Xcc700: Self-Hosted C Compiler For The ESP32/Xtensa

December 30, 2025 by 12 Comments

With two cores at 240 MHz and about 8.5 MB of non-banked RAM if you’re using the right ESP32-S3 version, this MCU seems at least in terms of specifications to be quite the mini PC. Obviously this means that it should be capable of self-hosting its compiler, which is exactly what [Valentyn Danylchuk] did with the xcc700 C compiler project.

Targeting the Xtensa Lx7 ISA of the ESP32-S3, this is a minimal C compiler that outputs relocatable ELF binaries. These binaries can subsequently be run with for example the ESP-IDF-based elf_loader component. Obviously, this is best done on an ESP32 platform that has PSRAM, unless your binary fits within the few hundred kB that’s left after all the housekeeping and communication stacks are loaded.

The xcc700 compiler is currently very minimalistic, omitting more complex loop types as well as long and floating point types, for starters. There’s no optimization of the final code either, but considering that it’s 700 lines of code just for a PoC, there seems to be still plenty of room for improvement.

39C3: Liberating ESP32 Bluetooth

December 30, 2025 by 5 Comments

Bluetooth is everywhere, but it’s hard to inspect. Most of the magic is done inside a Bluetooth controller chip, accessed only through a controller-specific Host-Controller Interface (HCI) protocol, and almost everything your code does with Bluetooth passes through a binary library that speaks the right HCI dialect. Reverse engineering these libraries can get us a lot more control of and information about what’s going on over the radio link.

That’s [Anton]’s motivation and goal in this reversing and documentation project, which he describes for us in this great talk at this year’s Chaos Communication Congress. In the end, [Anton] gets enough transparency about the internal workings of the Bluetooth binaries to transmit and receive data. He stops short of writing his own BT stack, but suggests that it would be possible, but maybe more work than one person should undertake.

So what does this get us? Low-level control of the BT controller in a popular platform like the ESP32 that can do both classic and low-energy Bluetooth should help a lot with security research into Bluetooth in general. He figured out how to send arbitrary packets, for instance, which should allow someone to write a BT fuzzing tool. Unfortunately, there is a sequence ID that prevents his work from turning the controller into a fully promiscuous BT monitor, but still there’s a lot of new ground exposed here.

If any of this sounds interesting to you, you’ll find his write-up, register descriptions, and more in the GitHub repository. This isn’t a plug-and-play Bluetooth tool yet, but this is the kind of groundwork on a popular chip that we expect will enable future hacking, and we salute [Anton] for shining some light into one of the most ubiquitous and yet intransparent corners of everyday tech.

Playing A Game Of Linux On Your Sony Playstation 2

December 29, 2025 by 15 Comments

Until the 2000s, game consoles existed primarily to bring a bit of the gaming arcade experience to homes, providing graphical feats that the average home computer would struggle to emulate. By the 2000s this changed, along with the idea of running desktop applications on gaming console for some reason. Hence we got Linux for the PlayStation 2, targeting its MIPS R5900 CPU and custom GPU. Unlike these days where game consoles are reskinned gaming PCs, this required some real effort, as well as a veritable stack of accessories, as demonstrated by [Action Retro] in a recent video.

Linux on the PlayStation 2 was a bit of a rare beast, as it required not only the optional HDD and a compatible ‘fat’ PS2, but also an Ethernet adapter, VGA adapter and a dedicated 8 MB memory card along with a keyboard and mouse. PS2 Linux users were also not free to do what they wanted, with e.g. ripping PS2 game discs disallowed, but you could make your own games. All of which had to fit within the PS2’s meagre 32 MB of RAM.

Continue reading “Playing A Game Of Linux On Your Sony Playstation 2”

A red and blue visualization of the waves from a small ultrasonic speaker

Seeing Sound For Under $200

December 27, 2025 by 2 Comments

There are five general senses: touch for feels, taste for food, smell for avoiding trash, hearing for sounds, and, of course, eyesight for visualizing the very waves making up that sound. [PlasmatronX] drives that last point home with his camera for sound waves, that’s even able to capture constructive and destructive interference. (Video, embedded below.)

You may have heard of Schlieren imaging, which is usually used to capture the movement of air currents caused by heat sources. [PlasmatronX] sets up a concave mirror to amplify the refraction of different densities of air, only unlike traditional Schlieren setups, he’s after the different densities of air caused by the pressure waves that we interpret as sound.

Continue reading “Seeing Sound For Under $200”

Active Ideal Full Bridge Rectifier Using TEA2208T

December 27, 2025 by 31 Comments

Everyone loves a full-wave bridge rectifier, but there’s no denying that they aren’t 100% efficient due to the diode voltage drop. Which isn’t to say that with some effort we cannot create an ideal bridge rectifier using active components, as demonstrated by [Mousa] with an active bridge circuit. This uses the NXP TEA2208T active bridge rectifier controller, along with the requisite four MOSFETs.

Comparing a diode bridge rectifier with an active bridge rectifier. (Credit: Mousa, YouTube)
Comparing a diode bridge rectifier with an active bridge rectifier. (Credit: Mousa, YouTube)

Taking the circuit from the datasheet, a PCB was created featuring four FDD8N50NZ MOSFETs in addition to the controller IC. These were then compared to a diode-based bridge rectifier, showing the imperfections with the latter when analyzing the output using an oscilloscope.

As expected, the active rectifier’s output was also one volt higher than the diode bridge rectifier, which is another small boost to overall efficiency. According to NXP’s product page, there’s about a 1.4% efficiency gain at 90 VAC, with the chip being promoted for high-efficiency operations. When you consider that many designs like computer PSUs feature one or more diode bridge rectifiers often strapped to heatsinks, the appeal becomes apparent. As for [Mousa], he put this particular board in his laboratory PSU instead of the diode bridge rectifier, because why not.

Perhaps the biggest impediment to using an active rectifier is the cost, with the TEA2208T coming in at $4 on DigiKey for a quantity of 100, in addition to the MOSFETs, PCB, etc. If power efficiency isn’t the goal, then some wasted power and an aluminium heatsink is definitely cheaper.

Continue reading “Active Ideal Full Bridge Rectifier Using TEA2208T”

Hackaday Podcast: 2025 Holiday Placeholder Edition

December 26, 2025 by 3 Comments

This week the Hackaday Podcast is on vacation, but we’d like to wish you all happy holidays and a great 2026.  Thanks for tuning in!  We’ll be back next week.

This wasn’t a real show, but that doesn’t prevent you from downloading it as an MP3 anyway.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast: 2025 Holiday Placeholder Edition”

Be Wary Of Flash-less ESP32-C3 Super Mini Boards

December 23, 2025 by 30 Comments

Everyone loves tiny microcontroller boards, and the ESP32-C3 Super Mini boards are no exception. Unfortunately if you just casually stroll over to your nearest online purveyor of such goods to purchase a bunch of them, you’re likely to be disappointed. The reason for this is, as explained in a video by [Hacker University] that these boards are equipped with any of the variants of the ESP32-C3. The worst offender here is probably the version with the ESP32-C3 without further markings, as this one has no built-in Flash for program storage.

Beyond that basic MCU version we can see the other versions clearly listed in the Espressif ESP32-C3 datasheet. Of these, the FN4 is already listed as EOL, the FH4AZ as NRND, leaving only the FH4 and FH4X with the latter as ‘recommended’ as the newest chip revision. Here the F stands for  built-in Flash with the next character for its temperature rating, e.g. H for ‘High’. Next is the amount of Flash in MB, so always 4 MB for all but the Flash-less variant.

Identifying this information from some online listing is anything but easy unless the seller is especially forthcoming. The chip markings show this information on the third row, as can be seen in the top image, but relying solely on a listing’s photos is rather sketchy. If you do end up with a Flash-less variant, you can still wire up an external Flash chip yourself, but obviously this is probably not the intended use case.

As always, caveat emptor.

Continue reading “Be Wary Of Flash-less ESP32-C3 Super Mini Boards”