[zz]Why does the compiler generate a MOV EDI, EDI instruction at the beginning of functions?

http://blogs.msdn.com/ishai/archive/2004/06/24/165143.aspx

 

Why does the compiler generate a MOV  EDI, EDI instruction at the beginning of functions?

I’ve recently noticed that on the XPSP2 Beta that I am running the function prologs look like this:    

     MOV    EDI, EDI

     PUSH   EBP

     MOV    EBP, ESP

The PUSH  EBP and MOV EBP, ESP instructions are standard frame establishment, but what is the purpose of the MOV EDI,EDI instruction?  Seems like a 2-byte NOP instruction.

MOV EDI,EDI is indeed a 2-byte no-op that is there to enable hot-patching.   It enables the application of a hot-fix to a function without a need for a reboot, or even a restart of a running application.   Instead, at runtime, the 2-byte NOP is replaced by a short jump to a long jump instruction that jumps to the hot-fix function.   A 2-byte instruction is required so that when patching the instruction pointer will not point in a middle of an instruction.

posted @ 2010-05-06 22:31  bettermanlu  阅读(269)  评论(0编辑  收藏  举报