Remote Kernel Debugging using LLDB

Hi,
I have been trying to debug my kernel Extension. In order to enter a kernel into a panic mode, I have put hard debug point using (int $3). When the target system starts, the kernel waits into panic mode for debugger to attach.

Now the problem is:

What should I set target in lldb command? I have mach_kernel from KDK (kernel debug kit) and also have my own kernel extension. if I set mach_kernel a target I am not able put breakpoint in my kernel extension and if I make target as my kernel ext …i can put breakpoint but then after hitting continue it says invalid process … So the question is how to proceed after connecting bebugger in panic mode??? – hrishikesh chaudhari Jul 22 at 12:52

Thanks

Hi, the KDK from Apple includes a README file (.txt or .html, I forget) which describes how to set up kernel debugging. I'd start by looking at those notes. There have also been WWDC sessions that talk about kernel debugging, e.g.

https://developer.apple.com/videos/play/wwdc2013/707/

(there are PDFs of the slides of the presentation - the lldb part comes at the end)

Ya. I have followed the .html README file for OSX 10.9. It has given the target path for lldb should be the mach_kernel in KDK.

Now my question is … As i have put the hard debug point in my kernel extension, which leads the kernel to go into panic mode and there it is waiting for debugger to connect. Now i want to put the breakpoints in my kernel extension. Here what should be the target for lldb command? if target i put as mentioned in README file i could not put breakpoints in my Kext and if i put my Kext as a target i could put the breakpoint but when i do continue , lldb shows invalid process.

Help needed
Hrishikesh

Is your kext loaded in lldb when you're connected to the kernel? If you do 'image list' do you see your kext there? Does it show the dSYM, which has all of the debug information, also loaded for your kext? If your kext with its dSYM is on the local filesystem, you can add a line to your ~/.lldbinit file giving it the file path to your kext,

settings set platform.plugin.darwin-kernel.kext-directories /your/directory/here

and lldb will index the kexts in that directory when it starts the kernel debug session.

Hi,
I m able to do remote kernel debugging but on two physical mac 10.11 El Capitan. why is it giving me problems on two VMs or 1 physical machine n one VM ?? Is it necessary to have both physical machines n not VM ??

Hi,
I m able to do remote kernel debugging but on two physical mac 10.11 El Capitan. why is it giving me problems on two VMs or 1 physical machine n one VM ?? Is it necessary to have both physical machines n not VM ??

Ah, I don't know how to do kernel debugging with macOS running under a VM. I think this sounds more like a question for the apple devforums, I think it's more of a "how do I do kext debugging with a VM", not so much an lldb question.