Idea / Pre-RFC: Null-free pointer and Zeroable reference

Thank you for coming by and confirming the volatile path - I appreciate it, and I'm glad your bootloader case is resolved.

Your case was a single u32 read, which read_volatile covers well. But the patterns that arise on the same hardware family get harder quickly:

• A struct placed at 0x0 by firmware: you need &mut DevTreeBlob to call methods, mutate fields, pass to APIs expecting references - read_volatile cannot construct that.
• A slice starting at 0x0: from_raw_parts constructs &[T], which is instant UB.
• Bulk operations: ptr::copy across a region that includes 0x0 - currently UB.

Detailed patterns here (click for more details)

These are not exotic patterns; they're the bread and butter of bare-metal firmware on Cortex-M. And the hardware you work with - the VA108xx/VA416xx family - is currently operational on the ISS (STP-H5), STPSat-5, STPSat-6, and Astranis DemoSat-2. Future software on these platforms may need exactly these patterns.

Would any of these arise in your work, or in work you've seen at IRS?