We have a function that mount/umounts a file system a part of a sanity check. When the operation is done rapidly(you really don’t want to know) it uncovers a problem with mounting a raw device with a block size less than 1KiB (size of the on disk data structure). The code always reads a block (pmp->pm_BytesPerSec), the problem comes when the buffer is the last one in a page, and the following page is not mapped. The code reads beyond the 512 bytes in the original read, causing a seg fault in our case. I don’t understand why the code doesn’t insure the read to be minimum of the structure being read from the device. I tried to send this once before, but appear to have mucked it up. For now we have a working fix/ Discussed the change with Matt, resulting in the following diff: /* $NetBSD: msdosfs_vfsops.c,v 1.68.6.2 2009/02/08 19:10:44 snj Exp $ */ @@ -783,14 +784,15 @@ */ if (pmp->pm_fsinfo) { struct fsinfo *fp; - + const int rdsz = roundup(sizeof(struct fsinfo), + pmp->pm_BytesPerSec); /* * XXX If the fsinfo block is stored on media with * 2KB or larger sectors, is the fsinfo structure * padded at the end or in the middle? */ if ((error = bread(devvp, de_bn2kb(pmp, pmp->pm_fsinfo), - pmp->pm_BytesPerSec, NOCRED, 0, &bp)) != 0) + rdsz, NOCRED, 0, &bp)) != 0) goto error_exit; fp = (struct fsinfo *)bp->b_data; if (!memcmp(fp->fsisig1, "RRaA", 4) == |