search

rosvall / cc2531_oem_flasher

Hack to flash a stock Texas Instruments CC2531USB-RD dongle, no tools required
http://rosvall.github.io/
2 stars 2 forks source link

usb.core.USBError: [Errno 32] Pipe error (bcdDevice 8.21) #3

Closed rexjoe closed 2 months ago

rexjoe commented 3 months ago

My device is as: lsusb -v -d 0x0451:0x16ae | grep bcdDevice bcdDevice 8.21

while execute "python oem_flasher.py stub.bin bootloader/bootloader.bin":

Looking for CC2531 USB Dongle matching idVendor=0451 idProduct=16ae bcdDevice=8391 Found device: Texas Instruments CC2531 USB Dongle on bus 1 port 8 Uploading files Writing 1585 bytes to 0x03a0 Traceback (most recent call last): File "/home/xxx/cc2531/cc2531_oem_flasher/oem_flasher.py", line 194, in upload_file_contents(dev, paths, offset) File "/home/xxx/cc2531/cc2531_oem_flasher/oem_flasher.py", line 112, in upload_file_contents write_exploit(dev, data, offset) File "/home/xxx/cc2531/cc2531_oem_flasher/oem_flasher.py", line 100, in write_exploit dev.ctrl_transfer( File "/home/xxx/anaconda3/lib/python3.10/site-packages/usb/core.py", line 1082, in ctrl_transfer ret = self._ctx.backend.ctrl_transfer( File "/home/xxx/anaconda3/lib/python3.10/site-packages/usb/backend/libusb1.py", line 893, in ctrl_transfer ret = _check(self.lib.libusb_control_transfer( File "/home/xxx/anaconda3/lib/python3.10/site-packages/usb/backend/libusb1.py", line 604, in _check raise USBError(_strerror(ret), ret, _libusb_errno[ret]) usb.core.USBError: [Errno 32] Pipe error

rosvall commented 3 months ago

bcdDevice 8.21

That doesn't look like bcdDevice=8391

rexjoe commented 3 months ago

bcdDevice 8.21

That doesn't look like bcdDevice=8391

yes, i replace code in find_oem_device(): dev = usb.core.find(idVendor=VID, idProduct=PID, bcdDevice=BCD) with dev = usb.core.find(idVendor=VID, idProduct=PID) so maybe this method doesn't work on this version of device. 1724154897487

rosvall commented 3 months ago

No, i don't think it'll work without some changes.

I'd like to take a look though. Where did you get it? And can i get a copy of the firmware somehow?

rexjoe commented 3 months ago

No, i don't think it'll work without some changes.

I'd like to take a look though. Where did you get it? And can i get a copy of the firmware somehow?

I got it from taobao.com in China, the buy link can't be seen without a login. I'll try to see if i can get the firmware out, I don't have a CC debugger.

rexjoe commented 3 months ago

I'vedumped the firmware, How may I send it to you?

updated. stock_fw.zip

rosvall commented 2 months ago

Can you just attach it to a comment here?

rexjoe commented 2 months ago

Updated

rosvall commented 2 months ago

I think that firmware image has some bit errors. Do you mind trying again?

A quick and dirty way to detect a correct read is to simply make two images and comparing them with cmp - it's silent when they compare equal.

If it helps any, you don't have to read the entire 256kB of flash, only the first 9kB are used.

rosvall commented 2 months ago

Wait, I might just be an idiot...

rosvall commented 2 months ago

Yup, it was just me. Sorry about that.

I've pushed a new version of oem_flasher.py that adds support for that version of the stock FW.

rexjoe commented 2 months ago

That's great, happy to hear that.