好吧,我完全被难住和沮丧了。我正在研究 I/O Kit RAM Disk 实现,发现当我的朋友用它加载它kextload然后尝试用kextunload. 原因是OSObjectkext 分配的所有 s 都没有被释放。但是,在我的计算机(运行 Mac OS 10.8.5)和虚拟机(运行 Mac OS 10.7)上,一切都按预期工作。
最终,我将问题缩小到如此之多,以至于我使用空白 I/O Kit 驱动程序创建了一个新的 Xcode 项目,并在我朋友的机器上对其进行了测试。瞧,我无法卸载模块,kextunload因为它声称我的IOService子类正在泄漏。我想在我朋友的机器上测试另一个驱动程序,我没有覆盖任何方法(在我测试的版本中,我在传递调用之前IOService覆盖了一些 to do s )。我会用我收集到的关于他的机器配置的任何额外信息来更新它。IOLogsuper
这是我的标题(BrokenDriver.h):
#include <IOKit/IOService.h>
#include <IOKit/IOLib.h>
class BrokenDriver : IOService {
OSDeclareDefaultStructors(BrokenDriver)
public:
virtual bool init(OSDictionary * dictionary = NULL);
virtual void free();
virtual bool start(IOService * provider);
virtual void stop(IOService * provider);
};
这是我的实现(BrokenDriver.cpp):
#define super IOService
OSDefineMetaClassAndStructors(BrokenDriver, IOService);
bool BrokenDriver::start(IOService * provider) {
bool success;
IOLog("%s[%p]::%s(%p)\n", getName(), this, __FUNCTION__, provider);
success = super::start(provider);
if (success) {
// Don't worry, the problem persists even if I don't call registerService()
registerService();
}
return success;
}
void BrokenDriver::stop(IOService * provider) {
IOLog("%s[%p]::%s(%p)\n", getName(), this, __FUNCTION__, provider);
super::stop(provider);
}
bool BrokenDriver::init(OSDictionary * dictionary) {
if (!super::init(dictionary)) {
return false;
}
IOLog("%s[%p]::%s(%p)\n", getName(), this, __FUNCTION__, dictionary);
return true;
}
void BrokenDriver::free(void) {
IOLog("%s[%p]::%s()\n", getName(), this, __FUNCTION__);
super::free();
}
此外,因为我知道这可能是问题的根源,所以这里是我的 BrokenDriver-Info.plist 的 XML:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleExecutable</key>
<string>${EXECUTABLE_NAME}</string>
<key>CFBundleIconFile</key>
<string></string>
<key>CFBundleIdentifier</key>
<string>com.aqnichol.${PRODUCT_NAME:rfc1034identifier}</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>${PRODUCT_NAME}</string>
<key>CFBundlePackageType</key>
<string>KEXT</string>
<key>CFBundleShortVersionString</key>
<string>1.0</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>NSHumanReadableCopyright</key>
<string>Copyright © 2013 Alex Nichol. All rights reserved.</string>
<key>IOKitPersonalities</key>
<dict>
<key>BrokenDriver</key>
<dict>
<key>CFBundleIdentifier</key>
<string>com.aqnichol.BrokenDriver</string>
<key>IOClass</key>
<string>BrokenDriver</string>
<key>IOKitDebug</key>
<integer>65535</integer>
<key>IOMatchCategory</key>
<string>BrokenDriver</string>
<key>IOProbeScore</key>
<integer>1000</integer>
<key>IOProviderClass</key>
<string>IOResources</string>
<key>IOResourceMatch</key>
<string>IOKit</string>
</dict>
</dict>
<key>OSBundleLibraries</key>
<dict>
<key>com.apple.kpi.iokit</key>
<string>9.0.0</string>
<key>com.apple.kpi.libkern</key>
<string>9.0.0</string>
<key>com.apple.kpi.mach</key>
<string>9.0.0</string>
</dict>
</dict>
</plist>
那么,判决结果是什么?我朋友的内核是炸的,还是我的大脑?他的机器上的其他驱动程序是否有可能试图持久化我的 kext?
更新:我再次尝试使用 EMPTY 实现。没错,我完全覆盖了我自己的 0 个方法。问题仍然存在。这是来自的消息kextunload:
(kernel) Can't unload kext com.aqnichol.BrokenDriver; classes have instances:
(kernel) Kext com.aqnichol.BrokenDriver class BrokenDriver has 1 instance.
Failed to unload com.aqnichol.BrokenDriver - (libkern/kext) kext is in use or retained (cannot unload).