Construction of Systems Software Using Specifications of Procedure Calling Conventions

The procedure calling convention impacts the operation of many system software components. The interface between procedures, which is established by the calling convention, facilitates separate compilation of program modules and interoperability of programming languages. The procedure calling convention dictates the way that program values are communicated, and how machine resources are shared between a procedure making a call (the caller) and the procedure being called (the callee). What makes calling conventions unique and interesting is that they are not implementation dependent or entirely language dependent. Instead, the calling convention is machinedependent because the rules for passing values from one procedure to another depend on machine-specific features such as memory alignment restrictions and register usage conventions. Further, code that implements the calling convention must be generated by the compiler and understood by other systems software. Applications, such as compilers and debuggers, which generate, or process procedures at the machine-language abstraction level require knowledge of the procedure calling convention. Currently, applications that process procedures implement conventions in an ad-hoc manner. The resulting code is complicated with details, difficult to maintain, and often plagued with errors. In this paper, we describe the only known formal model and specification language for procedure calling conventions. The model and language, in combination, facilitate the accurate specification of conventions that can be shown to be both consistent and complete. Further, we show how the convention specifications can be used to automatically generate that part of the code generator responsible for generating procedure calls. Finally, we discuss a new compiler testing technique that uses the specifications to further close the gap between actual compiler implementations and correct compilers. The technique, which uses a target-sensitive test suite generator, has exposed and diagnosed faults in several C compilers.