https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109266
--- Comment #1 from David Malcolm <dmalcolm at gcc dot gnu.org> --- Thanks for filing this bug. We probably want to allow accesses to hard-coded addresses, for the case of embedded development, so we presumably need some way to distinguish between accesses of: ((struct foo *)NULL->field) due to buggy code versus poking specific memory locations. One approach to this might be for the analyzer to complain if it sees a memory access to a "low enough" address: rather than merely complaining about accesses to memory location 0, to have some kind of configurable threshold of pointer values below which to complain, e.g. "complain about accesses to locations 0 through 4095". I dimly recall something similar to this inside the Linux kernel at run time - what memory accesses close to NULL should trigger a crash - but I can't find a reference right now.
