36 0x200
familiar address of EBP minus 4 into the EAX register. The execution of this
instruction is shown below.(gdb) x/i $eip
0x804839f <main+43>: lea eax,[ebp-4]
(gdb) print $ebp - 4
$2 = (void *) 0xbffff804
(gdb) x/x $2
0xbffff804: 0x00000000
(gdb) i r eax
eax 0xd 13
(gdb) nexti
0x080483a2 6 for(i=0; i < 10; i++)
(gdb) i r eax
eax 0xbffff804 -1073743868
(gdb) x/xw $eax
0xbffff804: 0x00000000
(gdb) x/dw $eax
0xbffff804: 0
(gdb)The following inc instruction will increment the value found at this address
(now stored in the EAX register) by 1. The execution of this instruction is also
shown below.(gdb) x/i $eip
0x80483a2 <main+46>: inc DWORD PTR [eax]
(gdb) x/dw $eax
0xbffff804: 0
(gdb) nexti
0x080483a4 6 for(i=0; i < 10; i++)
(gdb) x/dw $eax
0xbffff804: 1
(gdb)The end result is the value stored at the memory address EBP minus 4
(0xbffff804), incremented by 1. This behavior corresponds to a portion of C
code in which the variable i is incremented in the for loop.
The next instruction is an unconditional jump instruction.(gdb) x/i $eip
0x80483a4 <main+48>: jmp 0x804838b <main+23>
(gdb)When this instruction is executed, it will send the program back to the
instruction at address 0x804838b. It does this by simply setting EIP to that value.
Looking at the full disassembly again, you should be able to tell which
parts of the C code have been compiled into which machine instructions.