Summary of basic principles of iOS

In the article alloc & Init & New, alloc has 3 core operations, one of which is calloc, which is memory allocation, and this is what we need to explore today. In fact, the essence of the exploration is to verify that the actual alignment of objects in ios is 8-byte alignment.

Calloc source code analysis in objC4

Obj = (id)calloc(1, size); CallAlloc -> _objc_rootAlloc -> callAlloc -> _objc_rootAllocWithZone -> _class_createInstanceFromZone

So what does calloc do? Let’s find out!

Malloc_zone_t analysis

Malloc_zone_t is a very basic structure that contains a bunch of Pointers to functions that store the addresses of implementations of related processing functions, such as malloc, free, realloc, etc. This will be extended later based on malloc_zone_t.

The calloc exploration here needs to be switched to the libmalloc source code, which you can download here for the latest version and continue on

Libmalloc analysis calloc source code

Define a compilable target in compilable libmalloc and create a pointer in main using calloc

Enter calloc source code implementation, the key code is malloc_zone_calloc

  • Among themdefault_zoneIs a default zone designed to guide the program into a created true zonezoneThe process of

  • Enter themalloc_zone_callocSource code implementation, key codezone->calloc

  • Among themzone->callocThe zone passed in is the one in the previous stepdefault_zone
  • This is the key codepurposeisApply for a pointer and return the pointer address

On entering the zone->alloc source code, it is found to be a calloc declaration, at this point, the source code can not be followed

So here’s the point!! To continue to follow the source code, you can do the following:

  • PTR = zone->calloc(zone, num_items, size); At, add a breakpoint, and run

  • Zone ->calloc -> zone->calloc -> zone->calloc

  • Press control + Step into to access the source code implementation of Calloc

  • Run the LLDB commandp zone->callocdeFind the source code implementation, thatzone->callocSource code implementation indefault_zone_callocMethod, and then global searchdefault_zone_callocMethod, find the concrete implementation.

  • Enter calloc source code implementation, which is mainly operated by two parts
    • Create a truezone, i.e.,runtime_default_zonemethods
    • Use realzoneforcalloc

  • The breakpoint is broken at the zone location. Run the LLDB commandp zone->allocI can’t becausezonealsoNo assignment

Zone unassigned validation

  • Enter thedefault_zone_callocSource code implementation

  • Enter theruntime_default_zoneSource code implementation

  • Enter theinline_malloc_default_zoneSource code implementation by viewingmalloc_zonesIs found to beNULL, can be obtained, at this timeZone has not been assigned a value

Continue tracing source code

  • Go back todefault_zone_callocMethod, continue execution, break inzone->callocPart of the

  • Implement nano_calloc by either of the above two methods into the source code of Calloc

  • When you enter the nano_calloc method, p is pointer, indicating that the pointer has the same two-part logic as the previous PTR

    • If the space to be opened is smaller than NANO_MAX_SIZE, then nanozone_t malloc is performed

    • Otherwise, the helper_zone process is performed

  • Enter the_nano_malloc_check_clearSource code, if else fold, look at the main flow
    • Among themsegregated_next_blockPointer memory mining algorithm, the purpose is to find the appropriate memory and return
    • slot_bytesIt’s an encryption algorithmsalt(The idea is to make encryption algorithms more secure, essentially a string of custom numbers.)

  • Enter thesegregated_size_to_fitEncryption algorithm source code, algorithm logic, you can see that its essence will be 16 byte alignment algorithm

This algorithm has been mentioned in the memory alignment principle and will not be explained here.

  • Go back to the _nano_malloc_check_clear method and enter the source code for segregated_next_block, which basically gets a memory pointer

  • But if you go to segregated_next_block for the first time, the band doesn’t exist and the cache doesn’t exist, so segregated_band_grow is called to create a new band

  • Enter thesegregated_band_growSource code, mainly to open up new band

The process to summarize

Refer to the link

  • The Beauty of iOS Advanced (vi) — Malloc Analysis