[ILASM] Add support for deterministic builds and PDB checksums #109091
Conversation
amanasifkhalid
changed the title
|
The parent PR's PDB checksum implementation wasn't null-terminating the hash algorithm prefix ("SHA256", etc). With this fixed, |
|
Determinism tests are passing in CI, too. cc @dotnet/jit-contrib, @jkotas could you PTAL? Thanks! |
| @@ -614,6 +614,12 @@ HRESULT PEWriter::Init(PESectionMan *pFrom, DWORD createFlags) | |||
| m_ntHeaders->FileHeader.Characteristics |= VAL16(IMAGE_FILE_RELOCS_STRIPPED); | |||
| } | |||
|
|
|||
| if (createFlags & ICEE_CREATE_FILE_DET) | |||
| { | |||
| // We don't need a meaningful date/time stamp -- just a consistent one | |||
src/coreclr/ilasm/assem.cpp
Outdated
| #if !defined(_WIN32) && !defined(__APPLE__) | ||
| if (!IsOpenSslAvailable()) | ||
| { | ||
| fprintf(stderr, "\nWarning: OpenSSL not available. Disabling build determinism.\n"); |
src/tests/Common/CLRTest.Jit.targets
Outdated
| proc.kill() | ||
| sys.exit(1) | ||
| if hash != hash_file(inputAssemblyName): |
There was a problem hiding this comment.
Would it be better to compare the content of the whole file instead of just a hash?
There was a problem hiding this comment.
That seems simpler; I'll move this over, too.
|
Timestamps in the debug directory dumps are no longer zero, but are taken from the bytes after the GUID in the PDB checksum: And the header timestamp matches: |
|
/azp run runtime-coreclr ilasm |
|
Azure Pipelines successfully started running 1 pipeline(s). |
src/coreclr/ilasm/writer.cpp
Outdated
| // on the IMDInternalEmit interface. | ||
| // | ||
| // When the CLSID_CorMetaDataDispenser instance above has activated against a current | ||
| // clr.dll (which is the only supported configuration for the determinism feature), it is |
There was a problem hiding this comment.
ilasm in .NET Core has statically linked copy of metadata implementation. This comment that talks about clr.dll is not relevant here. Was it copied from .NET Framework port?
There was a problem hiding this comment.
BTW: I do not think you would be able to use IMDInternalEmit interface for the .NET Framework port. It would create versioning problems. I think we will need a proper new interface defined for .NET Framework port.
There was a problem hiding this comment.
Was it copied from .NET Framework port?
I believe so -- this comment is from the initial commit from the parent PR.
src/coreclr/ilasm/writer.cpp
Outdated
|
|
||
| ULONG timestamp; | ||
| memcpy_s(×tamp, sizeof(ULONG), pdbChecksum + sizeof(GUID), sizeof(ULONG)); | ||
| m_pPortablePdbWriter->SetTimestamp(timestamp); |
There was a problem hiding this comment.
Do we need to generate deterministic GUID and the timestamp from the content hash even when we are not generating the PDBs?
There was a problem hiding this comment.
That seems better than leaving the GUID/timestamp as zero. Are you suggesting we derive them from something like the hash we use for the MVID below, if the PDB stream isn't available?
There was a problem hiding this comment.
Yes. I believe that generating .dll without .pdbs is fairly common.
There was a problem hiding this comment.
It would be best to avoid depending on PDB stream to generate the GUID/timestamp in all cases, even when we are genering the PDBs.
|
The determinism tests were failing because I was using different assembly names as inputs into ilasm, which would change the CodeView debug directory entry. This should be fixed |
|
/azp run runtime-coreclr ilasm |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run runtime-coreclr ilasm |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run runtime-coreclr ilasm |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Follow-up to #85344. Fixes #8293. Fixes #62484.
This PR simply pulls in the SHA-256 wrappers added in #109559 into the prototype in #85344.