On Tue, May 15, 2018 at 2:43 PM Alexey Dobriyan <adobriyan@gmail.com> wrote:

> It crashed into the middle of the padding.

No, the beginning of the padding. "int3" will push the return address on
the stack, so when it points to the second 'int3' instruction, it's because
the first one triggered.

                Linus