How is an executable file run on an O/S?

Question

Just a conceptual question. A program file is compiled and linked with required libraries into an exe file. Now this file I understand is machine code, which the processor can understand. What I am curious about is how the OS plays a role. I would of thought the OS actually interprets the exe file ? I mean if I write a program in assembly, I could do modification on memory blocks anywhere, does the OS protect against this?

Answer 1

Yes the OS (specifically the loader) parses the executable file format. On Windows this is a PE (Portable Executable). On Linux, this is typically an ELF (Executable and Linkable Format) file. Generally, the OS doesn't concern itself with the actual code, however.

The loader determines which chunks of the program on disk go where in memory. Then it allocates those virtual address ranges, and copies the relevant parts of the file into place. Then it does any relocations required, and finally jumps to the entry point (also specified in the file format.)

The thing to remember is that most all modern OSes protect processes from one another by means of Virtual Memory. That means that every process runs isolated in its own Virtual Address space. So if Notepad writes to address 0x700000, he's not going to affect a variable that Word has at 0x700000. By the way these virtual addresses work, those actually map to totally different addresses in RAM.

On x86 platforms, this security is provided by the Protected Mode and Paging features of the processor.

The key is that it is the hardware that prevents you from doing anything "bad".

• Peering Inside the PE: A Tour of the Win32 Portable Executable File Format
• Microsoft PE and COFF Specification
• ELF Specification