0

Anybody has good experience regarding macOS kernel debugging via firewire?

I have two machines, Mac mini 2014 for target, MacBook Pro 2017 for host. And I followed the instruction from Kernel Debug Kit Read Me, but on host it always shows

error: KDP_REATTACH failed" when I issued "kdp-remote localhost

On target machine, I followed the following instructions.

  1. Disable SIP
  2. cp /Library/Developer/KDKs/KDK_10.13.6_17G65.kdk/System/Library/Kernels/kernel.development /Systems/Library/Kernels
  3. sudo nvram boot-args="debug=0x147 kdp_match_name=firewire fwkdp=0x8000 kcsuffix=development pmuflags=1 -v keepsyms=1"
  4. sudo kextcache -invalidate /
  5. sudo reboot

After rebooting, I didn't see the info "wait for debugger ...", it directly goes to login screen after showing some system info. Is that normal?

On host machine, I followed the following instructions.

  1. Execute the command fwkdp in the terminal
  2. Launch lldb and execute kdp-remote localhost

But it always showed

error: KDP_REATTACH failed.

Any clue for this error? Anybody has some suggestion to fix this issue? Thanks!

stasiaks
  • 1,268
  • 2
  • 14
  • 31
Kevin Lu
  • 53
  • 2
  • This looks like it should be working. A few things to clarify/check: 1. setting nvram variables normally only works from the recovery environment, not sure if that's different with SIP off. Check that the output of the command `nvram boot-args` is what you expect. 2. Try enabling bit 0x8 in the `debug` setting to turn on `kprintf` logging. Then run `fwkpfv` on your host machine and boot the target. You should be seeing debug output on the host, otherwise you definitely have a FireWire problem. – pmdj Aug 24 '18 at 12:08
  • 3. On the hardware side, I assume you've got: Mac Mini - Thunderbolt Firewire Adapter - Firewire cable - Thunderbolt Firewire Adapter - Thunderbolt 3->2 adapter - Macbook Pro; is that right? I don't have any experience going via the Thunderbolt 3->2 adapter, that could potentially be a problem. Have you checked if any other Firewire devices are working correctly on the MacBook Pro? Are you sure the cable is OK? – pmdj Aug 24 '18 at 12:09
  • I have figured out it. I followed the same instructions. After rebooting the target machine, you have to press the following 5 keys together to trigger a NMI. "command+option+control+shift+escape". Then you can see the info like "waiting for debugging", at this point you can start kernel debug for fun! Thanks, Phil. – Kevin Lu Aug 27 '18 at 17:26
  • So I guess bit 0x1 of the `debug` option doesn't work. I've never used it so I didn't catch that. :-) Note that if you set the `0x8000` bit (`debug=0x8146` or `debug=0x814e`) and your Mac has a physical on/off button, you don't have to use that complicated key combo and just (briefly!) press the power button to generate the NMI. (Long-press still powers off the machine.) – pmdj Aug 27 '18 at 17:32

0 Answers0