1

When I disassembly a binary (compiled with g++) with objdump, I often see "random" bytes at the end of the contained functions, such as:

  4005a5:       66 66 2e 0f 1f 84 00    data32 nopw %cs:0x0(%rax,%rax,1)
  4005ac:       00 00 00 00

What are those bytes? Why the compiler put them there?

EDIT: apparently those bytes represent a long NOP instruction put there by the compiler to keep functions 16-byte aligned. The weird thing is that the only function which is not 16-byte aligned is the main function. Are there any reasons?

badnack
  • 737
  • 1
  • 11
  • 20
  • 1
    It's a padding NOP instruction. See http://stackoverflow.com/questions/29871947/what-is-the-meaning-of-the-data32-data32-nopw-cs0x0rax-rax-1-instruction-i and http://stackoverflow.com/questions/4798356/amd64-nopw-assembly-instruction – Ross Ridge May 02 '15 at 05:36
  • Typically gcc uses "short" NOPs (in 32-bit code 0x90 - I don't know about 64-bit code) in this case; using an instruction with redundant prefix (0x66 0x66) seems very strange to me. Maybe this memory location is used to store a constant value (0x0000841f0f2e6666) which is read using a %rip-relative instruction. – Martin Rosenau May 02 '15 at 06:17
  • The alignment is for performance. The compiler doesn't know how often your function is called, so it aligns it just in case. But since `main` is called only once, the compiler knows that there's not much benefit in aligning it. – Raymond Chen May 02 '15 at 07:54

0 Answers0