The build process of an executable file to the process in-memory distribution

Creation of executable files

Http://www.cnblogs.com/web21/p/6201735.html

Total: An executable file (the Linux elf format file) is implemented by how it is added from an elf format file to a process

In a Linux system, a process can be created through the fork () function, but the child process created completely replicates the resources of the parent process, but we can use the EXEC function family system callback in the subprocess to create a process that can find the executable file based on the specified file name or path name (elf file ), and replace the original calling process data segment, code snippet and stack segment, after execution, the original call process content in addition to the process, all the others were replaced, the final execution of the executable file into the concept of the process. The commonly used directives we enter are executables, and on the other hand, for the EXEC function family, there are several forms of system calls that can be passed through different parameters to achieve the transition of the executable file to the process.

The load of the process (overwrite mount (Overlay) and page map (Paging) are two typical dynamic load methods, and now overwrite the mount is no longer necessary. ）

Create a process, and then load the appropriate executable file and execute it. There are only three things to do at the beginning:
① creates a separate virtual address space. The main assignment is a page directory.

② reads the header of the executable and establishes a mapping between the virtual space and the executable file. The main thing is to map the executable file to the virtual address space, that is, the mapping of the virtual page and the physical page so that it is loaded when "page faults".

The ③ sets the instruction register of the CPU to the entry address of the executable file and starts the operation. Start executing the program from the entry address in the Elf file.

Missing pages Interrupt Science

Http://baike.baidu.com/link?url= tpe3gsjlb9nzlk7l8tze8-px1w2jm0r4bhplb5glt6oglz--w8jhc5u4pozzt2qfr5cdx4qmtrpyhuu9v2y1n6hv85fxhx59tnsujcbknxphqjg9dkk118c7d ZcVCAg0

For example, Bash (a bash process for a terminal) calls the fork () system call to create a new process, and then the new process calls the EXECVE () system call to execute the specified elf file. The bash process continues to return waiting for the new process to finish executing, and then waits for the user to enter the command again. The EXECVE () system call is defined in Unistd.h, and its prototype is as follows:

int Execve (const char *filenarne, char *const argv[], char *const envp[]);

Its three parameters are the program file name, execution parameters, and environment variables that are executed respectively. GLIBC Execve () system calls are packaged, providing 5 different forms of exec series APIs such as Execl (), EXECLP (), Execle (), Execv (), and EXECVP (), which differ only in the parameters of the call, But it will eventually go back to the EXECVE () system call.

call the EXECVE () system call and then call the kernel's portal Sys_execve ()。 Sys_execve () calls Do_execve () after some parameters are checked for replication. Because executables are more than just elf, there are Java programs and "#!" Start of the script and so on, so Do_execve () will first check the executed file, read the first 128 bytes, especially the beginning of 4 bytes of magic number, to determine the format of the executable file. If the script is an interpreted language, the first two bytes "#!" It makes up the magic number, and once the system determines the two bytes, the subsequent string is parsed to determine the path of the program interpreter.
when Do_execve () After reading the 128-byte file header, then call search_binary_handle () to search for and match the appropriate executable file loading process. All supported executable formats in Linux have a corresponding loading process, and Search_binary_handle () determines the file's format by determining the number of magic in the head of the file, and invokes the appropriate loading process. such as Elf with load_elf_binary () , a.out with Load_aout_binary (), script with Load_script ().

elf files
" Span style= "font-family:"microsoft yahei"; font-size:14px ">① Check the validity of the elf executable format, such as the number of magic numbers and the middle of the Program Header table (Segment).
② looking for dynamically linked ". Interp" Segments ( This segment saves the path to the dynamic linker required by the executable file, and sets the dynamic linker path.
③ is based on the description of the Program Header table of the elf executable file, The elf files are mapped, such as code, data, and read-only data.
④ initializes the ELF process environment, For example, the address of the EDX register at process startup should be the address of the Dt_fini (end code address).
⑤ modifies the return address of the system call to the entry point of the elf executable file, This entry point depends on how the program is linked, and for statically linked elf executables, the program entry is the e_enery in the file header of the Elf file, and for the dynamically linked elf executable, the program entry point is the dynamic linker.

When the Elf is load_elf_binary () loaded, the function returns to Do_execve () in return to Sys_execve (). The return address of the system call in Load_elf_binary () (5th) has been changed to the entry address of the ELF program. So when the SYS_EXECVE () system call returns from the kernel state to the user state, the EIP register jumps directly to the ELF program's entry address, and the new program begins execution, and the elf executable is loaded.

Original: http://blog.csdn.net/cj_kano/article/details/42374993

The build process of an executable file to the process in-memory distribution