Idea / Pre-RFC: Null-free pointer and Zeroable reference

This direction has merit - having non-volatile, optimisable primitives for accessing memory outside the AM's allocation model would cover a real gap that read_volatile/write_volatile currently fill imperfectly, and I think it could complement the proposal well.

That said, I'm not sure it alone would be sufficient for cases like the DevTreeBlob example in the OP, where the hardware places a structure at 0x0 on a 16-bit target with no spare RAM. There, what's needed is &mut DevTreeBlob to call methods, mutate fields, and pass to APIs that expect references and no composition of individual read/write primitives can produce that. There's also the concern that each core::ptr function would need a corresponding variant, which could add considerable API surface.

H4n_uL:

// This address is forced by the hardware.
// Rust does not get to choose it.
const BLOB_P: usize = 0;
const _: () = assert!(usize::BITS == 16);

#[unsafe(no_mangle)]
extern "C" fn ignite() -> ! {
    // BLOB can never be read volatilely;
    // There's no available RAM to copy the entire struct.
    let mut blob = unsafe { &mut *(BLOB_P as *mut DevTreeBlob) };
    // instant UB upon reference construction

    let mapping = blob.foo();
    blob.bar |= 0b1;

    ...
}

Still, thank you for the thought-out suggestion. This could be a useful building block regardless of how the reference question is resolved.