MCE to UART will replace the machine check handler in the xbox 360s hypervisor, and write the last stored link address to UART. I noticed that the machine check does a branch and link, so we take that link address and write it to UART. This is useful when debugging a machine check in the hypervisor, and will take you to or close to the offending code.

In the header of the ASM file, there are 2 set variables you need to adjust per hypervisor. Find where the machine check handler is, (usually around address 0x200) and also find a big empty spot for the code to be stored. When a machine check occurs, it'll write the link address to UART and then halt. Also, this will prevent the post code from becoming 0xFF.

Here is an example of the UART output

PPC bin diff is useful for comparing a hardpatched SE image (like a shadowboot) and comparing to a clean SE, and will dump the changes to file. Very nice output, try it :)

Example usage:

python .\ppc_bin_diff2.py '.\Output\clean 17489\hypervisor.bin' .\Output\rgl-proto\hypervisor.bin --endian big

Will also emit patches in MAKEPATCH format, but beware, you need to fix up anything with a relative address emitted as an absolute address, as conditional branches etc need to be relative. It's good enough for getting started I suppose. It is not always aware if code was a .long instruction for data, for example, like setting a version.

python .\ppc_bin_diff2.py '.\Output\clean 17489\hypervisor.bin' .\Output\rgl-proto\hypervisor.bin --endian big --makepatch