diff --git a/GNUmakefile b/GNUmakefile
index 85491b4..2940e44 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -202,7 +202,8 @@ clean:
 	rm -f *.o *.obj *.a *.lib *.da *.bbg *.bb core t haveip6.h haven2i.h \
 havesl.h haveinline.h iopause.h select.h havekqueue.h haveepoll.h \
 libepoll havesigio.h havebsdsf.h havesendfile.h havescope.h havedevpoll.h \
-dep libsocket havealloca.h haveuint128.h entities.h ent havepread.h
+dep libsocket havealloca.h haveuint128.h entities.h ent havepread.h \
+*.gcda *.gcno
 
 INCLUDES=buffer.h byte.h fmt.h ip4.h ip6.h mmap.h scan.h socket.h str.h stralloc.h \
 uint16.h uint32.h uint64.h open.h textcode.h tai.h taia.h dns.h iopause.h case.h \
@@ -402,4 +403,4 @@ sa2:
 UNITTESTS=$(shell grep -l UNITTEST */*.c)
 
 check: haveuint128.h haveinline.h entities.h
-	for i in $(UNITTESTS); do $(DIET) $(CCC) -g -o t -DUNITTEST $$i -I. $(LDFLAGS) && ./t || echo FAIL $$i ; done
+	for i in $(UNITTESTS); do $(CC) -Wall -fprofile-arcs -ftest-coverage -g -o t -DUNITTEST $$i -I. $(LDFLAGS) && ./t || echo FAIL $$i ; done
diff --git a/buffer.h b/buffer.h
index 48da797..2a83c27 100644
--- a/buffer.h
+++ b/buffer.h
@@ -35,7 +35,7 @@ typedef struct buffer {
   int fd;		/* passed as first argument to op */
 } buffer;
 
-#define BUFFER_INIT(op,fd,buf,len) { (buf), 0, 0, (len), (op), NULL, NULL, (fd) }
+#define BUFFER_INIT(op,fd,buf,len) { (char*)(buf), 0, 0, (len), (op), NULL, NULL, (fd) }
 #define BUFFER_INIT_FREE(op,fd,buf,len) { (buf), 0, 0, (len), (op), NULL, buffer_free, (fd) }
 #define BUFFER_INIT_READ(op,fd,buf,len) BUFFER_INIT(op,fd,buf,len) /*obsolete*/
 #define BUFFER_INSIZE 8192
diff --git a/buffer/bs_init_bstream_size.c b/buffer/bs_init_bstream_size.c
index cf9fa8e..35241bc 100644
--- a/buffer/bs_init_bstream_size.c
+++ b/buffer/bs_init_bstream_size.c
@@ -43,7 +43,7 @@ int main() {
   assert(bs_get(&bs) == 0x78);		// and we should not have overstepped
 
   // now check the range checking in bs_init_bstream_size itself
-  bs_init_membuf(&bs, "\x12\x34\x56\x78", 4);
+  bs_init_membuf(&bs, (const unsigned char*)"\x12\x34\x56\x78", 4);
 
   bs_init_bstream_size(&sub, &bs, 4);	// tight fit
   assert(bs_err(&sub) == 0);
diff --git a/buffer/bs_init_membuf.c b/buffer/bs_init_membuf.c
index fd1566f..c796a0c 100644
--- a/buffer/bs_init_membuf.c
+++ b/buffer/bs_init_membuf.c
@@ -5,6 +5,10 @@ void bs_init_membuf(struct bytestream* bs,const unsigned char* membuf,size_t len
   bs->cur = 0;
   bs->max = len;
   bs->u.base=membuf;
+  if ((const unsigned char*)(((uintptr_t)membuf) + len) < membuf) {
+    bs->cur = 1;	// if the buffer + length is implausible, set error immediately
+    bs->max = 0;
+  }
 }
 
 #ifdef UNITTEST
@@ -18,11 +22,15 @@ ssize_t buffer_getc(buffer* b,char* c) { return -1; }
 
 int main() {
   static struct bytestream bs;
-  bs_init_membuf(&bs, "fnord\n", 6);
+  bs_init_membuf(&bs, (const unsigned char*)"fnord\n", 6);
   char buf[7];
   int i;
   for (i=0; i<7; ++i) buf[i]=bs_get(&bs);
   assert(!memcmp(buf,"fnord\n",7));	// we should have gotten everything and then a 0 byte
   assert(bs_err(&bs));		// that should have set the error flag
+
+  /* see if we catch an impossible buffer size */
+  bs_init_membuf(&bs, (const unsigned char*)"fnord\n", (size_t)-1);
+  assert(bs_err(&bs));
 }
 #endif
diff --git a/buffer/prs_asciiz.c b/buffer/prs_asciiz.c
index 687c55b..e7a6bb8 100644
--- a/buffer/prs_asciiz.c
+++ b/buffer/prs_asciiz.c
@@ -59,7 +59,7 @@ int main() {
   assert(!memcmp(buf,"fnord\n",7));	// returned string should be "fnord\n" with 0 terminator
   assert(bs_get(&bs) == 'x');		// should have consumed the 0 terminator from bytestream
 
-  bs_init_membuf(&bs, "fnord\n\0x", 8);
+  bs_init_membuf(&bs, (const unsigned char*)"fnord\n\0x", 8);
   assert(prs_asciiz(&bs, buf, 5) == -1);	// no 0 terminator in first 5 bytes, expect error
   assert(!memcmp(buf,"fnor",5));		// expect 4 bytes + 0 terminator in dest buf
   assert(bs_err(&bs));			// bytestream should be in error state now
diff --git a/buffer/prs_asciiz_fixedlen.c b/buffer/prs_asciiz_fixedlen.c
index 256f857..b55a0a0 100644
--- a/buffer/prs_asciiz_fixedlen.c
+++ b/buffer/prs_asciiz_fixedlen.c
@@ -50,7 +50,7 @@ int main() {
   assert(!memcmp(buf,"fnord\n\0\0",8));	// returned string should be "fnord\n" and the rest filled with 0 bytes
   assert(!bs_err(&bs));
 
-  bs_init_membuf(&bs, "fnord\n\0x", 8);
+  bs_init_membuf(&bs, (const unsigned char*)"fnord\n\0x", 8);
   assert(prs_asciiz_fixedlen(&bs, buf, 5) == 4);	// no 0 terminator in first 4 bytes
   assert(!memcmp(buf,"fnor",5));	// expect 4 bytes + 0 terminator in dest buf
   assert(bs_get(&bs) == 'd');		// 0 terminator in buf was artificial, 'd' was not consumed
diff --git a/buffer/prs_readblob.c b/buffer/prs_readblob.c
index 99d60e9..7891c4f 100644
--- a/buffer/prs_readblob.c
+++ b/buffer/prs_readblob.c
@@ -56,7 +56,7 @@ ssize_t prs_readblob(struct bytestream* bs,unsigned char* dest,size_t destlen) {
 
 int main() {
   struct bytestream bs = BS_FROM_MEMBUF("\x34\x12", 2);
-  char buf[42];
+  unsigned char buf[42];
   assert(prs_readblob(&bs, buf, 2) == 2);
   assert(bs_err(&bs) == 0);
   assert(!memcmp(buf,"\x34\x12",2));
@@ -65,7 +65,7 @@ int main() {
   assert(bs_err(&bs));
 
   // now try to provoke integer overflow
-  bs_init_membuf(&bs, "\x34\x12", 2);
+  bs_init_membuf(&bs, (const unsigned char*)"\x34\x12", 2);
   assert(bs_get(&bs) == 0x34);
   assert(prs_readblob(&bs, buf, (size_t)-1) == -1);
   // a bad implementation would add 0xffffffff to the 1 we already read and wrap to 0
diff --git a/t.c b/t.c
index b009df3..ea3425a 100644
--- a/t.c
+++ b/t.c
@@ -26,6 +26,7 @@
 #include "critbit.h"
 #include <assert.h>
 #include "compiletimeassert.h"
+#include "parse.h"
 
 #include "CAS.h"
 
@@ -71,7 +72,12 @@ int ret1(const char* s,void* foo) {
 int main(int argc,char* argv[]) {
   (void)argc;
   (void)argv;
+  struct bytestream bs1 = BS_FROM_MEMBUF("fnord", 5);
+  struct bytestream bs2 = BS_FROM_BUFFER(buffer_0);
+#if 0
   compiletimeassert(sizeof(char) < sizeof(int));
+  io_wait();
+#endif
 #if 0
   char buf[1024];
   size_t n;
@@ -121,7 +127,7 @@ int main(int argc,char* argv[]) {
   printf("%p\n",iarray_allocate(&i,0));
   printf("%p\n",iarray_get(&i,0));
 #endif
-#if 1
+#if 0
   char buf[1024];
   size_t l;
   unsigned char c;
diff --git a/textcode/scan_base64.c b/textcode/scan_base64.c
index 41aa03e..3416c36 100644
--- a/textcode/scan_base64.c
+++ b/textcode/scan_base64.c
@@ -46,7 +46,7 @@ size_t scan_base64(const char *src,char *dest,size_t *destlen) {
 
 int main() {
   char buf[100];
-  size_t i,l;
+  size_t l;
   memset(buf,0,10); assert(scan_base64("Zm5vcmQ=",buf,&l)==8 && l==5 && !memcmp(buf,"fnord",6));
   /* check that we don't insist on the padding */
   memset(buf,0,10); assert(scan_base64("Zm5vcmQ",buf,&l)==7 && l==5 && !memcmp(buf,"fnord",6));
diff --git a/textcode/scan_base64url.c b/textcode/scan_base64url.c
index 8989d68..7bbd97e 100644
--- a/textcode/scan_base64url.c
+++ b/textcode/scan_base64url.c
@@ -38,7 +38,7 @@ size_t scan_base64url(const char *src,char *dest,size_t *destlen) {
 
 int main() {
   char buf[100];
-  size_t i,l;
+  size_t l;
   /* check that we don't consume padding */
   memset(buf,0,10); assert(scan_base64url("Zm5vcmQ=",buf,&l)==7 && l==5 && !memcmp(buf,"fnord",6));
   /* check that we don't insist on the padding */