ykohut/leapp-repository
1
0
Fork 0
forked from rpms/leapp-repository
Code Pull Requests Activity

Move RHEL package patches to ELevate patch

Browse Source
This commit is contained in:
Andrew Lukoshko 2023-07-26 10:40:33 +02:00
parent 47983d3312
commit 0c12ecfb26
7 changed files with 513 additions and 657 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
SOURCES/0001-pcidevicesscanner-Also-match-deprecation-data-agains.patch1
View File

@ -1,70 +0,0 @@
From b4fc2e0ae62e68dd246ed2eedda0df2a3ba90633 Mon Sep 17 00:00:00 2001
From: Vinzenz Feenstra <vfeenstr@redhat.com>
Date: Fri, 1 Apr 2022 15:13:51 +0200
Subject: [PATCH] pcidevicesscanner: Also match deprecation data against kernel
modules
Previously when the deprecation data got introduced the kernel drivers
reported to be used by lspci have not been checked.
This patch fixes this regression.
Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
---
.../libraries/pcidevicesscanner.py | 29 ++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
index 146f1a33..0f02bd02 100644
--- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
@@ -1,7 +1,13 @@
import re
from leapp.libraries.stdlib import api, run
-from leapp.models import DetectedDeviceOrDriver, DeviceDriverDeprecationData, PCIDevice, PCIDevices
+from leapp.models import (
+ ActiveKernelModulesFacts,
+ DetectedDeviceOrDriver,
+ DeviceDriverDeprecationData,
+ PCIDevice,
+ PCIDevices
+)
# Regex to capture Vendor, Device and SVendor and SDevice values
PCI_ID_REG = re.compile(r"(?<=Vendor:\t|Device:\t)\w+")
@@ -82,6 +88,26 @@ def produce_detected_devices(devices):
])
+def produce_detected_drivers(devices):
+ active_modules = {
+ module.file_name
+ for message in api.consume(ActiveKernelModulesFacts) for module in message.kernel_modules
+ }
+
+ # Create a lookup by driver_name and filter out the kernel that are active
+ entry_lookup = {
+ entry.driver_name: entry
+ for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
+ if entry.driver_name and entry.driver_name not in active_modules
+ }
+
+ drivers = {device.driver for device in devices if device.driver in entry_lookup}
+ api.produce(*[
+ DetectedDeviceOrDriver(**entry_lookup[driver].dump())
+ for driver in drivers
+ ])
+
+
def produce_pci_devices(producer, devices):
""" Produce a Leapp message with all PCI devices """
producer(PCIDevices(devices=devices))
@@ -93,4 +119,5 @@ def scan_pci_devices(producer):
pci_numeric = run(['lspci', '-vmmkn'], checked=False)['stdout']
devices = parse_pci_devices(pci_textual, pci_numeric)
produce_detected_devices(devices)
+ produce_detected_drivers(devices)
produce_pci_devices(producer, devices)
--
2.35.1

44
SOURCES/0002-pciscanner-Fix-2-issues-in-regards-to-pci-address-ha.patch
View File

@ -1,44 +0,0 @@
From 53ceded213ae17ca5d27268bc496e736dfea7e64 Mon Sep 17 00:00:00 2001
From: Vinzenz Feenstra <vfeenstr@redhat.com>
Date: Thu, 14 Apr 2022 14:50:07 +0200
Subject: [PATCH 2/3] pciscanner: Fix 2 issues in regards to pci address
handling
In a previous patch, the introduction of the new handling of deprecation
data, 2 problems slipped through.
1. The regex replacement for pci ids errornous adds an empty space
instead of empty string
2. Drivers should be matched on lspci output against the driver
deprecation data only if the pci_id is empty
Signed-off-by: Vinzenz Feenstra <vfeenstr@redhat.com>
---
.../actors/pcidevicesscanner/libraries/pcidevicesscanner.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
index 0f02bd02..eb063abb 100644
--- a/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
+++ b/repos/system_upgrade/common/actors/pcidevicesscanner/libraries/pcidevicesscanner.py
@@ -78,7 +78,7 @@ def parse_pci_devices(pci_textual, pci_numeric):
def produce_detected_devices(devices):
prefix_re = re.compile('0x')
entry_lookup = {
- prefix_re.sub(' ', entry.device_id): entry
+ prefix_re.sub('', entry.device_id): entry
for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
}
api.produce(*[
@@ -98,7 +98,7 @@ def produce_detected_drivers(devices):
entry_lookup = {
entry.driver_name: entry
for message in api.consume(DeviceDriverDeprecationData) for entry in message.entries
- if entry.driver_name and entry.driver_name not in active_modules
+ if not entry.device_id and entry.driver_name and entry.driver_name not in active_modules
}
drivers = {device.driver for device in devices if device.driver in entry_lookup}
--
2.35.1

78
SOURCES/0003-Ensure-the-right-repositories-are-enabled-on-Satelli.patch
View File

@ -1,78 +0,0 @@
From a1fdabea9c00a96ffc1504577f12733e1c1830ee Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Thu, 7 Apr 2022 14:56:18 +0200
Subject: [PATCH 3/3] Ensure the right repositories are enabled on Satellite
Capsules
---
.../actors/satellite_upgrade_facts/actor.py | 6 +++-
.../unit_test_satellite_upgrade_facts.py | 34 ++++++++++++++++++-
2 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
index eb87cd68..fb83107e 100644
--- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/actor.py
@@ -129,6 +129,10 @@ class SatelliteUpgradeFacts(Actor):
modules_to_enable=modules_to_enable
)
)
- repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms', 'satellite-6.11-for-rhel-8-x86_64-rpms',
+ repositories_to_enable = ['ansible-2.9-for-rhel-8-x86_64-rpms',
'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms']
+ if has_package(InstalledRPM, 'foreman'):
+ repositories_to_enable.append('satellite-6.11-for-rhel-8-x86_64-rpms')
+ else:
+ repositories_to_enable.append('satellite-capsule-6.11-for-rhel-8-x86_64-rpms')
self.produce(RepositoriesSetupTasks(to_enable=repositories_to_enable))
diff --git a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
index 5c8e79ff..e77b7b58 100644
--- a/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
+++ b/repos/system_upgrade/el7toel8/actors/satellite_upgrade_facts/tests/unit_test_satellite_upgrade_facts.py
@@ -1,6 +1,14 @@
import os
-from leapp.models import DNFWorkaround, InstalledRPM, Module, RPM, RpmTransactionTasks, SatelliteFacts
+from leapp.models import (
+ DNFWorkaround,
+ InstalledRPM,
+ Module,
+ RepositoriesSetupTasks,
+ RPM,
+ RpmTransactionTasks,
+ SatelliteFacts
+)
from leapp.snactor.fixture import current_actor_context
RH_PACKAGER = 'Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>'
@@ -87,3 +95,27 @@ def test_detects_remote_postgresql(current_actor_context):
assert not satellitemsg.postgresql.local_postgresql
assert not current_actor_context.consume(DNFWorkaround)
+
+
+def test_enables_right_repositories_on_satellite(current_actor_context):
+ current_actor_context.feed(InstalledRPM(items=[FOREMAN_RPM]))
+ current_actor_context.run()
+
+ rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
+
+ assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
+ assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
+ assert 'satellite-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
+ assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
+
+
+def test_enables_right_repositories_on_capsule(current_actor_context):
+ current_actor_context.feed(InstalledRPM(items=[FOREMAN_PROXY_RPM]))
+ current_actor_context.run()
+
+ rpmmessage = current_actor_context.consume(RepositoriesSetupTasks)[0]
+
+ assert 'ansible-2.9-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
+ assert 'satellite-maintenance-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
+ assert 'satellite-6.11-for-rhel-8-x86_64-rpms' not in rpmmessage.to_enable
+ assert 'satellite-capsule-6.11-for-rhel-8-x86_64-rpms' in rpmmessage.to_enable
--
2.35.1

23
SOURCES/0004-Enforce-the-removal-of-rubygem-irb-do-not-install-it.patch
View File

@ -1,23 +0,0 @@
From 496abd1775779054377c5e35ae96fa4d390bab42 Mon Sep 17 00:00:00 2001
From: Petr Stodulka <pstodulk@redhat.com>
Date: Tue, 19 Apr 2022 21:51:03 +0200
Subject: [PATCH] Enforce the removal of rubygem-irb (do not install it)
---
etc/leapp/transaction/to_remove | 3 +++
1 file changed, 3 insertions(+)
diff --git a/etc/leapp/transaction/to_remove b/etc/leapp/transaction/to_remove
index 0feb782..07c6864 100644
--- a/etc/leapp/transaction/to_remove
+++ b/etc/leapp/transaction/to_remove
@@ -1,3 +1,6 @@
### List of packages (each on new line) to be removed from the upgrade transaction
# Removing initial-setup package to avoid it asking for EULA acceptance during upgrade - OAMG-1531
initial-setup
+
+# temporary workaround for the file conflict symlink <-> dir (#2030627)
+rubygem-irb
--
2.35.1

209
SOURCES/0005-IPU-8-9-Migrate-blacklisted-CAs-hotfix.patch
View File

@ -1,209 +0,0 @@
From eeb4f99f57c67937ea562fce11fd5607470ae0a6 Mon Sep 17 00:00:00 2001
From: Petr Stodulka <pstodulk@redhat.com>
Date: Fri, 22 Apr 2022 00:20:15 +0200
Subject: [PATCH] [IPU 8 -> 9] Migrate blacklisted CAs (hotfix)
Preserve blacklisted certificates during the IPU 8 -> 9
Path for the blacklisted certificates has been changed on RHEL 9.
The original paths on RHEL 8 and older systems have been:
/etc/pki/ca-trust/source/blacklist/
/usr/share/pki/ca-trust-source/blacklist/
However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
So the paths are:
/etc/pki/ca-trust/source/blocklist/
/usr/share/pki/ca-trust-source/blocklist/
This actor moves all blacklisted certificates into the expected directories
and fix symlinks if to point to the new dirs if they originally pointed
to one of obsoleted dirs.
Covered cases:
- covered situations with missing dirs
- covered both mentioned blacklist directories
- update symlinks in case they point to one of obsoleted directories
- remove obsoleted directories when all files migrated successfully
- execute /usr/bin/update-ca-trust in the end
- remove original a blacklist directory in case all discovered files
inside are migrated successfully
- print error logs in case of any issues so the upgrade does not
crash in case of troubles and users could deal with problems
manually after the upgrade
The actor is not covered by unit-tests as it's just a hotfix. Follow
up works are expected to extend the problem with reports during
preupgrade phases, improve the test coverage, ....
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2077432
Followup ticket: CRYPTO-7097
---
.../actors/migrateblacklistca/actor.py | 28 ++++++
.../libraries/migrateblacklistca.py | 89 +++++++++++++++++++
.../tests/unit_test_migrateblacklistca.py | 25 ++++++
3 files changed, 142 insertions(+)
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
create mode 100644 repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
new file mode 100644
index 00000000..863a0063
--- /dev/null
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/actor.py
@@ -0,0 +1,28 @@
+from leapp.actors import Actor
+from leapp.libraries.actor import migrateblacklistca
+from leapp.tags import ApplicationsPhaseTag, IPUWorkflowTag
+
+
+class MigrateBlacklistCA(Actor):
+ """
+ Preserve blacklisted certificates during the upgrade
+
+ Path for the blacklisted certificates has been changed on RHEL 9.
+ The original paths on RHEL 8 and older systems have been:
+ /etc/pki/ca-trust/source/blacklist/
+ /usr/share/pki/ca-trust-source/blacklist/
+ However on RHEL 9 the blacklist directory has been renamed to 'blocklist'.
+ So the new paths are:
+ /etc/pki/ca-trust/source/blocklist/
+ /usr/share/pki/ca-trust-source/blocklist/
+ This actor moves all blacklisted certificates into the expected directories
+ and fix symlinks if needed.
+ """
+
+ name = 'migrate_blacklist_ca'
+ consumes = ()
+ produces = ()
+ tags = (ApplicationsPhaseTag, IPUWorkflowTag)
+
+ def process(self):
+ migrateblacklistca.process()
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
new file mode 100644
index 00000000..73c9d565
--- /dev/null
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/libraries/migrateblacklistca.py
@@ -0,0 +1,89 @@
+import os
+import shutil
+
+from leapp.libraries.stdlib import api, CalledProcessError, run
+
+# dict(orig_dir: new_dir)
+DIRS_CHANGE = {
+ '/etc/pki/ca-trust/source/blacklist/': '/etc/pki/ca-trust/source/blocklist/',
+ '/usr/share/pki/ca-trust-source/blacklist/': '/usr/share/pki/ca-trust-source/blocklist/'
+}
+
+
+def _link_src_path(filepath):
+ """
+ Return expected target path for the symlink.
+
+ In case the symlink points to one of dirs supposed to be migrated in this
+ actor, we need to point to the new directory instead.
+
+ In case the link points anywhere else, keep the target path as it is.
+ """
+ realpath = os.path.realpath(filepath)
+ for dirname in DIRS_CHANGE:
+ if realpath.startswith(dirname):
+ return realpath.replace(dirname, DIRS_CHANGE[dirname])
+
+ # it seems we can keep this path
+ return realpath
+
+
+def _migrate_file(filename, src_basedir):
+ dst_path = filename.replace(src_basedir, DIRS_CHANGE[src_basedir])
+ if os.path.exists(dst_path):
+ api.current_logger().info(
+ 'Skipping migration of the {} certificate. The target file already exists'
+ .format(filename)
+ )
+ return
+ os.makedirs(os.path.dirname(dst_path), mode=0o755, exist_ok=True)
+ if os.path.islink(filename):
+ # create the new symlink instead of the moving the file
+ # as the target path could be different as well
+ link_src_path = _link_src_path(filename)
+ # TODO: is the broken symlink ok?
+ os.symlink(link_src_path, dst_path)
+ os.unlink(filename)
+ else:
+ # normal file, just move it
+ shutil.move(filename, dst_path)
+
+
+def _get_files(dirname):
+ return run(['find', dirname, '-type', 'f,l'], split=True)['stdout']
+
+
+def process():
+ for dirname in DIRS_CHANGE:
+ if not os.path.exists(dirname):
+ # The directory does not exist; nothing to do here
+ continue
+ try:
+ blacklisted_certs = _get_files(dirname)
+ except (CalledProcessError, OSError) as e:
+ # TODO: create post-upgrade report
+ api.current_logger().error('Cannot get list of files in {}: {}.'.format(dirname, e))
+ api.current_logger().error('Certificates under {} must be migrated manually.'.format(dirname))
+ continue
+ failed_files = []
+ for filename in blacklisted_certs:
+ try:
+ _migrate_file(filename, dirname)
+ except OSError as e:
+ api.current_logger().error(
+ 'Failed migration of blacklisted certificate {}: {}'
+ .format(filename, e)
+ )
+ failed_files.append(filename)
+ if not failed_files:
+ # the failed removal is not such a big issue here
+ # clean the dir if all files have been migrated successfully
+ shutil.rmtree(dirname, ignore_errors=True)
+ try:
+ run(['/usr/bin/update-ca-trust'])
+ except (CalledProcessError, OSError) as e:
+ api.current_logger().error(
+ 'Cannot update CA trust on the system.'
+ ' It needs to be done manually after the in-place upgrade.'
+ ' Reason: {}'.format(e)
+ )
diff --git a/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
new file mode 100644
index 00000000..970dcb97
--- /dev/null
+++ b/repos/system_upgrade/el8toel9/actors/migrateblacklistca/tests/unit_test_migrateblacklistca.py
@@ -0,0 +1,25 @@
+import os
+
+from leapp.libraries.actor import migrateblacklistca
+from leapp.libraries.common.testutils import CurrentActorMocked
+from leapp.libraries.stdlib import api
+
+
+class MockedGetFiles():
+ def __init__(self):
+ self.called = 0
+
+ def __call__(self):
+ self.called += 1
+ return []
+
+
+def test_no_dirs_exist(monkeypatch):
+ mocked_files = MockedGetFiles()
+ monkeypatch.setattr(os.path, 'exists', lambda dummy: False)
+ monkeypatch.setattr(migrateblacklistca, '_get_files', mocked_files)
+ monkeypatch.setattr(api, 'current_actor', CurrentActorMocked())
+ # this is bad mock, but we want to be sure that update-ca-trust is not
+ # called on the testing machine
+ monkeypatch.setattr(migrateblacklistca, 'run', lambda dummy: dummy)
+ assert not mocked_files.called
--
2.35.1

108
SOURCES/0006-Skip-comment-lines-when-parsing-grub-configuration-f.patch
View File

@ -1,108 +0,0 @@
From 32702c7c7d1c445b9ab95e0d1bbdfdf8f06d4303 Mon Sep 17 00:00:00 2001
From: Petr Stodulka <pstodulk@redhat.com>
Date: Wed, 27 Apr 2022 11:25:40 +0200
Subject: [PATCH] Skip comment lines when parsing grub configuration file
Added simple unit-test for default grub info to see the valid lines
can be parsed as expected.
---
.../systemfacts/libraries/systemfacts.py | 21 ++++++++-
.../tests/test_systemfacts_grub.py | 46 +++++++++++++++++++
2 files changed, 65 insertions(+), 2 deletions(-)
create mode 100644 repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
diff --git a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
index 0de8b383..81aea6f5 100644
--- a/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
+++ b/repos/system_upgrade/common/actors/systemfacts/libraries/systemfacts.py
@@ -9,6 +9,7 @@ import re
import six
from leapp import reporting
+from leapp.exceptions import StopActorExecutionError
from leapp.libraries.common import repofileutils
from leapp.libraries.common.config import architecture
from leapp.libraries.stdlib import api, CalledProcessError, run
@@ -289,9 +290,25 @@ def _default_grub_info():
])
else:
for line in run(['cat', default_grb_fpath], split=True)['stdout']:
- if not line.strip():
+ line = line.strip()
+ if not line or line[0] == '#':
+ # skip comments and empty lines
continue
- name, value = tuple(map(type(line).strip, line.split('=', 1)))
+ try:
+ name, value = tuple(map(type(line).strip, line.split('=', 1)))
+ except ValueError as e:
+ # we do not want to really continue when we cannot parse this file
+ # TODO(pstodulk): rewrite this in the form we produce inhibitor
+ # with problematic lines. This is improvement just in comparison
+ # to the original hard crash.
+ raise StopActorExecutionError(
+ 'Failed parsing of {}'.format(default_grb_fpath),
+ details={
+ 'error': str(e),
+ 'problematic line': str(line)
+ }
+ )
+
yield DefaultGrub(
name=name,
value=value
diff --git a/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
new file mode 100644
index 00000000..08552771
--- /dev/null
+++ b/repos/system_upgrade/common/actors/systemfacts/tests/test_systemfacts_grub.py
@@ -0,0 +1,46 @@
+import os
+
+from leapp.libraries.actor import systemfacts
+from leapp.models import DefaultGrub
+
+
+class RunMocked(object):
+ def __init__(self, cmd_result):
+ self.called = 0
+ self.cmd_result = cmd_result
+ self.split = False
+ self.cmd = None
+
+ def __call__(self, cmd, split=False):
+ self.cmd = cmd
+ self.split = split
+ self.called += 1
+ return self.cmd_result
+
+
+def test_default_grub_info_valid(monkeypatch):
+ mocked_run = RunMocked({
+ 'stdout': [
+ 'line="whatever else here"',
+ 'newline="whatever"',
+ '# comment here',
+ 'why_not=value',
+ ' # whitespaces around comment ',
+ ' ',
+ ' last=last really'
+ ],
+ })
+ expected_result = [
+ DefaultGrub(name='line', value='"whatever else here"'),
+ DefaultGrub(name='newline', value='"whatever"'),
+ DefaultGrub(name='why_not', value='value'),
+ DefaultGrub(name='last', value='last really'),
+ ]
+ monkeypatch.setattr(systemfacts, 'run', mocked_run)
+ monkeypatch.setattr(os.path, 'isfile', lambda dummy: True)
+ for msg in systemfacts._default_grub_info():
+ expected_msg = expected_result.pop(0)
+ assert msg.name == expected_msg.name
+ assert msg.value == expected_msg.value
+ assert mocked_run.called
+ assert not expected_result
--
2.35.1

638
SOURCES/leapp-repository-0.16.0-elevate.patch
View File

File diff suppressed because it is too large Load Diff