Google Git
Sign in
chromium/chromium/src/components/metrics/b2a3cf78e6d4396f18992bab99ec10579c718dbc^!/.
commit
b2a3cf78e6d4396f18992bab99ec10579c718dbc
[log] [tgz]
author
Alexei Svitkine <asvitkine@chromium.org>
Mon Aug 18 15:54:57 2025
committer
Copybara-Service <copybara-worker@google.com>
Mon Aug 18 16:05:32 2025
tree
b78b697e08f03f58c27ab247b7eff9485a53cd85
parent
18f8680d615db050aa65ad2ff6149d7a173773bb [diff]
Fix fuzzer crash in create_trials_from_seed_v2_fuzzer

The create_trials_from_seed_v2_fuzzer was crashing due to an
unregistered pref and a null EnabledStateProvider.

This CL fixes the crash by:
- Providing a TestEnabledStateProvider to the MetricsStateManager.
- Adding a dependency on //components/metrics:test_support to the
  fuzzer's BUILD.gn file.
- Calling MetricsStateManager::RegisterPrefs() from the fuzzer and
  refactoring MetricsStateManager to register CleanExitBeacon's prefs,
  improving encapsulation.

This is fixing the issues introduced in:
https://chromium-review.googlesource.com/c/chromium/src/+/6836751
(Which apparently weren't caught by any try bots.)

This change was tested locally, by building:
`autoninja -C out/fuzz create_trials_from_seed_v2_fuzzer`
With these gn args:
```
archive_seed_corpus = false
ffmpeg_branding = "ChromeOS"
is_asan = true
is_debug = true
optimize_for_fuzzing = true
pdf_enable_xfa = true
proprietary_codecs = true
symbol_level = 1
use_libfuzzer = true
use_remoteexec = true
is_component_build = false
```
And ran via:
`out/fuzz/create_trials_from_seed_v2_fuzzer -runs=1 -max_len=256`

Bug: 439018238
Change-Id: I7c92910ec9bc184824cedfa562a3b2fd42cb63a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6854030
Commit-Queue: Alexei Svitkine <asvitkine@chromium.org>
Commit-Queue: Roger McFarlane <rogerm@chromium.org>
Auto-Submit: Alexei Svitkine <asvitkine@chromium.org>
Reviewed-by: Roger McFarlane <rogerm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1502727}
NOKEYCHECK=True
GitOrigin-RevId: d6b5a28943499b1011f531d05bb0ebf066f68662

diff --git a/metrics_service.cc b/metrics_service.cc
index 363b7fe..03ac8a1 100644
--- a/metrics_service.cc
+++ b/metrics_service.cc

@@ -313,7 +313,6 @@
 
 // static
 void MetricsService::RegisterPrefs(PrefRegistrySimple* registry) {
-  CleanExitBeacon::RegisterPrefs(registry);
   MetricsStateManager::RegisterPrefs(registry);
   MetricsLog::RegisterPrefs(registry);
   StabilityMetricsProvider::RegisterPrefs(registry);

diff --git a/metrics_state_manager.cc b/metrics_state_manager.cc
index 338092d..46b4502 100644
--- a/metrics_state_manager.cc
+++ b/metrics_state_manager.cc

@@ -32,6 +32,7 @@
 #include "base/uuid.h"
 #include "build/branding_buildflags.h"
 #include "build/build_config.h"
+#include "components/metrics/clean_exit_beacon.h"
 #include "components/metrics/cloned_install_detector.h"
 #include "components/metrics/enabled_state_provider.h"
 #include "components/metrics/entropy_state.h"
@@ -526,6 +527,7 @@
 
   EntropyState::RegisterPrefs(registry);
   ClonedInstallDetector::RegisterPrefs(registry);
+  CleanExitBeacon::RegisterPrefs(registry);
 }
 
 void MetricsStateManager::BackUpCurrentClientInfo() {