Since --shared-space is now enabled by default, we don't need this
flag for testing anymore.
Bug: v8:13267
Change-Id: Ib4c1111a75dbf93d05ccf3bac752c0ef089e3c15
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4194715
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85488}
This updates the file exceptions for js-fuzzer following the procedure
described at js_fuzzer/README.md.
This executed gen_exceptions.sh with the latest web_tests.zip archive.
FYI, the exceptions mark files with parse/mutation errors - i.e. the
fuzzer bails out and is ineffective on those files. It also marks
files not applicable in strict mode, which lets the fuzzer only
choose sloppy instead of bailing out. Some medium slow tests are
going to be chosen with lower probability.
This also fixes a bug in template literal replacements which reduces
the number of skipped test cases.
Change-Id: I39ae9b4c4f8dcff65226d49545eb50b1cbfe5c8c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4184213
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85471}
This reverts commit 6b2c271cfb.
Reason for revert: All open bugs were fixed.
Original change's description:
> [foozzie] Temporarily lower the amount of --future tests
>
> Drop --future from 25% to 5% for a few days until all currently open
> correctness cases associated with --future are fixed.
>
> No-Try: true
> Bug: v8:7700
> Change-Id: I161a0adbc767c5cec46409443fe58c634531487c
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4114292
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#85010}
Change-Id: I804a4c33922595e380bdd11150ff826d6669d846
No-Try: true
Bug: v8:7700
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4128527
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85068}
This makes js-fuzzer use %OptimizeMaglevOnNextCall in 30% of the
times when optimization patterns are chosen. Other probabilities
of the function-call mutator are tuned a bit to keep using
%OptimizeFunctionOnNextCall proportionally similarly to before.
(~ some round number preferences... exact choices might not matter
much, since the original probability choices are rater arbitrary
anyways)
Bug: v8:7700
Change-Id: I7727ea27fd956efab6fbee2b4a090213d1d7ff05
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4124118
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85031}
Drop --future from 25% to 5% for a few days until all currently open
correctness cases associated with --future are fixed.
No-Try: true
Bug: v8:7700
Change-Id: I161a0adbc767c5cec46409443fe58c634531487c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4114292
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85010}
Before this change, the mutation order of js-fuzzer was hard-coded
and always executed in the same order. This e.g. prevents certain
mutation interactions. E.g. in the typical V8 pattern:
%Prep(foo);foo(N);foo(N);%Opt(foo);foo(N);
This gets typically inserted by the FunctionCallMutator, but none
of the arguments N would get mutated later, since e.g. the
NumberMutator is executed earlier.
This change adds an experiment that makes the top-level mutation
flow more flexible. With a probability of 20% each we now also:
- Shuffle the different mutators.
- Run a few random extra mutators after the first round.
We annotate the output files with comments if the experiment was
chosen to easier analyze later if interesting new bugs were found.
Change-Id: I581d43b41a8e1d87ff1e8cab435a1b6e834db0f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4096477
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84863}
This will allow bugs such as crbug.com/1394403 to be found much easier
by fuzzers as it will cause d8 to compile every function twice and to
verify that the resulting bytecode is the same.
In order to not lose fuzzer coverage of e.g. lazy compilation, this CL
also adds --lazy and --no-stress-lazy-source-positions to the fuzzer
configurations to be chosen with a small probability.
Bug: chromium:1394403
Change-Id: I172ac483b45978a669c9787e5f851daa985fd1f5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4096480
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84811}
After fixing all known bugs found by fuzzers for
--shared-string-table we can enable this flag on all fuzzers again.
Bug: v8:13267
Change-Id: Ie2c361bbd2cf349d2c5d517fb6c71f88a3381626
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4061310
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84514}
The flag --harmony-struct changes the global object which is
observable when doing differential fuzzing. The flag will now be
ignored to close ongoing false positives. It could be enabled in
the future if the global object stays equal in all compared
configurations, which could be faked behind the flag:
--correctness-fuzzer-suppressions.
No-Try: true
Bug: chromium:1393020
Change-Id: Ib5f3325a742dd32cac34febca58bf99e0184ac97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4055627
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84478}
This reverts commit 5e07bb70e5.
Reason for revert: --struct-harmony caused an initial flood of
bugs on the correctness fuzzer. Let's reland this once we've
sorted out those.
Original change's description:
> [heap] Enable shared heap flags on more fuzzers
>
> Enable --shared-string-table and --struct-harmony on more fuzzers.
>
> Bug: v8:13267
> Change-Id: Iedea33f5c06563aac4d0f0d0eb880f7ee6208d9f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4043902
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Commit-Queue: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#84412}
Bug: v8:13267
Change-Id: Id7973fa312cdddff6c49b672d0496c33fc8828e4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4051202
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#84436}
Enable --shared-string-table and --struct-harmony on more fuzzers.
Bug: v8:13267
Change-Id: Iedea33f5c06563aac4d0f0d0eb880f7ee6208d9f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4043902
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#84412}
--use-map-space was already disabled by default. This CL removes
the possibility to enable map space again by removing that flag and
all its usages.
Bug: v8:12578
Change-Id: I8af18f39e9bf645316aa8718b49589eb4b852374
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3959658
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83758}
After removing flag in https://crrev.com/c/3952935 it was still used
on fuzzers.
Bug: v8:12578
Change-Id: I35790b11224c9487923b322f575530159a09b129
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3956734
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Auto-Submit: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83718}
Provide dummies for performance methods that are irrelevant for
differential fuzzing.
Bug: chromium:1370405
Change-Id: I91dcadc446314dbfc97b09a95f054c867574e345
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3932722
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83509}
Based on bots and local testing, MinorMC has reached a stable state in
terms of correctness.
Enable fuzzing with MinorMC to flush out additional issues.
Bug: v8:12612
Change-Id: I9cf8c5791d7256ff63c777b295863506436ee165
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3872265
Reviewed-by: Almothana Athamneh <almuthanna@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83190}
This ignores one of --assert-types and --stress-concurrent-inlining if
used together. We already filter those from trials, but they also might
get picked from // Flags lines in test cases.
No-Try: true
Bug: chromium:1359829
Change-Id: I7e46afb53bdbb0a871c7443a5a66a339046eb3de
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3871195
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82961}
Add logic to drop cyclic contradictory flags from
correctness-fuzzing command lines. Add the currently known
biggest offenders.
Without this, the correctness fuzzing harness runs into a CHECK
failure during smoke testing, when attempting to pass cyclic flags
to d8. It fails fast, but uselessly burns fuzzing time.
This change drops one of the known cyclic flags instead to make the
test run still useful. The precedence is right to left like in the
V8 test framework.
Additionally on Clusterfuzz, all crashes during smoke testing are
deduped as one crash report. We don't know if there are other
problems before this one is fixed/hidden.
No-Try: true
Bug: chromium:1330303
Change-Id: I06cbb4655cd3cf467f5cce6f84dba653834ca72e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865562
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Alexander Schulze <alexschulze@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82939}
.. and update old entries:
- Remove --no-untrusted-code-mitigations (flag no longer exists)
- Make --stress-concurrent-inlining-attach-code less likely since it
mostly overlaps with --stress-concurrent-inlining and there haven't
been many reports in this are lately.
Bug: v8:7700
Change-Id: Ic88ea74ca88a7c14edfc39bc0a55b846bb01e465
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3867506
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82882}
Due to https://crbug.com/1195263, large typed arrays can have an
observable difference on the same architecture, depending on
optimization behavior.
For differential fuzzing comparisons, we previously used a proxy
for typed arrays that capped the maximum size only when comparing
different architectures - there an observable difference is WAI.
We move the capping code and make it arch-independent for now until
the bug above gets fixed, since it caused too many duplicates, which
degrade fuzzing performance.
Bug: chromium:1195263
Change-Id: Ic81c383e547413378cbe037de3c38eb900a9e5dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3866173
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82860}
Bugs that are older than the switch of v8_foozzie.py to Python3
bisect to the switch commit unfortunately. This change attempts to
let bisect run longer if a python2 executable still exists.
No-Try: true
Bug: chromium:1355824
Change-Id: I457a50af21704ddd2985793861eee8be5601a673
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3856574
Reviewed-by: Liviu Rau <liviurau@google.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82728}
The infrastructure runs everything already in Python3, so this is
mostly a clean-up.
For MB, a python2 holdover was removed and new lint errors were
fixed.
The renames were automated with:
git grep -e "/usr/bin/python$" |
cut -d':' -f1 |
xargs
sed -i 's/#!\/usr\/bin\/python$/#!\/usr\/bin\/python3/1'
and
git grep -e "/usr/bin/env python$" |
cut -d':' -f1 |
xargs
sed -i 's/#!\/usr\/bin\/env python$/#!\/usr\/bin\/env python3/1'
Bug: v8:13148
Change-Id: If4f3c7635e72fa134798d55314ac1aa92ddd01bf
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3811499
Reviewed-by: Liviu Rau <liviurau@google.com>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82231}
Memory limits are difference on 32-bit and 64-bit systems, so foozzie
finds differences in Wasm execution.
This can be avoided by always setting the same (lower) limit.
R=machenbach@chromium.org
Bug: chromium:1348335
Change-Id: I452d257fd78730b4113bfe67120dbed2e8ba5878
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3804696
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82200}
Add flag contradictions for "assert-types" flag and a README file for how
to add trials from the source side. Also restore "assert-types" and its
contradictions' probability since we can avoid contradictions now.
Bug: v8:1340816,v8:1336577
No-Try: true
Change-Id: I2a3af2d13cd2f9f542bec5c013c50bf26ff93cc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3787878
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82133}
This reverts commit a618a4a341.
Reason for revert: Original CL got reverted, we don't need the suppression anymore.
Original change's description:
> [foozzie] Silence a frequently occuring correctness bug
>
> This CL adds back a patch of Math.pow for correctness fuzzing, which
> drops some precision and hides a difference on the fast path.
>
> The same suppression was previously used on https://crbug.com/693426.
>
> No-Try: true
> Bug: chromium:1339320
> Change-Id: Id52f25f8a2b6b5aeca956587b16a10c61aa68e36
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726295
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Maya Lekova <mslekova@chromium.org>
> Auto-Submit: Michael Achenbach <machenbach@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#81408}
Bug: chromium:1339320
Change-Id: Id4cf04f9480b3052978ee7ca3dd83d7ee16845c8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736446
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#81470}
This CL adds back a patch of Math.pow for correctness fuzzing, which
drops some precision and hides a difference on the fast path.
The same suppression was previously used on https://crbug.com/693426.
No-Try: true
Bug: chromium:1339320
Change-Id: Id52f25f8a2b6b5aeca956587b16a10c61aa68e36
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726295
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81408}
The following flag combinations run into a CHECK in d8:
('--assert-types', '--stress-concurrent-inlining')
('--assert-types', '--stress-concurrent-inlining-attach-code')
All flags can be passed as clusterfuzz trials on d8 fuzzers and lead
to poor fuzzing outcomes. This lowers their probability as a
mitigation until a better solution is found.
No-Try: true
Bug: chromium:1336577
Change-Id: I63747bb0a466c01d2789fc76cb9232f7afe720f0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3721382
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81387}
--no-use-map-space should now be fixed, it is already enabled with
--future.
Bug: v8:12578, chromium:1317880
Change-Id: I9ea10dfaebf7b17cb1c953e272bc3358932a10b5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3702232
Reviewed-by: Liviu Rau <liviurau@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#81173}
This filters the flags --maglev and --no-use-map-space when passed to
foozzie. Most open bugs are known or spurious, but all take up the
limited hashes for correctness bugs, which prevents finding other
bugs. Filtering on the source-side will make those reports appear
as fixed.
Bug: chromium:1324097, chromium:1317880
Change-Id: Ibf1b04bdfdd2395c3bda5787b4843c6bb5ca8f8e
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3641171
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80468}
Turn on fuzzing for Maglev to get additional test coverage.
Bug: v8:7700
Change-Id: I5b72d851639e31dff1bd91361cd81ad448c2d69e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3629334
Auto-Submit: Jakob Linke <jgruber@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80416}
To be consistent with the all the other tiers and avoid confusion, we
rename --opt to ---turbofan, and --always-opt to --always-turbofan.
Change-Id: Ie23dc8282b3fb4cf2fbf73b6c3d5264de5d09718
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3610431
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80336}
Using this flag has led to several duplicate issues. We need to stop
using the flag for a while until the issues are investigated.
Potentially these are all false positives.
No-Try: true
Bug: chromium:1317880
Change-Id: I09f4e1c642befc3a8f5b88c2eb003931dc112826
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3602508
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80114}
Turn on fuzzing for disabled map space to get additional test coverage.
Bug: v8:12578
Change-Id: I82c577c8c24b51df627c873fde95fb239e16d36f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3592892
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#80012}
Search for all files with testing naming convention and run that on v8_presubmit.
Also modify all PRESUBMIT files in the tools directory to include any test file
with the appropriate naming convention.
Bug: chromium:1306474
Change-Id: I61c1b7c71badbbc3b99705289588aa8280824d66
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3532266
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Almothana Athamneh <almuthanna@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79651}
The fuzzers were passing the flag --es-staging which doesn't exist. This
CL updates them to pass the flag --harmony which does exist.
Change-Id: I02c83026e5b9bdf49e51e700f16702bf56cd49e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3522064
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79464}
Now that we are able to compact map space, we can also get rid of the
map space and allocate maps in the old space instead. This CL introduces
a FLAG_map_space for enabling/disabling the map space but the map space
remains enabled by default for now.
Without a separate space for maps, the GC can't prevent relocation of
maps anymore. Therefore this CL always allows compaction of maps when
running without a map space. Rename flag to --compact-maps to better fit
this scenario.
mkgrokdump and debug_helper also need to be updated to look for maps
also in the old space. The map space is now optional.
Bug: v8:12578
Change-Id: Ic4e4abd0b58bee26e64329b1c92dbccb07d8105a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424483
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#79165}
