30450a1bd5d278e285f50a7e4cfc755545960e92 Do not clone qa-assets git repository if not necessary (Kiminuo)
Pull request description:
This PR attempts to remove an unnecessary step when CI runs.
The main motivation for the change is that I locally use `MAKEJOBS="-j15" FILE_ENV="./ci/test/00_setup_env_android.sh" ./ci/test_run_all.sh` to find out if a patch of mine works or not. Cloning `bitcoin-core/qa-assets` is slow on my machine (which is by no means slow).
ACKs for top commit:
MarcoFalke:
cr ACK 30450a1bd5d278e285f50a7e4cfc755545960e92
Tree-SHA512: 5763b53da9554b06039c39f8fc729de1b106cce2a242de8f97528d001bfa01d4f48d2a128f458a3cdee3da36312354c6714839b947f313c089c2c5cb30233a39
ca3a77068b8c9c6107d078ea083f4ab7c0010548 test: Fix p2p_leak.py intermittent failure by lowering timeout (Martin Zumsande)
Pull request description:
Fixes#22085
Root cause: There was just 1 second between the wait (5 seconds) and the `-peertimeout=4`.
Since `ShouldRunInactivityChecks` in `net.cpp` measures the timeout in seconds, its result can only change once per second, even though it is called more often.
So in situations when the connection is established early in a given second like [here](https://bitcoinbuilds.org/index.php?ansilog=d7b3e075-683a-45cc-94d4-9645fc17e0b6.log#l3117) (2021-05-27T12:28:04.**001**913Z ), the 1 second leeway was not be sufficient, leading to the intermittent failures.
Fix this by lowering the timeout by one second.
ACKs for top commit:
MarcoFalke:
re-ACK ca3a77068b8c9c6107d078ea083f4ab7c0010548
Tree-SHA512: e7e22356d276c65a5b4f0a1b7ee5a9ad07d27691220746c7d02af3fad22cab1d53fd0ef59a938167ec80e4571c96649132d6922ad10667fc91baa47892f27a3e
a061a299708d39ad63f85085ae07c457308823cf test: bring p2p_leak.py up to date. (Martin Zumsande)
Pull request description:
After the introduction of wtxidrelay and sendaddrv2 messages during version handshake, extend p2p_leak.py test to reflect this.
Also, some minor fixes and doc improvements.
I also added a test that peers not completing the version handshake will be disconnected for timeout, as suggested by MarcoFalke in https://github.com/bitcoin/bitcoin/pull/19723#issuecomment-699540294.
ACKs for top commit:
brunoerg:
Tested ACK a061a299708d39ad63f85085ae07c457308823cf
theStack:
Tested ACK a061a299708d39ad63f85085ae07c457308823cf
Tree-SHA512: 26c601491fa8710fc972d1b8f15da6b387a95b42bbfb629ec4c668769ad3824b6dd6a33d97363bca2171e403d8d1ce08abf3e5c9cab34f98d53e0109b1c7a0e5
31cce4a1bdbb48f57996615ee6c686e456cc0bea doc: update `BroadcastTransaction` comment (ismaelsadeeq)
Pull request description:
`BroadcastTransaction` is also called by `submitpackage` RPC.
All transactions that are accepted into the mempool post package processing are broadcasted to peers individually here
ea4ddd8652/src/rpc/mempool.cpp (L926)
It's not maintainable to list all the callers of a function.
ACKs for top commit:
stickies-v:
ACK 31cce4a1bdbb48f57996615ee6c686e456cc0bea
kristapsk:
ACK 31cce4a1bdbb48f57996615ee6c686e456cc0bea
naumenkogs:
ACK 31cce4a1bdbb48f57996615ee6c686e456cc0bea
Tree-SHA512: 8aea92c53c1911a0ac36fe9e3a24d37d83e7d9b40a16f0832bfa7a719328697621e3f94a5dc80d1840e7ae705e0c3aab7a3df7064986e1e53a4a4114adf078a8
8023640a71a10ec54a6a8e6b95a29d07f7be218d qt: Avoid non-self-contained Windows header (Hennadii Stepanov)
Pull request description:
Using the `windows.h` header guarantees correctness regardless of the content of other headers.
For more details, please refer to https://stackoverflow.com/questions/4845198/fatal-error-no-target-architecture-in-visual-studio
Fixes the MSVC build when using the upcoming CMake-based build system and Qt packages installed via the vcpkg package manager.
Related to https://github.com/hebasto/bitcoin/pull/77.
ACKs for top commit:
theuni:
ACK 8023640a71a10ec54a6a8e6b95a29d07f7be218d. It's not completely clear to me why this currently works, but I don't think it's worth wasting more time on. `windows.h` seems more correct regardless.
Tree-SHA512: 1c03f909943111fb2663f86d33ec9a947bc5903819e5bd94f436f6b0782d9f5c5d80d9cd3490674ecd8921b2981c509e97e41580bccc436f8b5c7db84b4e493c
ff3f51b402efe6dc0b4bd14aecb9b58c2815c6e4 depends: Include `config.guess` and `config.sub` into `meta_depends` (Hennadii Stepanov)
Pull request description:
ACKs for top commit:
theuni:
ACK ff3f51b402efe6dc0b4bd14aecb9b58c2815c6e4.
Tree-SHA512: e8575473d3fca2293181131c76bd6d43017fe753d2e670c53227a646b64b069dc542a0fc50a77b43e74bc6a0c0159ffa2fb1c3ff3aef9625684e0f78c16ad960
9d728916b27e18efc6f8839770ed5ec14789fc08 net: create I2P sessions with both ECIES-X25519 and ElGamal encryption (Jon Atack)
Pull request description:
A Bitcoin Core node may only connect to a peer destination via I2P if both sides have sessions with the same encryption type. Encryption type is a property of the session, not the destination. Sessions may support multiple encryption types.
As Bitcoin Core is not currently setting the encryption type when creating I2P sessions, it uses the older default, ElGamal (type 0).
This pull updates our I2P session creation to use both ECIES-X25519 and ElGamal (types 4 and 0, respectively). This allows to connect to I2P peers of either type, and the newer, faster ECIES-X25519 will be preferred.
See also:
- discussion around https://github.com/qbittorrent/qBittorrent/issues/19625#issuecomment-1879582395
- recently updated "Signature and Encryption Types" in https://geti2p.net/en/docs/api/samv3
Thank you and credit to zzzi2p for reporting and to vort for the patch.
Closes https://github.com/bitcoin/bitcoin/issues/29197.
ACKs for top commit:
zzzi2p:
ACK 9d728916b27e18efc6f8839770ed5ec14789fc08
recursive-rat4:
ACK 9d728916b27e18efc6f8839770ed5ec14789fc08
kristapsk:
cr utACK 9d728916b27e18efc6f8839770ed5ec14789fc08
brunoerg:
crACK 9d728916b27e18efc6f8839770ed5ec14789fc08
shaavan:
crACK 9d728916b27e18efc6f8839770ed5ec14789fc08
Tree-SHA512: 0912fc01af9706914a7854f7479b9d82fc86c9530466cad8674e30f7eb4894d90d514efbc1aee8b7ea690faa6ff4a23b62cf5de8737cffdbc463300082c9b917
e5b9ee0221ec8aa238fb5720fcd6faa01b09fe46 fuzz: set `nMaxOutboundLimit` in connman target (brunoerg)
Pull request description:
Setting `nMaxOutboundLimit` (`-maxuploadtarget`) will make fuzz to reach more coverage in connman target. This value is used in `GetMaxOutboundTimeLeftInCycle`, `OutboundTargetReached` and `GetOutboundTargetBytesLeft`.
ACKs for top commit:
dergoegge:
utACK e5b9ee0221ec8aa238fb5720fcd6faa01b09fe46
jonatack:
ACK e5b9ee0221ec8aa238fb5720fcd6faa01b09fe46
Tree-SHA512: d19c83602b0a487e6da0e3be539aa2abc95b8bbf36cf9a3e391a4af53b959f68ca38548a96d27d56742e3b772f648da04e2bf8973dfc0ab1cdabf4f2e8d44de6
ff896d25819da1c1e80591595c922fb093942645 contrib: drop GCC MAX_VERSION to 4.3.0 in symbol-check (fanquake)
Pull request description:
Reflect the actual symbols used, i.e:
```bash
bitcoind: symbol __bswapsi2 from unsupported version GCC_4.3.0(7)
```
ACKs for top commit:
TheCharlatan:
ACK ff896d25819da1c1e80591595c922fb093942645
Tree-SHA512: b38ff8f4dd78d2d1c9063c53544dc4f240c3043f142e1581f7ba42f088a509293f6f17cc402c60ac82bff3b36668866b87e0e9e4d10d929484bb4c7a3e654f25
fa0534d7e47d44428d3f9dea6d2f6b8e86df22d4 test: Actually fail when a python unit test fails (MarcoFalke)
Pull request description:
Currently python unit test failures are ignored.
Fix this.
ACKs for top commit:
theStack:
ACK fa0534d7e47d44428d3f9dea6d2f6b8e86df22d4
BrandonOdiwuor:
ACK fa0534d7e47d44428d3f9dea6d2f6b8e86df22d4
Tree-SHA512: c136be4c8d861d966f380e04d5d14b711b90c4011101302dae1332496e493207c5c673927586ed35b02b61a0b050bf45053a31e6ff766ec52f1d054caf0985e2
55e3dc3e03510e97caba1547a82e3e022b0bbd42 test: Fix test by checking the actual exception instance (Hennadii Stepanov)
Pull request description:
The `system_tests/run_command` test is broken because it passes even with the diff as follows:
```diff
--- a/src/test/system_tests.cpp
+++ b/src/test/system_tests.cpp
@@ -90,7 +90,7 @@ BOOST_AUTO_TEST_CASE(run_command)
});
}
{
- BOOST_REQUIRE_THROW(RunCommandParseJSON("echo \"{\""), std::runtime_error); // Unable to parse JSON
+ BOOST_REQUIRE_THROW(RunCommandParseJSON("invalid_command \"{\""), std::runtime_error); // Unable to parse JSON
}
// Test std::in, except for Windows
#ifndef WIN32
```
The reason of such fragility is that the [`BOOST_REQUIRE_THROW`](https://www.boost.org/doc/libs/1_83_0/libs/test/doc/html/boost_test/utf_reference/testing_tool_ref/assertion_boost_level_throw.html) macro passes even if the command raises an exception in the underlying subprocess implementation, which might have a type derived from `std::runtime_error`.
ACKs for top commit:
maflcko:
lgtm ACK 55e3dc3e03510e97caba1547a82e3e022b0bbd42
achow101:
ACK 55e3dc3e03510e97caba1547a82e3e022b0bbd42
furszy:
Non-Windows code ACK 55e3dc3e
pablomartin4btc:
ACK 55e3dc3e03510e97caba1547a82e3e022b0bbd42
Tree-SHA512: 32f49421bdcc94744c81e82dc10cfa02e3f8ed111974edf1c2a47bdaeb56d7baec1bede67301cc89464fba613029ecb131dedc6bc5948777ab52f0f12df8bfe9
11b7269d83a56f919f9dddb7f7c72a96d428627f script: Enhance validations in utxo_snapshot.sh (pablomartin4btc)
Pull request description:
This PR resolves#27841 and some more:
- Ensure that the snapshot height is higher than the pruned block height when the node is pruned (Suggested by @Sjors [here](https://github.com/bitcoin/bitcoin/pull/28553#issuecomment-1804941396)).
- Validate the correctness of the file path and check if the file already exists (@hazeycode's [#27845](https://github.com/bitcoin/bitcoin/pull/27845)).
- Make network activity disablement optional for the user (Suggested by @Sjors [here](https://github.com/bitcoin/bitcoin/pull/16899#discussion_r342735815) and [here](https://github.com/bitcoin/bitcoin/pull/16899#issuecomment-536520911)).
- Ensure the `reconsiderblock` command is triggered on exit (@hazeycode's same PR as above), even in the case of user interruption (Ctrl-C).
In order to perform some testing please follow the instructions in the description of previous @hazeycode's PR #27845.
ACKs for top commit:
Sjors:
tACK 11b7269d83a56f919f9dddb7f7c72a96d428627f
ryanofsky:
Code review ACK 11b7269d83a56f919f9dddb7f7c72a96d428627f
Tree-SHA512: 2b699894c6f732ad5104f5a2bcf5dc86ed31edcc9d664690cab55b94a8ab00e2ca5bde901ee1d63acddca7ea80ad1734d8cfe78f9c02f8470f264fe93a2af759
66c4b58e518aff08030b3c879c44af7716110619 guix: switch from guix environment to guix shell (fanquake)
Pull request description:
See https://guix.gnu.org/manual/devel/en/html_node/Invoking-guix-environment.html.
> Deprecation warning: The guix environment command is deprecated
in favor of guix shell, which performs similar functions but is more convenient to use. See Invoking guix shell.
> Being deprecated, guix environment is slated for eventual removal,
but the Guix project is committed to keeping it until May 1st, 2023. Please get in touch with us at guix-devel@gnu.org if you would like to discuss it.
See also https://guix.gnu.org/blog/2021/from-guix-environment-to-guix-shell/ for a blog post and additional details.
Guix `shell` was added to Guix ~1 year ago, in this commit, https://git.savannah.gnu.org/cgit/guix.git/commit/?id=80edb7df6586464aa40e84e103f0045452de95db, which isn't part of the 1.3.0 release binaries out of the box, but invoking a `guix pull`, and updating will make it available. i.e:
```bash
bash-5.1# guix --version
guix (GNU Guix) 1.3.0
Copyright (C) 2021 the Guix authors
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
bash-5.1# guix shell
guix: shell: command not found
Try 'guix --help' for more information.
bash-5.1# guix pull
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
Authenticating channel 'guix', commits 9edb3f6 to 7a980bb (6,278 new commits)...
Building from this channel:
guix https://git.savannah.gnu.org/git/guix.git7a980bb
< snip >
building /gnu/store/2wwwsczxcw61m05p4mv0kf0advx4fqsb-inferior-script.scm.drv...
building package cache...
building profile with 1 package...
New in this revision:
6,866 new packages: a2jmidid, abjad,
bash-5.1# guix help shell
Usage: guix shell [OPTION] PACKAGES... [-- COMMAND...]
Build an environment that includes PACKAGES and execute COMMAND or an
interactive shell in that environment.
```
ACKs for top commit:
TheCharlatan:
ACK 66c4b58e518aff08030b3c879c44af7716110619
Tree-SHA512: caa3fd2ca8d0f261c50ecdda3728a75389d24d89b51293dedc704ee77ab1342b2bb08ca8c871dcb4646229f056ec86cb15500934ded1b0c501a3ffc25aaa8ae6
d5b4c0b69e543de51bb37d602d488ee0949ba185 pool: change memusage_test to use int64_t, add allocation check (Martin Leitner-Ankerl)
ce881bf9fcb7c30bb1fafd6ce38844f4f829452a pool: make sure PoolAllocator uses the correct alignment (Martin Leitner-Ankerl)
Pull request description:
The class `CTxOut` has a member `CAmount` which is an int64_t, and on ARM 32bit int64_t are 8 byte aligned, which is larger than the pointer alignment of 4 bytes.
So for `CCoinsMap` to be able to use the pool, we need to use the alignment of the member instead of just `alignof(void*)`.
This fixes#28906 (first noted in https://github.com/bitcoin/bitcoin/issues/28718#issuecomment-1807197107) and #28440.
ACKs for top commit:
pinheadmz:
ACK d5b4c0b69e543de51bb37d602d488ee0949ba185
hebasto:
re-ACK d5b4c0b69e543de51bb37d602d488ee0949ba185, the only change since my recent [review](https://github.com/bitcoin/bitcoin/pull/28913#pullrequestreview-1739334189) is an updated test.
theStack:
Tested ACK d5b4c0b69e543de51bb37d602d488ee0949ba185
Tree-SHA512: 4446793fad6d56f0fe22e09ac9ade051e86de11ac039cd61c0f6b7f79874242878a6a46a2c76ac3b8f1d53464872620d39139f54b1471daccad26d6bb1ae8ca1
fa552e8a4e4fc61b01eb36387bdf86b27c6893c3 doc: Simplify guix install doc, after 1.4 release (MarcoFalke)
Pull request description:
Now that 1.4 is out (for a while), remove the recommendation to build a random commit.
ACKs for top commit:
fanquake:
ACK fa552e8a4e4fc61b01eb36387bdf86b27c6893c3
hebasto:
ACK fa552e8a4e4fc61b01eb36387bdf86b27c6893c3.
Tree-SHA512: f5642df201ff0e2af8a7ae9660a66920ddbb5f522b3e921f6f4aa7c411ced23afa91bdfe43b943ac012228eebbaad3396df505d00aa8f721a4358f03fda9d8e3
da45a6743a docs: bump python version in dependencies.md and build-openbsd.md (pasta)
5f7009ce88 bump PYTHON_VERSION for CI (pasta)
c6fed1e3ce partial Merge bitcoin/bitcoin#28210: build: Bump clang minimum supported version to 13 (MarcoFalke)
68ccd6d133 bump CI python version (pasta)
64cd338894 Merge bitcoin/bitcoin#28211: Bump python minimum supported version to 3.9 (fanquake)
Pull request description:
## Issue being fixed or feature implemented
Why not
## What was done?
Bump python version
## How Has This Been Tested?
See CI
## Breaking Changes
None
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
knst:
utACK da45a6743a
kwvg:
utACK da45a6743a
UdjinM6:
utACK da45a6743a
Tree-SHA512: 5bb99817a5faca73e8e18b9fd6b5f190a7eb0274ef316038d78dea339e9610ed1b1870636a6ecbe1ed3074301a9fabfa84d879f6d7fa6276170cd15170b8f148
8865686132 fix: adjust conditions in `Check Merge Fast-Forward Only` action (UdjinM6)
Pull request description:
## Issue being fixed or feature implemented
I _think_ we were using the wrong event name since #6190... which is why #6341 is failing atm.
```
V Run git fetch origin master:master
git fetch origin master:master
git checkout master
if [ "pull_request_target" == "pull_request" ]; then
git merge --ff-only 0172b887c0
else
git merge --ff-only d494339b9f
fi
```
https://github.com/dashpay/dash/actions/runs/11474383519/job/31930192140?pr=6341
## What was done?
## How Has This Been Tested?
Pushed these changes to my `develop` https://github.com/UdjinM6/dash/commits/develop/
Created 2 PRs to verify it worked as expected:
- https://github.com/UdjinM6/dash/pull/18
- https://github.com/UdjinM6/dash/pull/19
## Breaking Changes
n/a
## Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [ ] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
Top commit has no ACKs.
Tree-SHA512: fb38b671d072b802eda0cd012df805cfb875e537b3049ee4b254af0b2763ad12e916972509899948d71910ca439c036d63b678e26761ad111e63b65d5e824a2b
f36d1d5b8934aac60d3097047ecedeb58bae2185 Use void* throughout support/lockedpool.h (Jeffrey Czyz)
Pull request description:
Replace uses of char* with void* in Arena's member variables. Instead,
cast to char* where needed in the implementation.
Certain compiler environments disallow std::hash<char*> specializations
to prevent hashing the pointer's value instead of the string contents.
Thus, compilation fails when std::unordered_map is keyed by char*.
Explicitly using void* is a workaround in such environments. For
consistency, void* is used throughout all member variables similarly to
the public interface.
Changes to this code are covered by src/test/allocator_tests.cpp.
ACKs for top commit:
achow101:
ACK f36d1d5b8934aac60d3097047ecedeb58bae2185
theStack:
Code-review ACK f36d1d5b8934aac60d3097047ecedeb58bae2185
jonatack:
ACK f36d1d5b8934aac60d3097047ecedeb58bae2185 review, debug build, unit tests, checked clang 15 raises "error: arithmetic on a pointer to void" without the conversions here from the generic void* pointer back to char*
Tree-SHA512: f9074e6d29ef78c795a512a6e00e9b591e2ff34165d09b73eae9eef25098c59e543c194346fcd4e83185a39c430d43744b6f7f9d1728a132843c67bd27ea5189
4d84eaec82e7b5a450d47cd30e5936a717035f77 Raise PRNG seed log to INFO. (roconnor-blockstream)
Pull request description:
Some build infrastructure, such as Nix, will delete failed builds by default, keeping only the log (stdout/stderr) of the failed build.
For flaky tests, it would be very helpful to have the PRNG seed in the default log in order to redo the failed test.
By simply raising the PRNG seed logging to INFO, we can, by default, record the seed in the log of every build.
ACKs for top commit:
MarcoFalke:
lgtm ACK 4d84eaec82e7b5a450d47cd30e5936a717035f77
theStack:
ACK 4d84eaec82e7b5a450d47cd30e5936a717035f77
Tree-SHA512: 3ccb4a4e7639a3babc3b2a6456a6d0bffc090da34e4545b317f7bfbed4e9950d1b38ea5b2a90c37ccb49b3454bdeff03a6aaf86770b9c4dd14b26320aba50b94
14302a4802e2dbb41f5189de88f99ddd5dda7736 test: fix test abort for high timeout values (and `--timeout-factor 0`) (Sebastian Falbesoner)
Pull request description:
On master, the functional tests's option `--timeout-factor 0` (which according to the test docs and parameter description should disable the RPC timeouts) currently fails, same as high values like `--timeout-factor 999999`:
```
$ ./test/functional/wallet_basic.py --timeout-factor 0
2022-08-29T01:26:39.561000Z TestFramework (INFO): Initializing test directory /tmp/bitcoin_func_test_f24yxzp5
2022-08-29T01:26:40.262000Z TestFramework (ERROR): Assertion failed
Traceback (most recent call last):
File "/home/honey/bitcoin/test/functional/test_framework/test_framework.py", line 549, in start_nodes
node.wait_for_rpc_connection()
File "/home/honey/bitcoin/test/functional/test_framework/test_node.py", line 234, in wait_for_rpc_connection
rpc.getblockcount()
File "/home/honey/bitcoin/test/functional/test_framework/coverage.py", line 49, in __call__
return_val = self.auth_service_proxy_instance.__call__(*args, **kwargs)
File "/home/honey/bitcoin/test/functional/test_framework/authproxy.py", line 142, in __call__
response, status = self._request('POST', self.__url.path, postdata.encode('utf-8'))
File "/home/honey/bitcoin/test/functional/test_framework/authproxy.py", line 107, in _request
self.__conn.request(method, path, postdata, headers)
File "/usr/local/lib/python3.9/http/client.py", line 1285, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/local/lib/python3.9/http/client.py", line 1331, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/local/lib/python3.9/http/client.py", line 1280, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/local/lib/python3.9/http/client.py", line 1040, in _send_output
self.send(msg)
File "/usr/local/lib/python3.9/http/client.py", line 980, in send
self.connect()
File "/usr/local/lib/python3.9/http/client.py", line 946, in connect
self.sock = self._create_connection(
File "/usr/local/lib/python3.9/socket.py", line 844, in create_connection
raise err
File "/usr/local/lib/python3.9/socket.py", line 832, in create_connection
sock.connect(sa)
OSError: [Errno 22] Invalid argument
```
This is caused by a high timeout value that Python's HTTP(S) client library can't cope with. Fix this by clamping down the connection's set timeout value in AuthProxy. The change can easily be tested by running an arbitrary test with `--timeout-factor 0` on master (should fail), on this PR (should pass) and on this PR with the clamping value increased by 1 (should fail).
// EDIT: The behaviour was observed on OpenBSD 7.1 and Python 3.9.12.
ACKs for top commit:
MarcoFalke:
lgtm ACK 14302a4802e2dbb41f5189de88f99ddd5dda7736
Tree-SHA512: 6469e8ac699f1bb7dea11d5fb8b3ae54d895bb908570587c5631144cd41fe980ca0b1e6d0b7bfa07983307cba15fb26ae92e6766375672bf5be838d8e5422dbc
304ae6dc8e2cd63142d34d190f93e95cbe83247a doc: remove mention of "proper signing key" (fanquake)
Pull request description:
This key is no-longer in use: https://lists.linuxfoundation.org/pipermail/bitcoin-core-dev/2023-February/000115.html
> Please remove it from verification pipelines.
ACKs for top commit:
hebasto:
ACK 304ae6dc8e2cd63142d34d190f93e95cbe83247a
Tree-SHA512: 3dfd221a48f69ac56b4568db06b5d5b5d6a60b7d027a26157912219a2073589a0a3934cb30e11a161d48db55d3a637338f96617e3f3b92cb9e60e0d1d1dd372a
906631450df9927e690658184aa8a6b1b3a29ee9 s/transcation/transaction/ (Greg Sanders)
Pull request description:
ACKs for top commit:
fanquake:
ACK 906631450df9927e690658184aa8a6b1b3a29ee9 - looks like other comments are being addressed elsewhere.
Tree-SHA512: c835a14db2e0cf5e0317c95c8c7441df1f7c6cb14be7809fd947e07ea9d23f1f171f111429aabd0509b7f17601bc742041316b18e1135e547a966961f2c65038
588fad868dd49b5baca26170c2adca8544fed04b descriptors: fix docstring (param [in] vs [out]) (SomberNight)
Pull request description:
As in title, these docstrings look incorrect.
ACKs for top commit:
john-moffett:
ACK 588fad868dd49b5baca26170c2adca8544fed04b
Tree-SHA512: 1ab343a1b1fc57a7d6bd8363b84db9d96e8ea11a4cec85bcf79885c9df53da889fe2fb10b1fa92d824ddf0dee800c07353f46f1fea9887d2ad518bed0afebe3d
3a11adc7004d21b3dfe028b190d83add31691c55 Zero out wallet master key upon lock (John Moffett)
Pull request description:
When an encrypted wallet is locked (for instance via the RPC `walletlock`), the documentation indicates that the key is removed from memory:
b92d609fb2/src/wallet/rpc/encrypt.cpp (L157-L158)
However, the vector (a `std::vector<unsigned char, secure_allocator<unsigned char>>`) is merely _cleared_. As it is a member variable, it also stays in scope as long as the wallet is loaded, preventing the secure allocator from deallocating. This allows the key to persist indefinitely in memory. I confirmed this behavior on my macOS machine by using an open-source third party memory inspector ("Bit Slicer"). I was able to find my wallet's master key in Bit Slicer after unlocking and re-locking my encrypted wallet. I then confirmed the key data was at the address in LLDB.
This PR manually fills the bytes with zeroes before calling `clear()` by using our `memory_cleanse` function, which is designed to prevent the compiler from optimizing it away. I confirmed that it does remove the data from memory on my machine upon locking.
Note: An alternative approach could be to call `vMasterKey.shrink_to_fit()` after the `clear()`, which would trigger the secure allocator's deallocation. However, `shrink_to_fit()` is not _guaranteed_ to actually change the vector's capacity, so I think it's unwise to rely on it.
## Edit: A little more clarity on why this is an improvement.
Since `mlock`ed memory is guaranteed not to be swapped to disk and our threat model doesn't consider a super-user monitoring the memory in realtime, why is this an improvement? Most importantly, consider hibernation. Even `mlock`ed memory may get written to disk. From the `mlock` [manpage](https://man7.org/linux/man-pages/man2/mlock.2.html):
> (But be aware that the suspend mode on laptops and some desktop computers will save a copy of the system's RAM to disk, regardless of memory locks.)
As far as I can tell, this is true of [Windows](https://web.archive.org/web/20190127110059/https://blogs.msdn.microsoft.com/oldnewthing/20140207-00/?p=1833#:~:text=%5BThere%20does%20not%20appear%20to%20be%20any%20guarantee%20that%20the%20memory%20won%27t%20be%20written%20to%20disk%20while%20locked.%20As%20you%20noted%2C%20the%20machine%20may%20be%20hibernated%2C%20or%20it%20may%20be%20running%20in%20a%20VM%20that%20gets%20snapshotted.%20%2DRaymond%5D) and macOS as well.
Therefore, a user with a strong OS password and a strong wallet passphrase could still have their keys stolen if a thief takes their (hibernated) machine and reads the permanent storage.
ACKs for top commit:
S3RK:
Code review ACK 3a11adc7004d21b3dfe028b190d83add31691c55
achow101:
ACK 3a11adc7004d21b3dfe028b190d83add31691c55
Tree-SHA512: c4e3dab452ad051da74855a13aa711892c9b34c43cc43a45a3b1688ab044e75d715b42843c229219761913b4861abccbcc8d5cb6ac54957d74f6e357f04e8730
83003ffe049a432f6fa4127e054f073127e70b90 refactor: replace RecursiveMutex `m_most_recent_block_mutex` with Mutex (Sebastian Falbesoner)
8edd0d31ac683378135a9839e5d4172b82f8f5b8 refactor: reduce scope of lock `m_most_recent_block_mutex` (Sebastian Falbesoner)
Pull request description:
This PR is related to #19303 and gets rid of the RecursiveMutex `m_most_recent_block_mutex`. All of the critical sections (5 in total) only directly access the guarded elements, i.e. it is not possible that within one section another one is called, and we can use a regular Mutex:
b019cdc036/src/net_processing.cpp (L1650-L1655)b019cdc036/src/net_processing.cpp (L1861-L1865)b019cdc036/src/net_processing.cpp (L3149-L3152)b019cdc036/src/net_processing.cpp (L3201-L3206)b019cdc036/src/net_processing.cpp (L4763-L4769)
The scope of the last critical section is reduced in the first commit, in order to avoid calling the non-trivial method `CConnman::PushMessage` while the lock is held.
ACKs for top commit:
furszy:
Code ACK 83003ffe with a small comment.
hebasto:
ACK 83003ffe049a432f6fa4127e054f073127e70b90
w0xlt:
ACK 83003ffe04
Tree-SHA512: 3df290cafd2f6c4d40afb9f14e822a77d9c1828e66f5e2233f3ac1deccc2b0a8290bc5fb8eb992f49d39e887b50bc0e9aad63e05db2d870791a8d409fb95695f
654284209f30fd309c326a527cda1d2d7385cee8 Add clang lifetimebound section to developer notes (Jon Atack)
e66b321fd1ddfffd9bfc59d407ad8f03490b873c Add C++ functions and methods section to developer notes (Jon Atack)
5fca70f5b16fee4a732a1d7fd3fb1c7e775decdf Link in developer notes style to internal interface exception (Jon Atack)
fc4cb857ccfa622e76f0f8e7aa164ca4d8bd599a Prefer Python for scripts in developer notes (Jon Atack)
370120ec2ff4b5e7d5cd6678a7be7cfe651be509 Remove obsolete BDB ENABLE_WALLET section in developer notes (Jon Atack)
Pull request description:
A few updates noticed while working on a lifetimebound section.
- Remove obsolete BDB ENABLE_WALLET section (only one file, src/wallet/bdb.h, still has a `db_cxx.h` BDB header)
- Prefer Python for scripts in developer notes (and a few miscellaneous touch-ups)
- In the code style section, add a link to the internal interface exception so that people are aware of it
- Add a "C++ functions and methods" section
- Add a Clang `lifetimebound` attribute section
ACKs for top commit:
laanwj:
ACK 654284209f30fd309c326a527cda1d2d7385cee8
jarolrod:
code review ACK 654284209f
Tree-SHA512: d2ae335cac899451d5c7bdc8e94fd82053a5f44ac1ba444bdde71abaaa24a519713c1078f3a8f07ec8466b181788a613fd3c68061e54b3fdc8cd6f3e3f9791ec
fa82a1ed833fd749849fa19267207b63e338d84d lint: Mention NONFATAL_UNREACHABLE in lint-assertions.py (MacroFake)
Pull request description:
Follow up to commit b1c5991eebb916755be188f355ad36fe01a3f529. Also remove empty newline added in that commit.
ACKs for top commit:
fanquake:
ACK fa82a1ed833fd749849fa19267207b63e338d84d
Tree-SHA512: cf398eceb135672137183bfa19ee57a82553a3dbcbce74db954c6fcd79f9606092cc0d8217610fe6cd67b7ef2d4f01d90329f0f568516d9b14aa2cd0f0715478
9ae854da193f3c4bda38a75e96f9b989b289baab depends: no-longer nuke libc++abi.so* in native_clang package (fanquake)
Pull request description:
We weren't copying it over in any case.
ACKs for top commit:
hebasto:
ACK 9ae854da193f3c4bda38a75e96f9b989b289baab
theuni:
Sure. utACK no-op 9ae854da193f3c4bda38a75e96f9b989b289baab.
Tree-SHA512: 3cc7f18f27c1b498f930bc1a09283aa04ba673d3c1a5220d8462213f0a06b74bc34989f23404402850de518cba35ddab900a54f7f0fac112fc86664e4155f8cb
bc4fd49d09dec3791b0acd4ada285b2287361d14 depends: add _LIBCPP_ENABLE_ASSERTIONS to DEBUG mode (fanquake)
cf266b2270081f05a277ba683f00de90a741112f depends: Remove _LIBCPP_DEBUG from depends DEBUG mode (fanquake)
Pull request description:
It was deprecated in LLVM 15, turned into compile-time error in LLVM 16:
```bash
In file included from /usr/lib/llvm-16/bin/../include/c++/v1/cassert:19:
/usr/lib/llvm-16/bin/../include/c++/v1/__assert:22:5: error: "Defining _LIBCPP_DEBUG is not supported anymore.
Please use _LIBCPP_ENABLE_DEBUG_MODE instead."
^
1 error generated.
```
and has been removed entirely in LLVM 17 (main): ff573a42cd.
[Building libc++ in debug mode](https://releases.llvm.org/16.0.0/projects/libcxx/docs/DesignDocs/DebugMode.html), will also automatically set
`_LIBCPP_ENABLE_DEBUG_MODE` (the new define), so adding it to depends
doesn't seem useful, and would just result in redefinition errors.
I'm wondering if as a followup, we could enable a DEBUG build of libc++
in our MSAN CI job? i.e https://github.com/fanquake/bitcoin/tree/msan_with_enable_debug_mode.
Somewhat related to https://github.com/google/oss-fuzz/pull/9828, where
it looks like we'll have to sort out getting a DEBUG build of LLVM, and can drop the commentary about re-enabling DEBUG=1.
ACKs for top commit:
MarcoFalke:
lgtm Approach ACK bc4fd49d09dec3791b0acd4ada285b2287361d14
Tree-SHA512: 9c0f48fc428278fbf34fbb8f81e761e232506d7ab28e971cb9a9b9a81d549b4d8bbe51e2f7608d56e489428679231da5b7431443849b238a8a993ad241740282
499c46439418237a77c2a764cde47ad8dc893b0f doc: update DataDirectoryGroupReadable 1 in tor.md (Jesse Barton)
Pull request description:
Updating tor.md doc to include mention of FreeBSD requiring the DataDirectoryGroupReadable be set to 1.
Default per the FreeBSD man page is 0.
DataDirectoryGroupReadable 0|1
If this option is set to 0, don't allow the filesystem groupto
readthe DataDirectory. If the option is setto 1, make the
DataDirectory readable by the default GID. (Default:0)
ACKs for top commit:
vasild:
ACK 499c46439418237a77c2a764cde47ad8dc893b0f
Tree-SHA512: 8750b49cd04e900435c7991d1a24641fd1171227c1f14ed59afb157f24c1ca60380d30aecfb174ca46fd5b4b99dcdb3a1cfd019aafc343362e8103abf7c17e6a
71b3e9b0ade9680f6847e93785225c5927929336 sanitizers: remove GetRNGState lsan suppression (fanquake)
Pull request description:
I am no-longer seeing this, testing with the native_asan job over `x86_64` (Ubuntu 22.04) and `aarch64` (Fedora 37).
Can anyone recreate the false-positive?
ACKs for top commit:
MarcoFalke:
lgtm ACK 71b3e9b0ade9680f6847e93785225c5927929336
hebasto:
ACK 71b3e9b0ade9680f6847e93785225c5927929336, tested on Ubuntu 22.04 x86_64.
Tree-SHA512: 63020327d61acd6c94c6c278c9c4d72aedc10253fa172bcf9353bcad4c28d068bee824969eb3ce92152244831df8fe92cffae536453c8073a4fda74dfdfbcefa
ea7ec7808745805c0a18513d7da271dedb2de3f1 refactor: Drop no longer used `CNetMsgMaker` instances (Hennadii Stepanov)
Pull request description:
The removed lines have been unused since the abf5d16c24 commit from https://github.com/bitcoin/bitcoin/pull/25454.
ACKs for top commit:
dergoegge:
utACK ea7ec7808745805c0a18513d7da271dedb2de3f1
Sjors:
ACK ea7ec7808745805c0a18513d7da271dedb2de3f1
TheCharlatan:
ACK ea7ec7808745805c0a18513d7da271dedb2de3f1
Tree-SHA512: 9a2a9ff3f124b68a8cd20a637e90885096996c3aa354a4d8adbec98f5761e9e826c1c064ccd90aaf6d72beac61dd9e22c8b76d089e18bba6e0ad51e59a9c7df8
9cbc1c279247800d79c5f6f95c0c2d8f387aac0a depends: make fontconfig build under clang-16 (fanquake)
Pull request description:
Use the same workaround we've applied to qrencode, and other packages. Fontconfig not building is currently a blocker for fuzz/sanitizer infra upgrades (#27298).
For now, this is also more straightforward than bumping the package, which introduces more complexity/usage of gperf.
Closes: #27299.
ACKs for top commit:
hebasto:
ACK 9cbc1c279247800d79c5f6f95c0c2d8f387aac0a
Tree-SHA512: 387ea1a73e3429f166ef5278305a56cb3c69b6e3fc8a21a66521738e313e3fe783f042759b396cd88e28c10918a4427fb836a8dfecc5a846723b6f6c6a7ade51
87afcb0029b8dab933c122fb8f7263c2e7272731 depends: fix osx build with clang 16 (Cory Fields)
Pull request description:
Current build (using forced system clang as a test) results in:
> error: unknown argument: '-internal-externc-isystem/opt/clang+llvm-16.0.0-x86_64-linux-gnu-ubuntu-18.04/lib/clang/16/include'
For some reason the previous syntax worked with clang 15 and below, but clang 16 requires that the option and value are properly separated.
See [here for an example of upstream using this syntax](https://github.com/llvm/llvm-project/blob/main/clang/test/Driver/crash-report-with-asserts.c#L9).
There is no change in behavior for previous versions.
I'm seeing an additional unrelated problem with linking with system clang, but I'll PR the solution to that separately as it's not as straightforward as this.
ACKs for top commit:
TheCharlatan:
ACK 87afcb0029b8dab933c122fb8f7263c2e7272731
hebasto:
ACK 87afcb0029b8dab933c122fb8f7263c2e7272731
Tree-SHA512: 127037c888c37c6ccd9679e96da34037cc43ccdc07915865a0a5494edb62633e83fc1bd6b1c4bb7a0322f5b59622e10090a31987f38496fb6b306488e9941594
d627a6ee52 chore: bump version to 21.1.1 (pasta)
5f9700c69a docs: release notes for v21.1.1 (pasta)
1c00726aca Merge #6277: chore: add builder key for kittywhiskers (pasta)
a2bc0f1b1b Merge #6290: chore: update pasta gpg key to reflect new subkeys (pasta)
167608c7c7 Merge #6338: ci: attest results of guix builds (pasta)
6fb4e49ae5 Merge #6197: ci: always build guix, save artifacts (pasta)
c0ca93cf7a Merge #6340: fix: make 6336 compile in v21.1.x branch, using older CHECK_NONFATAL functionality (pasta)
bb96df428f Merge #6336: fix: rpc getblock and getblockstats for blocks with withdrawal transactions (asset unlock) (pasta)
8e70262db4 Merge #6131: feat: make a support of Qt app to show Platform transfer Tx (pasta)
80ed27914e Merge #6328: backport: bitcoin/bitcoin#30131, #23258, #30504 - fix bild for Ubuntu 24.10 + clang (pasta)
bd772fbe8f Merge #6229: fix: `creditOutputs` in AssetLock tx json output should be an array of objects, not debug strings (pasta)
9bf39a93d3 Merge #6222: fix: adjust payee predictions after mn_rr activation, add tests (pasta)
87bebfc246 Merge #6219: fix: correct is_snapshot_cs in VerifyDB (pasta)
a4e6b8a993 Merge #6208: fix: persist coinjoin denoms options from gui over restarts (pasta)
Pull request description:
## Issue being fixed or feature implemented
See commits, backports, release notes, version bump
## What was done?
## How Has This Been Tested?
## Breaking Changes
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [ ] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
knst:
utACK d627a6ee52
kwvg:
ACK d627a6ee52
UdjinM6:
utACK d627a6ee52
ogabrielides:
utACK d627a6e
Tree-SHA512: cde7e40760e16e9f48da8149c3742d18a34029b057405e4d55b87110da96acbcd19b47280451dd7b5ad1ccfc91fde655452cf5f0f0d1e01a41b4c685337c64b8
315fcea834 chore: add builder key for kittywhiskers (Kittywhiskers Van Gogh)
Pull request description:
## Additional Information
Key ID `30CD 0C06 5E5C 4AAD`. Same key registered with Keybase ([source](https://keybase.io/kittywhiskers/pgp_keys.asc?fingerprint=969187a8e74fe40a8a48067430cd0c065e5c4aad)) and used to sign commits on GitHub. PGP key named after Keybase username.
ACKs for top commit:
UdjinM6:
utACK 315fcea834
knst:
ACK 315fcea834
PastaPastaPasta:
utACK 315fcea834
Tree-SHA512: f566c514831cfaf0a8bf95ebfb8aa5629474bdf0b88fd8948d4c1d3f1340ccdd3a9c67c817bd08d2f4d2e477b1599bf4fd148ad50fe68357d24feba651d832f7
c3f2474898 chore: update pasta gpg key to reflect new subkeys (pasta)
Pull request description:
## Issue being fixed or feature implemented
I've added 2 subkeys to my GPG key `29590362EC878A81FD3C202B52527BEDABE87984` to better follow best practices, which avoids using your primary key whenever possible. All future git commit signing, and potentially releases will be signed by a subkey instead of the primary key.
These updated subkeys keys are now included on all the major keyservers
hkps://keyserver.ubuntu.com
hkps://pgp.mit.edu
hkps://keyserver.ubuntu.com
keybase has 1 of the 2 subkeys already, will add the other soon.
## What was done?
## How Has This Been Tested?
## Breaking Changes
Users who validate my signatures may have to refresh the key from keyservers via `gpg --refresh-keys` or pull down from keybase via `curl https://keybase.io/pasta/pgp_keys.asc | gpg --import`
## Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
UdjinM6:
utACK c3f2474898
Tree-SHA512: 87d33caceb1973a54877c5d5a8b85a48e1373b7709698efc793598bf7453608979bfe1c75e4ea0c9ec852c0343b43b06357c58f6c4fbf72915eb910788cc705f
cd712e86b7 ci: attest results of guix builds (pasta)
Pull request description:
## Issue being fixed or feature implemented
This simply adds attestations to guix results by GitHub. This way, not only can someone verify that all us developers agree, but also that GitHub hosted runners agree :)
## What was done?
Add actions/attest-build-provenance to guix-build CI
## How Has This Been Tested?
see: https://github.com/PastaPastaPasta/dash/actions/runs/11239755631
## Breaking Changes
None
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
UdjinM6:
utACK cd712e86b7
Tree-SHA512: b590ee2cf29aa57f78cb68c22d5327e8c9272d63d523c3b64fbbdffabb90981a6b6505c5f511bde19310ea1d8c96fc6d181359a7d7a0672612473110cbe079ef
770651aa15 set hosts in guix-check (pasta)
580bbe6d1c feat: improve guix building; run always, save artifacts (pasta)
101a31555f refactor: simplify caching setup, add a restore key to actually cache besides 1 run (pasta)
1b139e4837 feat: automatically run guix-build on all tags pushed (pasta)
Pull request description:
## Issue being fixed or feature implemented
Previously, we only ran guix on 1 machine for all hosts; this slowed it down a lot. Let's move to GitHub action runners, but run them all separately. Then upload the artifacts.
In the future there is significant caching I can add that should help a lot more. But currently, takes about 1 hour
## What was done?
## How Has This Been Tested?
see: https://github.com/PastaPastaPasta/dash/actions/runs/10345024600
## Breaking Changes
None
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
UdjinM6:
utACK 770651aa15
Tree-SHA512: 639b95c3b6a26f205ed00c138a9189f915cfc36a815516035e59ceda82675414b1bd31a361b33449b5e4c58a7655f3a7d616b362c23f7fa75e72b1284be06b9e
a7bbcc823d fix: make 6336 compile in v21.1.x branch, using older CHECK_NONFATAL functionality (pasta)
Pull request description:
## Issue being fixed or feature implemented
Resolve build failures when 6336 is back ported
## What was done?
Use older functionality of CHECK_NONFATAL
## How Has This Been Tested?
built on both branches
## Breaking Changes
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
knst:
utACK a7bbcc823d
UdjinM6:
utACK a7bbcc823d (#6339 compiles with this one applied on top of it)
kwvg:
utACK a7bbcc823d
Tree-SHA512: 17b6d8223f653eaafa6ef9d1a4e8fc14ca1fe1623fbb13d23a9429e87a64c8fae3ddaf6d2d8d5a52138ab712a36949662b38a8a9cbbc5db3618ce24f565f6f2a
a7bbcc823d fix: make 6336 compile in v21.1.x branch, using older CHECK_NONFATAL functionality (pasta)
Pull request description:
## Issue being fixed or feature implemented
Resolve build failures when 6336 is back ported
## What was done?
Use older functionality of CHECK_NONFATAL
## How Has This Been Tested?
built on both branches
## Breaking Changes
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
knst:
utACK a7bbcc823d
UdjinM6:
utACK a7bbcc823d (#6339 compiles with this one applied on top of it)
kwvg:
utACK a7bbcc823d
Tree-SHA512: 17b6d8223f653eaafa6ef9d1a4e8fc14ca1fe1623fbb13d23a9429e87a64c8fae3ddaf6d2d8d5a52138ab712a36949662b38a8a9cbbc5db3618ce24f565f6f2a