Add slice_ranges safety comment

Author: Sp00ph

library/alloc/src/collections/vec_deque/drain.rs

@@ -62,11 +62,10 @@ impl<'a, T, A: Allocator> Drain<'a, T, A> {
             // We know that `self.idx + self.remaining <= deque.len <= usize::MAX`, so this won't overflow.
             let end = start + self.remaining;
 
-            // SAFETY: the range `start..end` lies strictly inside
-            // the range `0..deque.original_len`. Because of this, and because
-            // we haven't touched the elements inside this range yet,
-            // it's guaranteed that `a_range` and `b_range` represent valid ranges into
-            // the deques buffer.
+            // SAFETY: `start..end` represents the range of elements that
+            // haven't been drained yet, so they're all initialized,
+            // and `slice::range(start..end, end) == start..end`,
+            // so the preconditions for `slice_ranges` are met.
             let (a_range, b_range) = deque.slice_ranges(start..end, end);
             (deque.buffer_range(a_range), deque.buffer_range(b_range))
         }

library/alloc/src/collections/vec_deque/mod.rs

@@ -1226,6 +1226,14 @@ impl<T, A: Allocator> VecDeque<T, A> {
     /// the given range. The `len` parameter should usually just be `self.len`;
     /// the reason it's passed explicitly is that if the deque is wrapped in
     /// a `Drain`, then `self.len` is not actually the length of the deque.
+    ///
+    /// # Safety
+    ///
+    /// This function is always safe to call. For the resulting ranges to be valid
+    /// ranges into the physical buffer, the caller must ensure that for all possible
+    /// values of `range` and `len`, the result of calling `slice::range(range, ..len)`
+    /// represents a valid range into the logical buffer, and that all elements
+    /// in that range are initialized.
     fn slice_ranges<R>(&self, range: R, len: usize) -> (Range<usize>, Range<usize>)
     where
         R: RangeBounds<usize>,