:
sudo adb kill-server
sudo adb start-server
#Just let's check just in case if your device is already rooted
Code:
adb shell su -c id
Possible answers:
uid = 0 (root) gid = 0 (root) - your phone is already rooted ! (if you haven't noticed it, it's because superuser.apk is not installed, so just push it and install it via ADB and you are rooted !)
SU: Permission denied - You are not rooted ... Good luck then !
#Now we will backup the system partition !
Code:
adb shell tar -cf /mnt/sdcard/system.tar system
Please pay attention to the errors !
There will be missing files, and we will have to add theses by ourselves after the backup to pretend to have a full backup.
Here is the archive for the known missing files: http://www.mediafire.com/download.php?fm1z5ujc75bg268
If you have more than theses:
Code:
tar: can not open 'system/etc/dbus.conf': Permission denied
tar: can not open 'system/etc/bluetooth/audio.conf': Permission denied
tar: can not open 'system/etc/bluetooth/auto_pairing.conf': Permission denied
tar: can not open 'system/etc/bluetooth/input.conf': Permission denied
tar: can not open 'system/etc/bluetooth/main.conf': Permission denied
tar: system/lost+found: Permission denied
tar: Error exit delayed from previous errors
Then you should just give up, or tell me so I can send you the missing files.
Note: Lost+found is not important, it's just a folder automatically created by Linux to collect any corrupt files.
#Now we will pull this nearly full backup to our computer. Please keep it preciously somewhere secure.
Code:
adb pull /mnt/sdcard/system.tar
#Warning, theses next steps have to be made ONLY on Linux on an ext2/3/4 partition ! Please never attempts to do this on Windows or On Linux on a FAT32 partition.
#untar the archive
Code:
sudo tar -xvpf system.tar
#now we will restore the files we have not been able to backup.
#Download this archive if you haven't done this before: http://www.mediafire.com/download.php?fm1z5ujc75bg268
#Then extract it on the same folder as you extracted your system.tar file with this command:
Code:
sudo tar -xvpf btdbus.tar
#Now it's time to add the root utilities, you can download them from here: http://www.mediafire.com/download.php?v69nm172heos17o
Code:
sudo tar -xvpf root.tar
sudo cp Superuser.apk system/app/Superuser.apk
sudo install -m 06755 su system/xbin/su
#Now we will get rid of this virus ! (the file name can be something else. Like caivs.apk, or some random numbers at the end)
Code:
sudo rm system/app/eyuSales_20121116.apk
#And now you will have to make a flashable system image with this tool, included in the root.tar archive
Code:
sudo ./mkyaffs system system.img
#Now you can reboot your phone in fastboot or use researchdownload to flash your new System image.
6 - Do a full nand backup
Here is how to do a full nand backup of your beloved Spreadtrum: http://forum.xda-developers.com/showthread.php?p=39270468
7 - Don't forget to remove to caivs Virus
When you are rooted, you can remove the Virus or any preinstalled apps using Link2SD.
I suggest you to remove everything you have preinstalled if it is available on the Google Play Store (except the keyboard or the launcher !!!). For example if you have an old version of ES File Explorer on your phone preventing you from updating it, you can remove it safely, then install the updated version from the the Play Store.
Never try to remove something that you don't know what it is !
For the Launcher or keyboard. You can remove them only if you installed a new one on the System partition and tested it successfully !
-----
I want to thanks every peoples at http://forum.china-iphone.ru and Yekdall for being one of the first to type something in English about spreadtrum firmware modding !
Data missing?
First of all, thanks a lot for tutorial! Unluckily there is missing the data that i should copy back into the tar and then the img-file. Could you upload the btdbus.tar and the root.tar?
Thanks again, have a nice day!
keulepeter said:
First of all, thanks a lot for tutorial! Unluckily there is missing the data that i should copy back into the tar and then the img-file. Could you upload the btdbus.tar and the root.tar?
Thanks again, have a nice day!
Click to expand...
Click to collapse
I'm uploading them right now ^^
By the way, what phone are you rooting ? I will try to make a "compatibility list", so I need the model number, and the brand name if any.
Good luck !
EDIT: I added the missing links
Are the sc8810 and sp8810 the same processors?
lynnox said:
Are the sc8810 and sp8810 the same processors?
Click to expand...
Click to collapse
Yes exactly the same, just a different way to name it.
ElectronikHeart said:
3 recovery images are available for Spreadtrum device to my knowledge:
1 http://www.mediafire.com/download.php?u6uyignmdcpillt
2 http://www.mediafire.com/download.php?bosnfcq9n65mtc5
3 http://www.mediafire.com/download.php?xem49dy5dh99ml0
Try them all, if none are working, we will have to do that the other way ...
Download this patch: """"""Link missing as of now, I have to upload it"""""""
Put it on the root of your SD Card.
Now you will have to boot on CWM, he is on the same key combination than the old useless recovery was.
choose apply a update.zip
Choose the file you have put on your sd card before
Apply it then reboot.
This update.zip have pushed everything needed to root your phone in the right place, you should be rooted now !
Click to expand...
Click to collapse
patch pls. (update.zip)
I'll try to load CWM even though at the moment I can only get into recovery. I have the exact same model as H_Bler's which is why I've been focusing more on his thread. From your description on how to access fastboot, I assume that it's the diagnostic mode when UpVol + Pwr is pressed. I never saw anything that said fastboot. The only thing unusual when I was going through the menus was I always got an error when I try the 4th or 5th option. Unfortunately, I can't really try it again because I can't access it anymore. That goes without saying the I can't work with IMG files as well.
5 - Spreadtrum ResearchDownload tool to the rescue !
Now we are in deep **** ! This is not tested as of now ... So come help me ! You will need to drink a lot of coffee, then you will probably pull your hair off, but we will know if it's possible to root every single Spreadtrum devices !
5.1 - Using ResearchDownload to load CWM (Clockwork Mod)
5.2 - Using ResearchDownload to load a modified system partition image
Click to expand...
Click to collapse
Something to look forward too.
I want to thanks every peoples at http://forum.china-iphone.ru and Yekdall for being one of the first to type something in English about spreadtrum firmware modding !
Click to expand...
Click to collapse
I've also been going here. I even tried 3 of the ROMs but I always get the verification failed message. I know it might be too much, but exact links for the thread would really be much appreciated (to be honest, I can't even remember exactly where I got the ROMs. All I remember is that the thread had a lot of collapsible trees.
ElectronikHeart said:
I'm uploading them right now ^^
By the way, what phone are you rooting ? I will try to make a "compatibility list", so I need the model number, and the brand name if any.
Good luck !
EDIT: I added the missing links
Click to expand...
Click to collapse
If and when I get my phone fixed/replaced. I'll try your method first. =P
jvrey5 said:
[Lot of things ...]
Click to expand...
Click to collapse
Well the thing you have when you push up and power is the system test menu. It's located on the android system partition. It's not fastboot.
Fastboot should be something that says "Fastboot" in red letter, or something else unusual.
If you have not fastboot you should use Spreadtrum Researchdownload to flash your phone, I will write the tutorial about it soon.
I really can't link you the thread on the russian forum, first because it will probably confuse you, and also because it's spread everywhere on so many threads it's unbelievable ... That's why I'm doing this centralization work for you ^^
I will post a list of ROMS for recovery purpose. Your phone seem to be bricked. I don't know how you've done it (I really want to know what you phone is and how you've bricked it, that will help me to write the warnings necessary to avoid such cases).
I have 14 roms for Spreadtrum devices, maybe one will work for your phone.
I just want to know what your phone is ^^ Please tell the name of your phone on your posts everyone and if you know how to find it, the exact name of your firmware.
PS: I will upload the patch soon, I'm just searching for a file hosting service that will keep it up and not erasing it 2 hours after I uploaded it ^^
EDIT: Link to the update.zip for rooting you device via CWM added.
Tutorial updated: Spreadtrum debug tools method added.
It may now be possible to root even Spreadtrum devices without Fastboot mode available.
Please feel free to tell me if it works !
ElectronikHeart said:
Tutorial updated: Spreadtrum debug tools method added.
It may now be possible to root even Spreadtrum devices without Fastboot mode available.
Please feel free to tell me if it works !
Click to expand...
Click to collapse
need help
Question
Dear Spreadtrum Master!
Please, can you help me with this problem:
I have a Star I8160 phone with Spreadtrum 6820 and 256 MB ROM. It seems, that everything is working fine, the ROM and the phone is fast, and cool. But when i try to use the phone as a phone, i talk to the phone, and the others just only hearing pieces of my sentences. Sometimes the phone is very-very silent, i need to shout for the others to hear. I thought, that this is a microphone problem, so i replaced the microphone. But nothing changed. I had 2 phones from this type, and both produces the same fault, so i think maybe the problem will be with the ROM. What do you think, is it possible? If so, can i replace my normal rom, which is DM_BASE_12A_w12.43 (sc6820_modem) 11-02-2012?
question
Hi ElectronikHeart, i need help
I have a feiteng a7100, and i flash a rom with ResearchDownload.exe, in the flash operations tab i choose the option to erase all flash. Now i have a brick phone. Do you have a copy of nv.bin? Do you know how to recover from it? how can i reflash nand?
thanks
gtxphoenix said:
Dear Spreadtrum Master!
But when i try to use the phone as a phone, i talk to the phone, and the others just only hearing pieces of my sentences. Sometimes the phone is very-very silent, i need to shout for the others to hear. I thought, that this is a microphone problem, so i replaced the microphone. But nothing changed. I had 2 phones from this type, and both produces the same fault,
Click to expand...
Click to collapse
The Master hasn't been in the past few days so I'll try to answer your issue as best I can.
Usually, the phones are designed for a specific region/country. It's possible that your ROM was built for a different one. How sure are you that the ROM which you are replacing it with will work for you? (I assume that you have a backup and you know how to load ROMs) Also, you might want to try editing the build.prop it increase/maximize reception.
To be honest, this is actually a complicated approach. From what you said, it seems that you've made other troubleshooting steps on your own. Since you really did not mention all of them I'm basing my response on what you said.
Let's try to stick to the basics first. Why did you replace the microphone in the first place? If the same issue happens with 2 other phones from this type, I don't think the mic is the problem. Also, does this mean that you can hear them fine, but they have a hard time hearing you? Have you tried using the stock sound recorder on your phone? Is it also choppy? Have you tried using Skype? You don't really have to call anyone, you just need to make a test call.
When using the device as a phone (eg. making calls, sending SMS, MMS, or connecting to the internet using EDGE or 3G), you're actually relying mostly on your carrier/service provider. How many signal bars do you get? The easiest way to test signal related issues would be by using a different SIM or using a different phone. (When you try a different phone, I suggest using a GSM one - the ones that can only make calls or do SMS.) It's highly possible that there's already something wrong with your SIM.
---------- Post added at 01:17 AM ---------- Previous post was at 01:08 AM ----------
jmss said:
Hi ElectronikHeart, i need help
I have a feiteng a7100, and i flash a rom with ResearchDownload.exe, in the flash operations tab i choose the option to erase all flash. Now i have a brick phone. Do you have a copy of nv.bin? Do you know how to recover from it? how can i reflash nand?
thanks
Click to expand...
Click to collapse
ElectronikHeart hasn't checked in the past few days, so I hope you don't mind me butting in.
When you say brick, does it mean that you don't even have recovery mode? If you don't, try to see if you can put CWM. Once successful, you can try to use the A7100 ROM if your original one was a mt6515_c910_ht_en_4.0_v01 rom using the update.zip
jvrey5 said:
The Master hasn't been in the past few days so I'll try to answer your issue as best I can.
Usually, the phones are designed for a specific region/country. It's possible that your ROM was built for a different one. How sure are you that the ROM which you are replacing it with will work for you? (I assume that you have a backup and you know how to load ROMs) Also, you might want to try editing the build.prop it increase/maximize reception.
To be honest, this is actually a complicated approach. From what you said, it seems that you've made other troubleshooting steps on your own. Since you really did not mention all of them I'm basing my response on what you said.
Let's try to stick to the basics first. Why did you replace the microphone in the first place? If the same issue happens with 2 other phones from this type, I don't think the mic is the problem. Also, does this mean that you can hear them fine, but they have a hard time hearing you? Have you tried using the stock sound recorder on your phone? Is it also choppy? Have you tried using Skype? You don't really have to call anyone, you just need to make a test call.
When using the device as a phone (eg. making calls, sending SMS, MMS, or connecting to the internet using EDGE or 3G), you're actually relying mostly on your carrier/service provider. How many signal bars do you get? The easiest way to test signal related issues would be by using a different SIM or using a different phone. (When you try a different phone, I suggest using a GSM one - the ones that can only make calls or do SMS.) It's highly possible that there's already something wrong with your SIM.
---------- Post added at 01:17 AM ---------- Previous post was at 01:08 AM ----------
ElectronikHeart hasn't checked in the past few days, so I hope you don't mind me butting in.
When you say brick, does it mean that you don't even have recovery mode? If you don't, try to see if you can put CWM. Once successful, you can try to use the A7100 ROM if your original one was a mt6515_c910_ht_en_4.0_v01 rom using the update.zip
Click to expand...
Click to collapse
I dont have recovery mode, the phone doesnt turn on. I already try to put CWN but it doesnt work. I need nv.bin file for sc6820a for rewrite nand flash.
jmss said:
I dont have recovery mode, the phone doesnt turn on. I already try to put CWN but it doesnt work. I need nv.bin file for sc6820a for rewrite nand flash.
Click to expand...
Click to collapse
Now we really need the Master
gtxphoenix said:
Dear Spreadtrum Master!
Please, can you help me with this problem:
I have a Star I8160 phone with Spreadtrum 6820 and 256 MB ROM. It seems, that everything is working fine, the ROM and the phone is fast, and cool. But when i try to use the phone as a phone, i talk to the phone, and the others just only hearing pieces of my sentences. Sometimes the phone is very-very silent, i need to shout for the others to hear. I thought, that this is a microphone problem, so i replaced the microphone. But nothing changed. I had 2 phones from this type, and both produces the same fault, so i think maybe the problem will be with the ROM. What do you think, is it possible? If so, can i replace my normal rom, which is DM_BASE_12A_w12.43 (sc6820_modem) 11-02-2012?
Click to expand...
Click to collapse
Hi,
I had the same problem with one of mine. You just have to use a diagnostic tool from Spreadtrum and adjust the microphone amplification level. I will start a thread on that subject and link it there.
It seems to be a very common problem with Spreadtrum phones, but it is, most of the time, very easy to fix.
edit: here is the link: http://forum.xda-developers.com/showthread.php?p=38731407
WARNING: Don't ever flash if you don't have a working copy of the original firmware somewhere (a complete backup that you have tested your ability to flash back) The first step to do a complete backup, if the manufacturer don't want to send you the firmware, is to successfully root your firmware)
Don't flash if you have a microphone problem, nothing good will happen, this problem is not firmware related AT ALL.
jmss said:
Hi ElectronikHeart, i need help
I have a feiteng a7100, and i flash a rom with ResearchDownload.exe, in the flash operations tab i choose the option to erase all flash. Now i have a brick phone. Do you have a copy of nv.bin? Do you know how to recover from it? how can i reflash nand?
thanks
Click to expand...
Click to collapse
Oh god ! Why have you checked that option ^^
I may be able to dump my nv.bin file from the a7100 I just bought. (If I recall correctly, the nv.bin contain the imei so I will have to edit it to use your imei instead, imei are written in the battery compartment)
Can you try flashing it a second time entirely, It's possible that your uboot partition (what manage the early time boot operations), is not flashed properly.
Even without the nv partition you phone should be able to boot android, you will just not be able to use the phone as a phone. (make a call and everything)
Try with a better micro usb cable, Chinese ones can be very cheap and corrupt data on the way to the phone.
If your phone is still able to flash using ReasearchDownload that is.
Re: 4.5 - Do a full nand backup and help me make you a new CWM recovery
ElectronikHeart said:
4.5 - Do a full nand backup and help me make you a new CWM recovery
Please if you have rooted your phone using this method, and can't use the CWM method, that mean I can do a CWM that work on your device !
Now that you are rooted, you can make a full backup of your phone with ADB !
#open adb shell:
Code:
adb shell
Code:
I still have to explain this if someone needs it
Then send me you boot.img file and I will send you a recovery.img that you can flash to your recovery partition.
That will help new users to root a lot faster the same phone as you, and will make your life easier is you have to restore a backup.
Click to expand...
Click to collapse
>>>
I have also the same kind of chinese android phone, having a model # S930 with the same cpu chipset SP8810 (aka. samsung galaxy s3 clone), i've successfully rooted my chinese android phone, and installed some very usable apps like link2sd & titanium backup pro, i want also to have a full backup of my phone using your methods & ideas, can you help me? where can i find my boot.img so that you can make me my recovery image for my phone? my phone don't have any compatible clockworkmod recovery, but it have a native recovery mode option which work on an update.zip or fastboot....i hope you can help me make my phone recovery image with a rooted features... Thanks!
earl22online said:
where can i find my boot.img so that you can make me my recovery image for my phone?
Click to expand...
Click to collapse
So, you already have tested every recovery already posted ?
To make a backup of your boot.img, you will have to do a full backup manually using the Android shell. I will make a tutorial about this, and link it here.
It's pretty easy as you already rooted your phone.
When you have your backup I will, post a recovery.img file suitable to your phone.
Please keep an eye to this post. I will post the tutorial very soon.
ElectronikHeart said:
Oh god ! Why have you checked that option ^^
I may be able to dump my nv.bin file from the a7100 I just bought. (If I recall correctly, the nv.bin contain the imei so I will have to edit it to use your imei instead, imei are written in the battery compartment)
Can you try flashing it a second time entirely, It's possible that your uboot partition (what manage the early time boot operations), is not flashed properly.
Even without the nv partition you phone should be able to boot android, you will just not be able to use the phone as a phone. (make a call and everything)
Try with a better micro usb cable, Chinese ones can be very cheap and corrupt data on the way to the phone.
If your phone is still able to flash using ReasearchDownload that is.
Click to expand...
Click to collapse
I already try with tree micro usb cables. when i try to flash with researchDownload it failed at nvitem (after FDL2).
can you post a link to your nv.bin to test it ?
jmss said:
I already try with tree micro usb cables. when i try to flash with researchDownload it failed at nvitem (after FDL2).
can you post a link to your nv.bin to test it ?
Click to expand...
Click to collapse
I just bought my A7100, so you will need to wait 2 weeks for me to dump it. Maybe you should try asking to the guy who have made the rooted rom for the A7100 ?
I will, none the less, make a full backup of my phone as soon as I receive it.
[OBSOLETE THREAD]
This thread is obsolete. A solution was found, which is posted here:
http://forum.xda-developers.com/g4/help/method-to-root-lg-g4s-model-h735-lg-g4-t3248030
Please use the new thread for discussions.
------------------------
Original thread:
------------------------
Hi,
I have been trying to root the LG G4S (H735), also known as "LG G4 Beat".
I tried two things:
Approach 1
I tried the method posted by konsolen in this thread:
http://forum.xda-developers.com/g4/general/lg-g4s-world-root-lg-devices-t3231759
but it didn't work for me. I tried several times with varying approaches, but the boot process always gets stuck on the LG logo.
Approach 2
I also tried to inject the root as suggested in this thread for the G4:
http://forum.xda-developers.com/g4/help/rooting-lg-h735-g4-beat-t3192491
I've used the Inject_Root_G4.zip from this link, which I believe is the same shared elsewhere:
https://mega.nz/#!BIxUzbqI!nt2YnGnGQlSiBQ-Ar-c-q7oDMIEsg6xd0Kmek-q0clg
And I get the same problem - stuck on the LG logo when booting.
For anyone who wants to reproduce Approach 2 to maybe find a solution:
1. Start up LGFlashTool2014. You can follow instructions in thread by konsolen (see Approach 1 above). You can use his .kdz file as well. Important: Pull out your USB cable as soon as the green letters COMX (with a number instead of X) appear on the phone. My flashtool actually didn't display the progress percentage, but apparently this at 9%. It doesn't matter if you don't see the percentage though, I've verified with this KDZ image that if you pull the cable at the very moment the green letters appear, nothing is corrupted. The phone will still display 0%. Leave it as it is after you unplugged the cable.
2. Kill your flash tool with the windows task manager. After it closed, you can plug the phone back in and open a windows command line in the folder where your Send_Command.exe is (you can download the package in konsolen's instructions which contains Send_Command.exe as well).
3. Open the console to your phone with
Code:
Send_Command.exe \\.\COMX.
(with your number instead of X)
You will have to do steps 1-3 every time you want to get this console, for example to run all the dd commands below.
4. Calculate the dd parameters and backup your system partition into a .img file. There is an excellent guide by dominik-p for how to determine your individual dd parameters:
http://forum.xda-developers.com/g4/help/how-to-determine-dd-parameters-lg-g4-t3184867
5. Keep a copy of your system.img somewhere safe, you can use it to restore your system if something goes wrong. So don't use this original in the next steps!
6. Copy the .img file to a linux system and mount it. I'm guessing who is trying this knows how to do this. Anything you change in the folder you mounted the image on, will be saved in the image. You can then use this updated image to overwrite your original system partition, again with dd (as described in the thread by dominik-p) using your parameters. So here's the crucial bit: You get root access to your system files via linux. When you know the right things to mess with, you can root your phone with the updated image. Injecting the root as done in step 8 is one way to change the system on the G4 in order to root it.
7. [Optional] If you are new to this, you may want to do a simple test before you continue.
Create a testfile (test.txt) on the mounted system partition. Then copy the .img file back to your phone and try to "dd" it back over your system partition.
Then, check if you see the test file on your system partition -- you may have to reboot the phone after the dd command (and log back in with Send_Command.exe) in order to see the updates.
8. Inject root with the Inject_Root_G4.zip on the mounted folder of the image on your linux system. You can follow instructions (Step 2) here:
http://forum.xda-developers.com/g4/general/lg-g4-100-root-success-directives-root-t3180586
9. Copy the new img file to your phone and "dd" it over your system partition, using your own dd parameters.
10. Reboot the phone (you can also just type LEAVE in the Send_Command.exe console).
Now, it should be rooted - if it worked for you!
If it worked for you, that's great. It didn't for me, it got stuck on the LG logo in the boot process again. So I had to write my original system.img back onto my system partition to get the phone back.
I did get the following errors in Step 8 above, though I did try anyway to use the resulting image. The errors may have something to do with my problem, but it may also be because the inject root is for the G4, not the G4s.
Code:
sudo ./autoroot.sh
cp: cannot create regular file ‘operatingtable/lib64/libsupol.so’: No such file or directory
chmod: cannot access ‘operatingtable/lib64/libsupol.so’: No such file or directory
chcon: cannot access ‘operatingtable/lib64/libsupol.so’: No such file or directory
chmod: cannot access ‘operatingtable/bin/app_process64_original’: No such file or directory
chcon: cannot access ‘operatingtable/bin/app_process64_original’: No such file or directory
chmod: cannot access ‘operatingtable/bin/app_process_init’: No such file or directory
chcon: cannot access ‘operatingtable/bin/app_process_init’: No such file or directory
If anyone finds a solution to this, or has any ideas what could be tried, I would be very interested to hear it. I'm new to rooting phones and don't have much experience beyond what I did in the last days.
Cheers
Jennifer
jen.magnolis said:
4. Calculate the dd parameters and backup your system partition into a .img file. There is an excellent guide by @dominik-p for how to determine your individual dd parameters:
http://forum.xda-developers.com/g4/help/how-to-determine-dd-parameters-lg-g4-t3184867
Click to expand...
Click to collapse
Happy that my guide has helped you
As I said here:
http://forum.xda-developers.com/g4/help/rooting-lg-h735-g4-beat-t3192491/page5
Everyone who is interested to inject root must edit the autoroot.sh from the inject.zip and use the correct files from SuperSU
More information about the files:
https://su.chainfire.eu
Maybe you have to use other files. Not the files from the inject.zip
Download the Update-SuperSU zip from http://download.chainfire.eu/supersu
Copy the files you need to the "su" folder of the extracted inject.zip
For information which files are needed read the "update-binary" file from the SuperSU zip.
(located here META-INF/com/google/android/update-binary)
Good luck everyone :good:
Thanks again for the links! I'll try again soon, when I get time for it, and report the results here
By the way, here's the ls -lR of my system.
Ok, no problem, take your time.
I've got also lot of other work to do...
I just read your system.txt (thanks)
According to these lines:
Code:
lrwxr-xr-x. 1 root 2000 13 Aug 24 02:05 app_process -> app_process32
-rwxr-xr-x. 1 root 2000 13588 Aug 24 02:05 app_process32
It seems that the firmware is 32 bit.
More info about your firmware is in /system/build.prop
So you have to take the right lines from update-binary and copy them and edit the autoroot.sh
Please don't ask me which lines. It's a bit difficult... (you have to understand the logic in update-binary)
Then copy the files from the right folder (arm?) to the "su" folder.
Sorry. I'm out now here for the next time. I have a H815 and happy with it.
I think you will find the solution. :good:
Custom Recoverys
Hi All
Are there any custom recovery's for the G4 beat/G4s
Thanks
Thanks dominik-p for your help. Good luck with your other work, don't worry I won't distract you with asking questions You already helped a lot.
benji5688, you can check for official firmware (.kdz file) on this link, pasting your IMEI instead of YOUR-IMEI in the link below.
http://csmg.lgmobile.com:9002/csmg/b2c/client/auth_model_check2.jsp?esn=YOUR-IMEI
I did not find any for mine there, but I did find it on
http://devtester.ro/projects/lg-firmwares/
Which brought me to this link where I could find mine:
http://pkg02.azure.gdms.lge.com/dn/downloader.dev?fileKey=FW703UV132GQAUP7A0ED99N/H73510c_00.kdz
but you should look for your specific model.
jen.magnolis said:
Hi,
I have been trying to root the LG G4S (H735), also known as "LG G4 Beat".
I tried two things:
Click to expand...
Click to collapse
LOL
I did the exact same thing as you, and really the EXACT, I also contacted dominik-p for the same problem you got with the bs. LOL
Was about to do the same thing you did here too just told that to dominik-p lol.
You post is great, well detailled. Hope someone found something
But got something different. my phone is the LGH731 LG G4 Vigor from Videotron in Canada.
If someone need files or system.img LINK
That's not the exact same thing as the post owner but i'm pretty sure the root method will be. (DON'T use this system.img to inject in you H735) it's from a H731 and they don't have the same partition size.
Ha, that's funny, and you got the same problem of course (frozen logo boot).
We will find a solution. It's just a matter of time. I'm a bit pressed for work in the next days but I'll get back into it around mid week. I think the main problem was, as I suspected and also as dominik-p pointed out, we've been using the wrong inject files. And the G4s is 32 bit so obviously it won't work with 64 bit libs.
First thing I'll try is using the other files from the link dominik-p shared. I'll also read the guide and try to understand which files need to be changed to gain root access in general, i.e. learn the basics of how to root. Then I think/hope I'll be able to fix this. And finally get to move all my stuff onto SD and get my storage back
Meanwhile, if you get any new results, let me know.
Cheers
jen.magnolis said:
Ha, that's funny, and you got the same problem of course (frozen logo boot).
We will find a solution. It's just a matter of time. I'm a bit pressed for work in the next days but I'll get back into it around mid week. I think the main problem was, as I suspected and also as dominik-p pointed out, we've been using the wrong inject files. And the G4s is 32 bit so obviously it won't work with 64 bit libs.
First thing I'll try is using the other files from the link dominik-p shared. I'll also read the guide and try to understand which files need to be changed to gain root access in general, i.e. learn the basics of how to root. Then I think/hope I'll be able to fix this. And finally get to move all my stuff onto SD and get my storage back
Meanwhile, if you get any new results, let me know.
Cheers
Click to expand...
Click to collapse
Yes i'm trying this today (the 32-64 bits thing)
Custom recovery
What does this file do though?
Is it a custom recovery or is it the stock rom?
Thanks Benji
benji5688 said:
What does this file do though?
Is it a custom recovery or is it the stock rom?
Thanks Benji
Click to expand...
Click to collapse
It's the stock ROM. It can be used for recovery, depending what your problem is. If you destroyed your ROM by trying to root, you can recover with this.
If you mess with something in your system partition (where the Android OS is installed), you'd need a copy of your individual system partition (like a "backup") to restore. This highly depends on your phone/version, so you have to do this backup yourself. You can follow the instructions with the dd parameters, linked to from the main thread.
Are there any custom recoverys
Hi
Are there any custom recovery available, I want to get Xposed.
Can anyone make one?
Thanks for all the help
benji5688 said:
Hi
Are there any custom recovery available, I want to get Xposed.
Can anyone make one?
Thanks for all the help
Click to expand...
Click to collapse
I far as I know to get Xposed you need to be rooted... Well there is no root method availaible, well you can try the methods that Jen explained here but I doubt they will work... if yes, you lucky ****
Is the g4s running marshmallow? Is so you would need to use a compatible su install.
Sent from my VS986 using XDA Free mobile app
larsdennert said:
Is the g4s running marshmallow? Is so you would need to use a compatible su install.
Sent from my VS986 using XDA Free mobile app
Click to expand...
Click to collapse
No the problem is really just changing the 64 bits command to make then use the 32 bits ones
I manage everything except this one
Code:
chcon --reference=operatingtable/bin/app_process32 operatingtable/bin/app_process64_original
I agree with xsteacy, this will most likely not work, that's why we opened this discussion
We just have to find the right files to use (instead of the 64 bit ones).
I will get back onto the subject by Wednesday when I have time.
I solved it! My phone is rooted
I asked someone to test my script before I post the results. Hang on there, tomorrow I'll post the solution.
Good times!
jen.magnolis said:
I solved it! My phone is rooted
I asked someone to test my script before I post the results. Hang on there, tomorrow I'll post the solution.
Good times!
Click to expand...
Click to collapse
0.0 OH!?
Ok I'm putting it out there for others to test as well.
Please report if it worked so I can take this into account before updating the main thread instructions.
In the attached .zip file there is a README with instructions.
Note: Thanks goes to @konsolen who shared instructions on how to open the COM port on the H735.
The script in konsolens post is essentially the upater-binary script of the SuperSU package, but with a few modifications.
That may have been necessary on konsolens phone, but it didn't work on mine. For me, using the original script worked.
However, the zip file has to be extracted manually with busybox before the updater-binary script is started. I am not
sure if busybox absolutely needs to be in the /sbin folder, but that's where I saw elsewhere that it belonged, so
I moved it over there in my script. I haven't tested this with busybox being elsewhere.
Thanks goes also to @dominik-p for sharing the link to excellent documentation and for his instructions on how
to make a backup (with dd) of your system, in case anything goes wrong.
UPDATE: I did all commands in root_lgh375.sh manually when I found it already worked, so please report if all is good with the script, but I think it should be, it only does what I did manually.
Congratulations @jen.magnolis
Well done
"NOST" - short for "No Service Tool" (or "Nokia Service Tool" but that sounds too official and boring ) is a small hobby project I've been working on in the last couple of days.
It aims to make the service tool for Nokia 8 (and HMD Phones in general) more useable, user-friendly, and straigtforward to use, and after having to test it myself, and also
making a small beta test in the Telegram group for Nokia 8, I feel like posting it here so others can try it out too if they want.
First, to be clear: NOST is not completely my work. It is based on OST LA 6.0.4, which was made by HMD/Foxconn. Unlike the previous OST Patches, NOST does not replace
the executable with a hacked one, but instead wraps it and patches the methods that need patching at runtime. The result is that the changes are completely opensource
and readable by others, while the underlying OST files are not modified at all. I tried to base it on a different (i.e. newer) version of OST, but those are pretty much unpatchable,
at least not with a serious amount of reverse engineering, which brings not only time issues but legal ones as well.
NOST changes a couple of things, compared to the unmodified OST LA:
It removes the need for authentification against HMD/FIH servers (really, shoutout to the one who made the original hack, even though I could not use their code)
Moved the logs folder to the same folder as the application, as opposed to somewhere on the system to make debugging easier
The options for flashing firmware images appear reliable now. (At least for me they only appeared sometimes if not never on the original OST).
Removed one of the options that if it appeared crashed the flashing process ("Check System AP Status")
One user of the Telegram group had issues where OST would crash because it detects an invalid locale setting in Windows. NOST just catches that issue and defaults to english
Removed the "Edit Phone Information" button. It never worked and it's only purpose was to make the "Next" button appear, which works like it should now as well.
NOST refuses to flash your phone if your bootloader isn't unlocked critically. The old OST would just try to flash but never make any progress which confuses inexperienced users.
Perhaps the most important change: NOST allows to flash modified firmware images without the need to extract and modify them by hand.
With the original OST, people who wanted to reflash their phone had to download a firmware bundle, extract and edit it to be able to use it with OST LA 6.0.4, since the newer versions
had unpatchable issues that prevent using them. Repacking the images in a format OST expects wasn't possible either since that enabled some sort of signature algorithm on the modified
images and caused the flashing to fail. NOST solves this problem by allowing the use of a different packaging format. Those binaries still need to be extracted but it is done transparently in
the background without the user having to download any other tools. The formats that can be used in images are .zip and .qlz
.zip Firmwares:
.zip firmware files are simply archives of the (edited) files that would normally be extracted from an .nb0 file. This means, if you extract a .nb0 with the extractor found on XDA, the contents
of the *_unpacked folder it creates should be the contents of your .zip.
.qlz Firmwares:
.qlz files are based on QuickLZ compression, which gives them a small size but also a low decompression time.
The tool to generate them is called exdupe. Generating these images is pretty straigtforward. Assuming you are on windows, download the exdupe
tool from the link above (or take it from the NOST Tools/ folder) and copy it into the folder that contains the unpacked .nb0.
Code:
- exdupe.exe
- <nb0 name>_unpacked/
- <nb0 name>.mlf
- ....
Open a commandline in that folder, and run the following command:
Code:
exdupe.exe <name of the folder to compress> <name of the firmware file>.qlz
You should already see how fast it compresses the firmware folder now. As a reference: Compressing the latest Nokia 8 firmware (about 4GB) takes maybe 30 seconds and yields a 2GB file.
Repacked Firmware Bundles:
I created .qlz images of the May and November firmwares, as well as one of the various Pie Maintainance Releases.
You can find them here: https://tmsp.io/fs/xda/nb1/firmware
I already successfully reverted from December Security Patch to November using NOST, and then updated back using OTA Sideloading without problems.
As always when working with flashing tools, proceed with caution!
How to unlock to critical:
KonikoO said:
For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
Click to expand...
Click to collapse
Download:
The actual tool: https://github.com/StollD/NOST/releases
Drivers: https://github.com/StollD/nokia-driver-installer/tree/master/out
Source Code: https://github.com/StollD/NOST
License:
OST LA 6.0.4 is copyrighted by the respective authors. It is not modified permanently.
The custom NOST code is licensed under the GNU General Public License.
Icon by Freepik © Flaticon
I tried this is working,nice tool.
Thanks dev.
Thank you THMSP! very cool?
Sent from my TA-1004 using XDA Labs
Can flash the May and November update but cannot flash latest Pie with this tool. I flashed Pie but returned back to November update?
Lee Castro said:
Can flash the May and November update but cannot flash latest Pie with this tool. I flashed Pie but returned back to November update?
Click to expand...
Click to collapse
Yes, you can revert back from Pie to Oreo using this. What is the issue with Pie for you?
THMSP said:
Yes, you can revert back from Pie to Oreo using this. What is the issue with Pie for you?
Click to expand...
Click to collapse
What I mean is if I flash the Pie file you provided I just returned back to Android 8.1 Novemeber update no changes at all. Maybe there something wrong with the Pie file you uploaded. But the rests are all working fine with the tool.
Lee Castro said:
What I mean is if I flash the Pie file you provided I just returned back to Android 8.1 Novemeber update no changes at all. Maybe there something wrong with the Pie file you uploaded. But the rests are all working fine with the tool.
Click to expand...
Click to collapse
Thanks for the hint, I will take a look. Probably just derped when pulling partitions and renaming the images (might have worked in my November folder by accident).
EDIT: I repulled the images from Pie (I indeed somehow worked in my November folder when making the image), repackaged them and updated the version in the drive folder. You should now be able to flash Pie. Sorry for the mistake.
THMSP said:
Thanks for the hint, I will take a look. Probably just derped when pulling partitions and renaming the images (might have worked in my November folder by accident).
EDIT: I repulled the images from Pie (I indeed somehow worked in my November folder when making the image), repackaged them and updated the version in the drive folder. You should now be able to flash Pie. Sorry for the mistake.
Click to expand...
Click to collapse
Thanks again,This is really a big help.
Wow, this is something we've been all seeking for a long time now ! For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
hey there! wonderful tool to have. Thank u so much
Not working in my laptop say a software need a to update
Blackhacker07 said:
Not working in my laptop say a software need a to update
Click to expand...
Click to collapse
If you have dependency issues I would suggest to install OST LA 6.0.4 first, so you get its dependencies, until I can make a proper installer for NOST.
THMSP said:
If you have dependency issues I would suggest to install OST LA 6.0.4 first, so you get its dependencies, until I can make a proper installer for NOST.
Click to expand...
Click to collapse
Could you perhaps figure out how to get rid of the unlocked bootloader message?
ironman38102 said:
Could you perhaps figure out how to get rid of the unlocked bootloader message?
Click to expand...
Click to collapse
Are you talking about the error message that appears when you press the Next button to start flashing?
If yes, your bootloader needs to be unlocked to critical, then the message won't appear.
If you are unsure if your bootloader is unlocked to critical, do "fastboot oem device-info", it will tell you.
If you mean the message that your phone displays when booting with an unlocked bootloader then sorry, I doubt that's possible (I think it is embedded into the bootloader).
THMSP said:
Are you talking about the error message that appears when you press the Next button to start flashing?
If yes, your bootloader needs to be unlocked to critical, then the message won't appear.
If you are unsure if your bootloader is unlocked to critical, do "fastboot oem device-info", it will tell you.
If you mean the message that your phone displays when booting with an unlocked bootloader then sorry, I doubt that's possible (I think it is embedded into the bootloader).
Click to expand...
Click to collapse
Actually its in splash.img that can be dumped. Its the hex editing possibly that might be a problem for someone not familiar with it
How to flash it's says this...
Blackhacker07 said:
How to flash it's says this...
Click to expand...
Click to collapse
What do you mean?
KonikoO said:
Wow, this is something we've been all seeking for a long time now ! For those who wonder how to unlock into critical state :
Reboot into bootloader download mode and execute those commands :
fastboot flash unlock *unlock .bin*
fastboot flashing unlock_critical
Afterwards you should be able to flash provided .qlz with NOST.
Click to expand...
Click to collapse
Thank you so much for this advice. I wouldn't have ever figured out how to unlock critical on my own and that was the thing that was preventing me from flashing. I tried searching the other OST LA flashing threads as well but this info seemed to have been missing, or then i completely missed it. Thank you so much anyways. If anybody else is trying to figure out why their OST LA or NOST is giving them the se_err_adb_cmd_get_fail_result error, this should help. I just used the unlock.key in place of the *unlock.bin* in your command and it worked.
Can you please upload Oreo December update stock and patched boot image. TIA
Yesterday I noticed that my Pie Image was still not quite useable, since it contained a corrupted system partition.
This seems to have happened because of my Magisk Setup and me only replacing the boot partition image and not uninstalling Magisk completely.
I rebuilt the image, to be fully stock, and also included the latest B07 update that @hikari_calyx uploaded yesterday. You can get it from the drive link in the OP.
Phone stopped making any sounds.
what works: bluetooth, wifi, sim card (data + receiving texts, calls not tested)
what doesn't: sensors (rotating), camera, sound
dmesg https://pastebin.com/gY1pgn96
What was flashed that I can find/remember in no particular order
H810_UsU_unlock.zip
h810_21y_modem.zip
H810_UsU_baseband_flash-in-twrp.zip
G4_29a_N_modem_UsU.zip
LG-G4_VideoLag-Fix_EXTRACTME-AND-READ-THE-README.7z
h810_10o_UsU_bootloader_ARB2.zip
lineage-15.1-20190121-UNOFFICIAL-h810_usu.zip
lineage-15.1-20190409-UNOFFICIAL-h810_usu.zip
lineage-16.0-20190512-UNOFFICIAL-h810_usu.zip
and magisk + gapps
zip of sbl1 rpm tz pmic partitions attached.
On a side note I see h810_10o_UsU_bootloader_ARB2.zip that I forgot about earlier. Explains the ARB2 that the phone is at now. Looking back through my bash history I was having these issues before I flashed this.
@steadfasterX per request
You flashed so much stuff steadfaster can't even help you
baconbacon said:
Phone stopped making any sounds.
what works: bluetooth, wifi, sim card (data + receiving texts, calls not tested)
what doesn't: sensors (rotating), camera, sound
dmesg https://pastebin.com/gY1pgn96
What was flashed that I can find/remember in no particular order
H810_UsU_unlock.zip
h810_21y_modem.zip
H810_UsU_baseband_flash-in-twrp.zip
G4_29a_N_modem_UsU.zip
LG-G4_VideoLag-Fix_EXTRACTME-AND-READ-THE-README.7z
h810_10o_UsU_bootloader_ARB2.zip
lineage-15.1-20190121-UNOFFICIAL-h810_usu.zip
lineage-15.1-20190409-UNOFFICIAL-h810_usu.zip
lineage-16.0-20190512-UNOFFICIAL-h810_usu.zip
and magisk + gapps
zip of sbl1 rpm tz pmic partitions attached.
On a side note I see h810_10o_UsU_bootloader_ARB2.zip that I forgot about earlier. Explains the ARB2 that the phone is at now. Looking back through my bash history I was having these issues before I flashed this.
@steadfasterX per request
Click to expand...
Click to collapse
Perfect thx that explains a lot..
As you mentioned already the bootloader stack thing but also another one you flashed 21y modem .. I will need some time to investigate both things and come back to you asap
Update:
ok so the worst thing you had done was flashing the 21y modem. The problem with that one is that it is ARB 3 (see known ARB) and so blown fuses (in areas not related to the bootloader ARB but for firmware).
Anyways that will refuse using several parts of your firmware now.
There is no guarantee if the following would make things even more worse but that's what I would try:
extract the system and the modem partition of the 21y kdz
grab the "etc/firmware/venus.*" files from the extracted system partition and copy them to system/etc/firmware/ (mount "system" in TWRP before)
grab the "image/a2dsp.*" files from the extracted modem partition and copy them to /firmware/image (mount "Firmware" in TWRP before)
boot again and grab the dmesg as soon as possible
again that can make things even more worse so you do this on ur own risk.
Sent from my OnePlus 6T using XDA Labs
Before I do this, because hell why not , is the 21y here https://storagecow.eu/index.php?dir=Xda/LG+G4/H810/AT&T/ what I am looking for? Want to be sure before I make matters worse for myself.
baconbacon said:
Before I do this, because hell why not , is the 21y here https://storagecow.eu/index.php?dir=Xda/LG+G4/H810/AT&T/ what I am looking for? Want to be sure before I make matters worse for myself.
Click to expand...
Click to collapse
Yes the rar file. It will contain a TOT file (so you cannot use SALT to extract) .
TOTs require the windows software :
https://forum.xda-developers.com/showthread.php?t=2600575
Sent from my OnePlus 6T using XDA Labs
How do I grab the files out of system.img . I had to use WindowsLGFirmwareExtract-1.2.1.0-Release as the newest one would dump 20G+ junk files.
Code:
$ file system_691200.bin
system_691200.bin: Linux rev 1.0 ext4 filesystem data, UUID=57f8f4bc-abf4-655f-bf67-946fc0f9f25b (extents) (large files)
I can't mount the file, after making it the size it wants with "truncate -s $((1159168*4096)) system_691200.bin" it will mount but then is completely empty. Repairing with fsck annihilates everything. What is the trick to dumping/mounting this?
modem.img mounted fine.
baconbacon said:
How do I grab the files out of system.img . I had to use WindowsLGFirmwareExtract-1.2.1.0-Release as the newest one would dump 20G+ junk files.
I can't mount the file, after making it the size it wants with "truncate -s $((1159168*4096)) system_691200.bin" it will mount but then is completely empty. Repairing with fsck annihilates everything. What is the trick to dumping/mounting this?
modem.img mounted fine.
Click to expand...
Click to collapse
The latest should work fine but you have to merge (!) the files once extracted which is a separate option in that tool. For mounting you could then use SALT (advanced menu) if you like
Sent from my OnePlus 6T using XDA Labs
It only extracts one system file, system_691200.bin, there is nothing to merge. That's with 1.2.6.1, I tried several different versions and all of them only list/extract one file. The tot I used is not corrupt (i believe), downloaded 3 more and they all had the same md5.
Do you know offhand if I would be able to push the system_691200.bin onto the phone and mount it just to grab those files?
baconbacon said:
It only extracts one system file, system_691200.bin, there is nothing to merge. That's with 1.2.6.1, I tried several different versions and all of them only list/extract one file. The tot I used is not corrupt (i believe), downloaded 3 more and they all had the same md5.
Do you know offhand if I would be able to push the system_691200.bin onto the phone and mount it just to grab those files?
Click to expand...
Click to collapse
ok when it lists only 1 file there it is only 1. Lemme check if I can do that today.
EDIT:
ah yea another reason why I hate that windows tool.. it extracts bull****.. trying to fix that but that can take some secs
EDIT2:
wow thats is really a stubborn crap.. Cannot mount, resize, fsck, fix, testdisk/photorec , ... (and yea I used DD to get the correct size, offset ...)
EDIT3: @baconbacon
no one is as stubborn as me lol..
ok I have not figured out why that crappy windows software does not extract it correctly but I searched and found another extractor here. (whoa.. that way I could make TOT files support available in SALT...)
compiled. ran. mounted. simply works..
so here you go: http://leech.binbash.it:8008/stock/LG/h810/21y_arb3
you just need: h810_21y_ARB3_system-etc-firmware.tgz
download that one.
extract it and follow the prev post here
jfi:
I am currently uploading the full system image and other stuff of that firmware as well (should be fully uploaded in 40 min or so)
.-
That fixed it completely! Sound works, rotation works, camera works. Installed the newest rom and the phone is quite snappy now. As a bonus it also fixed the video lag.
Thank you very much, you went above and beyond to help me fix this. Is that bitcoin address on your profile accurate?
baconbacon said:
That fixed it completely! Sound works, rotation works, camera works. Installed the newest rom and the phone is quite snappy now. As a bonus it also fixed the video lag.
Thank you very much, you went above and beyond to help me fix this. Is that bitcoin address on your profile accurate?
Click to expand...
Click to collapse
GREAT ! Glad we solved it.
I really hoped it will fix it and yea that's again a proof of fusing in modem and firmware files (due to flashing the 21y modem).. I will remove that one from the list so no one will go for the same journey.
yea my BTC is fine but given some thx click on any of my posts is fine too
have fun!
.-