I've been playing with Clang's undefined behaviour sanitizer, which points out a few potential issues in Git when running the test suite (it's a runtime analysis that is compiled in by setting suitable CFLAGS). These patches fix one issue that I think we need to worry about and one that's trivial to fix. The remaining warnings are: refs.c:2426:17: runtime error: index -1 out of bounds for type 'char [8192]' Caused by a loop walking backwards over the reflog which sets its scan pointer to be one before the start of the buffer in order to break out of the loop. It seems unlikely that the (stack allocated) buffer will be at address zero so I don't think any sane compiler will cause us problems here. tag.c:104:40: runtime error: member access within null pointer of type 'struct commit' This does "&lookup_commit(sha1)->object" which ends up being okay because "object" is the first item in struct commit. I'm not sure it's worth the churn to change this. xdiff/xutils.c:308:7: runtime error: load of misaligned address for type 'unsigned long', which requires 8 byte alignment This is in the XDL_FAST_HASH code, which should only be used on architectures where this is likely to be reasonably fast. The commit introducing this code points at an LKML thread[1] discussing a similar implementation in the kernel, which discusses the impact of the unaligned access, the conclusion being that it's faster than any alternative. [1] https://lkml.org/lkml/2012/3/2/452 John Keeping (2): diffcore-break: don't divide by zero bisect: avoid signed integer overflow bisect.c | 2 +- diffcore-break.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) -- 1.8.2.540.gf023cfe -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html