I reckon it's quite OK to write &p->field in C when p might be NULL,
and lots of old C programmers probably agree with me. However, ubsan
disagrees and so do some people I respect. I suspect C++ influence is
to blame for the ubsan behaviour. See
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92634. So far no one has
educated me as to why I'm wrong to claim that there isn't anything in
the C standard to say that p->field is always (*p).field. Note 79
doesn't quite do that because it doesn't cover null pointers. If
there was such an equivalence then you could claim &p->field has a
null pointer reference when p is NULL, even though no C compiler would
ever dereference p.
Anyway, to silence ubsan I'm going to apply the following though I
prefer to avoid casts when possible. And I'm using (void *)
deliberately because this is C, not C++!