where can we check fairplay error code?

Postby Wingzero » Fri Sep 22, 2017 9:30 am

So recently I found my JB iPhone (iOS9) cannot open installed app, with error message:

kernel[0]: AppleFairplayTextCrypterSession::fairplayOpen() failed, error -42028

After reboot, it kind of fine, but later after sometime it start fail again. I am confused what's going on. And then I found an old post saying it's fairplay process has OOM issue:
It's written in Chinese but has English. The post is in 2013, while iOS9 should be release in 2015. I wonder if it's still the same reason. But I don't know where to look up the code.. Does someone knows? Thanks!

BTW, I checked my phone's "top" status, the memory seems ok:
Code: Select all
Processes:  141 total, 1 running, 8 stuck, 132 sleeping... 472 threads                                   
Load Avg:  1.65,  1.30,  1.32    CPU usage: 45.61% user,  0.00% sys, 54.39% idle
SharedLibs: num =    0, resident =     0 code,     0 data,     0 linkedit.
MemRegions: num =     0, resident =     0 +     0 private,     0 shared.
PhysMem:  110M wired,  317M active,  159M inactive,  954M used,   61M free.
VM: 77G + 0   511624404(17) pageins, 1148542(0) pageouts

I tried to isolate the issue, I found it looks like after dumping the encrypted binary by dumpdecrypted.dylib for some time, I can get this issue. The work flow is downloading ipa from our server -> install the ipa with ipainstaller -> launch the app -> dump the binary -> uninstall the app
Re: where can we check fairplay error code?

Postby Wingzero » Wed Sep 27, 2017 1:32 am

Today I was able to isolate one app. Using this app for many times decrypting + launching will finally trigger faiplayOpen failed. And the binary decryption also fail. I tested with both tools "Clutch" and "DYLD_INSERT_LIBRARIES=/var/root/dumpdecrypted.dylib", both can lead to the same symptom.

It's fine that they have bugs. But I just want to restore the device without reboot.

I also tried to kill my daemon process, cannot restore
I also tried to kill /usr/sbin/fairplayd.H2, cannot restore as well. Only reboot the device can I open the app again. It confuses me..
