HARI MAHADEVAN (何瑞理)

Here are the steps to prepare an OS X system for debugging kernel modules such as drivers. The instructions are deliberately brief to save the reader from tons of text. If you search the web, you will come across may resources that point to using GDB to debug the kernel. These resources were written in the early days of OS X when versions 10.4 or 10.5 were prevalent. Since around v10.9 (or thereabouts), Mac moved to lldb as their debugger of choice and have continually improved it to enable easier setup & more efficient workflow. This short post has the instructions to setting up lldb for debugging OS X kernel versions 10.11 and above. My setup is using a Parallels VM as the target on the development system. But it should work on a separate hardware that is connected via network to the host. Debuggee is the target system where drivers are deployed and tested. This also referred to as the target system. Debugger is the host system, typically running your development tools wi...

How to view kernel logs is OS X You can use the command line tool log  for this. This command accepts a predicate argument that can be used to , well build predicates, that when evaluates to true, the log message will be printed. It takes a command argument that decides how the logs are to be displayed. For instance log stream produces a streaming output of the log. That is new log messages are displayed as they come (asynchronously). log show displays messages from the log history. log --process 0 displays messages from process with ID 0, which is kernel. This can be used to display all kext log messages. log show --predicate 'processID == 0' displays messages printed by processID 0, which is the kernel process. This is the same as the previous command. To display messages from a driver, you may use the sender predicate filter argument. So if your driver is named mytestdriver , you may display messages from it using the command: log stream --predicate ...