hoakley March 31, 2021 Macs, Technology

Troubleshooting macOS: Observation and the log

For my sins, on a good day I get asked only two or three questions about problems Mac users are experiencing. When things get busy – usually when there’s just been a macOS update and I’m frantically trying to both update and discover what’s inside it – that can rise to twenty or more. There are few common factors in those questions, apart from two which recur in almost every one: observation and the log.

Observe carefully

Some questions are as generic and vague as “why does my Mac keep crashing?” These are often the start of a long exchange of messages in which I try to elicit observations which can narrow the list of causes from millions to less than a dozen. They usually reveal that, apart from noticing that something serious has gone wrong, and keeps doing so, the user hasn’t observed what’s actually happening. A “crash” can be anything from an app which suddenly quits when you weren’t expecting it to, to the Mac shutting down and playing dead. There’s a world of difference between those, and careful observation is essential.

Spotting when your Mac has suffered a kernel panic is a basic skill for all. Unlike an app ‘crashing’, which leaves your Mac still running, a kernel panic is now followed by a forced restart or shutdown. When your Mac does start up again, it should present you with a dialog containing details of what happened in a panic log. If you don’t immediately copy and paste its contents into a text file (TextEdit should be fine), it’ll be lost and gone forever, and you’ll be very lucky to discover the cause.

Panic logs aren’t that difficult to interpret, and I and others are always happy to help you understand what happened, and what you can do about it. Sadly, letting the dialog send the report to Apple doesn’t provide any support in itself: Apple does analyse them, but not in any way that’s likely to bring you a response, even if you’ve got AppleCare.

Jumping to conclusions

Sometimes observations are detailed but incomplete, and users jump to the wrong conclusions. My best example of this comes not from computing, but a nasty diving accident that occurred many years ago in Hong Kong Harbour. A local took to diving alone from a small inflatable containing an air compressor – an almost suicidal way of life, but somehow he managed to keep it going until one day, when he was at depth, his compressor stopped working, and his air supply stopped.

His only choice was to crash to the surface, and hope that his bends wouldn’t kill him. That day, he was in luck, sort of, in that a passing junk found him afloat and still breathing, although rather the worse for wear and his crash decompression. One of the crew of that junk had done some first-aid training, and observed the diver’s vital signs: he was going blue, suffering a major fit (from his bends), and his jaw was clamped very firmly shut. Good observations, but the conclusions were wrong. The first-aider decided that the diver’s airway was being obstructed by his teeth, so, using a handy pair of pliers, he extracted them all, one by one.

The other day, I noticed a tweet from someone very skilled at analysing and reversing Mac software. He’s seen Time Machine backing up to APFS (TMA), and noticed long periods during which the Time Machine icon was spinning in Finder’s sidebar, which are accompanied by significant CPU usage. He had drilled down and found the process that appeared responsible for the spinner, and apparently taking that CPU time. He tweaked a property list or two, and the wasteful spinner was gone.

I simply asked whether this was Spotlight building its indexes of backups, something which several of us have observed with TMA. He told me that occurred while backups are being made (it doesn’t in TMA), and that this spinning cursor appeared when no backup was being made. I recognised that this was likely to have coincided with the indexing process, and asked him whether he’d checked what was going on in the log at the time. He hadn’t.

Using the log for diagnosis

For all the incessant prattle that gets written to the Unified Log, it contains crucial information about almost everything that happens in, on and to your Mac. Checking in the log is one of the most important things you must do whenever you’re trying to diagnose a problem on your Mac. If you fail to study the log, your observations will always be incomplete, and your conclusions usually flawed. The exception to this is a kernel panic: most times, the effect of that is so severe that the log entries stop long before the panic, and no useful information can be gleaned from them, hence the importance of the panic log.

In the case of the spinning Time Machine icon that coincided with indexing, the investigator would have seen TMA’s backups being mounted one at a time for indexing to take place. Although that doesn’t prove that indexing was the cause of this behaviour, it at least shows you where to look next to arrive at a sound conclusion.

Few users now dare to look in the log, and I can sympathise with that fear, given the tool provided in macOS to attempt this. Console isn’t an app designed for making quick checks on what has recently happened in the log, but for viewing its live stream. It can be used to browse past log records, but it’s a clumsy tool for doing that: you have to create a logarchive containing your current log, and browse that. The supplied alternative, the log show command, is far less attractive unless you’re a Terminal wizard, and even then you may struggle composing suitable predicates to filter entries.

It’s no secret that I have a whole suite of log browsers and tools, of which I’ll draw particular attention to two:

Mints, which is a collection of various small tools for working with macOS. This includes pre-configured log browsers for iCloud, privacy (TCC), Time Machine, DAS scheduling, and Spotlight search.
Ulbow, which is my new log browser and can get pretty well anything you want from the log.

Both are available from their Product Page, where you’ll find a whole compendium of introductory and advanced articles, and other links. As with all my other tools, these are completely free, and I don’t even nag you for donations or foist ads on you.

Before the Unified Log was introduced in Sierra, it was common for most advanced users to be familiar with both Console and the log. There’s no reason now for that to be a dying art. The log is today more accessible than it has been since late 2016, and the clues it can give when you’re trying to diagnose a problem are unavailable from anywhere else.

18Comments

Add yours

1

Bruce Michel on March 31, 2021 at 12:46 pm

Thank you for the timely information. Got a panic two days ago. Reading this and the linked article is helpful as I had no idea how to diagnose.

I had to log into my administrative user account to be able to see that I had a panic log via System Information>Software>Logs. So apparently some of that good information is more persistent now, but is restricted.

I also ran the basic version of EtreCheck, which gave me a more condensed version of the cause.

Now I will download your log tools to clarify and compare the results.

LikeLiked by 1 person
- 2
  
  hoakley on March 31, 2021 at 6:34 pm
  
  Thank you.
  Howard.
  
  LikeLike
3

Dakotamoons on March 31, 2021 at 1:43 pm

Thank you Howard for your selfless, generous, and incredibly enlightening work, articles, utilities, and all the rest.

I don’t know of any better resource than your library of timely and accurate information. Although I don’t always understand some of the technicalities often involved in your presentations and/or the comments, just reading on a regular basis helps to educate me. Little by little I try to pick up at least one new idea or insight each day.

Please keep up the great work, and thank you again for sharing.

You have no idea what an inspiration you are to all of us.

LikeLiked by 1 person
- 4
  
  hoakley on March 31, 2021 at 6:34 pm
  
  Thank you. It’s my pleasure.
  Howard.
  
  LikeLike
5

Simon on March 31, 2021 at 2:15 pm

Apple has only itself to blame here. The log used to be a simple text file you could just browse through. It got archived and compressed. Exactly the same process anybody familiar with Linux or Unix is used to. Heck, I even had a little app (MkConsole) that displayed the log file over my desktop background in real time. I always knew what was going on *while* it was going on.

Now with this stupid new logging system all that is gone and I need to learn 3rd party tools to do something completely elementary. And of course those 3rd party tools aren’t compatible with things like MKConsole in that they don’t even attempt to offer any kind of live update. And big surprise, people like Howard now notice users are having trouble analyzing logs. Whodathunkit.

Apple used to be about empowering the user which put them in control of their kit. Now the megacorp Apple couldn’t care less about the user being in charge of their own kit. Apple is in charge of the kit and we are supposed to view it like a Fisher Price toy we rented from them. Well screw that. Can’t wait for this new Apple and the hair gel execs that made it into that to die out.

LikeLiked by 1 person
- 6
  
  hoakley on March 31, 2021 at 6:37 pm
  
  Thank you.
  Actually the Unified Log is far superior to the old log in many respects. The problem is that Apple neglected to provide the tools needed to help users access the entries they need to see. Because it’s so rich with messages, that renders it almost useless for anyone other than an engineer or developer.
  Howard.
  
  LikeLike
7

Martin on March 31, 2021 at 5:55 pm

I certainly miss the old Console for its ease of use.

On my 2012 Mac Mini running Mojave, the Console log is filled with the following error(?) message:

com.apple.xpc.launchd[1] (com.apple.mdworker.shared.04000000-0000-0000-0000-000000000000[42935]): Service exited due to SIGKILL | sent by mds[81]

I used Mint to view the Spotlight log, but nothing shows up at the corresponding timestamp.

Is there another way to find out what process is being frequently SIGKILLed and why?

LikeLiked by 1 person
- 8
  
  hoakley on March 31, 2021 at 6:41 pm
  
  Thank you. The answer is already there: this is an mdworker process working on behalf of mds, the Spotlight service, which is apparently being killed repeatedly, perhaps by mds, probably because it’s choking on a file in its indexing. You may well see this reflected in high cpu use for mdworker in Activity Monitor.
  The tough task now is finding out what’s causing that. Is it a malformed file, or perhaps an mdimporter that is broken? Look at the files opened by the mdworker process in Activity Monitor and you may get a better clue. Sometimes the filename is also given in the log.
  I wish you success.
  Howard.
  
  LikeLike
9

JSewell on April 1, 2021 at 9:34 am

Hello,
I’m unable to access the logs using Ulbow or Mints on my Macbook Pro with Big Sur 11.2.3, as the process fails with ‘An error occurred in your last action: log command returned error number 64’.

I have seen you mention this in another article, where you suggest trying in Ulbow -> Check Log -> Check active log. This returns:

Check of log files at /var/db/diagnostics:
There are 10 items in that path.
There are 51 files in the Persist folder.
There are 63 files in the Special folder.
There are 79 files in the Signpost folder.
There are 6 files in the timesync folder.
There are 257 folders in the /var/db/uuidtext folder.

log show –last 2 command returned 17 log entries.
The log show command appears to be working correctly.

I can view the logs from the terminal using ‘log show’. Deleting the logs with ‘log erase -all’ doesn’t solve the problem.
Do you have any other suggestions to try?
Thanks, J

LikeLiked by 1 person
- 10
  
  hoakley on April 1, 2021 at 10:08 am
  
  I’m sorry about that. Could you try using Consolation please? That does less clever things and should work fine. Fingers crossed!
  Howard
  
  LikeLike
  - 11
    
    JSewell on April 1, 2021 at 10:55 am
    
    Yes, Consolation works fine!
    Thanks
    J
    
    LikeLiked by 1 person
    - 12
      
      hoakley on April 1, 2021 at 12:21 pm
      
      Thank you.
      That’s odd. Is your system time by any chance to display using a 12-hour clock? If so, could you try changing it 24-hour.
      Howard.
      
      LikeLike
    - 13
      
      JSewell on April 1, 2021 at 12:33 pm
      
      Yes, that fixed it! I was using a 12 hour format. When I change it to 24 hour format, both Ulbow and Mints work. When I switch back to 12 hour, it’s ‘error 64’.
      Is this a known Big Sur bug?
      
      LikeLiked by 1 person
    - 14
      
      hoakley on April 1, 2021 at 10:44 pm
      
      Thank you.
      It is now: there’s more to come about this Saturday morning. I think it must have been introduced since 11.2, as in 10.15 I did a lot of work dealing with 12-hour clock settings, and it wasn’t apparent then. It’s only in the last few days that I’ve started seeing reports like yours. Thank you for letting me know.
      Howard.
      
      LikeLike
15

Paul Brown on July 27, 2021 at 10:59 am

Hi Howard

I am having intermittent issues with a 12 Core Mac Pro 5,1 (professionally supplied, modded 2010) running Sierra. It’s been rock solid for 3 years, no issues, no crashes until 3 days ago. I am working through various things including your guides as my early steps haven’t cured. I appreciate OS is older – I need this for older software / utilities currently deployed here.

If someone does want to add any insight it would be appreciated. I’m at the point of removing items of hardware / boot at the moment.

Many thanks

Basics:
OS is on an SSD via PCi Samsung 860 EVO 250GB
Internal HDDs and SSD have passed Drive Test (including fault history – none)
No lit LEDS on the internal board
Memtest passed (4 hours) on the DIMMS (no beep, no LEDs)
I’ve removed an old Apple GPU I use for a boot screen (in case its tripping)
GPU is relatively new 4GB AMD RX560 – no faults apparent.
2 x external Wester Digital USB drives (for backs-ups) appear OK
Bluetooth up and working (although loses keyboard on occasion)
Wifi appears to be up (I use this to provide my phone with an internet point at work).

Symptoms
• no boot, sometimes with no chime, power light is on and solid, fans on GPU spin, PCi card for SSD has its blue LED lit. No monitor signal being sent (screens black, reporting no signal)
• sometimes no power to keyboard (wired)
• stalled mouse pointer second or two (but recovers)
• twice I’ve had the external drives (USB) dismount. For now I have removed the third party USB 3 card (PCi) and they are on the Macs USB 2 ports. Hasn’t cured the intermittent crash.
• once running, solid all day – passes Etre Check, Disc Utility.

Latest log:

Anonymous UUID: F1C62860-470D-616E-0BF4-6CDB1E630040

Tue Jul 27 11:05:44 2021

*** Panic Report ***
Machine-check capabilities: 0x0000000000001c09
family: 6 model: 44 stepping: 2 microcode: 31
signature: 0x206c2
Intel(R) Xeon(R) CPU X5675 @ 3.07GHz
9 error-reporting banks
panic(cpu 2 caller 0xffffff80017fedb5): “Machine Check at 0xffffff7f83b5b390, registers:\n” “CR0: 0x000000008001003b, CR2: 0x0000000112fd90f0, CR3: 0x0000000006f43000, CR4: 0x00000000000226e0\n” “RAX: 0x0000000000000001, RBX: 0xffffff802fe07000, RCX: 0x0000000000000001, RDX: 0x0000000000000000\n” “RSP: 0xffffff92c8b2bd50, RBP: 0xffffff92c8b2bd80, RSI: 0x0000000000000006, RDI: 0xffffff802fe08700\n” “R8: 0xffffff802fe0e800, R9: 0x0000051cf466644f, R10: 0x0000000000000000, R11: 0x00000000e0000000\n” “R12: 0xffffff7f83b77b80, R13: 0xffffff802fdd6880, R14: 0x0000000000000148, R15: 0x0000000000000001\n” “RFL: 0x0000000000000046, RIP: 0xffffff7f83b5b390, CS: 0x0000000000000008, SS: 0x0000000000000010\n” “Error code: 0x0000000000000000\n”@/Library/Caches/com.apple.xbs/Sources/xnu/xnu-3789.73.50/osfmk/i386/trap_native.c:168
Backtrace (CPU 2), Frame : Return Address
0xffffff800154c4f0 : 0xffffff80016e837c
0xffffff800154c570 : 0xffffff80017fedb5
0xffffff800154c6d0 : 0xffffff8001699c3f
0xffffff92c8b2bd80 : 0xffffff7f83b53705
0xffffff92c8b2be70 : 0xffffff7f83b52a8e
0xffffff92c8b2bf20 : 0xffffff80018000c0
0xffffff92c8b2bf40 : 0xffffff800170565d
0xffffff92c8b2bf90 : 0xffffff8001705c40
0xffffff92c8b2bfb0 : 0xffffff8001698957
Kernel Extensions in backtrace:
com.apple.driver.AppleIntelCPUPowerManagement(219.0)[40F0BAA3-B61C-35DD-A6A2-E559AFC18DC0]@0xffffff7f83b50000->0xffffff7f83b7afff

BSD process name corresponding to current thread: kernel_task

Mac OS version:
16G2136

Kernel version:
Darwin Kernel Version 16.7.0: Sun Jun 2 20:26:31 PDT 2019; root:xnu-3789.73.50~1/RELEASE_X86_64
Kernel UUID: 9778BC83-2647-3AE4-A7F2-8A2F41FA8791
Kernel slide: 0x0000000001400000
Kernel text base: 0xffffff8001600000
__HIB text base: 0xffffff8001500000
System model name: MacPro5,1 (Mac-F221BEC8)

System uptime in nanoseconds: 5638559264430
last loaded kext at 1657339963262: com.apple.driver.usb.cdc 5.0.0 (addr 0xffffff7f86622000, size 28672)
last unloaded kext at 1723258573370: com.apple.driver.usb.cdc 5.0.0 (addr 0xffffff7f86622000, size 28672)
loaded kexts:
com.movavi.driver.soundgrabber 2.0.1
fi.dungeon.driver.SATSMARTDriver 0.10.2
at.obdev.nke.LittleSnitch 4724
com.apple.driver.AppleHWSensor 1.9.5d0
com.apple.iokit.IOBluetoothSerialManager 5.0.5f7
com.apple.driver.AudioAUUC 1.70
com.apple.driver.AppleUpstreamUserClient 3.6.4
com.apple.driver.AppleMCCSControl 1.3.4
com.apple.kext.AMDFramebuffer 1.5.4
com.apple.filesystems.autofs 3.0
com.apple.driver.AppleMikeyHIDDriver 131
com.apple.driver.AGPM 110.23.17
com.apple.driver.AppleTyMCEDriver 1.0.2d2
com.apple.driver.AppleHDA 279.48
com.apple.driver.pmtelemetry 1
com.apple.driver.AppleMikeyDriver 279.48
com.apple.iokit.IOUserEthernet 1.0.1
com.apple.kext.AMDRadeonX4200 1.5.4
com.apple.Dont_Steal_Mac_OS_X 7.0.0
com.apple.driver.AppleLPC 3.1
com.apple.driver.AppleHV 1
com.apple.driver.AppleOSXWatchdog 1
com.apple.kext.AMD9500Controller 1.5.4
com.apple.driver.AppleIntelSlowAdaptiveClocking 4.0.0
com.apple.driver.ACPI_SMC_PlatformPlugin 1.0.0
com.apple.iokit.IOAHCIBlockStorage 295.20.1
com.apple.driver.AppleUSBStorageCoexistentDriver 404.50.6
com.apple.iokit.SCSITaskUserClient 394.50.1
com.apple.AppleFSCompression.AppleFSCompressionTypeDataless 1.0.0d1
com.apple.AppleFSCompression.AppleFSCompressionTypeZlib 1.0.0
com.apple.BootCache 40
com.apple.filesystems.hfs.kext 366.70.3
com.apple.driver.AppleFWOHCI 5.5.5
com.apple.driver.AirPort.Brcm4331 800.21.30
com.apple.driver.Intel82574LEthernet 2.7.2
com.apple.driver.AppleAHCIPort 326.60.1
com.apple.driver.AppleRTC 2.0
com.apple.driver.AppleHPET 1.8
com.apple.driver.AppleACPIButtons 5.0
com.apple.driver.AppleSMBIOS 2.1
com.apple.driver.AppleACPIEC 5.0
com.apple.driver.AppleAPIC 1.7
com.apple.driver.AppleIntelCPUPowerManagementClient 219.0.0
com.apple.nke.applicationfirewall 174
com.apple.security.quarantine 3
com.apple.security.TMSafetyNet 8
com.apple.driver.AppleIntelCPUPowerManagement 219.0.0
com.apple.driver.IOBluetoothHIDDriver 5.0.5f7
com.apple.iokit.IOSerialFamily 11
com.apple.kext.triggers 1.0
com.apple.driver.DspFuncLib 279.48
com.apple.kext.OSvKernDSPLib 525
com.apple.iokit.IOAcceleratorFamily2 311.16.4
com.apple.iokit.IOSurface 159.12
com.apple.iokit.IONDRVSupport 516.1
com.apple.driver.AppleSSE 1.0
com.apple.driver.AppleSMBusController 1.0.18d1
com.apple.iokit.IOFireWireIP 2.2.7
com.apple.driver.AppleHDAController 279.48
com.apple.iokit.IOHDAFamily 279.48
com.apple.iokit.IOAudioFamily 205.15
com.apple.vecLib.kext 1.2.0
com.apple.driver.AppleSMBusPCI 1.0.14d1
com.apple.kext.AMDSupport 1.5.4
com.apple.AppleGraphicsDeviceControl 3.14.52b52
com.apple.iokit.IOGraphicsFamily 515.4
com.apple.iokit.IOSlowAdaptiveClockingFamily 1.0.0
com.apple.driver.AppleSMC 3.1.9
com.apple.driver.IOPlatformPluginLegacy 1.0.0
com.apple.driver.IOPlatformPluginFamily 6.0.0d8
com.apple.iokit.BroadcomBluetoothHostControllerUSBTransport 5.0.5f7
com.apple.iokit.IOBluetoothHostControllerUSBTransport 5.0.5f7
com.apple.iokit.IOBluetoothHostControllerTransport 5.0.5f7
com.apple.iokit.IOBluetoothFamily 5.0.5f7
com.apple.driver.usb.IOUSBHostHIDDevice 1.1
com.apple.driver.AppleUSBHIDMouse 188
com.apple.iokit.IOUSBHIDDriver 900.4.1
com.apple.driver.AppleHIDMouse 188
com.apple.driver.usb.AppleUSBHub 1.1
com.apple.iokit.IOSCSIBlockCommandsDevice 394.50.1
com.apple.iokit.IOUSBMassStorageClass 4.0.4
com.apple.iokit.IOUSBMassStorageDriver 131.60.1
com.apple.driver.usb.networking 5.0.0
com.apple.driver.usb.AppleUSBHostCompositeDevice 1.1
com.apple.iokit.IOSCSIMultimediaCommandsDevice 394.50.1
com.apple.iokit.IOBDStorageFamily 1.8
com.apple.iokit.IODVDStorageFamily 1.8
com.apple.iokit.IOCDStorageFamily 1.8
com.apple.iokit.IOAHCISerialATAPI 266.50.1
com.apple.iokit.IOSCSIArchitectureModelFamily 394.50.1
com.apple.iokit.IOFireWireFamily 4.6.6
com.apple.filesystems.hfs.encodings.kext 1
com.apple.iokit.IO80211Family 1200.12.2
com.apple.driver.corecapture 1.0.4
com.apple.iokit.IONetworkingFamily 3.2
com.apple.iokit.IOAHCIFamily 288
com.apple.driver.usb.AppleUSBEHCIPCI 1.1
com.apple.driver.usb.AppleUSBUHCIPCI 1.1
com.apple.driver.usb.AppleUSBUHCI 1.1
com.apple.driver.usb.AppleUSBEHCI 1.1
com.apple.driver.usb.AppleUSBHostPacketFilter 1.0
com.apple.iokit.IOUSBFamily 900.4.1
com.apple.driver.AppleUSBHostMergeProperties 1.1
com.apple.driver.AppleEFINVRAM 2.1
com.apple.driver.AppleEFIRuntime 2.1
com.apple.iokit.IOHIDFamily 2.0.0
com.apple.iokit.IOSMBusFamily 1.1
com.apple.security.sandbox 300.0
com.apple.kext.AppleMatch 1.0.0d1
com.apple.driver.AppleKeyStore 2
com.apple.driver.AppleMobileFileIntegrity 1.0.5
com.apple.driver.AppleCredentialManager 1.0
com.apple.driver.KernelRelayHost 1
com.apple.iokit.IOUSBHostFamily 1.1
com.apple.driver.AppleBusPowerController 1.0
com.apple.driver.DiskImages 444.50.19
com.apple.iokit.IOStorageFamily 2.1
com.apple.iokit.IOReportFamily 31
com.apple.driver.AppleFDEKeyStore 28.30
com.apple.driver.AppleACPIPlatform 5.0
com.apple.iokit.IOPCIFamily 2.9
com.apple.iokit.IOACPIFamily 1.4
com.apple.kec.Libm 1
com.apple.kec.pthread 1
com.apple.kec.corecrypto 1.0
Model: MacPro5,1, BootROM 140.0.0.0.0, 12 processors, 6-Core Intel Xeon, 3.06 GHz, 32 GB, SMC 1.39f5
Graphics: AMD R9 xxx, AMD R9 xxx, PCIe, 4096 MB
Memory Module: DIMM 1, 8 GB, DDR3 ECC, 1333 MHz, 0x80AD, 0x484D54333147523742465234432D48392020
Memory Module: DIMM 2, 8 GB, DDR3 ECC, 1333 MHz, 0x80AD, 0x484D54333147523742465234432D48392020
Memory Module: DIMM 5, 8 GB, DDR3 ECC, 1333 MHz, 0x80AD, 0x484D54333147523742465234432D48392020
Memory Module: DIMM 6, 8 GB, DDR3 ECC, 1333 MHz, 0x80AD, 0x484D54333147523742465234432D48392020
AirPort: Third-Party Wireless Card
Bluetooth: Version 5.0.5f7, 3 services, 27 devices, 1 incoming serial ports
Network Service: Ethernet Port 1, Ethernet, en0
Network Service: Wi-Fi, AirPort, en2
Serial ATA Device: HL-DT-ST DVD-RW GH41N
Serial ATA Device: TOSHIBA HDWE140, 4 TB
Serial ATA Device: TOSHIBA HDWE140, 4 TB
Serial ATA Device: WDC WD10EZEX-00RKKA0, 1 TB
Serial ATA Device: Samsung SSD 860 EVO 250GB, 250.06 GB
USB Device: USB Bus
USB Device: USB Bus
USB Device: Apple Optical USB Mouse
USB Device: USB Bus
USB Device: BRCM2046 Hub
USB Device: Bluetooth USB Host Controller
USB Device: USB Bus
USB Device: USB Bus
USB Device: USB Bus
USB Device: Hub in Apple Pro Keyboard
USB Device: Apple Pro Keyboard
USB Device: USB 2.0 Bus
USB Device: USB 2.0 Bus
USB Device: My Passport 0820
USB Device: My Passport 25E3
USB Device: USB 3.0 Bus
FireWire Device: built-in_hub, Up to 800 Mb/sec
Thunderbolt Bus:

LikeLiked by 1 person
- 16
  
  hoakley on July 27, 2021 at 11:12 am
  
  I’m sorry to hear that. My first suspicion is that this is hardware, probably a dying logic board. I presume that you’ve run Diagnostics, in which case I think Apple’s in-house diagnostics might pick the problem up. Typically, this is a solder or related issue. I’ve had Macs which, so long as they were left on, ran fine, but were really hard to get to start up successfully. I just leave them once they’re running, so the electronics don’t cool down and the problem then reappear.
  Ultimately, I think it may need a new logic board, but the critical issue is going to be diagnosing the problem that’s causing these kernel panics.
  Howard.
  
  LikeLike
  - 17
    
    Paul Brown on July 27, 2021 at 12:04 pm
    
    Many thanks Howard for the quick reply and feedback. It’s passing diagnostics on a full boot (according to the log). I’m struggling to get it into diagnostics mode at startup (short cut keys including the web based alternative).
    
    I do shut it down (and remove the mouse, keyboard and external drives on a night) mostly for backup / security although I can leave it running and logged out. I will do that in the interim.
    
    Interestingly, it was very hot here last week, as I said, 3 days of high office temperatures (old building no air con) to a degree where the Mac’s internal temps went up 9 degrees. I adjusted the fans to compensate but that wasn’t entirely successful with the office air itself already hot. This may have contributed to a solder / board issue as you suggest.
    
    Many thanks again.
    
    LikeLiked by 1 person
18

Paul Brown on July 27, 2021 at 11:01 am

Should have said – its had professional CPU change with. new Northbridge clips and I have the temps well under control with a utility. Northbridge is typically 70 to 74 degrees. I dont think heat is the issue although we have had ambient office temperatures up to 38 degrees last week (Guernsey).

LikeLiked by 1 person