exec系列功能的工作 [英] Working of exec family functions
问题描述
我正在研究exec函数家族.其手册页说,它将新的过程映像替换为当前过程映像.如果替换了二进制文件,则返回后如何获取称为exec的进程的先前参数?由于替换进程映像意味着替换了其所有内存部分.如果我输入错误或知识不足,请更正我.
I am studying exec family of functions.Its man page says,it replaces the current process image with a new process image. If it replaces the binary,then after returning back,how does it get the previous parameters of the process which called exec?As replacing process image means replacing all its memory sections.Please correct me if I am wrong or having less knowledge.
推荐答案
The real job is done by the execve(2) system call. All other functions (like execvp ...) are calling execve.
execve 是一个非常复杂的系统调用.成功后不会返回.但是进程状态(包括地址空间)已被(几乎)完全重写.
The execve is quite a complex system call. When successful it does not return. But the process state (including address space) has been rewritten [almost] entirely.
因此,基本上,地址空间正在变得新鲜.它包含二进制可执行文件中的段.
So basically, the address space is becoming fresh. It contains segments from the binary executable.
程序参数,环境等已被复制(在堆栈段的底部)到新的地址空间中.因此,它们受到限制(受 ARG_MAX 限制,通常为128 KB-但您可以通过重新编译内核来提高它).
The program arguments, environment, etc... have been copied (at the bottom of the stack segment) into the new address space. Hence they are limited (by ARG_MAX, typically 128Kbytes -but you could raise that by recompiling your kernel).
实际上,地址空间的更改大部分是偷懒完成的(使用写时复制);实际上,分页是无效的,随后的访问会得到页面错误,内核通过提供新页面等来服务……
The address space change is actually mostly done lazily (using copy on write); in reality the paging is invalidated, and subsequent accesses get pages fault, which the kernel serves by providing the new page, etc etc...
在Linux上,我建议调查/proc/(请参见 proc(5)了解更多).尤其要尝试 cat/proc/self/maps ,它将向您显示运行 cat 的进程的地址空间映射.
On Linux, I suggest looking into /proc/ (see proc(5) for more). In particular, try cat /proc/self/maps which will show you the address space map of the process running that cat.
当然 execve 通常在之后使用fork(2),可能还使用 dup2(2)和/或 pipe(2),和一些等待的系统调用,例如 waitpid(2)或 wait4(2),也许处理 SIGCHLD 信号-参见 signal(7)& sigaction(2).请阅读例如高级linux编程(您可以在线阅读).
Of course execve is often used after fork(2), and probably also with dup2(2) and/or pipe(2), and some waiting syscall like waitpid(2) or wait4(2), perhaps handling SIGCHLD signal -see signal(7) & sigaction(2). Please read e.g. advanced linux programming (which you can read online).
您还可以考虑使用 popen(3)或系统(3)(它们正在调用 pipe 表示 popen ,然后 fork & execve 表示/bin/sh -c ....).
You could also consider using popen(3) or system(3) (they are calling pipe for popen, then fork & execve of /bin/sh -c ....).
这篇关于exec系列功能的工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
