diff --git a/library/core/src/slice/index.rs b/library/core/src/slice/index.rs index 27afd3b8017..373b4aee47a 100644 --- a/library/core/src/slice/index.rs +++ b/library/core/src/slice/index.rs @@ -233,7 +233,10 @@ unsafe impl SliceIndex<[T]> for usize { // cannot be longer than `isize::MAX`. They also guarantee that // `self` is in bounds of `slice` so `self` cannot overflow an `isize`, // so the call to `add` is safe. - unsafe { slice.as_ptr().add(self) } + unsafe { + crate::intrinsics::assume(self < slice.len()); + slice.as_ptr().add(self) + } } #[inline] diff --git a/src/tools/miri/tests/fail/stacked_borrows/zst_slice.rs b/src/tools/miri/tests/fail/stacked_borrows/zst_slice.rs index fd51fa6468a..be4dac9957d 100644 --- a/src/tools/miri/tests/fail/stacked_borrows/zst_slice.rs +++ b/src/tools/miri/tests/fail/stacked_borrows/zst_slice.rs @@ -1,11 +1,10 @@ //@compile-flags: -Zmiri-strict-provenance -//@error-in-other-file: /retag .* tag does not exist in the borrow stack/ fn main() { unsafe { let a = [1, 2, 3]; let s = &a[0..0]; assert_eq!(s.len(), 0); - assert_eq!(*s.get_unchecked(1), 2); + assert_eq!(*s.as_ptr().add(1), 2); //~ ERROR: /retag .* tag does not exist in the borrow stack/ } } diff --git a/src/tools/miri/tests/fail/stacked_borrows/zst_slice.stderr b/src/tools/miri/tests/fail/stacked_borrows/zst_slice.stderr index 5568051905c..acae479ced2 100644 --- a/src/tools/miri/tests/fail/stacked_borrows/zst_slice.stderr +++ b/src/tools/miri/tests/fail/stacked_borrows/zst_slice.stderr @@ -1,26 +1,22 @@ error: Undefined Behavior: trying to retag from for SharedReadOnly permission at ALLOC[0x4], but that tag does not exist in the borrow stack for this location - --> RUSTLIB/core/src/slice/mod.rs:LL:CC + --> $DIR/zst_slice.rs:LL:CC | -LL | unsafe { &*index.get_unchecked(self) } - | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ - | | - | trying to retag from for SharedReadOnly permission at ALLOC[0x4], but that tag does not exist in the borrow stack for this location - | this error occurs as part of retag at ALLOC[0x4..0x8] +LL | assert_eq!(*s.as_ptr().add(1), 2); + | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + | | + | trying to retag from for SharedReadOnly permission at ALLOC[0x4], but that tag does not exist in the borrow stack for this location + | this error occurs as part of retag at ALLOC[0x4..0x8] | = help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information help: would have been created here, but this is a zero-size retag ([0x0..0x0]) so the tag in question does not exist anywhere --> $DIR/zst_slice.rs:LL:CC | -LL | assert_eq!(*s.get_unchecked(1), 2); - | ^^^^^^^^^^^^^^^^^^ +LL | assert_eq!(*s.as_ptr().add(1), 2); + | ^^^^^^^^^^ = note: BACKTRACE (of the first span): - = note: inside `core::slice::::get_unchecked::` at RUSTLIB/core/src/slice/mod.rs:LL:CC -note: inside `main` - --> $DIR/zst_slice.rs:LL:CC - | -LL | assert_eq!(*s.get_unchecked(1), 2); - | ^^^^^^^^^^^^^^^^^^ + = note: inside `main` at RUSTLIB/core/src/macros/mod.rs:LL:CC + = note: this error originates in the macro `assert_eq` (in Nightly builds, run with -Z macro-backtrace for more info) note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace diff --git a/src/tools/miri/tests/fail/uninit/uninit_byte_read.rs b/src/tools/miri/tests/fail/uninit/uninit_byte_read.rs index f1dace0cff9..9bc2b4338b0 100644 --- a/src/tools/miri/tests/fail/uninit/uninit_byte_read.rs +++ b/src/tools/miri/tests/fail/uninit/uninit_byte_read.rs @@ -1,7 +1,7 @@ //@compile-flags: -Zmiri-disable-stacked-borrows fn main() { let v: Vec = Vec::with_capacity(10); - let undef = unsafe { *v.get_unchecked(5) }; //~ ERROR: uninitialized + let undef = unsafe { *v.as_ptr().add(5) }; //~ ERROR: uninitialized let x = undef + 1; panic!("this should never print: {}", x); } diff --git a/src/tools/miri/tests/fail/uninit/uninit_byte_read.stderr b/src/tools/miri/tests/fail/uninit/uninit_byte_read.stderr index b70f0ad9950..3917d868289 100644 --- a/src/tools/miri/tests/fail/uninit/uninit_byte_read.stderr +++ b/src/tools/miri/tests/fail/uninit/uninit_byte_read.stderr @@ -1,8 +1,8 @@ error: Undefined Behavior: using uninitialized data, but this operation requires initialized memory --> $DIR/uninit_byte_read.rs:LL:CC | -LL | let undef = unsafe { *v.get_unchecked(5) }; - | ^^^^^^^^^^^^^^^^^^^ using uninitialized data, but this operation requires initialized memory +LL | let undef = unsafe { *v.as_ptr().add(5) }; + | ^^^^^^^^^^^^^^^^^^ using uninitialized data, but this operation requires initialized memory | = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information diff --git a/src/tools/miri/tests/pass/float_nan.rs b/src/tools/miri/tests/pass/float_nan.rs index 9b0a40c41b9..6ea034e2cda 100644 --- a/src/tools/miri/tests/pass/float_nan.rs +++ b/src/tools/miri/tests/pass/float_nan.rs @@ -20,8 +20,8 @@ use NaNKind::*; #[track_caller] fn check_all_outcomes(expected: HashSet, generate: impl Fn() -> T) { let mut seen = HashSet::new(); - // Let's give it 8x as many tries as we are expecting values. - let tries = expected.len() * 8; + // Let's give it sixteen times as many tries as we are expecting values. + let tries = expected.len() * 16; for _ in 0..tries { let val = generate(); assert!(expected.contains(&val), "got an unexpected value: {val}"); diff --git a/tests/codegen/issues/issue-116878.rs b/tests/codegen/issues/issue-116878.rs new file mode 100644 index 00000000000..d5f679459f7 --- /dev/null +++ b/tests/codegen/issues/issue-116878.rs @@ -0,0 +1,13 @@ +// no-system-llvm +// compile-flags: -O +// ignore-debug: the debug assertions get in the way +#![crate_type = "lib"] + +/// Make sure no bounds checks are emitted after a `get_unchecked`. +// CHECK-LABEL: @unchecked_slice_no_bounds_check +#[no_mangle] +pub unsafe fn unchecked_slice_no_bounds_check(s: &[u8]) -> u8 { + let a = *s.get_unchecked(1); + // CHECK-NOT: panic_bounds_check + a + s[0] +}