Created attachment 181823 [details] patch for struct inpcb There are two uninitialized use of struct inpcb. 1. inp_lock it is possible to use garbage value in the lock field when INP_LOCK_INIT(). 2. inp_rtu Use of the uninitialized value in the field can trigger lots of assert and page fault.