The documentation for the offset method mentions in the safety conditions that:

Both the starting and resulting pointer must be either in bounds or one byte past the end of the same allocated object.

At present, the standard library prevents us from adding this check because otherwise we run into spurious failures (i.e., offsets that go out-of-bounds, are frequently used).