Resolving a kernel backtrace

Here are the steps to get a useful callstack when your kext causes a kernel panic:

• Open Console, click on System Reports, find the panic report with the correct timestamp

• Find the start/end addresses of PrjFSKext (the final two values here):

	      Kernel Extensions in backtrace:
	         io.gvfs.PrjFSKext(0.1)[4A277DBB-F95C-3267-9A5A-4570EC932348]@0xffffff7f9f941000->0xffffff7f9f945fff

• In the backtrace, find the return addresses that fall within the range of PrjFSKext's addresses:

		Backtrace (CPU 1), Frame : Return Address
		0xffffff921b6ba960 : 0xffffff801a06b6f6 
		0xffffff921b6ba9b0 : 0xffffff801a196f54 
		0xffffff921b6ba9f0 : 0xffffff801a188c39 
		0xffffff921b6baa70 : 0xffffff801a01d190 
		0xffffff921b6baa90 : 0xffffff801a06b1cc 
		0xffffff921b6babc0 : 0xffffff801a06af4c 
		0xffffff921b6bac20 : 0xffffff801a188e21 
		0xffffff921b6bada0 : 0xffffff801a01d190 
		0xffffff921b6badc0 : 0xffffff801a1472e0 
		0xffffff921b6baeb0 : 0xffffff7f9f9423fc  <-- these two
		0xffffff921b6baed0 : 0xffffff7f9f941c67  <-- addresses are ours
		0xffffff921b6bb380 : 0xffffff801a4f95d4 
		0xffffff921b6bb3e0 : 0xffffff801a27eb3c 
		0xffffff921b6bb6d0 : 0xffffff801a281782 
		0xffffff921b6bbcd0 : 0xffffff801a283e7f 
		0xffffff921b6bbee0 : 0xffffff801a283d50 
		0xffffff921b6bbf40 : 0xffffff801a60da48 
		0xffffff921b6bbfa0 : 0xffffff801a01d976 

• In a bash terminal, run the following command:

	atos -o <path to PrjFSKext> -l <start address> <list of addresses to resolve>

For the specific example above and my PrjFSKextpath:

	atos -o ~/Repos/VFSForGit/BuildOutput/ProjFS.Mac/Native/Build/Products/Debug/debug.PrjFSKext.kext/Contents/MacOS/PrjFSKext -l 0xffffff7f9f941000 0xffffff7f9f9423fc 0xffffff7f9f941c67