When we cannot generate a delta, we return NULL but leave delta_size untouched. This is generally OK, as callers rely on NULL to decide if the output is usable or not. But it can confuse compilers; in particular, gcc 9.2.1 with "-flto -O3" complains in fast-import's store_object() that delta_len may be used uninitialized. Let's change the diff-delta code to set the size explicitly to 0 for a NULL return. That silences the compiler and makes it easier to reason about the result. Reported-by: Stephan Beyer <s-beyer@xxxxxxx> Helped-by: Junio C Hamano <gitster@xxxxxxxxx> Signed-off-by: Jeff King <peff@xxxxxxxx> --- I suspect this same pattern of "if we return error, out-parameters are undefined" is used in a lot of other functions, too. And I wouldn't necessarily want to go around changing all of them. But the fact that this tickles the compiler makes me think it's worthwhile. diff-delta.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/diff-delta.c b/diff-delta.c index e49643353b..77fea08dfb 100644 --- a/diff-delta.c +++ b/diff-delta.c @@ -326,6 +326,8 @@ create_delta(const struct delta_index *index, const unsigned char *ref_data, *ref_top, *data, *top; unsigned char *out; + *delta_size = 0; + if (!trg_buf || !trg_size) return NULL; -- 2.23.0.463.g883b23b1c5
