Xiaomi Mi 3 - usbio issue
Opened this issue · 2 comments
SUMMARY
Thanks for all the work on this project. It is very useful in debugging network issues. I have a Xiaomi Mi Mix3 5G handset rooted running Android13 with a SDX50M Qualcomm modem and I have enabled DIAG but getting an error with the usb interface when trying to connect to the device.
STEPS TO REPRODUCE
Steps to reproduce the behavior:
- Rooted Xiaomi Mi 3 handset - set properties to -[sys.usb.config]: [diag,adb]
- scat -t qc -u -a 003:006 -i 0 (ie lsusb - Bus 003 Device 006: ID 05c6:901d Qualcomm, Inc. Mi MIX 3 5G)
EXPECTED and ACTUAL RESULT
Trying USB device at address 003:006
CONFIGURATION 1: 500 mA ==================================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x2 Configuration
wTotalLength : 0x9f (159 bytes)
bNumInterfaces : 0x6
bConfigurationValue : 0x1
iConfiguration : 0x4 diag_diag_mdm_diag_mdm2_qdss_qdss_mdm_dun_dpl_rmnet_adb
bmAttributes : 0x80 Bus Powered
bMaxPower : 0xfa (500 mA)
INTERFACE 0: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x0
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0xff
bInterfaceProtocol : 0xff
**iInterface : 0x5 Error Accessing String**
ENDPOINT 0x81: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x81 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 1: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x1
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0xff
bInterfaceProtocol : 0xff
iInterface : 0x6 QDSS DATA
ENDPOINT 0x82: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x82 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 2: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x2
bAlternateSetting : 0x0
bNumEndpoints : 0x3
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x0
bInterfaceProtocol : 0x0
iInterface : 0x0
ENDPOINT 0x84: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x84 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0xa (10 bytes)
bInterval : 0x9
ENDPOINT 0x83: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x83 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x1: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x1 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 3: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x3
bAlternateSetting : 0x0
bNumEndpoints : 0x1
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0xff
bInterfaceProtocol : 0xff
iInterface : 0x7 CDEV Serial
ENDPOINT 0x8E: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x8e IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 4: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x4
bAlternateSetting : 0x0
bNumEndpoints : 0x3
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0xff
bInterfaceProtocol : 0xff
iInterface : 0x8 RmNet
ENDPOINT 0x85: Interrupt IN ==========================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x85 IN
bmAttributes : 0x3 Interrupt
wMaxPacketSize : 0x8 (8 bytes)
bInterval : 0x9
ENDPOINT 0x8F: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x8f IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0xF: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0xf OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
INTERFACE 5: Vendor Specific ===========================
bLength : 0x9 (9 bytes)
bDescriptorType : 0x4 Interface
bInterfaceNumber : 0x5
bAlternateSetting : 0x0
bNumEndpoints : 0x2
bInterfaceClass : 0xff Vendor Specific
bInterfaceSubClass : 0x42
bInterfaceProtocol : 0x1
iInterface : 0x9 ADB Interface
ENDPOINT 0x2: Bulk OUT ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x2 OUT
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
ENDPOINT 0x86: Bulk IN ===============================
bLength : 0x7 (7 bytes)
bDescriptorType : 0x5 Endpoint
bEndpointAddress : 0x86 IN
bmAttributes : 0x2 Bulk
wMaxPacketSize : 0x200 (512 bytes)
bInterval : 0x0
2024-10-29 14:49:20,013 scat.qualcommparser (stop_diag) INFO: Stopping diag
Traceback (most recent call last):
File "/home/auser/.local/bin/scat", line 8, in <module>
sys.exit(scat_main())
^^^^^^^^^^^
File "/home/test/Mobile/scat/src/scat/main.py", line 201, in scat_main
current_parser.stop_diag()
File "/home/test/Mobile/scat/src/scat/parsers/qualcomm/qualcommparser.py", line 352, in stop_diag
self.io_device.write_then_read_discard(util.generate_packet(struct.pack('<BB', diagcmd.DIAG_EVENT_REPORT_F, 0x00)), 0x1000, False)
File "/home/test/Mobile/scat/src/scat/iodevices/usbio.py", line 33, in write_then_read_discard
self.write(write_buf, encode_hdlc)
File "/home/test/Mobile/scat/src/scat/iodevices/usbio.py", line 30, in write
self.w_handle.write(write_buf)
^^^^^^^^^^^^^^^^^^^
AttributeError: 'NoneType' object has no attribute 'write'
ENVIRONMENT
- Linux OS: Debian
- Mobile OS: Android13 TWRP (andromeda) + Magisk root
- SCAT version: 1.3.01
- Python version: 3.10.6
- Cellular device: Xiaomi Mi Mix3 5G - Android13
- Baseband type: Qualcomm SDX50M
- DIAG method: USB
ADDITIONAL INFORMATION
No issues running CellularPro on the handset which calls the dmidecode daemon. Issue with using QCSuper and the adb_bridge
- Unexpected adb_bridge output: ioctl DIAG_IOCTL_SWITCH_LOGGING with arglen=24 is not supported - default.
Running diag_mdlog succeeds with a valid qmdl file produced. ADB is running which initially I thought was the issue but when removing or setting other sys.usb.config settings similar issues remain. Also tried specifying the connection implicitly using -H 127.0.0.1 -P 5037.
Is this an issue with the format of the DIAG commands being sent to/from this specific modem (SDX50M)?
Hmm, have you tried other interfaces (-i 1 or -i 2)? As far as I remember, Snapdragon 855/865's 5G modem is external (when I used to have Mi 10T 5G) and there are multiple DIAG interfaces exposed through OS/USB.
ps. The reason I won't introduce QCSuper-like approach in SCAT is that I don't want to maintain all the available ioctl()'s on multiple generations of Qualcomm devices. It's simply nightmare to maintain as a developer.
Hello @Phil-anthropy ,
I experienced 100% same like your problem
AttributeError: 'NoneType' object has no attribute 'write'
but with Samsung Exynos,
The solution is like @peremen said,
but the good news is i made a video for how to find the correct the interface USB number,
I just copy the link of my video exact when i'm about facing the error start from second 263 (4:34)
https://youtu.be/3eATjQASLLA?si=ePXROpsk4w9pPLkT&t=263
Please remember for always send command "lsusb" when you about to run the command because usually/likely the usbid is jumping
Hopefully you can solve your issue .