From 936433a5deb6ccc8f8476096f2c2b8dc72c33388 Mon Sep 17 00:00:00 2001 From: zorz Date: Thu, 2 Apr 2026 01:11:55 +0300 Subject: chromium musl --- chromium/.footprint | 32 +++ chromium/.signature | 9 + chromium/MAKEPKG | 228 +++++++++++++++++++++ chromium/patches/008-fstatat64.patch | 17 ++ chromium/patches/016-musl-sandbox.patch | 113 ++++++++++ chromium/patches/017-musl-tid-caching.patch | 85 ++++++++ chromium/patches/019-musl-no-execinfo.patch | 68 ++++++ chromium/patches/020-musl-no-mallinfo.patch | 93 +++++++++ chromium/patches/021-musl-no-res-ninit.patch | 32 +++ chromium/patches/022-no-sandbox-settls.patch | 16 ++ chromium/patches/027-temp-failure-retry.patch | 22 ++ .../patches/033-perfetto-get-thread-name.patch | 22 ++ chromium/patches/035-breakpad-no-getcontext.patch | 27 +++ chromium/patches/disable-dns_config_service.patch | 19 ++ chromium/patches/llvm21-fixes.patch | 44 ++++ chromium/patches/noclanglibs.patch | 15 ++ chromium/patches/sanitizer-no-death-callback.patch | 22 ++ chromium/patches/terminal-fdset.patch | 10 + 18 files changed, 874 insertions(+) create mode 100644 chromium/.footprint create mode 100644 chromium/.signature create mode 100644 chromium/MAKEPKG create mode 100644 chromium/patches/008-fstatat64.patch create mode 100644 chromium/patches/016-musl-sandbox.patch create mode 100644 chromium/patches/017-musl-tid-caching.patch create mode 100644 chromium/patches/019-musl-no-execinfo.patch create mode 100644 chromium/patches/020-musl-no-mallinfo.patch create mode 100644 chromium/patches/021-musl-no-res-ninit.patch create mode 100644 chromium/patches/022-no-sandbox-settls.patch create mode 100644 chromium/patches/027-temp-failure-retry.patch create mode 100644 chromium/patches/033-perfetto-get-thread-name.patch create mode 100644 chromium/patches/035-breakpad-no-getcontext.patch create mode 100644 chromium/patches/disable-dns_config_service.patch create mode 100644 chromium/patches/llvm21-fixes.patch create mode 100644 chromium/patches/noclanglibs.patch create mode 100644 chromium/patches/sanitizer-no-death-callback.patch create mode 100644 chromium/patches/terminal-fdset.patch diff --git a/chromium/.footprint b/chromium/.footprint new file mode 100644 index 0000000..c7202b9 --- /dev/null +++ b/chromium/.footprint @@ -0,0 +1,32 @@ +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/bin/ +-rwxr-xr-x root/root usr/bin/chromium +drwxr-xr-x root/root usr/lib/ +drwxr-xr-x root/root usr/lib/chromium/ +-rwxr-xr-x root/root usr/lib/chromium/chrome +-rw-r--r-- root/root usr/lib/chromium/chrome_100_percent.pak +-rw-r--r-- root/root usr/lib/chromium/chrome_200_percent.pak +-rwxr-xr-x root/root usr/lib/chromium/chrome_crashpad_handler +-rw-r--r-- root/root usr/lib/chromium/headless_command_resources.pak +-rw-r--r-- root/root usr/lib/chromium/icudtl.dat +-rw-r--r-- root/root usr/lib/chromium/libEGL.so +-rw-r--r-- root/root usr/lib/chromium/libGLESv2.so +-rw-r--r-- root/root usr/lib/chromium/libVkICD_mock_icd.so +-rw-r--r-- root/root usr/lib/chromium/libVkLayer_khronos_validation.so +-rw-r--r-- root/root usr/lib/chromium/libvk_swiftshader.so +-rw-r--r-- root/root usr/lib/chromium/libvulkan.so.1 +-rw-r--r-- root/root usr/lib/chromium/resources.pak +-rw-r--r-- root/root usr/lib/chromium/snapshot_blob.bin +-rw-r--r-- root/root usr/lib/chromium/v8_context_snapshot.bin +-rw-r--r-- root/root usr/lib/chromium/vk_swiftshader_icd.json +-rwxr-xr-x root/root usr/lib/chromium/xdg-mime +-rwxr-xr-x root/root usr/lib/chromium/xdg-settings +drwxr-xr-x root/root usr/lib/chromium/locales/ +-rw-r--r-- root/root usr/lib/chromium/locales/el.pak +-rw-r--r-- root/root usr/lib/chromium/locales/el_FEMININE.pak +-rw-r--r-- root/root usr/lib/chromium/locales/el_MASCULINE.pak +-rw-r--r-- root/root usr/lib/chromium/locales/el_NEUTER.pak +-rw-r--r-- root/root usr/lib/chromium/locales/en-US.pak +-rw-r--r-- root/root usr/lib/chromium/locales/en-US_FEMININE.pak +-rw-r--r-- root/root usr/lib/chromium/locales/en-US_MASCULINE.pak +-rw-r--r-- root/root usr/lib/chromium/locales/en-US_NEUTER.pak diff --git a/chromium/.signature b/chromium/.signature new file mode 100644 index 0000000..064f303 --- /dev/null +++ b/chromium/.signature @@ -0,0 +1,9 @@ +untrusted comment: verify with zorz.pub +RWTZ9IduCSQ/mCt+MgmxBCIacoMiOpx/pJrUjF2156FsIgXHCpa5qubj+P0qLEMcjEuigwxGpU7wggR655yIeh8pB027Dd2/OQI= + +SHA256 (MAKEPKG) = 2c8217075139a73fd4a4333c38f7a6a37b8145192cd4e9664efdc608b54e79e1 +SHA256 (.footprint) = bc40549f131fb1b986f7944ffd59685b8a2d183a21de2cf12403c5e1dda76df4 +SHA256 (chromium-145.0.7632.159-linux.tar.xz) = ea7350702cb827c94b786fc1fa51c24c0401e782c9c08dd7ca25a676da4a8f8c +SHA256 (wasm-node-4.53.3.tgz) = 04b101456db24503a6facaade777f4bfb58909195208d4dbbf7dc4217bf71289 +SHA256 (145.4.tar.gz) = bd7bd0984d048d6844195f4aa18b24a0f56603814c243ed32190746d8ba8d7c5 +SHA256 (chromium-patches-145.tar.gz) = 96d6562120964b0c9e1a2bedf4335e0bf20f5e7d67a443bb26c651b0167a6a6b diff --git a/chromium/MAKEPKG b/chromium/MAKEPKG new file mode 100644 index 0000000..4674fe9 --- /dev/null +++ b/chromium/MAKEPKG @@ -0,0 +1,228 @@ +#!/bin/mkpkg +# description: Open-source web browser +# url: https://www.chromium.org/ +# +# Patches: +# copium — musl basics (Alpine/selfisekai) +# gentoo — system toolchain support (Matt Jolly) +# patches/ — musl deep fixes (Chimera cports + flux) + +name=chromium +version=146.0.7680.164 +release=1 +_copium=146.4 +_gentoo=146-1 +depends=(gtk3 nss nspr harfbuzz icu libpng libjpeg-turbo libwebp + zlib libxml2 fontconfig freetype libffi libxkbcommon alsa-lib + wayland mesa libdrm dbus) +makedeps=(gn ninja rust rust-bindgen python3 nodejs flatbuffers gperf + bsd-headers gcc-compat) +source=(https://github.com/chromium-linux-tarballs/chromium-tarballs/releases/download/$version/chromium-$version-linux.tar.xz + https://registry.npmjs.org/@rollup/wasm-node/-/wasm-node-4.53.3.tgz + https://codeberg.org/selfisekai/copium/archive/$_copium.tar.gz + https://gitlab.com/Matt.Jolly/chromium-patches/-/archive/$_gentoo/chromium-patches-$_gentoo.tar.gz) + +patch() { + cd chromium-$version + + # Replace bundled rollup with wasm-node (pure WASM — no native binary needed on musl) + rm -rf third_party/devtools-frontend/src/node_modules/rollup + cp -a "$SRC"/package \ + third_party/devtools-frontend/src/node_modules/rollup + + # Copium patches (musl basics) + for p in "$SRC"/copium/cr*.patch; do + case "$p" in *rust-pre1.8*|*rust-pre1.90*|*no-unrar*) continue ;; esac + patch -Np1 -i "$p" + done + + # Gentoo patches (system toolchain) + patch -Np1 -i "$SRC"/chromium-patches-$_gentoo/chromium-145-compiler.patch + patch -Np1 -i "$SRC"/chromium-patches-$_gentoo/chromium-144-bindgen-custom-toolchain.patch + patch -Np1 -i "$SRC"/chromium-patches-$_gentoo/chromium-117-material-color-include.patch + patch -Np1 -i "$SRC"/chromium-patches-$_gentoo/chromium-145-revert-rustfmt.patch || true + + # flux musl patches + for p in \ + 008-fstatat64 \ + 016-musl-sandbox \ + 017-musl-tid-caching \ + 019-musl-no-execinfo \ + 020-musl-no-mallinfo \ + 021-musl-no-res-ninit \ + 022-no-sandbox-settls \ + 027-temp-failure-retry \ + 033-perfetto-get-thread-name \ + 035-breakpad-no-getcontext \ + disable-dns_config_service \ + noclanglibs \ + sanitizer-no-death-callback \ + terminal-fdset \ + llvm21-fixes \ + ; do + patch -Np1 -i "$PKGMK_SOURCE_DIR"/patches/$p.patch + done + + # Rust target triple + sed -i 's/unknown-linux-gnu/unknown-linux-musl/g' build/config/rust.gni + echo 'x86_64-unknown-linux-musl' >> build/rust/known-target-triples.txt + + # Enable nightly Rust features + sed -i '1a import os; os.environ["RUSTC_BOOTSTRAP"] = "1"' \ + build/rust/gni_impl/rustc_wrapper.py + + # Strip -Werror + sed -i 's/-Werror//g' build/config/compiler/BUILD.gn + + # musl: libc++ rune table + sed -i '1i #define _LIBCPP_PROVIDES_DEFAULT_RUNE_TABLE' \ + third_party/libc++/src/include/__config + + # musl: guard glibc-only stack trace helper + sed -i 's/OutputToStreamWithPrefixImpl(os, prefix_string);/#if defined(__GLIBC__)\n OutputToStreamWithPrefixImpl(os, prefix_string);\n#endif/' \ + base/debug/stack_trace.cc + + # Fix dbus::Bus incomplete type + sed -i '/chrome_browser_main_linux.h/a #include "dbus/bus.h"' \ + chrome/browser/chrome_browser_main_linux.cc +} + +sha256sums=( + "ea7350702cb827c94b786fc1fa51c24c0401e782c9c08dd7ca25a676da4a8f8c" + "04b101456db24503a6facaade777f4bfb58909195208d4dbbf7dc4217bf71289" + "bd7bd0984d048d6844195f4aa18b24a0f56603814c243ed32190746d8ba8d7c5" + "96d6562120964b0c9e1a2bedf4335e0bf20f5e7d67a443bb26c651b0167a6a6b" +) + +build() { + cd chromium-$version + + export CC=clang CXX=clang++ AR=llvm-ar NM=llvm-nm RANLIB=llvm-ranlib LD=ld.lld + export CFLAGS="-O2 -pipe -Wno-unknown-warning-option -Wno-builtin-macro-redefined -Wno-deprecated-declarations" + export CXXFLAGS="$CFLAGS -Wno-invalid-constexpr" + export LDFLAGS="-fuse-ld=lld" + export RUSTC_BOOTSTRAP=1 + export DEPOT_TOOLS_UPDATE=0 + export VPYTHON_BYPASS="manually managed python not supported by chrome operations" + export PKG_CONFIG_PATH=/lib/pkgconfig:/usr/lib/pkgconfig:/usr/share/pkgconfig + export HOME="$PWD"/fake-home && mkdir -p "$HOME" + + # System node + toolchain stubs + mkdir -p third_party/node/linux/node-linux-x64/bin + ln -sf /usr/bin/node third_party/node/linux/node-linux-x64/bin/node + mkdir -p third_party/llvm-build/Release+Asserts/bin + ln -sf /usr/bin/clang third_party/llvm-build/Release+Asserts/bin/ + ln -sf /usr/bin/clang++ third_party/llvm-build/Release+Asserts/bin/ + + # Stub node version check + printf '#!/usr/bin/env python3\nimport sys; open(sys.argv[sys.argv.index("--out_file")+1], "w").write("ok")\n' \ + > third_party/node/check_version.py + + mkdir -p out/Release + cat > out/Release/args.gn << EOF +is_clang = true +use_lld = true +is_debug = false +is_official_build = true +symbol_level = 0 +is_musl = true +custom_toolchain = "//build/toolchain/linux/unbundle:default" +host_toolchain = "//build/toolchain/linux/unbundle:default" +rust_sysroot_absolute = "$(rustc --print sysroot)" +rust_bindgen_root = "/usr" +bindgen_libclang_path = "/usr/lib" +clang_base_path = "/usr" +rustc_version = "0" +use_sysroot = false +treat_warnings_as_errors = false +fatal_linker_warnings = false +clang_use_chrome_plugins = false +use_custom_libcxx = true +use_safe_libstdcxx = false +chrome_pgo_phase = 0 +is_cfi = false +use_thin_lto = false +use_clang_modules = false +blink_enable_generated_code_formatting = false +use_system_harfbuzz = true +use_system_libffi = true +use_bundled_fontconfig = false +use_ozone = true +ozone_platform_wayland = true +ozone_platform_x11 = false +ozone_platform_headless = true +use_xkbcommon = true +use_alsa = true +use_pulseaudio = false +rtc_use_pipewire = false +use_vaapi = true +use_dbus = true +use_cups = false +use_kerberos = false +enable_widevine = false +enable_hangout_services_extension = false +enable_nocompile_tests = false +safe_browsing_use_unrar = false +proprietary_codecs = true +ffmpeg_branding = "Chrome" +enable_ml_internal = false +target_cpu = "x64" +EOF + + gn gen out/Release || return 1 + + # Remove bogus -I/include from generated ninja files + find out/Release -name '*.ninja' -exec sed -i 's| -I/include||g; s| -isystem/include||g' {} + + + # System flatbuffers + ln -sf /usr/bin/flatc out/Release/flatc + + ulimit -n 4096 + ninja -C out/Release -j8 chrome chrome_crashpad_handler || return 1 + + # Install + d="$PKG/usr/lib/chromium" + install -d "$d" "$PKG/usr/bin" + + install -m755 out/Release/chrome "$d/" + install -m755 out/Release/chrome_crashpad_handler "$d/" + + # Data files + install -m644 out/Release/*.pak "$d/" + install -m644 out/Release/*.bin "$d/" 2>/dev/null || true + [ -f out/Release/icudtl.dat ] && install -m644 out/Release/icudtl.dat "$d/" + + # Shared libraries (skip .TOC build artifacts) + for f in out/Release/*.so out/Release/*.so.*; do + [ -f "$f" ] && case "$f" in *.TOC) continue ;; esac && install -m644 "$f" "$d/" + done + + # Vulkan SwiftShader ICD + [ -f out/Release/vk_swiftshader_icd.json ] && install -m644 out/Release/vk_swiftshader_icd.json "$d/" + + # XDG helpers + for f in xdg-mime xdg-settings; do + [ -f out/Release/$f ] && install -m755 out/Release/$f "$d/" + done + + # Locales — only en-US and el (Greek) + install -d "$d/locales" + for loc in en-US el; do + install -m644 out/Release/locales/${loc}.pak "$d/locales/" + for v in FEMININE MASCULINE NEUTER; do + [ -f out/Release/locales/${loc}_${v}.pak ] && \ + install -m644 out/Release/locales/${loc}_${v}.pak "$d/locales/" + done + done + + # Wrapper + printf '#!/bin/sh\nexec /usr/lib/chromium/chrome --ozone-platform-hint=auto "$@"\n' > "$PKG/usr/bin/chromium" + chmod 755 "$PKG/usr/bin/chromium" +} + +signify() { + untrusted comment: public key + RWTZ9IduCSQ/mL8337TEUinPwT92xFEUpD92hkS7IxcOnzTt9QdpohT3 +} + +# vim: filetype=sh diff --git a/chromium/patches/008-fstatat64.patch b/chromium/patches/008-fstatat64.patch new file mode 100644 index 0000000..1627ffa --- /dev/null +++ b/chromium/patches/008-fstatat64.patch @@ -0,0 +1,17 @@ +fstatat64 is macrod to fstatat in sys/stat.h in musl- but then that fstatat is +used in the _syscall4 macro mapping to __NR_$name, and __NR_fstatat is not +defined anywhere here, as it wants the 64 name. + +so, just let it keep the name with an undef of the stat.h macro, then the macro +expansion below evaluates correctly. +--- a/third_party/lss/linux_syscall_support.h ++++ b/third_party/lss/linux_syscall_support.h +@@ -4947,7 +4947,8 @@ + # endif + #endif + #if defined(__NR_fstatat64) ++ #undef fstatat64 + LSS_INLINE _syscall4(int, fstatat64, int, d, + const char *, p, + struct kernel_stat64 *, b, int, f) + #endif diff --git a/chromium/patches/016-musl-sandbox.patch b/chromium/patches/016-musl-sandbox.patch new file mode 100644 index 0000000..41abc50 --- /dev/null +++ b/chromium/patches/016-musl-sandbox.patch @@ -0,0 +1,113 @@ +musl uses different syscalls from glibc for some functions, so the sandbox has +to account for that +-- +diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +index ff5a1c0..da56b9b 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc ++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_parameters_restrictions.cc +@@ -139,21 +139,11 @@ namespace sandbox { + // present (as in newer versions of posix_spawn). + ResultExpr RestrictCloneToThreadsAndEPERMFork() { + const Arg flags(0); +- +- // TODO(mdempsky): Extend DSL to support (flags & ~mask1) == mask2. +- const uint64_t kAndroidCloneMask = CLONE_VM | CLONE_FS | CLONE_FILES | +- CLONE_SIGHAND | CLONE_THREAD | +- CLONE_SYSVSEM; +- const uint64_t kObsoleteAndroidCloneMask = kAndroidCloneMask | CLONE_DETACHED; +- +- const uint64_t kGlibcPthreadFlags = +- CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | CLONE_THREAD | +- CLONE_SYSVSEM | CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID; +- const BoolExpr glibc_test = flags == kGlibcPthreadFlags; +- +- const BoolExpr android_test = +- AnyOf(flags == kAndroidCloneMask, flags == kObsoleteAndroidCloneMask, +- flags == kGlibcPthreadFlags); ++ const int required = CLONE_VM | CLONE_FS | CLONE_FILES | CLONE_SIGHAND | ++ CLONE_THREAD | CLONE_SYSVSEM; ++ const int safe = CLONE_SETTLS | CLONE_PARENT_SETTID | CLONE_CHILD_CLEARTID | ++ CLONE_DETACHED; ++ const BoolExpr thread_clone_ok = (flags&~safe)==required; + + // The following two flags are the two important flags in any vfork-emulating + // clone call. EPERM any clone call that contains both of them. +@@ -163,7 +153,7 @@ ResultExpr RestrictCloneToThreadsAndEPERMFork() { + AnyOf((flags & (CLONE_VM | CLONE_THREAD)) == 0, + (flags & kImportantCloneVforkFlags) == kImportantCloneVforkFlags); + +- return If(IsAndroid() ? android_test : glibc_test, Allow()) ++ return If(thread_clone_ok, Allow()) + .ElseIf(is_fork_or_clone_vfork, Error(EPERM)) + .Else(CrashSIGSYSClone()); + } +diff --git a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +index d9d1882..0567557 100644 +--- a/sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc ++++ ./sandbox/linux/seccomp-bpf-helpers/syscall_sets.cc +@@ -392,6 +392,7 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { + #if defined(__i386__) + case __NR_waitpid: + #endif ++ case __NR_set_tid_address: + return true; + case __NR_clone: // Should be parameter-restricted. + case __NR_setns: // Privileged. +@@ -404,7 +405,6 @@ bool SyscallSets::IsAllowedProcessStartOrDeath(int sysno) { + #if defined(__i386__) || defined(__x86_64__) || defined(__mips__) + case __NR_set_thread_area: + #endif +- case __NR_set_tid_address: + case __NR_unshare: + #if !defined(__mips__) && !defined(__aarch64__) + case __NR_vfork: +@@ -514,6 +514,8 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { + case __NR_munlock: + case __NR_munmap: + case __NR_mseal: ++ case __NR_mremap: ++ case __NR_membarrier: + return true; + case __NR_madvise: + case __NR_mincore: +@@ -531,7 +533,6 @@ bool SyscallSets::IsAllowedAddressSpaceAccess(int sysno) { + case __NR_modify_ldt: + #endif + case __NR_mprotect: +- case __NR_mremap: + case __NR_msync: + case __NR_munlockall: + case __NR_readahead: +--- a/sandbox/policy/linux/bpf_renderer_policy_linux.cc ++++ b/sandbox/policy/linux/bpf_renderer_policy_linux.cc +@@ -94,6 +94,10 @@ + case __NR_pwrite64: ++ case __NR_pwritev2: + case __NR_sched_get_priority_max: + case __NR_sched_get_priority_min: ++ case __NR_sched_getparam: ++ case __NR_sched_getscheduler: ++ case __NR_sched_setscheduler: + case __NR_sysinfo: + case __NR_times: + case __NR_uname: +--- a/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc ++++ b/sandbox/linux/seccomp-bpf-helpers/baseline_policy.cc +@@ -225,10 +225,15 @@ + if (sysno == __NR_getpriority || sysno ==__NR_setpriority) + return RestrictGetSetpriority(current_pid); + ++ // XXX: hacks for musl sandbox, calls needed? ++ if (sysno == __NR_sched_getparam || sysno == __NR_sched_getscheduler || ++ sysno == __NR_sched_setscheduler) { ++ return Allow(); ++ } ++ + // The scheduling syscalls are used in threading libraries and also heavily in + // abseil. See for example https://crbug.com/1370394. +- if (sysno == __NR_sched_getaffinity || sysno == __NR_sched_getparam || +- sysno == __NR_sched_getscheduler || sysno == __NR_sched_setscheduler) { ++ if (sysno == __NR_sched_getaffinity) { + return RestrictSchedTarget(current_pid, sysno); + } + diff --git a/chromium/patches/017-musl-tid-caching.patch b/chromium/patches/017-musl-tid-caching.patch new file mode 100644 index 0000000..498ce82 --- /dev/null +++ b/chromium/patches/017-musl-tid-caching.patch @@ -0,0 +1,85 @@ +the sandbox caching of thread id's only works with glibc +see: https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/32356 +see: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13579 +-- +--- a/sandbox/linux/services/namespace_sandbox.cc ++++ b/sandbox/linux/services/namespace_sandbox.cc +@@ -209,6 +209,70 @@ + return base::LaunchProcess(argv, launch_options_copy); + } + ++#if defined(__aarch64__) ++#define TLS_ABOVE_TP ++#endif ++ ++struct musl_pthread ++{ ++ /* Part 1 -- these fields may be external or ++ * internal (accessed via asm) ABI. Do not change. */ ++ struct pthread *self; ++#ifndef TLS_ABOVE_TP ++ uintptr_t *dtv; ++#endif ++ struct pthread *prev, *next; /* non-ABI */ ++ uintptr_t sysinfo; ++#ifndef TLS_ABOVE_TP ++#ifdef CANARY_PAD ++ uintptr_t canary_pad; ++#endif ++ uintptr_t canary; ++#endif ++ ++/* Part 2 -- implementation details, non-ABI. */ ++ int tid; ++ int errno_val; ++ volatile int detach_state; ++ volatile int cancel; ++ volatile unsigned char canceldisable, cancelasync; ++ unsigned char tsd_used:1; ++ unsigned char dlerror_flag:1; ++ unsigned char *map_base; ++ size_t map_size; ++ void *stack; ++ size_t stack_size; ++ size_t guard_size; ++ void *result; ++ struct __ptcb *cancelbuf; ++ void **tsd; ++ struct { ++ volatile void *volatile head; ++ long off; ++ volatile void *volatile pending; ++ } robust_list; ++ int h_errno_val; ++ volatile int timer_id; ++ locale_t locale; ++ volatile int killlock[1]; ++ char *dlerror_buf; ++ void *stdio_locks; ++ ++ /* Part 3 -- the positions of these fields relative to ++ * the end of the structure is external and internal ABI. */ ++#ifdef TLS_ABOVE_TP ++ uintptr_t canary; ++ uintptr_t *dtv; ++#endif ++}; ++ ++void MaybeUpdateMuslTidCache() ++{ ++ pid_t real_tid = sys_gettid(); ++ pid_t* cached_tid_location = &reinterpret_cast(pthread_self())->tid; ++ *cached_tid_location = real_tid; ++} ++ + // static + pid_t NamespaceSandbox::ForkInNewPidNamespace(bool drop_capabilities_in_child) { + const pid_t pid = +@@ -226,6 +290,7 @@ + #if defined(LIBC_GLIBC) + MaybeUpdateGlibcTidCache(); + #endif ++ MaybeUpdateMuslTidCache(); + return 0; + } + diff --git a/chromium/patches/019-musl-no-execinfo.patch b/chromium/patches/019-musl-no-execinfo.patch new file mode 100644 index 0000000..7447919 --- /dev/null +++ b/chromium/patches/019-musl-no-execinfo.patch @@ -0,0 +1,68 @@ +musl does not have execinfo.h, and hence no implementation of +. backtrace() +. backtrace_symbols() +for discussion about this, see https://www.openwall.com/lists/musl/2021/07/16/1 +-- +--- a/v8/src/codegen/external-reference-table.cc ++++ b/v8/src/codegen/external-reference-table.cc +@@ -11,7 +11,9 @@ + + #if defined(DEBUG) && defined(V8_OS_LINUX) && !defined(V8_OS_ANDROID) + #define SYMBOLIZE_FUNCTION ++#if defined(__GLIBC__) + #include ++#endif + + #include + +@@ -96,7 +98,7 @@ + } + + const char* ExternalReferenceTable::ResolveSymbol(void* address) { +-#ifdef SYMBOLIZE_FUNCTION ++#if defined(SYMBOLIZE_FUNCTION) && defined(__GLIBC__) + char** names = backtrace_symbols(&address, 1); + const char* name = names[0]; + // The array of names is malloc'ed. However, each name string is static +--- a/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h ++++ b/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h +@@ -58,7 +58,7 @@ + #define HAVE_ERRNO_H 1 + + /* Define to 1 if you have the header file. */ +-#define HAVE_EXECINFO_H 1 ++/* #define HAVE_EXECINFO_H 1 */ + + /* Define to 1 if you have the header file. */ + #define HAVE_FCNTL_H 1 +--- a/base/debug/stack_trace.cc ++++ b/base/debug/stack_trace.cc +@@ -291,7 +291,9 @@ + } + + void StackTrace::OutputToStream(std::ostream* os) const { ++#if defined(__GLIBC__) + OutputToStreamWithPrefix(os, {}); ++#endif + } + + void StackTrace::OutputToStreamWithPrefix(std::ostream* os, +@@ -311,7 +313,7 @@ + + std::string StackTrace::ToStringWithPrefix(cstring_view prefix_string) const { + std::stringstream stream; +-#if !defined(__UCLIBC__) && !defined(_AIX) ++#if defined(__GLIBC__) && !defined(_AIX) + OutputToStreamWithPrefix(&stream, prefix_string); + #endif + return stream.str(); +@@ -335,7 +335,7 @@ + } + + std::ostream& operator<<(std::ostream& os, const StackTrace& s) { +-#if !defined(__UCLIBC__) && !defined(_AIX) ++#if defined(__GLIBC__) && !defined(_AIX) + s.OutputToStream(&os); + #else + os << "StackTrace::OutputToStream not implemented."; + diff --git a/chromium/patches/020-musl-no-mallinfo.patch b/chromium/patches/020-musl-no-mallinfo.patch new file mode 100644 index 0000000..dc18ca5 --- /dev/null +++ b/chromium/patches/020-musl-no-mallinfo.patch @@ -0,0 +1,93 @@ +musl does not implement mallinfo()/mallinfo2() +(or rather, malloc-ng, musl's allocator, doesn't) + +for some reason only outside of x86_64 HAVE_MALLINFO gets weirdly set by something +-- +--- a/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.cc +@@ -646,7 +645,7 @@ SHIM_ALWAYS_EXPORT int mallopt(int cmd, int value) __THROW { + + #endif // !PA_BUILDFLAG(IS_APPLE) && !PA_BUILDFLAG(IS_ANDROID) + +-#if PA_BUILDFLAG(IS_LINUX) || PA_BUILDFLAG(IS_CHROMEOS) ++#if 0 + SHIM_ALWAYS_EXPORT struct mallinfo mallinfo(void) __THROW { + partition_alloc::SimplePartitionStatsDumper allocator_dumper; + Allocator()->DumpStats("malloc", true, &allocator_dumper); +--- a/base/process/process_metrics_posix.cc ++++ b/base/process/process_metrics_posix.cc +@@ -106,7 +107,8 @@ void IncreaseFdLimitTo(unsigned int max_descriptors) { + + #endif // !BUILDFLAG(IS_FUCHSIA) + +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID) ++#if (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) || \ ++ BUILDFLAG(IS_ANDROID) + namespace { + + size_t GetMallocUsageMallinfo() { +@@ -132,7 +134,8 @@ size_t ProcessMetrics::GetMallocUsage() { + malloc_statistics_t stats = {0}; + malloc_zone_statistics(nullptr, &stats); + return stats.size_in_use; +-#elif BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_ANDROID) ++#elif (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) || \ ++ BUILDFLAG(IS_ANDROID) + return GetMallocUsageMallinfo(); + #elif BUILDFLAG(IS_FUCHSIA) + // TODO(fuchsia): Not currently exposed. https://crbug.com/735087. +diff --git a/base/trace_event/malloc_dump_provider.cc b/base/trace_event/malloc_dump_provider.cc +index e37fc69c00..394f5dfdbb 100644 +--- a/base/trace_event/malloc_dump_provider.cc ++++ b/base/trace_event/malloc_dump_provider.cc +@@ -189,7 +188,6 @@ void ReportMallinfoStats(ProcessMemoryDump* pmd, + #define MALLINFO2_FOUND_IN_LIBC + struct mallinfo2 info = mallinfo2(); + #endif +-#endif // defined(__GLIBC__) && defined(__GLIBC_PREREQ) + #if !defined(MALLINFO2_FOUND_IN_LIBC) + struct mallinfo info = mallinfo(); + #endif +@@ -211,6 +209,7 @@ void ReportMallinfoStats(ProcessMemoryDump* pmd, + MemoryAllocatorDump::kUnitsBytes, + total_allocated_size); + } ++#endif // defined(__GLIBC__) && defined(__GLIBC_PREREQ) + } + #endif + +@@ -368,7 +367,7 @@ bool MallocDumpProvider::OnMemoryDump(const MemoryDumpArgs& args, + &allocated_objects_count); + #elif BUILDFLAG(IS_FUCHSIA) + // TODO(fuchsia): Port, see https://crbug.com/706592. +-#else ++#elif defined(__GLIBC__) + ReportMallinfoStats(/*pmd=*/nullptr, &total_virtual_size, &resident_size, + &allocated_objects_size, &allocated_objects_count); + #endif +--- a/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h ++++ b/third_party/swiftshader/third_party/llvm-subzero/build/Linux/include/llvm/Config/config.h +@@ -133,7 +133,6 @@ + /* #undef HAVE_MALLCTL */ + + /* Define to 1 if you have the `mallinfo' function. */ +-#define HAVE_MALLINFO 1 + + /* Some projects using SwiftShader bypass cmake (eg Chromium via gn) */ + /* so we need to check glibc version for the new API to be safe */ +--- a/third_party/swiftshader/third_party/llvm-10.0/llvm/lib/Support/Unix/Process.inc ++++ b/third_party/swiftshader/third_party/llvm-10.0/llvm/lib/Support/Unix/Process.inc +@@ -83,11 +83,11 @@ Expected Process::getPageSize() { + } + + size_t Process::GetMallocUsage() { +-#if defined(HAVE_MALLINFO2) ++#if 0 + struct mallinfo2 mi; + mi = ::mallinfo2(); + return mi.uordblks; +-#elif defined(HAVE_MALLINFO) ++#elif 0 + struct mallinfo mi; + mi = ::mallinfo(); + return mi.uordblks; diff --git a/chromium/patches/021-musl-no-res-ninit.patch b/chromium/patches/021-musl-no-res-ninit.patch new file mode 100644 index 0000000..d74f6cd --- /dev/null +++ b/chromium/patches/021-musl-no-res-ninit.patch @@ -0,0 +1,32 @@ +similar to dns-resolver.patch, musl doesn't have res_ninit and so on +-- +--- a/net/dns/public/scoped_res_state.cc ++++ b/net/dns/public/scoped_res_state.cc +@@ -13,7 +13,7 @@ + namespace net { + + ScopedResState::ScopedResState() { +-#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA) ++#if BUILDFLAG(IS_OPENBSD) || BUILDFLAG(IS_FUCHSIA) || defined(_GNU_SOURCE) + // Note: res_ninit in glibc always returns 0 and sets RES_INIT. + // res_init behaves the same way. + memset(&_res, 0, sizeof(_res)); +@@ -25,16 +25,8 @@ + } + + ScopedResState::~ScopedResState() { +-#if !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA) +- +- // Prefer res_ndestroy where available. +-#if BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD) +- res_ndestroy(&res_); +-#else +- res_nclose(&res_); +-#endif // BUILDFLAG(IS_APPLE) || BUILDFLAG(IS_FREEBSD) +- +-#endif // !BUILDFLAG(IS_OPENBSD) && !BUILDFLAG(IS_FUCHSIA) ++ // musl res_init() doesn't actually do anything ++ // no destruction is necessary as no memory has been allocated + } + + bool ScopedResState::IsValid() const { diff --git a/chromium/patches/022-no-sandbox-settls.patch b/chromium/patches/022-no-sandbox-settls.patch new file mode 100644 index 0000000..f04e105 --- /dev/null +++ b/chromium/patches/022-no-sandbox-settls.patch @@ -0,0 +1,16 @@ +this optimisation of CLONE_SETTLS is not valid used like this, and musl +clone(3) will EINVAL on this use +-- +diff --git a/sandbox/linux/services/credentials.cc b/sandbox/linux/services/credentials.cc +index 7f925cc..993a9ee 100644 +--- a/sandbox/linux/services/credentials.cc ++++ b/sandbox/linux/services/credentials.cc +@@ -104,7 +104,7 @@ bool ChrootToSafeEmptyDir() { + // glibc performs syscalls by calling a function pointer in TLS, so we do not + // attempt this optimization. + // TODO(crbug.com/40196869) Broken in MSan builds after LLVM f1bb30a4956f. +- clone_flags |= CLONE_VM | CLONE_VFORK | CLONE_SETTLS; ++ clone_flags |= CLONE_VM | CLONE_VFORK; + + char tls_buf[PTHREAD_STACK_MIN_CONST] = {}; + tls = tls_buf; diff --git a/chromium/patches/027-temp-failure-retry.patch b/chromium/patches/027-temp-failure-retry.patch new file mode 100644 index 0000000..dc9ac6f --- /dev/null +++ b/chromium/patches/027-temp-failure-retry.patch @@ -0,0 +1,22 @@ +random glibc macro, not provided by musl. +https://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.html +diff --git a/sandbox/linux/suid/process_util.h b/sandbox/linux/suid/process_util.h +index b0b92c1bcc..db6a122ea8 100644 +--- a/sandbox/linux/suid/process_util.h ++++ b/sandbox/linux/suid/process_util.h +@@ -12,6 +12,15 @@ + #include + #include + ++#define TEMP_FAILURE_RETRY(expression) \ ++ (__extension__({ \ ++ long int __result; \ ++ do \ ++ __result = (long int)(expression); \ ++ while (__result == -1L && errno == EINTR); \ ++ __result; \ ++ })) ++ + // This adjusts /proc/process/oom_score_adj so the Linux OOM killer + // will prefer certain process types over others. The range for the + // adjustment is [-1000, 1000], with [0, 1000] being user accessible. diff --git a/chromium/patches/033-perfetto-get-thread-name.patch b/chromium/patches/033-perfetto-get-thread-name.patch new file mode 100644 index 0000000..4014d1e --- /dev/null +++ b/chromium/patches/033-perfetto-get-thread-name.patch @@ -0,0 +1,22 @@ +--- a/third_party/perfetto/include/perfetto/ext/base/thread_utils.h ++++ b/third_party/perfetto/include/perfetto/ext/base/thread_utils.h +@@ -30,7 +30,8 @@ + #include + #endif + +-#if PERFETTO_BUILDFLAG(PERFETTO_OS_ANDROID) ++#if PERFETTO_BUILDFLAG(PERFETTO_OS_ANDROID) || \ ++ (PERFETTO_BUILDFLAG(PERFETTO_OS_LINUX) && !defined(__GLIBC__)) + #include + #endif + +@@ -58,7 +59,8 @@ + + inline bool GetThreadName(std::string& out_result) { + char buf[16] = {}; +-#if PERFETTO_BUILDFLAG(PERFETTO_OS_ANDROID) ++#if PERFETTO_BUILDFLAG(PERFETTO_OS_ANDROID) || \ ++ (PERFETTO_BUILDFLAG(PERFETTO_OS_LINUX) && !defined(__GLIBC__)) + if (prctl(PR_GET_NAME, buf) != 0) + return false; + #else diff --git a/chromium/patches/035-breakpad-no-getcontext.patch b/chromium/patches/035-breakpad-no-getcontext.patch new file mode 100644 index 0000000..f9bc2e0 --- /dev/null +++ b/chromium/patches/035-breakpad-no-getcontext.patch @@ -0,0 +1,27 @@ +--- a/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc 2015-12-06 09:59:55.554536646 +0100 ++++ b/third_party/breakpad/breakpad/src/client/linux/handler/exception_handler.cc 2015-12-06 10:01:16.818238035 +0100 +@@ -477,7 +477,9 @@ bool ExceptionHandler::SimulateSignalDel + siginfo.si_code = SI_USER; + siginfo.si_pid = getpid(); + ucontext_t context; ++#if defined(__GLIBC__) + getcontext(&context); ++#endif + return HandleSignal(sig, &siginfo, &context); + } + +@@ -647,9 +649,14 @@ bool ExceptionHandler::WriteMinidump() { + sys_prctl(PR_SET_DUMPABLE, 1, 0, 0, 0); + + CrashContext context; ++ ++#if defined(__GLIBC__) + int getcontext_result = getcontext(&context.context); + if (getcontext_result) + return false; ++#else ++ return false; ++#endif + + #if defined(__i386__) + // In CPUFillFromUContext in minidumpwriter.cc the stack pointer is retrieved diff --git a/chromium/patches/disable-dns_config_service.patch b/chromium/patches/disable-dns_config_service.patch new file mode 100644 index 0000000..3c8e593 --- /dev/null +++ b/chromium/patches/disable-dns_config_service.patch @@ -0,0 +1,19 @@ +the linux one sometimes crashes, and this is optional/not required, so use the +stub fuschia one +https://gitlab.alpinelinux.org/alpine/aports/-/issues/15660 +-- +diff --git a/net/dns/BUILD.gn b/net/dns/BUILD.gn +index f36bf68..805d9a6 100644 +--- a/net/dns/BUILD.gn ++++ b/net/dns/BUILD.gn +@@ -130,8 +130,8 @@ source_set("dns") { + ] + } else if (is_linux) { + sources += [ +- "dns_config_service_linux.cc", +- "dns_config_service_linux.h", ++ "dns_config_service_fuchsia.cc", ++ "dns_config_service_fuchsia.h", + ] + } else if (is_posix) { + sources += [ diff --git a/chromium/patches/llvm21-fixes.patch b/chromium/patches/llvm21-fixes.patch new file mode 100644 index 0000000..01208af --- /dev/null +++ b/chromium/patches/llvm21-fixes.patch @@ -0,0 +1,44 @@ +diff --git a/components/autofill/core/browser/payments/full_card_request.cc b/components/autofill/core/browser/payments/full_card_request.cc +index 8b7319d..5a8ade3 100644 +--- a/components/autofill/core/browser/payments/full_card_request.cc ++++ b/components/autofill/core/browser/payments/full_card_request.cc +@@ -124,7 +124,7 @@ void FullCardRequest::GetFullCardImpl( + request_->card = std::move(card); + request_->last_committed_primary_main_frame_origin = + last_committed_primary_main_frame_origin; +- request_->context_token = std::move(context_token).value_or({}); ++ request_->context_token = std::move(context_token).value_or(std::string{}); + request_->selected_challenge_option = std::move(selected_challenge_option); + + should_unmask_card_ = request_->card.masked() || +diff --git a/ui/gfx/paint_vector_icon.cc b/ui/gfx/paint_vector_icon.cc +index eef47b4..710f070 100644 +--- a/ui/gfx/paint_vector_icon.cc ++++ b/ui/gfx/paint_vector_icon.cc +@@ -235,7 +235,7 @@ void PaintPath(Canvas* canvas, + break; + + case H_LINE_TO: { +- const SkPoint last_point = path.getLastPt().value_or({0, 0}); ++ const SkPoint last_point = path.getLastPt().value_or(SkPoint{0, 0}); + path.lineTo(arg(0), last_point.fY); + break; + } +@@ -245,7 +245,7 @@ void PaintPath(Canvas* canvas, + break; + + case V_LINE_TO: { +- const SkPoint last_point = path.getLastPt().value_or({0, 0}); ++ const SkPoint last_point = path.getLastPt().value_or(SkPoint{0, 0}); + path.lineTo(last_point.fX, arg(0)); + break; + } +@@ -273,7 +273,7 @@ void PaintPath(Canvas* canvas, + // details. + // Note that |x1| and |y1| will correspond to the sole control point if + // calculating a quadratic curve. +- const SkPoint last_point = path.getLastPt().value_or({0, 0}); ++ const SkPoint last_point = path.getLastPt().value_or(SkPoint{0, 0}); + SkScalar delta_x = 0; + SkScalar delta_y = 0; + if (IsCommandTypeCurve(previous_command_type)) { diff --git a/chromium/patches/noclanglibs.patch b/chromium/patches/noclanglibs.patch new file mode 100644 index 0000000..4542171 --- /dev/null +++ b/chromium/patches/noclanglibs.patch @@ -0,0 +1,15 @@ +q66 doesn't want to pass clang_version for clanglib path since it's only used to +link the libclang_rt.builtins.a. but those are linked by default already so skip +it instead of computing the version +-- +--- a/build/config/clang/BUILD.gn ++++ b/build/config/clang/BUILD.gn +@@ -101,7 +101,7 @@ + } + + template("clang_lib") { +- if (!defined(invoker.libname) || is_wasm) { ++ if (true) { + not_needed(invoker, "*") + config(target_name) { + } diff --git a/chromium/patches/sanitizer-no-death-callback.patch b/chromium/patches/sanitizer-no-death-callback.patch new file mode 100644 index 0000000..b2c1e1f --- /dev/null +++ b/chromium/patches/sanitizer-no-death-callback.patch @@ -0,0 +1,22 @@ +undefined symbol in our build + +--- a/v8/src/sandbox/testing.cc ++++ b/v8/src/sandbox/testing.cc +@@ -578,7 +578,7 @@ void UninstallCrashFilter() { + // We should also uninstall the sanitizer death callback as our crash filter + // may hand a crash over to sanitizers, which should then not enter our crash + // filtering logic a second time. +-#ifdef V8_USE_ANY_SANITIZER ++#if 0 + __sanitizer_set_death_callback(nullptr); + #endif // V8_USE_ANY_SANITIZER + } +@@ -782,7 +782,7 @@ void InstallCrashFilter() { + } + CHECK(success); + +-#ifdef V8_USE_ANY_SANITIZER ++#if 0 + // We install sanitizer specific crash handlers. These can only check for + // in-sandbox crashes on certain configurations. + // diff --git a/chromium/patches/terminal-fdset.patch b/chromium/patches/terminal-fdset.patch new file mode 100644 index 0000000..32c7421 --- /dev/null +++ b/chromium/patches/terminal-fdset.patch @@ -0,0 +1,10 @@ +--- a/third_party/dawn/src/tint/utils/system/terminal_posix.cc ++++ b/third_party/dawn/src/tint/utils/system/terminal_posix.cc +@@ -37,6 +37,7 @@ + #include + #include + #include ++#include + + #include "src/tint/utils/containers/vector.h" + #include "src/tint/utils/macros/compiler.h" -- cgit v1.2.3