configs/targets/aarch64-softmmu.c | 6 ++--- configs/targets/arm-softmmu.c | 6 ++--- include/qemu/module.h | 1 + include/qemu/target-info-init.h | 53 +++++++++++++++++++++++++++++++++++++++ include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++ qom/object.c | 22 +++++----------- system/vl.c | 4 +++ target-info-qom.c | 45 +++++++++++++++++++++++++++++++++ target-info-stub.c | 6 ++--- 9 files changed, 145 insertions(+), 28 deletions(-) create mode 100644 include/qemu/target-info-init.h create mode 100644 include/qemu/target-info-qom.h
The following changes since commit 5e61afe211e82a9af15a8794a0bd29bb574e953b:
Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging (2026-05-11 10:49:53 -0400)
are available in the Git repository at:
https://gitlab.com/p-b-o/qemu tags/pbouvier/pr/target_info-20260512
for you to fetch changes up to 0fc2022c6331c5d5bdd9060c73d067abba3f5515:
target-info: replace target_info() in system-mode (2026-05-12 11:29:18 -0700)
----------------------------------------------------------------
Changes:
- [PATCH v6 0/5] single-binary: deduplicate target_info() (Pierrick Bouvier <pierrick.bouvier@oss.qualcomm.com>)
Link: https://lore.kernel.org/qemu-devel/20260512150208.1167711-1-pierrick.bouvier@oss.qualcomm.com
----------------------------------------------------------------
Pierrick Bouvier (5):
qom/object: register OBJECT and INTERFACE QOM types before main
qom/object: initialize type_table in static ctor with fundamental QOM types
target-info: introduce TargetInfo in QOM
target-info-qom: detect target from QOM
target-info: replace target_info() in system-mode
configs/targets/aarch64-softmmu.c | 6 ++---
configs/targets/arm-softmmu.c | 6 ++---
include/qemu/module.h | 1 +
include/qemu/target-info-init.h | 53 +++++++++++++++++++++++++++++++++++++++
include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++
qom/object.c | 22 +++++-----------
system/vl.c | 4 +++
target-info-qom.c | 45 +++++++++++++++++++++++++++++++++
target-info-stub.c | 6 ++---
9 files changed, 145 insertions(+), 28 deletions(-)
create mode 100644 include/qemu/target-info-init.h
create mode 100644 include/qemu/target-info-qom.h
On Tue, May 12, 2026 at 2:32 PM Pierrick Bouvier <pierrick.bouvier@oss.qualcomm.com> wrote: > > The following changes since commit 5e61afe211e82a9af15a8794a0bd29bb574e953b: > > Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging (2026-05-11 10:49:53 -0400) > > are available in the Git repository at: > > https://gitlab.com/p-b-o/qemu tags/pbouvier/pr/target_info-20260512 > > for you to fetch changes up to 0fc2022c6331c5d5bdd9060c73d067abba3f5515: > > target-info: replace target_info() in system-mode (2026-05-12 11:29:18 -0700) > > ---------------------------------------------------------------- > Changes: > - [PATCH v6 0/5] single-binary: deduplicate target_info() (Pierrick Bouvier <pierrick.bouvier@oss.qualcomm.com>) > Link: https://lore.kernel.org/qemu-devel/20260512150208.1167711-1-pierrick.bouvier@oss.qualcomm.com > > ---------------------------------------------------------------- > Pierrick Bouvier (5): > qom/object: register OBJECT and INTERFACE QOM types before main > qom/object: initialize type_table in static ctor with fundamental QOM types > target-info: introduce TargetInfo in QOM > target-info-qom: detect target from QOM > target-info: replace target_info() in system-mode Please take a look at this CI failure: Testing ./build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga ... AddressSanitizer:DEADLYSIGNAL ================================================================= ==5334==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc 0x5bd0beb39ef4 bp 0x7ffe0ad764d0 sp 0x7ffe0ad764c0 T0) ==5334==The signal is caused by a READ memory access. ==5334==Hint: address points to the zero page. #0 0x5bd0beb39ef4 in target_endian_mode /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:42:27 #1 0x5bd0beb39ef4 in target_big_endian /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:47:12 #2 0x5bd0bf4f1da1 in qtest_process_command /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:705:13 #3 0x5bd0bf4f1da1 in qtest_process_inbuf /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:778:9 #4 0x5bd0bf4eef54 in qtest_server_inproc_recv /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:910:9 #5 0x5bd0bfe18f85 in qtest_sendf /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:715:5 #6 0x5bd0bfe15294 in qtest_query_target_endianness /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:804:5 #7 0x5bd0bfe1f2f3 in qtest_inproc_init /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:2043:23 #8 0x5bd0bfe71778 in qtest_setup /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:64:12 #9 0x5bd0bfe71778 in LLVMFuzzerInitialize /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:206:16 #10 0x5bd0be9b3b56 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o #11 0x5bd0be9e2166 in main (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0x46166) (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) #12 0x7f7fef9a65b4 in __libc_start_call_main (/lib64/libc.so.6+0x35b4) (BuildId: abd2a4d896fed122b3f7da571746f193feeb86a1) #13 0x7f7fef9a6667 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x3667) (BuildId: abd2a4d896fed122b3f7da571746f193feeb86a1) #14 0x5bd0be9a8f34 in _start (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0xcf34) (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) https://gitlab.com/qemu-project/qemu/-/jobs/14371480130 If this issue is caused by this pull request, please send a new revision that solves the issue. If this issue is not caused by this pull request, please let me know. Thanks! Stefan > > configs/targets/aarch64-softmmu.c | 6 ++--- > configs/targets/arm-softmmu.c | 6 ++--- > include/qemu/module.h | 1 + > include/qemu/target-info-init.h | 53 +++++++++++++++++++++++++++++++++++++++ > include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++ > qom/object.c | 22 +++++----------- > system/vl.c | 4 +++ > target-info-qom.c | 45 +++++++++++++++++++++++++++++++++ > target-info-stub.c | 6 ++--- > 9 files changed, 145 insertions(+), 28 deletions(-) > create mode 100644 include/qemu/target-info-init.h > create mode 100644 include/qemu/target-info-qom.h >
On 5/14/2026 7:16 AM, Stefan Hajnoczi wrote: > On Tue, May 12, 2026 at 2:32 PM Pierrick Bouvier > <pierrick.bouvier@oss.qualcomm.com> wrote: >> >> The following changes since commit 5e61afe211e82a9af15a8794a0bd29bb574e953b: >> >> Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging (2026-05-11 10:49:53 -0400) >> >> are available in the Git repository at: >> >> https://gitlab.com/p-b-o/qemu tags/pbouvier/pr/target_info-20260512 >> >> for you to fetch changes up to 0fc2022c6331c5d5bdd9060c73d067abba3f5515: >> >> target-info: replace target_info() in system-mode (2026-05-12 11:29:18 -0700) >> >> ---------------------------------------------------------------- >> Changes: >> - [PATCH v6 0/5] single-binary: deduplicate target_info() (Pierrick Bouvier <pierrick.bouvier@oss.qualcomm.com>) >> Link: https://lore.kernel.org/qemu-devel/20260512150208.1167711-1-pierrick.bouvier@oss.qualcomm.com >> >> ---------------------------------------------------------------- >> Pierrick Bouvier (5): >> qom/object: register OBJECT and INTERFACE QOM types before main >> qom/object: initialize type_table in static ctor with fundamental QOM types >> target-info: introduce TargetInfo in QOM >> target-info-qom: detect target from QOM >> target-info: replace target_info() in system-mode > > Please take a look at this CI failure: > > Testing ./build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga > ... > AddressSanitizer:DEADLYSIGNAL > ================================================================= > ==5334==ERROR: AddressSanitizer: SEGV on unknown address > 0x000000000020 (pc 0x5bd0beb39ef4 bp 0x7ffe0ad764d0 sp 0x7ffe0ad764c0 > T0) > ==5334==The signal is caused by a READ memory access. > ==5334==Hint: address points to the zero page. > #0 0x5bd0beb39ef4 in target_endian_mode > /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:42:27 > #1 0x5bd0beb39ef4 in target_big_endian > /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:47:12 > #2 0x5bd0bf4f1da1 in qtest_process_command > /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:705:13 > #3 0x5bd0bf4f1da1 in qtest_process_inbuf > /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:778:9 > #4 0x5bd0bf4eef54 in qtest_server_inproc_recv > /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:910:9 > #5 0x5bd0bfe18f85 in qtest_sendf > /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:715:5 > #6 0x5bd0bfe15294 in qtest_query_target_endianness > /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:804:5 > #7 0x5bd0bfe1f2f3 in qtest_inproc_init > /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:2043:23 > #8 0x5bd0bfe71778 in qtest_setup > /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:64:12 > #9 0x5bd0bfe71778 in LLVMFuzzerInitialize > /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:206:16 > #10 0x5bd0be9b3b56 in fuzzer::FuzzerDriver(int*, char***, int > (*)(unsigned char const*, unsigned long)) fuzzer.o > #11 0x5bd0be9e2166 in main > (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0x46166) > (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) > #12 0x7f7fef9a65b4 in __libc_start_call_main (/lib64/libc.so.6+0x35b4) > (BuildId: abd2a4d896fed122b3f7da571746f193feeb86a1) > #13 0x7f7fef9a6667 in __libc_start_main@GLIBC_2.2.5 > (/lib64/libc.so.6+0x3667) (BuildId: > abd2a4d896fed122b3f7da571746f193feeb86a1) > #14 0x5bd0be9a8f34 in _start > (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0xcf34) > (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) > > https://gitlab.com/qemu-project/qemu/-/jobs/14371480130 > > If this issue is caused by this pull request, please send a new > revision that solves the issue. > > If this issue is not caused by this pull request, please let me know. Thanks! > > Stefan > >> >> configs/targets/aarch64-softmmu.c | 6 ++--- >> configs/targets/arm-softmmu.c | 6 ++--- >> include/qemu/module.h | 1 + >> include/qemu/target-info-init.h | 53 +++++++++++++++++++++++++++++++++++++++ >> include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++ >> qom/object.c | 22 +++++----------- >> system/vl.c | 4 +++ >> target-info-qom.c | 45 +++++++++++++++++++++++++++++++++ >> target-info-stub.c | 6 ++--- >> 9 files changed, 145 insertions(+), 28 deletions(-) >> create mode 100644 include/qemu/target-info-init.h >> create mode 100644 include/qemu/target-info-qom.h >> Sent a new PR with the fix included: https://lore.kernel.org/qemu-devel/20260514195427.1706609-1-pierrick.bouvier@oss.qualcomm.com/T/#t Regards, Pierrick
On 14/5/26 16:16, Stefan Hajnoczi wrote:
> On Tue, May 12, 2026 at 2:32 PM Pierrick Bouvier
> <pierrick.bouvier@oss.qualcomm.com> wrote:
>>
>> The following changes since commit 5e61afe211e82a9af15a8794a0bd29bb574e953b:
>>
>> Merge tag 'ui-pull-request' of https://gitlab.com/marcandre.lureau/qemu into staging (2026-05-11 10:49:53 -0400)
>>
>> are available in the Git repository at:
>>
>> https://gitlab.com/p-b-o/qemu tags/pbouvier/pr/target_info-20260512
>>
>> for you to fetch changes up to 0fc2022c6331c5d5bdd9060c73d067abba3f5515:
>>
>> target-info: replace target_info() in system-mode (2026-05-12 11:29:18 -0700)
>>
>> ----------------------------------------------------------------
>> Changes:
>> - [PATCH v6 0/5] single-binary: deduplicate target_info() (Pierrick Bouvier <pierrick.bouvier@oss.qualcomm.com>)
>> Link: https://lore.kernel.org/qemu-devel/20260512150208.1167711-1-pierrick.bouvier@oss.qualcomm.com
>>
>> ----------------------------------------------------------------
>> Pierrick Bouvier (5):
>> qom/object: register OBJECT and INTERFACE QOM types before main
>> qom/object: initialize type_table in static ctor with fundamental QOM types
>> target-info: introduce TargetInfo in QOM
>> target-info-qom: detect target from QOM
>> target-info: replace target_info() in system-mode
>
> Please take a look at this CI failure:
>
> Testing ./build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga
> ...
> AddressSanitizer:DEADLYSIGNAL
> =================================================================
> ==5334==ERROR: AddressSanitizer: SEGV on unknown address
> 0x000000000020 (pc 0x5bd0beb39ef4 bp 0x7ffe0ad764d0 sp 0x7ffe0ad764c0
> T0)
> ==5334==The signal is caused by a READ memory access.
> ==5334==Hint: address points to the zero page.
> #0 0x5bd0beb39ef4 in target_endian_mode
> /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:42:27
> #1 0x5bd0beb39ef4 in target_big_endian
> /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:47:12
> #2 0x5bd0bf4f1da1 in qtest_process_command
> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:705:13
> #3 0x5bd0bf4f1da1 in qtest_process_inbuf
> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:778:9
> #4 0x5bd0bf4eef54 in qtest_server_inproc_recv
> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:910:9
> #5 0x5bd0bfe18f85 in qtest_sendf
> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:715:5
> #6 0x5bd0bfe15294 in qtest_query_target_endianness
> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:804:5
> #7 0x5bd0bfe1f2f3 in qtest_inproc_init
> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:2043:23
> #8 0x5bd0bfe71778 in qtest_setup
> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:64:12
> #9 0x5bd0bfe71778 in LLVMFuzzerInitialize
> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:206:16
> #10 0x5bd0be9b3b56 in fuzzer::FuzzerDriver(int*, char***, int
> (*)(unsigned char const*, unsigned long)) fuzzer.o
> #11 0x5bd0be9e2166 in main
IIUC the fuzzer mode doesn't call main() -> qemu_init() but a distinct
one via LLVMFuzzerInitialize().
We'd need to squash something like:
-- >8 --
diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c
index ca248a51a6c..90f07dcda3d 100644
--- a/tests/qtest/fuzz/fuzz.c
+++ b/tests/qtest/fuzz/fuzz.c
@@ -172,6 +172,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv,
char ***envp)
/* Initialize qgraph and modules */
qos_graph_init();
module_call_init(MODULE_INIT_FUZZ_TARGET);
+ module_call_init(MODULE_INIT_TARGET_INFO);
module_call_init(MODULE_INIT_QOM);
module_call_init(MODULE_INIT_LIBQOS);
---
> (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0x46166)
> (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960)
> #12 0x7f7fef9a65b4 in __libc_start_call_main (/lib64/libc.so.6+0x35b4)
> (BuildId: abd2a4d896fed122b3f7da571746f193feeb86a1)
> #13 0x7f7fef9a6667 in __libc_start_main@GLIBC_2.2.5
> (/lib64/libc.so.6+0x3667) (BuildId:
> abd2a4d896fed122b3f7da571746f193feeb86a1)
> #14 0x5bd0be9a8f34 in _start
> (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz-cirrus-vga+0xcf34)
> (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960)
>
> https://gitlab.com/qemu-project/qemu/-/jobs/14371480130
>
> If this issue is caused by this pull request, please send a new
> revision that solves the issue.
>
> If this issue is not caused by this pull request, please let me know. Thanks!
>
> Stefan
>
>>
>> configs/targets/aarch64-softmmu.c | 6 ++---
>> configs/targets/arm-softmmu.c | 6 ++---
>> include/qemu/module.h | 1 +
>> include/qemu/target-info-init.h | 53 +++++++++++++++++++++++++++++++++++++++
>> include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++
>> qom/object.c | 22 +++++-----------
>> system/vl.c | 4 +++
>> target-info-qom.c | 45 +++++++++++++++++++++++++++++++++
>> target-info-stub.c | 6 ++---
>> 9 files changed, 145 insertions(+), 28 deletions(-)
>> create mode 100644 include/qemu/target-info-init.h
>> create mode 100644 include/qemu/target-info-qom.h
>>
>
On 5/14/2026 7:46 AM, Philippe Mathieu-Daudé wrote: > On 14/5/26 16:16, Stefan Hajnoczi wrote: >> On Tue, May 12, 2026 at 2:32 PM Pierrick Bouvier >> <pierrick.bouvier@oss.qualcomm.com> wrote: >>> >>> The following changes since commit >>> 5e61afe211e82a9af15a8794a0bd29bb574e953b: >>> >>> Merge tag 'ui-pull-request' of https://gitlab.com/ >>> marcandre.lureau/qemu into staging (2026-05-11 10:49:53 -0400) >>> >>> are available in the Git repository at: >>> >>> https://gitlab.com/p-b-o/qemu tags/pbouvier/pr/target_info-20260512 >>> >>> for you to fetch changes up to 0fc2022c6331c5d5bdd9060c73d067abba3f5515: >>> >>> target-info: replace target_info() in system-mode (2026-05-12 >>> 11:29:18 -0700) >>> >>> ---------------------------------------------------------------- >>> Changes: >>> - [PATCH v6 0/5] single-binary: deduplicate target_info() (Pierrick >>> Bouvier <pierrick.bouvier@oss.qualcomm.com>) >>> Link: https://lore.kernel.org/qemu-devel/20260512150208.1167711-1- >>> pierrick.bouvier@oss.qualcomm.com >>> >>> ---------------------------------------------------------------- >>> Pierrick Bouvier (5): >>> qom/object: register OBJECT and INTERFACE QOM types before main >>> qom/object: initialize type_table in static ctor with >>> fundamental QOM types >>> target-info: introduce TargetInfo in QOM >>> target-info-qom: detect target from QOM >>> target-info: replace target_info() in system-mode >> >> Please take a look at this CI failure: >> >> Testing ./build-oss-fuzz/DEST_DIR/qemu-fuzz-i386-target-generic-fuzz- >> cirrus-vga >> ... >> AddressSanitizer:DEADLYSIGNAL >> ================================================================= >> ==5334==ERROR: AddressSanitizer: SEGV on unknown address >> 0x000000000020 (pc 0x5bd0beb39ef4 bp 0x7ffe0ad764d0 sp 0x7ffe0ad764c0 >> T0) >> ==5334==The signal is caused by a READ memory access. >> ==5334==Hint: address points to the zero page. >> #0 0x5bd0beb39ef4 in target_endian_mode >> /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:42:27 >> #1 0x5bd0beb39ef4 in target_big_endian >> /builds/qemu-project/qemu/build-oss-fuzz/../target-info.c:47:12 >> #2 0x5bd0bf4f1da1 in qtest_process_command >> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:705:13 >> #3 0x5bd0bf4f1da1 in qtest_process_inbuf >> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:778:9 >> #4 0x5bd0bf4eef54 in qtest_server_inproc_recv >> /builds/qemu-project/qemu/build-oss-fuzz/../system/qtest.c:910:9 >> #5 0x5bd0bfe18f85 in qtest_sendf >> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:715:5 >> #6 0x5bd0bfe15294 in qtest_query_target_endianness >> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/libqtest.c:804:5 >> #7 0x5bd0bfe1f2f3 in qtest_inproc_init >> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/ >> libqtest.c:2043:23 >> #8 0x5bd0bfe71778 in qtest_setup >> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/fuzz.c:64:12 >> #9 0x5bd0bfe71778 in LLVMFuzzerInitialize >> /builds/qemu-project/qemu/build-oss-fuzz/../tests/qtest/fuzz/ >> fuzz.c:206:16 >> #10 0x5bd0be9b3b56 in fuzzer::FuzzerDriver(int*, char***, int >> (*)(unsigned char const*, unsigned long)) fuzzer.o >> #11 0x5bd0be9e2166 in main > > > IIUC the fuzzer mode doesn't call main() -> qemu_init() but a distinct > one via LLVMFuzzerInitialize(). > > We'd need to squash something like: > > -- >8 -- > diff --git a/tests/qtest/fuzz/fuzz.c b/tests/qtest/fuzz/fuzz.c > index ca248a51a6c..90f07dcda3d 100644 > --- a/tests/qtest/fuzz/fuzz.c > +++ b/tests/qtest/fuzz/fuzz.c > @@ -172,6 +172,7 @@ int LLVMFuzzerInitialize(int *argc, char ***argv, > char ***envp) > /* Initialize qgraph and modules */ > qos_graph_init(); > module_call_init(MODULE_INIT_FUZZ_TARGET); > + module_call_init(MODULE_INIT_TARGET_INFO); > module_call_init(MODULE_INIT_QOM); > module_call_init(MODULE_INIT_LIBQOS); > Yes, this looks like the issue. I'll reproduce, send a v7, and send PR once all tests are completed. > --- > >> (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386- >> target-generic-fuzz-cirrus-vga+0x46166) >> (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) >> #12 0x7f7fef9a65b4 in __libc_start_call_main (/lib64/libc.so.6+0x35b4) >> (BuildId: abd2a4d896fed122b3f7da571746f193feeb86a1) >> #13 0x7f7fef9a6667 in __libc_start_main@GLIBC_2.2.5 >> (/lib64/libc.so.6+0x3667) (BuildId: >> abd2a4d896fed122b3f7da571746f193feeb86a1) >> #14 0x5bd0be9a8f34 in _start >> (/builds/qemu-project/qemu/build-oss-fuzz/DEST_DIR/qemu-fuzz-i386- >> target-generic-fuzz-cirrus-vga+0xcf34) >> (BuildId: 845b9265a3ae1439c62fb86e3bc4973f7ea7c960) >> >> https://gitlab.com/qemu-project/qemu/-/jobs/14371480130 >> >> If this issue is caused by this pull request, please send a new >> revision that solves the issue. >> >> If this issue is not caused by this pull request, please let me know. >> Thanks! >> Seems like it's definitely related to this PR, I'll fix the series. >> Stefan >> >>> >>> configs/targets/aarch64-softmmu.c | 6 ++--- >>> configs/targets/arm-softmmu.c | 6 ++--- >>> include/qemu/module.h | 1 + >>> include/qemu/target-info-init.h | 53 ++++++++++++++++++++++++++++ >>> +++++++++++ >>> include/qemu/target-info-qom.h | 30 ++++++++++++++++++++++ >>> qom/object.c | 22 +++++----------- >>> system/vl.c | 4 +++ >>> target-info-qom.c | 45 ++++++++++++++++++++++++++++ >>> +++++ >>> target-info-stub.c | 6 ++--- >>> 9 files changed, 145 insertions(+), 28 deletions(-) >>> create mode 100644 include/qemu/target-info-init.h >>> create mode 100644 include/qemu/target-info-qom.h >>> >> > Thanks, Pierrick
© 2016 - 2026 Red Hat, Inc.