From c8a7f769805dc53f746ed75b7a4ff9f4296d0b61 Mon Sep 17 00:00:00 2001
From: "M. Mert Yildiran" <mehmet@up9.com>
Date: Thu, 9 Jun 2022 07:24:55 +0300
Subject: [PATCH] Update the comments

---
 tap/tlstapper/bpf/go_uprobes.c  |  31 +++++++++++++++++++------------
 tap/tlstapper/tlstapper_bpfeb.o | Bin 155784 -> 155800 bytes
 tap/tlstapper/tlstapper_bpfel.o | Bin 156600 -> 156616 bytes
 3 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/tap/tlstapper/bpf/go_uprobes.c b/tap/tlstapper/bpf/go_uprobes.c
index be207f56d..5710b3f16 100644
--- a/tap/tlstapper/bpf/go_uprobes.c
+++ b/tap/tlstapper/bpf/go_uprobes.c
@@ -8,23 +8,28 @@ Copyright (C) UP9 Inc.
 
 README
 
-Go does not follow any platform ABI like x86-64 ABI.
-Before 1.17, Go followed stack-based Plan9 (Bell Labs) calling convention.
-After 1.17, Go switched to an internal register-based calling convention. (Go internal ABI)
-The probes in this file supports Go 1.17+
+Go does not follow any platform ABI like x86-64 System V ABI.
+Before 1.17, Go followed stack-based Plan9 (Bell Labs) calling convention. (ABI0)
+After 1.17, Go switched to an internal register-based calling convention. (ABIInternal)
+For now, the probes in this file supports only ABIInternal (Go 1.17+)
 
 `uretprobe` in Linux kernel uses trampoline pattern to jump to original return
 address of the probed function. A Goroutine's stack size is 2Kb while a C thread is 2MB on Linux.
-If stack size exceeds 2Kb, Go runtime reallocates the stack. That causes the
-return address to become wrong in case of `uretprobe` and probed Go program crashes.
+If stack size exceeds 2Kb, Go runtime relocates the stack. That causes the
+return address to become incorrect in case of `uretprobe` and probed Go program crashes.
 Therefore `uretprobe` CAN'T BE USED for a Go program.
 
 `_ex_uprobe` suffixed probes suppose to be `uretprobe`(s) are actually `uprobe`(s)
-because of the non-standard ABI of Go. Therefore we probe `ret` mnemonics under the symbol
+because of the non-standard ABI of Go. Therefore we probe all `ret` mnemonics under the symbol
 by automatically finding them through reading the ELF binary and disassembling the symbols.
-Disassembly related code located in `go_offsets.go` file.
-Example: We probe an arbitrary point in a function body (offset +559):
-https://github.com/golang/go/blob/go1.17.6/src/crypto/tls/conn.go#L1296
+Disassembly related code located in `go_offsets.go` file and it uses Capstone Engine.
+Solution based on: https://github.com/iovisor/bcc/issues/1320#issuecomment-407927542
+*Example* We probe an arbitrary point in a function body (offset +559):
+https://github.com/golang/go/blob/go1.17.6/src/crypto/tls/conn.go#L1299
+
+We get the file descriptor using the common $rax register that holds the address
+of `go.itab.*net.TCPConn,net.Conn` and through a series of dereferencing
+using `bpf_probe_read` calls in `go_crypto_tls_get_fd_from_tcp_conn` function.
 
 ---
 
@@ -39,6 +44,8 @@ Proposal of Register-based Go calling convention: https://go.googlesource.com/pr
 Go internal ABI (1.17) specification: https://go.googlesource.com/go/+/refs/heads/dev.regabi/src/cmd/compile/internal-abi.md
 Go internal ABI (current) specification: https://go.googlesource.com/go/+/refs/heads/master/src/cmd/compile/abi-internal.md
 A Quick Guide to Go's Assembler: https://go.googlesource.com/go/+/refs/heads/dev.regabi/doc/asm.html
+Dissecting Go Binaries: https://www.grant.pizza/blog/dissecting-go-binaries/
+Capstone Engine: https://www.capstone-engine.org/
 */
 
 #include "include/headers.h"
@@ -51,7 +58,7 @@ A Quick Guide to Go's Assembler: https://go.googlesource.com/go/+/refs/heads/dev
 #include "include/go_abi_internal.h"
 #include "include/go_types.h"
 
-static __always_inline __u32 get_fd_from_tcp_conn(struct pt_regs *ctx) {
+static __always_inline __u32 go_crypto_tls_get_fd_from_tcp_conn(struct pt_regs *ctx) {
     struct go_interface conn;
     long err = bpf_probe_read(&conn, sizeof(conn), (void*)GO_ABI_INTERNAL_PT_REGS_R1(ctx));
     if (err != 0) {
@@ -84,7 +91,7 @@ static __always_inline void go_crypto_tls_uprobe(struct pt_regs *ctx, struct bpf
 
     info.buffer_len = GO_ABI_INTERNAL_PT_REGS_R2(ctx);
     info.buffer = (void*)GO_ABI_INTERNAL_PT_REGS_R4(ctx);
-    info.fd = get_fd_from_tcp_conn(ctx);
+    info.fd = go_crypto_tls_get_fd_from_tcp_conn(ctx);
 
     __u64 pid_fp = pid << 32 | GO_ABI_INTERNAL_PT_REGS_GP(ctx);
     long err = bpf_map_update_elem(go_context, &pid_fp, &info, BPF_ANY);
diff --git a/tap/tlstapper/tlstapper_bpfeb.o b/tap/tlstapper/tlstapper_bpfeb.o
index c9f63bac6b1aab7b883371c64d0a5340bf411ceb..2a68d1638b5e6bbb097388b5856162f743c48eae 100644
GIT binary patch
delta 4668
zcmeHKZET#y5uVxif^6y#o1A@T$M)UX0Zzmvmy!?D0I}0hk^-$;OymT|b_t0Ni4Q}L
zkPw1Rutbnt$<`sQky2t+RJBUdLL5PYT**dJ<+e&1V#i9QSTa%t*Q!6FimEO$f@gO3
zj`t3N+CP;lb)~)CXJ>Y2=h>Nk_YO}K4^0#gtmI2?B?9O8+~}HfHwE~g=^Ym$yd`}Q
zzemzPy%4IL4-hRPqBv2-H_)y^MX9JypS=*eVI8`+qK;!^Jz7W^O+|ANeo?-K{@v-~
zsg<ibN~~zL3@iB|!tC(cuUmg{-umgEOhx#6>ElzO%FnJkYj!HMxEyP{T~*bld3puk
znEvK;=!Tat%Y!V8UFG?Lv1?JAh?X5mKQbLzHSBiVjM40FHxWg`|AF1v=?LGF{uFk<
z|8Lp7?P6rtPG@%uQQh0lRuEe_fGRsise2DU(vPD52iI>x+w1yW7@u){jMdFu2Y_-9
zDh{XaFX^)vBh5?lN9(H!aH0U;Re-mqYi5?+vD=+94z&Jpr_pNd)bB5tF;IYio_>1f
zrm|nU(d};5X!`g}sPgm@8!Z^5t@48cI_f9Vvoj(7-RM7Ne!Fz>6P-Js+TWdeqBHgA
zp3c#C|GKfPM;4O+lyWmsc{|!HZU8>v!?z#`9`oTf2n@Fij1t{ORMqH{--+mW%ZE22
z9-4gkyNHx%YV_d3Z+=v#5Mo3irwkfp&l0y(0AtYLH;7wx`w#fn+@?!fctdk{2;0m`
zKO*i%1as7CUtdd{sscs^%4~znfD;b45iRKc7LN2RlwufA)UMqD$BTixoZ3m^AjWy0
z4<n3t=nMU@=np&jzla-F0FU_aTHsSYEb{Rj?%@Vm@Vp(64J2g2jKxdW!S-UCO|rqI
zj}!NXfwAcvjsjyWhiipXAIAF1`JG#@#mRrQl(-Lzsct(U8|c?#KjhcGt-{w31tmB>
zL`4w;!3I)@iM(SvR&Y#jnq%rY2|sA=i+!BI9_fk?M}g;k82gs6%ldIfc)`|k81u8|
z9o$Mh83RsOd2kpM3U5sgkJ0t~XH3qXr1<qWJ$*m-8xP=_I%QSM7vZjYC)LWWC95U!
zZ$(8BtL1x1p~-Xh|1p`1ArO;2oBu*gw(sO4x66Ux?97$qi^}ppl9C(Le|h}xL}h9h
zqEbBgQd9<aBP#Ec`xcjml!^h=Ul4T(z)dMw{hsJy+!2Iu&tb^S7hB|iCwf%A?g^3W
z$DZb+yRyTuNayV|^lZ6gam6grb2S*cVsR1rebAQ_6*EOo5e>mCM=ibvkAz{7$1M)s
ztWWRZdlo?z-QpClctE<nL?`7U9(P)T@r;lQP*%;!aRD0q3egyxQK*8&${FFQ)X6XF
zms8HlW&I~uc?4S7;<Z^Vo`aj%xcOB1s0=^vK6Gw%P|1OODmeg|k4i52N-DVoo4Oj6
z;kSva^Qq+JLKUVsD!DPAN|rFsQdt?$Pwur&qC2rSM<uuBQ^~FQR9bn)TB&@HxE;>;
zsN{!XB}--H>$>?FXXSN0_{>$Q<Zf)-eC1<s0Hvw}wHM(b02TyGR33Iz=CGsEU_|AB
zqq3?)-|;LT?U89REL2XqWygp{@SzuKjTyl>dqR{Ne3{5(`kW8r9VAhk)0c+=<{115
z;!UVdSS;~0CR8^fwnSms7QJOZSg_q!(cOkFWBEyVZQe3?!$>jOGsaS$*B=*n{c(ZU
z3;AB(<-A@Hug}|M&HD1=ysR!Ijz)o<SI9+<i~hXTuYO3!4)A)}G`c@Vca3z9;(I8*
zx>c+3NZPD`GdbV6MSORw)-2QSAF!^Y8+(q|%ZX%*m$0)y1&@OY4~z)~HQR`jD}h^l
z7*@P4hX?UAgB34XfcH6k0xuARu{YrGS>jhfu{TWAV+>>!Mtlll;Jn4PmBdHzOz|99
zwF$hx@b>fOocsa2&jdTS$raC$XY`}yscalFxCpou|F!%Z2!!2&dx(#TLX*XaAwCHY
z1Dl<ELJuCaJl0O=4-WFW`=Ck7QBh>Y$ZnH${;*NO{IF3$Sde>1^pO>+IzMb&vZ!hp
z&W26oXLy{+W6Uv8HAZT+B+r~(#^6%mjKh~nHH!WfAC}~C%-}Lsx62KKA=!q(a>HPa
zwZ;!;P%bKi-y^k2BF-@ZX4JjdAh%d~bcsIQW0^s>xHp$vstq=xDcEU3MUmB_uafE&
z044<EN>P0UEcHR=XQ@A*C6`>P-^Y@yXo_PgI)%4j3?q&OB$pZ&eaAv<xgLDMCKtNz
zqbtc3dx+E}UvkCXAT@`m^d*<di0f|E*sN|oWL-yh@X%G0%e&W?Ty@o?7Vr-Cnk)qd
zV^z-)TyuiFQc0dSt-R(ec~ME8afh?=NuOMD2fH%Kh2-(#l042?1i!Z$$r6D7!g<|B
z@)`uYGr+JZxm*zaDCDT3Z{|ZckjURapwY?q;NlQ@7lq6OgoxJ!j{-?&uv35VqUEWs
zQ?Kgd``<a#$Hy=7jXJSit>f?L<aV`z_vw-C>P~g6NM{7bb^JjzLpmu<n;wy7QfH(&
ztmExy=5<n<Q+h<2xXwtE(eWJyC8dE(nt7d(2J<@5WOP!R&3Z(d!#dLeyYCk1c&8an
eN;9cPq#4qgP6#(a*rhfUZ?aS^8PMI^RQPkU0Ivi9

delta 4664
zcmeHKduW_R5TDua)TXAI+9Y>LlicO17;QDFP0iI-d-WM<Yg0WnR%-*cB|gC7^R$+$
zF-XBG(JO8hH3cgM>XQUKQ85LzQ7{dCgo+e{h(-~N^>so7f3v%H{qD4)e~IA2ce}rx
z`F3W0JG0;3_T430c9--t^3dx|fngr(pFezhfWJ<!-WTSD=}q{3EdA`hVAVGPqT`6D
zfvDm)^mFl`RaT@w-WNRW3=HSt8N|$4=pkivmGh?H7wsI37o<z}H_mM<wW4O3R`NsC
zLKJHFtM#W9te<{#f0!4gU)~?A`u>=29o`?Db^_LRUR9T+`M_)rrO!GLJncTb<v|uI
zjs<g5@x+N{K9;`uKzQyG&f6uJ&3St<QF!V<uzUDGm?P=mU^o7^>@GMMPF?NnUQQJ4
zbGFLi!bUtNiZ7TSz>kb07{BAjarB$rxC8S;Zj8C;zLNmZmg2$YL_aOUKODvBJqIi1
zmLA2TKPy^<TZ(XNx^{Ht`R#7Uv9+^0oJPW0oONr_8(l?Mr|%v;efl$Qc9nbUh4jm#
z!Kz&++q}UfT_ZneAZAv7`tWFw-|GKq^n)4wAAYlBdP*el*R(US!&mt59N?Wkd^YlO
zjStU9QY`b~1w_?YBfs7S$c*QG_(J3Yayu`-6j>5k-~Y(uJ6A?|5&{Ap)8lyVCvL6;
zM$Q?$i#VolS;4RJB3<3ai<cyVSSBa^ia1dL9I@J`)DgE=12_2abl@h3+lj{X(`_71
zjg?^<P>f7nP4q<xaEDVv%49LmNgqZE@%E$olcK-F$$up-n+@FO!{-8Ld|2dzd7R=h
zS#ZQozyU6o1;;I((L#K~G+RmH;EWF9wIN_QoyQSi%;j;NaO%TYUo{o2*XHn!8N{7f
zOl`0e;=l&|(Mo>qJf1wBNNR|_lpiZEuQRp_wyCFRo3@#4N^M6RH0JEU?>_iQ6FwXP
z&iXL?mNd-8(I>pXwLHfAx&1D0C4Q+MxXH@PpCBF(-r^3wLZ|Q$Ue4{L#5JNnzlyh-
z2oRadIMrW>zj&i7!HLpl$^3bE(8Ov*C#h2f{GXHmeoo$U6F;*^HUxWTjwD}JR_rDf
zE83|4PF8lULsm)zf5^({dSvBtId5@jNUQ9^^Au5s0A!_L^%2opoDqa{&tu5s<TUsQ
z(QP;z3AIw$r8nNqz3b#PnTACgv1%CEcF5w&y+jYxVrs(TDHwM{UrJP#opJ}!c9`Xe
z#m9R@J4D`Kaj-`3xs#V32UQG%ck%42Wr(*1<RBh&T7q$fkONRw&CACfewgTO1f%eX
zT&%nYD{=rD{b8-|a#n`*SFmz3v~taBw^}@gFyXlQRQae3ZEznVw>qfgKp~YJfXqiF
zm;Nc0TneX-MP;auxTcUwmNfQJ$+1EzIWF=B>wf5Gow~;ciQ(RR@>Fu7kV;MzQfcMm
zc9p8-_?93TAC<foR&rEUJ*ijRYpr0|d+#x+<PC7#eC6vc(ba9h*vM{yupn5na*Lxf
zk0BE(4L(BD<EX4|(@XE?-juv1(?aEtRjYo5s1F}{q1KoYTn3CRHF%ilCHel0`7mxi
zlC^n#xhUWrgTF<-3Dr#&OFq3VRL788qA+uzzV<$_V23YacpZj}<%bZpxyxLL<<X2b
z+?){Li~7f+sDCVqda^L;OR&5|EnnMQl(M2}F3K839Eo5Cw!|!IksCxmYjI6NH*VyG
z;xvZ0V>n-ikK=nNv5q*cPl#I;@VLc@o!cb#35#o|>CZOW&@pU$fEUV+<eJxHwLk?A
zf(j3ei7&NFaf4_C#yF2*#p`hRA>1fn#p^7>Nr!h5cO#9x9*5s0-Uf=j9YiU!U{0aW
zryvGKEUr6|SgydHBdacoy9Vxl-k6hLhWnXd7dE-(Ir5Bt#9WR|00vJ1F2nyUzXO4g
zTW}pNAEFSqSa=*jgn?Ek@7KMXERS{l`nyfsviuy_G&c#W5pF+vixLYc7FAxDHmV#J
ze8r+_3e(0Fi>iU)T-t=Uk(wjL;Fv)1sAegiF>BV~GT?EChw;%7{RtnI;&II2FjkA?
zgu#@!X|S9ySmRuo$QhJ_%HRP~7fZ%DCcunZ1_v3sB9E}%ld{ZU7~GsMF4Ybjk@c_>
z$Af0HA0f3_0GJRgEOi&L)D4-RrLBc5T_Ud?A+^=VlB{T&V=3}J?t=B0nXqP1TxwAC
z9Sil9y7xg_To`_ap%hnrg47{jan(OdY7ANFD=syTRdU5uzgMs5vY}(x+jY$1@|O9E
z3x6TiB<{gp-1=rPR`ndgwL8fxlj3>J%4^>xFCxV==x|Ox<daM7AXZacC?2mtipK?u
z<oB9UECIwXoJX6<n<Lom0j5pM*MjIrAjc#6=6&b}nhG5V#GHH`4i1rbP|&=96!GGS
zDA4H)uGHT>WO<6N)Qh|MsyDWE^R9y&((zTQh3D(!Dz%t9b!L^iK<&!vtiX_tU5{>y
zPD<CRGty;rR=T8)-GFXfC#CDt8R<egE8QU-TWwHMI>@9O*IDWC-i_!E>7;Zqosll7
pvp2%-n^_%OV`h`mWpqZmEjqgf!iym6P>V~NEmbG?=*`!u(C_n6sdNAU

diff --git a/tap/tlstapper/tlstapper_bpfel.o b/tap/tlstapper/tlstapper_bpfel.o
index b9d5a9a2d28a5b3da78e91ce87973d8b6a4a88f3..bf73cf26924096284767fc3b85e3a57224fbe038 100644
GIT binary patch
delta 4939
zcmeH~e`u9e7{||f@AYzZ&fV*eIj7sb{-9mlvRSq*mU=g|<`2fEo6euJX<|?|bm%nk
zu9|2iv2mqSAvwZIH2UF0SBXrKoJHjbZH2=Ah_YWK5wt?I@AJIRyS;nCD1;#Bz<JO4
zJm-1OInVPx&w1as<J{1$b3<EVR&eRNQwzKGr|os!Iez_H^4W_KJui9qVkEJDj8a;u
z;diS3V&$XT2l)`C{4w-X(v_Mn!;{e;hJGA%HY&-RPzxcy2W=;6v7?WPOVCFN-i^zH
zc3%h4kE5a_%PwVAuZEoVFvFJ7)hfiLAmcXnkbM7Aq<TJPpqYzYGZ&+ObKF0hc}(Vj
zb=k>jU*yib0}`5frfcRn`n$&~<%8d_@GbqeKl#EJk?J;R(hMc88Rnp$5xJec4eN=_
zoQ4@_=DDt!%g`^6{++$8?}<FT7Me7}Jlu7BlD(hN=s$s)f=cBK<kXL%ek}bs`c0@L
zUxRu{<W1=JqK`6S0WO$ZeV6>BCsL9&nS=w<Ob_RKc&>++B<FuQe&%{x8niIgM$xE3
zpVrytxueCyuO(moGH2OgkuI0J+QGOx4XDC&L5ZTi=aMfWA&MXMv`fB%rMCQh`=qbV
zk4k;KcI~EZ^$m~LHaxnyw*C8`W``3a;85Bhm8qyJ?M!6O!}X|(r-2`{vxLX*#dWzI
z+syajT4YBg^DJE7wd0Gq6xX;N70eGH!&F22;hUX{CT3WQ6B1T#M@_HLih?(e{t?v7
zD)ZbT{kE<##f$aql6s6{*EISq>KJfTIC~_t8?=hKI1J7guEBWmb@Rbu9Z6hQYJ-SZ
z;W!xzPhcjV_88RSqqW-O;uP>9w?6jpj_~i$&&|`S!^H*QE*I1I1s5k$Am|kVZvdO@
z6D}O3RB9st(L{D`1ZOm96>@PD49E44XM>|IP66i&JM&ctzcosYQlVy8ECSxZUh_kh
zK5!o<rNH=xACo<Q9%Wvh=PAAEc}nl_Q%W3zS@Q6B+h?`9=He*0&&AnbC1#U;3OMBA
z3@}{HW-h@tCc>%k6muJRD4ZG>J_#Nf`dX_sB4D$AG`^+!*|B6p05)`r$wLs_Im$Y5
zaH*~wUO=HwFApl@@hxB#_gGxvvH1VE{P*JW<yrJd0(c~JD!GI6GkR22o=5c`3r?~j
z02?|z!8zv<1ZO#&ySWsZC@tu}fvVQvlScR>+?BdcsgR3<U^+xe{}+spc~mL-s%l9$
zNBsJggd-0?enIrmaOuI7#;>4e?NFS*#93G{(2PN(7x5-=>WhkxUt(VX<86wMU*f4_
z@pX0(?*-`R;8U&`HFYoYN~;&P>ghvR#}sVUxz*Hdf_nIv;$zd{Vc;HF&KbWZybt=p
zlQ0|Rkv=bf7G?`yHpjQ>1-!~-6KK@AY&2Vl%Lbo)S1)GM@BqEc+)my}-h-usob1Qp
z1SzdXP7i`fjhLN09EX!I8ZJe+zKME8DbwlK&#ZTp15mz|=Z|C7tO@qXN&4*hDYR32
zG4?#%8Wm>K<MxY>^!?+^fo*zzK>9y#(^CgrTxGwRXpCGs3_QriV8_KP@Rb@|X}@?#
zpVwIjqs7Gs&BpEG;)CYY_P=s*z2@(OiMChNYJ4j+p(?}^xtN&ac#j>&4hO;HVq$i2
ziyg<rPVu@p;V1{7+$A@k#0_H)*}+cZ#368xj9&()<3aVhI1PNwbAJdfr~CgvO+|F(
z3$tqwjd&^nR+wkD?0|1bcb@qW-R0Eng}TO`=-a3iQ&S=NB`~cO6lP!i>hT45kT38J
zlh68`({pJa@=*Zt3o;KHE{>U@2}(r~HjY^wSuy*aO!wEB@}0VvcU@<mNB3Tm9>86x
zh%bs0;%~uLnH?v@Y<z|N0Yg0A+}J6$k2mEBUCfWf*-IR$M_TNQPOZv>mt`q+*9N@4
zU2K8tg<CNmKpZuCc#rT=jE9@GY7_nhT)Ge6X+D+U1s#PBmx2X_Ug2@s_z&2x)m7nq
zaONSHDO^q51~Y{ngMxnBAkvRQKjh*dIO;F76`T#kL}4>-2;yB;A<TX}rd5sbX>+Pc
z{CL`ocv2UZ(>L@KS(kjc9!w|Tptu=r@i9f?d`y7{#mxlE9XA8%0=W}6uVUVGd@eb0
z!|5}_>Q4_&AMjNyPwQ~{6j}XoMVtoilW{)0??-S-1o6oOMmiPn1kQpnQ8<GQq|UKa
znJ~L%p`{RIte<ASc}iT9W(uBmr&kUBETVYLU}-9}y_cfsG<n?A>~Rx#kel`na??P1
zLGHMT=BMJg>GLQ)Q9B0Q!0Cmzy5oi^=2Ww!*A#ODT~4pMiLkW?&KBE_fURE4BFwg5
z#Vo>C%*I_}`xSF)*I%XALSKJ+O_+qw>+A5KL@#jwTqDfE8S<%4VNRc@PhIeg_qfI_
zj4QvS7pG6mhu5O*bWWcczW#J5#e$i6K9wQk>^WSVY~b{Pe!lDeAUH1UY_Lq2v!}?X
z>iu|)(NktW#eJ$#6l%?g-QuTOvwF8)a^mQ2{rW|Hhgr7DD%6`z>ndxuK4iM7DKg>J
zXlhI)HC?8anmwkQnm!Y*Mblv_sfn3ZYOb1YYHCb)4Vny7NllGur3Pcv#7y`hG`NqN
n4AV+Yqv^JV;W|)}sidaSv{KV&x~b_h;kEV{H4Ub9t(Eg9H5aQv

delta 4897
zcmeH~Yiv|i5XaBCTh^uR;udIGOCP(Hq$@=&QYd73tORxCVG6WRQMBciqI_sb2oH%{
zp$I`^kR=>6s8lg&L=kNh8XvJH7>XfKjOe0Y+JtB|nxGPe1fu_$JGZ^N35kZp#Ke=F
zJ?A$wckVfJXYM`Qb8>js$>Dn<)|DmijjukZyE|5#E6>tDBzK=L)zRcz=SveW<SV6>
z%Dqz!HmefTA0Z#6R8|D@>zGdzb$)?T*_g-BXQ7k41^o`lCt>VHzY}w|hvP|@qxtT^
z&oq0keVE74(US46itB11r!`dBGWxZu@e>K&#2S(xd{tUE9UjQ@RF~%{=D*zb&ph8!
zIJCP!@~*EdW&|N2&of+}W0-FqtCR<E!;Nnkw-=K8zb>uY3rq5Fugk+6%(F{xW^LK2
z(itImAkX)?JjXGQh5pXk)}%@kb+9B458|r!GJ8FvF@Fj@2c23c<TMYVe=PGD<}K(X
zZ$R%6c?;%WV2(Co9)93keVf6*4RP{vDt}_`?PNY=UzWku85~c}y)br0y)E@wxU@km
zYB8rfKACaFwhT7O*DsVmd{Csz<f=EpxcXM0%A+5&5c(09d<hBBvd}wR@<&)|%RlTW
z`{vZBj;lY<%u6T)lU77+Jo-a+6*5o2?_n3;1%BMF5Y|t|?|eJ2nWy1*yq%5AGx7U|
zom<Sa@q3S*5zP0ay40GEu0OjMg|BJF#fW`vK`*G%iV`=5`4RNOspedrepgR74=&cT
z?yZFut0wLD==tD~aLGtm*J~AVaUQr*xE}gwpE<QymnQm@Y7+5syh?^&RH|9H6K1h1
zO6_uS4!GTIe@&@l!dGEm5zwm3#Z$mNE+&1iixW8z^of8MFj}iC!quac@;?ed{?I-f
zz`<2o1za2g2VGnO4!Jl7Tq*4Ms}VjlN{vzhY`<9qyntqNwN}424Nrp-<2!y#_Wet!
z>TvV4r?e;IDedE@lsJHG!Fq7n2-+nVhrkHspuPl5N$A+;fDxHN4uXTiaV#VJ_R!<p
z3m)F7RZR3p!6O4bS~ZA(x7BO%mg?POXb)cOp<A~62e|yAKK}kvy)btQr9OQ)sL@iI
zz-nB^j;k_u{C{5ldwKctOnM|<JQ8{<xs&r#dQ?+09@T#=IcX1G>>)Eb7p+BdE}-{r
z1!X4MHq2i_R}DDM2!D>0_OC*Py4VK}3jYdy{yL@TM77Oa+Mr)ckQ)+vA?_734BS%q
zCH-0S;;o9ym$(@B^R_~X>LOkb_8(CE_9gasp+AHJljw`a-~e_Q&jwtMQ(P3?|2*nT
zD>GuFo;ZvyDl&66>WVt{2m8EEe6Ah;;B0Wp#iYL^{4DgokNCyJ>*4#Kz_zh3@^{9Z
z*r@06UCx-%n{>rmk~*!)V_WsXn??xeW9ANWGer+uO$%}sUQUpb9}2n;OlHI!<XpU*
zh&jk>9I+ST8wI%?*B2Mr??|%eAdjOp*={+=h+s&VHyN`(ab*8{(7dx*&-Kdu`er?T
zD46&(rUet67EG`c%mp}$`tZrY8*(U^_=GsY+;6sSkznpOr?=>eC+Ln&OABVR=955J
zlr=aNtVdT!9SSBfXY4LJV;%N^DVW3@%sqC-))bmwHt1Iqj@%1*kJufB?U;5ug-K5w
z0H;KM23+vA;x7{EiEjm8%D6s&=#u^?bU#w8QkbKS6vG4XvO(0eZbcZ#Hfp}abQw+i
zV6L$yI`GVfYicC#0n@#F!o2Ov8QTV@Z5s!RO19^1&m})xsgU=I9}L`_ZCXW2g^(f6
zwm6AUhF4%k*VjTnae`?Zrl;`IYt6x@b#yYRUWCeze4@M{z5ur3c3u#31ZwP~39;Yg
zCL{oU^Jqdx`MJn?R18H$RveISt>VJ-ij}&%2_I$`Ti|Bl?a+IXH=8nem+)ce^IEk!
zB>V|@_CBqSc~pXL=ooal3@jM*3FnmH41Z9o0pT)mVLP@d`~dMGY*X0TkT1*L5ZTkw
zCE#KoIFwaw8#oJyh{0-H;KNy^MwsK+sa3sjhdJFMaqKWf&*<uh=yW_z?n^PO2Rnx@
zVosjX7QcWT_JPxqr^s?A&rr=k?j+AX_$`=V4b}+PP?a@UBV0q^0o<PM!!?9&lapLr
zLtrPl*3)ZyI$j%+LB!c$)YKGq;M_1G2Ax=de~zW%!W^3UmO_@Xy*8J(Nocg0v)x@|
z_4v;a!WRTfqejbnE`&*o{rPvo;&06e6F4nQ&!>gyKDv%;400z-<eyp!o%ElDaQN&R
z3Io>|zSm9|3e4$N9p&;WFu6OVylTVPYYM@Zy}bgq`rt*F_dWnG!e`Ca9kTbc<}|$A
zxV+|j2Fq(i8UE~ELj)yziM`-@VNT9~M|BHx`Gh>GH$$It=`HB-Ptq<gE}w`8A3Qr4
zTs~Ev!E&g=4GSlDR8aI3IBHHcaQVQ#(sjKL920gH7#HU1nd(u^Sx6>|KF2BMQJchI
zp()xaaaw5B?bJ(-pV+AnpVvXNcDYrpSDUuw)+~L%^wSVA;m0t<O(P9mrj3S8rk{oZ
z6Mh^+yJ@5$XxeB<nSL7LCftC*XBugUn>HGtqakR*jTmqp4L;LGLzC&Zh2a&Th-svu
Y$+XchVESq3GU1iBj)qmHZKYNI7pAYHB>(^b