Computer & OS Fundamentals · beginner · ~10 min
Trace what happens from source code to a running process the CPU executes.
The CPU runs a fetch-decode-execute loop over machine code in memory. Compiled code becomes machine code directly; interpreted code is run by an interpreter. Code and data share memory.
Exploitation, shellcode, and reverse engineering all operate at the level of "the CPU executes whatever the program counter points at." This mental model is why control-flow hijacks like return-address overwrites work.
Fetch-decode-execute. The CPU's core loop. Program counter. Holds the address of the next instruction. Machine code. What actually executes, whether produced ahead of time (compiled) or driven by an interpreter. Von Neumann. Code and data live in the same memory — the root of memory-safety risk.
A program is just data until the CPU executes it. Understanding that path is the foundation for everything from debugging to exploitation.
The CPU repeats one loop billions of times a second:
For a compiled language like C: source → compiler → machine code → loaded into memory → executed. For interpreted languages, an interpreter (itself a compiled program) reads and runs the source. Either way, what the CPU runs is machine code.
Memory-corruption bugs, shellcode, and reverse engineering all live at this layer. When you understand that code and data share the same memory and the CPU blindly executes whatever the program counter points at, you understand why overwriting a return address can hijack execution — the core idea behind classic exploitation.
A computer executes machine code via a fetch-decode-execute loop, with the program counter choosing what runs next. Because code and data share memory, controlling what the program counter points at means controlling execution — the seed of memory exploitation.