kern/55236: IPfilter truncates UDP packets on NetBSD-9.0/i386 XEN3PAE_DOMU

[manu%netbsd.org@localhost]

>Number:         55236
>Category:       kern
>Synopsis:       IPfilter truncates UDP packets on NetBSD-9.0/i386 XEN3PAE_DOMU
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue May 05 15:30:00 +0000 2020
>Originator:     Emmanuel Dreyfus
>Release:        NetBSD 9.0
>Organization:
>Environment:
System: NetBSD bacasable 9.0 NetBSD 9.0 (XEN3PAE_DOMU) #0: Fri Feb 14 00:06:28 UTC 2020  mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/xen/compile/XEN3PAE_DOMU i386
Architecture: i386
Machine: i386
>Description:
Once IPfilter is enabled, UDP packets sent by the machine are truncated to a 4 bytes boundary. 
>How-To-Repeat:
1) Install a NetBSD-9.0 i386 XEN3PAE_DOMU virtual machine
2) modload ipl; ipF -E
3) nslookup www.example.net

Or it can be explored in detail with nc. This will be fine:
dd if=/dev/zero count=1 bs=32 | nc -u 192.0.2.2 53

This will have one byte missing as reported by tcpdump:
dd if=/dev/zero count=1 bs=33 | nc -u 192.0.2.2 53

Two bytes missing:
dd if=/dev/zero count=1 bs=34 | nc -u 192.0.2.2 53
NB: the last example is 64 bytes long on

Three bytes missing:
dd if=/dev/zero count=1 bs=35 | nc -u 192.0.2.2 53

This goes fine:
dd if=/dev/zero count=1 bs=36 | nc -u 192.0.2.2 53

This problem does not exist on GENERIC kernel (non Xen), nor it happens on amd64 XEN3_DOMU kernels.
>Fix:
No fix known yet. I assume there is an unhelpful alignement somewhere.