Skip to content

Bounds checking #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ivogabe merged 50 commits into from
Jan 29, 2026
Merged

Bounds checking #12

ivogabe merged 50 commits into from
Jan 29, 2026

Conversation

@ivogabe
Copy link
Owner

@ivogabe ivogabe commented Jan 29, 2026

Description
Adds bounds checks, and a simplified analysis to statically prove some (hopefully most) of them statically.

Motivation and context
Indexing outside the bounds of an array is a common cause of many problems. Furthermore, other operations like fold1 require that the input is non-empty, which we didn't check yet in the new pipeline
How has this been tested?
Describe how your changes have been tested. Include details of your testing environment.

Types of changes
What types of changes does your code introduce? Put an x in all the boxes that apply:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist
Go over all the following points, and put an x in all the boxes that apply. If you're unsure about any of these, don't hesitate to ask. We're here to help!

  • My code follows the code style of this project
  • My change requires a change to the documentation
  • I have updated the documentation accordingly
  • I have added tests to cover my changes
  • All new and existing tests passed

VLNohai and others added 30 commits February 25, 2025 14:48
@VLNohai
Added bounds checks in desugar
5e452b4
@VLNohai
Merge branch 'new-pipeline' of https://github.com/ivogabe/accelerate
6a53937 
…into new-pipeline
@VLNohai
Adapted bounds checks to new Permute definition
db42774
@VLNohai
progress
7e849aa
@VLNohai
bounds checking optimization
dd2663d
@VLNohai
completed bounds checking
b325b1e
@VLNohai
merged bounds checking
2f0265c
@VLNohai
Comments and cleanup
542bb9e
@VLNohai
fixed cond bug
2100708
@VLNohai
allowed expression level pi assignments to constrain array level indices
8fa1696
@VLNohai
captured collective assertions inside mappings
c226c42
@VLNohai
Added Aassert and checked array combinators have input size > 0 befor…
994f6c6 
…e propagating persistent refinements out
@VLNohai
reverted from using index between map input array and map argument as…
51a30d6 
… it did more harm than good
@VLNohai
fixed rnf of Aassert
0fe4d42
@VLNohai
minor change, leftover from debug
e549c4a
@ivogabe
Revert accidental change
d7dce85
@ivogabe
Move Aassert out of Alet, tune pretty printer of Aassert, add/edit co…
1e54413 
…mments
@ivogabe
Implement assertions in fusion, fix if-then-else in fusion, remove un…
44a6b2d 
…safeCoerce
@ivogabe
Val should contain a single Node instead of a set of Nodes
1b66613
@ivogabe
Implement Aassert in remainder of pipeline
0e34785
@VLNohai
fixed bug in SCEV for multidimensional arrays
8fc786d
@ivogabe
Merge branch 'bounds-checking' of https://github.com/VLNohai/accelerate
94b7b07 
… into bounds-checking
@ivogabe
Remove IdxSet from Aassert to simplify semantics, use bounds analysis…
318fd10 
… to simplify Acond and Awhile
@ivogabe
Add assertions via links between Node Comp, instead of as a dummy Nod…
174ba35 
…e GVal on each variable

The old approach wouldn't work for terms without free variables
@ivogabe
Fix condition of awhile (not only analyzed for initial state), transf…
0b89157 
…orm if and awhile if condition is known, and other small changes to bounds analysis
@ivogabe
Add array-level assumptions everywhere, add array-level assertions to…
72ae0f3 
… front-end, generate assertions from beginning
@ivogabe
Merge branch 'new-pipeline' into bounds-checking
e8f330a
@ivogabe
Optimize comparison of identical arguments
1ce1f2b
@ivogabe
Don't add bounds checks during desugaring (aka lowering); we now add …
4090ce2 
…them in Language.hs and Prelude.hs

Desugaring was already rather difficult, and this way we don't need to complicate it further
@ivogabe
Check non-negative size in fromList, add assumptions on size during d…
bb94139 
…esugaring (aka lowering)
ivogabe added 19 commits November 26, 2025 22:37
@ivogabe
Change let rotation of expressions, move assertions out of Compute in…
36f7e73 
… OperationAcc
@ivogabe
Do not propagate info from one subexpression to a sibling subexpression
32e99d8 
By other passes, the first subexpression may be (re)moved, making the analysis unsound
@ivogabe
Merge branch 'new-pipeline' into bounds-checking
02ca403
@ivogabe
Add fine-grained dependency tracking of assertions with Fence
6c62452
@ivogabe
Eliminate copy of undef array for permute in different way
11acd25 
The old syntax-oriented uniqueness check did not work after adding assertions to permute. The fusion & in-place updates pass also could not remove the copy, as the array was constructed in an alloc and not written to by any operation.

The copy is now eliminated by the operation simplifier, which checks wheter an operation is a copy operation for all of its outputs, and the corresponding inputs are undef
@ivogabe
Change assertions to functions to simplify ordering guarantees
80a1434 
This makes it more clear that the assertion is ran after the given term. This commit also adds documentation to explain these semantics.
@ivogabe
Handle all constructions in Exp match, better handle assert, assume a…
7d70330 
…nd vec (un)pack in Exp simplifier
@ivogabe
Group comparison functions together in one constructor
5edc24a
@ivogabe
Remove Gt and LtEq
e0c99eb 
These are equivalent to Lt and GtEq with their arguments swapped. By removing these two constructors, we simplify the compiler. We also can better detect that two expressions are the same (via matchOpenExp).
@ivogabe
Remove IndexSlice and IndexFull constructors
9a277db 
Since they just restructure two tuples, I removed these constructors.
We can better track and analyse the program by just using the tuple constructors (Pair and Nil).

The Exp simplifier already tried to remove uses of IndexSlice and IndexFull. Now we just do that always, directly from the beginning.
@ivogabe
Remove PrimConst
9575039 
It can be replaced by a regular Const. This simplifies any pass that operates on expressions, and we can still recognize the primitive constants if we ever need to do that
@ivogabe
Add new simplified WIP bounds analysis
ae90e39 
TODO: Handle all OperationAcc constructors, and more testing
@ivogabe
Add type class for backend-specific part of bounds analysis, rename t…
4417b02 
…est to inspectCompiler, add type synonym for set of transformation type classes of backends.
@ivogabe
Clarify documentation of undef
994f93d
@ivogabe
Remove duplicate assertions, fix codegen to UniformSchedule of assert…
7d65b96 
…ions
@ivogabe
Remove first (old) bounds analysis
3db877c
@ivogabe
Add folds and scans to bounds analysis, handle casts, several fixes
7a75328
@ivogabe
Put bounds checks behind a flag
c303c33
@ivogabe
Fixes after initial review
67dbc84
@ivogabe
Copy link
Owner Author

ivogabe commented Jan 29, 2026

@VLNohai I implemented a simplified bounds analysis based on your implementation and experiments. The new implementation is more conservative, but should not be sound with overflows and dead code elimination. It is also shorter (as we should also consider the maintainability of Accelerate).

For now I put the bounds checks behind a flag. I would like to enable them by default, but I first want to see what the performance impact of the bounds checks are. The simplified analysis can already eliminate the bounds checks from filter, but I should do more testing first.

@ivogabe ivogabe mentioned this pull request Jan 29, 2026
Merged
@ivogabe ivogabe merged commit 53d4f12 into new-pipeline Jan 29, 2026
4 of 86 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ivogabe @VLNohai