the vm is reconnecting in the restore many times and them crashing in the restore on the dfu
terminal 1:
=== Host ===
ProductName: macOS
ProductVersion: 26.4
BuildVersion: 25E246
model: MacBook Air
kern.hv_vmm_present: 0
SIP: System Integrity Protection status: disabled.
allow-research-guests: Allow Research Guests status: enabled
current kern.bootargs: amfi_get_out_of_my_way=1 -v
next-boot nvram boot-args: amfi_get_out_of_my_way=1 -v
assessment: assessments disabled
=== Entitlements ===
com.apple.private.bmk.allowcom.apple.private.virtualizationcom.apple.private.virtualization.security-researchcom.apple.security.get-task-allowcom.apple.security.personal-information.locationcom.apple.security.virtualizationcom.apple.vm.networking
=== Policy ===
/Users/liamsitbon/vphone-cli/.build/release/vphone-cli: accepted
override=security disabled
=== Unsigned Debug Binary ===
[debug_help] exit=0
=== Signed Release Binary ===
[release_help] exit=0
=== Signed Debug Control ===
/tmp/vphone-preflight.6cPGXo/vphone-cli.debug.signed: replacing existing signature
[signed_debug_help] exit=0
=== Result ===
If unsigned debug runs but either signed binary exits 137 / signal 9,
the host is not currently permitting the required private virtualization entitlements.
If the signed release binary exits 0 but the signed debug control still exits 137,
a path/CDHash-scoped amfidont bypass may already be active for this repo.
Typical requirements for this project are:
- macOS 15+ with PV=3 support
- Host hardware must expose Virtualization.framework VM support (not a nested VM without virtualization availability)
- SIP disabled
- allow-research-guests enabled in Recovery OS
- AMFI / execution policy state that permits the private entitlements
- Gatekeeper / assessment configured so the signed binary is launchable
Reaping winning child 0x7f7034190 PID 43457
Live child 0x7f7034190 (boot_binary_check) PID 43488
Reaping winning child 0x7f7034190 PID 43488
Removing child 0x7f7034190 PID 43488 from chain.
Successfully remade target file boot_binary_check'. Finished prerequisites of target file boot'.
Must remake target `boot'.
cd vm && "/Users/liamsitbon/vphone-cli/.build/vphone-cli.app/Contents/MacOS/vphone-cli"
--config ./config.plist
Putting child 0x7f70341e0 (boot) PID 43493 on the chain.
Live child 0x7f70341e0 (boot) PID 43493
[vphone] Loaded VM manifest from /Users/liamsitbon/vphone-cli/vm/config.plist
=== vphone-cli ===
ROM : /Users/liamsitbon/vphone-cli/vm/AVPBooter.vresearch1.bin
Disk : /Users/liamsitbon/vphone-cli/vm/Disk.img
NVRAM : /Users/liamsitbon/vphone-cli/vm/nvram.bin
Config: /Users/liamsitbon/vphone-cli/vm/config.plist
CPU : 8
Memory: 8192 MB
Screen: 1290x2796 @ 460 PPI (scale 3.0x)
Kernel debug stub : auto-assigned
SEP : enabled
storage : /Users/liamsitbon/vphone-cli/vm/SEPStorage
rom : /Users/liamsitbon/vphone-cli/vm/AVPSEPBooter.vresearch1.bin
[vphone] PV=3 hardware model: isSupported = true
[vphone] Loaded machineIdentifier from config.plist (ECID stable)
[vphone] ECID: B87EEA65E44B19A9
[vphone] Predicted UDID: 0000FE01-B87EEA65E44B19A9
[vphone] Wrote UDID prediction: /Users/liamsitbon/vphone-cli/vm/udid-prediction.txt
[vphone] NVRAM boot-args: serial=3 debug=0x104c04
[vphone] PL011 serial port attached (interactive)
[vphone] USB touch screen configured
[vphone] Synthetic battery configured (100%, charging)
[vphone] Kernel GDB debug stub enabled (system-assigned port)
[vphone] SEP coprocessor enabled (storage: /Users/liamsitbon/vphone-cli/vm/SEPStorage)
[vphone] Configuration validated
[vphone] Starting...
[vphone] VM started - booting normally
WARNING: Trying to access an unrecognized member: VZVirtualMachine._configuration
[location] host location forwarding ready
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[touchid-bk] BiometricKit loaded via dlopen
[battery] sync 4%, connectivity=2
[location] authorization status: 0
[battery] sync LPM failed: not connected to vphoned
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[battery] sync 4%, connectivity=2
[vphone] Stopped with error: Error Domain=VZErrorDomain Code=1 "The virtual machine stopped unexpectedly." UserInfo={NSLocalizedFailure=Internal Virtualization error., NSLocalizedFailureReason=The virtual machine stopped unexpectedly.}
Reaping losing child 0x7f70341e0 PID 43493
make: *** [boot] Error 1
Removing child 0x7f70341e0 PID 43493 from chain.
liamsitbon@Liams-MacBook-Air vphone-cli %
and terminal 2:
liamsitbon@Liams-MacBook-Air vphone-cli % make restore
cd vm && "/Users/liamsitbon/vphone-cli/.limd/bin/idevicerestore"
-e -y ./iPhone*_Restore
idevicerestore 1.0.0-270-g405fcd1 (libirecovery 1.3.1, libtatsu 1.0.5-3-g60a39f3)
Found device in DFU mode
ECID: 13294320873387006377
Identified device as vresearch101ap, iPhone99,11
Device Product Version: N/A
Device Product Build: N/A
Extracting BuildManifest from IPSW
IPSW Product Version: 26.1
IPSW Product Build: 23B85 Major: 23
Device supports Image4: true
Variant: Darwin Cloud Customer Erase Install (IPSW)
This restore will erase all device data.
Checking IPSW for required components...
All required components found in IPSW
Getting ApNonce in DFU mode... f1 3f a8 b5 3f e9 9c 0a b2 97 cf c6 05 30 36 9f eb ca 3d 94 48 5d 40 df 5b f7 b0 da 5a af aa 50
Trying to fetch new SHSH blob
Getting SepNonce in dfu mode... ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de
Received SHSH blobs
Extracting iBSS.vresearch101.RELEASE.im4p (Firmware/dfu/iBSS.vresearch101.RELEASE.im4p)...
Personalizing IMG4 component iBSS...
Sending iBSS (611171 bytes)...
Uploading [==================================================] 100.0%
Device did not reconnect in DFU or recovery mode. Possibly invalid iBSS. Reset device and try again.
Unable to place device into recovery mode from DFU mode
make: *** [restore] Error 1
liamsitbon@Liams-MacBook-Air vphone-cli %
the vm is reconnecting in the restore many times and them crashing in the restore on the dfu
terminal 1:
=== Host ===
ProductName: macOS
ProductVersion: 26.4
BuildVersion: 25E246
model: MacBook Air
kern.hv_vmm_present: 0
SIP: System Integrity Protection status: disabled.
allow-research-guests: Allow Research Guests status: enabled
current kern.bootargs: amfi_get_out_of_my_way=1 -v
next-boot nvram boot-args: amfi_get_out_of_my_way=1 -v
assessment: assessments disabled
=== Entitlements ===
com.apple.private.bmk.allowcom.apple.private.virtualizationcom.apple.private.virtualization.security-researchcom.apple.security.get-task-allowcom.apple.security.personal-information.locationcom.apple.security.virtualizationcom.apple.vm.networking=== Policy ===
/Users/liamsitbon/vphone-cli/.build/release/vphone-cli: accepted
override=security disabled
=== Unsigned Debug Binary ===
[debug_help] exit=0
=== Signed Release Binary ===
[release_help] exit=0
=== Signed Debug Control ===
/tmp/vphone-preflight.6cPGXo/vphone-cli.debug.signed: replacing existing signature
[signed_debug_help] exit=0
=== Result ===
If unsigned debug runs but either signed binary exits 137 / signal 9,
the host is not currently permitting the required private virtualization entitlements.
If the signed release binary exits 0 but the signed debug control still exits 137,
a path/CDHash-scoped amfidont bypass may already be active for this repo.
Typical requirements for this project are:
Reaping winning child 0x7f7034190 PID 43457
Live child 0x7f7034190 (boot_binary_check) PID 43488
Reaping winning child 0x7f7034190 PID 43488
Removing child 0x7f7034190 PID 43488 from chain.
Successfully remade target file
boot_binary_check'. Finished prerequisites of target fileboot'.Must remake target `boot'.
cd vm && "/Users/liamsitbon/vphone-cli/.build/vphone-cli.app/Contents/MacOS/vphone-cli"
--config ./config.plist
Putting child 0x7f70341e0 (boot) PID 43493 on the chain.
Live child 0x7f70341e0 (boot) PID 43493
[vphone] Loaded VM manifest from /Users/liamsitbon/vphone-cli/vm/config.plist
=== vphone-cli ===
ROM : /Users/liamsitbon/vphone-cli/vm/AVPBooter.vresearch1.bin
Disk : /Users/liamsitbon/vphone-cli/vm/Disk.img
NVRAM : /Users/liamsitbon/vphone-cli/vm/nvram.bin
Config: /Users/liamsitbon/vphone-cli/vm/config.plist
CPU : 8
Memory: 8192 MB
Screen: 1290x2796 @ 460 PPI (scale 3.0x)
Kernel debug stub : auto-assigned
SEP : enabled
storage : /Users/liamsitbon/vphone-cli/vm/SEPStorage
rom : /Users/liamsitbon/vphone-cli/vm/AVPSEPBooter.vresearch1.bin
[vphone] PV=3 hardware model: isSupported = true
[vphone] Loaded machineIdentifier from config.plist (ECID stable)
[vphone] ECID: B87EEA65E44B19A9
[vphone] Predicted UDID: 0000FE01-B87EEA65E44B19A9
[vphone] Wrote UDID prediction: /Users/liamsitbon/vphone-cli/vm/udid-prediction.txt
[vphone] NVRAM boot-args: serial=3 debug=0x104c04
[vphone] PL011 serial port attached (interactive)
[vphone] USB touch screen configured
[vphone] Synthetic battery configured (100%, charging)
[vphone] Kernel GDB debug stub enabled (system-assigned port)
[vphone] SEP coprocessor enabled (storage: /Users/liamsitbon/vphone-cli/vm/SEPStorage)
[vphone] Configuration validated
[vphone] Starting...
[vphone] VM started - booting normally
WARNING: Trying to access an unrecognized member: VZVirtualMachine._configuration
[location] host location forwarding ready
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[touchid-bk] BiometricKit loaded via dlopen
[battery] sync 4%, connectivity=2
[location] authorization status: 0
[battery] sync LPM failed: not connected to vphoned
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[control] vphoned binary: .vphoned.signed (185632 bytes, 96c35c3b1334...)
[control] connect failed: Error Domain=NSPOSIXErrorDomain Code=54 "Connection reset by peer"
[control] connect failed; reconnecting in 3s...
[battery] sync 4%, connectivity=2
[vphone] Stopped with error: Error Domain=VZErrorDomain Code=1 "The virtual machine stopped unexpectedly." UserInfo={NSLocalizedFailure=Internal Virtualization error., NSLocalizedFailureReason=The virtual machine stopped unexpectedly.}
Reaping losing child 0x7f70341e0 PID 43493
make: *** [boot] Error 1
Removing child 0x7f70341e0 PID 43493 from chain.
liamsitbon@Liams-MacBook-Air vphone-cli %
and terminal 2:
liamsitbon@Liams-MacBook-Air vphone-cli % make restore
cd vm && "/Users/liamsitbon/vphone-cli/.limd/bin/idevicerestore"
-e -y ./iPhone*_Restore
idevicerestore 1.0.0-270-g405fcd1 (libirecovery 1.3.1, libtatsu 1.0.5-3-g60a39f3)
Found device in DFU mode
ECID: 13294320873387006377
Identified device as vresearch101ap, iPhone99,11
Device Product Version: N/A
Device Product Build: N/A
Extracting BuildManifest from IPSW
IPSW Product Version: 26.1
IPSW Product Build: 23B85 Major: 23
Device supports Image4: true
Variant: Darwin Cloud Customer Erase Install (IPSW)
This restore will erase all device data.
Checking IPSW for required components...
All required components found in IPSW
Getting ApNonce in DFU mode... f1 3f a8 b5 3f e9 9c 0a b2 97 cf c6 05 30 36 9f eb ca 3d 94 48 5d 40 df 5b f7 b0 da 5a af aa 50
Trying to fetch new SHSH blob
Getting SepNonce in dfu mode... ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de
Received SHSH blobs
Extracting iBSS.vresearch101.RELEASE.im4p (Firmware/dfu/iBSS.vresearch101.RELEASE.im4p)...
Personalizing IMG4 component iBSS...
Sending iBSS (611171 bytes)...
Uploading [==================================================] 100.0%
Device did not reconnect in DFU or recovery mode. Possibly invalid iBSS. Reset device and try again.
Unable to place device into recovery mode from DFU mode
make: *** [restore] Error 1
liamsitbon@Liams-MacBook-Air vphone-cli %