https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81592
--- Comment #2 from Arnd Bergmann <arnd at linaro dot org> --- I have scanned the linux kernel sources for related bogus warnings and found six others like this one that do not show up using gcc-7.1.1 without UBSAN but do show up with UBSAN added in: security/keys/proc.c: In function 'proc_keys_show': security/keys/proc.c:232:19: error: '%lu' directive writing between 1 and 20 bytes into a region of size 16 [-Werror=format-overflow=] sound/soc/fsl/fsl_sai.c: In function 'fsl_sai_probe': sound/soc/fsl/fsl_sai.c:837:21: error: '%d' directive writing between 1 and 10 bytes into a region of size 4 [-Werror=format-overflow=] drivers/block/cciss.c: In function 'cciss_init_one': drivers/block/cciss.c:5039:28: error: '%d' directive writing between 1 and 10 bytes into a region of size 3 [-Werror=format-overflow=] sound/isa/gus/gus_mem_proc.c: In function 'snd_gf1_mem_proc_init': sound/isa/gus/gus_mem_proc.c:72:27: error: '%i' directive writing between 1 and 10 bytes into a region of size 8 [-Werror=format-overflow=] sound/isa/gus/gus_mem_proc.c:72:18: note: directive argument in the range [0, 2147483646] drivers/net/ethernet/marvell/mvneta_bm.c: In function 'mvneta_bm_probe': drivers/net/ethernet/marvell/mvneta_bm.c:306:17: error: ',capacity' directive writing 9 bytes into a region of size between 1 and 10 [-Werror=format-overflow=] drivers/net/ethernet/marvell/mvneta_bm.c:306:3: note: 'sprintf' output between 15 and 24 bytes into a destination of size 15 drivers/pnp/pnpbios/proc.c: In function 'pnpbios_proc_exit': drivers/pnp/pnpbios/proc.c:338:18: error: '%02x' directive writing between 2 and 8 bytes into a region of size 3 [-Werror=format-overflow=] drivers/pnp/pnpbios/proc.c:338:17: note: directive argument in the range [0, 2147483646] drivers/mfd/max77620.c: In function 'max77620_probe': drivers/mfd/max77620.c:282:25: error: '%d' directive writing between 1 and 10 bytes into a region of size 7 [-Werror=format-overflow=] These are all similarly bogus to the original warning, in all cases it seems that gcc normally has no problems identifying the range. I can provide preprocessed source files for all instances if that helps.
