We present Pyrosome, a generic framework for the verification of extensible, compositional compilers in Coq. Current techniques for proving compiler correctness are generally tied to the specific structures of the languages and compilers that they support. This limits the extent to which these systems can be extended and composed. In Pyrosome, verified compilers are fully extensible, meaning that to add a new feature to a language simply requires defining and verifying the compilation of that single feature, reusing the old correctness theorem to cover all other cases. This is made possible by an inductive formulation of equivalence preservation that supports the addition of new rules to the source language, target language, and compiler.

Pyrosome defines a formal, deeply embedded notion of programming languages with semantics given by sorted equational theories, so all compiler-correctness proofs boil down to type-checking and equational reasoning. We support vertical composition of any compilers expressed in our framework in addition to feature extension. Since our design requires compilers to support open programs, our correctness guarantees support linking with any target code of the appropriate type. As a case study, we have developed a multipass compiler from STLC through CPS translation and closure conversion, and show that natural numbers, the unit type, recursive functions, and a global heap can be added to this compiler while reusing the original proofs.