Debugging a Pi Zero 2W BadUSB with Claude Code: Fixing an 'Impossible' Bug
About 10 months ago, a developer built a Pi Zero 2W BadUSB toolkit but one feature — "fully resets between attacks" — never worked. Marked as WIP, it was abandoned. This week, they rebuilt the project end-to-end with Claude Code as a pair-programmer. The result: the "impossible" feature now works, and the session uncovered several subtle bugs.
What Claude Code Did
- Diagnosed root cause in one read: The listener watched
/dev/hidg0existence — true from boot — so it fired payloads on power-up regardless of host attachment. The correct signal is/sys/class/udc/<udc>/state == "configured". - Empirically confirmed hardware limitation: When the first fix didn't fully work, Claude SSHed in, asked the dev to plug/unplug while it polled sysfs and the dwc2 debugfs
regdumpregister. It found theGOTGCTLregister freezes at0x000d0000regardless of cable state — the Pi Zero 2W has no VBUS sense wired to the SoC's OTG block. It pivoted to an active-unbind workaround with cooldown + rate-limit safeguard. - Caught a silent Python bug:
open(udc_path, "w").write("")doesn't invokewrite(2)with zero bytes — CPython'sTextIOWrapperelides the call. The unbind was a no-op for an hour of testing. Fixed toos.write(fd, b"\n")to force a syscall. - Fixed forbidden-on-configfs teardown:
rm -rfwas failing because configfs forbids unlinking kernel-managed attribute files. Proper sequence isrmdir-only, leaf-to-root. - Wrote a 34-test pytest suite against a mock HID engine, enabling parser testing on any host without a Pi.
- Updated AI memory: The developer uses Postgres as long-term memory for Claude — those bug entries are now referenced in similar configfs/USB-gadget projects.
The entire working session took about 4 hours, mostly waiting for physical plug/unplug. The PR had six well-scoped commits with proper co-author tags and a test plan. The project (Pi-Zero-2W-Bad-USB) is MIT licensed, with Ducky-Script-style payload language, variables, IF/WHILE, HOLD/RELEASE, INJECT MOD, RANDOM *, US/UK keymaps, optional RO mass-storage gadget, systemd integration, and idempotent installer.
For developers doing hardware-in-the-loop workflows with Claude Code, this is a compelling case study in AI-assisted debugging at the sysfs and register level.
📖 Read the full source: r/ClaudeAI
👀 See Also
Porting Linux to FPGA Soft Cores Using Claude Code
A developer ported and booted a nommu Linux kernel (v6.6.83) on the NEORV32 soft core using an FPGA setup with specific hardware configurations and open-source patches.
Practical Lessons from Deploying RAG Bots in Regulated Industries
A developer shares hard-won lessons from deploying RAG-powered AI assistants for Australian workplace compliance across construction, aged care, and mining operations. Key insights include query expansion techniques, document title matching, prompt layering, and infrastructure decisions.
Solo Founder Builds News Analysis Platform with Claude Code: Lessons on Scaling and Debugging
A solo founder without a CS degree built The Daily Martian, a news analysis platform analyzing 40+ outlets using Python/FastAPI, PostgreSQL, Redis, and React/TypeScript, primarily through Claude Code. The developer shares specific challenges including context loss, database connection issues, and debugging strategies.
Using Claude Code for Go-to-Market Operations: Context Engineering Patterns
A developer shares practical patterns for using Claude Code beyond coding, specifically for running go-to-market operations including scraping, enrichment, databases, email infrastructure, and multi-platform content. Key techniques include CLAUDE.md files, session scoping, CLI tools over MCP servers, and subagents for heavy lifting.