[zz]Why does the compiler generate a MOV EDI, EDI instruction at the beginning of functions?
http://blogs.msdn.com/ishai/archive/2004/06/24/165143.aspx
Why does the compiler generate a MOV EDI, EDI instruction at the beginning of functions?
I’ve recently noticed that on the XPSP2 Beta that I am running the function prologs look like this:
MOV EDI, EDI
PUSH EBP
MOV EBP, ESP
The PUSH EBP and MOV EBP, ESP instructions are standard frame establishment, but what is the purpose of the MOV EDI,EDI instruction? Seems like a 2-byte NOP instruction.
MOV EDI,EDI is indeed a 2-byte no-op that is there to enable hot-patching. It enables the application of a hot-fix to a function without a need for a reboot, or even a restart of a running application. Instead, at runtime, the 2-byte NOP is replaced by a short jump to a long jump instruction that jumps to the hot-fix function. A 2-byte instruction is required so that when patching the instruction pointer will not point in a middle of an instruction.