hi,
although static code analysis have apparently been used/mentioned
here, i did not see any mention of cppcheck
(http://cppcheck.wiki.sourceforge.net) in the mailist archive. i was
playing with cppcheck (1.32) on some OSS, so i decided to try it on
git (1.6.3.1) as well.
$ cppcheck -a -q -s . &> ccgit.txt
possibly the most useful parts of the output are:
$ grep -v 'is never used\|The scope of the variable\| Error: In' ccgit.txt
i think only the ones about date.c (below note) are real defects
(first chars are not checked).

and also how about http://scan.coverity.com? i see it was mentined
before (http://article.gmane.org/gmane.comp.version-control.git/111562)
with apparently no responses or arguments (there has been a suggestion
of bad license terms in that message, but if the scan is suitable for
so many FOSS (see all rungs) including the kernel, why would it be not
good for git?). i think it could be a good free (as in beer) code
check for git.
regards

note:
[./builtin-apply.c:482]: (error) Using 'name' after it is deallocated / released
[./compat/mingw.c:273]: (style) Found 'mktemp'. You should use 'mkstemp' instead
[./compat/mkdtemp.c:5]: (style) Found 'mktemp'. You should use 'mkstemp' instead
[./date.c:268]: (style) Redundant code: Found a statement that begins
with numeric constant
[./date.c:483]: (style) Redundant code: Found a statement that begins
with numeric constant
[./http-push.c:1419]: (error) Using 'lock' after it is deallocated / released
[./read-cache.c:938] -> [./read-cache.c:759] -> [./read-cache.c:729]:
(all) Array index out of bounds
[./read-cache.c:938] -> [./read-cache.c:759] -> [./read-cache.c:731]:
(all) Array index out of bounds
[./read-cache.c:938] -> [./read-cache.c:759] -> [./read-cache.c:736]:
(all) Array index out of bounds
[./test-sha1.c:16]: (error) Memory leak: buffer