C99 变长数组 测试

#include <stdio.h>
#include <stdlib.h>
#define dprint(A) printf("%s:\t\t%p\n", #A, A);
void foo(int n, int m)
{
    int xy = 8;
    int a[n];
    int x = 1;
    float y = 1.0;

    dprint(&xy);
    dprint(&x);
    dprint(&y);
    printf("&a[%d]:\t%p\n",m, &a[m]);
    dprint(a);

}

int main(int argc, char *argv[])
{
    if(argc == 3)
        foo(atoi(argv[1]), atoi(argv[2]));
    return 0;
}

/* ---------------------
测试结果：
-->gcc -g -std=c99 Noname1.c -o a.exe

-->a 100 115
&xy:            0x22ff24
&x:             0x22ff20
&y:             0x22ff1c
&a[115]:        0x22ff1c
a:              0x22fd50

-->a 1000 1015
&xy:            0x22ff24
&x:             0x22ff20
&y:             0x22ff1c
&a[1015]:       0x22ff1c
a:              0x22ef40
------------------------ */

　　可以看出，变长数组被当做特殊的局部变量，相对于普通局部变量，它的位置总是在栈的低地址处。。 只是这个常数15该如何解释?

反汇编下，期待高人分析：

-->objdump -dS a.exe > tmp.txt
#define dprint(A) printf("%s:\t\t%p\n", #A, A);
void foo(int n, int m)
{
  4013d9:	55                   	push   %ebp
  4013da:	89 e5                	mov    %esp,%ebp
  4013dc:	57                   	push   %edi
  4013dd:	56                   	push   %esi
  4013de:	53                   	push   %ebx
  4013df:	83 ec 5c             	sub    $0x5c,%esp
  4013e2:	89 e0                	mov    %esp,%eax
  4013e4:	89 c7                	mov    %eax,%edi
    int xy = 8;
  4013e6:	c7 45 dc 08 00 00 00 	movl   $0x8,-0x24(%ebp)
    int a[n];
  4013ed:	8b 75 08             	mov    0x8(%ebp),%esi
  4013f0:	8d 46 ff             	lea    -0x1(%esi),%eax
  4013f3:	89 45 e0             	mov    %eax,-0x20(%ebp)
  4013f6:	89 f0                	mov    %esi,%eax
  4013f8:	ba 00 00 00 00       	mov    $0x0,%edx
  4013fd:	89 c1                	mov    %eax,%ecx
  4013ff:	80 e5 ff             	and    $0xff,%ch
  401402:	89 d3                	mov    %edx,%ebx
  401404:	83 e3 0f             	and    $0xf,%ebx
  401407:	89 c8                	mov    %ecx,%eax
  401409:	89 da                	mov    %ebx,%edx
  40140b:	0f a4 c2 05          	shld   $0x5,%eax,%edx
  40140f:	c1 e0 05             	shl    $0x5,%eax
  401412:	89 c1                	mov    %eax,%ecx
  401414:	80 e5 ff             	and    $0xff,%ch
  401417:	89 4d c0             	mov    %ecx,-0x40(%ebp)
  40141a:	89 d1                	mov    %edx,%ecx
  40141c:	83 e1 0f             	and    $0xf,%ecx
  40141f:	89 4d c4             	mov    %ecx,-0x3c(%ebp)
  401422:	8b 45 c0             	mov    -0x40(%ebp),%eax
  401425:	8b 55 c4             	mov    -0x3c(%ebp),%edx
  401428:	89 f0                	mov    %esi,%eax
  40142a:	ba 00 00 00 00       	mov    $0x0,%edx
  40142f:	89 c1                	mov    %eax,%ecx
  401431:	80 e5 ff             	and    $0xff,%ch
  401434:	89 4d b8             	mov    %ecx,-0x48(%ebp)
  401437:	89 d1                	mov    %edx,%ecx
  401439:	83 e1 0f             	and    $0xf,%ecx
  40143c:	89 4d bc             	mov    %ecx,-0x44(%ebp)
  40143f:	8b 45 b8             	mov    -0x48(%ebp),%eax
  401442:	8b 55 bc             	mov    -0x44(%ebp),%edx
  401445:	0f a4 c2 05          	shld   $0x5,%eax,%edx
  401449:	c1 e0 05             	shl    $0x5,%eax
  40144c:	89 c1                	mov    %eax,%ecx
  40144e:	80 e5 ff             	and    $0xff,%ch
  401451:	89 4d b0             	mov    %ecx,-0x50(%ebp)
  401454:	89 d1                	mov    %edx,%ecx
  401456:	83 e1 0f             	and    $0xf,%ecx
  401459:	89 4d b4             	mov    %ecx,-0x4c(%ebp)
  40145c:	8b 45 b0             	mov    -0x50(%ebp),%eax
  40145f:	8b 55 b4             	mov    -0x4c(%ebp),%edx
  401462:	89 f0                	mov    %esi,%eax
  401464:	c1 e0 02             	shl    $0x2,%eax
  401467:	83 c0 0f             	add    $0xf,%eax
  40146a:	83 c0 0f             	add    $0xf,%eax
  40146d:	c1 e8 04             	shr    $0x4,%eax
  401470:	c1 e0 04             	shl    $0x4,%eax
  401473:	e8 f8 02 00 00       	call   401770 <___chkstk>
  401478:	8d 44 24 0c          	lea    0xc(%esp),%eax
  40147c:	83 c0 0f             	add    $0xf,%eax
  40147f:	c1 e8 04             	shr    $0x4,%eax
  401482:	c1 e0 04             	shl    $0x4,%eax
  401485:	89 45 e4             	mov    %eax,-0x1c(%ebp)
    int x = 1;
  401488:	c7 45 d8 01 00 00 00 	movl   $0x1,-0x28(%ebp)
    float y = 1.0;
  40148f:	b8 00 00 80 3f       	mov    $0x3f800000,%eax
  401494:	89 45 d4             	mov    %eax,-0x2c(%ebp)

    dprint(&xy);
  401497:	8d 45 dc             	lea    -0x24(%ebp),%eax
  40149a:	89 44 24 08          	mov    %eax,0x8(%esp)
  40149e:	c7 44 24 04 64 80 40 	movl   $0x408064,0x4(%esp)
  4014a5:	00 
  4014a6:	c7 04 24 68 80 40 00 	movl   $0x408068,(%esp)
  4014ad:	e8 fe fe ff ff       	call   4013b0 <_printf>
    dprint(&x);
  4014b2:	8d 45 d8             	lea    -0x28(%ebp),%eax
  4014b5:	89 44 24 08          	mov    %eax,0x8(%esp)
  4014b9:	c7 44 24 04 71 80 40 	movl   $0x408071,0x4(%esp)
  4014c0:	00 
  4014c1:	c7 04 24 68 80 40 00 	movl   $0x408068,(%esp)
  4014c8:	e8 e3 fe ff ff       	call   4013b0 <_printf>
    dprint(&y);
  4014cd:	8d 45 d4             	lea    -0x2c(%ebp),%eax
  4014d0:	89 44 24 08          	mov    %eax,0x8(%esp)
  4014d4:	c7 44 24 04 74 80 40 	movl   $0x408074,0x4(%esp)
  4014db:	00 
  4014dc:	c7 04 24 68 80 40 00 	movl   $0x408068,(%esp)
  4014e3:	e8 c8 fe ff ff       	call   4013b0 <_printf>
    printf("&a[%d]:\t%p\n",m, &a[m]);
  4014e8:	8b 45 e4             	mov    -0x1c(%ebp),%eax
  4014eb:	8b 55 0c             	mov    0xc(%ebp),%edx
  4014ee:	c1 e2 02             	shl    $0x2,%edx
  4014f1:	01 d0                	add    %edx,%eax
  4014f3:	89 44 24 08          	mov    %eax,0x8(%esp)
  4014f7:	8b 45 0c             	mov    0xc(%ebp),%eax
  4014fa:	89 44 24 04          	mov    %eax,0x4(%esp)
  4014fe:	c7 04 24 77 80 40 00 	movl   $0x408077,(%esp)
  401505:	e8 a6 fe ff ff       	call   4013b0 <_printf>
    dprint(a);
  40150a:	8b 45 e4             	mov    -0x1c(%ebp),%eax
  40150d:	89 44 24 08          	mov    %eax,0x8(%esp)
  401511:	c7 44 24 04 83 80 40 	movl   $0x408083,0x4(%esp)
  401518:	00 
  401519:	c7 04 24 68 80 40 00 	movl   $0x408068,(%esp)
  401520:	e8 8b fe ff ff       	call   4013b0 <_printf>
  401525:	89 fc                	mov    %edi,%esp

}