Expand assumes to the other unchecked slice ops

saethlin · saethlin · commit cba05f7a5fab · 2025-01-28T00:05:52.000-05:00
diff --git a/library/core/src/slice/index.rs b/library/core/src/slice/index.rs
@@ -265,7 +265,10 @@ unsafe impl<T> SliceIndex<[T]> for usize {
             (this: usize = self, len: usize = slice.len()) => this < len
         );
         // SAFETY: see comments for `get_unchecked` above.
-        unsafe { get_mut_noubcheck(slice, self) }
+        unsafe {
+            crate::intrinsics::assume(self < slice.len());
+            get_mut_noubcheck(slice, self)
+        }
     }
 
     #[inline]
@@ -317,7 +320,10 @@ unsafe impl<T> SliceIndex<[T]> for ops::IndexRange {
         // cannot be longer than `isize::MAX`. They also guarantee that
         // `self` is in bounds of `slice` so `self` cannot overflow an `isize`,
         // so the call to `add` is safe.
-        unsafe { get_offset_len_noubcheck(slice, self.start(), self.len()) }
+        unsafe {
+            crate::intrinsics::assume(self.end() <= slice.len());
+            get_offset_len_noubcheck(slice, self.start(), self.len())
+        }
     }
 
     #[inline]
@@ -329,7 +335,10 @@ unsafe impl<T> SliceIndex<[T]> for ops::IndexRange {
         );
 
         // SAFETY: see comments for `get_unchecked` above.
-        unsafe { get_offset_len_mut_noubcheck(slice, self.start(), self.len()) }
+        unsafe {
+            crate::intrinsics::assume(self.end() <= slice.len());
+            get_offset_len_mut_noubcheck(slice, self.start(), self.len())
+        }
     }
 
     #[inline]
@@ -404,6 +413,7 @@ unsafe impl<T> SliceIndex<[T]> for ops::Range<usize> {
         unsafe {
             // Using the intrinsic avoids a superfluous UB check,
             // since the one on this method already checked `end >= start`.
+            crate::intrinsics::assume(self.end <= slice.len());
             let new_len = crate::intrinsics::unchecked_sub(self.end, self.start);
             get_offset_len_noubcheck(slice, self.start, new_len)
         }
@@ -422,6 +432,7 @@ unsafe impl<T> SliceIndex<[T]> for ops::Range<usize> {
         );
         // SAFETY: see comments for `get_unchecked` above.
         unsafe {
+            crate::intrinsics::assume(self.end <= slice.len());
             let new_len = crate::intrinsics::unchecked_sub(self.end, self.start);
             get_offset_len_mut_noubcheck(slice, self.start, new_len)
         }
diff --git a/tests/codegen/issues/issue-116878.rs b/tests/codegen/issues/issue-116878.rs
@@ -9,3 +9,27 @@ pub unsafe fn unchecked_slice_no_bounds_check(s: &[u8]) -> u8 {
     // CHECK-NOT: panic_bounds_check
     a + s[0]
 }
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_mut
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_mut(s: &mut [u8]) -> u8 {
+    let a = *s.get_unchecked_mut(2);
+    // CHECK-NOT: panic_bounds_check
+    a + s[1]
+}
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_range
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_range(s: &[u8]) -> u8 {
+    let _a = &s.get_unchecked(..1);
+    // CHECK-NOT: panic_bounds_check
+    s[0]
+}
+
+// CHECK-LABEL: @unchecked_slice_no_bounds_check_range_mut
+#[no_mangle]
+pub unsafe fn unchecked_slice_no_bounds_check_range_mut(s: &mut [u8]) -> u8 {
+    let _a = &mut s.get_unchecked_mut(..2);
+    // CHECK-NOT: panic_bounds_check
+    s[1]
+}
