A Brief Introduction to the Underlying Mechanisms of Linux Program Execution

🌟 1. Program Startup: From “Forking” to “Transforming”

1. Forking

• After entering a command, the Shell instantlyforks a child process, where the parent and child share resources, but throughCopy-On-Write (COW) optimization—only when data is modified do they “split”, saving time and effort!

Transforming (execve)

• The child process calls<span>execve</span> to replace its genes: the kernel parses the ELF file format, loads the code segment and data segment, resets the stack, and thus transforms into the<span>hello</span> program!

🧠 2. Memory Space: The Precise Layout of the Virtual World

• Five Core Areas

• Code Segment: The read-only “manual” (.text segment)

• Data Segment: The “storage room” for global variables (.data and .bss)

• Heap Segment: The “free market” for dynamically allocated memory (malloc relies on it!)

• Stack Segment: The “temporary ledger” for function calls (automatic variables and return addresses)

• Shared Libraries: The “toolkit” loaded on demand (e.g., libc.so mapped via mmap)

📌 Black Technology: Physical memory is allocated by the kernel only when a page fault occurs, truly achieving “on-demand loading”!

🔗 3. Dynamic Linking: The “Puzzle Art” of Programmers

• Dynamic Linker (ld.so)

• Loads dependent libraries like a puzzle, achieving “lazy loading” throughGOT table andPLT table—addresses are bound only when functions are called for the first time, speeding up startup!

• Static Linking VS Dynamic Linking

• Static Linking: All code is packed into a “portable toolbox”, fast to start but large in size.

• Dynamic Linking: “Shared toolkits” are fetched as needed, saving space but requiring dependency resolution.

⚡ 4. System Calls: The “Instant Transition” Between User Mode and Kernel Mode

• Three-Step Transition Method

1. User mode triggers the<span>syscall</span> instruction

2. The kernel finds the corresponding function using the system call number (e.g., __NR_write)

3. Save the state → Execute kernel code → Restore the state

Classic Example<span>printf</span> ultimately calls the<span>write</span> system call, and the output result undergoes such a complex “cross-border journey”!

🛠️ 5. Essential Tools for Experts: Debugging and Performance Optimization

• strace: Monitors all system calls of a program in real-time, like an X-ray machine revealing program behavior!

• perf: Generates flame graphs to quickly identify CPU performance bottlenecks!

• Valgrind: Memory leaks? Out-of-bounds access? Use it to catch “memory ghosts” for sure!

• GDB: Set breakpoints, inspect memory, disassemble—debugging weaponry!

🚀 Practical Example: The Fantastic Journey of Hello World

1. The Shell forks a child process

2. The child process transforms and loads the hello program

3. The dynamic linker summons the libc library

4. printf triggers the write system call

5. After outputting text, the kernel reclaims resources

💡 Fun Fact: Linux uses ASLR technology to randomize memory addresses, making it harder for hackers to attack!

Understanding these mechanisms not only allows you to write more efficient code but also helps you quickly solve problems when programs crash! Have you used strace or Valgrind to tackle tricky issues? Feel free to share your “bug-catching” experiences in the comments! 👇