By default GN produces a build with all of the debug assertions enabled (is_debug=true) and including full debug info (symbol_level=2). Setting symbol_level=1 will produce enough information for stack traces, but not line-by-line debugging. Setting symbol_level=0 will include no debug symbols at all. Either will speed up the build compared to full symbols.

(cherry picked from commit a7cbf67)

(cherry picked from commit eb74717)

LLD: https://lld.llvm.org/
When you link a large program on a multicore machine, you can expect that LLD runs more than twice as fast as the GNU gold linker. Your mileage may vary, though.
Link-time optimization (LTO) is supported by default.
Some default settings have been tuned for the 21st century. For example, the stack is marked as non-executable by default to tighten security.

LTO & ThinLTO: https://clang.llvm.org/docs/ThinLTO.html
LTO (Link Time Optimization) achieves better runtime performance through whole-program analysis and cross-module optimization. However, monolithic LTO implements this by merging all input into a single module, which is not scalable in time or memory, and also prevents fast incremental compiles. ThinLTO is a new approach that is designed to scale like a non-LTO build, while retaining most of the performance achievement of full LTO.

PGO: https://llvm.org/docs/HowToBuildWithPGO.html https://blog.chromium.org/2020/08/chrome-just-got-faster-with-profile.html
Allows your compiler to better optimize code for how it actually runs. Users report that applying this to Clang and LLVM can decrease overall compile time by 20%.
Because PGO uses real usage scenarios that match the workflows of Chrome users around the world, the most common tasks get prioritized and made faster. Delivers up to 10% faster page loads.

CFI: https://clang.llvm.org/docs/ControlFlowIntegrity.html https://www.chromium.org/developers/testing/control-flow-integrity
Aborts the program upon detecting certain forms of undefined behavior that can potentially allow attackers to subvert the program’s control flow. These schemes have been optimized for performance, allowing developers to enable them in release builds.
By default, a program compiled with CFI will crash with SIGILL if it detects a CFI violation.

Additionally:
Use minizip instead of zlib. Chromium says zlib but actually uses minizip.
Remove old unused workarounds.
Make shell scripts POSIX compliant.
Update documentation URLs.
Prepare for using system libraries.

(cherry picked from commit 2bb0110)

The build succeeds again as dirmd is no longer required for building.

(cherry picked from commit 97677fa)

We've only set ozone_platform_gbm=false to fix the build with Mesa's
libgbm (vs. Google's own minigbm). However, since this issue has
resolved itself we can now drop it. Building with the recommended
settings should also avoid some issues (e.g. NixOS#104885).

[0]: https://chromium.googlesource.com/chromium/src.git/+/master/docs/ozone_overview.md#drm_gbm

(cherry picked from commit 2d5bb88)

But since Ozone is still experimental I'll keep useOzone in common.nix
for some time.

(cherry picked from commit 063b369)

(cherry picked from commit 9100dac)

(cherry picked from commit 729dee1)

This enables automatic updates and fixes NixOS#85629.

(cherry picked from commit 6aea53c)

I've removed that option in 063b369 but forgot that M87 still
defaults to use_vaapi=false.

(cherry picked from commit fb0239c)

(cherry picked from commit f097994)