diff --git a/library/core/src/ffi/c_str.rs b/library/core/src/ffi/c_str.rs
index 9b8bc8d1d21..bd2b2c36c43 100644
--- a/library/core/src/ffi/c_str.rs
+++ b/library/core/src/ffi/c_str.rs
@@ -331,6 +331,7 @@ impl CStr {
         match nul_pos {
             Some(nul_pos) => {
                 // FIXME(const-hack) replace with range index
+                // SAFETY: nul_pos + 1 <= bytes.len()
                 let subslice = unsafe { crate::slice::from_raw_parts(bytes.as_ptr(), nul_pos + 1) };
                 // SAFETY: We know there is a nul byte at nul_pos, so this slice
                 // (ending at the nul byte) is a well-formed C string.
diff --git a/library/core/src/slice/memchr.rs b/library/core/src/slice/memchr.rs
index 3ae15e47bce..3a8b59d727b 100644
--- a/library/core/src/slice/memchr.rs
+++ b/library/core/src/slice/memchr.rs
@@ -85,6 +85,7 @@ const fn memchr_aligned(x: u8, text: &[u8]) -> Option<usize> {
         // FIXME(const-hack, fee1-dead): replace with min
         offset = if offset < len { offset } else { len };
         // FIXME(const-hack, fee1-dead): replace with range slicing
+        // SAFETY: offset is within bounds
         let slice = unsafe { super::from_raw_parts(text.as_ptr(), offset) };
         if let Some(index) = memchr_naive(x, slice) {
             return Some(index);
@@ -113,6 +114,7 @@ const fn memchr_aligned(x: u8, text: &[u8]) -> Option<usize> {
     // Find the byte after the point the body loop stopped.
     // FIXME(const-hack): Use `?` instead.
     // FIXME(const-hack, fee1-dead): use range slicing
+    // SAFETY: offset is within bounds
     let slice = unsafe { super::from_raw_parts(text.as_ptr().add(offset), text.len() - offset) };
     if let Some(i) = memchr_naive(x, slice) { Some(offset + i) } else { None }
 }