nodejs-electron/chromium-102-compiler.patch

SUSE: Disable the following:
* Optimizer flags. Anything other than straight -O2 isn't well tested (either more or less optimization)
  * -flto still needs to be handled by gn as it needs to be disabled for some targets,
    and global CFLAGS go at the end of the commandline
* Submodel options (-march and friends). Upstream notoriously forces SSE3 despite the code not requiring it.
  * note that cpu options for ARM are currently left in, as they do not seem to do harm and V8 needs to know the exact target anyway
* libstdc++ assertions. Enabling them or not should in general be the distro's decision. Electron does not run untrusted code (unlike browsers) and as such does not really benefit from security paranoia.
* Debuginfo format. Upstream seems to force something that is not recognized by rpmbuild.
  * per-target debuginfo level is left in as it is still useful (-g2 everywhere does not work)
* Emitting code for the PIC model. It is needed in case of shared libraries, but results in a larger executable (and Electron is already enormous)
  It should be enabled individually on code that gets into separate libraries (and we know when to do it — otherwise we're getting linker error)
* -rdynamic. The rationale given is bogus (the allocator gets exported regardless). The main executable needs to be linked with -rdynamic anyway, but eg. chrome_crashpad_handler doesn't.


From 307a0f63dd9b118f4b8470ed3d7567e81fdb7a6d Mon Sep 17 00:00:00 2001
From: Mike Gilbert <floppym@gentoo.org>
Date: Fri, 22 Apr 2022 09:05:24 +0000
Subject: [PATCH] Disable various compiler configs

---
 build/config/compiler/BUILD.gn | 114 +++++----------------------------
 1 file changed, 17 insertions(+), 97 deletions(-)

--- src/build/config/compiler/BUILD.gn.orig	2025-07-19 11:32:29.581980058 +0200
+++ src/build/config/compiler/BUILD.gn	2025-07-19 16:12:37.505818698 +0200
@@ -310,9 +310,7 @@ config("compiler") {
 
   configs += [
     # See the definitions below.
-    ":clang_revision",
     ":rustc_revision",
-    ":compiler_cpu_abi",
     ":compiler_codegen",
     ":compiler_deterministic",
     ":clang_warning_suppression",
@@ -338,7 +336,6 @@ config("compiler") {
   # See: https://gcc.gnu.org/PR97913
   # TODO(mpdenton): remove is_clang once GCC bug is fixed.
   if ((!is_nacl || is_nacl_saigo) && !is_ubsan && is_clang) {
-    cflags += [ "-fno-delete-null-pointer-checks" ]
   }
 
   # Make signed overflow and pointer overflowdefined to wrap.
@@ -348,7 +345,6 @@ config("compiler") {
     if (is_win) {
       cflags += [ "/clang:-fno-strict-overflow" ]
     } else {
-      cflags += [ "-fno-strict-overflow" ]
     }
   }
 
@@ -364,7 +360,12 @@ config("compiler") {
   if (!is_win) {
     # Common POSIX compiler flags setup.
     # --------------------------------
-    cflags += [ "-fno-strict-aliasing" ]  # See http://crbug.com/32204
+    # To future SUSE maintainers: Do not re-enable this, you will save yourself hours of debugging!
+    # This is an optimizer flag, not a C dialect flag to make GCC behave like clang.
+    # Despite what the -Wlto-type-mismatch warning text tells you, enabling this will NOT fix miscompiles,
+    # and seems to cause other problems in GCC12. See https://bugs.chromium.org/p/chromium/issues/detail?id=1373615#c6
+    # ANY BUGS DUE TO ALIASING SHOULD BE FIXED IN CODE, AND THE PATCHES SENT UPSTREAM!
+    # cflags += [ "-fno-strict-aliasing" ]  # See http://crbug.com/32204
 
     # Stack protection. ShadowCallStack and Stack protector address the same
     # problems. Therefore, we only enable one or the other. Clang advertises SCS as
@@ -500,10 +501,6 @@ config("compiler") {
   # Linux/Android/Fuchsia common flags setup.
   # ---------------------------------
   if (is_linux || is_chromeos || is_android || is_fuchsia) {
-    asmflags += [ "-fPIC" ]
-    cflags += [ "-fPIC" ]
-    ldflags += [ "-fPIC" ]
-    rustflags += [ "-Crelocation-model=pic" ]
 
     if (!is_clang) {
       # Use pipes for communicating between sub-processes. Faster.
@@ -1148,11 +1145,6 @@ config("libcxx_hardening") {
     defines = [ "_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_NONE" ]
   }
 
-  # Enable libstdc++ hardening lightweight assertions. Those have a low
-  # performance penalty but are considered a bare minimum for security.
-  if (use_safe_libstdcxx) {
-    defines += [ "_GLIBCXX_ASSERTIONS=1" ]
-  }
 }
 
 # The BUILDCONFIG file sets this config on targets by default, which means when
@@ -1218,7 +1210,8 @@ config("thinlto_optimize_max") {
 # without using everything that "compiler" brings in.  Options that
 # tweak code generation for a particular CPU do not belong here!
 # See "compiler_codegen", below.
-config("compiler_cpu_abi") {
+config("compiler_cpu_abi") { }
+config("xcompiler_cpu_abi") {
   cflags = []
   ldflags = []
   defines = []
@@ -1994,7 +1987,8 @@ config("tot_warnings") {
 # Collects all warning flags that are used by default. This is used as a
 # subconfig of both chromium_code and no_chromium_code. This way these
 # flags are guaranteed to appear on the compile command line after -Wall.
-config("default_warnings") {
+config("default_warnings") { }
+config("xdefault_warnings") {
   cflags = []
   cflags_cc = []
   ldflags = []
@@ -2262,11 +2256,7 @@ config("chromium_code") {
       defines = [ "_HAS_NODISCARD" ]
     }
   } else {
-    cflags = [ "-Wall" ]
-    if (is_clang) {
-      # Enable extra warnings for chromium_code when we control the compiler.
-      cflags += [ "-Wextra" ]
-    }
+    cflags = []
 
     # In Chromium code, we define __STDC_foo_MACROS in order to get the
     # C99 macros on Mac and Linux.
@@ -2275,24 +2265,6 @@ config("chromium_code") {
       "__STDC_FORMAT_MACROS",
     ]
 
-    if (!is_debug && !using_sanitizer && current_cpu != "s390x" &&
-        current_cpu != "s390" && current_cpu != "ppc64" &&
-        current_cpu != "mips" && current_cpu != "mips64" &&
-        current_cpu != "riscv64" && current_cpu != "loong64") {
-      # Non-chromium code is not guaranteed to compile cleanly with
-      # _FORTIFY_SOURCE. Also, fortified build may fail when optimizations are
-      # disabled, so only do that for Release build.
-      fortify_level = "2"
-
-      # ChromeOS's toolchain supports a high-quality _FORTIFY_SOURCE=3
-      # implementation with a few custom glibc patches. Use that if it's
-      # available.
-      if (is_chromeos_device && !lacros_use_chromium_toolchain) {
-        fortify_level = "3"
-      }
-      defines += [ "_FORTIFY_SOURCE=" + fortify_level ]
-    }
-
     if (is_apple) {
       cflags_objc = [ "-Wimplicit-retain-self" ]
       cflags_objcc = [ "-Wimplicit-retain-self" ]
@@ -2451,7 +2423,6 @@ config("no_rtti") {
 # to heap-allocated memory are passed over shared library boundaries.
 config("export_dynamic") {
   if (is_linux || export_libcxxabi_from_executables) {
-    ldflags = [ "-rdynamic" ]
   }
 }
 
@@ -2550,7 +2521,8 @@ config("wexit_time_destructors") {
 # gcc 4.9 and earlier had no way of suppressing this warning without
 # suppressing the rest of them.  Here we centralize the identification of
 # the gcc 4.9 toolchains.
-config("no_incompatible_pointer_warnings") {
+config("no_incompatible_pointer_warnings") { }
+config("xno_incompatible_pointer_warnings") {
   cflags = []
   if (is_clang) {
     cflags += [ "-Wno-incompatible-pointer-types" ]
@@ -2667,7 +2639,8 @@ if (is_win) {
   common_optimize_on_cflags += [ "-fno-math-errno" ]
 }
 
-config("default_stack_frames") {
+config("default_stack_frames") { }
+config("xdefault_stack_frames") {
   if (!is_win) {
     if (enable_frame_pointers) {
       cflags = [ "-fno-omit-frame-pointer" ]
@@ -2708,7 +2681,8 @@ config("default_stack_frames") {
 # [0]: https://pinpoint-dot-chromeperf.appspot.com/job/147634a8be0000
 # [1]: https://pinpoint-dot-chromeperf.appspot.com/job/132bc772be0000
 # [2]: https://crrev.com/c/5447532
-config("optimize") {
+config("optimize") { }
+config("xoptimize") {
   if (is_win) {
     # clang-cl's /O2 corresponds to clang's -O3, and really want -O2 for
     # consistency with the other platforms.
@@ -2757,7 +2731,8 @@ config("optimize") {
 }
 
 # Turn off optimizations.
-config("no_optimize") {
+config("no_optimize") { }
+config("xno_optimize") {
   if (is_win) {
     cflags = [
       "/Od",  # Disable optimization.
@@ -2792,7 +2767,8 @@ config("no_optimize") {
 # Turns up the optimization level. Used to explicitly enable -O2 instead of
 # -Os for select targets on platforms that use optimize_for_size. No-op
 # elsewhere.
-config("optimize_max") {
+config("optimize_max") { }
+config("xoptimize_max") {
   if (is_nacl && is_nacl_irt) {
     # The NaCl IRT is a special case and always wants its own config.
     # Various components do:
@@ -2825,7 +2801,8 @@ config("optimize_max") {
 #
 # TODO(crbug.com/41259697) - rework how all of these configs are related
 # so that we don't need this disclaimer.
-config("optimize_speed") {
+config("optimize_speed") { }
+config("xoptimize_speed") {
   if (is_nacl && is_nacl_irt) {
     # The NaCl IRT is a special case and always wants its own config.
     # Various components do:
@@ -2854,7 +2831,8 @@ config("optimize_speed") {
   }
 }
 
-config("optimize_fuzzing") {
+config("optimize_fuzzing") { }
+config("xoptimize_fuzzing") {
   cflags = [ "-O1" ] + common_optimize_on_cflags
   rustflags = [ "-Copt-level=1" ]
   ldflags = common_optimize_on_ldflags
@@ -2985,7 +2963,8 @@ config("win_pdbaltpath") {
 }
 
 # Full symbols.
-config("symbols") {
+config("symbols") { cflags = ["-g2"] }
+config("xsymbols") {
   rustflags = []
   configs = []
   if (is_win) {
@@ -3159,7 +3138,8 @@ config("symbols") {
 # Minimal symbols.
 # This config guarantees to hold symbol for stack trace which are shown to user
 # when crash happens in unittests running on buildbot.
-config("minimal_symbols") {
+config("minimal_symbols") { cflags = ["-g1"] }
+config("xminimal_symbols") {
   rustflags = []
   if (is_win) {
     # Functions, files, and line tables only.
@@ -3244,7 +3224,8 @@ config("minimal_symbols") {
 # This configuration contains function names only. That is, the compiler is
 # told to not generate debug information and the linker then just puts function
 # names in the final debug information.
-config("no_symbols") {
+config("no_symbols") { cflags = ["-g0"]}
+config("xno_symbols") {
   if (is_win) {
     ldflags = [ "/DEBUG" ]