Skip to main content

Posts

Showing posts from 2019

Setting up a Windows VM for Kernel Debugging

If you search the web using the title of this post, you'll get many links to articles most of which explain how to set this up using a virtual COM port on the VM. Coming from driver background that goes back over 20 years, at first this seemed quite natural. But then I remembered that using WinDBG over COM port to be painfully slow. And recent adventures in OSX land using LLDB led me to wonder if WinDBG over network would to be possible?

Well it turns out that WinDBG over Ethernet is indeed possible and is documented by Microsoft here. However, they miss out on certain key steps, which won't be obvious for the casual reader unless one reads the entire driver debugging documentation from the beginning.

This post captures all the requisite steps as a quick reference guide. I used one of the freely available MSEdge on Windows 10 VM for  VirtualBox. It's only valid for 90 days, but 90 days was more than enough for my little excursion into the driver land. If you want a more p…

Javascript Promises

While explaining Promises to a friend I remembered reading a blog post couple of years back that explained the concept very well and made it all clear to me. However, I never bookmarked and searching for it, I can't find the specific post. Then I thought why not recreate some of the samples that the blog author had used to explain the concepts.

Here's what I came up with:

// Function to convert setTimeout into a Promise based // abstraction function delaySeconds(seconds) { return new Promise((resolve, reject) => { setTimeout(resolve, seconds*1000); }); } /* * A simple function that converts clunky setTimeout * callback based interface to a promise based * abstraction. */ function delayAndReturn(seconds, retval) { return new Promise((resolve, reject) => { setTimeout(() => { resolve(retval); }, seconds*1000); }); } // example of how to use the above abstraction console.log("Calling delaySeconds with 10 seconds delay"…

Setting up OS X for kernel debugging

Here are the steps to prepare an OS X system for debugging kernel modules such as drivers. The instructions are deliberately brief to save the reader from tons of text.
If you search the web, you will come across may resources that point to using GDB to debug the kernel. These resources were written in the early days of OS X when versions 10.4 or 10.5 were prevalent. Since around v10.9 (or thereabouts), Mac moved to lldb as their debugger of choice and have continually improved it to enable easier setup & more efficient workflow.

This short post has the instructions to setting up lldb for debugging OS X kernel versions 10.11 and above.

My setup is using a Parallels VM as the target on the development system. But it should work on a separate hardware that is connected via network to the host.

Debuggee is the target system where drivers are deployed and tested. This also referred to as the target system. Debugger is the host system, typically running your development tools with the …

How to view kernel logs in OS X

How to view kernel logs is OS X You can use the command line tool log for this.

This command accepts a predicate argument that can be used to , well build predicates, that when evaluates to true, the log message will be printed. It takes a command argument that decides how the logs are to be displayed. For instance

log stream

produces a streaming output of the log. That is new log messages are displayed as they come (asynchronously).

log show

displays messages from the log history.

log --process 0

displays messages from process with ID 0, which is kernel. This can be used to display all kext log messages.

log show --predicate 'processID == 0'

displays messages printed by processID 0, which is the kernel process. This is the same as the previous command.

To display messages from a driver, you may use the sender predicate filter argument. So if your driver is named mytestdriver, you may display messages from it using the command:

log stream --predicate 'sender == "mytestdri…