Article Title: how to execute an application on Linux. Linux is a technology channel of the IT lab in China. It includes desktop applications, Linux system management, kernel research, embedded systems, open-source, and other basic classification execution files. In this article, try to use as few source codes as possible, so as not to be too boring. I will mainly describe this process. If you are interested, you can view the corresponding source code to learn more.
1. Parent process behavior: Copy, wait
There are many ways to execute an application. It is common to execute an application from a shell. Interactive shell is a process (all processes are obtained by the init process fork whose pid is 1. This topic involves Linux Startup and initialization, as well as idle process, etc ), when the user clicks in the shell. When executing a program in/test, shell first fork () generates a sub-process (this is also the sub-shell mentioned in many articles) and wait () ends, therefore, after the test execution is complete, the shell is returned and waits for user input (if a background process is created, the shell will not wait until the sub-process ends, but directly continue to execute ). Therefore, the main task of a shell process is to copy a new process and wait for its end.
2. sub-process behavior: "execute" Application
2.1 execve ()
In the sub-process, execve () is called to load test and start execution. This is the key to test execution. Next we will analyze it in detail.
Execve () is a very important system call provided by the operating system. In many articles, it is called exec () System Call (note that it is different from the shell internal exec command ), in fact, in Linux, there is no exec () system call. exec is only used to describe a group of functions. They all start with exec, which are:
These are all packaged library functions in libc. Finally, execve () is called by the system (# define _ NR_evecve 11, system call of number 11 ).
The exec function is used to execute executable files in the current process, that is, find the executable file based on the specified file name and use it to replace the content of the current process, in addition, this replacement is irreversible, that is, the replaced content is no longer saved. When the executable file ends, the entire process also freezes. Because the code segment, data segment, and stack of the current process have been replaced by new content, the exec function family does not return after the function is successfully executed. If it fails,-1 is returned. an executable file can be either a binary file or an executable script file. The two files are slightly different during loading. Here we mainly analyze the running of binary files.
2.2 do_execve ()
Execve () is called in the user mode. After the system is interrupted, the corresponding function executed in the kernel mode is do_sys_execve (), and do_sys_execve () calls the do_execve () function. Do_execve () First reads the executable file. If the executable file does not exist, an error is returned. Check the permissions of executable files. If the file is not executable by the current user, execve () returns-1 and reports the permission denied error. Otherwise, read the information required to run the executable file (see struct linux_binprm ).
2.3 search_binary_handler ()
Then, the system calls search_binary_handler (), based on the executable file type (such as shell,. out, ELF, etc.), find the corresponding processing function (the system creates a struct linux_binfmt for each file type, and concatenates it on a linked list. During execution, it traverses the linked list, find the structure of the corresponding type. If you want to define an executable file format, you also need to implement such a handler ). Then execute the corresponding load_binary () function to start loading executable files.
2.4 load_elf_binary ()
The handler that loads an elf file is load_elf_binary (). It first reads the header of the ELF File and reads various data (header information) according to the header information of the ELF File ). Scan the program segment description table again, find the segment of the PT_LOAD type, and map it (elf_map () to the fixed address of the memory. If there is no description segment of the dynamic linker, set the returned endpoint to the application endpoint. Start_thread () is used to complete this function. start_thread () does not start a thread, but is used to modify the values of registers such as PCs saved in pt_regs, point it to the entry of the loaded application. In this way, when the kernel operation ends and the user State is returned, the application will be executed.
2.5 load_elf_interp ()
If the application uses a dynamic link library, it is not that simple. In addition to loading the specified executable file, the kernel also gives control to the dynamic connector (program interpreter, ld. so in linux) to process dynamic links. In the kernel search field table, locate the name of the dynamic connector corresponding to the segment marked as PT_INTERP, use load_elf_interp () to load the image, and set the returned entry address to the return value of load_elf_interp, that is, the dynamic linker entry. When execve exits, the dynamic linker then runs. The dynamic connector checks the application's dependence on the shared connection library, loads it as needed, and relocates the external reference of the program. The dynamic connector then gives control to the application, starting from the entry point of the Program defined in the ELF file header. (For example, test. userlib is used in c. the so function foo () is put into the ELF File test during compilation, and the corresponding statement is also changed to call fakefoo (). When I load test, I know that foo () is an external call, so I resort to the dynamic linker to load userlib. so, parse the foo () function address, and redirect fakefoo () to foo (), so that call foo () is successful .)
In short, the entire shell is typed. /Test: The current shell process fork generates a sub-process (sub-shell), and the sub-process uses execve to disassociate from the parent process, load the test file (ELF format) to the memory. If test uses a dynamic link library, it needs to load the dynamic link library (or program interpreter) used by test to the memory, and then locate it for test to call. Finally, run test from the entry address of test.
PS: the modern dynamic linker uses the delayed loading and resolution technologies for performance and other reasons, delayed loading means that the dynamic Connection Library is loaded into the memory space only when necessary (through the page exception mechanism). Delayed parsing means to the dynamic link library (to load) when the function in is called, The start address of the function will be parsed for the caller to use. The implementation of the dynamic linker is quite complex. For performance and other reasons, direct stack operations are heavily used. If you are interested, you can look for relevant code.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
