This CL fixes two issues:
1) When the specified vmar_offset was zero, the previous logic would
incorrectly conclude that no target address was specified, and would
potentially place the allocation elsewhere in memory, not at the
desired address. This CL now passes both the target address and the
VMAR base address to AllocateInternal, which can then correctly
determine whether a target address was supplied.
2) When the root_vmar was used and a hint specified, the previous logic
would incorrectly use nullptr as base address of the root_vmar, which
appears to be incorrect. The new logic now obtains the actual base
(apparently 2MB) through zx_object_get_info during initialization.
Bug: v8:10391
Change-Id: Ia8215440a790b4a2a0c8d33f623d3ecb6a731a97
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398506
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78693}
Use the FatalProcessOutOfMemory function such that tooling recognizes
these crashes as OOM's.
Drive-by: Skip one more test that leads to such stack overflows.
Fixed: v8:12555, chromium:1288456
Bug: v8:12472
Change-Id: Ib9203a4aa0487744f7cea9a212aeeffda579ae23
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401861
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78692}
Rolling v8/base/trace_event/common: 7f36dbc..d115b03
Rolling v8/build: f3be6e8..841e388
Rolling v8/buildtools/third_party/libc++abi/trunk: 94855f7..7d79126
Rolling v8/buildtools/third_party/libunwind/trunk: 57e4aff..efb2cbd
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f92a0a2..8bc3659
Rolling v8/third_party/depot_tools: cb340f5..a657331
Rolling v8/third_party/googletest/src: c9643a2..100f6fb
Rolling v8/tools/luci-go: git_revision:d1e877e2b3e5a05a5cd34c4a340fedba14a16c2b..git_revision:5b02a4aaeb5fd78d6fe41d6d54d1cb58da17f192
Rolling v8/tools/luci-go: git_revision:d1e877e2b3e5a05a5cd34c4a340fedba14a16c2b..git_revision:5b02a4aaeb5fd78d6fe41d6d54d1cb58da17f192
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: Ic20a71114072b6240b0ba01252ed9cd562395b80
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3402380
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78690}
This is a regression test for the fixes in
https://crrev.com/c/v8/v8/+/3299592 . Some of the helper functions were
copied from console-retaining-path.js in the same directory.
Bug: v8:12112
Change-Id: I3c313ad003ede5e5036f886161e1d164c98f87fe
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3400149
Reviewed-by: Simon Zünd <szuend@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#78689}
enum values need to be explicitly casted to int type to
prevent the following error:
```
expects argument of type 'int', but argument 3 has type
'v8::internal::{anonymous}::V8StartupState'
```
Bug: v8:12309
Change-Id: I9515cde7d2496ca070ce4c6b751501236864730b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3401398
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78688}
super.property accesses in heritage positions like `class C extends
super.property` should resolve super in the current scope, not C's
class scope.
Bug: chromium:1282096
Change-Id: I7ef815bc02cfff35a2898ef9f39b133d1114046c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3400150
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78687}
- Do not create a new handle for {target_instance}.
- Only instantiate FunctionTargetAndRef once.
Bug: chromium:1284557
Change-Id: I42aea5750e93ef4ac578003bca323cda4753b6f6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3395874
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78686}
The method SetInstanceDescriptors accessed the bit field before it got
initialized, which is undefined behavior.
R=cbruni@chromium.org
Change-Id: Ie17e6e840a9a4278e066278d1ce81ac4b836a429
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3400970
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78684}
Also:
- Refactor the ValueSerializer tests using raw data, so that we test all
valid versions for each test (not only one hard-coded one)
- Mark some tests as backwards compatibility tests, to make it less
likely that somebody updates them not realizing they are backwards
compatibility tests.
Bug: v8:11111, v8:12532
Change-Id: I670849de07742c8d442249ef4f013781e4ee9255
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386802
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78681}
This is a reland of f1c2a2089d
Changes compared to original:
Revert test change which used simd and caused problems in multiple test
configurations.
Original change's description:
> [wasm] Various small cleanups/fixes
>
> Changes:
> - Fix a bug in objects-printer where array elements were not treated as
> tagged pointers.
> - Fix a few TODOs, mainly in the wasm interpreter.
> - Improve documentation, small refactorings.
>
> Change-Id: I1d70ad454b3a0693b9b784b17395434d81d01b61
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3383136
> Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78656}
Change-Id: I91f4fed5fbc91acb8b42413a6f40a8202bd43096
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398111
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78677}
CDP has a "ExceptionDetails" structure that is attached to various
CDP commands, e.g. "Runtime#exceptionThrown" or "Runtime#evaluate".
The stack trace in the "ExceptionDetails" structure is used in
various places in DevTools. The information in the "ExceptionDetails"
structure is extracted from a v8::Message object. Message objects
are normally created at the exception throw site and may augment
the error with manually inspecting the stack (both to capture a fresh
stack trace in some cases, as well as to calculate location info).
The problem is that in some cases we want to get an "ExceptionDetails"
structure after the fact, e.g. when logging a JS "Error" object in
a catch block. To help in this case, this CL introduces a new
CDP method "Runtime#getExceptionDetails" that behaves exactly as
advertised: It provides a populated "ExceptionDetails" structure
from a JS Error object.
R=bmeurer@chromium.org
Doc: https://bit.ly/runtime-get-exception-details
Bug: chromium:1278650
Change-Id: I084be10c1d852d3b7cac8d88e7f820e867be4722
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3337258
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78676}
We recently landed write barrier verification in
https://crrev.com/c/3386803. This CL adds verification to
set_map_no_write_barrier and similar methods as well.
Bug: v8:12544
Change-Id: I54844b0323731281b4f41fd1502acdd44557a2c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3395561
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78675}
Avoid the worst case of spinning for 100ms on systems with
low-resolution timers.
It's unclear how widespread such systems are -- I couldn't
find one, but one user claims to have one.
Details and investigation results: http://shorturl.at/otyP4
Change-Id: I8d1aefef2552c5e8e16348bc86e663ac1bc4f6c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398501
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78672}
Previously, literals in Torque were stored as double values, which
made it impossible to precisely represent 64 bit integer values.
This CL replaces the old literal expression with an integer and
floating point literal expression that are unbounded in size. We
allow implicit conversion of these literals to arbitary integer
and floating point types respectively and insert a corresponding
bounds check into generated CSA.
Bug: v8:7793
Change-Id: I46c231aab92bc2f0c26955d1876079f306b358c6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3329792
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78671}
This hashtable will be used by ScopeInfo::Create which
is instantiated with Isolate and LocalIsolate.
Bug: v8:12315
Change-Id: I098c103eb884795ee84d50c0756af686c27ced31
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398116
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78670}
Apply case-insensitive comparisons not only for the initial character,
but for the entire prefix. This avoids degenerate behavior for patterns
like /aaaa|AAAA|AAAA/i (i.e. generate a single 4-char prefix instead of
four 1-char prefixes).
Bug: v8:12472
Change-Id: Ib2b49fe73ca846a1b7ec90056cc64bdf5cf33026
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398114
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78668}
Recursive ToNode node generation may overflow the stack for large
graphs. As a quick fix, insert periodic stack overflow checks in
selected ToNode methods.
As a more permanent fix, in the future we could abort gracefully
(instead of crashing on a CHECK), and/or refactor into iterative node
generation.
Bug: v8:12472
Change-Id: Ie5fbe838c5f6a5192d7d9b44bfe6f6c76a8d26e7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398112
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78667}
These tests cover the basic VirtualAddressSpace functionality for the
three different types of address spaces currently available: the root
space, subspaces, and emulated subspaces.
This CL also includes minor bugfixes in VirtualAddressSpace
implementations and removes RandomizedVirtualAlloc in platform-win32.cc
which doesn't seem to do anything useful anymore but prevents page
allocation hints from working correctly.
Bug: v8:10391
Change-Id: Ifa260d18fd366516b5a41ab42ce2f1785c57d061
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386801
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78666}
This reverts commit bd72152e7d.
Reason for revert: TSAN reports a data race, please see https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20isolates/18124/overview
Original change's description:
> [fastcall] Add Wasm entry for Fast API calls
>
> Allow Wasm to generate calls directly to Fast API C functions.
> This massively reduces the overhead of these calls (~300%).
> Currently options parameter is not supported.
>
> This is a rebase of the work originally done by devsnek in:
> https://chromium-review.googlesource.com/c/v8/v8/+/2718666.
>
> Bug: chromium:1052746
> Change-Id: I1bb1de68b440044cc8a4e528adf9d8e0e6692a07
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364356
> Reviewed-by: Clemens Backes <clemensb@chromium.org>
> Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
> Reviewed-by: Maya Lekova <mslekova@chromium.org>
> Commit-Queue: Paolo Severini <paolosev@microsoft.com>
> Cr-Commit-Position: refs/heads/main@{#78664}
Bug: chromium:1052746
Change-Id: I957708cf1cff6ee8f90678ee48428f5c12f75a53
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3398121
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Owners-Override: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78665}
Allow Wasm to generate calls directly to Fast API C functions.
This massively reduces the overhead of these calls (~300%).
Currently options parameter is not supported.
This is a rebase of the work originally done by devsnek in:
https://chromium-review.googlesource.com/c/v8/v8/+/2718666.
Bug: chromium:1052746
Change-Id: I1bb1de68b440044cc8a4e528adf9d8e0e6692a07
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364356
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Paolo Severini <paolosev@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#78664}
When the stack is split in safe and unsafe parts, on-stack
TracedReferences are allocated on the unsafe stack. What currently
happens is that on GC we destroy all the on-stack references below the
current frame of the *safe* stack. If the safe stack is allocated above
the unsafe counterpart, then all the traced references will be
preliminary destructed on GC. This CL fixes it by using
__builtin___get_unsafe_stack_ptr() if -fsanitize=safe-stack is enabled.
In addition, deduplicate OnStackTracedNodeSpace::IsOnStack() and
Stack::IsOnStack() and move more logic into ::heap::base::Stack.
Bug: chromium:1278780
Change-Id: I9582bb1321958b7ec8ef2c0c46b9e42d51bb6f94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3395033
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78660}
Previously, StoreOwnIC incorrectly reuses the [[Set]] semantics
when initializing public literal class fields and object literals in
certain cases (e.g. when there's no feedback).
This was less of an issue for object literals, but with public class
fields it's possible to define property attributes while the
instance is still being initialized, or to encounter existing static
"name" or "length" properties that should be readonly. This patch
fixes it by
1) Emitting code that calls into the slow stub when
handling StoreOwnIC with existing read-only properties.
2) Adding extra steps in StoreIC::Store to handle such stores
properly with [[DefineOwnProperty]] semantics.
Bug: v8:12421, v8:9888
Change-Id: I6547320a1caba58c66ee1043cd3183a2de7cefef
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300092
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#78659}
Changes:
- Fix a bug in objects-printer where array elements were not treated as
tagged pointers.
- Fix a few TODOs, mainly in the wasm interpreter.
- Improve documentation, small refactorings.
Change-Id: I1d70ad454b3a0693b9b784b17395434d81d01b61
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3383136
Reviewed-by: Nikolaos Papaspyrou <nikolaos@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78656}
This is a reland of f605d77822
Adds a GC safe (using handles) and unsafe versions of the iterator.
V8HeapExplorer needs an unsafe one, since it does not allow the
creation of handles.
Original change's description:
> [runtime] Adds LocalNameIterator
>
> ScopeInfo will contain either inlined (array) local names or
> a hash table (names => index) containing the local names.
>
> We abstract iteration with LocalNameIterator and remove
> ContextLocalName since accessing a local name by index in
> the hash table would be expensive.
>
> This CL only implements the iterator for the array.
>
> Bug: v8:12315
> Change-Id: I2c62802652fca1cf47815ce8768a3f7487f2c39f
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386603
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Commit-Queue: Victor Gomes <victorgomes@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78623}
Bug: v8:12315
Change-Id: I6288a08b9c342cd3a9cabcb621c40bb44c08c9c4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3394706
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78653}
The wpt test external/wpt/wasm/jsapi/functions/entry.html failed
because the current context was entered when executing the start
function instead of the native context. The test crashed because in
GetEnteredOrMicrotaskContext a NativeContext is expected.
Bug: chromium:1098844
Change-Id: I52d50986c67a0a69c8d9e03756592dff670f83df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3368107
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78652}
Implementations are added to macro-assembler to be shared between
liftoff and code generator.
Change-Id: Ic38677b3266399e5e170a4b2d6a8f90d0b830d47
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3389090
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78650}
Verify usages of SKIP_WRITE_BARRIER in builds with SLOW_DCHECKs enabled.
We can only remove the write barrier in specific circumstances that
can also be DCHECK'ed.
I also switched some write barriers to UPDATE_WRITE_BARRIER where those
simple rules didn't hold but relied on more elaborate explanations.
Bug: v8:12544
Change-Id: I4caa43627f8a3209d853e3352caabc161568e6eb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386803
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78649}
We are guaranteed to have a valid ref for the prototype now that the
no-concurrent-inlining configuration has been removed.
Bug: v8:7790
Change-Id: I8400d1887f5cd41b14c92c87151847c0ed78f911
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3394708
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78648}
This CL exposes the `recurring` flag on the experimental async stack
tagging API which was implemeted in the following CL:
https://chromium-review.googlesource.com/c/v8/v8/+/3212506
It serves as a prototype to check if such an API is suitable for
improving stack traces for frameworks which split up tasks across
multiple frames, yielding back to the main thread when some time budget
is consumed.
The tests are implemented as Blink web tests in the following CL:
https://chromium-review.googlesource.com/c/chromium/src/+/3383386
Bug: chromium:332624
Change-Id: I3e8c5de723cb7c0413d03ca4292c22d6a6e565b0
Signed-off-by: Victor Porof <victorporof@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3380495
Reviewed-by: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78647}
In preparation to use the hash table in the scope_info, we
setup a hashtable from name to indices.
Bug: v8:12315
Change-Id: I77f1eb40191c2fb2d40127e1e84dbc41ca2e4b70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3386804
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78646}
This CL introduces a dedicated API to retrieve the current (w.r.t. the
JS stack) script name or sourceURL. Currently, API clients will
collect multiple stack traces in increasing sizes to accomplish the
same goal. The new method walks the JS stack in the same way as the
stack trace collection mechanic but doesn't create/allocate stack info
or callsite objects along the way.
R=bmeurer@chromium.org, yangguo@chromium.org
Doc: https://bit.ly/v8-current-script-name
Bug: chromium:1286677
Change-Id: Id53e4f04bf17349d34f3d581bc712b1f4aa055db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3382818
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Simon Zünd <szuend@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78645}
