The unchecked doesn't add anything that makes it easier, and debugging functions and others rarely check things.

  /* Assumes you have a valid foo */
  int printfoo(struct foo *bar)
  {
  
    /* Print the main part of our foo */
    printf("First field: %d\n", bar->first);
    /* Get the substructure value */
    int foosub = get_foosub(bar);
    printf("Second field: %d\n", bar->second);
  }
   
  /* Doesn't assume you have a valid foo */
  int get_foobsub(struct foo *bar)
  {
     if (bar != NULL)
       return bar->second;
     assert();
  }

In any case, people have spent a long amount of time trying to make warnings like this work without massive false positive rates. It's just not easy.