backport(8.0): Fix runtime architecture detection logic in ANCM #63706
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DeagleGross
requested review from
BrennanConroy,
JamesNK and
halter73
as code owners
There was a problem hiding this comment.
Pull Request Overview
This PR backports a fix for runtime architecture detection logic in the ASP.NET Core Module (ANCM) to the .NET 8.0 branch. The changes replace a simple x86/x64 bitness check with comprehensive processor architecture detection that supports x86, AMD64, and ARM64 architectures.
Key changes:
- Introduces a new
ProcessorArchitectureenum with proper architecture detection - Replaces binary bitness checking with PE header machine type analysis
- Updates dotnet.exe selection logic to match process architecture instead of just bitness
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| ProcessorArchitecture.h | New header defining processor architecture enum and string conversion utility |
| HostFxrResolver.h | Updates method signature from IsX64 to GetFileProcessorArchitecture and adds include |
| HostFxrResolver.cpp | Replaces bitness detection with comprehensive architecture matching using PE header analysis |
| Environment.h | Adds new method declaration for getting current process architecture |
| Environment.cpp | Implements compile-time architecture detection for current process |
danmoseley
approved these changes
Sep 17, 2025
danmoseley
added
the
Servicing-consider
|
@DeagleGross feel free to send the usual mail to tactics for the backport approval. Note -- there is some precedent for holding off on backports until they've had some bake time in main. Or even, take the 9.0 backport but delay the 8.0 backport a month or two. It's really a risk decision. Your judgement. |
danmoseley
added
Servicing-approved
This was referenced Oct 14, 2025
Open
This was referenced Oct 15, 2025
Merged
michael-j-green
pushed a commit
to gaseous-project/gaseous-server
that referenced
this pull request
Oct 16, 2025
Updated [Microsoft.AspNetCore.Identity.UI](https://github.com/dotnet/aspnetcore) from 8.0.20 to 8.0.21. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.Identity.UI's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.21 [Release](https://github.com/dotnet/core/releases/tag/v8.0.21) ## What's Changed * Update branding to 8.0.21 by @vseanreesermsft in dotnet/aspnetcore#63509 * [release/8.0] (deps): Bump src/submodules/googletest from `373af2e` to `eb2d85e` by @dependabot[bot] in dotnet/aspnetcore#63500 * [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @github-actions[bot] in dotnet/aspnetcore#63250 * [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @github-actions[bot] in dotnet/aspnetcore#63466 * [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @github-actions[bot] in dotnet/aspnetcore#63534 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in dotnet/aspnetcore#63261 * [release/8.0] Use wait assert in flaky tests by @ilonatommy in dotnet/aspnetcore#63565 * [release/8.0] Update Microsoft.Build versions by @github-actions[bot] in dotnet/aspnetcore#62507 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#63603 * backport(8.0): Fix runtime architecture detection logic in ANCM by @DeagleGross in dotnet/aspnetcore#63706 **Full Changelog**: dotnet/aspnetcore@v8.0.20...v8.0.21 Commits viewable in [compare view](dotnet/aspnetcore@v8.0.20...v8.0.21). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
michael-j-green
added a commit
to gaseous-project/gaseous-server
that referenced
this pull request
Oct 16, 2025
… 8.0.21 (#620) Updated [Microsoft.AspNetCore.Authentication.OpenIdConnect](https://github.com/dotnet/aspnetcore) from 8.0.20 to 8.0.21. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.Authentication.OpenIdConnect's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.21 [Release](https://github.com/dotnet/core/releases/tag/v8.0.21) ## What's Changed * Update branding to 8.0.21 by @vseanreesermsft in dotnet/aspnetcore#63509 * [release/8.0] (deps): Bump src/submodules/googletest from `373af2e` to `eb2d85e` by @dependabot[bot] in dotnet/aspnetcore#63500 * [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @github-actions[bot] in dotnet/aspnetcore#63250 * [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @github-actions[bot] in dotnet/aspnetcore#63466 * [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @github-actions[bot] in dotnet/aspnetcore#63534 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in dotnet/aspnetcore#63261 * [release/8.0] Use wait assert in flaky tests by @ilonatommy in dotnet/aspnetcore#63565 * [release/8.0] Update Microsoft.Build versions by @github-actions[bot] in dotnet/aspnetcore#62507 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#63603 * backport(8.0): Fix runtime architecture detection logic in ANCM by @DeagleGross in dotnet/aspnetcore#63706 **Full Changelog**: dotnet/aspnetcore@v8.0.20...v8.0.21 Commits viewable in [compare view](dotnet/aspnetcore@v8.0.20...v8.0.21). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Green <[email protected]>
This was referenced Oct 16, 2025
michael-j-green
pushed a commit
to gaseous-project/gaseous-server
that referenced
this pull request
Oct 16, 2025
… to 8.0.21 (#619) Updated [Microsoft.AspNetCore.Authentication.MicrosoftAccount](https://github.com/dotnet/aspnetcore) from 8.0.20 to 8.0.21. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.Authentication.MicrosoftAccount's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.21 [Release](https://github.com/dotnet/core/releases/tag/v8.0.21) ## What's Changed * Update branding to 8.0.21 by @vseanreesermsft in dotnet/aspnetcore#63509 * [release/8.0] (deps): Bump src/submodules/googletest from `373af2e` to `eb2d85e` by @dependabot[bot] in dotnet/aspnetcore#63500 * [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @github-actions[bot] in dotnet/aspnetcore#63250 * [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @github-actions[bot] in dotnet/aspnetcore#63466 * [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @github-actions[bot] in dotnet/aspnetcore#63534 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in dotnet/aspnetcore#63261 * [release/8.0] Use wait assert in flaky tests by @ilonatommy in dotnet/aspnetcore#63565 * [release/8.0] Update Microsoft.Build versions by @github-actions[bot] in dotnet/aspnetcore#62507 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#63603 * backport(8.0): Fix runtime architecture detection logic in ANCM by @DeagleGross in dotnet/aspnetcore#63706 **Full Changelog**: dotnet/aspnetcore@v8.0.20...v8.0.21 Commits viewable in [compare view](dotnet/aspnetcore@v8.0.20...v8.0.21). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
michael-j-green
pushed a commit
to gaseous-project/gaseous-server
that referenced
this pull request
Oct 16, 2025
…#618) Updated [Microsoft.AspNetCore.Authentication.Google](https://github.com/dotnet/aspnetcore) from 8.0.20 to 8.0.21. <details> <summary>Release notes</summary> _Sourced from [Microsoft.AspNetCore.Authentication.Google's releases](https://github.com/dotnet/aspnetcore/releases)._ ## 8.0.21 [Release](https://github.com/dotnet/core/releases/tag/v8.0.21) ## What's Changed * Update branding to 8.0.21 by @vseanreesermsft in dotnet/aspnetcore#63509 * [release/8.0] (deps): Bump src/submodules/googletest from `373af2e` to `eb2d85e` by @dependabot[bot] in dotnet/aspnetcore#63500 * [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key by @github-actions[bot] in dotnet/aspnetcore#63250 * [release/8.0] Extend Unofficial 1ES template in IdentityModel nightly tests job by @github-actions[bot] in dotnet/aspnetcore#63466 * [release/8.0] Quarantine ResponseBody_WriteContentLength_PassedThrough by @github-actions[bot] in dotnet/aspnetcore#63534 * [release/8.0] Update dependencies from dotnet/source-build-reference-packages by @dotnet-maestro[bot] in dotnet/aspnetcore#63261 * [release/8.0] Use wait assert in flaky tests by @ilonatommy in dotnet/aspnetcore#63565 * [release/8.0] Update Microsoft.Build versions by @github-actions[bot] in dotnet/aspnetcore#62507 * Merging internal commits for release/8.0 by @vseanreesermsft in dotnet/aspnetcore#63603 * backport(8.0): Fix runtime architecture detection logic in ANCM by @DeagleGross in dotnet/aspnetcore#63706 **Full Changelog**: dotnet/aspnetcore@v8.0.20...v8.0.21 Commits viewable in [compare view](dotnet/aspnetcore@v8.0.20...v8.0.21). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Oct 16, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Backport of #63652 to net8.0
A change (#61894) improved algorithm to determine the architecture of a binary by switching away from
GetBinaryTypeW(which seems to load the exe into executable space which might trigger custom windows policies). It was backported to net8.0: #62037.However, we spotted that sometimes function incorrectly chooses a binary of an incompatible architecture, resulting in crashing site load.
Current change specifically checks for a full compatibility of bitness and architecture.
Fixes #63650
Customer Impact
For example users hosting x86 app on x64 machine / x64 app on arm64 machine are impacted unless current change is merged and used.
Regression?
Risk
Impacts users who are using different process architecture then what
where.exeoutputs trying to find dotnet binary. It takes OS / process / dotnet arch installed combination to affect the behavior.Verification
Packaging changes reviewed?