Detect bugs even if a function of the malloc() family is called using a constant pointer.
FYI: it's been difficult to perform this review because all of these reviews are touching the same chunk of code for something that's not been committed yet. It would be easier to review if all of these reviews were combined into the review adding the check.
Incremental is definitely the way to go, but that's usually to prevent massive code dumps of large-scale functionality. For a single, relatively small check like this, I think it's fine to add all of this into one review because it's all so tightly related.