cputlb: uninitialized local variable in tlb_set_page_with_attrs cause SIGSEGV when a CPU access an unmapped IOMMU page

Host environment

• Operating system: Any
• OS/kernel version: Any
• Architecture: Any
• QEMU flavor: qemu-system
• QEMU version:QEMU emulator version 7.0.0 (v6.2.0-3146-g7e0e865ad5-dirty)

Emulated/Virtualized environment

• Architecture: TCG-based

Description of problem

When a TCG cpu accesses an unmapped page within an IOMMU region that causes a translation fault, QEMU SIGSEGVs in io_readx. The reason was that in address_space_translate_for_iotlb, xlat is not set on a permission fault. As a result, xlat in tlb_set_page_with_attr is uninitialized. This in turn causes various mis-calculation and eventually crashes in io_readx.

Suggested fix

I would suggest setting *xlat = addr before the for loop in address_space_translate_for_iotlb so that if the translation fail, we can still have a guest error log that shows a meaningful address.