From 265984e588257c9529fc79cb615da72dcf8d8149 Mon Sep 17 00:00:00 2001 From: Samuel Chiang Date: Mon, 23 Oct 2023 17:42:37 -0700 Subject: [PATCH] Add CI for Windows MSVC2019, MSVC2022, and SDE 32/64-bit (#1228) This creates a CI dimension for Windows 32 and 64 bit SDE. Windows scripts were refactored to be more generic as well. We test Windows SDE with the MSVC2019 build since Windows 11 has phased out some of the more ancient processors. The SHA256 dispatch test fails on the Debug build with newer processors when building for 32-bit. I've tweaked the assumption for the dispatch test and punted CryptoAlg-2137 to investigate the actual reason. Curiously enough, this isn't an issue on the release build. I also discovered how to properly build with MSVC2019 and MSVC2022 while working on this, so I added CI for the two compilers as well. I tested all dimensions against appropriate instance sizes. SDE tests take 90ish minutes to finish on 32 cores. We try to fit our CI within 1 hour, so I went with the next largest instance (64 cores) for the SDE simulator tests. Github provided Windows instances only have 2 cores and aren't sufficient enough for our regular Windows tests. The next larger instance was 8 cores, so I went with that. --- .github/workflows/windows.yml | 95 +++++++++++++++++++ CMakeLists.txt | 2 +- crypto/impl_dispatch_test.cc | 10 +- .../github_ci_windows_x86_omnibus.yaml | 12 ++- .../windows-x86/windows-msvc2017.yml | 14 --- .../run_windows_target.yml} | 3 +- .../docker_images/windows/vs2017/Dockerfile | 14 +++ .../windows/windows_base/Dockerfile | 3 + tests/ci/run_windows_tests.bat | 42 +++++++- 9 files changed, 171 insertions(+), 24 deletions(-) create mode 100644 .github/workflows/windows.yml delete mode 100644 tests/ci/codebuild/windows-x86/windows-msvc2017.yml rename tests/ci/codebuild/{windows-x86/windows-msvc2015.yml => windows/run_windows_target.yml} (53%) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml new file mode 100644 index 0000000000..706a331890 --- /dev/null +++ b/.github/workflows/windows.yml @@ -0,0 +1,95 @@ +name: Windows Tests +on: + pull_request: + branches: [ '*' ] + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number }} + cancel-in-progress: true + +env: + GOPROXY: https://proxy.golang.org,direct + SDE_MIRROR_URL: "https://downloadmirror.intel.com/777395/sde-external-9.21.1-2023-04-24-win.tar.xz" + SDE_VERSION_TAG: sde-external-9.21.1-2023-04-24-win + +jobs: + MSVC-2019: + runs-on: temporary-performance-testing_windows-2019_8-core + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + - name: Build Windows Dependencies + run: | + choco install ninja --version 1.9.0.20190208 -y && + choco install nasm --version 2.14.02 -y + - name: Run Windows Tests on MSVC-2019 + run: | + .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" x64 + + MSVC-2022: + runs-on: temporary-performance-testing_windows-latest_8-core + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + - name: Build Windows Dependencies + run: | + choco install ninja --version 1.9.0.20190208 -y && + choco install nasm --version 2.14.02 -y + - name: Run Windows Tests on MSVC-2022 + run: | + .\tests\ci\run_windows_tests.bat "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvarsall.bat" x64 + + SDE-64-bit: + # TODO: Update this to run on windows-2022. windows-2022 (Windows 11) has phased out support for older processors. + # https://learn.microsoft.com/en-us/windows-hardware/design/minimum/supported/windows-11-supported-intel-processors + runs-on: temporary-performance-testing_windows-2019_64-core + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Build Windows Dependencies + run: | + choco install ninja --version 1.9.0.20190208 -y && + choco install nasm --version 2.14.02 -y + + - name: Install SDE simulator + run: | + curl -SL --output temp.tar.xz ${{ env.SDE_MIRROR_URL }} + 7z x temp.tar.xz + 7z x temp.tar + ren ${{ env.SDE_VERSION_TAG }} windows-sde + del temp.tar.xz + del temp.tar + + - name: Run Windows SDE Tests for 64 bit + run: | + $env:SDEROOT = "${PWD}\windows-sde" + echo ${env:SDEROOT} + .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" x64 true + + SDE-32-bit: + runs-on: temporary-performance-testing_windows-2019_64-core + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Build Windows Dependencies + run: | + choco install ninja --version 1.9.0.20190208 -y && + choco install nasm --version 2.14.02 -y + + - name: Install SDE simulator + run: | + curl -SL --output temp.tar.xz ${{ env.SDE_MIRROR_URL }} + 7z x temp.tar.xz + 7z x temp.tar + ren ${{ env.SDE_VERSION_TAG }} windows-sde + del temp.tar.xz + del temp.tar + + - name: Run Windows SDE Tests for 32 bit + run: | + $env:SDEROOT = "${PWD}\windows-sde" + echo ${env:SDEROOT} + .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" x86 true + diff --git a/CMakeLists.txt b/CMakeLists.txt index 42e021bb55..d748f1b6d3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1054,7 +1054,7 @@ if(BUILD_TESTING) add_custom_target( run_tests_valgrind COMMAND ${GO_EXECUTABLE} run util/all_tests.go -build-dir - ${PROJECT_BINARY_DIR} -valgrind=true -valgrind-supp-dir "tests/ci" + ${PROJECT_BINARY_DIR} -valgrind=true -valgrind-supp-dir="tests/ci" WORKING_DIRECTORY ${PROJECT_SOURCE_DIR} DEPENDS all_tests ${MAYBE_USES_TERMINAL}) diff --git a/crypto/impl_dispatch_test.cc b/crypto/impl_dispatch_test.cc index 0d6fc893a4..e7f83ea4fd 100644 --- a/crypto/impl_dispatch_test.cc +++ b/crypto/impl_dispatch_test.cc @@ -39,7 +39,15 @@ class ImplDispatchTest : public ::testing::Test { aes_hw_ = CRYPTO_is_AESNI_capable(); avx_movbe_ = CRYPTO_is_AVX_capable() && CRYPTO_is_MOVBE_capable(); aes_vpaes_ = CRYPTO_is_SSSE3_capable(); - sha_ext_ = CRYPTO_is_SHAEXT_capable(); + sha_ext_ = +// TODO(CryptoAlg-2137): sha_ext_ isn't enabled on Windows Debug Builds with newer +// 32-bit Intel processors. +#if !(defined(OPENSSL_WINDOWS) && defined(OPENSSL_X86) && !defined(NDEBUG)) + CRYPTO_is_SHAEXT_capable(); +#else + false; +#endif + vaes_vpclmulqdq_ = #if !defined(OPENSSL_WINDOWS) // crypto_gcm_avx512_enabled excludes Windows diff --git a/tests/ci/cdk/cdk/codebuild/github_ci_windows_x86_omnibus.yaml b/tests/ci/cdk/cdk/codebuild/github_ci_windows_x86_omnibus.yaml index c650eb8f76..8ad4d38d5f 100644 --- a/tests/ci/cdk/cdk/codebuild/github_ci_windows_x86_omnibus.yaml +++ b/tests/ci/cdk/cdk/codebuild/github_ci_windows_x86_omnibus.yaml @@ -7,7 +7,7 @@ version: 0.2 batch: build-list: - identifier: windows_msvc2015_x64 - buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2015.yml + buildspec: ./tests/ci/codebuild/windows/run_windows_target.yml env: # https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html type: WINDOWS_SERVER_2019_CONTAINER @@ -15,12 +15,18 @@ batch: compute-type: BUILD_GENERAL1_LARGE # Build failure on Docker image `vs2015_latest`, tracked in CryptoAlg-741. image: 620771051181.dkr.ecr.us-west-2.amazonaws.com/aws-lc-docker-images-windows-x86:vs2015_latest + variables: + MSVC_PATH: 'C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat' + ARCH_OPTION: x64 - identifier: windows_msvc2017_x64 - buildspec: ./tests/ci/codebuild/windows-x86/windows-msvc2017.yml + buildspec: ./tests/ci/codebuild/windows/run_windows_target.yml env: - # https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html type: WINDOWS_SERVER_2019_CONTAINER privileged-mode: false compute-type: BUILD_GENERAL1_LARGE image: 620771051181.dkr.ecr.us-west-2.amazonaws.com/aws-lc-docker-images-windows-x86:vs2017_latest + variables: + # vcvarsall will set the required lib and libpath for MSVC to compile everything + MSVC_PATH: 'C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build\vcvarsall.bat' + ARCH_OPTION: x64 diff --git a/tests/ci/codebuild/windows-x86/windows-msvc2017.yml b/tests/ci/codebuild/windows-x86/windows-msvc2017.yml deleted file mode 100644 index 6a8bd4d284..0000000000 --- a/tests/ci/codebuild/windows-x86/windows-msvc2017.yml +++ /dev/null @@ -1,14 +0,0 @@ -# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. -# SPDX-License-Identifier: Apache-2.0 OR ISC. - -version: 0.2 - -env: - variables: - GOPROXY: https://proxy.golang.org,direct - -phases: - build: - commands: - # vcvarsall will set the required lib and libpath for MSVC to compile everything - - .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\VC\Auxiliary\Build\vcvarsall.bat" diff --git a/tests/ci/codebuild/windows-x86/windows-msvc2015.yml b/tests/ci/codebuild/windows/run_windows_target.yml similarity index 53% rename from tests/ci/codebuild/windows-x86/windows-msvc2015.yml rename to tests/ci/codebuild/windows/run_windows_target.yml index 9f81bdb5b2..3ff3dafe8a 100644 --- a/tests/ci/codebuild/windows-x86/windows-msvc2015.yml +++ b/tests/ci/codebuild/windows/run_windows_target.yml @@ -10,5 +10,4 @@ env: phases: build: commands: - # vcvarsall will set the required lib and libpath for MSVC to compile everything - - .\tests\ci\run_windows_tests.bat "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" + - .\tests\ci\run_windows_tests.bat "${MSVC_PATH}" "${ARCH_OPTION}" "${RUN_SDE}" diff --git a/tests/ci/docker_images/windows/vs2017/Dockerfile b/tests/ci/docker_images/windows/vs2017/Dockerfile index a2fa42b07e..21befce32d 100644 --- a/tests/ci/docker_images/windows/vs2017/Dockerfile +++ b/tests/ci/docker_images/windows/vs2017/Dockerfile @@ -6,6 +6,9 @@ # Keep parity with the upstream tags at https://hub.docker.com/_/microsoft-windows-servercore FROM aws-lc/windows_base:2019 +ENV SDE_VERSION_TAG=sde-external-9.21.1-2023-04-24-win +ENV SDE_MIRROR_URL="https://downloadmirror.intel.com/777395/sde-external-9.21.1-2023-04-24-win.tar.xz" + SHELL ["cmd", "/S", "/C"] RUN ` # Download the Build Tools bootstrapper. @@ -22,7 +25,18 @@ RUN ` # Cleanup && del /q vs_buildtools.exe +RUN ` + # Install Windows Intel SDE. + curl -SL --output temp.tar.xz %SDE_MIRROR_URL% ` + ` + && 7z x temp.tar.xz ` + && 7z x temp.tar ` + && ren %SDE_VERSION_TAG% windows-sde ` + && del temp.tar.xz ` + && del temp.tar RUN setx /M PATH "%PATH%;C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\MSBuild\15.0\Bin" +RUN setx /M SDEROOT C:/windows-sde + CMD [ "cmd.exe" ] diff --git a/tests/ci/docker_images/windows/windows_base/Dockerfile b/tests/ci/docker_images/windows/windows_base/Dockerfile index 51c53fe85d..9395ae543c 100644 --- a/tests/ci/docker_images/windows/windows_base/Dockerfile +++ b/tests/ci/docker_images/windows/windows_base/Dockerfile @@ -9,10 +9,13 @@ ADD https://download.microsoft.com/download/6/A/A/6AA4EDFF-645B-48C5-81CC-ED5963 RUN start /wait C:\vc_redist.x64.exe /quiet /norestart # Install chocolatey +# https://stackoverflow.com/questions/76470752/chocolatey-installation-in-docker-started-to-fail-restart-due-to-net-framework +ENV chocolateyVersion=1.4.0 # https://chocolatey.org/docs/troubleshooting#the-request-was-aborted-could-not-create-ssltls-secure-channel RUN @powershell Set-ExecutionPolicy Bypass -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12; $env:chocolateyUseWindowsCompression = 'true'; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) RUN choco install git --version 2.23.0 -y && ` +choco install 7zip.install -y && ` choco install ninja --version 1.9.0.20190208 -y && ` choco install strawberryperl --version 5.32.0.1 -y && ` choco install nasm --version 2.14.02 -y && ` diff --git a/tests/ci/run_windows_tests.bat b/tests/ci/run_windows_tests.bat index fdb9a59f4d..b8d08f8f67 100644 --- a/tests/ci/run_windows_tests.bat +++ b/tests/ci/run_windows_tests.bat @@ -3,11 +3,26 @@ set SRC_ROOT=%cd% set BUILD_DIR=%SRC_ROOT%\test_build_dir @rem %1 contains the path to the setup batch file for the version of of visual studio that was passed in from the build spec file. -@rem x64 comes from the architecture options https://docs.microsoft.com/en-us/cpp/build/building-on-the-command-line +@rem %2 specifies the architecture option to build against: https://docs.microsoft.com/en-us/cpp/build/building-on-the-command-line +@rem %3 is to indicate running SDE simulation tests. If not set, SDE tests are not run. set MSVC_PATH=%1 -call %MSVC_PATH% x64 || goto error +set ARCH_OPTION=%2 +if "%~3"=="" ( set RUN_SDE=false ) else ( set RUN_SDE=%3 ) +call %MSVC_PATH% %ARCH_OPTION% || goto error SET +@echo on +if /i "%RUN_SDE%" == "false " ( + goto :run_basic_tests +) else if /i "%RUN_SDE%" == "true " ( + goto :run_sde_tests +) else ( + @rem Unrecognized option + goto error +) +goto :EOF + +:run_basic_tests @rem Run the same builds as run_posix_tests.sh @rem Check which version of MSVC we're building with: remove 14.0 from the path to the compiler and check if it matches the @rem original string. MSVC 14 has an issue with a missing DLL that causes the debug unit tests to fail @@ -23,8 +38,13 @@ call :build_and_test Release "-DBUILD_SHARED_LIBS=1" || goto error call :build_and_test Release "-DBUILD_SHARED_LIBS=1 -DFIPS=1" || goto error @rem For FIPS on Windows we also have a RelWithDebInfo build to generate debug symbols. call :build_and_test RelWithDebInfo "-DBUILD_SHARED_LIBS=1 -DFIPS=1" || goto error +exit /b 0 -goto :EOF +:run_sde_tests +@rem Run and test the same dimensions as our Linux SDE tests. +call :build_and_test_with_sde Debug "" || goto error +call :build_and_test_with_sde Release "" || goto error +exit /b 0 @rem %1 is the build type (e.g. Release/Debug) @rem %2 is the additional full CMake args @@ -34,6 +54,14 @@ call :build %1 %2 || goto error call :test %1 %2 || goto error exit /b 0 +@rem %1 is the build type (e.g. Release/Debug) +@rem %2 is the additional full CMake args +:build_and_test_with_sde +@echo on +call :build %1 %2 || goto error +call :test_with_sde %1 %2 || goto error +exit /b 0 + @rem Use the same parameters as build_and_test :build @echo on @@ -57,6 +85,14 @@ ninja run_tests || goto error @echo LOG: %date%-%time% %1 %2 tests complete exit /b %errorlevel% +@rem Runs the SDE simulator tests, this assumes the build is complete +:test_with_sde +@echo on +@echo LOG: %date%-%time% %1 %2 build finished, starting tests with SDE +ninja run_tests_with_sde || goto error +@echo LOG: %date%-%time% %1 %2 SDE tests complete +exit /b %errorlevel% + :error echo Failed with error #%errorlevel%. exit /b 1