search

usb-tools / USBProxy-legacy

A proxy for USB devices, libUSB and gadgetFS - this project is unmaintained, try here: https://github.com/usb-tools/Facedancer
GNU General Public License v2.0
431 stars 102 forks source link

Segmentation fault with Usb-to-ethernet interface #47

Closed hllhll closed 2 years ago

hllhll commented 8 years ago

Can't get passed segmentation fault after connecting the Beagle to the pc: Steps to reproduce:

Grab a d-link ethernet to usb converter ("D-Link USB2.0 Fast ethernet Adapter" DUB-E100), Windows 7 mechine Stock drivers of the dlink for win64 (On the cd, ver 5.14.4.0 Jan 26 2011) USBProxy version - GIT head

Execute:

root@arm:/# usb-mitm -dd Version ShmooCon_2015-71-gb0f9 Running under kernel 3.12.0-bone8 CP: String DeviceProxy = DeviceProxy_LibUSB CP: String HostProxy = HostProxy_GadgetFS Loading plugins from /usr/local/lib/USBProxy/ vendorId=ffffffff productId=ffffffff cleaning up /tmp removing 0 Made directory /tmp/gadget-8zio46 for gadget Printing Config data Strings: 2 DeviceProxy: DeviceProxy_LibUSB HostProxy: HostProxy_GadgetFS Vectors: 0 Pointer: 0 Connected to device: 2001:1a02@05 D-Link - DUB-E100

LibUSB> 80 06 00 01 00 00 12 00 LibUSB< 12 01 00 02 ff ff 00 40 01 20 02 1a 01 00 01 02 03 01 LibUSB> 80 06 00 03 00 00 08 00 LibUSB< 04 03 09 04 LibUSB> 80 06 01 03 09 04 08 00 LibUSB< 22 03 44 00 2d 00 4c 00 LibUSB> 80 06 01 03 09 04 22 00 LibUSB< 22 03 44 00 2d 00 4c 00 69 00 6e 00 6b 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 LibUSB> 80 06 02 03 09 04 08 00 LibUSB< 12 03 44 00 55 00 42 00 LibUSB> 80 06 02 03 09 04 12 00 LibUSB< 12 03 44 00 55 00 42 00 2d 00 45 00 31 00 30 00 30 00 LibUSB> 80 06 03 03 09 04 08 00 LibUSB< 0e 03 36 00 44 00 41 00 LibUSB> 80 06 03 03 09 04 0e 00 LibUSB< 0e 03 36 00 44 00 41 00 44 00 37 00 33 00 LibUSB> 80 06 00 02 00 00 09 00 LibUSB< 09 02 27 00 01 01 04 a0 64 LibUSB> 80 06 00 02 00 00 27 00 LibUSB< 09 02 27 00 01 01 04 a0 64 09 04 00 00 03 ff ff 00 07 07 05 81 03 08 00 0b 07 05 82 02 00 02 00 07 05 03 02 00 02 00 LibUSB> 80 06 04 03 09 04 08 00 LibUSB< 04 03 30 00 LibUSB> 80 06 07 03 09 04 08 00 LibUSB< 04 03 30 00 LibUSB> 80 06 00 06 00 00 0a 00 LibUSB< 0a 06 00 02 ff ff 00 08 01 00 LibUSB> 80 06 00 07 00 00 09 00 LibUSB< 09 07 27 00 01 01 04 a0 64 LibUSB> 80 06 00 07 00 00 27 00 LibUSB< 09 07 27 00 01 01 04 a0 64 09 04 00 00 03 ff ff 00 07 07 05 81 03 08 00 a0 07 05 82 02 40 00 00 07 05 03 02 40 00 00 LibUSB> 80 06 04 03 09 04 08 00 LibUSB< 04 03 30 00 LibUSB> 80 06 07 03 09 04 08 00 LibUSB< 04 03 30 00 LibUSB> 80 08 00 00 00 00 01 00 LibUSB< 01 Device: 12 01 00 02 ff ff 00 40 01 20 02 1a 01 00 01 02 03 01 Manufacturer: D-Link Product: DUB-E100 Serial: 6DAD73 Config(1): 09 02 27 00 01 01 04 a0 64 Name: 0 Interface(0): Alt(0): 09 04 00 00 03 ff ff 00 07 Name: 0 EP(81): 07 05 81 03 08 00 0b EP(82): 07 05 82 02 00 02 00 EP(03): 07 05 03 02 00 02 00 HS Qualifier: 0a 06 00 02 ff ff 00 08 01 00 Config(1): 09 07 27 00 01 01 04 a0 64 Name: 0 Interface(0): *Alt(0): 09 04 00 00 03 ff ff 00 07 Name: 0 EP(81): 07 05 81 03 08 00 a0 EP(82): 07 05 82 02 40 00 00 EP(03): 07 05 03 02 40 00 00

    00 00 00 00 09 02 27 00 01 01 04 80 64 09 04 00 00 03 ff ff 00 07 07 05 81 03 08 00 a0 07 05 82
    02 40 00 00 07 05 03 02 40 00 00 09 02 27 00 01 01 04 80 64 09 04 00 00 03 ff ff 00 07 07 05 81
    03 08 00 0b 07 05 82 02 00 02 00 07 05 03 02 00 02 00 12 01 00 02 ff ff 00 40 01 20 02 1a 01 00
    01 02 03 01

searching in [/tmp/gadget-8zio46] Starting setup writer thread (2414) for EP00. Starting setup reader thread (2413) for EP00.

gadgetfs: 1 events received gadgetfs: event 1 gadgetfs: 1 events received gadgetfs: event 2 gadgetfs: 1 events received gadgetfs: 1 events received LibUSB> 80 06 03 03 09 04 ff 00 LibUSB< 0e 03 36 00 44 00 41 00 44 00 37 00 33 00 gadgetfs: 1 events received LibUSB> 80 06 00 03 00 00 ff 00 LibUSB< 04 03 09 04 gadgetfs: 1 events received LibUSB> 80 06 02 03 09 04 ff 00 LibUSB< 12 03 44 00 55 00 42 00 2d 00 45 00 31 00 30 00 30 00 gadgetfs: 1 events LibUSB> 00 09 01 00 00 00 00 00 LibUSB< Opened EP81 Opened EP82 Opened EP03 Sending ACK Starting reader thread (2432) for EP03. Starting reader thread (2430) for EP82. Starting writer thread (2433) for EP03. Starting writer thread (2431) for EP82. Starting writer thread (2429) for EP81. Starting reader thread (2428) for EP81. gadgetfs: 1 events received LibUSB> 00 09 00 00 00 00 00 00 LibUSB< Segmentation fault root@arm:/#
hllhll commented 8 years ago

Additional information:

Running it through gdb gives out:

[Similar output] LibUSB> 00 09 00 00 00 00 00 00 LibUSB<

Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb5ce6460 (LWP 2459)] 0xb6ceaea4 in HostProxyGadgetFS::setConfig(Configuration, Configuration_, bool) () from /usr/local/lib/USBProxy/HostProxy_GadgetFS.so (gdb)

Edit: After compiling with -g; It was clear that on the row:

__u8 ifc_count=fs_cfg->get_descriptor()->bNumInterfaces

fs_cfg is null

dominicgs commented 8 years ago

Are you using the provided OS image? If not, did you apply the kernel patch?

Could you paste the output of lsusb -v for the device here?

hllhll commented 8 years ago

[Wow, that's a fast response] Yes, I'm using the release image with an updated software from the git. Also need to note that without the windows driver, it does not crash, untill that Is I install the driver.

I'll be on the win machine soon and I'll be able to give it out but right now I more in need of other issue (Should I Open another ticket?):

Connected to the other host (Linux-like) the USBProxy does not crash, however, it says:

LibUSB> c0 11 00 00 00 00 03 00 LibUSB< 15 0c 12 Fail on EP00 write 22 Invalid argument Transfer error on EP82 (xfertype 2): Operation timed out Transfer error on EP82 (xfertype 2): Operation timed out ...[to infinity]...

The device is seen correctly on the nix host, but the iterface itslef is not communicative (the os could not set it to up state). No problem when connecting directly without mitm.

Edit: The same Transfer error issue also occurs the on Ubuntu

hllhll commented 8 years ago

lsusb

root@arm:~# lsusb -v

Bus 002 Device 003: ID 2001:1a02 D-Link Corp. DUB-E100 Fast Ethernet Adapter(rev.C1) [ASIX AX88772]
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass          255 Vendor Specific Class
  bDeviceSubClass       255 Vendor Specific Subclass
  bDeviceProtocol         0 
  bMaxPacketSize0        64
  idVendor           0x2001 D-Link Corp.
  idProduct          0x1a02 DUB-E100 Fast Ethernet Adapter(rev.C1) [ASIX AX88772]
  bcdDevice            0.01
  iManufacturer           1 D-Link          
  iProduct                2 DUB-E100
  iSerial                 3 6DAD73
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           39
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          4 0
    bmAttributes         0xa0
      (Bus Powered)
      Remote Wakeup
    MaxPower              200mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           3
      bInterfaceClass       255 Vendor Specific Class
      bInterfaceSubClass    255 Vendor Specific Subclass
      bInterfaceProtocol      0 
      iInterface              7 0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0008  1x 8 bytes
        bInterval              11
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x03  EP 3 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               0
Device Qualifier (for other device speed):
  bLength                10
  bDescriptorType         6
  bcdUSB               2.00
  bDeviceClass          255 Vendor Specific Class
  bDeviceSubClass       255 Vendor Specific Subclass
  bDeviceProtocol         0 
  bMaxPacketSize0         8
  bNumConfigurations      1
Device Status:     0x0000
  (Bus Powered)

Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            9 Hub
  bDeviceSubClass         0 Unused
  bDeviceProtocol         1 Single TT
  bMaxPacketSize0        64
  idVendor           0x1d6b Linux Foundation
  idProduct          0x0002 2.0 root hub
  bcdDevice            3.12
  iManufacturer           3 Linux 3.12.0-bone8 musb-hcd
  iProduct                2 MUSB HDRC host driver
  iSerial                 1 musb-hdrc.1.auto
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           25
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower                0mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         9 Hub
      bInterfaceSubClass      0 Unused
      bInterfaceProtocol      0 Full speed (or root) hub
      iInterface              0 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0004  1x 4 bytes
        bInterval              12
Hub Descriptor:
  bLength               9
  bDescriptorType      41
  nNbrPorts             1
  wHubCharacteristic 0x0011
    Per-port power switching
    No overcurrent protection
    TT think time 8 FS bits
  bPwrOn2PwrGood        5 * 2 milli seconds
  bHubContrCurrent      0 milli Ampere
  DeviceRemovable    0x02
  PortPwrCtrlMask    0xff
 Hub Port Status:
   Port 1: 0000.0503 highspeed power enable connect
Device Status:     0x0001
  Self Powered

Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            9 Hub
  bDeviceSubClass         0 Unused
  bDeviceProtocol         1 Single TT
  bMaxPacketSize0        64
  idVendor           0x1d6b Linux Foundation
  idProduct          0x0002 2.0 root hub
  bcdDevice            3.12
  iManufacturer           3 Linux 3.12.0-bone8 musb-hcd
  iProduct                2 MUSB HDRC host driver
  iSerial                 1 musb-hdrc.0.auto
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           25
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower                0mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         9 Hub
      bInterfaceSubClass      0 Unused
      bInterfaceProtocol      0 Full speed (or root) hub
      iInterface              0 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0004  1x 4 bytes
        bInterval              12
Hub Descriptor:
  bLength               9
  bDescriptorType      41
  nNbrPorts             1
  wHubCharacteristic 0x0011
    Per-port power switching
    No overcurrent protection
    TT think time 8 FS bits
  bPwrOn2PwrGood        5 * 2 milli seconds
  bHubContrCurrent      0 milli Ampere
  DeviceRemovable    0x02
  PortPwrCtrlMask    0xff
 Hub Port Status:
   Port 1: 0000.0100 power
Device Status:     0x0001
  Self Powered
root@arm:~#
dominicgs commented 8 years ago

There's an interrupt endpoint. I would imagine that may be causing us to fall over, although we should be printing an error message rather than segfaulting.

hllhll commented 8 years ago

And the timeout issue? any chance I could address that?

dominicgs commented 8 years ago

I'm not sure, EP82 should work, it's a bulk endpoint which we support for many other devices.

eliocor commented 8 years ago

I'm getting the same segfault! Working environment: Windows 10 BeagleBone Black with OS image: https://github.com/dominicgs/USBProxy/releases/download/2014-03-R1/Debian-USBProxy.img.xz Source files updated to today: https://github.com/dominicgs/USBProxy makefile generated with 'cmake -DCMAKE_BUILD_TYPE=Debug ..' command gcc version: 4.7.2-5

lsusb -v output of the device I'm trying to analyze (Gretag MacBeth EyeOne Pro):

Bus 002 Device 013: ID 0971:2000 Gretag-Macbeth AG
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               1.10
  bDeviceClass            0 (Defined at Interface level)
  bDeviceSubClass         0
  bDeviceProtocol         0
  bMaxPacketSize0        64
  idVendor           0x0971 Gretag-Macbeth AG
  idProduct          0x2000
  bcdDevice            2.00
  iManufacturer           1 GretagMacbeth
  iProduct                2 eye-one
  iSerial                 0
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           46
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0
    bmAttributes         0x80
      (Bus Powered)
    MaxPower              500mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           4
      bInterfaceClass       255 Vendor Specific Class
      bInterfaceSubClass      0
      bInterfaceProtocol      0
      iInterface              0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x01  EP 1 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0040  1x 64 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x03  EP 3 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0020  1x 32 bytes
        bInterval               0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x84  EP 4 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0008  1x 8 bytes
        bInterval             100
Device Status:     0x0000
  (Bus Powered)

output of usb-mitm -dd under gdb:

root@arm:/home/debian/USBProxy/src/build/tools# gdb usb-mitm
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/debian/USBProxy/src/build/tools/usb-mitm...done.
(gdb) r -dd
Starting program: /home/debian/USBProxy/src/build/tools/usb-mitm -dd
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/arm-linux-gnueabihf/libthread_db.so.1".
Version ShmooCon_2015-79-g6cc9
Running under kernel 3.12.0-bone8
CP: String DeviceProxy = DeviceProxy_LibUSB
CP: String HostProxy = HostProxy_GadgetFS
Loading plugins from /usr/local/lib/USBProxy/
vendorId=ffffffff
productId=ffffffff
cleaning up /tmp
removing 1
Made directory /tmp/gadget-hWyAFQ for gadget
Printing Config data
        Strings: 2
                DeviceProxy: DeviceProxy_LibUSB
                HostProxy: HostProxy_GadgetFS
        Vectors: 0
Pointer: 0
[New Thread 0xb6ce6460 (LWP 5648)]
Connected to device: 0971:2000@0d GretagMacbeth - eye-one

LibUSB> 80 06 00 01 00 00 12 00
LibUSB< 12 01 10 01 00 00 00 40 71 09 00 20 00 02 01 02 00 01
LibUSB> 80 06 00 03 00 00 08 00
LibUSB< 04 03 09 04
LibUSB> 80 06 01 03 09 04 08 00
LibUSB< 1c 03 47 00 72 00 65 00
LibUSB> 80 06 01 03 09 04 1c 00
LibUSB< 1c 03 47 00 72 00 65 00 74 00 61 00 67 00 4d 00 61 00 63 00 62 00 65 00 74 00 68 00
LibUSB> 80 06 02 03 09 04 08 00
LibUSB< 12 03 65 00 79 00 65 00
LibUSB> 80 06 02 03 09 04 12 00
LibUSB< 12 03 65 00 79 00 65 00 2d 00 6f 00 6e 00 65 00 20 00
LibUSB> 80 06 00 02 00 00 09 00
LibUSB< 09 02 2e 00 01 01 00 80 fa
LibUSB> 80 06 00 02 00 00 2e 00
LibUSB<
        09 02 2e 00 01 01 00 80 fa 09 04 00 00 04 ff 00 00 00 07 05 01 02 40 00 00 07 05 82 02 40 00 00
        07 05 03 02 20 00 00 07 05 84 03 08 00 64
LibUSB> 80 06 00 06 00 00 0a 00
Error sending setup packet: Pipe error
LibUSB> 80 08 00 00 00 00 01 00
LibUSB< 01
Device: 12 01 10 01 00 00 00 40 71 09 00 20 00 02 01 02 00 01
  Manufacturer: GretagMacbeth
  Product:      eye-one
        *Config(1): 09 02 2e 00 01 01 00 80 fa
                Interface(0):
                        *Alt(0): 09 04 00 00 04 ff 00 00 00
                                EP(01): 07 05 01 02 40 00 00
                                EP(82): 07 05 82 02 40 00 00
                                EP(03): 07 05 03 02 20 00 00
                                EP(84): 07 05 84 03 08 00 64

        00 00 00 00 09 02 2e 00 01 01 00 80 fa 09 04 00 00 04 ff 00 00 00 07 05 01 02 40 00 00 07 05 82
        02 40 00 00 07 05 03 02 20 00 00 07 05 84 03 08 00 64 09 02 2e 00 01 01 00 80 fa 09 04 00 00 04
        ff 00 00 00 07 05 01 02 40 00 00 07 05 82 02 40 00 00 07 05 03 02 20 00 00 07 05 84 03 08 00 64
        12 01 10 01 00 00 00 40 71 09 00 20 00 02 01 02 00 01
searching in [/tmp/gadget-hWyAFQ]
[New Thread 0xb64e6460 (LWP 5649)]
Starting setup reader thread (5649) for EP00.
[New Thread 0xb5ce6460 (LWP 5650)]
Starting setup writer thread (5650) for EP00.
gadgetfs: 1 events received
gadgetfs: event 1
gadgetfs: 1 events received
LibUSB> 80 06 00 03 00 00 ff 00
LibUSB< 04 03 09 04
gadgetfs: 1 events received
LibUSB> 80 06 02 03 09 04 ff 00
LibUSB< 12 03 65 00 79 00 65 00 2d 00 6f 00 6e 00 65 00 20 00
gadgetfs: 1 events received
LibUSB> 00 09 00 00 00 00 00 00
LibUSB<

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb5ce6460 (LWP 5650)]
0xb6cead6c in HostProxy_GadgetFS::setConfig (this=0x16998, fs_cfg=0x0, hs_cfg=0x0, hs=false) at /home/debian/USBProxy/src/Plugins/Hosts/HostProxy_GadgetFS.cpp:453
453             __u8 ifc_count=fs_cfg->get_descriptor()->bNumInterfaces;
(gdb)

Any suggestion on how to solve this problem?

P.S.: the device is perfectly working when connected directly to the Windows PC.

tuxuser commented 8 years ago

Problem: Same timeout problem as hllhll OS-image: ShmooCon 2014-03 USBProxy version: 021e810 (01-03-2016)

lsusb -v

Bus 002 Device 002: ID 4321:0123 *redacted*
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            0 (Defined at Interface level)
  bDeviceSubClass         0
  bDeviceProtocol         0
  bMaxPacketSize0        64
  idVendor           0x4321 *redacted*
  idProduct          0x0123
  bcdDevice            1.10
  iManufacturer           1 *redacted*
  iProduct                2 *redacted*
  iSerial                 3 *redacted*
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           46
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0
    bmAttributes         0xa0
      (Bus Powered)
      Remote Wakeup
    MaxPower              500mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           4
      bInterfaceClass       255 Vendor Specific Class
      bInterfaceSubClass      0
      bInterfaceProtocol      0
      iInterface              0
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x01  EP 1 OUT
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x82  EP 2 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               1
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x83  EP 3 IN
        bmAttributes            2
          Transfer Type            Bulk
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0200  1x 512 bytes
        bInterval               1
Device Qualifier (for other device speed):
  bLength                10
  bDescriptorType         6
  bcdUSB               2.00
  bDeviceClass            0 (Defined at Interface level)
  bDeviceSubClass         0
  bDeviceProtocol         0
  bMaxPacketSize0        64
  bNumConfigurations      1
Device Status:     0x0000
  (Bus Powered)

Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            9 Hub
  bDeviceSubClass         0 Unused
  bDeviceProtocol         1 Single TT
  bMaxPacketSize0        64
  idVendor           0x1d6b Linux Foundation
  idProduct          0x0002 2.0 root hub
  bcdDevice            3.12
  iManufacturer           3 Linux 3.12.0-bone8 musb-hcd
  iProduct                2 MUSB HDRC host driver
  iSerial                 1 musb-hdrc.1.auto
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           25
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower                0mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         9 Hub
      bInterfaceSubClass      0 Unused
      bInterfaceProtocol      0 Full speed (or root) hub
      iInterface              0 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0004  1x 4 bytes
        bInterval              12
Hub Descriptor:
  bLength               9
  bDescriptorType      41
  nNbrPorts             1
  wHubCharacteristic 0x0011
    Per-port power switching
    No overcurrent protection
    TT think time 8 FS bits
  bPwrOn2PwrGood        5 * 2 milli seconds
  bHubContrCurrent      0 milli Ampere
  DeviceRemovable    0x02
  PortPwrCtrlMask    0xff
 Hub Port Status:
   Port 1: 0000.0503 highspeed power enable connect
Device Status:     0x0001
  Self Powered

Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Device Descriptor:
  bLength                18
  bDescriptorType         1
  bcdUSB               2.00
  bDeviceClass            9 Hub
  bDeviceSubClass         0 Unused
  bDeviceProtocol         1 Single TT
  bMaxPacketSize0        64
  idVendor           0x1d6b Linux Foundation
  idProduct          0x0002 2.0 root hub
  bcdDevice            3.12
  iManufacturer           3 Linux 3.12.0-bone8 musb-hcd
  iProduct                2 MUSB HDRC host driver
  iSerial                 1 musb-hdrc.0.auto
  bNumConfigurations      1
  Configuration Descriptor:
    bLength                 9
    bDescriptorType         2
    wTotalLength           25
    bNumInterfaces          1
    bConfigurationValue     1
    iConfiguration          0 
    bmAttributes         0xe0
      Self Powered
      Remote Wakeup
    MaxPower                0mA
    Interface Descriptor:
      bLength                 9
      bDescriptorType         4
      bInterfaceNumber        0
      bAlternateSetting       0
      bNumEndpoints           1
      bInterfaceClass         9 Hub
      bInterfaceSubClass      0 Unused
      bInterfaceProtocol      0 Full speed (or root) hub
      iInterface              0 
      Endpoint Descriptor:
        bLength                 7
        bDescriptorType         5
        bEndpointAddress     0x81  EP 1 IN
        bmAttributes            3
          Transfer Type            Interrupt
          Synch Type               None
          Usage Type               Data
        wMaxPacketSize     0x0004  1x 4 bytes
        bInterval              12
Hub Descriptor:
  bLength               9
  bDescriptorType      41
  nNbrPorts             1
  wHubCharacteristic 0x0011
    Per-port power switching
    No overcurrent protection
    TT think time 8 FS bits
  bPwrOn2PwrGood        5 * 2 milli seconds
  bHubContrCurrent      0 milli Ampere
  DeviceRemovable    0x02
  PortPwrCtrlMask    0xff
 Hub Port Status:
   Port 1: 0000.0100 power
Device Status:     0x0001
  Self Powered

usb-mitm -dd -l (Output is shortened a little)

Version ShmooCon_2015-86-g021e
Running under kernel 3.12.0-bone8
CP: String DeviceProxy = DeviceProxy_LibUSB
CP: String HostProxy = HostProxy_GadgetFS
Loading plugins from /usr/local/lib/USBProxy/
vendorId=1234
productId=4321
cleaning up /tmp
removing 0
Made directory /tmp/gadget-5H9AJ2 for gadget
Printing Config data
    Strings: 4
        DeviceProxy: DeviceProxy_LibUSB
        HostProxy: HostProxy_GadgetFS
        productId: 4321
        vendorId: 1234
    Vectors: 1
        Plugins:
            PacketFilter_StreamLog
Pointer: 1
        PacketFilter_StreamLog::file: 0xb6d68540
Connected to device: 4321:1234@02 *redacted*

LibUSB> 80 06 00 01 00 00 12 00
LibUSB< 12 01 00 02 00 00 00 40 5e 04 d5 02 10 01 01 02 03 01
LibUSB> 80 06 00 03 00 00 08 00
LibUSB< 04 03 09 04
LibUSB> 80 06 01 03 09 04 08 00
LibUSB< 20 03 4d 00 69 00 63 00
LibUSB> 80 06 01 03 09 04 20 00
LibUSB< 20 03 4d 00 69 00 63 00 72 00 6f 00 73 00 6f 00 66 00 74 00 20 00 43 00 6f 00 72 00 70 00 2e 00
LibUSB> 80 06 02 03 09 04 08 00
LibUSB< 1e 03 58 00 62 00 6f 00
LibUSB> 80 06 02 03 09 04 1e 00
LibUSB< 1e 03 58 00 62 00 6f 00 78 00 20 00 55 00 53 00 42 00 20 00 54 00 75 00 6e 00 65 00 72 00
LibUSB> 80 06 03 03 09 04 08 00
LibUSB< 1a 03 30 00 30 00 35 00
LibUSB> 80 06 03 03 09 04 1a 00
LibUSB< 1a 03 30 00 30 00 35 00 31 00 32 00 38 00 30 00 37 00 30 00 35 00 31 00 35 00
LibUSB> 80 06 00 02 00 00 09 00
LibUSB< 09 02 2e 00 01 01 00 a0 fa
LibUSB> 80 06 00 02 00 00 2e 00
LibUSB< 
    09 02 2e 00 01 01 00 a0 fa 09 04 00 00 04 ff 00 00 00 07 05 01 02 00 02 01 07 05 81 02 00 02 01
    07 05 82 02 00 02 01 07 05 83 02 00 02 01
LibUSB> 80 06 00 06 00 00 0a 00
LibUSB< 0a 06 00 02 00 00 00 40 01 00
LibUSB> 80 06 00 07 00 00 09 00
LibUSB< 09 07 2e 00 01 01 00 a0 fa
LibUSB> 80 06 00 07 00 00 2e 00
LibUSB< 
    09 07 2e 00 01 01 00 a0 fa 09 04 00 00 04 ff 00 00 00 07 05 01 02 40 00 00 07 05 81 02 40 00 00
    07 05 82 02 40 00 00 07 05 83 02 40 00 00
LibUSB> 80 08 00 00 00 00 01 00
LibUSB< 01

    00 00 00 00 09 02 2e 00 01 01 00 80 fa 09 04 00 00 04 ff 00 00 00 07 05 01 02 40 00 00 07 05 81
    02 40 00 00 07 05 82 02 40 00 00 07 05 83 02 40 00 00 09 02 2e 00 01 01 00 80 fa 09 04 00 00 04
    ff 00 00 00 07 05 01 02 00 02 01 07 05 81 02 00 02 01 07 05 82 02 00 02 01 07 05 83 02 00 02 01
    12 01 00 02 00 00 00 40 5e 04 d5 02 10 01 01 02 03 01
searching in [/tmp/gadget-5H9AJ2]
Starting setup writer thread (2107) for EP00.
Starting setup reader thread (2106) for EP00.
gadgetfs: 1 events received
gadgetfs: event 1
gadgetfs: 1 events received
[80 06 03 03 09 04 ff 00]
Device: 12 01 00 02 00 00 00 40 32 12 21 43 10 01 01 02 03 01
  Manufacturer: *redacted*
  Product:      *redacted*
  Serial:       *redacted*
    *Config(1): 09 02 2e 00 01 01 00 a0 fa
        Interface(0):
            *Alt(0): 09 04 00 00 04 ff 00 00 00
                EP(01): 07 05 01 02 00 02 01
                EP(81): 07 05 81 02 00 02 01
                EP(82): 07 05 82 02 00 02 01
                EP(83): 07 05 83 02 00 02 01
HS Qualifier: 0a 06 00 02 00 00 00 40 01 00
     Config(1): 09 07 2e 00 01 01 00 a0 fa
        Interface(0):
            *Alt(0): 09 04 00 00 04 ff 00 00 00
                EP(01): 07 05 01 02 40 00 00
                EP(81): 07 05 81 02 40 00 00
                EP(82): 07 05 82 02 40 00 00
                EP(83): 07 05 83 02 40 00 00
LibUSB> 80 06 03 03 09 04 ff 00
LibUSB< 1a 03 30 00 30 00 35 00 31 00 32 00 38 00 30 00 37 00 30 00 35 00 31 00 35 00
[80 06 03 03 09 04 1a 00]: 1a 03 30 00 30 00 35 00 31 00 32 00 38 00 30 00 37 00 30 00 35 00 31 00 35 00
gadgetfs: 1 events received
[80 06 00 03 00 00 ff 00]
LibUSB> 80 06 00 03 00 00 ff 00
LibUSB< 04 03 09 04
[80 06 00 03 00 00 04 00]: 04 03 09 04
gadgetfs: 1 events received
[80 06 02 03 09 04 ff 00]
LibUSB> 80 06 02 03 09 04 ff 00
LibUSB< 1e 03 58 00 62 00 6f 00 78 00 20 00 55 00 53 00 42 00 20 00 54 00 75 00 6e 00 65 00 72 00
[80 06 02 03 09 04 1e 00]: 1e 03 58 00 62 00 6f 00 78 00 20 00 55 00 53 00 42 00 20 00 54 00 75 00 6e 00 65 00 72 00
gadgetfs: 1 events received
Sending ACK
[00 09 01 00 00 00 00 00]
LibUSB> 00 09 01 00 00 00 00 00
LibUSB< 
Opened EP01
Opened EP81
Opened EP82
Opened EP83
Sending ACK
gadgetfs: 1 events received
[c0 15 00 00 00 00 10 00]
LibUSB> c0 15 00 00 00 00 10 00
Error sending setup packet: Pipe error
[c0 15 00 00 00 00 00 00]
Stalling EP00
Starting reader thread (2113) for EP82.
Starting writer thread (2112) for EP01.
Starting writer thread (2114) for EP82.
Starting reader thread (2111) for EP01.
Starting reader thread (2115) for EP83.
Starting writer thread (2110) for EP81.
Starting writer thread (2116) for EP83.
Starting reader thread (2109) for EP81.
01[7]: 02 00 00 04 70 00 8a
01[21]: 10 00 00 00 9d e3 bf 98 25 20 00 00 13 1c 00 25 92 12 62 80 fa

* 17xx Lines of communication *

01[21]: 10 6a 90 00 70 00 73 7c 9d e3 bf 98 21 1c 00 1d d0 04 23 68 07
gadgetfs: 1 events received
[c0 15 00 00 00 00 10 00]
LibUSB> c0 15 00 00 00 00 10 00
Error sending setup packet: Pipe error
[c0 15 00 00 00 00 00 00]
Stalling EP00
01[21]: 10 6a a0 00 80 a2 20 00 12 80 00 05 01 00 00 00 7f ff e5 df ca

* 18 lines of data *

01[21]: 10 6b d0 00 d2 03 20 0c 11 02 00 00 d0 22 40 00 d2 23 60 14 06
gadgetfs: 1 events received
gadgetfs: event 4
01[21]: 10 6b e0 00 d0 03 e0 04 13 1c 00 1d 90 12 20 04 35 1c 00 1c 6f

* 161 lines of data *

01[21]: 10 75 f4 00 01 2c 02 d0 02 d0 02 d0 00 00 00 00 00 00 00 66 7e
01[21]: 10 76 04 00 00 00 00 11 00 01 02 01 00 00 00 01 00 04 00 00 5c
01[21]: 10 76 14 00 00 00 00 00 00 00 00 00 00 03 00 00 00 00 00 00 63
01[13]: 08 76 24 00 00 00 00 00 00 00 00 01 5d
01[5]: 00 00 00 01 ff
81[12]: 00 00 00 00 70 00 00 00 07 66 76 2c
01[8]: 08 00 00 00 70 00 00 00
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Transfer error on EP82 (xfertype 2): Operation timed out
Transfer error on EP83 (xfertype 2): Operation timed out
Transfer error on EP81 (xfertype 2): Operation timed out
Received SIGINT, stopping relaying...
Finished setup writer thread (2107) for EP00.
Finished writer thread (2110) for EP81.
Finished writer thread (2112) for EP01.
Finished writer thread (2114) for EP82.
Finished writer thread (2116) for EP83.
Finished setup reader thread (2106) for EP00.
Transfer error on EP82 (xfertype 2): Operation timed out
Finished reader thread (2113) for EP82.
Transfer error on EP83 (xfertype 2): Operation timed out
Finished reader thread (2115) for EP83.
Finished reader thread (2111) for EP01.
Transfer error on EP81 (xfertype 2): Operation timed out
Finished reader thread (2109) for EP81.
Exiting
done
dominicgs commented 8 years ago

I don't know what's going on here, but it's interesting that the errors come from the IN endpoints but not the OUT EP.

lindi2 commented 8 years ago

At least

Bus 002 Device 043: ID 05ac:1402 Apple, Inc. Ethernet Adapter [A1277]

connected to Debian 8 laptop works here with git 021e810a88ea81e37c5e252f371bf2cf7173b47a. It seems to take some time to stabilize but then it seems to be fast:

ping 10.8.4.1
PING 10.8.4.1 (10.8.4.1) 56(84) bytes of data.
From 10.8.4.2 icmp_seq=1 Destination Host Unreachable
From 10.8.4.2 icmp_seq=2 Destination Host Unreachable
From 10.8.4.2 icmp_seq=3 Destination Host Unreachable
From 10.8.4.2 icmp_seq=4 Destination Host Unreachable
From 10.8.4.2 icmp_seq=5 Destination Host Unreachable
From 10.8.4.2 icmp_seq=6 Destination Host Unreachable
64 bytes from 10.8.4.1: icmp_seq=7 ttl=64 time=2003 ms
64 bytes from 10.8.4.1: icmp_seq=8 ttl=64 time=995 ms
64 bytes from 10.8.4.1: icmp_seq=9 ttl=64 time=0.955 ms
64 bytes from 10.8.4.1: icmp_seq=10 ttl=64 time=1.07 ms
64 bytes from 10.8.4.1: icmp_seq=11 ttl=64 time=1.46 ms
64 bytes from 10.8.4.1: icmp_seq=12 ttl=64 time=1.23 ms
64 bytes from 10.8.4.1: icmp_seq=13 ttl=64 time=1.45 ms
64 bytes from 10.8.4.1: icmp_seq=14 ttl=64 time=1.29 ms
64 bytes from 10.8.4.1: icmp_seq=15 ttl=64 time=1.29 ms
64 bytes from 10.8.4.1: icmp_seq=16 ttl=64 time=1.28 ms
64 bytes from 10.8.4.1: icmp_seq=17 ttl=64 time=1.41 ms
64 bytes from 10.8.4.1: icmp_seq=18 ttl=64 time=2.11 ms
64 bytes from 10.8.4.1: icmp_seq=19 ttl=64 time=1.32 ms
64 bytes from 10.8.4.1: icmp_seq=20 ttl=64 time=1.28 ms
64 bytes from 10.8.4.1: icmp_seq=23 ttl=64 time=1.26 ms
64 bytes from 10.8.4.1: icmp_seq=24 ttl=64 time=1.33 ms
64 bytes from 10.8.4.1: icmp_seq=25 ttl=64 time=1.40 ms
64 bytes from 10.8.4.1: icmp_seq=26 ttl=64 time=1.27 ms
64 bytes from 10.8.4.1: icmp_seq=27 ttl=64 time=1.39 ms
64 bytes from 10.8.4.1: icmp_seq=28 ttl=64 time=1.25 ms
64 bytes from 10.8.4.1: icmp_seq=29 ttl=64 time=1.19 ms
^C
--- 10.8.4.1 ping statistics ---
29 packets transmitted, 21 received, +6 errors, 27% packet loss, time 28076ms
rtt min/avg/max/mdev = 0.955/144.007/2003.141/466.421 ms, pipe 3
nc 10.8.4.1 80 | pv > /dev/null 
16.3MiB 0:00:13 [1.26MiB/s] [                                     <=>
straithe commented 2 years ago

I'm sorry there hasn't been a response to this issue in a very long time. Are any of you still experiencing this issue?

straithe commented 2 years ago

I'm going to close this as there hasn't been a response in a while, but please re-open this issue or open a new one if you still need assistance.