Runtime源碼 方法調用的過程
前言
Objective-C語言的一大特性就是動態的,根據官方文檔的描述:在runtime以前,消息和方法並非綁定在一塊兒的,編譯器會把方法調用轉換爲objc_msgSend(receiver, selector),若是方法中帶有參數則轉換爲objc_msgSend(receiver, selector, arg1, arg2, ...)接下來咱們經過源碼一窺究竟,在次以前咱們先了解幾個基本概念html
- SEL 在objc.h文件中咱們能夠看到以下代碼:
/// An opaque type that represents a method selector.
typedef struct objc_selector *SEL;
複製代碼
SEL其實就是一個不透明的類型它表明一個方法選擇子,在編譯期,會根據方法名字生成一個ID。數組
- IMP 在objc.h文件中咱們能夠看到IMP:
/// A pointer to the function of a method implementation.
#if !OBJC_OLD_DISPATCH_PROTOTYPES
typedef void (*IMP)(void /* id, SEL, ... */ );
#else
typedef id _Nullable (*IMP)(id _Nonnull, SEL _Nonnull, ...);
#endif
複製代碼
他是一個函數指針,指向方法實現的首地址。緩存
- Method
/// An opaque type that represents a method in a class definition.
typedef struct objc_method *Method;
struct objc_method {
SEL _Nonnull method_name OBJC2_UNAVAILABLE;
char * _Nullable method_types OBJC2_UNAVAILABLE;
IMP _Nonnull method_imp OBJC2_UNAVAILABLE;
} OBJC2_UNAVAILABLE;
複製代碼
它保存了SEL到IMP和方法類型,因此咱們能夠經過SEL調用對應的IMPbash
方法調用的流程
objc_msgSend的消息分發分爲如下幾個步驟: 咱們找到objc _msgSend源碼,都是彙編,不過註釋比較詳盡app
/********************************************************************
*
* id objc_msgSend(id self, SEL _cmd,...);
* IMP objc_msgLookup(id self, SEL _cmd, ...);
*
* objc_msgLookup ABI:
* IMP returned in r11
* Forwarding returned in Z flag
* r10 reserved for our use but not used
*
********************************************************************/
.data
.align 3
.globl _objc_debug_taggedpointer_classes
_objc_debug_taggedpointer_classes:
.fill 16, 8, 0
.globl _objc_debug_taggedpointer_ext_classes
_objc_debug_taggedpointer_ext_classes:
.fill 256, 8, 0
ENTRY _objc_msgSend
UNWIND _objc_msgSend, NoFrame
MESSENGER_START
NilTest NORMAL
GetIsaFast NORMAL // r10 = self->isa
CacheLookup NORMAL, CALL // calls IMP on success
NilTestReturnZero NORMAL
GetIsaSupport NORMAL
// cache miss: go search the method lists
LCacheMiss:
// isa still in r10
MESSENGER_END_SLOW
jmp __objc_msgSend_uncached
END_ENTRY _objc_msgSend
ENTRY _objc_msgLookup
NilTest NORMAL
GetIsaFast NORMAL // r10 = self->isa
CacheLookup NORMAL, LOOKUP // returns IMP on success
NilTestReturnIMP NORMAL
GetIsaSupport NORMAL
// cache miss: go search the method lists
LCacheMiss:
// isa still in r10
jmp __objc_msgLookup_uncached
END_ENTRY _objc_msgLookup
ENTRY _objc_msgSend_fixup
int3
END_ENTRY _objc_msgSend_fixup
STATIC_ENTRY _objc_msgSend_fixedup
// Load _cmd from the message_ref
movq 8(%a2), %a2
jmp _objc_msgSend
END_ENTRY _objc_msgSend_fixedup
複製代碼
就此咱們大概能夠了解到其調用流程:less
-
判斷receiver是否爲nil,也就是objc_msgSend的第一個參數self,也就是要調用的那個方法所屬對象ide
-
從緩存裏尋找,找到了則分發,不然函數
-
利用objc-class.mm中_ class _lookupMethodAndLoadCache3方法去尋找selector優化
- 若是支持GC,忽略掉非GC環境的方法(retain等)
- 從本class的method list尋找selector,若是找到,填充到緩存中,並返回selector,不然
- 尋找父類的method list,並依次往上尋找,直到找到selector,填充到緩存中,並返回selector,不然
- 調用_class_resolveMethod,若是能夠動態resolve爲一個selector,不緩存,方法返回,不然
- 轉發這個selector,不然
- 報錯,拋出異常
這裏的**_ class _lookupMethodAndLoadCache3其實就是對lookUpImpOrForward**方法的調用:ui
/***********************************************************************
* _class_lookupMethodAndLoadCache.
* Method lookup for dispatchers ONLY. OTHER CODE SHOULD USE lookUpImp().
* This lookup avoids optimistic cache scan because the dispatcher
* already tried that.
**********************************************************************/
IMP _class_lookupMethodAndLoadCache3(id obj, SEL sel, Class cls)
{
return lookUpImpOrForward(cls, sel, obj,
YES/*initialize*/, NO/*cache*/, YES/*resolver*/);
}
複製代碼
對第五個參數cache傳值爲NO,由於在此以前已經作了一個查找這裏CacheLookup NORMAL, CALL,這裏是對緩存查找的一個優化。
接下來看一下lookUpImpOrForward的一些關鍵實現細節
- 緩存查找優化
// Optimistic cache lookup
if (cache)
methodPC = _cache_getImp(cls, sel);
if (methodPC) return methodPC;
}
複製代碼
這裏有個判斷,是否須要緩存查找,若是cache爲NO則進入下一步
- 檢查被釋放類
// Check for freed class
if (cls == _class_getFreedObjectClass())
return (IMP) _freedHandler;
複製代碼
_class _getFreedObjectClass的實現:
/***********************************************************************
* _class_getFreedObjectClass. Return a pointer to the dummy freed
* object class. Freed objects get their isa pointers replaced with
* a pointer to the freedObjectClass, so that we can catch usages of
* the freed object.
**********************************************************************/
static Class _class_getFreedObjectClass(void)
{
return (Class)freedObjectClass;
}
複製代碼
註釋寫到,這裏返回的被釋放對象的指針,不是太理解,備註這之後再看看
- 懶加載+initialize
// Check for +initialize
if (initialize && !cls->isInitialized()) {
_class_initialize (_class_getNonMetaClass(cls, inst));
// If sel == initialize, _class_initialize will send +initialize and
// then the messenger will send +initialize again after this
// procedure finishes. Of course, if this is not being called
// from the messenger then it won't happen. 2778172 } 複製代碼
在方法調用過程當中,若是類沒有被初始化的時候,會調用_class_initialize對類進行初始化,關於+initialize能夠看以前的Runtime源碼 +load 和 +initialize。
- 加鎖保證原子性
// The lock is held to make method-lookup + cache-fill atomic
// with respect to method addition. Otherwise, a category could
// be added but ignored indefinitely because the cache was re-filled
// with the old value after the cache flush on behalf of the category.
retry:
methodListLock.lock();
// Try this class's cache. methodPC = _cache_getImp(cls, sel); if (methodPC) goto done; 複製代碼
這裏又作了一次緩存查找,由於上一步執行了+initialize
加鎖這一部分只有一行簡單的代碼,其主要目的保證方法查找以及緩存填充(cache-fill)的原子性,保證在運行如下代碼時不會有新方法添加致使緩存被沖洗(flush)。
- 本類的方法列表查找
// Try this class's method lists. meth = _class_getMethodNoSuper_nolock(cls, sel); if (meth) { log_and_fill_cache(cls, cls, meth, sel); methodPC = method_getImplementation(meth); goto done; } 複製代碼
這裏調用了log_ and_ fill_cache這個後面來看,接下里就是
- 父類方法列表查找
// Try superclass caches and method lists.
curClass = cls;
while ((curClass = curClass->superclass)) {
// Superclass cache.
meth = _cache_getMethod(curClass, sel, _objc_msgForward_impcache);
if (meth) {
if (meth != (Method)1) {
// Found the method in a superclass. Cache it in this class.
log_and_fill_cache(cls, curClass, meth, sel);
methodPC = method_getImplementation(meth);
goto done;
}
else {
// Found a forward:: entry in a superclass.
// Stop searching, but don't cache yet; call method // resolver for this class first. break; } } // Superclass method list. meth = _class_getMethodNoSuper_nolock(curClass, sel); if (meth) { log_and_fill_cache(cls, curClass, meth, sel); methodPC = method_getImplementation(meth); goto done; } } 複製代碼
關於消息在列表方法查找的過程,根據官方文檔以下:
這裏沿着集成體系對父類的方法列表進行查找,找到了就調用log_ and_ fill_cache
log_ and_ fill_cach的實現:
記錄:
/***********************************************************************
* log_and_fill_cache
* Log this method call. If the logger permits it, fill the method cache.
* cls is the method whose cache should be filled.
* implementer is the class that owns the implementation in question.
**********************************************************************/
static void
log_and_fill_cache(Class cls, Class implementer, Method meth, SEL sel)
{
#if SUPPORT_MESSAGE_LOGGING
if (objcMsgLogEnabled) {
bool cacheIt = logMessageSend(implementer->isMetaClass(),
cls->nameForLogging(),
implementer->nameForLogging(),
sel);
if (!cacheIt) return;
}
#endif
_cache_fill (cls, meth, sel);
}
複製代碼
內部調用了**_cache _fill**,填充緩存:
/***********************************************************************
* _cache_fill. Add the specified method to the specified class' cache. * Returns NO if the cache entry wasn't added: cache was busy,
* class is still being initialized, new entry is a duplicate.
*
* Called only from _class_lookupMethodAndLoadCache and
* class_respondsToMethod and _cache_addForwardEntry.
*
* Cache locks: cacheUpdateLock must not be held.
**********************************************************************/
bool _cache_fill(Class cls, Method smt, SEL sel)
{
uintptr_t newOccupied;
uintptr_t index;
cache_entry **buckets;
cache_entry *entry;
Cache cache;
cacheUpdateLock.assertUnlocked();
// Never cache before +initialize is done
if (!cls->isInitialized()) {
return NO;
}
// Keep tally of cache additions
totalCacheFills += 1;
mutex_locker_t lock(cacheUpdateLock);
entry = (cache_entry *)smt;
cache = cls->cache;
// Make sure the entry wasn't added to the cache by some other thread // before we grabbed the cacheUpdateLock. // Don't use _cache_getMethod() because _cache_getMethod() doesn't // return forward:: entries. if (_cache_getImp(cls, sel)) { return NO; // entry is already cached, didn't add new one
}
// Use the cache as-is if it is less than 3/4 full
newOccupied = cache->occupied + 1;
if ((newOccupied * 4) <= (cache->mask + 1) * 3) {
// Cache is less than 3/4 full.
cache->occupied = (unsigned int)newOccupied;
} else {
// Cache is too full. Expand it.
cache = _cache_expand (cls);
// Account for the addition
cache->occupied += 1;
}
// Scan for the first unused slot and insert there.
// There is guaranteed to be an empty slot because the
// minimum size is 4 and we resized at 3/4 full.
buckets = (cache_entry **)cache->buckets;
for (index = CACHE_HASH(sel, cache->mask);
buckets[index] != NULL;
index = (index+1) & cache->mask)
{
// empty
}
buckets[index] = entry;
return YES; // successfully added new cache entry
}
複製代碼
這裏還沒找到實現則進入下一步,動態方法解析和消息轉發,關於消息轉發的細節咱們下篇再看。
方法緩存
在上面截出的源碼中咱們屢次看到了cache,下面咱們就來看看這個,在runtime.h和objc-runtime-newcache的定義以下
struct objc_cache {
unsigned int mask /* total = mask + 1 */ OBJC2_UNAVAILABLE;
unsigned int occupied OBJC2_UNAVAILABLE;
Method _Nullable buckets[1] OBJC2_UNAVAILABLE;
};
複製代碼
struct cache_t {
struct bucket_t *_buckets;
mask_t _mask;
mask_t _occupied;
...
}
複製代碼
這就是cache在runtime層面的表示,裏面的字段和表明的含義相似
- buckets
數組表示的hash表,每一個元素表明一個方法緩存 - mask
當前能達到的最大index(從0開始),,因此緩存的size(total)是mask+1 - occupied
被佔用的槽位,由於緩存是以散列表的形式存在的,因此會有空槽,而occupied表示當前被佔用的數目
而在_ buckets中包含了一個個的cache_entry和bucket_t(objc2.0的變動):
typedef struct {
SEL name; // same layout as struct old_method
void *unused;
IMP imp; // same layout as struct old_method
} cache_entry;
複製代碼
cache_entry定義也包含了三個字段,分別是:
- name,被緩存的方法名字
- unused,保留字段,還沒被使用。
- imp,方法實現
struct bucket_t {
private:
cache_key_t _key;
IMP _imp;
...
}
複製代碼
而bucket_t則沒有了老的unused,包含了兩個字段:
- key,方法的標誌(和以前的name對應)
- imp, 方法的實現
後記
從runtime的源碼咱們知道了方法調用的流程和方法緩存,有些附帶的問題答案也就呼之欲出了:
- 方法緩存在元類的上,由第一節(Runtime源碼 類、對象、isa)咱們就知道在objc_class的isa指向了他的元類,因此每一個類都只有一份方法緩存,而不是每個類的object都保存一份。
- 在方法調用的父類方法列表查找過程當中,若是命中了也會調用
_cache_fill (cls, meth, sel);,因此即使是從父類取到的方法,也會存在類自己的方法緩存裏。而當用一個父類對象去調用那個方法的時候,也會在父類的metaclass裏緩存一份。 - 緩存容量限制,在上面的代碼中咱們注意到這個判斷:
// Use the cache as-is if it is less than 3/4 full
mask_t newOccupied = cache->occupied() + 1;
mask_t capacity = cache->capacity();
if (cache->isConstantEmptyCache()) {
// Cache is read-only. Replace it.
cache->reallocate(capacity, capacity ?: INIT_CACHE_SIZE);
}
else if (newOccupied <= capacity / 4 * 3) {
// Cache is less than 3/4 full. Use it as-is.
}
else {
// Cache is too full. Expand it.
cache->expand();
}
複製代碼
當cache爲空時建立;當新的被佔用槽數小於等於其容量的3/4時,直接使用;不然調用cache->expand();擴充容量:
void cache_t::expand()
{
cacheUpdateLock.assertLocked();
uint32_t oldCapacity = capacity();
uint32_t newCapacity = oldCapacity ? oldCapacity*2 : INIT_CACHE_SIZE;
if ((uint32_t)(mask_t)newCapacity != newCapacity) {
// mask overflow - can't grow further // fixme this wastes one bit of mask newCapacity = oldCapacity; } reallocate(oldCapacity, newCapacity); } 複製代碼
- 爲何類的方法列表不直接作成散列表呢,作成list,還要單獨緩存,多費事?
散列表是沒有順序的,Objective-C的方法列表是一個list,是有順序的 這個問題麼,我以爲有如下三個緣由:- Objective-C在查找方法的時候會順着list依次尋找,而且category的方法在原始方法list的前面,須要先被找到,若是直接用hash存方法,方法的順序就無法保證。
- list的方法還保存了除了selector和imp以外其餘不少屬性。
- 散列表是有空槽的,會浪費空間。
相關資料:
美團酒旅博文:深刻理解Objective-C:方法緩存
官方文檔:Messaging
相關文章
- 1. 經過Runtime源碼瞭解Objective-C中的方法存儲
- 2. mybatis源碼解析(四)-Mapper方法調用過程
- 3. mybatis源碼解析(三)-SqlSession.selectOne相似方法調用過程
- 4. java方法的調用過程
- 5. Spring的refresh()方法調用過程
- 6. ios-Runtime調用私有方法
- 7. binderService()方法的調用過程
- 8. mysql存儲過程的調用方法
- 9. iOS方法在runtime中的調用流程
- 10. 4源碼-服務調用過程
- 更多相關文章...
- • Redis主從複製的配置方法和執行過程 - Redis教程
- • Swift 析構過程 - Swift 教程
- • Git可視化極簡易教程 — Git GUI使用方法
- • 常用的分佈式事務解決方案
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
