Move fn Disjoint{Immut,Mut}Guard::new disjoint panic checks to before reference is materialized to avoid UB

[kkysen]

From #1354, @workingjubilee pointed out that we need to put the panic checks in DisjointMut before doing the what would be unsound operation:

There's plenty of weird holes to fall down, too, even with the debug assertions in play, because debug assertions firing isn't necessarily good enough if you put the panic in the wrong place. The panic should go before the safety condition is violated. e.g. this also fails cargo miri test --lib, and without --release or anything:

#[test]
fn less_cute_this_time() {
    use std::panic::*;
    let v = vec![1, 2, 3, 4, 5];
    let disjoint_slice = DisjointMut::new(v);
    let mut ref_1_a = DisjointMut::index_mut(&disjoint_slice, 0);
    let mut ref_1_b = catch_unwind(AssertUnwindSafe(|| DisjointMut::index_mut(&disjoint_slice, 0)) );
    *ref_1_a.deref_mut() = 5;
}

This should be possible if we rework the fn index{,_mut} methods and fn Disjoint{Immut,Mut}Guard::new constructor to do the disjoint check before doing the unsafe { &mut *... } or unsafe { &*... } on the result of index.get_mut, which is what creates the references and is what is UB if we do it when the ranges are not actually disjoint.