一、block的常见三种类型
1.1 NSGlobalBlock
void(^block)(void) = ^{
NSLog(@"hello,block");
};
NSLog(@"%@", block);
<__NSGlobalBlock__: 0x1065fa088>
NSGlobalBlock 全局类型block,存储在内存中的全局区,这种情况下block,无传入参数无返回值。
1.2 NSMallocBlock
int a = 10;
void(^block)(void) = ^{
NSLog(@"block - %d", a);
};
NSLog(@"%@", block);
<__NSMallocBlock__: 0x600003305680>
NSMallocBlock 堆区类型block,存储在内存中的堆区,这种情况下block会访问外部变量a,对a进行值copy。
1.3 NSStackBlock
int a = 10;
void(^block)(void) = ^{
NSLog(@"block - %d", a);
};
NSLog(@"%@", ^{
NSLog(@"block - %d", a);
});
<__NSStackBlock__: 0x7ffeec33f518>
NSStackBlock 栈区类型block,存储在内存中的栈区,这种情况打印的是未赋值给block对象的一种形态,一旦完成赋值,对a进行拷贝持有,就会变为堆区block。目前开发中栈区类型block的已经很少了。
void * _NSConcreteStackBlock[32] = { 0 };
void * _NSConcreteMallocBlock[32] = { 0 };
void * _NSConcreteAutoBlock[32] = { 0 };
void * _NSConcreteFinalizingBlock[32] = { 0 };
void * _NSConcreteGlobalBlock[32] = { 0 };
void * _NSConcreteWeakBlockVariable[32] = { 0 };
- block在底层还有系统处理的三种中间类型,并不常见,这里不做过多了解。
二、block的循环引用解决
- block的循环引用:例如A和B两个对象,A持有B的引用,当A调用dealoc方法的时候,会给B发送release信号,B收到release信号,则B的retainCount引用计数会-1,如果B的引用计数为0,则B调用dealoc方法释放,随即A处理自身释放。如果A和B相互持有,则A无法调用自身的delloc方法,B也就收不到release信号,造成A和B都无法释放。在block中,对象持有block,而block{}又会持有对象的情况下,就会造成循环引用。
- 例如下面这两个例子的对比:
//情景一 会循环引用
NSString *name = @"qianxiaomu";
self.block = ^(void){
NSLog(@"%@",self.name);
};
self.block();
//情景二 不会循环引用
UIView animateWithDuration:0.25 animations:^{
NSLog(@"%@",self.name);
};
2.1 weak-strong-dance
typedef void(^MuBlock)(void);
@property(nonatomic, copy) MuBlock muBlock;
__weak typeof(self) weakSelf = self;
self.muBlock = ^(void){
__strong typeof(weakSelf) strongSelf = weakSelf;
NSLog(@"%@",strongSelf.name);
}
self.muBlock();
- 使用__weak来生成一个新的弱引用对象weakSelf,此时weakSelf和self指向的是同一片内存地址,不会导致self的引用计数增加(这里可以通过查看__weak底层源码和通过CFGetRetainCount验证)。
- 使用__strong是为了延长weakSelf的声明周期到{}后。通常我们会在block{},做耗时操作,延长weakSelf的声明周期,可以避免weakSelf的提前释放。所以__weak和__strong需要搭配使用。
- 开发中比较推荐。
2.2 中介者模式
手动模式
- 这里手动的意思是指自己管理中介者ViewController的声明周期。例子如下:
__block ViewController *vc = self;
self.muBlock = ^(void){
dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(2 * NSEC_PER_SEC)), dispatch_get_main_queue(), ^{
NSLog(@"%@",vc.name);
vc = nil;//手动释放
});
};
self.muBlock();
自动模式
- 同理这里自动的意思是指交给block来管理中介者ViewController的声明周期。实际开发中推荐使用,例子如下:
self.muBlock = ^(ViewController *vc){
dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(2 * NSEC_PER_SEC)), dispatch_get_main_queue(), ^{
NSLog(@"%@",vc.name);
});
};
self.muBlock(self);
三、block的clang分析
vim block.c
xcrun -sdk iphonesimulator clang -arch x86_64 -rewrite-objc block.c
#include "stdio.h"
int main(){
void(^block)(void) = ^{
printf("Mu");
};
return 0;
}
- 打开block.cpp,查看编译后的结果。
int main(){
void(*block)(void) = ((void (*)())&__main_block_impl_0((void *)__main_block_func_0, &__main_block_desc_0_DATA));
((void (*)(__block_impl *))((__block_impl *)block)->FuncPtr)((__block_impl *)block);
return 0;
}
static void __main_block_func_0(struct __main_block_impl_0 *__cself) {
printf("Mu");
}
void(*block)(void) = __main_block_impl_0(__main_block_func_0, &__main_block_desc_0_DATA));//构造函数
block->FuncPtr(block);
3.1 block的本质
- 源码中block等同于__main_block_impl_0,是一个匿名函数。搜索__main_block_impl_0,可以看到__main_block_impl_0是一个结构体,呢么block其实是一个对象。block也有自己的isa。
struct __main_block_impl_0 {
struct __block_impl impl;
struct __main_block_desc_0* Desc;
__main_block_impl_0(void *fp, struct __main_block_desc_0 *desc, int flags=0) {
impl.isa = &_NSConcreteStackBlock;
impl.Flags = flags;
impl.FuncPtr = fp;
Desc = desc;
}
};
struct __block_impl {
void *isa;
int Flags;
int Reserved;
void *FuncPtr;
};
3.2 block如何拥有持有外部变量的能力
3.2.1 普通变量a
- 简单修改代码如下:
int main(){
int a = 11;
void(^block)(void) = ^{
printf("Mu - %d", a);
};
block();
return 0;
}
- 再次clang,查看源码变化:
struct __main_block_impl_0 {
struct __block_impl impl;
struct __main_block_desc_0* Desc;
int a;
__main_block_impl_0(void *fp, struct __main_block_desc_0 *desc, int _a, int flags=0) : a(_a) {
impl.isa = &_NSConcreteStackBlock;
impl.Flags = flags;
impl.FuncPtr = fp;
Desc = desc;
}
};
static void __main_block_func_0(struct __main_block_impl_0 *__cself) {
int a = __cself->a;
printf("Mu - %d", a);
}
int main(){
int a = 11;
void(*block)(void) = __main_block_impl_0(__main_block_func_0, &__main_block_desc_0_DATA, a));
block)->FuncPtr(block);
return 0;
}
- 可以看到__main_block_impl_0函数传递了一个参数a
- 在__main_block_impl_0的结构体,编译时就自动生成了相应的变量a
- 执行的时候将自身的a值拷贝给了新的a。值得注意的是此时持有的这个a和我们外部的a,不是同一个。
3.2.2 __block变量a
- 对a加一个__block,然后在block中对a进行++操作。
- 重新clang,查看源码。
struct __Block_byref_a_0 {
void *__isa;
__Block_byref_a_0 *__forwarding;
int __flags;
int __size;
int a;
};
struct __main_block_impl_0 {
struct __block_impl impl;
struct __main_block_desc_0* Desc;
__Block_byref_a_0 *a; // by ref
__main_block_impl_0(void *fp, struct __main_block_desc_0 *desc, __Block_byref_a_0 *_a, int flags=0) : a(_a->__forwarding) {//构造方法
impl.isa = &_NSConcreteStackBlock;
impl.Flags = flags;
impl.FuncPtr = fp;
Desc = desc;
}
};
static void __main_block_func_0(struct __main_block_impl_0 *__cself) {//block内部实现
__Block_byref_a_0 *a = __cself->a;
(a->__forwarding->a)++;
printf("Mu - %d", (a->__forwarding->a));
}
static void __main_block_copy_0(struct __main_block_impl_0*dst, struct __main_block_impl_0*src) {_Block_object_assign((void*)&dst->a, (void*)src->a, 8/*BLOCK_FIELD_IS_BYREF*/);}
static void __main_block_dispose_0(struct __main_block_impl_0*src) {_Block_object_dispose((void*)src->a, 8/*BLOCK_FIELD_IS_BYREF*/);}
int main(){
__attribute__((__blocks__(byref))) __Block_byref_a_0 a = {(void*)0,(__Block_byref_a_0 *)&a, 0, sizeof(__Block_byref_a_0), 11};
//__main_block_impl_0中的第三个参数&a,是封装的对象a的地址
void(*block)(void) = __main_block_impl_0(__main_block_func_0, &__main_block_desc_0_DATA, (__Block_byref_a_0 *)&a, 570425344));
((void (*)(__block_impl *))((__block_impl *)block)->FuncPtr)((__block_impl *)block);
return 0;
}
- __main_block_impl_0中,将对象a的地址&a作为参数传入
- 外界变量会生成__Block_byref_a_0结构体,结构体用来保存原始变量的指针和值
- 执行的时候__main_block_func_0中,是对a的指针拷贝,此时持有的这个a和我们外部的a,是同一个指向同一块内存地址。
3.2.3 __block修饰OC对象NSString
- 新建工程,在main.m写入代码如下:
_block NSString *Mu_name = [NSString stringWithFormat:@"mu"];
void (^block1)(void) = ^{ // block_copy
Mu_name = @"qianxiaomu";
NSLog(@"Mu_Block - %@",Mu_name);
};
block1();
- clang看源码差异:
// main方法中
__Block_byref_Mu_name_0 Mu_name =
{(void*)0,
(__Block_byref_Mu_name_0 *)&Mu_name,
33554432,
sizeof(__Block_byref_Mu_name_0),
__Block_byref_id_object_copy_131,
__Block_byref_id_object_dispose_131,
((NSString * _Nonnull (*)(id, SEL, NSString * _Nonnull, ...))(void *)objc_msgSend)((id)objc_getClass("NSString"), sel_registerName("stringWithFormat:"), (NSString *)&__NSConstantStringImpl__var_folders_hr_l_56yp8j4y11491njzqx6f880000gn_T_main_9f330d_mi_0)};
void (*block1)(void) = ((void (*)())&__main_block_impl_0((void *)__main_block_func_0, &__main_block_desc_0_DATA, (__Block_byref_Mu_name_0 *)&Mu_name, 570425344));
((void (*)(__block_impl *))((__block_impl *)block1)->FuncPtr)((__block_impl *)block1);
// __Block_byref结构体
struct __Block_byref_Mu_name_0 {
void *__isa;
__Block_byref_Mu_name_0 *__forwarding;
int __flags;
int __size;
void (*__Block_byref_id_object_copy)(void*, void*);
void (*__Block_byref_id_object_dispose)(void*); // 5*8 = 40
NSString *Mu_name;
};
struct __main_block_impl_0 {
struct __block_impl impl;
struct __main_block_desc_0* Desc;
__Block_byref_Mu_name_0 *Mu_name; // by ref
__main_block_impl_0(void *fp, struct __main_block_desc_0 *desc, __Block_byref_Mu_name_0 *_Mu_name, int flags=0) : Mu_name(_Mu_name->__forwarding) {
impl.isa = &_NSConcreteStackBlock;
impl.Flags = flags;
impl.FuncPtr = fp;
Desc = desc;
}
};
static void __main_block_func_0(struct __main_block_impl_0 *__cself) {
__Block_byref_Mu_name_0 *Mu_name = __cself->Mu_name; // bound by ref
(Mu_name->__forwarding->Mu_name) = (NSString *)&__NSConstantStringImpl__var_folders_hr_l_56yp8j4y11491njzqx6f880000gn_T_main_9f330d_mi_1;
NSLog((NSString *)&__NSConstantStringImpl__var_folders_hr_l_56yp8j4y11491njzqx6f880000gn_T_main_9f330d_mi_2,(Mu_name->__forwarding->Mu_name));
}
static void __Block_byref_id_object_copy_131(void *dst, void *src) {
_Block_object_assign((char*)dst + 40, *(void * *) ((char*)src + 40), 131);
}
static void __Block_byref_id_object_dispose_131(void *src) {
_Block_object_dispose(*(void * *) ((char*)src + 40), 131);
}
- 相对于变量a来说,__block修饰类对象,底层多了__Block_byref_id_object_copy_131和__Block_byref_id_object_dispose_131。
- __Block_byref_结构体中多了__Block_byref_id_object_copy和__Block_byref_id_object_dispose。
- 这里涉及到了block对对象内部的copy,下文分析。
3.3 block为什么需要block()
- 在__main_block_impl_0结构体,通过其同名构造函数,第一个传入的block的内部实现代码块,即__main_block_func_0,用指针*fp表示,然后赋值给impl的FuncPtr属性,最终在main中进行了调用底层的执行代码为block->FuncPtr(block)。如果不调用block(),block的代码块就无法实现。
四、block的源码分析
- 准备阶段
- 在block处打断点,进入汇编层
- 添加符号断点objc_retainBlock,进入_Block_copy
- 添加符号断点_Block_copy,可以看到block的底层源码在libsystem_blocks.dylib中。
- 可编译的libclosure-74源码下载
- block底层的真正类型Block_layout
struct Block_layout {
void *isa;
volatile int32_t flags; // contains ref count
int32_t reserved;
BlockInvokeFunction invoke;
struct Block_descriptor_1 *descriptor;
// imported variables
};
// Values for Block_layout->flags to describe block objects
enum {
BLOCK_DEALLOCATING = (0x0001), // runtime
BLOCK_REFCOUNT_MASK = (0xfffe), // runtime
BLOCK_NEEDS_FREE = (1 << 24), // runtime
BLOCK_HAS_COPY_DISPOSE = (1 << 25), // compiler
BLOCK_HAS_CTOR = (1 << 26), // compiler: helpers have C++ code
BLOCK_IS_GC = (1 << 27), // runtime
BLOCK_IS_GLOBAL = (1 << 28), // compiler
BLOCK_USE_STRET = (1 << 29), // compiler: undefined if !BLOCK_HAS_SIGNATURE
BLOCK_HAS_SIGNATURE = (1 << 30), // compiler
BLOCK_HAS_EXTENDED_LAYOUT=(1 << 31) // compiler
};
#define BLOCK_DESCRIPTOR_1 1
struct Block_descriptor_1 {
uintptr_t reserved;
uintptr_t size;
};
#define BLOCK_DESCRIPTOR_2 1
struct Block_descriptor_2 {
// requires BLOCK_HAS_COPY_DISPOSE
BlockCopyFunction copy;
BlockDisposeFunction dispose;
};
#define BLOCK_DESCRIPTOR_3 1
struct Block_descriptor_3 {
// requires BLOCK_HAS_SIGNATURE
const char *signature;
const char *layout; // contents depend on BLOCK_HAS_EXTENDED_LAYOUT
};
- isa:表明block类型的类
- flags:标识符。类似isa的位域bits里面的信息,例如hascxx等
- reserved:保留位,用来存储block的内部信息
- invoke:函数指针,指向block代码块的执行
- descriptor:block的附加信息,有三种
- Block_descriptor_1:一定有,包含了保留信息和保留位的大小
- Block_descriptor_2:不一定有,看flag中的BLOCK_HAS_COPY_DISPOSE,包含了block可以进行copy和dispose的函数指针。
- Block_descriptor_3:不一定有,看的flag中BLOCK_HAS_SIGNATURE和BLOCK_HAS_EXTENDED_LAYOUT,包含了签名。
4.1 block的三层copy(一)
// Copy, or bump refcount, of a block. If really copying, call the copy helper if present.
void *_Block_copy(const void *arg) {
struct Block_layout *aBlock;
if (!arg) return NULL;
// The following would be better done as a switch statement
aBlock = (struct Block_layout *)arg;
if (aBlock->flags & BLOCK_NEEDS_FREE) {
// latches on high
latching_incr_int(&aBlock->flags);
return aBlock;
}
else if (aBlock->flags & BLOCK_IS_GLOBAL) {
return aBlock;
}
else {
// Its a stack block. Make a copy.
struct Block_layout *result =
(struct Block_layout *)malloc(aBlock->descriptor->size);
if (!result) return NULL;
memmove(result, aBlock, aBlock->descriptor->size); // bitcopy first
#if __has_feature(ptrauth_calls)
// Resign the invoke pointer as it uses address authentication.
result->invoke = aBlock->invoke;
#endif
// reset refcount
result->flags &= ~(BLOCK_REFCOUNT_MASK|BLOCK_DEALLOCATING); // XXX not needed
result->flags |= BLOCK_NEEDS_FREE | 2; // logical refcount 1
_Block_call_copy_helper(result, aBlock);
// Set isa last so memory analysis tools see a fully-initialized object.
result->isa = _NSConcreteMallocBlock;
return result;
}
- 第一层拷贝是block自身的_Block_copy,block从栈区空间到堆空间
- _Block_copy源码分析:
- 如果block需要释放,这里通过标识位与运算拿到,直接释放
- 如果是globalBlock,不需要copy,直接返回
- 不是前面两种情况,即为栈区block
- malloc申请空间result
- memmove拷贝aBlock
- 调用指针invoke交接
- flags的赋值
- isa更改为_NSConcreteMallocBlock
4.2 block的三层copy(二)
static struct Block_byref *_Block_byref_copy(const void *arg) {
struct Block_byref *src = (struct Block_byref *)arg;
if ((src->forwarding->flags & BLOCK_REFCOUNT_MASK) == 0) {
// src points to stack
struct Block_byref *copy = (struct Block_byref *)malloc(src->size);
copy->isa = NULL;
// byref value 4 is logical refcount of 2: one for caller, one for stack
copy->flags = src->flags | BLOCK_BYREF_NEEDS_FREE | 4;
copy->forwarding = copy; // patch heap copy to point to itself
src->forwarding = copy; // patch stack to point to heap copy
copy->size = src->size;
if (src->flags & BLOCK_BYREF_HAS_COPY_DISPOSE) {
// Trust copy helper to copy everything of interest
// If more than one field shows up in a byref block this is wrong XXX
struct Block_byref_2 *src2 = (struct Block_byref_2 *)(src+1);
struct Block_byref_2 *copy2 = (struct Block_byref_2 *)(copy+1);
copy2->byref_keep = src2->byref_keep;
copy2->byref_destroy = src2->byref_destroy;
if (src->flags & BLOCK_BYREF_LAYOUT_EXTENDED) {
struct Block_byref_3 *src3 = (struct Block_byref_3 *)(src2+1);
struct Block_byref_3 *copy3 = (struct Block_byref_3*)(copy2+1);
copy3->layout = src3->layout;
}
(*src2->byref_keep)(copy, src);
}
else {
// Bitwise copy.
// This copy includes Block_byref_3, if any.
memmove(copy+1, src+1, src->size - sizeof(*src));
}
}
// already copied to heap
else if ((src->forwarding->flags & BLOCK_BYREF_NEEDS_FREE) == BLOCK_BYREF_NEEDS_FREE) {
latching_incr_int(&src->forwarding->flags);
}
return src->forwarding;
}
- 第二层拷贝是__block修饰的_Block_byref_copy,将修饰的对象拷贝为Block_byref的结构类型。
- 用指针src保存传进来的结构体数据
- 如果src未被copy过
- 申请一个新的结构体指针copy,大小和scr的size一致
- isa占位赋值
- 赋值copy的flag
- 将堆区的copy指针的forwarding指针指向自己,src的栈区指针也指向堆区的copy指针,这样使src和copy的forwarding指针一致。forwarding就是__block捕获的对象,这也是为什么__block捕获的对象有修改能力的原因
- 如果有BLOCK_BYREF_HAS_COPY_DISPOSE能力,通过指针偏移src+1拿到Block_byref_2的指针地址,本质上是完成了copy的Block_byref_2赋值
- 如果有BLOCK_BYREF_LAYOUT_EXTENDED能力,完成copy的Block_byref_3赋值
- (*src2->byref_keep)(copy, src)在clang层源码中是做了
void (*__Block_byref_id_object_copy)(void*, void*)的操作。这里刚好也是第三层拷贝的由来。
enum {
// Byref refcount must use the same bits as Block_layout's refcount.
// BLOCK_DEALLOCATING = (0x0001), // runtime
// BLOCK_REFCOUNT_MASK = (0xfffe), // runtime
BLOCK_BYREF_LAYOUT_MASK = (0xf << 28), // compiler
BLOCK_BYREF_LAYOUT_EXTENDED = ( 1 << 28), // compiler
BLOCK_BYREF_LAYOUT_NON_OBJECT = ( 2 << 28), // compiler
BLOCK_BYREF_LAYOUT_STRONG = ( 3 << 28), // compiler
BLOCK_BYREF_LAYOUT_WEAK = ( 4 << 28), // compiler
BLOCK_BYREF_LAYOUT_UNRETAINED = ( 5 << 28), // compiler
BLOCK_BYREF_IS_GC = ( 1 << 27), // runtime
BLOCK_BYREF_HAS_COPY_DISPOSE = ( 1 << 25), // compiler
BLOCK_BYREF_NEEDS_FREE = ( 1 << 24), // runtime
};
// __Block 修饰的结构体
struct Block_byref {
void *isa;
struct Block_byref *forwarding;
volatile int32_t flags; // contains ref count
uint32_t size;
};
// __Block 修饰的结构体 byref_keep 和 byref_destroy 函数 - 来处理里面持有对象的保持和销毁
struct Block_byref_2 {
// requires BLOCK_BYREF_HAS_COPY_DISPOSE
BlockByrefKeepFunction byref_keep;
BlockByrefDestroyFunction byref_destroy;
};
struct Block_byref_3 {
// requires BLOCK_BYREF_LAYOUT_EXTENDED
const char *layout;
};
4.3 block的三层copy(三)
void _Block_object_assign(void *destArg, const void *object, const int flags) {
const void **dest = (const void **)destArg;
switch (os_assumes(flags & BLOCK_ALL_COPY_DISPOSE_FLAGS)) {
case BLOCK_FIELD_IS_OBJECT:
_Block_retain_object(object);
*dest = object;
break;
case BLOCK_FIELD_IS_BLOCK:
*dest = _Block_copy(object);
break;
case BLOCK_FIELD_IS_BYREF | BLOCK_FIELD_IS_WEAK:
case BLOCK_FIELD_IS_BYREF:
*dest = _Block_byref_copy(object);
break;
case BLOCK_BYREF_CALLER | BLOCK_FIELD_IS_OBJECT:
case BLOCK_BYREF_CALLER | BLOCK_FIELD_IS_BLOCK:
*dest = object;
break;
case BLOCK_BYREF_CALLER | BLOCK_FIELD_IS_OBJECT | BLOCK_FIELD_IS_WEAK:
case BLOCK_BYREF_CALLER | BLOCK_FIELD_IS_BLOCK | BLOCK_FIELD_IS_WEAK:
*dest = object;
break;
default:
break;
}
}
- 第三层拷贝是block对传入对象的变量进行_Block_object_assign,将block内部将要使用的对象的变量拷贝到block内部。
- _Block_object_assign源码分析
- 如果block捕获的是普通对象,返回自身
- 如果block是栈区的对象,_Block_copy返回堆区的block对象
- 如果用__block修饰捕获的对象,返回_Block_byref_copy的结构体对象
- __block修饰的对象通过内存平移拿到对象的变量,供内部使用。
