Author Topic: Why int 3 was used padding?  (Read 15883 times)

nobody

  • Guest
Why int 3 was used padding?
« on: October 31, 2005, 05:45:05 AM »
Why not using other instruction?

nobody

  • Guest
Re: Why int 3 was used padding?
« Reply #1 on: November 02, 2005, 08:47:09 PM »
> Why int 3 was used padding?

Used by whom?

AFAIK, NASM won't ever pad with INT3 on its own.

nobody

  • Guest
Re: Why int 3 was used padding?
« Reply #2 on: November 05, 2005, 01:33:20 AM »
The INT3 opcode (0xcc) is a "trap to debugger" opcode if you're running in debug mode.  So, one purpose for using that value as padding is in case your program is buggy and accidentally JMPs or CALLs to the wrong address, it will simply trigger a debug breakpoint rather than running some malformed assembly instruction because it hopped right into the middle of what should've otherwise been an opcode beginning a few bytes earlier.

It's the same reason most of Microsoft's products initialize everything to 0xCC in debug mode (rather than 0x00 as it does in release mode).

- Rick C. Hodgin