Compositional Compiler Verification via Parametric Simulation

Compiler verification is essential for the construction of fully verified software, but most prior work (such as CompCert) has focused on verifying whole-program compilers. To support separate compilation and to enable linking of results from different verified compilers, it is important to develop a compositional notion of compiler correctness that is modular (preserved under linking), transitive (supports multi-pass compilation), and flexible (applicable to a wide variety of languages and program transformations). In this work, building on prior work of Hur et al. [7], we develop a novel approach to compositional compiler verification based on parametric inter-language simulations (PILS). PILS are as modular and flexible as state-of-the-art logical-relations models, but are transitive as well. We demonstrate the effectiveness of PILS by using them to verify Pilsner, a simple but non-trivial multi-pass optimizing compiler for an ML-like language programmed in Coq. This has been a significant undertaking, involving several personyears of work and around 40,000 lines of Coq.