>Number:         25968
>Category:       kern
>Synopsis:       destroying stf0 interface panic'd the kernel
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jun 19 15:06:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:     grant beattie
>Release:        NetBSD 2.0_BETA
>Organization:
>Environment:
System: NetBSD gw 2.0_BETA NetBSD 2.0_BETA (_gw_) #0: Sat Jun 19 14:52:27 EST 2004 grant@mofo:/data1/netbsd/netbsd-2-0/src/sys/arch/i386/compile/_gw_ i386
Architecture: i386
Machine: i386
>Description:
this is a new install of 2.0_BETA on my firewall. after modifying some
ipfilter and ipnat rules, I ran:

# ifconfig stf0 create
# hf6to4 start
ifconfig: SIOCAIFADDR: Invalid argument

# ifconfig stf0
stf0: flags=0 mtu 1280

I then ran:

# ifconfig stf0 destroy

which killed the machine (hand copied):

uvm_fault(0xc31a652c, 0, 0, 1) -> 0xe
kernel: page fault trap, code=0
Stopped in pid 1215.1 (ifconfig) at      netbsd:if_detach+0x1c8: movl     0x14(%ebx),%edi
db> bt
if_detach(c0751800,40,c31d4dfc,c035dbc0,c0751800) at netbsd:if_detach+0x1c8
stf_clone_destroy(c0751800,0,0,c3185e60,c3185e60) at netbsd:stf_clone_destroy+0x4a
if_clone_destroy(c31d4ea4,c3185fe6,c31d4e2c,c016a173,340) at netbsd:if_clone_destroy+0x4a
ifioctl(c0600268,80206979,c31d4ea4,c3185e60,0) at netbsd:ifioctl+0x874
sys_ioctl(c2d03ef4,c31d4f64,c31d4f5c,0,c04f7000) at netbsd:sys_ioctl+0x122
syscall_plain() at netbsd:syscall_plain+0x7e
--- syscall (number 54) ---
0x480ff123:
db>

I got a core dump but gdb can't do anything useful with it:

# gdb -q netbsd.0 netbsd.0.core
(no debugging symbols found)..."/tmp/crash/netbsd.0.core" is not a core dump: File format not recognized

I haven't been able to reproduce this crash yet, but I can make the core
dump and/or kernel available if it is useful.

>How-To-Repeat:
<do stuff>
# ifconfig stf0 create
# ifconfig stf0 destroy
>Fix:
unknown :(
>Release-Note:
>Audit-Trail:
>Unformatted: