Add two directories to NATIVE_DLL_SEARCH_DIRECTORIES to single-file bundles:

1. The bundle exe directory
2. If the bundle extracts any files, the extraction directory

Fixes #42772

* [wasm][crypto] RandomNumberGenerator mapped to Web Crypto getRandomValues

- Uses Web Crypto API [`getRandomValues`](https://www.w3.org/TR/WebCryptoAPI/#Crypto-method-getRandomValues) if available.
- Falls back to `/dev/urandom` as default if the crypto library is missing.

* Remove the emscripten interface code from the driver.c.

* remove extraneous code comment

* Move emscripten definition around.

* Address review comment

* Add javascript bridge implementation library to Native source tree.

- Javascript checks for crypto interface and uses `crypto.getRandomValues`
- Add api bridge call when building for emscripten browser.
- separate out into browser subdirectory
- If we couldn't find a proper implementation, as Math.random() is not suitable we will abort.

```

ABORT: no cryptographic support found getRandomValues. Consider polyfilling it if you want to use something insecure like Math.random(), e.g. put this in a --pre-js: var crypto = { getRandomValues: function(array) { for (var i = 0; i < array.length; i++) array[i] = (Math.random()*256)|0 } };

```

* Change tests to set random values of the buffer instead of return a single value.

* Remove old test code

* Remove testing code

* Incorporate the PAL bridge layer into the `--js-library` build process

* Address review comments about directory structure and naming

* Update src/mono/wasm/runtime-test.js
Co-authored-by: NRyan Lucia <ryan@luciaonline.net>

* Add note about insecure code for testing purposes

* Formatting

* Return -1 if crypto does not exist instead of aborting from js.  This allows the managed code exception flow to continue as normal.
Co-authored-by: NRyan Lucia <ryan@luciaonline.net>

* Add server core testing to Windows x64

* Add server core testing

* Use 20h1 queue instead

* Remove runtime testing until we get more capacity on 20H1 queue

* Use 2004 image

* Skip tests on Server core

* PR Feedback and fix build

* Disable more server core tests

* Disable more tests on Server Core

* Attempt fixing failing process test in server core

address feedback

* Fix PlatformDetection.IsInContainer for windows and feedback from Eirik's change

* PR Feedback

* Don't run server core on PRs yet until we get more capacity
Co-authored-by: NEirik Tsarpalis <eirik.tsarpalis@gmail.com>

* Add log for ILLinkSharedFramework target running in libraries build

* Address feedback -express that the operation is ongoing
Co-authored-by: NViktor Hofer <viktor.hofer@microsoft.com>
Co-authored-by: NViktor Hofer <viktor.hofer@microsoft.com>

* Create a SuperPMI collection pipeline

Start with a clone of jitstress.yml, and go from there.

* Only build Windows_NT_x64, disable test builds and runs

* TEMPORARY: disable normal PR triggered jobs

* some template files for superpmi

* Little trial error# 1

* fix the superpmi-setup.ps1

* Disable CoreClrTestBuildHost, fix the project path in superpmi-send-to-helix

* Skip build, download, create core_root

* Just copy superpmi scripts, import pipeline-logging-functions

* add a dummy step

* add missing space before message

* Replace message with script

* Temporarily disable dependsOn

* disable another dependsOn

* Pass superpmi.proj file

* logging around send-to-helix

* fix superpmi.proj to include ItemGroup

* have placeholder.txt in WorkItem folder

* fix workitem folder creation, script name

* Re-enable build coreclr, libraries, download, core_root

* fix superpmi.py path

* clone jitutils, build and copy pmi.dll

* Pass Core_Root as payload

* Use hardcoded checked

* Use .dotnet from runtime repo
- Build jitutils before and send the payload to helix

* Fix the pmi.dll location and add  -output_mch_path

* fix the output path

* Try publishing SourcesDirectory

* Upload to HELIX_WORKITEM_UPLOAD_ROOT

* Include test in collection and partition core_root and test

* Enable CoreClrTestBuildHost

* Add dependsOn P1 test

* Add DownloadFilesFromResults

* Properly copy the Tests

* Workaround for https://github.com/dotnet/arcade/pull/6179

* Disable test run, SuperPMI just system.web.dll

* Fix the mch path

* Comment partition for test

* Remove commented code

* Increase timeout to 12 hours

* fast pass

- Comment build coreclr/libraries job
- Instead just download coreclr from some previous run, and tell that it is core_root

* Update the machine pool

* Add a dummy step

* Use SuperPMI_Min.zip that contains all the required files

* Another way of Extracting cab

* download in powershell, extract files separately

* fix the zip path

* Another logic of download zip

* fix path

* fix newdir path

* more fixes

* fix extract step

* add test python script and modify creator

* Map secret to env

* decrease timeout, fix superpmi path in proj, print unzipped contents

* Add a step to download and dir artifacts

* Attempt to call super_pmi upload

* list all contents

* Also dir SourcesDir\artifacts

* Use DownloadPipelineArtifact

* Use the right key

* Upload from helixresults

* cleanup run-superpmi-job.yml

* Re-enable superpmi for CORE_ROOT

* fix the dependsOn

* Replace checked with $(BuildConfig)

* Replace checked with $(BuildConfig)
Comment download artifacts

* change helix queue for windows and add for arm64

* Use FileSeparateChar in superpmi.proj

* Add Linux x64

* Fix the helix queue, property erroro

* logging in shell

* Fix PayloadDir and CorrelationPayloadDir

* Make timeout to 5 hours

* Print workitem contents

* fix WorkItemDirectory

* Just copy pmi.dll

* fix the pmi_assemblies path

* disable reporter

* pop put JitUtilsDirectory before deleting it

* chmod for superpmi-setup.sh

* just copy pmi.dll for unix

* fix the parameter to unix

* Add logging to understand -pmi_assemblies issue

* Add "binaries" folder where payload is present
fix unit script that initializes array

* remove precommand

* Pass Core_Root as CorrelationPayload

- Pass Core_Root as CorrelationPayload
- Pass tag to name .mch file with
- Changes to .ps1 and .sh to copy Core_Root directly

* Add back the workaround for https://github.com/dotnet/arcade/pull/6179

Also, rename 'checked' -> 'Checked'

* fix checked for Linux

* mkdir for linux

* fix path in HelixResultsDestinationDir

* Enable Windows x86/arm64

* fix the python path

* First version of superpmi-setup.py

* Attempt to use superpmi-setup.py

* Fix spelling of LibrariesArtifacts, set python path

* TestArtifacts commented

* superpmi-setup script for linux

* Enable Linux_x64

* Added pydocs

* Add option for exclude_directories

* Moved all the logic to superpmi-setup.py

* Replace superpmi-setup.ps1 and superpmi-setup.sh with superpmi-setup.py

* Fix up in superpmi-setup.py

* fix display name

* add missing spacE

* Use differnet conditional

* ignore PermissionError while cleaning up temp folder

* fix workitem copy for linux

* fix copy for unix

* Publish logs

* Print LibrariesArtifacts

* remove space in front of publish logs desc

* Add missing quotes for LibrariesArtifacts

* Download x64 coreclr to make upload work

* Enable Windows x86/arm64, Linux arm/arm64

* Delete superpmi-setup.ps1, superpmi-setup.sh

* Fix space around LibrariesArtifacts

* Download real coreclr x64

* ignore native dlls

* Make superpmi.py Python3.6 friendly

* Minor cleanup

* Cleanup superpmi-send-to-helix to use helix-inner-step

* Remove redundant steps

* Merge mch files

* Pass osGroup

* Make superpmi-setup script takes tests_directory

* Enable SPMI collection for P1

* General cleanup

* fix merge_mch pattern for OS

* Log the SPMI collection output and put it in upload_root folder

* Replace robocopy/rsync with shutil.copy2

Note that shutil.copy2 is very slow specially on Linux as compared to rsync.
But I think we are ok to have slowness in return of simpler code.

* fix path of pmi.dll to be copied

* Include linux .so and file_exe files in copy_directories

* Try publishing just .mch file

* Revert "Try publishing just .mch file"

This reverts commit a5312c05f9502c7c2f2c5a28125f75f8d824b869.

* Disable tests SPMI collection on 42053

- Tests run times out on Windows
- Some of the partition's collection failed for tests because reply was not clean
- Here are the details when libraries/tests were run:
  https://dev.azure.com/dnceng/internal/_build/results?buildId=832814&view=results
- Hence, disable tests run and just have libraries run for now.
- I didn't remove the test run part but commented the portion of tests collection with
  TODO intentionally so when I have to enable it, I will know what to enable.

* Review feedback
Co-authored-by: NKunal Pathak <Kunal.Pathak@microsoft.com>

Fixes #40862
Co-authored-by: NStephen Toub <stoub@microsoft.com>
Co-authored-by: NRyan Lucia <ryan@luciaonline.net>

* Fix HttpClient.CancelAllPending/Timeout handling for GetString/ByteArrayAsync

When GetStringAsync and GetByteArrayAsync are reading the response body, they're only paying attention to the provided CancellationToken; they're not paying attention to the HttpClient's CancelAllPending or Timeout.

* Address PR feedback

* make CancelConnectAsync thread safe

* replace var with MultipleConnectAsync

* Fix build errors on GCC.

* Enable PGO on Clang.

* Fix build errors on GCC 10 and later.

When packaging .NET for Linux distributions, the package builders
generally use a different workflow for shipping symbols to users:

1. The package maintainer builds code with the debug flags (such as
   `-g`) to generate full native debug info and symbols.

2. Nothing is stripped from build by the package maintainer.

3. The build system (`rpmbuild`, `debuild`) removes the debug
   info (or debug symbols) from the code and creates separate
   `-debuginfo` or `-debug` packages that contain just the debug
   symbols.

4. These debug packages are then distributed along with the normal
   packages using the normal Linux distribution mechanisms. This lets
   users install the exact set of debug symbols matching their other
   package.

To support this workflow in dotnet/runtime, we need to add optional
support for not stripping debug symbols. I used it has follows:

    CFLAGS=-g CXXFLAGS=-g ./build.sh --keepnativesymbols true

After this build, the built binaries include all debug symbols.

I can then rely on the distro package build system to identify, strip,
package and ship the debug info/symbols separately.

See https://github.com/dotnet/runtime/issues/3781 and
https://github.com/dotnet/source-build/issues/267 for more details on
the background and motivation.

For some related fixes, see:

- https://github.com/dotnet/coreclr/pull/3445
- https://github.com/dotnet/corefx/pull/24979

OSX `uname` doesn't have a `-o`

* fix a dumping error introduced in my recent ref PR.

* add a pinvoke test with many small stack arguments.

It will fail on arm64 apple.

* Add get/set for lclVar::lvStkOffs.

* Change some types from `size_t` to `unsigned` when working with stack offsets.

* Rename `stackSize` to `GetStackSize`.

* Do not run stack level setter for arm64 apple.

* Use bytes in `fgArgTabEntry`.

* fix comments/rename vars.

* Add en explanation about `GetStackSlotsNumber`.

* Rename `DEBUG_NOT_OSX_ARM64` to `DEBUG_ARG_SLOTS`.

In normal builds, the getters are `static inline` functions, so the profiler doesn't reference the symbols - it just accesses the fields by offset.

In checked builds with `--enable-checked-build=private_types`, the getters are not inlined, so the profiler shared libraries need the symbols to be visible.
Co-authored-by: Nlambdageek <lambdageek@users.noreply.github.com>

The error led to the comment expressing the opposite of its otherwise obvious intent.

Changes #40691 and #42824 conflicted. One added a new ILLink suppress warnings file, while the other added more warnings. This causes the build to break.

The fix is to regenerate the suppressions file with the latest code.

Fix #42926

* Extract bundled files when IncludeAllContentForSelfExtract is set

* Don't pass bundle probe to the runtime for netcoreapp3 compat mode

* Bundle probe should not report extracted files

This also means we can still pass bundle probe to the runtime even in full-extract case as all files will be marked as extracted in that situation (so the probe should return false all the time).
This might be benefitial as the runtime will still "know" it's single-file (we don't really use that knowledge today though).

Improve the test to actually validate locally built binaries and add validation of TPA and framework assembly loading.

* CodeBaseThrows should fail

* Normalize app base path

* Search for CoreLib in TPA

* PR feedback

* Fix bundle tests to actually test single-file bundles

The tests were basically running everything using apphost.exe - the reason the tests worked is basically a weird coincidence (the bundle was always self-contained so it had everything managed in it and all the native dlls were beside the .exe) - so from host's point of view this looked like a self-contained app - and then hostpolicy/hostfxr noticed it's also a bundle and treated it as such.

This change introduces new test baseclass to reduce duplication and standardizes the tests to mostly use self-contained publish then bundled with singlefilehost.exe. Currently they do leave hostpolicy.dll and hostfxr.dll next to the exe (they're written in .deps.json so they must exist on disk) but at runtime they won't be used since the singlefilehost.exe has them bundled in itself.

* Don't use Microsoft.NETCore.App.Internal package

From 3.0+, Microsoft.NETCore.App just chains in the appropriate runtime
packs. The .Internal package was necessary for tests to use when we were
building with a older SDK, but targeting 3.0+. We should be able to get
rid of the workaround now.

This actually causes problems with the full extraction single-file mode
because pre-5.0 and in the .Internal package, System.Private.CoreLib.dll
was not listed as a runtime assembly (only under native). As a result,
it would not end up in the TPA for a single-file bundle.

* AppWithSubDirs: add back RuntimeIdentifier, don't use .Internal package

The test assets are all restored - passing in TestTargetRid - before
the test runs. Since we do a rid-specific publish later, it needs to
be restored with the approriate rid.

Stop using .Internal package. This resulted in host binaries getting
published even for framework-dependent publishes.

* Rework the single-file API tests for better coverage

The tests now validate behavior of all of the interesting APIs in both single-file and backcompat mode.
Added the AppContext.BaseDirectory to the tests.

* Fix the reported path to .deps.json for back compat mode

The path must point to the extraction folder and not use the "fake" in-bundle path.

* Fix a test bug on Linux

Actually we should be using path separator char in the APP_CONTEXT_DEPS_FILES, but that's something we won't be able to change really (too much chance of breaking something without too much value).
Co-authored-by: Nvitek-karas <vitek.karas@microsoft.com>
Co-authored-by: NElinor Fung <elfung@microsoft.com>

Also, tweak layout a bit, and update so that if a method is jitted
multiple times the files don't overwrite one another. Instead a
suffix is added to indicate the kind of jit codegen.

* do not call RemoteCertificateValidationCallback on the same certificate agin

* feedback from review

* feedback from review

* make sure we do not use Linq

DataContractSerialization has some Reflection "shim" methods that the ILLinker can't see through. This causes critical methods to be trimmed and applications to fail. These methods were put in place in .NET Core 1.0 when the full Reflection API wasn't available.

The fix is to remove these "shim" Reflection APIs and use Reflection directly.

Fix #41525
Fix #42754

Fixed #42334

Setting it to `true` forces the single line, not `false` :)

The recent change that replaced direct invocation of crossgen and
crossgen2 for crossgening framework assemblies for coreclr tests by
r2rtest tool usage has ommited the --release and --large-bubble
arguments. These correspond to the former -O and --inputbubble crossgen2
commands and should be present.

This also fixes failures in running tests with the crossgened runtime.
Many tests were failing with the error `Could not execute the method
because either the method itself or the containing type is not fully
instantiated.`

So while there is a problem to investigate related to debug flavor of
crossgening, this PR fixes the options.

* Add granular suppressions for linker warnings

* Add suppressions for mono SPC

* Misc additions

* Add suppressions for Debug config

* Fix Android xml file

* Include System.ComponentModel.Annotations suppressions

* Add suppressions for System.Security.Cryptography.X509Certificates on Linux

* Fix TargetOs exists check

* Add IL2077 to System.Security.Cryptography.X509Certificates on Android

* Generalize some System.Security.Cryptography.X509Certificates suppressions to 'NonWindows'

* Remove ref to catch-all System.Security.Cryptography.X509Certificates file

* Misc clean up and some feedback

* Use ILLinkDirectory in CreateRuntimeRootILLinkDescriptorFile.targets

* Update paths for directories

* Set TargetPath as part of include

* Delete bin-placing TODO

* Include more xml files during per-library run

* Include more xml files during per-library run, pt 2

* Include more xml files during per-library run, pt 3

* Try including System.ComponentModel.Annotations based on BuildingNETCoreAppVertical

* Switch to BuildAllConfigurations

* Include xml extension in file paths

* Remove version number from assembly suppression files

* Delete ILLink.Suppressions.xml

* Try removing IL2035 nowarn

* Remove version from Microsoft.VisualBasic.Core assemly name

[mono] Retarget HelloWorld sample to in-tree runtime pack (it used to use ".dotnet-mono" hack) (#42851)