From: Marc-André Lureau <marcandre.lureau@redhat.com>

Fixes:

/home/elmarco/src/qemu/linux-user/syscall.c: In function ‘do_ioctl_rt’:
/home/elmarco/src/qemu/linux-user/syscall.c:4773:9: error: ‘host_rt_dev_ptr’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
     if (*host_rt_dev_ptr != 0) {
         ^~~~~~~~~~~~~~~~
/home/elmarco/src/qemu/linux-user/syscall.c:4774:9: error: ‘target_rt_dev_ptr’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
         unlock_user((void *)*host_rt_dev_ptr,
         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                     *target_rt_dev_ptr, 0);
                     ~~~~~~~~~~~~~~~~~~~~~~

Based on previous discussion from patch "linux-users/syscall: make
do_ioctl_rt safer" by Alex Bennée.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20190305151500.25038-1-marcandre.lureau@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
 linux-user/syscall.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 9f7eb7d7a896..208fd1813d6a 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4733,8 +4733,8 @@ static abi_long do_ioctl_rt(const IOCTLEntry *ie, uint8_t *buf_temp,
     const int *dst_offsets, *src_offsets;
     int target_size;
     void *argptr;
-    abi_ulong *target_rt_dev_ptr;
-    unsigned long *host_rt_dev_ptr;
+    abi_ulong *target_rt_dev_ptr = NULL;
+    unsigned long *host_rt_dev_ptr = NULL;
     abi_long ret;
     int i;
 
@@ -4780,6 +4780,9 @@ static abi_long do_ioctl_rt(const IOCTLEntry *ie, uint8_t *buf_temp,
     unlock_user(argptr, arg, 0);
 
     ret = get_errno(safe_ioctl(fd, ie->host_cmd, buf_temp));
+
+    assert(host_rt_dev_ptr != NULL);
+    assert(target_rt_dev_ptr != NULL);
     if (*host_rt_dev_ptr != 0) {
         unlock_user((void *)*host_rt_dev_ptr,
                     *target_rt_dev_ptr, 0);
-- 
2.20.1