Fri May 18 15:16:34 EDT 2012

USB debugging with wireshark

First thing I see are messages to
1d6b:0001 Linux Foundation 1.1 root hub

What is this?  What's that "Linux Foundation" business?  Looking into
drivers/usb/core/hcd.c it seems that the root hubs are emulated.  I
don't find any direct explanation but it seems that this is to share
code between the host controller and hubs, by exposing a HC as a hub.

Note: For a USB device, all traffic on the wire is directed to one
device.  For a usb BUS (which wireshark sees) there are multiple
devices.  The URB distinguishes between them.

I have my device connected as the only device on the test machine, but
there is still the hub traffic to ignore on the usb bus.  How to set a
wireshark usb[1] filter?

  usb.urb_id == 0xc40c7800

Looks like the first couple of transfers are handled by the PIC
hardware, I don't recognize them, and it seems neither does WireShark
as it's not parsed ("Application Data")

The first properly parsed message is a GET DESCRIPTOR device.

The ones before that are bmRequestType
23  h->d, class, other
a3  d->h, class, other

First non-parsed bytes in those packets: 0,1,0,0,3,0,1
This should be the bmRequest field

From the names in [2] these seem to be "physical requests".  It
doesn't seem that they actually make it to the firmware.  First
bmRequestType:bmRequst I see on the device is 80:06, whis is DEVICE

So it seems:
- physical requests can be ignored
- next: reply to GET DESCRIPTOR
- next: fix logging issues (either RAM buffer or TTL serial port)

[1] http://www.wireshark.org/docs/dfref/u/usb.html
[2] http://www.compsys1.com/support/usb/pic_code/HIDCLASS.ASM