enjoying tool, couple weeks with it.

[cewatkins]

Im on a lg343, i finally got a dl happening sending sbl1. However, then it freezes & I can unplug usb cable & it changes usb id. does 2 androids, although i dont know how I got the just file one, normally they expose acm so, 05c6:9006 then, 1004, 61f1. I've got the other tools to transfer not i figured out to use sb1, but i cant send anything else.

[cewatkins]

oh & i cant get qmcd to compile, dies @ window worker.

[ghassani]

If you are in 9006 mode then you can use a tool like dd to just write the partitions that are corrupted. When plugged in, the EMMC should enumerate to your machine if you have the correct drivers installed, on linux this may require some modprobe adjustments.

You will never be in 9006 mode if SBL1 is missing or corrupted. 9006 is a memory debug mode as well as enumerates the device EMMC to the host machine. It is usually entered when something goes wrong post SBL1 bootloader (aboot failing to load correctly is a common reason in my experience) and is always POST SBL1.

In fact, you can't even (at least in all my test devices) send firmware images over Sahara in 9006 mode. It is just not supported. It only supports Memory Debug and whatever client commands that version implements. This might not be the case for "fusion" devices which are essentially devices which use the modem only and have their own SoC.

As for the change in USB VID/PID, I am not sure exactly what is happening here but I have seen instances of LG custom USB Vendor / Product ID pairs that do not match the Qualcomm SoC. For example, on a few devices I have the 9006 PID is the same as you mentioned above.

Hope this helps!

[cewatkins]

my bad, i meant i meant 9008 mode, it has come up as 1004:f006 and 1004:61f1, after i sent sbl1, i realized today I had a mix of the code, sbl1.bin differed from sbl1.mbn, I can send sbl1, with battery out, i get a red put the battery in display, with battery in, it loads sb1 & restarts, but I cant send anything else, just sb1 & then it goes back to emergency download. I did get a memory debug pull from command mode but i have no idea how to parse that, thanks for replying btw. Due to all the images being signed, I can't find a loader, so, so far the only thing that passes are the sbl1's

[cewatkins]

Also, when I load sbl1(.bin or mbn.) as the programmer (the only thing ive got sahara to complete), the device will reboot as 1004:61f1 (which is marked in your udev edl rules as lg memory debug?)

[ghassani]

If Sahara accept SBL1 image in EDL and reboots into memory debug after you send the done command that means that SBL1 was loaded and executed and some other issue was encountered. Probably an issue loading TZ or something further down the boot chain like aboot. Sahara in non-fusion SOC running from SBL1 as far as I know is 9006 mode only - i.e memory debug and mass storage device enumeration to the host.

If you re-establish a sahara session at this point with my program it should let you know for sure if it is in memory debug mode or not. In this mode, you can't send firmware through Sahara. However, it should enumerate on your machine as a mass storage device as well (may have to tweak some drivers that are loaded for the device, if you are having issues with this try it on windows it usually just works) and you can fix the emmc in that way with a tool like dd or some other device writer.

Personally I have never tried to send sbl1 image through EDL since it generally requests an EDL image which has a completely different image id. It is interesting to know that it can work that way, at least on your device.

And yes, in my udev rules file 1004:61f1 is memory debug because in my devices that I have tested with - this was the case. They were some cheap metropcs branded LG phones I do not know the model off the top of my head I think it was an L70

[ghassani]

Also as far as building QCDM, its broken AF right now. Feel free to contribute fixes to the build system - I will try to jump back into this project more when I have more free time