What Happens When You Double‑Click an App? Inside the OS Loading Process

Understanding Executable Files

An executable program is simply a file that stores a sequence of machine instructions. Unlike a text file meant for human reading, the content of an executable is intended for the CPU to execute. For example, chrome.exe contains millions of instructions packaged as a regular file.

How the Operating System Finds the Program

When you double‑click an icon or run a command, the OS first locates the executable on disk. The OS, itself a program that manages other programs, uses the file system to locate the file and then begins to parse its structure.

Parsing the ELF Format (Linux Example)

On Linux, executables usually follow the ELF (Executable and Linkable Format) specification. The ELF header tells the OS where the machine code, global variables, and other sections reside within the file. By reading this header, the OS can determine the locations of the code segment, data segment, and any required metadata.

Loading the Program into Memory

The OS copies the code and data sections from disk into RAM, allocating a suitable block of free memory for the process. It then divides this memory into several logical regions:

Code segment – contains the executable instructions.

Data segment – holds initialized global variables.

Heap – used for dynamic memory allocation during runtime.

Stack – stores function call frames, local variables, and return addresses.

These regions are abstract concepts; physically they occupy ordinary memory addresses, much like assigning different parking spots in a lot.

Dynamic Libraries and Memory Gaps

If the program depends on shared libraries, the OS loads those libraries into the unused space between the growing heap and the descending stack. This ensures that all required code is present in the process’s address space before execution begins.

Finding the Entry Point

The compiler records the address of the program’s first instruction (the entry point) in the ELF header. Tools such as readelf can display this "Entry point address" field. When the OS creates the process, it initializes the CPU’s instruction pointer with this address, allowing the CPU to start executing the program.

Execution Starts

With memory allocated, sections loaded, and the entry point set, the CPU begins fetching and executing instructions, and the program runs. This sequence explains the hidden steps that occur every time you double‑click an application icon.