December 29, 2025
Proofs, poison, and popcorn
Formally Verifying Peephole Optimisations in Lean
Student’s proof-powered peephole project sparks ethics debate and “poison” panic
TLDR: A student launched a Lean-powered project to formally prove small code rewrites for compilers and stream the process. Comments split between questioning “undefined behavior as poison” and challenging the claimed moral stance against LLVM, while others cheer a trustless, universal rule library for safer optimizations.
Move over big-boy compilers — a student just dropped peephole-formal and started streaming builds, promising to prove tiny code clean‑ups correct with Lean, a math proof tool. Think of peephole optimizations as tidy little rewrites like “2 * x” becoming “x << 1.” The goal: a universal rulebook, machine‑assisted discovery via superoptimizers like Souper, and trustless correctness. Non‑tech translation: collect all the quick fixes, make them safe for every case, and let computers find new ones. The community grabbed popcorn — some cheering “finally, proof‑powered speedups,” others bracing for headache math. It’s nerdy drama.
And then the drama. The project’s cheeky line about “moral reasons” to avoid linking LLVM lit up replies; joek1301 asked, “For what moral reasons would I avoid linking LLVM?”—ethics vs pragmatism. Meanwhile amluto challenged the foundation: is treating undefined behavior (the “anything can happen” zone) as “poison” actually sound? If rules rely on poison, do proofs still hold? Proof‑maximalists shouted “trustless or bust,” pragmatists warned “don’t build on footguns,” while jokers spammed “Lean cuisine.” Memes crowned peepholes the “paparazzi of compilers,” and skeptics worried about bit‑width edge cases and rule conflicts. Verdict: hype, heat, and a very online philosophy class on how we should optimize code.
Key Points
- •A new project, “peephole-formal,” aims to formalize and verify compiler peephole optimizations.
- •The project targets a universal, interoperable IR with LLVM-style integer semantics and minimal control flow (only select).
- •Correctness will be proven in Lean using a trustless mix of automated and manual proofs, supported by metaprogramming/tactics.
- •The framework will support exporting/importing rewrite rules and interoperability with superoptimizers like Souper, serving as training data.
- •Future goals include denotational semantics and a formally verified optimizer requiring confluence to ensure a greatest fixed point.