From b465096f810abfd90de6f2e092f5dcd62b6b9390 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Wed, 6 Apr 2022 17:54:53 +0800
Subject: [PATCH 01/36] add taint analysis

---
 README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/README.md b/README.md
index e7d74ef..510251e 100644
--- a/README.md
+++ b/README.md
@@ -29,11 +29,17 @@ you can use the docker we builded like docker-compose.yml
   - [ ] RTA
 - [ ] 指针分析
   - [x] 上下文无关指针分析
+  - [ ] 一阶上下文调用点敏感指针分析
+  - [ ] 一阶上下文对象敏感指针分析
+  - [ ] 一阶上下文类型敏感指针分析
 - [ ] 污点分析
+  - [x] 上下文无关ptaint
 
 ## Usage
+
 见docs文件夹
 
 ## Acknowledgement
+
 - 感谢南大的李樾和谭添两位老师，通过他们开设的[程序分析课程](https://pascal-group.bitbucket.io/teaching.html)入门了静态分析这一领域。
 - 感谢[Doop](https://bitbucket.org/yanniss/doop) , 提供了soot-fact-generator.jar 。

From 776d25c0f70e212014bd10a116e99119fcbc4e3b Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 24 Apr 2022 09:13:44 +0800
Subject: [PATCH 02/36] add caller blacklist

---
 logic/cha.dl | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/logic/cha.dl b/logic/cha.dl
index a0be1c0..1e592fe 100644
--- a/logic/cha.dl
+++ b/logic/cha.dl
@@ -4,6 +4,7 @@
 .decl SinkDesc(simplename:symbol, class:Class)
 .decl SinkMethod(method:Method)
 .decl EntryMethod(method:Method)
+.decl BanCaller(method:Method)
 
 
 .decl CallGraph(insn:Insn, caller:Method, callee:Method)
@@ -22,18 +23,21 @@ Reachable(method, 0) :-
 Reachable(callee, n+1),
 CallGraph(insn, caller, callee) :-
     Reachable(caller, n),
+    !BanCaller(caller),
     n < MAXSTEP,
     SpecialMethodInvocation(insn, _, callee, _, caller).
 
 Reachable(callee, n+1),
 CallGraph(insn, caller, callee) :-
     Reachable(caller, n),
+    !BanCaller(caller),
     n < MAXSTEP,
     StaticMethodInvocation(insn, _, callee, caller).
 
 Reachable(callee, n+1),
 CallGraph(insn, caller, callee) :-
     Reachable(caller, n),
+    !BanCaller(caller),
     n < MAXSTEP,
     VirtualMethodInvocation(insn, _, method, receiver, caller),
     MethodInfo(method, simplename, _, _, _, descriptor, _),
@@ -45,6 +49,7 @@ CallGraph(insn, caller, callee) :-
 Reachable(callee, n+1),
 CallGraph(insn, caller, callee) :- 
     Reachable(caller, n),
+    !BanCaller(caller),
     n < MAXSTEP,
     StaticMethodInvocation(insn, _, method, caller),
     MethodInfo(method, "doPrivileged", _, "java.security.AccessController", _, _, _),

From 0905027e57ae5aa34aba1fa3dc0765b62a032e2d Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 24 Apr 2022 16:24:43 +0800
Subject: [PATCH 03/36] add rta

---
 .gitignore               |   1 +
 docs/callgraph.md        |  77 +++++++++++++++++++---
 example/cha-example-1.dl |  22 +------
 logic/rta.dl             | 137 +++++++++++++++++++++++++++++++++++++++
 neoImportCall.sh         |   2 +-
 5 files changed, 207 insertions(+), 32 deletions(-)
 create mode 100644 logic/rta.dl

diff --git a/.gitignore b/.gitignore
index 6b37dc9..0fa412e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 *.csv
 output/*.csv
 .DS_Store
+.idea
diff --git a/docs/callgraph.md b/docs/callgraph.md
index eecab5f..38f7d74 100644
--- a/docs/callgraph.md
+++ b/docs/callgraph.md
@@ -16,7 +16,7 @@ SpeicalMethodInvocation和StaticMethodInvocation的被调用的方法在编译
 
 为了能够分析大的应用，这里限制了调用长度，在Reachable(method, step) 中step 表示从入口函数到method的调用步数。
 
-```
+```dl
 // 先根据Etrypoint解析出具体的method，加入Reachable
 Reachable(method, 0) :- 
     EntryPoint(simplename, descriptor, class),
@@ -43,7 +43,7 @@ CallGraph(insn, caller, callee) :-
 
 CHA调用图算法认为，receiver在实际运行的过程中的类型可以是其声明类型的任意非abstract子类。
 
-```
+```dl
 Reachable(callee, n+1),
 CallGraph(insn, caller, callee) :-
     Reachable(caller, n),
@@ -67,13 +67,67 @@ CallGraph(insn, caller, callee) :-
 在benchmark使用样例见[cha-exmaple-1.dl](../example/cha-example-1.dl)
 
 创建benchmark facts时可以加上--facts-subset 参数，只生成bechmark中的facts不再连依赖库中的一起解析。具体命令如下
-```
+
+```bash
 java8 -jar ~/code/soot-fact-generator/build/libs/soot-fact-generator.jar -i Benchmark-1.0-SNAPSHOT.jar --full -l /Library/Java/JavaVirtualMachines/jdk1.8.0_211.jdk/Contents/Home/jre/lib/rt.jar -d callgraphtest --allow-phantom --generate-jimple --facts-subset APP
 ```
 
 ## Rapid type analysis (RTA)
 
-待补充
+RTA是CHA的改进版本，RTA调用图算法认为，receiver在实际运行的过程中的类型不仅要满足是声明类型的子类，而且这个子类还要已经创建过实例。
+
+以 https://github.com/BytecodeDL/Benchmark/blob/main/src/main/java/com/bytecodedl/benchmark/demo/VirtualCallDemo1.java 为例介绍 CHA和RTA的区别
+
+```java
+public static void main(String[] args) {
+    VirtualCallInterface1 vcall2 = new VirtualCallDemo2();
+    VirtualCallDemo1 vcall1 = new VirtualCallDemo1(vcall2);
+    VirtualCallInterface1 varParent = vcall1.getParent();
+    String source = vcall1.source();
+    varParent.foo(source);
+}
+```
+
+在解析`varParent.foo(`时
+CHA认为 receiver `varParent`的变量为其声明类型VirtualCallInterface1的所有子类，也就是VirtualCallDemo1， VirtualCallDemo2， VirtualCallDemo3 所以`varParent.foo(`会被解析成也就是VirtualCallDemo1#foo，VirtualCallDemo2#foo，VirtualCallDemo3#foo，存在两条误报边。
+RTA认为 receiver `varParent`的变量为其声明类型VirtualCallInterface1的所有子类 和 已实例化类型的交集（两条new语句中的类型），
+也就是{VirtualCallDemo1， VirtualCallDemo2， VirtualCallDemo3} 和 {VirtualCallDemo1， VirtualCallDemo2} 的交集，
+即 {VirtualCallDemo1， VirtualCallDemo2}, 所以`varParent.foo(`会被解析成VirtualCallDemo1#foo，VirtualCallDemo2#foo 减少了一条误报。
+
+RTA对应的规则和CHA基本一致，总共有两处改变，
+
+一处是增加个新的 relation `InstantiatedClass(insn:Insn, class:Class)` 表示reachable中方法已经实例化的类
+
+另一处改变是在解析虚拟方法时，对subeqclass增加了限制，要求subeqclass还要在InstantiatedClass中。
+
+具体的规则如下
+
+```dl
+// 如果method可达
+// 且method中创建heap
+// heap 的类型是 class 
+// 那么class就是已创建实例的类型
+InstantiatedClass(insn, class) :-
+     Reachable(method, _),
+     AssignHeapAllocation(insn, _, heap, _, method, _),
+     NormalHeap(heap, class).
+
+ Reachable(callee, n+1),
+ CallGraph(insn, caller, callee) :-
+     Reachable(caller, n),
+     !BanCaller(caller),
+     n < MAXSTEP,
+     VirtualMethodInvocation(insn, _, method, receiver, caller),
+     MethodInfo(method, simplename, _, _, _, descriptor, _),
+     VarType(receiver, class),
+     SubEqClass(subeqclass, class),
+     !ClassModifier("abstract", subeqclass),
+     // 限制subeqclass是已创建实例的类型
+     InstantiatedClass(_, subeqclass),
+     Dispatch(simplename, descriptor, subeqclass, callee).
+```
+
+CHA只会存在误报，但是RTA既可能存在误报也可能存在漏报。
 
 ## Visualization
 
@@ -82,27 +136,30 @@ java8 -jar ~/code/soot-fact-generator/build/libs/soot-fact-generator.jar -i Benc
 经测试，通过`neo4j-admin import` 导入的效率最高。 [参考链接](https://neo4j.com/docs/operations-manual/current/tutorial/neo4j-admin-import/) 
 
 导入neo4j docker的步骤为：
+
 1. 执行下面命令将结果输出到output文件夹
-   ```
+   
+   ```bash
    souffle -I ~/code/ByteCodeDL/logic -F factsdir -D ~/code/ByteCodeDL/output ~/code/ByteCodeDL/example/cha-example-1.dl
    ```
+
 2. 执行bash importOutput2Neo4j.sh neoImportCall.sh dbname
 3. 最后访问 http://ip:7474 登录 neo4j/bytecodedl
 
-
 注意上述方式只能脱机导入，也就是databasname不能是正在使用的，需要指定个新的，由于社区版neo4j的限制，不能进行多数据库链接，需要通过更改配置文件切换数据库。
 
 可以通过
 
-```
+```cypher
 MATCH p=(entry:entrypoint)-[*]->() where entry.method contains "virtualcall.vc2"  RETURN p 
 ```
+
 查询入口函数开始的调用图，效果如下，点击节点可以在右侧看到详情
 
 ![cha-vc2](images/cha-vc2.png)
 
-
-
 ## Reference
 - https://pascal-group.bitbucket.io/lectures/Inter.pdf
-- https://neo4j.com/docs/operations-manual/current/tutorial/neo4j-admin-import/
\ No newline at end of file
+- https://neo4j.com/docs/operations-manual/current/tutorial/neo4j-admin-import/
+- http://web.cs.ucla.edu/~palsberg/paper/oopsla00.pdf
+- https://people.cs.vt.edu/ryder/515/f05/lectures/OOPLs-CallGraphConstr9.pdf
\ No newline at end of file
diff --git a/example/cha-example-1.dl b/example/cha-example-1.dl
index 11dd251..415df41 100644
--- a/example/cha-example-1.dl
+++ b/example/cha-example-1.dl
@@ -9,24 +9,4 @@
 EntryPoint(simplename, descriptor, class) :-
     MethodInfo(_, simplename, _, class, _, descriptor, _),
     simplename = "main",
-    descriptor = "([Ljava/lang/String;)V".
-
-.decl CallNode(node:Method, label:symbol)
-.output CallNode
-
-CallNode(node, "method") :-
-    Reachable(node, n),
-    n > 0.
-
-CallNode(node, "entrypoint") :-
-    Reachable(node, n),
-    n = 0.
-
-.decl CallEdge(caller:Method, callee:Method)
-.output CallEdge
-
-CallEdge(caller, callee) :-
-    CallGraph(_, caller, callee).
-
-// ouput callgraph 
-.output CallGraph
\ No newline at end of file
+    descriptor = "([Ljava/lang/String;)V".
\ No newline at end of file
diff --git a/logic/rta.dl b/logic/rta.dl
new file mode 100644
index 0000000..f2720cb
--- /dev/null
+++ b/logic/rta.dl
@@ -0,0 +1,137 @@
+.comp RTA{
+    .decl EntryPoint(simplename:symbol, descriptor:symbol, class:Class)
+    .decl Reachable(method:Method, step:number)
+    .decl SinkDesc(simplename:symbol, class:Class)
+    .decl SinkMethod(method:Method)
+    .decl EntryMethod(method:Method)
+    .decl BanCaller(method:Method)
+
+    .decl CallGraph(insn:Insn, caller:Method, callee:Method)
+    .decl InstantiatedClass(insn:Insn, class:Class)
+
+    SinkMethod(method) :-
+        SinkDesc(simplename, class),
+        SubEqClass(subeqclass, class),
+        !ClassModifier("abstract", subeqclass),
+        MethodInfo(method, simplename, _, subeqclass, _, _, _).
+
+    EntryMethod(method),
+    Reachable(method, 0) :-
+        EntryPoint(simplename, descriptor, class),
+        Dispatch(simplename, descriptor, class, method).
+
+    Reachable(callee, n+1),
+    CallGraph(insn, caller, callee) :-
+        Reachable(caller, n),
+        !BanCaller(caller),
+        n < MAXSTEP,
+        SpecialMethodInvocation(insn, _, callee, _, caller).
+
+    Reachable(callee, n+1),
+    CallGraph(insn, caller, callee) :-
+        Reachable(caller, n),
+        !BanCaller(caller),
+        n < MAXSTEP,
+        StaticMethodInvocation(insn, _, callee, caller).
+
+    InstantiatedClass(insn, class) :-
+        Reachable(method, _),
+        AssignHeapAllocation(insn, _, heap, _, method, _),
+        NormalHeap(heap, class).
+
+    Reachable(callee, n+1),
+    CallGraph(insn, caller, callee) :-
+        Reachable(caller, n),
+        !BanCaller(caller),
+        n < MAXSTEP,
+        VirtualMethodInvocation(insn, _, method, receiver, caller),
+        MethodInfo(method, simplename, _, _, _, descriptor, _),
+        VarType(receiver, class),
+        SubEqClass(subeqclass, class),
+        !ClassModifier("abstract", subeqclass),
+        InstantiatedClass(_, subeqclass),
+        Dispatch(simplename, descriptor, subeqclass, callee).
+
+    Reachable(callee, n+1),
+    CallGraph(insn, caller, callee) :-
+        Reachable(caller, n),
+        !BanCaller(caller),
+        n < MAXSTEP,
+        StaticMethodInvocation(insn, _, method, caller),
+        MethodInfo(method, "doPrivileged", _, "java.security.AccessController", _, _, _),
+        ActualParam(0, insn, param),
+        VarType(param, class),
+        MethodInfo(callee, "run", _, class, _, _, 0).
+    
+    // RTAO is RTA OPTIMIZATION LEVEL
+    #if RTAO > 0
+
+    .decl SinkReachable(method:Method, sink:Method, step:number)
+
+    SinkReachable(sink, sink, 0) :-
+        SinkMethod(sink).
+
+    SinkReachable(caller, sink, n+1) :-
+        n < MAXSTEP,
+        SinkReachable(callee, sink, n),
+        CallGraph(_, caller, callee).
+
+    #endif
+
+    #if RTAO > 1
+
+    .decl ShortestPathToSink(caller:Method, sink:Method, step:number)
+
+    ShortestPathToSink(entry, sink, n) :-
+        n = min step : {SinkReachable(entry, sink, step)},
+        SinkMethod(sink),
+        EntryMethod(entry).
+
+    ShortestPathToSink(callee, sink, n-1) :-
+        n < MAXSTEP + 1,
+        ShortestPathToSink(caller, sink, n),
+        SinkReachable(callee, sink, n-1),
+        CallGraph(_, caller, callee).
+
+    #endif
+
+    .decl RefinedReachable(method:Method)
+
+    #if defined(RTAO)
+        #if RTAO == 1
+            RefinedReachable(method) :-
+                SinkReachable(method, _, _).
+        #endif
+        #if RTAO == 2
+            RefinedReachable(method) :-
+                ShortestPathToSink(method, _, _).
+        #endif
+    #else
+        RefinedReachable(method) :-
+            Reachable(method, _).
+    #endif
+
+    .decl CallNode(node:Method, label:symbol)
+    .output CallNode
+
+    CallNode(node, "method") :-
+        !EntryMethod(node),
+        !SinkMethod(node),
+        RefinedReachable(node).
+
+    CallNode(node, "sink") :-
+        RefinedReachable(node),
+        SinkMethod(node).
+
+    CallNode(node, "entry") :-
+        RefinedReachable(node),
+        EntryMethod(node).
+
+    .decl CallEdge(caller:Method, callee:Method)
+    .output CallEdge
+
+    CallEdge(caller, callee) :-
+        RefinedReachable(caller),
+        RefinedReachable(callee),
+        CallGraph(_, caller, callee).
+}
\ No newline at end of file
diff --git a/neoImportCall.sh b/neoImportCall.sh
index 8e1834a..da1e711 100644
--- a/neoImportCall.sh
+++ b/neoImportCall.sh
@@ -2,7 +2,7 @@
 
 dbname=$1$(date "+%m%d%H%M")
 
-neo4j-admin import --relationships=Call=/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv --nodes=/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/CallNode.csv --database=$dbname --delimiter="\t"
+neo4j-admin import --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/.*CallEdge.csv" --nodes="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --database=$dbname --delimiter="\t"
 
 if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
     sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf

From b3a1e423ed03accc154506d515bce99d3d625775 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 24 Apr 2022 16:31:32 +0800
Subject: [PATCH 04/36] add rta

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 510251e..7c1ff31 100644
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ you can use the docker we builded like docker-compose.yml
 - [x] 搜索功能
 - [ ] 调用图分析
   - [x] CHA
-  - [ ] RTA
+  - [x] RTA
 - [ ] 指针分析
   - [x] 上下文无关指针分析
   - [ ] 一阶上下文调用点敏感指针分析

From 963b04dbacef70daf8cff35615ced504710b7d90 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Mon, 25 Apr 2022 18:49:12 +0800
Subject: [PATCH 05/36] add logo and plugin

---
 README.md    |   7 +++++++
 bdl-logo.png | Bin 0 -> 59042 bytes
 2 files changed, 7 insertions(+)
 create mode 100644 bdl-logo.png

diff --git a/README.md b/README.md
index 7c1ff31..ed49403 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 # ByteCodeDL
 
+![logo](./bdl-logo.png)
+
 A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
 
 ## Why ByteCodeDL
@@ -39,6 +41,11 @@ you can use the docker we builded like docker-compose.yml
 
 见docs文件夹
 
+## Plugin
+
+- IDEA
+  - [BDLH](https://github.com/BytecodeDL/BDLH)
+
 ## Acknowledgement
 
 - 感谢南大的李樾和谭添两位老师，通过他们开设的[程序分析课程](https://pascal-group.bitbucket.io/teaching.html)入门了静态分析这一领域。
diff --git a/bdl-logo.png b/bdl-logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..327431967316bf49644196bcf080d5627d18a870
GIT binary patch
literal 59042
zcmeFZXIGP37dCnW0vkn95fG$^Lg>9oS5bOVklv;DCM9$ms5Bw;Dk`9q&<UX{0tN^{
zT4;hu0!j;n8bUdD_CD_!?;kkdo(~KdVXe7lUvtfC!s`cyTIbJloCN^jypHxgV*sE%
zL;3oL4*cXzAy*y%oK^79(0CAJtabOg&V3DeDMfjCF==rr00_%3$P9gCGQ}E?X;)}}
zkaqD+`mmR~F}3#jcI{MgVJU`-x?OL98}j!a`QLk(TKbQ);IG&Z8mYB6-n^uGSi5?L
z{oYuB|CMW*I?h$>^KDQ9I&Yq5KiaFP9rM$T5H-;PyghnO`&Hk9A(pY&;>yBu&#R;a
zHwStu#!Z068~Ej4Uw@bNK$AL$I&w16JBRszt-a;KbrM;4R6X$va9Wg(w7ek&JjhO5
zCLT=Lu(P3Vsha2WBaBelO|k|<lDb1TET2i6!GegQ){%QTE=-Es(l1ol2ZDxvyKLfS
z1s0POFLxxSI<T`X|8szp?tnNwf1(q2yVnm_%N}Vc4+y5siZ2D3ID3mZr3p$u6I+A=
zzqC>In<EkygBa!krk<feEAh*GWv|#FHYRaNFy@2>48~wNp=VI?f<n^G-%^t~?3SDh
zfq*OK$npx*hrRBG^5iYWTarFvJ{^K%F}6o}Y5O6Wb}wQ!*zfTibnlr*=bQ&>N?jVK
z4&!}1SOD8qst2vd@n{DL;7wge@P()V?v_Y9<8Qx3-9##8XKnPTioAp*{tym}F2rcq
zM`DaSeiHDGVcW1<X-}jy>=b-m!%Odd`#$vBpTxLS6o0@&e-g~idg+L-<CR4E{d)tY
z`q%X{8?C=HzoN~#8+ZGlDEEM=`{d&kGV}HH!KL9$3+fVHj@!}PfS~ZD>kJXjBEy8J
zbG=$LBy_@$oa_QJ=GjS<d9(h>cUHcbWGAhA(#@A24z1-LSy9Vg2kzgdS-E}f4-IqI
znWnBw%>dIc8tOZOug(NGNd0<t<t^2{>ugtI8{b_`e^%un@QE(?-6h%Q^8Qz!Jazgd
zdy8KD>43wTSt?`63x%;ln`Z}aUwrZM`$ZPx_$SvjzH`>Sw0L_BM?<S|=>cc@Kl~bZ
zwW(Qduf8+>#91D<QtbN2`j6lfjuzm&2IAdA_sfSY;q*5p8A`uc)m-wXt#>fG^-uB(
zwlAnn>03PF&k$W1{xp#nH(nTZXZ^ZlaaR3l*`?Tvmz3ToNM2(7s(CjxjE~_GZ^hfo
zAE`ZVPrv2<$b)>Nom%$Y`U>6s`%(||)6ezuu)O^JKC{@YSpGx#L;42=pVY=o#{@mk
z?p`v`^m>o}G4uy`BC5n*kRYyU{w{Br>refkOFOp?S?Hb@J0(gbUyae{gs{|8*R$7O
z8%<Vx$=;jjSXygQsWid4`sRF3V9jH1siw0L7b7l5&?+ZKJ-_+;iGR~Adm9zQS0dj`
ze_8np_?!DPH?y~0p1Vj$Wa`=89N2O>(2Qh?{zpBzh*yv~kpccf`>wE~SaI60<}JNu
zy|6ocmv>(oe)E4H+Z<=1qjFEhh?BpA|Dm=kpS;jhK3*T*b%BB#KX0^OhoLl`nF3WT
z_2=&TLW+3j1v($T6SfdOBe;3ROk_;(iLlMXu+mrNvX6Ei*;Hm%TNH=g3((&BeAy1A
z{krPgL#vWUAD%q=8#mG*Z91i?_()L$S|6A|q{VAp5$$>PTVvtj8$q(5o1oL97v)AS
zCdjeiG0hdrm0RaEWJ+m=jXg>l{M?^62(i3*Q=r?RTd14VAHX8SRebFS&7Z$J(ua<R
z!H3GGVx~r>9V?J=`Eil*>hYyd&`(?Ax?|JhnqzaHWyYe$M#m7JLqE@t-uB4$c;SWf
zT>EjWV(ZBTpX33~jr=sl_~qG&7jkIXo3iHa8>5`V`4b}(#L@nd@)4yEyN~kV>%|4-
z?Hc44dmk^D_8DlstJhfmIOG&}wi}i@^vQWgs`QCm@NqDI%Wli_7Mbwg@Q2|q!`H+2
zcNh*ukNJ+d4%-h+=#=Pq>1gSy=n&_(;zYZzblb)q$5kgKCOuA+zZ%T0Ds3inL2^jJ
zSFXeBu6%%krR#`8Ao_|^zqEnOPoMB9M)`ULJ*f(*Ytr#(u0h(RR&>1BFsmW!-2}RX
zYx<W*VL9F2F3DCSV$a3SiM5IrS+ZO7So_qkAP(Jq{0e-3x<~cJJ!W<{aUXTsuBgfp
z!#4HqP1_J{=8+Z4A($v%H{U+Qj8o`np(oGd&MzI<ljqMrJpW#db{zT9CH13rVv8=J
z_pFnTYeDE;WvF6Rh|<!|#MBqdwa7^l8(XPfu3o~x2Wap1!8XTo5^@C@XtQct;>(D*
zhiLaT4z&$Uj(AR{VTxiZ)PnWBDEsVIzI+GcW;bDXqxwQM*4u4QcTdRg+YF}lTf}hu
zZ)Uv7deFQ%Mqvsu9@>wY^Lsfj6w?s%_Ei4#8kH5*Z0u6(=i7Z<8Be3`e0)cHXZ#M+
zGxW3jUsQShwH?0iy=~n-zkF^v^yRbR*x~i!{jZ7LnJ=Swk{OuJRWrm~b!2{c@keKD
ziv#LeCT;bN_8S8?2={XC>AVmB!196leclKAzOcUZK5eI}$L76uZ$@7+e+%w&TKuq>
z_q&YkP;?gQukuB$_}0SVjm7)W1aZ*`i~Np*gUdbq`TSa!f4r7@E%utASe#Ecv@;T0
z(x_L~?7bnr!CXl1NAH(L=$BYF;zL3*1XOiH4CV?|a()*YrxG7^u|7IiSaw)8QPN>}
z&S0i!Pe>Kgu1b@YnjP>+`%)<bS-MeXTROgeu>MW`$ASE;bsKs9vzO&uG^P^jT6<)t
zFk`Xb?$y~z=PqWNz_uX@O8eS{frXNO4#+8@!GHiUYP-|!snr+TAJ*@zYnmLMlq~lj
znhuwjRD_$aR*PGycJ%t8pEkZ|^ze!iY!DZfh(wCJ+8U*r{m6Y^yBob~oxt+uevg8D
zv-hW&SJQ%%x0*dRO3Mv+^uqYr^s4kkbm#q+d^-*@(B>KTQPXJ+E;WP2-Wan%vxSM(
znOOvvpt(3kf@g-iu04p}Neh*nrJS|a_Q28nAtIqhuTIa3-Db+x<w0ZPN>s4!u6B~S
zK}417dg(N_71~<8wlz6wR%U8$weMT)KtP9g9uCoch<g*29i>R-me*9+i$Nc@Aay=`
zZur|By%7EP=_{HjbTS$(mMi8`<zMkJnCS5J%fNhC%;?Wv?+U*%L>4!7JYPI_Oy0rz
zZugz|h?JV-hA6iKTOazy4<DIVY~~clGe-E=lUKRbIKmnbeI;d!5d(yMo>5h^ARBzx
z6vNlo@0p7Xmx}V$GJ;qB{>6<twd;iw@?Wb4RY|n@ZF&z+Z7)Y+3jXe|sYB;>k7~~i
zu_fC%+pe|X{67bEMZa65C-W%LanUKqbH=wwDBEtZ7b-;lenZX}HE*vjY-ROdANhWi
zy0H2X>o=#}%-fD?CH*lwtXf6{`C?`*gV>@FxWbY4H{{&?YtgdDwYDqQRn=Bhl{Ou|
zJXdy_trbvrIo*kF`@>6e?0GSCZ~NwqRv#ovKtkQ_AnZtI0+v(Oqb_o4LmtFUg?5G=
zNlUUQ%bnQl9F11z*?;PsJRR9^Av~GfIW}jncD2iDdl(b+OKjEWv^6`FSq4d{C5WhJ
zNB<#R-PzhGOEfBqrrCe7O-}K56$UFw27hhKAOH}*N%^7*D^U*tfa`$Hy*rP>^4EUS
zH}kpV$p7*@xP<!jDqAX6a4FxSJ2%KC!1n$ai`2V+UcGth0NkM+y!1_UNv=xp@!iBv
zg3lOk-ncHT^LkgE$Fx3qkx{11DA>FRPVRs&9}Y2^m=Y96ZPELNrctNW@Ks8A3tWvm
z#fDN*e(KtB|A(6LJ@$X!|EGul`N99<;D34Ge|g}4dEkF};Q!A&Fqrz#dGh+y6P77H
z<m0*%;kvcX<IW7{D*1tETbq`<;)dcn;=1BCIzvW7K7B6sMc8CFff!41H-usZeDz!_
zS%?Z?%!|7YbR}L((k%HB+UUIPoFI>1tq|W|CC*nrk~8Rpl4IJG)Sm}Q7b5QtX&YMW
zoIKJpYNQ4R+o0s4`#>zei!4V~*1|NZF;kDU8=Ohr&4>{3mrt+YR`3lvmOI#H!z~|@
z6FaTN@z_qCXj5bCu06y=80cCXy?6%5uKD5qh{ICBMqI&SW3|HEpgUos(poO5+f<%u
zJJgutS*LDvPJY^v3duwH1P))-6R?K>x7B6OPytGk97+B4yZxq73Oc^i$=0R@qkh}m
zdQSNMs&RyO{rm0heM^q#`~v*yI)<Y5*x;y>9bNE1#`AZ8SXy_s^=9AQl+yX8^=5-Q
z$CQ#E1$CeL(KDiik)z$LnPk17%{~+pj36KYZv62??+kFYh@vOqM9mMxQ{9pu=I|S>
z_XAgPW~TLF^xY<K>YsIJnoRQXxos;UgRd^<zb@*nw4AIqoI3+pFmpTufN>XeXQRxl
zC^BkX_E?v>#)h{kx+u7o&!+gWZ@tgRJ*K)c@u)s=z9N@yAyjvzMXj~yG8J%gN8=)J
z_2UoshWl~KkWlx&88cr}i86kIST*B4e==9Hp7ElOf8MYo<LDE7HGwR23Aic@O6aiB
zXnvYu9gV2SU9v}IMooOXo?)HrH@zgZPAGt3mldR=RY_JvbPF7_`dJNdxDIMG7AeD#
zG=cKZ!_AkMGK68vElpWn(VD2J=__o@yVkxk;^)6s^V!2!4>3_J^uVA1<s6h3+o>Sp
zWbT6}M{Fp3_GDn>k=+2ouik5X*42hpL=i$VCT6t2Pe<&bK$preX!1-@nn#7`kZRl<
zN)?twu5w?pd7CaWa8h@-zaO#87h`mincr!1(lLu=gRn_t>CIFgM0i#4;aS&%VIpSe
zXV=W#JH<N@cgAJCuzvMx*lQA51~c9xC*kYKG4gskB&fJ`4Neio4_(h%W{OrLJr1<7
z#j@>L@BlSuJisDd@2k6Pi*8(upNVhvY#sJlX|*ijBs+g@sUbwg30bYDJ4&bo^+NbO
zWQZrU%YM@h@~>wJ9CuF0aGvu!FM<Byg834u6X+YQiJ$mAa{b8rWG-gfEdb~mdB^(?
zFj)D+{mC{Xlc$MqaXwb0r++-84AQ9=J-W0%5Otgf5?-rrJHe5~&3OyQT^rHxHrIZZ
zc&t8rbjfPqID7!tf(mCAMlj)5`so`KZ_S@dNJlrJvxwVd>!Kbipk4=bh-~%`KR(HN
z_6Gqx7IFq%t2@>Y%lgII%J@3<qYIDTbLkm=UOjxz?Ui?J{cO8>mDvxKK`-z01y9pa
z&bH{hs<dkmy!;Nj)c6l>_BzxxuM<C`3Rx7;Bi1W6V!i^gQ^lYhJD#!}88a$8#^3=&
z{jOcmPCri4kN6a8xnlD3^N--|(@ETT!aI1bb){ai^;YNdZdggV$3<V*>@B2D;ApwW
zb+}yP-PVU3Yx{oNy?ay7PhpWN>Tx`~R_wsA2*r0+G(S8<5($@3-LO_Oz3Lyv=`R&K
zit-;Ef1nC`Y>O@1wPHy~>+Gz%IDnWwD%x8aAGto;<jL_u!7nJu1AD79&;?gFp0Mxb
zCw8Kp=Z8o#{(t@W^VK9xyjibS6Vi5ERxtBTU3TA==_nw&xSwY4{+>~bEZRY6B&kDf
zvw94C&EzV8c?i;Hd^TET)nJ1d9ch<0k0&3v_oh|1q_F@?l(?6a@?qYrMSZAP@+>cT
zXT!UPmY>(@u*dEa4#i$uW?(ff@uWZUS*X?M4~&R%FoNqUi12y6r(UI^ZFPEiCMKux
zGTb?lwxid8B^XF=_%j#-tlnYz<FeF*$solF6SI9WjIjtNjqIviSjq79F%ECyD{!it
zH_%{yd9E1EH52f`?rd8mp7oCl`pf*s4JMZ(hmJDBjx{SV%ui9~k7<$j{o4Rf)=@-V
zNGD6x2nkh-GOsAL++GhcwaWgqr~B2YQHYR3<VM~fSJBuO_kmAYKNT@A+(ky{tcaak
zY?FW*b!6G^ffQ>jz>L*p0h)(&`ijhNq|N<EP9%3IH?U*^3zIN6pxIOowzZ%1)A6@_
zzL~bdgW*$YII^2F!4CK%<oC7VGuBT}S2R&-{GaP($L9+o1?T%Lk27h3L=Dh+E#89J
z%pi`dqV!VpeGI<xljzX{_zC$gu>^O}v_&l=Q9W)Voz7_&U9dl$$-a>@+wKW(E689;
zBFrxR8asHM7|*W-t)}W4p?GPf8RYny+hm6)$J6>9o31(zPfHR)7D&<UFvIT7lf@WX
zQnAEp>9%@4!k0SXP)qcI9T)_n=9hej?Sr!{6-X)aokp(-{b6A%CzhQqR6xZC3e`t5
zvCR?0kGM;y!*<pkrZPwon3jLBfmykJIo#p*^h@99$t5{xgk7;`p?cV9IWqXPR5jB)
zeVM1DhOaTB;>mn&q{VY?z?EX`O(W@?PUASPw1PCBaPcz1q_>N(Qyn!+IRuq8ZT20n
zqL<Jod8)(?G0e5Ln7lw1$D;E`>(iXGc5(-MV`LcjDivTx$t*Sy=KVkse-CQ4(v_H}
zZ|jHzHkgq>QTgiOSmEl^oXq|2)iP~JJ_4S2B8Fg5Z}wz8`nx*y++3&7IxV;Vy_%n{
znx`WV@Q32ij24i;cy{L$y%0m+sUXD|-F|9X9)pfQW*S$G=9FCm3XC!u5GV5xsQdWr
zVGOLW{}3TxR`M}Wd27aanGjx13(y&XwxkneCa$`LnT@OP_%CwnDT<N8h_yI9&^gAO
z#3VzfXI48$mwKRt`CE%OVetZpjpC1W(j>j|CClgdOMu^}-2IL|utvTDrsb|!XX@yE
zMvNhMTIIM2d*|oe3P6v!rt)m0hf#3XuLcY;!cvFKM3Vx~HGNk0lT&p2tyY5~ZzE^!
zmMWZ)F7_{Yx5O%Dz20kK=gwP8n=LPs?qBcHf)I>4Ry?o&v7d|U9Q41fGsJ9dir&`H
zD{X(gg-%28S8H?mp$>Y-_Tq)G0Py@hsOKPI=2f(`O1ozvQ}cZ${(O763hFG#uVqm_
zpk9Q4DKb564)mW%Jhha=u(fYo8EEz-zQ;j7FQ~HH!&;(MdKPKA9KfQlD<5?)e1NeP
zJdO%mL|l+COxB&tio5|M1(ildI;2iRX6+QS(wAmKOh>PZB3S&CN-o16$Sqe3l*D12
zRV3xOWJ;W9x~~6A>iak3Y{-6_GuiX7XiI>fpqu>t+wqtX&$aB>y@`|Rblg$h+SCVS
z$iCr3p)os?AZn|#V9OMxr5bt#V5L|pvspi#kn4!S-7!(ynL^R0bxYq-_wDbaEB$1<
zwy43cxNIY{cmc%>t15l;b-jE^@uL9#0FR6(Gzu#MiT_e~r~gXJGzdR<F0ECcv}vz@
zp*mM2c&Lb2`?L@rbxJO`1aKMb1M1o;C7xy?c7A8$=OK!sQ_6knf{V(=nE6tF8z5T*
zOe{4o8j`x`ArhZ+MO;hqgXJF79sDptk<nIjSE8q%(21vxp#cVUa8T}XVb1$(yhK7l
zn>h60%+*Mfenr2teYCMiN;K%*p7|%zpZFWsWTLWzO+)bU`1-M*Ibc&%KT_;2=2x`+
zDYa;baw<pJ%Y`-Kx|~xu5s4hnff_on(s77uOzMg^L$f?Z<c>HF^mh>q=kj0gGMFeq
zBn773-f(A)VmH`}@>Rr;b1#@$q2sc2MOlj-ki}J#J|wdm1Q4|Z<&gX!{aGxjE6Z%u
z>&!`mCwx;#gtiE@8Fi5Ga;myZnCXy9H9S{~OGOn)c)=7g{!wMd9~-ijs?gHH4xD6w
zQ8<{b|Cms?z=A3$eezv`FP^Um^^G(l#KnB|Rld16Y7>=~Kku6#kW~(y`$fmB;*ES<
zBYUGL&#9x*la;4dSPE#M2&3sd628hPVYH#}vO7b>bq>b4(&XS^71%-2i7N=|m=Ret
zsaPui;$^h?7OOw^NDgxqM4}^R==cG~T#$(!QP^0O^je;``pfQu!nO|3?ZbMnB-3w7
z1fD30bf2uB{gPtXzfI?-`bEP|9cr#<m`wW0d1}I}!U_zkfLG5S9Y_iGQ?A<?wa>Xn
zZbXSR=`FR{?S@#()a@TV>~r>MLBCaHHXa)63IEOGKZQAEu#D{wZlx5AJq=6@miA5q
z>-_||g4J3^VDKzRF1t?u@<331|3`$)B^i{PJ4>HHwQlm0JWk1hz+@$*?jMR;b8VhO
zsVN2%g~JOQxsj@Uhhd<FVp_5b8kct?_)0!QTb)<Sp~(wG@%|!Z{zV;>IqXB=ERX0?
zGaxBWIU-H}%)qyh_;RG`K`yh}tdx$W<93Y9LZv{YXzUO!eYcx21*2GRbH|qBxsg8n
zR&lqgDD*+{?ouKdH|Zwsyy$J78-rJTm7*(egXWPiXY~EK#Jj$S&v_Fs;D@d~t*aTK
za)_k32yM>J&k9f9srH^1Os0hijrNet`P|I_03y6xYj1|8<|Dhz%1sGPxl_jr2fcTL
zoMt#>yezQGa<cb_UTZLy;?ACROYIY{5YLKfgF5a(-FuIN*0$M@Mu3GFMUZ#;oBhsU
z6-$1{z*9cEXU6e#J`W^cD!kliQsJ8M>sUrjV2Xb#j5>b0!813qgaN6QO#Z=gdONyP
zg=y2pboAXCF=UBY`Gw6KosoK4;1pBb9YxdCNlB&*-(SG>H}(t*O$|2KE$(}q*~mjJ
zZZWIS-6jMUl1<{+mX8jn%RRmuluKEd@ttTVn-qE+<a6%7Am)*RNykk5h@38|tSM<y
zWb*EtM2Xse7yuY0zjF2S`Bs%%$~Di1H2tQ*w?2Z~2$`RWj(OGxWGgBX3QUhbNFB_U
zdoUXQHv3(7`}>ySP@Z%&AL({rBLk<~{SVI7&J~<whKklGcA%G11aP6gt?#khWz9xE
zix<ND6PcPJ^t9OP+H;A1<o?@4j8TZ;#Oi@0{w#qQ`Ni##!3W>mlbe<j^Yb@}?RF}7
zCmP9RN*JX|TZ)(`rq8s7R6-OSRUlI$u&+)64KcC&Ld!ie(rcMPTNM>c{VipD=6?<(
zM}6tUw}0WpP_PIkH6TbAOtHP`C^ux_M;p01zj2j|(U<#g@RnRUKr*cJIEXhSq^R6n
zUaFJSR+Kn3AGg0*t!LD~|HP)F6R~Ui53o%sjC$XqETNwwk)BS*Oj+teP>(=o$kW{y
z$yAb|f&E9OaRNA%s0ZUJnBb9$HluD{QglZ;VSPD@jk+t6VlLY6FDg}<J8YoF+>bja
z&RhtvBBtRaF^SYy?T3oh2RDD^BM6xRr?_O*tcI)jsaJUR#(hHTMPTVUm;@?|^@Vvd
z7lv`u%#+6?lvf&!^lQ~nYBK%RkNGB@`P=&i+xVMlG-=m%Y(|<lvIvWI;PJzuyntvF
zC8KlX#AeVrAf*?JnJ1%=Tn9f*>jO9a1ZrYpzj*PqZ>HvB26Wdk<+(jt^6QB5+VmE=
zGgKC`paWaH)aM)!`(jj`%kn}Yw~IGfCuBfnH-dRm0TB64+Iz-Gk3WhI8&@gY^%x(?
zW&Ww!IL|lV_nIQ~NK?An5#Zn{y)Z4@t(>+FsUZ^|9Q>3iCVxA#cfQLLcNF0o=Z3dA
zElsR8*cc7cIrq@aDB5xUK2Xy@sW$?p6>XHe;imQe-@~~GCvD}>n&Ue;i6`xgQ8YET
z*E2%)(a2L?cKd?an&q^KdzNyR8W&^l{{S^@26-{#9Of2S#;|sxfdcFL6IW_7ox`O-
z-xFswniB>4Xb946ez&sMz+`plGij&e9F@c0k&9;>Hl=HYi{e|&(c2&4lUo}x>1%1P
zXR?&$Bmgd94BO!H7ibi=mQE8@m3F!gS|*c{tLUoQg*RW}LbwQr)u=htstl^F8RSrs
zU16m)R_@Wt7)aL}v;pIYptQ<O#p{-xi$7zoPc_0<M=6A1!RU^278-gbhJb52Xz1tQ
z8y{{ehdJ98+ShvGLQHIdt7EsKsj_QA9)5<OK6N*iUugw^OnJ)D{LCHeGHtxb!1z`%
z#2KFSHFNAPiED!`_ODRThllg`D~p2<#evuo15h(}z(-dJl?BJsnb5XXCs^5daMayC
zGOfd#>HGJ^%QH3W*JnG<0S+Eu*T-SQ<ymM7BLUtLwKOt?Dnwb!yl!jgKBgWns!yxf
zwf)9%tAaocSWJUqnQaX|bt8w`WucCBX7R1!V0e4lVmsIUi+~-1+xUq4KPQ#{-&(y7
zKmN3^&*jaQbpJe2g!<ZI<3pQ`0N1|PC|k1l<Ma8GAXq2r18Qrq;D`IpcSb)w_}GH4
zdg_`Dc9%zKRsg8Si=a%vrE>l2U)5Jy|M^c5OTF&0R_fhe6}|#NZV(Juano>ZFvm_k
zd1736ZU*lJX$fg?!&3kIY#MwCzW-s2Ji1Nm{s??|7qPNyR2if!Q*J|Bh=Dl~@v3Av
zKCrEm!u262p#@PIO2#ny>Bz6SXD#z#P~SESxYn6sOBQQ9L#{o;^L$eK8G7lzKohn6
z@WcHlW3^7<+=6ds?%D(Ft`LQjlEvq!XjG;uwpN;cdHe6Pjs(ErFGbTj97&qiW@xdm
zh*kG2Hhu}63xm$9X~}yGU6)~)*aRZ`HnH3?-!n74f@XdaJY|p`w0ma0{up=m!Yf=q
z*E;b9ZY$@^$-587R5cA5TAC{SNR9cIqRUWH{-GBbOOiYk5u`Og{Fr9nGq8IQJ@vzv
z$zX4gZ<Rn1f*)S_I}ejDusq<$zq)U0G_Ins`HI3_G+5Tw@HsyYDJi$K-0A=iGD5+m
z|B{`x$TSYgxb1~L(i&8ATvU3bZ2l3t-e<LN6>vxfH%T_>r^DYmKF2*9G#M)T72un>
z;DkD_G>y+HUt(RD4{cBfmL8}HT)?;upWnvYsb=__5o5=;$_kU2y7DPO*eK23;u+V<
zKf@394byGJkY591N=3f~Xa*Vw1_s&$K7mMeTH<PXauzn7yL;BkOg(3np(QUh01FKX
zcy7#5_)vOEYbE=^q7V;TEESk}9ZEpyd)ZHJPVpl38V}v}GM33cKbAI7hU?M&&$#eN
zEduJ}QUfh#Ocf)UPr}N5y<&3}7w~yum7*akcfawUaz%Q0nY9elP)tp`N~bP&wnovd
zmrhiYw?S7ug6W6JV>Z`tIjCN)wYu4j2nQl@jl7vy-G648t>UvIjFDi#J^5uTftcSV
zu+$v0;T{7p>Z@s7_`W>4PsF!YED4izNMI6OoN!|Wn862bmy0yYQUJ_-L0*s85X<mS
zvvx;gIF#Z9FZ=$G^KyR1SZ(mQ?56M77b%IV++{VcUyf^lsF|8>a{uxp=#$=oiY46x
z@oH94Ok<R9@>cPMeFi|J1f*McUwJNT_Q~0J5d^Ec!jxK{nE5(aqYc;o_ss>+n>fp6
zr*|jUPO~rU(E?ehWnE~~{19nSNp|sE+Bz(lwRT`0LeK9v&~Z9(=QU7c1xino#ejy%
zw252#^~ZN;5<3;6k^R3*P|2vg3SYInjx_J0*W)}&lWf3ILS*j|UpF&Rv1vQXE$9Et
z0$BI<L6{6T@+&*(^0Jnvqoqg=>|#%7yC_!x<0FV9UcM}<VuN-4YDMDSK?=MDdA~W#
zw9Xu2&PMShi;~E>{M2F_u`qWvtARzSezBezJ}g+&`&Z^s-i36hDx`oWl8+Idy2}L&
z1iDW?bRE1?NP?A>tt<`3FyuSm>LS<LIe=BP=nk9fLG(2soAPw%Zm^eAMt6xHi9#(P
zj|KL?5&-C`1OxVJHl;Z_jxe7Oe)2~KwFvf*_2yrKa|NQb6lF+rBsHNo4?9->42z_(
zfvste|9;6r`K1)t4_7>GAJ46dzO_1}7gD);_#M1@0Kmc%WG!yd5+!yh{+_0ckEwd~
zkRH530icHR@@DLEmz@^vR*S;^cv@|4AhVhH->!1Xu7xR-W)xekHbJKl?A+7-w<{go
zHHZY;IF4~{d$xTy+GVGzlmFYa0&ZHGznNwLCecf3me}2nC^nD<Nr`_yUnGk=r25K%
zZDufsj{LhLn;zsn$Xk}fCx2lBy#BPYhQ1k*2*O=Z=%uG|*SjKT;JGP5$EuXJHV|t#
z*v)q-)^r9=pjI;ONO^uJ4vOKx4JL*`gwLV)yPMm@C~)VFp~gjrj-Q{vRe{GKqlRDy
zm{Mo~UB+d+|47a^{b`L&PRCTB)6{qVuaD)|T4OKxJOaf7H4Z+Gy7IyNxoWl@Txd_p
z*C0n<R1B_A9k{VUviQ9AZMC&dCjOoO*uD*(XE+X;U<jR+w_~fPHS`y}MuAu;_*Rvi
zH>_Uzz-s}2a%2LgOaK_9Ie#aX6cSixI)DGkFLSV6G7RQk0Qi?mM?t#EC&CRSf8%*t
z%Gz_3wR^kH`yB~?y0Bz%@G}Ryf8~`h->x0m%mT0A|MO8T*lAbcNJ>U$&FtC^+&GdV
z8UA<RzeM&oJUtZ7%!8MB&;M<dRFoI&{GqtBe*C^INU2K&tZ}k~f^APhWT&0qUJXI8
z>fM|gJM9MZHUMM`Q2f{bL0wRt9e5E85Bzuh9LN#lZCh*%SO!!NW|8-72dLZBgL!8D
z6HF6S&n>$Q6}72y!rh6kDb&V)9HfA5LH8cSqQDfoNW^1d!G~}+xx&nFqxIH*eih+4
z>!5M*{GobH2Jk{K<cf}zNOy=mxKSum(Y$#90NAL3+Mz<7IiATGCZtL*ZM0?%Y&DIM
zPC#Byc$bs%oWpd8-#ziCr_DO!vh;-Pwe)<L&m33>w-sTst%?Dl@)Ag4VXBQlE#CJK
zB|{dccK;XSc|+#IRIu)yCS5Z{_b(~C@?gN8`YW9=dY~(e!ZaWAc9~0<<9u-C*8tSb
zm6nbg!rj<`A+|i%gRt>gZWXu)KcT;4<844zTc^a|kGBAT^**SC>(ab2+Hndywtd2p
zYEWle>@pbq{!^sKi{(((UscM}_)*yTx_Pc`wQA*Q0RV6UudJ)F`d<m@#VT2TRUKZI
zuN4F^AuiVk<MJgm+2^c-v5YpZ@wjEw0Hxdm&V2;^ZCM&IuhcC7+a<$YXk&CjK*)v$
zjNBtwpxpd(NCP1%(C{#FZht;^_=F0uprHhyC^MnL`QS;N<$Po1J5kBaHqetMLwP0n
z)^G6UiD%U*ZPJ-;Gtrq><_7gdGm946lpOVr1t=pf&;UDH6yJCG8ugNqN5^+ERIEyx
zbZS9-(*p0D36+wRAlgZw+r0R(hVVk~RGUUmvn%uO4Lo+h2ZP5+(&6Ww(^&}eR&Y^9
zEpCS;P&3ez*eYL!&kykU7i9!{+p#3mLNp?K{LcQTT+Hh}0R_u%(b2Fr0mU1zLl|2v
z4+S231fOk<9+%zsn~b*2jVWOWEAZTd19r@K-7n~A@Ah2vh=<X1oz=NPC_k8e1IZ;%
zy?Oc~;NVEfN)I5I2-nGgORbX%+pEu~tM@S{y3D@|QJwrV5U^R8p()aGon&du5z_~;
z*EW>2j2|B$SK9mtg~==Un#_5XY$+t1qc#{&LS_1xEwvr3={ju+_!#OM>KhJyUVi3r
z<sYDCj1sRo`iVTL3mFNMJ&vfkfm2P$xQokh8ltIB5W(r2?rkBL^hNrwngYq|WQ{-J
zmi%D*UdYMFj!4D9oG=nfUM&eLnHLpYewWv1ImhqwVUymc18l8~5lU@%fUZGG%-+m7
z%5)3LpjGaT(wtmQD=-VaZ%>}b_|jC~ZGF{e08{2iROLcIt=kr3TIe3Hmm|N{;T{e|
z%ftxa*<bbvxRfmVWl5DajD~-{2)v`jdC(2mte5k_y+)!n6noF|&*G1qtM+5Irjnvi
z9=j^f+?Y`9jqF)C$EhmHIi1#gV{}QH6d{5U5C!qiv}#D7GI+^s>x1rb!CAW1cf3+C
z5-k-PpiAu1kHxIRg|lOzgp3~5{@<!Irf3;?zel^BZzRrz7RV34`9v}NN3LMVcBXM=
zZ7-52h~uyv#Tho^%8?u%oG}L6>8K4J<x2Xc5qDW(45`&Tkbv7Tt^X~tU1l>5#mM*2
zl3Gv0dnNd_%+Wr*Z2P91K-Xh1wTlMid{k5IhV{+1i2}yH%xbmWX%4;(=JRtUAc%=)
z9kn*o3+kB<44$z>*_)*iMTa|0(d%fYoW}+wg$7{nI;I}pb|F*lpMAZdA+N>kL@oXz
zl;Td7>I5B7;{a++&jRuh&)TEGTASeJawFoA`EHlWcd};!Ba=2a1+P0#uKE*LkaZ+4
zgy|yN=Be|QA%qfK@|z$jG~f55mOaDIe*wGXjcMm#6_3zo2l5a?7>)K2@_ZJ41*K$C
z?qlF>Bd1=GhQ+&?pFG5aJu+A|emTmK0uNRugO}FjakbX9@193NB;K5cj?bWUsDAR_
zC3bEz@bEg0%}N{EFpqIrQuN#s+dxt$I^v-6LW-%`tZKbyZV)U)-}BU(yj!<~7p{IZ
zG;c&A3nqQJW`_2e#(H&j+^Gw$`*E+rwmq+53It}jMbTgCzMCM!hdtN+^FoVf(o;4P
z-F@Xtp1A>$N>f#>ZyY>O5g^L*&^I;8Iq%wz^$!;WA*(0K(0dz((?aQtS`EIhEYIT^
zAQSQ8Cbwo=S&8u`)*gu`rRX06r-(g5o#>|qgS=}3GmsKgM2Ywt+joJxzxI5@^`Rwm
zBb-NJ9Vw&XpXh;K_F$BW8u%Id$}Bah>vQM5{>#rbK_gS`!}*gJs!x0c0@_VXG1a;I
z3;St2eDe~Wg{h|AOokzFNJNA$bZ#!yc3o5*(E{S}BlZ@1<n{SbWLk?X-9SB$U+Qd&
zCtN&#LU-6)djq?4Ug&eB#nBgBw-9+yXdD1GDdkOOw!UCd?gE1ohzt|o>fgist>Me|
zfMU|E6?tY{r_HG|MP~Y0VnDba6x`CbSU$KQtqAM2jo*fZW&bSOIz}XYbunj&_M9Rt
zlUqH<ZMdv_&r6)v1d^Q-bg(9Jh~oKnbn)lK1Q5YG`ZV)~Dwgt?wzw<(R1}8Q0KHki
zYv9e-&JFNXo%OHRPcu~Dp70BKnSmMh9w$+9Al$#+wtS-0vl!|~z;&1g-M7Uif5$93
zF;5aW2DS#&6C+E}F2ryl3~!qk7^=3tRpltV`xfvno0I-8DXx*B#QWxcG{7iW(bU{?
z{%TS9($u%!I&{!>E%)_Oma-^=tM1&*5)|>5b6>efgZ|=aQ2$DM328q=e%^9LWH7Tw
zjaVNU)^QX*Ub!)oQP)`(+}t^Yi#YL!OAF1kUnWan+<uB9-ST`OVF$YvrBGWUnX^@v
zZayQ|F!z@fRqRuWwA9mXjv4Wr_I`u5oS7*6D&<(sIc^uK*8==0MsTHt?u-gVM_#0w
zqOhXxX9d8#v_1HMn?#I(t%lSLIHkplA?h~u^$J|Z7gHL9s%z`qQJv-nL7Qr(h@=sG
z#-d6mU!SOXc88c^;OC=Ru(ttr<{UgG>pkI-99mG<sUfZj>UMBg2CqA%C7^7I7Au53
z@|8OF9<Lm-_5FJ^`XWVvnHW`=Ular#vLp4qqEBqiE4TcFBk3Una;Ia87G9<8@woS|
zkKu*K$O55o$oA=2s85jg1yW(6pB|TbepdhxO9fu~*#SBK%&B${^vxbM;8Jt$*$vy?
zA1-R+f!l*Y9C-hiE3=Zm$K!$ra_1hVLmZH2H%Az_yh<BI7Strw_eUas3Lv+r<<*s-
zclNfbUSGk&LTb|ph$(gTJcEj*oCK!NxxIf&xp?Z<2s!+U6AIFq747P6>DMZO+ozx_
zyIQnLekE792KT>g`Q(}Vw3E;zoDJW5QyJL0R1c#!gITT>%N`{g^gm<csXZ7{AHXbr
zKaxwIaU&F}2qUe>McZnJ0%Iy?C#>KOA{EQg*Jtu2*Oka`3EL8;^;VnoGs_m4MQ9CJ
zJU@2jz(3S8$RT+*Gtm#dWwd&573cye*X1YuJ#b8B_I*=NcB^2*E6y259Z6FtQ>D3F
z#hEP4Uj_pHuZSvLb;E`pPohK#S?c<~t_FQ**Cqau#}k&%ng(UKBBRJ{xWQsO9i)E8
zDUnIaUJ!+G%PRMnQ*A-ZDXWahl`p+Pw+H6eO^$g5t`UNpV*rOC%F_m}nii3QTqnyY
zMrvgBbTu@Hv}IcJ4ZLZ9S@7YS%aO#r=g^{~0BSPNi@nTo6EfV%tP#PQ6_c(gU;Xzd
z1>H>10ows>AG*^^y*+Z(#rp)4rp*P4d{V%_w$lY~2pK`<R%Pd~sqDO>bd|>LKnG!B
zi$sOHI)Z{ZM)$R<*Lvp0mRO!7B=4Wks%Q_atK>LpY#R!#%FTE)P(BIHo$M+p4XVx@
z-RcW7=-m&G76odADRd#sNQ3gy0I4Cxmf0rr!fRo^2-7b(oLtO6Ir2u6jcQ{ErH2+m
zzD<O;2_&!jcS<(3u}TbW=A^alDZq2xq&MCkS!=~l%0sp4jP_z2#w!hv5XpPzfk6iF
z?w#6R!i78ewwgeq1wt$t_4~m=8lSi<2-6DK>M}#sed=jVOIbShkB%qD8RB=LA#tIZ
zxZ|4OUI9vod2+3Fh`I-A6Tj}g`J#XiTYgew4>(+)*!r#hbicDdSxO-$2ogb9uj9^s
z!5~MCsm$%|w<f9`xWtoRe*V6?SH`|KNM5|p&Xa!>8aVH{RpFVn^qXqEgJ~#Cd*;;{
zfR0jXXga@dG8nf(OC=Ndz!c2+XZ8ihQ#{h!PbYb&O?K%{tMQhW9<dPV*joVOf{BO)
zV$BWr3<?X5xzo3Hxh1H8Zm^RfNh7UjEzsQxJKsCmHcP!{fxhT!YBvw6Nb}nVu-P;Z
z+vkg43XZv}MShV3!|r2b)-v~p6J$=@z>>wU{rgWleyB^G*Pb<;GZN;;NZqwb5i?GD
zs&zekW@FZn!?6^6WvseRDnswqnbEf%X%KtMkzxml7xw7&?vh0Z5m~q>Q&t`!5tb~L
zH*7)5TT7^liqeH<qu$V_bA<pv17_jjdi`%3*$Xe7d{4wN=ba~Ta_yFJM9zjXeoC$j
zWO4AYiR{X#VYHp2u}5uYv|*b1oArp_oV)L@5jjkQW}=W82eebC0&MpDfaEF|_TlL$
zbFcwY8P~FRH7|>PSiOGcjYA|<)xOq~<BEi~{JKL{$yR^^@voB7B+p<{8-H}>f+cjm
zoo`X5e5pNj9Ha|D3Dk8GJ7#3a>hR~%RI%)!GKZ^2)+WOf*Twal_HT!|egPZRrJjX)
zP52w3<{U9a+IAV(eFaveM0NxiRf^pMMEOXc@k;%pS=@BOqzjUtbZu&$EUl(aKJ}q@
zp$25Y$K*SK9Pgi<p4=DJlb2o6LL#$vyKYTe&w-tun(ww5n!i#}1EN=`&t>hSq3joi
zBI;D!wgXJJ1>al~f1KrV2^Q}bgXe)?a4&KK2ev4l&F%cm)C?Ngmz@_Qtk?hs<QF1G
zhgIBh#S+OS;UULUp2}R!Uny+XY@jl=@MnqLL~bz=Y!+=)|F%lC!qUcsUcVSh*);}(
zIfzCOX#PcH{`9S;RixDZ{ELDaeE%~57OAI%2ZgrC&^pwO5L3Hu9^F0k0O{KWU7E~M
z_|>DKCaGqPI&--bv12?dt}b@mq`uS5bzXg?R2O(B0S328CTdJWMkQnr9om0yZAX0d
zsaytjBZPhK?W}idtFSq;L$DgpBibSSi-?N~c^HRSK90E8TL!}1&&{s|g@)>N6h(2R
z1rXNA`N{offKp1Zypew0VjQQCgd{oUL`Jm@ggY4Ef+O&Z^n6B^ICw{Hn`HH3wOEI+
z1Mjr;Yx|=8ZAbP{gOKXp*8b4-a?56%)D+ftia@U{$_!**2KD$?xZ-wlP{pPYDo6=V
zYbL^ca@xPS;=Fx-tyJZjKL!LFej1o|HBa|w^_PFc^OV`WRk?}$eYLg4mH2ectuIm8
zt+VWj1q6_EqzF6$7jEmmnwRNTr78uhs#g|gFcYfA)+u>-T%Gm0)GCBPbjm^_$SN`p
znmAQb8Dr~m`^jNBlKMcscXm7q##~oackrEeiokC>{tuu}DUGi<zi$YLLnI<ecXAw}
zN<eu{iB@6=n#>u7{i<9R&AzRD+%H@P$CTs@k^9(meD=hewKd!zuvIFg{?53KPFvL8
z_Ix4JS)d*qiEvQ5P?>AW!M5@O*TaRS7Rh*h)WklQI_r3;mE>O+0m2j;rNRyz{q?Fr
z7X%5%eWsu#uveWFN^%Yg)|Oe=?dQ}G;4t4EP*mp3*FRJ%TwVHJ3L|XSvl+%|xw6ij
z@>Tx`mR_@zt4M(>FZmkk7ZzYw*_1>Wv&-9J25t(^!GgXDlrKd-fV0}UJ#7`*P6#A#
zYSb5T*@*q~@1UT=Gii2VCQqJF(*+vo)I(n|O5PAT+5_Tlrp+WH6FSY%>pj&2tGn-q
z&eDX#_KAvMekCmwu!GgX@)_|lu{1w79*Kd2vzSY?u~Q&)D{1LM+gH^$3AgcS^y_Qv
zIz{nCr7ukBARGN=-Dsn)PsuSKk5c$!hx!%eFGMTas;Dd$qZ(P869R)5)KJgsQ~KOu
z1cGgE0+QUIw=ke^Zh7U%^FhVp28B2?M+kp4TKcnkB}WYHf;|ND-D@Z4rz!1Vc^g(e
zbGw&q8$SSZ<NH9n@!sa?(a$xflte#IKLa`-oYM24S|2y}gZD;o&v;3jAG-GOe{ms>
z%yxMCI?X>xL=T9?(DRe=a^cZsFR5gzY^9DY7315K7p*InGJn0aP={)a+XNh>uMu|O
zUT1)be9%>#*WS+hB(6tW$uT*_8@f<;+!>!G?thdD-73JLa=x9`w3f$~K$c_u@R7#w
zgBh_YW#n(_(5+v%_$e*q<r5iOEIm-k4oaEql2&gSN7FaiFniaOLp)}+nU7Aq8kGma
zfG55xy-VPW#4VP~`62Mm9YagsP;sgACUToPG@ubTI&~t)ZvXb!b}~2#=)!~b?;ks4
zNnpKHQ$!HtzWr*;)i^QcjWRbu*hYY_y?T>p?iedIaB^Q!0moTy+c8_>St!wb0x~s=
zgX164O<{!!*ud$ww7BcH<E1|%!5Llgwg)kva#>y%GegCE^A`$GH~S{rMBVGniPQQc
z66+0;4)BKMSI>inNRN8KDNRv-HiS_!X798hifbx33h3$w%cUoLu$)GjHs3*X5$yG_
zeQRa>Lcdq7%37y>C4$3gn;?*aS>4k5X+}F(pDz<#7-R$u@wL<mn|Cgt_3qFi7JHu_
zCblA9UIidvOubVEyA+&Gtr%D0b}>A`F<ZKLuGZ6xXyf-ZFS8=jE~9PCne(dF5LcG-
zr22AkorSh#(!tWX*&Z3#j5Arw4eZml-3ET0g4gYncedKjol^3u>QK!-yyR`@`OFM8
zy_^2|rY~YLRCt*;t3#}=NNT&t5%XdFRbBX?fPLqNSTrF$Qej42o=h6KclHbb-ik`Z
zI$Xb#H=>&UbG=2*Eqjq}E!a#_EflE~T-J8sbi~KB>n%RtxbXgATYgb;f7rdc9%^}s
zii<J4GaZtP6?N6&m*uFt-cmXb#t>1&(B{08clh1$%9H*soLta2BVI8^L08^L{!{Kt
zl_9-oSbp}AWYDh!tb;wC>VyZ*DnA9EcFJ%w?}&OjLseOu@08pREmtvIv_(a+)%>+W
zouI_(qb%2tj$VVUCK~X*t@$VCWBSay{<}B4l4?n#(qE9D7SpmHLO**KENr2=(|jt%
z=kJCZHjx5*_aQ~!z3_e_Q_G{$oK|9M3&%Z7X@SafMy$<TUC;0~+kN@f+;1g9_3R#s
zd0(iDstaz4vDn+5`S&O=>}qb6d<j|x{V^0G-xp%bST6vZ47^52NQ)QsA5BW5Z&bWV
zR=l-X4E>p(SFJ}=BTHQ*uc_llDYuTI5`Cz8(}D~woBwp>clOuos%P7{QRQWcfU|2p
zJPY;AKnpnCAz7-g-|tgcebs5S9;T`+9?uTL_GOg2j?W30pNn{R(w}afXkWNCt7fvw
zfNE!LP6=%NIh3Q%Q~TWt=*<io4p2<_S?X!V+c8fqFNR@Jfy`vO6>`hxtN;$TK;!nB
z`$n}aU7cCaLJjh?h{sL+uw$`cU7f631gC>FdOiLW<f{l*xAFwrFj4gJ#B~V9G?<0w
zxwZFs;;8l-e&tW7>&!LR$kZN9;NOuSr|-_V74|)lUE*Mqh7!nc8dek8gOH`cuC`{H
zS^DF2aukY2!O@9<2E@fq(dEHK>FDdoe$Zu-z7cJ{2vn|-%7LyG&|MPUI-R>g-8Q|v
zw`2|}V?uAHI<I$ly$;0dLqirsZ12+ymgg6CybW6R*~a&!S&KW2YVl(|*{+cmoy%!r
zNfcMOofA2GqdVEj`><BuDtV=a+f~DkE%Z}vg^g=5`vDdg0Bw(I0l^kCf#q_0JZE@T
zB&i9f4*C@r%rBiKu|5R`G2!}m)<5>8a*fsYGMAW%uSfXC8Ba$#XX$W!Inv<ZO%(RB
zi?IznTM-FTns_v1>9X*l4<C8hUT*o;!$94wIxA9cMzvYgLb{fk%3%nMP0`!Pv%KBy
zeUm%C0%`Ao(Wz`#U{gl8@jD2$2dz481nKmqZeuI9Ev-)+7o$+UUd>akD7N~aPIbp+
z5Oa_tCNQ(grN7ohvh0|G@f2Pc15&w3Y!O6Ms@4*eevf^$;SCA^;W1H7=<J=Ls!()R
zQRPHr<K8YT#jUl>l^kkVc?-y<{B4HU#ulo{$$NhU?AUI!Ty^c8i((sY(Ionzet=!`
z8Vk~_N^z9@surxZa={hPvoV*t4$oa@%C-pxYIZ<7RX)`hpFnSpfT>0b8u1?+%^q<e
z2GSQ8QXzZhsp3QI?q5aBNkoT=%2YH}-bT^7{Lo&6L8<hABLEYFhU2;OO$}|TvtJdl
zg~Op#BF#pSFV;A@P%BV^C%nt`=K}3SM3_#6p(oVxQI1VBe2d~!eI?977l2GjP!r?d
zUp($+T(oiVe+1zz`U{%5zZ=BbXz@YEUr;lL;%DB8kVLCw+O8M%bq<8NH!g`>RKGcO
zYep5NK19`}PU)<)FZ1O|_~!-6edT8U^pZW5!PV0AAPz+2F7H=TWO#(#y%xA}?9&k$
zGcJ0g4${9J15Wf{0)cm+pZP0FZ#C=2{R9pAO5Y}WI9PQs-Fn})OL)-J7D&j%Oc*WI
zlk7-D6I2G)za9;-xD1HufU3``R;hM}(fS76ky94IfNw6!9vcZ5K3LkL;}hrw5Z+~k
zA5J9{5lKSga<jIzFnSmC?c_4P0uBsd&l{W{l7~N(!|+&rLO9nESK+IUOQJjSL=Q^=
zq;X(4s62gLHMf{_%-`0f0gQlk)j<&~ls^KGDNx$|4Uz!idyB?p{#7ymydYSX(K}XG
zOk5P3zoITUB+_M5v3h6@j+BU#h|f{$<)xPnl5ixFU*EnJCop&m)OyDEGm9(ig-X4p
z^lq2mUy@<0Z+nav#nKJuL@pIRluH2ryy_gKTNb!z!*x)Gd&e;L)my2If;54PK#-DB
zfzyH$9SNRo6*T)GDqC%f?H<e>U%m%cdJ9D$76syMwxF6$JyV>IX??fJxbvq)?PQ?-
zqwu!6om($^U~=8Lv%)uCSw6gdn@{LR^BYGgu?-HaT-B7E!)^14=9WL7UNNM)U%x7u
z`ba-E_UsKtkGMg}+LKOf1R3*W^e3XcbqH!?8l{feRtt73T`3H0@%<D|e(?|Tx_wr-
zfaFV?Z3^u9mf<Wo<&}H!SrsRl$j%x5$TCwecZlAy^>(ek)Vy*kL-Y~|#({8W+e2_Z
zYRh$6dGquJ?pb1n3)JnOFJ|?#qsmzfLqtQ$n%i@N;Plmle;iGGPJ-#;r)Qt)<qgqS
zZI0ile)h|NmKH>L0pR8XkWNIKZml8O2`=`BYtn80L8L`(VdxDFd*Ok=oY2dZRYc7@
z7lAjO`xk7?^UQ~SJy_)m3mqlB<MNiXZx2y3VT{X-aQJiz{`0B-{x3kiT{+LLAw{0s
zClnsK2CiJgs`Q4_M~mMTch6!HwyT`{rkLW?U)R>FNKZLH?Dn0Dw+SyVdS^^x(Z7b7
zMwBmxpBEkR`o6SI7U+|O8@Kh<Qs8Dl>@J0q-~K)76DqEbcL=wy#7GFLTj#kcm)6`3
z2(!!#y|qMH_wGJ;@SnzuUpal|ZavpfH_ODQm2Tf@{j*!2AaCCgpX||gx4NfDxrvFg
z*oCsVRpScNXXs$no71GX=dAc%_^bOE8dv_!?v2TGAzAkAQGqKPE`n-{Qh?1pEfOCf
zPV~y$@p^G_Vsz<BPo|+zr6`>$jgUSKxb9QZv+J>QXL(iZ@&v|I23apDLhdTLGqn3I
zd2Y+~bmto%<o!mvSe}f1{!c0`Q2e5HSGvB)TG4@34$K)JB5#k0$VRJnz=y~2bknx*
zgY@5A;pgWjy0$5N{1F2EBwXl)L&aJ34@-^}SG2UW>BWk%=yMHF+n%3(=4&4gs(#lj
z1hk^xO<7;*6G{fzEobMXNDC~2HXk;xelS=89b|B^w7YbZ9VhW(^UwRk$I@mh(S>#r
zZ0AoS-@hzeywl^ro7a9N<-w6g0D<L=kHw+OS!=}u(VoBIg{^K`suXIo&ncoZ@K#o#
z2VDLC#ODstuD`<$E=@;T*P8Wc%st4&e`Y>4jtND|^RV|${^rXQ^7hhr=2M%y+A!Y_
zAyWQXSuBdel9v2h5G=Rv=%eU>eXlkh^c=5+(TJa56Fltu@{SeBJ%g*U=)6crR4J08
zf-Zf^9+5i@&|St0#}=c=cXDd~4^eL&*5v!Xk52_batLE6FhWI2LZzgf2pE7MN=Od{
zlx`R$Lxv0lEW(jeA|28pF;Gbb=|)OwI6A-g!|VO|{r<t@@YwF>j`KRN^NRb~r~cx}
zT4lkLjX$AJ@EWmE9b0R!C2-rKC`i(G78mr)4cgA0nK6;&18Y+8k0N7~<OT3SSgaJ-
z&K)a(nlh#Oc!zz~8~vt4OOa*&kV%OeEp~N{Q_zRbqQN0KzJS{?m7lOhSy8GUUZP7m
zho|q1Pd2EV<P#Te{pZP|3!(mbGc>h}rA6f74=tjC04N;ad2N&Q7LA?9Hs_^WZnQmy
z228#U&9A{Jy+5W$A?Jaw!i{U+VogQFduD<Wo`(^W+$`PDGM+aBTkk@K2$z2LZkq?^
zg#za#^n%Q5ucYI=naw8NWBd4F)4QV)ouLs)t=3L$nP)qX576<o_041x)`b^qb2xGY
zs|6kOppSJafaP9uEPu54))uvaByFBc3-aYo_i`io9oC4p(qjZ548sbcRnVw+jK_9f
zW-C#?K}%ypsU%bdJj`drMndbfxde@K=|urv`p}pn!O66<O*_x4f_-Io|AF$Dbmkuo
zx;AK_C`RzP%4Il7Kq^uW0GtzZK1kH>k@Fbc?j?P$yuRk8*GH&+{t2?fN@P2D;?+dz
zBDNb|wbGrR%Xf*bMb#2kN=IWI2NsxsxUofJzme_Te}Ul2pBB_Mw_f;4nkT<}*AsEb
zEy)di@D?86Qp_g><IrxYq<bg)aa1Jlpf9@6B6uWUm#co^h@SMJCEjkt-5Z%`xQj3g
zjbi#|NguRm;ye~}IrBUi<+)f2FKu$Rhpxh>8Oh9dPbvh}E`Mur`b4Gy7&5F8(29&Z
zvZ*w{kk|FwA4|R#hh~0xQEtbOw1e<Cd^@Q;X$6=O2AhYDQI7A0JK?WLOGJg5v)T){
zD5MD6ikU^-Ljp4TiMRS6U+9Cpa?p0o!AV%D$nE=v(IS@TgA`uCOMlIr1GtDXWmf**
zL%pE6g)t@7OEMsrYa<cA^$@i;SM$oVpi!RlK!<bTMZs+y`&)B={U1e7PfPwoqt+^A
z3qDDQ598_T4Dv(LUmqbBCIf)u_6p%Q^IHKw8pzFl!@!7m@4@hXU2Bno%zryS4slwZ
zw?q5>ie5bY9LwV=6T+^3e<wDyR`Hnt^vI}V&?C>iD0n4Z)u*snQY7ja_L_NbUTRgs
z-c;XtGiLrv!TJ9k;|XYuf8+>qV2#hhZ;p$<l;+WI%PrWQZ7te!{&NIpUV3O&x53$z
z32H^YrY$n3o>UZG^h}+6_1g6q%<VdDz5lALS>cRCul73vf@E&-c?kHFR&f;=>@&1C
ztZsp|LDG?*y!%6Q1co%RiaFWsA>iP6u-u}AIOf0IawVM0m5Tm>!qI;f&9E0)-i|7J
zysAsVoFicg?)vm1nD(UeGmK?=<8-WvF25!8td$$5Ny+e1m+}O$XhzG)sp&=o>Gp%x
zkfq$jmZp}CmELp1N;1n=_!bYpY)CZIdE09KD>hUwJa|?(;UvGYvcS9<w?#Rlt{g!0
zpA;bdCbY64h5Ru_HERL~ToX11<0ku6R+CBkhw{6N28qHlu$M=h?$yi?Ay>O98WmP1
zbdb{EudL05ltZ?)r4#IH-d?{rF#NHOqJ<H-L93TsS=TVrHu9)&TB7v+a2W?1Oh)Wv
zaNg4}y_Y`-uZ);2`+gtzr*uq|eNik0G+Xhw7rhgQ%5E<X^FdNFM3&o|jM&uM$p)}*
zOu)`ebjo<kwO3PVy}!meFrd=fZABKJ)lDCk<!!P(OP$z@H1eJe>=^8l4~**?ntWi-
z^snPYF-CPLptx&$?{(=)kA9b2t&n@e2?CnAqyIn>%?XQQ0ORInhW%YC@qXOiSeq9{
zelPhiP@Yq`S}k~A>2u##9?OeCX9lW2c`yaW**rlPB)8c0Ev9c3=2>X{+IYC5v_o`N
zvXB0(4f)JW$bPBs0Shp5RG=^Ke)ZdQkn52}pDo+UD<Y#+AW^KTB*OFfm8RW~L?+$E
z+?D)3V8dVK<4VtL2<Bf_y~XOqe0+`#!ea8WlZD911mroEtutB-{%)j^u}_@&@|c+*
z!-))f$uD`E^G+#gjMbFuS4$1PBi#~{a+Y4_+&6B`Aeq08Wm_hG;)dPA0Ta>dCKV%?
zJhA}j+Bo}ecj_xtHuy`Mb?cv-#SIJ$${%wZ^j)E{;(f?0xK*@L$n9?LS|FyIx2~0O
z;r_w#tlVx!*w-{bgf{Y=V#b~qNRFgiRQ_(1l2YlF?1F3r&P)X@>$3*Gso`3~8hdP%
zb$?ZmB)(ST@x1o4*s4|r_5E6z-e2B^y0g>EFYJ$BzY1)q#01!ojG+J7b1dapO`W9-
z^FXmb;)DbSt5=gWm}gVC`)lyU7<;x^hA>>+nwEfTR-JfG%(#2#5Y=-*XeyUX1RX!N
zJ4i9hhyD((Qq2!~RpPA@Y_js8`jX2vo0HV&rk>^%7#(ik(se2!Wu@HDZRDTr%HzwB
zZnSy{Hbq)K`IGWm*hIq!MUA9}*pUAq7xxG#2h5|Hgs%+b#JS8@2<t)2xt)WZSDu&S
z?(B~m$T<7J;EVt*_8!{p`$!Rg4sbMGns0KqHviI9J>nxbzV1e!aMQBa(#ERrWyt?;
zH=d;O<p^%26^R~>CurdBBdLta?#RJ3f}xZ76<p}&&#g@<=ysE=QBYHIvQ&BAmsc<*
z@4h@_KsA@z&Ss0f7^qd%C?9wxnYZ6@qhia%WOwoNN>QEn#kX-i)acqIm>XCw%>Ijy
zWNb@%L^tOAah^)aK|NxOUjKR|f!etk9mH`qw13b5{>Lvc7cutJa}4#waC9<3Lv0S+
zp}BGsz}DzDx0s#ciO!d=X@~bRG5*2(qj|(kMB!VsrJyfwsp{yd9+n%ine8*9-n{hk
zBDIRfeqLFgmq*uJ3*^|d!%y3s22)6Y^oS9+f$O2G+p4eaJB_G#hvUnc?aKQ7>-q#%
z{>&gN9r#T<8SjhQZ`<ErYmq<o*ixJnv#z+sWzv`PPpdhuWs{^3B7KaP4&eWhI<lU*
z$13DQh@^43(dhjL3*1}mBNFeyoKj0Sv|tHVHNivD!*BTI1hCPQSW<R1t8=r@37AzN
zbh@91<h$ZWz1W>tZuF}W&j~L+tGQ9fBgcI;l2f6{&4k|PVPP_@0OgJ!k7;%vMQ1cr
zc5?Ul|GqnzKXVY!Lrt01xf~es*_EbN-h=-o4*K3JV7VYL(DgQ>ttSkdk+qsmjUizY
zkXI-ni23HiORU=)ImCupt{qCp^s*p4_Cp<_{NZxkP4$c@%ri@L)FxHNX*Q4qnmX+_
z>(?%ShNfBuX3h>FnrMPp=uyDq%ss313ax_o4@5lpZ4w=xEzLwjkA4q5ni;KO?I3CJ
z`0-Q2=&=ng0m;Y}`k4zSyUsupXs?yptTS0H<_P7zG_q)y-2NIoKhA;BK}cZ!*q`=E
zk4$a#_ulBKHW)QJ9JA?W*1h@X%KE<NXV1&0yxFMqua%sF=|J=)?M{zV?j^1M6O7~i
z5+fr0seq^E#84Ol&oYz*VH(^1k&bwO`USi}dA@S?{L16gt6q+xt~RW&kIBHtNx8kY
ztqDPyPztVC{=t>FE$8<21Df8sJ3^blBF}SEW#UBPmuG=l6B0YQfV^xCbjY080R^+M
z;4!k6K*q$Uz;&(<8DO9*(6+p-LAX9csh|ru6Z89v8vJ>}6KFqv<b4?%EqpMUa8r{g
z+)LIvo_qP8voEd1QjsXq>muvxzD+2aJi;Tfhg)n<#)QG_^aa-QR~Gqn(>;^d_v9p9
zuDuKc)?TSGcFLZ37`91e)xdsMPR}f9;jh%;sg=k4z+J<NA=@A-RLmT#F)iZ#*yJDf
zugtNJE?O!OcwT0`s^i6=S=!#c`n2UmYvJc7Q#&RfM_XMh9)0Z#J?vE~SOUTgZ5zgD
zr%#cf!;NUCdyd~A#b7St<_sQCN$&R^8THEnY!ZU{%YNtm>bFm$^wDI8Opjy9kZvv^
zp`<p=(q%=|_;0DpNHX`%2!Rt#TXrqK<*1CM<<A)Nx+rm?`eN4$8KK@j&%Yw;CKW&A
z<M3WJGRtnykg&6mLo!-4bUhsV`*E`woMyVdNW)9NXu$&+wAjl?h-od+UD+Yy>jY&%
zJ+>gTg4_>eucEr_e_lBpUv`pOpB~sxj>XB5wy2w%5A4PerOEjAB$)t?%`<pKQ=c3C
zf7cg;r61Tma0^(C4tUtc%(r(}oqz*VH;;zSF04|Ksx$Nr^_w$H&RC0Jle&*YA`vqi
zRPI(Q^V90mib9v6%$)1wvz7B!U$c3)H214br+Z52jo#}MUxlFqyYxIqpK%y5lx^xN
z+$yZlk6`o)omASXt1UmFiUtfJaTh%4@jYao(KE{UhY%gOUEM4qXp}RRi&dWG{DiZs
zwPK9GhV%^?lQ}@?-U!8mnVvji5qQ%}GiLB`mmKqOh}qJbbdD|Zq1|cu7W`iEq#nt(
znl<i1<R%`W6C+zf|DQpeboZedB%h<hEp7gz+l@~rmXE1-QVDs93KnIVDwpLQAS(xw
zp2<!&wWJ;l_tc{7n>!q3NGz(4>@U$`*WrsM=mKFst6@C`(|d=9Qt6$HoOydu7>Szi
z{sce5v%0Q-|DL7$`Wfl-=q+2S)aX`aThbT9<{;5MnCyTipPpg1lQCIb`P|+pytt!W
z=!(9a<>NCfS;%37Z=4%cdM9R!4d~m~aBT2qvhVm&Fjp9;OJSq3<zNpLLp5i*FWc>$
zFoG{o6HbKH592GmBmY(3$_i+ae|?7hSI#Fyw+aS_%w^yw_2&_oqOS9gf`XR4z<ppT
z<7No^>euyu?vIU|5X%+W0uFu48or@JiC-}76`@0RxLJOAHY#g$pO|#c+D-bJnU(A%
z5w?8MJ-X_*g`<@%LUrmwV<I(gv%W9XIOm)3AG=NjF-KG?vxsSi?013MUXRQVExK^K
z!imY#ou3O9X5CneFMBB65?E&(l?okd{Ax-vSM7Tz_S>2?*<>$WZ(Ck~(Dn|vdNaQ!
zc(7V?%>FQUX($ZsED_@);UkX99^QC5plty5t?RjQZ8&Uv#ZBj$KCuxWFkHv6#*`yJ
zp-f%xA#Yqb1B^f<LNki~S4xPvvO;@Gdy;&~02P#m0-kZH$HRKwy7CsW@9(wQutEQH
zjyAd2pc+KyL#~yCTZ{m7$;ZH-KQpHY?f6K0ro`DEg#$Vhx9;MU5z_}2NpJBrVqM%>
zNW_FIf8hk~QpmNdBfVy)3mcqh=BpO^u;L18%ynsAcuyr2>7;R)_d_l#H-$d}x?u$L
z$t%O^$ev_C*(%+jLa%P(>Kng!KMpogW|c>tS7)wY9#SoQuTlkoRn*|54zg@9wJV7x
z47IJMGYOG)`V1L=ZSIOg#?b}D56s2&+Y9Bs8gIL)rqy!w_oIOUdV3Nc5Suh}+7^3E
zTFvvtCbl?DWIrl5Z{VQAaa)OeSSapf?<xvbOI%90Cuz_Yh8tf4wtOT>i&E&PxJw57
zC(ZhNKTyuzp$VPe>+GBHMtGQX6@BlN{Ls?QO<lhRf_ZDOoosjp&*1_=n>yN|tWR~%
zA9Z`^iwy~8)?J&`3GVZmVh1#L<mg>44^^Zu-`^_@y*WO4os@BI!|)-)jLD5Mui;_I
z$FeE#hK@mnu9W#=u0cCGMJgY2S>Jy4?n-URPD#Wr^&*;ZPi{uyjlZ6B-I{<_ySNKr
zKFAO8UStiS?_0lXVvuihp4CgXx<Sc$fy)e`$eI?7MYD*A77J=VLe-qez343BLyL#!
zNR(7SX2aUOIq2x#kqh5EJNsZm__8=HyMN7zc1%m@f2{l%jchQop==o{F;Zws-*p`B
zkdmz%1kGM1&>N@K)>qw@8E-vZHsFb(t{<CI7#r_$V6{6KmeaD=g|DqDk?tZEWM?FX
z77ExD=y7Yn+X_KYY9OGCYql*8zHVSEG3_k7!x^$dXt7)3>x?K0jR4z?em$bP>{Y)E
z6{6<qSus07+G`+*qgJEOJ~tu4)!qL{&MwW^!K2NB4NH6cx(Yb2ZzQ`AdQL2Dss8(k
zhKqj%p4?v37!SmmmwB%-U2Wqr7{d^|JF@KANY?aYxa308h|2-B2p|C)TJUH22Cc1a
zai?g~jALc!gg{-e+d)~6)e2n|iboz<e%mjo1;_ssNQR{t8f9mjG9gjHUn-3iRN}pj
z+}z#eW@xmNFvFRX|E<j2j5Jv68(}8(n$}oBMbfiLsZYp1iWj++9Ad7{NPkdu?W&(g
zs}GwGLQ#-*M?Rf=iPmAF-veQ~@+zG$lrVVmNbi3`vo;0?jC^(d+HysBk-|7KoFATe
z>P_+X=MqC1=i)WEMvKyzB72MMNJ_iFPnCi?yC;h>@}+g5mO~G{5LAv`?ziT9q+vIK
zLVcbM$BhW;8Jc*2DC<%hr7lj|=RrT%rIBf8S72do3V8Y<O?m42xD?*G6<^Zl2FLgF
zJ$1=ht+~8&Jz}t%DqxJVi-OXQ<KBX_rQH^!xrqjSL=fkBH&*KU2s%DH?FU4jlBab-
zt^b~dco6?QT(jBj%w1m_tkGOaXkBxn$z<zwdFFY3-?+ES>PqHJz9)oOAUD1mfkh(c
zkMHC&Dlq@@!3O(jJ&x7N^k!4yxE$XcNZ4jtN}TDkvc%aGzt^R#!P^=y1e*c>ZH+<n
zx=PD_(PRdi2b!JC4D({v#IW<dyn=-?%<OUfEP9+LGKVdW(Bfp#{TG*P_t~H^%bpJB
zUEU@isNtO_q49rTCBhpvRIk(>tNRo<dmT$7IP<FCI%N`h$|W!<m$j@c3YED!PZ_~;
zE0I#3?zWYGO&JmJW(OxXQ|~&rF%n@PIk`QW9K!p&16oga3Zo*kBGpjV56tB;u~wId
z0E0qDkj^N~$8d*u-24008sCTGFPpRW4AC9p=yZJ)bO8)<15C#T%4{co;1IK$<Lkf7
zN40w(m)wwdvAKhKS&-J_ZJ*PGqx_el^LiZ3ni2M6)BPKQz?z<)1pZ~5AEcq16jK5-
zA7zwR2hO4&RS8R@3OjQNuBZPTH_LJ)8)%;|vZ$}iGTZ7YG*~?cPHE=hS~72JB$0b4
zBV_y!h>Mb4ffbQ4jjFTKWQCZRClyBnJ;c)|)mJQ)!W&Kw=ERg6VriSp)Fms&c^b30
zx7)zNm)-1krCUnXQ$l!QS3#T!6W3fvRg|ZINj#*(*_#QmrKX!|H+88<)MkR|zZW_w
zNZa7rzx)c?x`*%*@7szY&L^(30a7?GW9;WLhEI&ZnYYgE8L`aqo%1lt+H%0TjkiwC
zM4)gi^ZVR{8TRncjqHuGjVU7>9GAlp5%$)G@E-M61^ZH`XZ|{d(TTHEM|}9TQAyP`
z``&%HU6L?qoZ_~cFs*s&tSY*|2c^Fiug@vwTc%Pa*`)#(;U4O6w^`I90M5D+!24Va
zxTdcvZ{M~brqs{gI182m#4t@{1B(iN>fa-iEl#Z^Y2g<IdD5J+QuojjJc*k&6$h6i
zwoe>Owt$wAPUPNQa(KTz^|`VV4Dh&-Qg<)dq%%B$z9?$vq@%N8v|N7j05yslZA3NU
z!?e^qZg_MS-damy4~PHuYzQW<F#5lyN`4DY<d!{>6wRnKmPpX$^i^tFr-l4Qg`u+r
z&UjpW{UiTyk1Alx+r%aA4@z+p4aFW+{`d-Z+|IXbkT=Q?`jxe$19(?M>ezpy<$j-N
zXcoxN<n2d6N1MCL(z*RMO6xDDg2Ug*e`m$^+%r8a%@3}}Zfh;g?47v{;gSR3GE2$?
zuJ8??68)s&^Tezwm(Rogkco!<*E=U8iIwHR0rsYr-%UD`Bf(IN*R5isx)?+0q=s3A
zgV6Nx4O-@3RxS7>k1&h`!#0vpS^R7U#c@ooO0WORU75{ToGJ5yZL$BPRYg|V%~^{7
zpu(?|dDhk<<C!i8(KYys+xr8u0<)dBASVyP3fTQ;m7e1qoYER-i2&(<@lV8f5qH<a
z7`E?U6M#RKabGo9`8wXUtj|3d9*W~-psx3^{3Zdr3eDvm20^vtJ;pU(@iQLeF<rIR
zKt`{Jp1=WCzsdnxgdp3n#C(%zJE^r~We8{BYrFKpBnsRucw?2KI|PFxz+T**!*u9H
zk6ilIt$eey&d)G9MiuLS6{J%10Gmd1&92O-R(EdB`_=@}!+)y4@hIHXNEx}xu?C%V
zr4=H0D9L_n`Z{U&Wv62eRb<50UTiS$ph96o9vjteV=C`0=6cyhip<RH?t=(Vn=5Di
zG&;JiTr+2cXlH`KV3NihFn-A4zc*+M)(`Nf!);>=FjFkM#zr8+Ec6D=4&-aDwsBH<
zdo7tm%(p^GT+GQvCL@>4HGVLIH#SC-dr&mYH_S{_@HmVG1i)|;S_@74jj-XiJZVuw
znU^xE4m4LNTXef!@&#sKtV=z!jh~zBJw~0r%w3efI`V~dGaS&7{Q9WDVvn>yS)2+n
zZ0%b4P|AofSlM+dU<7IAGGPm94vqM1?lc2<1$Udqd)#=%&*JM^V7%!;O8QbFpyZSh
zEk+~?b8tO;6)>vt7T9>$O{fq_R~SN{KiYx2X`hm4BD@HqVYB=Bm*Xkz4n%JTWNor&
ztMauHPEHX9%kUQCH*x`Lzrb5Xj`rj;9M>M==Jau9L)XW4Ud{RT#|`bkj_=n772KK}
z?jn#EZqc0Svc=T!@273A{j=$Jy7n>?2#t6Zq7a}0%Q-$-V3)9$&jDEaQQ75=A4_w<
z<@mSv?)IQQduvGU?9TK(F%;8$%}_M%?AoGfLfOy(yr^l!HM0;p1m(DzyHuPM@C+x8
zwxKEdSvmRdk`BDBHC1HM)fB*u6$HlPlEzzYMWR)ekFKiVEfgK?JEnVrJ>E`R|8YwD
zt`{LhK7e%@f?aHiuH^NKGEpe{V55gJv;g&l{Yjmz<QVm!H91>)x%2~H855Al0_;8Y
zaPLPEub`3OjNBK$ki3hI9?v*oA3;RUdv-)ZDVamj)41Et>)#X|`=@W;L3W6eJ!i;!
zF$>8iSuwg;`kNI&6mXz0k-md9+!%{VA&XFfInz_uuPTJlAO0@1hrNsdI})pajST;C
z7cFt3^jny;e0YDm!$0wRpk#w)uHT>ls9`|)_gV=NcZt6cuRFv>MY(}?f=XTRQ(#ji
zz1gY8CVQlthblPsO(;fquT4Na)kEuNt1dYc6QmZ~Jz`b58ITU6r%C*orIK=yxbf3|
zYBM|6$fC5SOZ`C3Kmk5mrP=UJ;z+`WvD-_^+Q>3}*)Nek58{-`eE?n#|ASYqT}rb3
z>9VJa3IS2&?eD7TaD8)CMQ+bH-%<e5hJ!w!{x_*Yg)ij&@Iq4@kGmbu33>hg5S;lT
zkhQJbR%Ne%G79)2+WMYpDWid|kpo1dQ^25MP^yHNJ%6GhyX+piYb*k>Q6Y$B|E5N3
zVPY?RXV|Vorpo@04t(*SlSL!+wU2lIzpo`bS5B0L{$zI2vh?IEjbDwI^^^R}YvW2|
z`i7t7aS*lYBaNi&(pz0Br)741{GvVgku+>nk`RReKmYs|Ft3*uj-<*CxweN~pSIq(
zqH3h#)m_3^s!Xyt_p9#z39@r49&%U<U#PPFzg_^Q@F2d%f)&jwnW}u1ZbN@HCZxna
z;pm~^57o*rx3kc}crhbUmfqU%wPM|1Ke32JY8PN}BOr5|i(J)bEt?NS;Ur3vzZr*k
zxbBA!Yd~k)2NXh2mi>PTcQwWUqECS*N@Z6hLCPKNS?0;F`0&ZWSHO?QD=fY_-JPfO
z%t-raOj-qe>?A8O3;|$HNd_c;|HAvt$pZEg%1>tuw14b-)qYdjZU8S11?!1er(i!I
zg_Jd7$4o<nZcIwoy(zExgQs7z8}Ct|uCLaHb44QX$9VYxz&=E`I!#DMGgG5^m~#r4
z=?QE1fKTIe!J14;R|&5>S#aigf)NzG5Q>YlK0&%evBT0#_Jh`s^J+fLgQPGER2nQ%
z0olIsad<;r^kl*<=7&PGrYwr|f1u!;5xXmXZ`f*f&ecuVJ~6g@U}bK2B)(je*|g?w
z{&bb3JcxccuN;J@fvEOqERGQghwS!_QEv@%RySom=UPvGzmI*O8KRWCaOh*=@S<gP
zkBnCZQ?M;3kyCozeQGsyhysDkRXIf3^&tE)M1@c`?yU=_m_qZvkG!$b?Lk+cJ^8Af
zev4|G7OM6)hZ5V}1&xQ&P-4Es$+aeX?CM{>TlMFZQHoSTv|2zh!LCJutp)EuHTDXh
zUYA}ukHt?k#D=%Dn*faFN*J$U#+up_AAr^j@MVi&i|`a)*+gqJSr`O=yih01*%VH-
zh4r^s|E$lb&wHia?b9G5I{$j<h?4^p^t#eQ#upV;3$4KEd?;7E$3|t*r&IcC4bP-G
zYYbn*Iu2*qs<96r>jKf!v8yBp4%Y*XLW@Qoiq=Q<&uspJT^o>I7Fu_j;6zwoaOh@r
zrETy65gULh9xnaU%06>uo|`rq=~C-W(<N5HganyUiCkf7^vvu$pu<b4L>D6c+E=g$
z(B(h?i})DA8xEp1fxgaLc={99AA`rX4U+NB0V@h>ULP54do^b;D>tzp@1UbjE$y~U
zos8sbEG{m?>^Ir_pL6zcSgW~ukJz5@A(J;2Nr#&Pl$Gyh#|e7_Og{OP4`SYtW1*<C
zDpNRuqLp@04MEk4BmPwS7-GH)9YW3I#n7R(lJ}Shm8#aT`p&c4=HJL(U<$mKA&f@t
z0*p%A#p28#qX|C&U_en_URCMaoxiH8(On{5Gi!Q@Mhr?ay4Q4O?VbR%dNU$x^^|8H
zYS~-5fHSpU4L9N%%*F9F!r*6s-4<UKJ>XhQP*<htCtI29iLGm;P1*62zo;!Xf^^n9
zpv{0FEY8M+fwf(6_8E;;hFbzQuGnC@3WW~e0Gq_-sv~NV_U<{EUT-FSMnm0(qY)bu
zRwdS;l6ijgymK+gcC}cRljXp=ngKdh{>SIg<G;)|`=78+yw8BAQzpqJRMuwg<??!c
zo|FeEr9TPUG!Nr=lPa=zLbgu~U35p2^DyMQ#NyLs3!x|+hf(|`cSqy56zep7v{UHh
z$xMJZsG~;sC+V}MhrR1<Ll&odB!#hXD?1a?m5{<4hxtj!pvm#up!;ItgQ4eximVjg
zeq}Z)qnk;uB70^ILWv`K&KZNX+C!;?`dOF0*$Tih;3t`|qGJC&g)Hp1{7%dM#P$2&
zJT#uk$|R4#BM`@UCWtz08)wQ}B$RRv|B(h0Kgt?9`!hS-w9L8>|5LWI{}$v<8lxuS
z?vBVixku{w-gORDicwBpTHR4Fort}s!Ego-l%rjdDD7XrIt$4y>bww<ghA@(f57f;
z9l9NpHY3&$>iPNfsMg8@H%q1@Msvzdm6;dhY)JLR?pG?Cq>4Q(zDWqEFxPvmiqb}S
zznlyscrH-3&JCi5>N_!5+J^rlI#Ard-Z?K|n~ITOPDUI{`fM;JlWJ!mUKYbNCAJ^m
zA$XEh-yQ4ebRN%Oc^M_+wFZwr<~M4e->y<aF=*dM@aR`-R`_WQ-CJ<o(i?kc<=D>}
zAo8EA#EpaG?s3>Dpa!wGHhHD*b=NoAP<)?f<>boRafqx_c2y+>nZS!FezlrhY3*)C
zYyet6>{2OEbeZFpJ+u2HsQuEGl^;{U{UOV>Gs82TZ$Kqaw#2qEA9<}LEX#hX$00B2
zHDn3UBA6L`_!KHR7*3SR9pjlH>SVV+TvTEpdXj%(Bvz6c#Si2tOa~*NNLe8V{OYR~
z#?jezl*w|J!_d-V!dKeTU;9RE`M<XnOF7m!s+;68<H%>ld=val!NxcLQNYp;+Kyif
z@yIp@9C{we$vMH1^M?6B7ZE}H$?H^Wm8)}=-1yaI@T~E9QnIWU-l2TirM;~a4<2~o
z=z;NRKG#Y@-EuZJvPIVhd>kZW9mxwji#3J;rHMa0tq<hd_5wM8ORiR$B4I&%72phU
z1c)2mzL8IUn>kj(KYl=1_r3C$o3mqM(xSgQ$Ql9An^ift+#T<oN{92DpDh%<E$|ID
zN^kqLIMfq0SJJ{fW!XrbQkxT--BK#?U4Jd^tz|xs9tYk}sY59Cz6F2&CVu~T%Dp~Y
z7#4`JE|<!v;XG&$`I8wfr~MLW7Ajo6N$4^9<o9d-y<I6;(<4>91sH0cyI;ANRoLrd
zplQMAYA08-J)sye%jV5=A}xfs%@0B09!%%;a@3zcn+x<2>`kf@tfY-B^F31NWaD%D
z*J1H`xTZgg@k`gjQ^60r@x6H)vKl7VKAm<*Y%i33mi`Qg(kZz;`u!(Ks-@R|RMoJ?
zfd(NCcD4$c{1pbk!E*?3;`E?N4`kFZ+EgVdYol$e7lzoV$@Rwa+q0V`7;P?vV$oK4
zlPkm;_pqOe^@6k;z>$0X_yS%OXu%P={ZKQS8g0Tl;3jhval^0Y1DIY;r~jz=MeY*^
z+p$fNlfmq6kqNWs@XnhrylIfvW~6j&_4_lIRPXi7x;N7I$ESx?zm3J|GuLM)43dCp
zMgSiHivqbn-gA6Z3v$w>!ej?RMeP|r$%RwcE(xXFzQ%0`8UzQMfRzu1?jQ*um%kG#
z3#7KV+$J6blpwAILCf*$`~cMIjoUCDeFnmFX*MtQvG6DsAN%m!58FyLdU;(N?=afD
zd!T+PqVSfe2BM%hKzV~^pNR{tlQB~T-yRaAH<VU@e>hTjH^Gph^8)6V>=TWLyIGy+
z$HKc#Ge4+y-~bWUwHgjKnmYaHY3{tZS7mztsiUKjaOM+z^5koN)}o$3;->N*1u?f?
z;CQ31(^_1yXA(WBdY#Bza7SF&T$m_mDht^f4M|ZYEZ@C7oUbvK3v4%V{ib=!kxD=y
zk7g_c4{;CXHZ1H;TJ38XtT7yIIsYlXMQsNBF(dJ>7uniqUdq~y)@L$J>0(Drv>6CN
z7v<XJ4bnq+Rq#HK%kS)1jd~}SxtLrJLf|cuA}L=6hEwK^eQ3_+Z=S3<acm8Aw<Pm{
zee=9@lKQ#`)$%xz1uMuFBqwxfG_^0yWH`~7f$oL!?W-Dgron#Es-4H>3KO;K<xj2Y
z<xxujQtV$a2VRzqYUQZW6S(KL8?^O!^+C9~$nn7+1*p1d>Wre?$uEuN-VN13Wvb7L
z@7(Ku|9Vg@kwc8(UIqJCkcW~87_WhJHMHwe!SLRnGjgP4<hT+w<=97V>H7)+9Cz2R
z9asS7LyeK+<$w}r`TucAhs!>5@X^l_BGBV=+yLZ$hx!cQAEVq9S#yp~!IRmhGU<2F
zPO3pmd;#E?NHZcPe-fJ50EQqps>gBi`3vyib?5r$V%x5bo%+*0AiUoP{k5hCdIZnY
zx**2?pTCU)xxr+C5u@r0FUaXQ#EYL=9<F<>n1cRqLRiJa(urAX;6eUXPEZ$#`p=(j
zU^n|0>)Nk$=z5829RY9(!k>-N@*hC1JArg*Y+#Y7`0wUPmCAy$FszYw6CtSdE3GRX
zzsy~PwDq_F3;EHkugg+l&=J}V*{PmnH&{Oz;9T486khRO-SJK1l^wlNBNHwAg%Rce
zR#2Qq|B|z0yPD*5`LU7BpK%Mji8xNIec_}$DVcW5uSU!9UXR23(E#7gHF~gr|Ed1)
z)j7U$W9J%`s)q#)fTx=@&vYe2waOW`FgR|1<8YOfEa4T4q3Im%qL=1Lt~tn|-O{Z=
zDYCD8x(|Q+((m4!YZrULD#zJVvBvb~ITGQ82zMEGo1JSWJUK2lWpw$QYTXo}6W2um
zS@54RwcGdQILxB2qj~BxClTuj*DUDk4<_g$F3wAB`po)*rl_0_yxPf?^Ib;zJ{KjZ
z0mLMXw?@HX!A=2;oCeu#7yF1(TE2eA7xtrQ5vJvAgO)2YB|k<8JZwSy=1i1hS`X6o
z`Kjv<%+V|md4bj&Jhkd_`$7%WCn638;d=MP`>iy+C@43u2YJ)v%6_X3iVd$ZwNtt-
za@_x3ev*7VC639J7USN=LknS)<1)j4k-cm+YP2oO8{`${E;#&vSwAs+6q(;Gil;Cs
z<pEM))>)j3<1{wWVVF5l!k^sd`}~T|g-&k}5Q_nrhxwHOL3RW@kVvlrCrUpiBmh>H
z90N}8%$W{(uVo2f%QWmk)VFhH#~r9uE>*R4>~8~x2y~5Qb`pqw&~Kd!cnb+&Jbl(L
zB6{?;2538hI1noTvu_`0z<7lL_M6?rEo+(tI^==6*=Jk8&fwJyn4^mcXcqE=gq7fq
z?W-xkB9{I))P+`R)io0b#bgCKv>sRb|0K7cneqG8&#gzvw&V*Lv7TLoAieWzm7i|<
zd7$iHmLraJe)CoO8dsj(pai<6nAs75F~(tL(&~d}nU+Sc#($*RP6iAp0&*}IHmX4O
z4;bjU2CIXZ*V`E179le3iJesanl!)n(9kP2_cI&SJYPQ#$TP+m)8iPB&7dqe<?Uxy
zkWBl06nONKVc=25uEl$H(FN)84%dwPEn6I&*P!onr2On#&<M1bpcFP^TU?>ioiBVc
z>|e>qXN!`NDa4AijZEKh4v?g>o7?i^{!nY!cm82*rXt8Q!A_@Y!`#}OM(ZOV&0$?x
z?U_Y^b~`~g!yW#8rbE7pV}q*4yL?oRN4$;irDX5!6F_xiy}ROlD2bZXm6TmMsRY|&
z;UFrPcJr-Osgetjh7w?>f#h|Ibs!+0QZ9r|R0sJWHyJKjjn)rT={RF01&=4bUUeMN
zt*qhDFy+Y@ux`9r@inHUJ%O=h#a2>D-*imsf2{aF*oOkdVllES<DLMphZ#$jpzusC
zz<JXwls|C3BN@v~Msg=H7fA0b=*_J^p-<0|X?Fk#%z8`o>xD(Bxh}DcnTK27T;5NB
zfQ2KOxBRS$Ok1}VJ&5Q4^2z}66w^4Z7V6y(Bu4Y-3+=xsx^cA0%O<u@tWz-Bu##<<
zxO+z?qk|AYa3=Znbh|^RciY?25{|X;4i-f!3*f|OrARN@v%JDos$fyn4m-yT0=w{c
zecSk76zE7E!DbiPjr6Gefj>yp0p2-t(+j|+C~RRK8<J~Vb8OAkBvF{J9MJ5P&Q`hA
zR#-ll4*Ui1gQ&*fV_%Pf5NB!*_1DTiq8NnRDNAn&Xy-0G(r4sbnz?G7Ziq8G<ygm^
z_hY4w$>l;G{7$N9cynrqc?U_H4ky7z)nbWefjI&B`Ssn8q7n=Jv0{!6`K>vic1l!l
zqh{iaRP44^ZUct&$~&mbj;G8MKv=sFdIw!F1O!lgt&AP*cr=rywc*~c&PMF8<9OE^
z#{c_!;AoDrNnC)|w7)xT{SIz4@Efgf468qW!G5(0Q}FNK_Z@MQ<pd4&OL+yIR&@SA
zNu%K#N}J`qZSH6mEDh#=(&ahS0c`ac7(Te|Qoeg}#rK(4oQra&d}u`W<=KyY&v3WQ
z%Q0!{odw2@9=kuX=UxNMfdr>lwTz3YT?nZ4$bzji*ZWblSL|>QkRQUl-jR+ACeT;E
zoeShV$`A}y>w%QWe~~mo(PiIz?M+_X;(@JeNCwiXx*t&8@uOLMaB}$>fg8_iV~xG}
z9)&~6sN8B<m;r?#Qw4UAqGbOH$jY(~PF(16=tzo0jh*pO^a5Q0|Mj(hFmJ?<{Y|(@
zo#}P4ixtFUE$t(@AO@WP2vlQ+R2t;ypWzh+6#c!OmYh}<U~^F4Jouhd{-r%Jm+XQY
z^#h}~*QiwR^*DYBl+1Q3;aL(I1+njMS80$+AUgJ@ww$NX9G_E!_N;v-?G#`9=MZ)5
z?B!Qi-p!1FFGKS-m1(|ZX$$f<H3LgmBF#>lyj|^q17=AH8TSH=4$}glw;?dLv{!(<
z*MwV+XT<uiIOTRF6!p0@6=pO?WTLhlvJT7_${_=N0J{jp<<)5#lDWZh<!Gn|CVkRv
z<@`<qcJ>8)@uXYTQ;(thyKUXIt-8~}Y2a&KYcGBjZKZe0?^1`hVD3nl%`7o3VV<pl
zL>Y8iP!5AdnoD0sVXUvw+H3Z5Xp&GJ5u8?BcGx^U&Xs_6j1zhLIH>0cf6R7T5|I@*
zibZMJgG?=4xdz+UXMb8lV}bm`IM9~Q1qKR+xggHeTKP-2+g~sta&9)T2`{4NFyG~t
zCsXD3#c;wk!Em~`<wRq!BxD<g4D11|z<7^+g%ZNx=cp>A75Xf{l+SC!HS&LGZcG0x
zeoj+0u)f6rij&BEi`U@j4J<e;K};w1!^=Vn^eOF&vR?yzN`}y4BrE%k*=}rQp_b<p
zTAzvOna22B{HX%8dN-qxnvXX^3FLZ7wg!)ZV$4T@yhrR}x&`yI$cpo>2fk}t9p%DP
zzrP*hJp*CEs%F(inD&=^m-_n(ZxmdS-iusbQA~R3;ADf;O$Fx%a8>9nr8x7Zt%#T7
zMnO_=i#0W%iDX~`$=-U;cVBv*&ISease6bGZ}T<L@%mKW@~BbNz-syTvIg=x(~@32
z2xi#X&UDhHQMf?JMGJ$PkQlo)w-J0Vl;<Y2Mk~I#6DZ&~vP2Lfg!wvaQ1)dNVQBPX
zQ_A~Z4wbAq@)L_I{ME3CANf$fTM>|o*BN?6#6xi7PtS~Td3^9+7P&#I&)$vPFYQuV
zcse%3njU<$)WhaVA8`Z-d*46Cd%&fERKqIRRTyA9DtHir>abh>l-z)PU}CXFV=DI8
zpaKqg;T!cl@KepH<kwGDMQ%;#^45TRDMs9bq#me50-Yd`!Z6ABd;^26eSzWOEZLz#
zKQ<DAu&=&Ytb#@t*dD={j3Ns4g5pzOl6ull0BW$+<50G@c|c+W-tZK=b-Cqg#{<+|
zt|4`uy}|}1IfhH>Dr>c63v@9RQ(S{hY-`tIv)gAtHt`Y6vRvY*xB|)o+?7hzKT}Np
z>ya<)FR<vu@iqqUn;2Upai>}bzAJsu<_;c89H}kBB)3S-{ARM(s|V?;DIG4;`_a?<
zAUQzxax|Xr5`aAhHNxixcIA1DLnbXLOYaHYV38nax7(6UMx!OfO>2@}E<Fcne@g{Z
z`o3!=hENI63Chf}NgK<&aKfXM+Ecd8B)FQAI_huKoOI}Ie3db<6gX&IyI~S7EPivk
zu%RFYLbLZTFc5GsjOk_G=Ydka*4o)Jfsse8yb|Faq<St2oyJ>6&J97@%f_-iy?33;
zo*s<UhM;n`Og^~5<J27^No~jv+>t0;E22-n#E2Tyju!n`fMFK#8f;xEr68eJVyH*3
z=`np+KY66bm5}hJTv20*nY2cYrjT(sbA6z-!$Fxc_=#bj8xYAr<$BdHx$K8O4z_?f
zL04$5R?1a@yG^c&zL*9p@rPA07wnk3cm0C>P+78Kpp^<V*h2#tgVGU5_5vpiYBI2R
zXzs-I-n)kI$K_6@VxJ2-&w+DzaKuUQwu-Ik)!OoG(N+>fN5C}#p#tjwWcae3&W%T_
zANX4ehPwVCL9Tm|LQ6C@mdSteF&-Y-@{u2ur#9li^F--!J2po5i0j-RI{wZ6bQP_<
zny8K@>(NcaoR|TsKK=^so37-myvfY-CRvWCeK1V5l+2%SIOKkCm=?nP!Aiy`c*~!<
z?u(;Tf;Ca3C)L^jVkk8<83i<7tbIJ7w=2I=dA-tAh_EQgJ=`xa^#Li#%=b?!gwgV!
zX8Vpd@e_`Iy>zIET#@%}-Ks1GA3V_xW&|=75W0S<bmfHtdNP76`)D`mr0upePYqg>
zJ0<4uZY{FxDrh-laK`XR{fQvp-AV<2<%>H0AHJ}(qXyB_mmzQha{7^?3H!zl1`>+b
zXTVb&SPEZNv01D7`nL_|g96?b(9qIAXrLOKHS@9=bm1@7<4sb@^KwMWY-)>Vvl)ab
zJLp^z7^i-d$iUX#yljup@>nK-dUFK@QEGlG)+(uGPRfNRp%D@4a)Y9PZ@lzy_zxu9
zKyk*;!FaaI0Riz|XUlx;3Cr(Ayq{KfHA@UzQ=WqTDL4yl5=iDtLN1^KT$C-Fn>_r5
z+3`N#r=w89k#i^9<Da0faqHin0Vvkf77qf2G`)%6DiVFDw|?#cnI4dD@eg(ZQO(z9
z01dZDc*-N@+Arr6$}~UtJ$f;#>T1`&^(pv?2hf0}aV?Cd(2;?io|1gbVP%vFRioAb
zX#?r22jbf6r$J>F_~opS5H+tIv%lMpFUi$55eTYCj>1k>wnI*3#7)4Mc#!Kvt%Ow}
z!ngpNK`L^+wtN&KlcUWZD45^?oos4eT2~i_>2?=E1*i#Fd$Z*?r|3pY6<UzUXiJ%|
zlYFNnKP2~sxL}<In)rWLi^I$za=Tw-Q6t^iJ&aG<?8PTBx9`?WGLb5~7mITplFNG6
zvC*L4;X}tzd_(5{@W)*5W8mxt<bB0~!VXaMQ=m{1rwoS)0KdW;2kvh%fIFClBWL}e
z<yY8fzs^PFfZGO&!;VdPy?4nXr|#b<23+TQ#C1xPIlfpR(GYma|JKMj!wi1g1lrhk
zJfn;W-1l)~XNYVE*i4W2`V;2>J(|+-^}A31k6zI%{kxdd2J5-41fZTK!P!Gq0tTQn
zqXvZt%u;*t%w5!*JC)>`T+jki><`FR5g0iKFmgMctI8K{BL0gX6#BD9;+1)zvKqL<
zLCc#3Zh~;!D1X50X+wT$ACVCv;{R*h^`kdZFj}zpgH_Vf`c8Si=|y_h=@(X@1#;jI
z8PIH47AW+WdOvmDuLfz{wvD59j2_QDJZX(`ss$Y5(GGnLT0d=9#A{>MFF{=o?qF9u
zkU2g(KVjOv$j-JaSQ~#{=;{-o#~h3L-l<f@egH{7di#j`z`#J~5`!XD3q|<dmB-+9
zEMS^nfg>F2C%aybG?(A|6kE${vvCQa4kVxdLmiGEB<P^vAQ7DRXWS+=Y#1anU?~5T
z@)R47f8L;3+9`U{<lM%<#alwB{-Lk@kNdU-#()yY;qa~F=V5k!CIi%D<O&EubeLe9
z5Z}5~3K}79$Z9g14Ucy(r_CB0b^7TCb%xFiL|GW^J=uS{QD~~h{BTd~wweu;SjEyZ
z4Tww8CE>=U_AX!G!Jf%6ln5EWi5f#1`fI_S%K#8o11TmzkK6Fx;2_B{DqTEl<?1(o
zay|s>HTTlQ9@;AQuI&<4KLsp)8e2SMjmi(o<{r$!Tp{^}cnJCaA^BHKyVt#6us&aR
z{rGd}mhbqqM)3NKQC0oya5}h_bJAm39YMvc?Ryn17OTj)v!b&#eo|bS;Y=+Jg{DEF
zt#HX$`5biqanQyFGcGam_4~SnT-_>(bR<{6JL3==1G@Q<>uc946tU8=mp~a;^T@QL
zCVaed(>^S8rskuTdzSBz+_nB|j{8Oh_Bzq7-{~!Ny~$Z$v75k)KjC{JvQ9qeUbIr|
z*wFPAQPqk?<TudBc%Av_GngktG#32)8Dxfl{$71VZe#yxFacVtAV?pr=sP>RVR~$L
z7iB-l;Z9kvs#Bipoe5N?h^ZtdDG1!hu?LZxRoKUh&VQeCkUd{QhjIuw^UitfV^hi4
zp?;O<q{v>18Ih3-a!1Etqrl3Xbfc%&D`ge*nLX{vPjh2<sq6O)CA}V?$yuf5!MS%5
z`1#smfzJ}F5o4E!0N%#q#a)xU9E>wp%JCe3q-768&XnIV*cqU0zY-Za9RRW^w258g
z6ut-^q2&iTSK5`N_sGr!SKae3&QQwhTfgWVBuNI0gGx^mE7wrQQ3jV821TOJ%ibb*
zY{=UN1|~r;@Oy9ny%!*j8r;tGDgV^=={G(}PaEEr09@?w@N@_Q-vaW!V&eZyZhegW
zu=m8;q$1)S8T?Oa@FEweW-S6oGJXg7GzJeB>uy})#QtdcyWRVXBKCA{8y?BXiFye4
z#ZPLUa;a}C#GHo$OodS-eH@05xsvJB;NnDV0}uC5A``eg6vYA%>H<PGv#~DMfxjhy
z#zGhsc_s^kRn;yDQ(z<diZ^5`kQaWOl45YgDq?Rq2gUH<8JHQ7S_WfK203{BrxxK7
z_fTC=;nF;mI(!VpB3uCT8FV<SP9SnNz`gQMoU=&_6U*m3{3^l!B-$mmfNs+J@U}=u
zyU?4r@x0vU9x6?l3UILtxCVhD9OAhkGeL(3cD-E`Z>Dav;+U`+lFGiHEPwhBZYP!(
z1-gU0nDy?H&=K~BS)#4e5li==C>VM^%(K$T<jjqNiB$EgYwsfaDD8a|F<Y=VouPzC
z;fAZbi=QYJZ#!mrPEWu13&pg<<I^E>R4bry2Gza!JA*W5=0<wA;A8>(80<2n>&5K)
z$t;YDeUAt&!v0`Jd~X1aekNwpht+R?=x{|i-i<o_7j#|bz%J+8<b`-Xls=sMA4==E
z^|nSWpKP~Y@za9Z1ei3%-N0p~N6<wv<M^zC_kn#M{*2ur<q{Ze6_OY^GkE)%r0u*O
zqqRXVzW4>z8=u-zd2NDu9mxNRR3-N(uS*(t7JTyoA~vKkVd(I^>#pu9*35VoGzUM1
z`U^zonwLA^4FjY<l;!x$a<ucUSD7Wjsu9olWo~Y2l4#Txi%ldA6nBuT-DpNomy|=|
zb_mp}P(XNZ{+gAM{f3KH5b(-Cxth~~KYyC=jQ8~53aW)ApY-9wue_;-(6e)$*Ys!E
zgK%SRIepZi`$K|<je(vJKC1&aHq_qwR^LjPpKW>tlFq^{8<|t9eio^8d7d`N|5hCz
zug8Etp~Z!@qOSjrKYh>Igv83G?7%DD<moF}34|Hw`2Y<q{9x%#mO22T+ZO28s|s{H
z^xJl8=_{F1U%azi&myf9zTjJSF)WHdj+p})d+f0a(!OsVx3h=wwV0zbGSLfgOwunC
z>CIk!x695(H8i<EGXF9$UmGK>&!x>k*W#41nYNBwojaw9mQV(fbW!5G>JGJ@MznHd
zqPO#e>#}|fMJn=c$}o_AHqe!Q7t2PxzBuipmFptxd0nr1<*;7nuV#yIydvGD&pTEa
z8|BV#@)RzF0lumz;2e{J;>uVapd%XzsaZ$^Ngyh)7X9*M%~9`fo1nP`59sG4h!T>e
z0AGE3g@8qVAcJ>Wopw&Zji<W5t_8iRVVvI?3V{gHp{@^d(~{|ytC3W_5gXk{wF=s~
zRDfL0kr=+0uWdIK-)Khg1yKNMg)t8SGd~OMN4jWhm<nyo!bA{T7@M-mQc`Emwwo)$
zM?}j;P_fDV<K$bC`9Vuozf<+BkW%#da~i;Ynn7sY;r`x2k7N0aNpb(e;S!ka;S+^`
zWT>b3G4v7vE<eLnGeZ8{pvQE-8B<uW9>XWs#wU$<AzEk`xUbcXiJol4Wx9fPcL}Ip
zO2C~NZRGoRu*qHz^!o-x=-7?NH@1U&6SETO6H$LPxj$rpp*29u=5wwZeT(3f){EOR
z3m3d@zM35@3w;sQhJ@NPLKbEwB|*PIEI*&dcgtX4niA)*;vFKt#^%P7HxG-z=%lC#
z)X#-O>OqB8d1mjhQPwiAi;|2Y?`T3iAote|$shSfKJgf>)lP89aOf{?KM?yv#43T~
zegWU4rAl)q#f5ZtDl_OQ2=X2Je72=SJS4wd3R?@afkJg)A9I5kYkQ@ogpl~OEwh#L
zYGmPe-9YbVKqZBt`1AstMZ(zCp&RF0nr_o*7GVk;iog|#UA4s>uBFYLHlLer2`!A^
z(gy{!TS1x0NSt|x$|w1!vX04@u%!{M!o9i&)N!5MHlRc#BL{Br<wEV3*>fK@Pnx_u
zRAc7RnJPH)hX2wr5+Q$vff^x7aDHB2J%7gHGKl{`mZ}3J6{kRWXFB$(m3wgMg3-Jw
zaYbl(C7xhH&uvawfv&%RCXYgJ?Wzm1?vmHwI+!keSOrO5xYAR=?Us0uL2<7{p)O<k
z&e7B1#N7OILd1a50dtL3qzYM~_eXJO=vKdy9(%Yr7f)DcD8Y>L&nkQdnGDz&@F)4z
zB4&?KY9lGXKOdNz^tJ{t>GHP@9UEPYKjnl@H^`R0Z2EA-{>&=)6${0d8Tk?-&=|UF
ze#J(T2IRIWsk&=K+f81-&5^(H>fB(GyedaCHDMSUcINDrZN@W#TU(JUA_pJ)J(~RU
zf$P-hJW5dd&#`zi1L!7C+!=J#t4<}?dF}*GMu9?>TSux`<Ysfij@%`8h=&???=r%k
z6<54*3v{4P4fyQbuj}5%#a$(=XKE9Xa4{jj^Y4VtIS)mR-4U~0vpC*M(0g4#!h?)5
z6=9fF$i!qDio4k#sINM$82^zcSkLV)JFMKa`Z^^aG#Ut#fZobs@BT<9pVvmE!b4||
zU+db-aSFi`+09&E9IS4d<>mJ#Tmo2AbJ{YWO?DR4Rw+z7^N80z7v5m`#oI@c!vr4R
zEjgyAkSW^wWHhuVJt^HU#BsUHjfj76;yE}O*x(PnEh9sXy3<QHX#l?&S(bk+VWcSe
zHsy)`^j~@Q{Z5z(z@_E=O?Wlml*My~GY*n|kvS>t^#pyvjeqS{@s5ItW0UXGmSRqV
zd}7TAM021!0QTrMvRP(+a^F~SIJem%L}-*<=t9$KA;t~eHS<Q{#%k!?fO%UllYO4H
z@d}7eB^I}fpH5o2iur?^FHhFan%*T|6iL)$$YYV-XrD99;n-3zq2!RY9<x`|O_v>^
z8Zs9mV6|(Y>HhsjePzLcWzLH((S&Szw+?^3aHY=t-~LIx2O_$EsAD**7i8-O28wQt
zQ7+C-#;Bva@Y-e|^DHv&)8HStCP-Q)Tx2RkiDc+oDE=8TWw;9AMHj+L9D+*y(lyDS
zSJ+k}qv$8)GQgJlUYC?D8+)0=M3=-_-OGq94Gt%Kr?+~$@Atc|b$%;E>z`xcG-#Fc
zGBfyTX<gH6ml7IUm=>wJHu3qZUVKg6q(5N^AusHqXQ%&1^5VFl9)qs~4I!{OoA+Ck
z1&jmo>Ak;#|E;)B93mBmOPj$JgrODz-NS4Qk!80g3*=D=pns+jzvB7!^On@m>`jV`
zsZJlrXr3g{XY8ogSlh7>st7(v`b<JPc$LN;<==0VIB|0IZ$PPKE^P&dU?A0gNCI!=
zaJ+nU4;Hc2tCLgpD93~Wzv%#azj7mk+x4v}k9y<GWM#(gbB(^nB(Dn7D&5ULtVtMD
z!>a#Pbj5p~zCHx>RhNgJDAwfFK2JJ*lfC;-a?H;vei{$mG}jGh#Xa&%lcnM1?EOxS
z*ZOAj)^;-EwsKeP?MKH_O#WPGMd7e!IhpM{prI0zQ;zp2u>CMw>UHe(cW~ROkMm@u
zW8q}W=xvxil$aYDaQwBvM%CVp;0XoCux%`90JjQa*)@bN3Oaj(MyGI)%P`nND0Xq{
zG3;eVAWkr@Fg9&`3D-}eDT0Esp@BP%(kVN7QV}4(0X3N+v1NlF`LJ6vELBQ|yNbQ+
z=Wf5&zvt{q1FE!CHF_LsGV#W4#T+(U9oOy5*0f+YA`q-Kk)7E$XfOVq5V7Uj@ZzR0
zUn_MFV_S>AB=&C*vqp$o(dOb(P8gk>VKTK-9Whoe6Qadr*aenYdlqthvb|K*H~dSU
z*=>-7U5Q^wpz6{C7;{69;F5DCY-*?uF9HikBYpekXBzzJegC{PVgBVG`SSpo@hv+9
z1fQ+1ux4XRpzP~qW-d^h?UiBL*ILaQnzlq=%^N^p%?cZYZbXR5s)H9?6`yTUC<B3=
zn!1RoUbt!dZ|o`5Y2^gdkK|+Gpy^T?yzIinS}5`7YDMQ(?RAaP)0@uFW<y)GFpt4L
zp`A$ke?+}`Jk;M8KR!xIyi<r|Yq4f0YqnO|i)`5m*|QtVAeDw}k+BU*C}iJ9Lm7#&
zBr*177)yh(4+itS)93sB{r;WDyzV{s+;h)8_dL(y@Ia)v>(zf6njJ@?K%?dK;?Aph
zPyK3Jcr(0hw?Y<Kp_Z_NLQ!$Ct>D@0-_CMA=I;$Rc+iz(P$EIkWl^o>*A2$J9$=OL
zL&~$k;N~xLsc+<aKTr64)mk@fw_7CpPkvUq4paHs_8(vKoE5FMLouvWsX-izYG%`p
zB%g42JdK3>3Z(I<oduX5S$~w~X)aIVqR?Ob+3$+mYa>9r-l42~IPB9+HcNaKeNsx9
z6M(<3ufd9y?oa6kg$TbrHO2YbsS?jl5{Rq=PRcwsj{vlN@*+Y0Oz7(b=*NV^fYRo(
z@!PCnrZP>4Y07!Sgj@rS#lxyf1^3W}sL7_$8&RE$;W90s6k{azmpEgK{$|deA>CmG
z3H;{hq4hn*C;{3M-<ET1pML%$gb`#Xaaq$J*(lBkvqyiJ_TL$TQJzw(jphcAkB@&d
zE(1ZIf`bp4c;8Qz7VR5vS^J}cuE5ukQRW=M!VrHNL}~4C+vliwxbTNeALHd_ZO)~V
zD})!ppmvB{-083M0SSFW%93nze**pucjD$GXL|2m?BVu#|B|39XM(*iy^7n0HMIiX
zGtmfR7W@11EV?kpyVNJ$x^(sZ?!(lNXXAUxq*n`+M(~&_#V@tn&2V*}0k}lm`K|JG
z1BcV#E%n*zlTuz{yC$fvC&BR5C8|(j%>c3ptWro5xH@s7r!ue7p48h34$>aMf5;iz
ztg7wvnR-dai2kwTHXKWbD9jDG=!3JEC%qC3Z7;mn4KSS?vCv8FJU>$r5NZpA0*s|{
zmvfTy<ylFPb_vdt9`9x`U+>C5h>DBZ;y7<fj8?*MKxli*wIgAeDH4dLO_kMyC$GsT
zg!V0D%r)l}NOySF(VEOIi{Z62SrenJ_XB|Gzf@9H+Vc=23$q`ie;(<s-)et+bthEo
z)C{&Msag4^fpt4g;#B_GqozR#_)D<PpX3uC%xU5#NE5gJ88p|WK=w=BTd$_F|1O8!
zVwsY5!0EGln>4EfYG@-oID3bCICdvyDRjwzbVs(8d?K^X+y}(@Xd-B;QMu_X)en?Y
zy4|7`-xi3I86ys39SAQ!spkd5X~{ibjTZKdcP?rt8FTvlPjaEQt=S)g6VSG4KyVo+
zIiHT=f+Og9Xckck`oSMDz;t$RSM~FlLMBZ6<rn0|nTW*UfdAUH*bU=yP3jjHP{|6!
z5FoW6bL12G?k{IClInEty$d{_NgvKn!fDUi%(~Vaba?>EIks5L#?CMG_q?>tr%+Tq
z@j1-tWA<5G5j(Xo_}A;hGXu~`!-c&!^vVH@ia~3sPB$MY7<ZEmj(K%CNZ;+ev5hne
z5l-Pk%l-Nox6Of~iQB(H1+1@+pS!jDiVxlJ!(M^q4=k4Sqw}=PQnu89azr&BtmOM@
z$J42prF25&=HIhktJ9)5lUGpNEyRD;VHs#G^fK~(VX$|eHcg#1(QqY60AU53em-vt
z<mF2NcQxDXQyTqk!ay=kw!5=yb@Ua>H8e&SfuaZL$3T+6fJv-NzoV-!bAeWyhsY64
zsaex*5X7OL4^$@P)Y9KGzXO&v{$A0*&A47z0r1>;dkl>9tMMqdcl$e7?YE&x#=Lrt
zrSK5Mzkn?eYRNP)&tx@+y#GT%iotK^n7&f9yZogyH1WmGZ!%t{sWqHZw>qb7aj+RU
zTu1}TOBE8eC`O9Ak{AM<1v%UrB?iDh**tf^ba9gN&?g$NvBi7au%JKK_W!Ol7Ob?4
z^7gxFF4A%~9r$D>v2Iacc1+vl&U42Play6(wtpIrY@TP2CUC0;cQ(>8%2rX9>x}J`
zZEK(EAX$lTK>DiwCw*qXwe!ohDY!-Gg<X5jad#eP#o&`-XkKA4OyMRhzn5|&_M6T?
zewYzO{ZWTF9BGE7$zP+Shy(B=BeqY~OwQ;2A-B~|cGfUYaX#(BZ5>(u1-F$6I2v2u
zTw+52^t1u=@Yo2n-oA~6yK*Y<v>4x!%hsFG_<z*J<VghjRyr8B3*G%Xx%gApf_a`-
z{kBgNUi{wa?hCXbkCEsjC28uI#beOU^4uCsK4C=h#hT^>v(-6K;XBTXzA7>0zuWlD
zh7Y$#$>5?z4MS^_VG5>m!P{$zey=K<vX3O6r0VuYAawamj#jI#81Hun_Ycp`P%yF2
zxy2N+&l1IeS#yIqtIc1ceYCBjW0QR|#wV9iW`}G73v@P-G0*TD6i76qq6YIpr>L+=
zhuW5`^p4@F9<C$X`8UC;gMF<qbwA;~j8fS0BaJwxSkx<@EKp!<yFHJ*^e$GHopUK{
z@_Og`r@pdA^gNROG0E9<g8@%FtegHal}3tgxdUzFA*Jrv(^}Ui&kBou%=3%reP*A*
z89zLTX3;1L530uLKL7LBX;;o-8hJ9QdWJIh%Dy#O9orEbUE*&e#36bv12#W&n<_U6
zg+K~vsZzE)mdvkS_Llo}#|0R#OIi<4a)}Cmw7)wM&7KuM?9JIuWam%FIS09vX@4&1
z)+NZl2WuXuzuz<KQ!@f;VS({&9>X}M(=hCWn+iG3f7P};#<sMAf~qBTstAo;j-}O{
zleVO7H2nO|Utn^T+&)FM)OiD*(1`O|B01L`G_pE~=EzMoE@uYt-@Fo<DoNoNl{8s?
zFq<ADvSSt|b??^ww$n|Q=`EG_6=UVKmeHv199Kb+BL~{()3i*y$qO7W!Hw48#<xF8
zyU|Ca?U2+U;>^SIfe|e`hv<aH>wz}3e<#t>nZm0z*ZDx{zJw8t7i-`pCIwGnWmS2+
zuGgNgwOn6^$EuJ}f19Neb2(_Ae54^q<sdN6{nX56$Zlq4%;=F+ViGIs?>*c1o75|6
z2L%q3uP6BPgG=z%mH%qQMyAqMk)J4L^W~I$0`%sonJ;w?o*%Q5UiZ$B{3WN%9*J#z
z)u+I;I<ondC1{iUD}^`-LI@2nzcAijOS%{{a`tzG7(-h;csH4;>aVYzqx48H+>YTd
z!1W;42WX`cBX?=Dh*_F{1jbPFwHIs2;87WyeD-%GlrBKh_EQX}$b8~(IK|;t$yR$m
z+i}__^t4Y3s>CBM+}hQbX^I*Ct02a3_q`#e^R(!a{F>!ghRMPh{^ANsTn))WWqx-U
zN~>?F=|S7U5t-ONoa#KNGMQW1F6togVov>o()~)Um*E;;{33GxQ%=lg1Am6x0p4ZJ
z+;Ee1y7qbbgvJ)Ua_lVlcMWj50vzKOi<D8RhC>jAJX=d$RhUx>@uhwAF9GnYNg83|
zGJO_z+3Ky!-hX^-``4Y`G$*AQ%-Z^^+vdmEeyX6%f>6OdP_U8K5EQabyBLFVjheM9
zz2Y4MO;t^NLQ>x(Sy`kp-8x0#jGoNRZ#JMDS#^Yo{cr!z9tZpX6_lC<2A|9JT7W!D
zxF0PRApsPIh18c+kSaqa4ou5)u~!%9X%o<D7D4W=PsN&Do5v|Rlh1xn@u<b$SH3KR
z#E$tJ<d(!}h~10O@XAxVNzt(Bkbvj%(muNm+*Xm3V%QCDAhiN>?O>W1AeS+Vwa?Ht
zOx}ZSET+SU_OXT>+qR0d|4##j4PoZ_5}bVHkCJow+3z`^@~o1P!J2*fOJUJ7pDIXk
zTNgpPc9h}W-v3oPrMZDYxnE`!sDk^JPyNgMd(xw2-phhY{qFYfY?!2ewb_c+l|B0@
z)3!$+aZy>GHp^2QM$!=TAKMqpvtdT3X5e5FfqS>s-fu!vdWqFrzj}$y=TKuopL>LN
z&3S_Y4wh+O*#!cbX?<Xkw(#<7@9(y7aK?JMc%r-ivt=pAwK;;qr7!W8qY*5;K|ynW
z{(WFd`yiMk`InQN!*gpGc{zU~-)~<-r5?33Q!Tc9WZu3|LuCrE;`$$1=`!H%tGGxr
zEPIFAgmJ2WLKs)MFAMI5e#XC#<rQ0|gthaZC&g#d`ocoGX?~1`dg`^mob+T6Z*HAN
zU~v$j*H9^{CytMfzg-YjD1G)bw1(=WvdV3|k{6Mi-=h$FQba+7VUvBbtifhoi#N1m
zS?(klE3y+@ZIO&!RjR@-)^4kX8TH(rDxb}1eb&F)FZxw)Vdt5es`a^RJXM+$Tc^#l
z35PF_JlgMYhlEw&;h@H(5|<@mw|?}o&t6GL0@MF3w)=(_?jYpi$2cT$YW0KCBOjy9
zrB+K&o$SBM&39Q6!O?mgn^Hrat+g%)&c_S3weYuxu&6s+C?D`UFd8F^q4g`d0BM?R
zG$smw&^ez|GaVrfE`YR>S%blKF~_+RLHv(Yb=FHyQ@lQd+L|^GznoQirzM6i*nMwf
zDOEoiTOBM(V-;{NLIx^qo(C+@k87{1wj(kPPfnJ`*qoX<r3NxX*#F)eY5q3<rQ@&E
z;8C*9>@GttCvE0FaHt|hQ=MGZs!A_41c8YQX3>SSi1wdMXnz~h?>)7T7sO>Z65(04
zX6xr`TjDo%HSu*cJ>gFiu=JcBt{_m+wa(-q4$sz86io|iUa1fXHjokdT@aW$YFnVH
zKKDxj{68{{cDx2EOdM{Xs=NQw9vqXb1j^fl7KwW{Yejw(cjW8>ai%`bO^iixCEAU8
zn&9){_89mO@)$f#A#ZjRUT!mF8PBFmuzMRd%j?|xdCMYAIOZ%UxS<6Kr$o3>j}d%o
zjVb@Wpw*su1CjvwZ=LE`nqhM1+b5~4%25-)-iWF%%cPz}2OSm|&0iMS%>JcW$eiJF
z<=y^eu3JxbGj1_nmSsy;{`~W-#%=9aBF4wB+`eLb{GrZqB-N#s+&0_4mhDGYrsSZe
zNH`+p@j~Oo*B$aCst^5zWF0Eeo>?HFG4*xB4{dDYHPW_Jo)+wm?^ny_hCtGdf#8d|
z;4r4}!5>P_@fbe%O5xjcah?B#sFL$RAKkI1*Hx-IcmSi6fgMo63OWOK23WTUO9frr
z{N?F4Zs~VGE==Y;#P$VMUk_SRj^`BS8}d5?Dlcb)Jv4_p)lKcd#p0pkHt^8E+%s{Q
z6pFzmK2W`WyKA*0To_y;;-EMHM9lU2#ly-nqT(FE%aO0iA|doq0`(93?+;pgjW(Bi
z^7nhMn(BKb2Zv6<0Vm^fpI>SX?((WK)VK2Pp0%;XZ7*o$_n$ES2|x09YmOobJkBx$
zqe5DB01+43z#59mhzJ6K(xJLF4@a^AQqHT5HjwDksvl0#wAm(bzS)KG>!=F*P-GHA
zEv#|;wY_6+edEw<=Dpi~;nttozfcT-J~kf*_t1~)7vm*C&+I)YbT~aGO-mQc{LK^9
z7n@^M4TdxpE=vZ}LLibUfJ}P8F*DFO+{#AXzxy_S?(9zIx^3<~o9^+38wQ4B4p^WC
z%wK>(g~;DA(Z$X&IG^U)GGaVfk48}vTlF>>knjx}E)1yr$0|0^1X}}iKURb8y^&%0
zdK<q44+6`P3v`}hEVZj79G5oPQ)_n41fB1W$O^<y$6C99iZM?&6W}wGcdw6kBr`jl
z`PoW%BRYp!KKK9#_6sR1YS}{4x0cS47ePDAw+*3`_b&5}Qo59xs!8vN47yf)5!ieP
z*RzAqykW~~^Y6_Jo7LCnR;wLeC9K?tBJkjXjzOy5PJPAcZ?<C?u;IJ=a2A2UYgrM5
zpsjP^a}1!FHem3~WLB^nKEaW%KAb_^iK7iy2o~t`1pgf47B0*hLq<Yc#pi++^asL}
zeNuGyQvYMK?O6y{@f2mwxn4a7v7^PNia!|P5r|GeZfs<+@t}hezTVz%$RjqVqYuV=
zd-_Pa(7g(@AKZ{ORt+Hs^)RzfaL58~81V!j2+z`&7lowX29m)G8e?lYCv7A*k9&3B
z_O_Nsoo{KPl%^-Mm>zP{Ctk}M-^xDT`iMYYzWqB)wQ}e}%;8g=B}l84G3ff!8&~YC
z@O>04Lzh9BpFjRyoNM%H(@7UrVIi*($1|Zj!CsM{v82wT0;r3_pv)OD?gS5c<Qs?`
z8f4-4KLL_{`FPsI=Ei?O(nIjpa7s|_`GFyISsR5k<xfTIFmw64+L407WSmM5ADlB0
z`ZS}qC49A?x~MJ&Nsj>3PlUMRwc%rLpyP+K^UyE`Ns9hu;X=?Y)o^Zs{IWUh0ZUPf
zYv^Pj`57RjGdv)^*domyE5i~V>aZ}LCG}TT6k<-x2~$b^*71_7RaH%@Mg7}MC}CKt
zFi|4_$tm~n^tTRyvKzCTWf{93Wyq?Oc}wRoFxF4CFXOt{<pup8s{Z70&>Q%c4x|D^
z^&ayVKc4LU<WjY_jXJdZc6o}(38asrko~!zeTRPz#<3UQ#t4^PpB*TF8|>F>J0vsS
zdDXX775mkr?Ru`hRm7XNE{|4TKkAr^iUnQaF&&lv7Yoq(8z>!VUZ?0}@V)%J&zSQi
ze@%w#xmmXi^ekXrQ=NUJbI`rdZU;S1O%I%lCS{d9GOT(RXAU4tZz(tqSM^8n<d}DU
zY?cIc&`<xWW03{mYP37u<=8?v*V}xsMjz91qoXWW{pfdqjh-#c%N7hc3Ek_&{1<xv
zeKsYubLL?uA)T+6MY?Xhx=U}tOwdMU{yia)p9Ook`f0Tq45$kR3{lSvzU8nflPH#W
zf5jx8`co$E4nyITH$OB~%Yn#eB=Yj7w@?i4TkMfqHosi~!6sm^cn`UkB*Sv(g#Xsq
zcUVd(h1j_Q*-C%Q{NNtf+;TdiL)esmb8W?MIcf>7YkWVR>u29;pKD!bUuCIFZ780P
zEzo3N6lIqCcKC)*J7_NJp|DYz9g$xnRabVY;sSv$V651}d1l^`Z$BQBFOdj=qyR0D
z{(<=sEazJ<pNa9=i#T=Voxr8p(y~p5z>UotS9+ZHEG9))>P)KZ<_Ky!VK#%zff_kV
zBH`KA>gnpB^VabN;+y1KQ2+209?K!zep~v|aXtN2-La2QLx(RiEE3g>Smwn|RNraH
zE1Ejpx5*9mzz2e3V&l+PJR<U3*-U{)+ZaE>ML%`jGvmD9EXJgGp1eNAS|ntk$CK5k
zL1NwC4NUmzXOs4Fv!gLbL6;}RvEG2+)_U0NScP;W=evwvZyi;~=WRjy&Bfi{NeW_+
z3m_maQWTp`c+L!~>%&$}?-e`p9o6tqGPc%VihjIjxUnftv^n(s?ihh|$FD;7D&3m5
z>$*z6xA`t(2hc-y7Z-1@-c;1~vvbG?OSr-4ook7sn{YV+0Yz>=<4La8RBPL*bc9sq
z^ji3sRt)t|fK7MN#sz2@d}DFlomGl&_Ls@1<7)D3ZW7EOO9wPj$y<iyI8R{)f2eNF
z-5F6n9PUjy78zv(xR0D*O}szu);(KhDW9e7F%odAyPWxrl+NZ`=88mZ$`R(>52b@B
z_^j`8;L<|HXMt0{y1qKcUne9wq^MpAyW@ZzFEJop7lm9<0*mGnb^l(Qc!odYQ-|t7
zrE=id)_T9_#~(acc^|v7_^MUA5s$eajyz2Uc&zeHt!q#%lZ^C#jUA=A&Q#1k8_!V!
zX45yKsbZ`Y0&34ja=9tK4A!+#4|?7<mE+iwrf#sLA~kPW2A>_ZeuK@UpdEQ0pB|9X
zA1{(nGOQ`P+#2g^C`v{Yne@zGc7Fp6wvbv|Y7`FtxQT&8#sM|gJ&9#y(H-{yYt7u%
z{9#V6zDzIHCFpanEPg{|O^nrPHp$2Ny;r7^LWhRN;j-L2`lxR|zkcl2gxShZ{?Ni6
zsII4v$0g9V*bc<4LFCeI_BL{ft2Md}-MvWepXp)i({3&RdOxDE?kK|<XJtEOV96)d
z^5a5G`MY34ltt&6C1T>h&vWLZzAR9^!P3ys9>z0Ly8No5<lL6Ptn-kHD`44tPbxOI
z193A{<n$VDVfgBD-Oqx~+Vys;tK9R1DEN&;XmCdVW*d(!ACB^bJVK}YaFxr6gEGc8
zX7DW7qOC^UcI}?rG@YFS(5Cywe8ezKhiI8ZONq(|23u~Iaeo7{YbE>K=&pWQa?eJU
z$Hk3i85SwIQ1#?ljhvm4Kr+3g?&^6K{moU(wy@HH8T^Z1u5uIDl1MC2e7{ndVZD8q
z+)&L2UW4p=KYU7xGvJls3-HP(a~DyUdN%!#yg56^;qLJx?WXV^zcA6$u;xwrsK&I=
z+ZJhg;`TC~rL7;jZ^3j{rCb6LV95Xurwe(+q2Cu->>*pVKp&$a+QFBmu09lCBQDW+
zPd(S2umjzjacj1I9cOe$T+WCevBR}QWI+m_>PC*U)!pCh#RLc`9W>t=!7N%&fERG7
zIN;*Ziite2Zo==mBe^$kd6BsoHsWI-E>n<%a4%5(aP%Fs3Kx4b(teeVtivy*jWXOv
zeIoKiwM&sB14^7<?OzpM{!ki$@?5>Fu__7n+Y0Qrn%K*C%oRCFKo6Fw&d(4wvCCgj
z^@%ax3*6#@%dy)V1vUKI<AL3hU4?W`<X<bJ`dYBzfP_|jD*2$;HLy5SL!?ygCZ|(%
zlA?gk!?f;2Sw+wh3=ABn$)MFDNvt6dP6{i9rC{8PI|Id?BYnT}rVzhaDTWH<q<rdF
z#+SkQYi>BTTsuUL(MIiGeT+7A$Y(_D>f;$3&3O7Pj3BMgY32wkmq@rsbQxuVpa2fl
za~?|k*7^ugsjgkM8|3SKJpsmL87x9W+|_X#)U#3ss*>T&mkxQyePT8HHYU-J2fI&&
z-E(-yh!S;2s0)){xA>=B0DbFegklrm`fQ3B)5As&#=#6JD!p()aU9mnZ^9!90qp8C
zZ2ms87~z4A_a<_SRP7?hV{!<xpXkv$%FT>$SPvs=&l>OQWSrm2dK{txlv%~=C)56>
z3=WnHgyg|p@?sTw?56UO*V01sYPI9%uI&xnb;HhDKf6(~keAX;MY3+Hb@h~yeB!y>
zL8pXPk2$q4MDfV=C%-$Q<7CC2EsUS+T^169<hj#m)nj-t)fu_$1l?-_r;MojRert3
ztJ>j|FR1zEP6~uJy5N`C{2v~*;7^!TFa7j#oyt<Dj@ZYxrp~E_=3g(@_o$8Zf@KZM
zkSKit$!rj5S`Jg3@d(^!vp6F_zO2aEF6arv6aG~tVTMb%o)Oo;Zh3#r(I8<j<(rDQ
z&zTdib2DH^is7(IEKk(xoZ92Sk_c^w1<YTzK;yu(Fc$~T>S#JUkZW^H{1(>(>(ra0
z)H#9=+}-e3`=s*G$)yD?-l89xsS}!h|4pFXPM>hvOcFEr)w2(m`j{(KAo21We_+N{
z>BeTM@(1!n`c+f?olxhD4K&Pca!M;88I&96rqTO|!7QRXa)lAP_mc69t=u}CCqlSd
zKK)S{a&urgjrf#WoFNfh&WH-p#2+oWwA7$RcNz8vye?EZ;Z5LK5_u(lY~=>cGNdIY
z)X)DQ>Ac`*-7Qsh%lKw#F|Z`a#$&^`JucOu@u6F3SxKHj0M`d^Oju1p6lhuxaW)Up
zPyB&<vRM|EhyO+wvVXmy$JW3DC8<dRBl3o1MTwzsP8NBslgZ#TWD(Q=YsHf{Fop0?
z!)MF4OXhtl%=|OXwxvWxSX^C>4zNbtYAu5!SxXFl4Z6Wy1nUfKorDKuQHyU@Wlxy?
z;n=dxXrLTJ?L+Y+Lnlr|?$KTcKi^qDmP;Q~kpk7MCh4u4RXg~zU}shVp(40`+uy2+
zxIbvuDN}vZPm*1ZD^fbDSHs`+oZ2zE@WPAmHK4qBFaMVs=kTDiN%iI-_h<n<cyWSZ
zrBBL2Zq!Pg=CjdP5F_4JK5|judM~z8>z`|7W?2v(?(mfn^%&)*AOS7>e#!qTsle!y
zlw2EW@Me%x$39{{d=GVI{}_Y=q;f?nCx08p$^8_2nWCuoZ1*wTur}*W_K1%gvw2xj
zVtwK{l9jx>wGH%pS(+3xT6o2h{gNG_HtVHovzzmz*XT`z6K)#0sjk`-jfO<t1=yV(
zdih<0B|e#r$1*TwTqF8NOln6GN<Z#0cH7@36Gs>gi5M(3-br<<$|$`n%8b6WzPv^5
zFSc-86P|c-TGwz=m_S{q|D1Vi+EZn50|y6nvAuC;PC(Kw(TFu-aN#;o6P5BtG%V3u
ztLC`{!oy)j@S6ea+tA0EyklAs*bqk+3(X*>&Eyp}L!F4+&zaw+lX*Wf>fV~<H2a*1
z4;`6y`K`5s2nrco)@-g10L}iEXeOqdlW`0)JwFmLrDNs#TrvkSYpAC|@z1_!RcdX!
z_P()qHF-xK9x9%PYI1YNsLLLPORZS4ot)?46jwD)*MRbmOZQZ>-FTFu@u8);%Km3o
ziE~?0waOw3B%PM6=_e9hH!CL+=3v8j-JX-wy)Imk+oqz&bacC{-23B*IBqn00IlNF
zaU!tM2Y(fgE9(0?fEHd*3Xcl^ZuL{X#Uj&1u#5kNP`E$@)QQ8+qI|O!%70iHee^#U
zgmjT?B;^jn>+&y|@jO3FR;ecmyQq)3xq;ai4`QqwsR;KKCTOG6;Br{guYle%M6ihi
zVv7PV7G;L{ff+ue5K$hdwl(0qY{Z~Ho*CAbLzMBWq%32Vzo2Qd9H4)5#R+~xfbaUZ
zN;7?)-yA3U78N9R4OiyrPtJviRX^r8mdCBGa15{fg?s9LoZ>GG55iwn9vop><_vj9
zghm%z@IOOgOjQ2Xc?fO4$CPaFDL3Y;(?u$SY&z)<*-t2u;~iC~xqi5%-mkkO(B0`R
zAC0)5a!iCweLuS!)#a-DyBin=UVrP@I48N34W;#tlEO8gkJd&RoQ+=CkVs3xoa_eU
z7;8jmC{&|a-8&{lWtkI_?nvW&*~F8%hfwGvhZV*q5pMNm;~{}Zs`jR%-|e8whbgZ7
zIl(>-1815f6U|qD{eUk~qg^$!HxJR#==a8r>So%;Lk!}HClFeHg-1mG{!Z<=)pao{
zwDE{8@;or;#Ob(}kx5Zb(3)jqlWH+yLzmr_qKTX(lXIcOt%$-qWiz1#;Scdqya5r|
zI~FdRgG&^wtH$Hr6yuzMhg9igt3)T>o{oB-wgi-vu4c2?dYu(9;%|dD#12k#6kU;B
z6Fc$Fdc!x75fyBapdom;Jm6$gQ3WoL<oVZDF;3RqoTfdGqs<och*ejK(W6Sjhlpcy
zF!*i1UZxw1{E}v6sO{gX3J=qu!_Q6^?LzSqaF+Qd^`O&-$054F@z%=v_U5#^+@g5(
zha72p&d`NjjgPsvo4T2PBoj%)*T?1_i{Jg`V%jr*8n^g~vT=W2!81GAk0-lMweG;A
z{oA_~lEogiV<VW1EOB1>UA1)AqG+`SlgO$y7rIA0lC@IZ_}T;;WT(>|FUa&@AQM0f
z#zIWdnASQSL=pj}|GoJK6VFP{o*u5s8SIdI{nd~mO)Dt#{2Ni+wD&->0B&~GWb-M(
zkChk{9P4h{Ln*-I`sMVQ_BfJldmH<RYpS}p&>93vt>2(WNM$b}3?PJqMX%}<T+usK
z76VtuMDDhl6h6!J4d+V_)<S=sLf)c6T3KnD8S~^>@J)t~mXCUbt}15b#mTe9d`v_Y
zmfQMg@xGD5%}fn6OX23wt|a8J%=+u%tPVJ$F$53y%tre0X6|eX`W_kIQ0=qoB0Ey9
zd+S+w3bHg>a%-hIZmJ!O{CP{XK%-@e-ucCiLb~TFuphQ#yB?Q2<tLHnLqqo2`;J4z
zeSmE0KCrm2?)WEWj!<7x_)DhDT@an5zM6(MAS&EQ*Sj&WyvEw7P;MzNH`q0cAqIpM
zS6Pzt#~MTy_H72)Pii2P0`Dg})g_)p9Q(7w7Wgps`IN3kB9^?uG~qN<9;QY>hfp!c
zi=ElBvDq?>npC|o(e+8p!bbQ(2RkV8$_(NJT3Jn;=brp}JoM$-@lNekvQyv;wKkC@
zchEBsye);O59CoNTO>V2VTk90(Iu<YsY2CNXpw@Ag*@>LUs_%FB~@|gLE-GC#Kk=o
zEY3#3cEmTz`rR?2%fQstjl=zxmo5sSp7u3X$Ft1zFISYlS6ZPastc|kVbFVMq$~ln
zqB>49!d^I?wQx34Q<IufwC5zqG*pGIN0)y7;qa$7?HY;!L9FTiy`PIoVXe>nEs9kM
zv8;V~`Yz$&aJc|FXZNw?C#!3LB^)-)R)q%|3v_!h&umgZoOfGU-cx2P(8L(<I<Z*P
z!@#n!FRfNwBX!pZZAQ)hrc4(}2i~9Nc-g#h#pp5cw8085<84gjlBT}ryNNqDs#DXQ
z`&b)ou*_w`rah}=DXI!BRbKt~EO5^(qSo+uJG^D*(nrypP`8bMR1JpZ-#+#3g6c_V
z5_*^qWnkd`aYVp}3>wevmBCATrC)jrs=rmbG?gXi5^Mvp%L9*&SN1qelZl+48!JnB
zX4C;2$CxIcq;}ar)#u)ajn28&^6t%^*7CUZOk?%!s$(-}2>i+sBfB$;3OWW;`d$%8
z-!s-CF9%(h6D$KK!u1B1lg8o#*^(?xd#<)}*RH&R4?1Ue8M2)e*ul!LZ*t{w|L=)R
zCz2)eg!!PRS)5x&_1Sl?I{gE|N@ExJx72sm^(FJ?x~pDUXS_EJj0(5H!{B1QmtI!g
z?7KZC(j_G5L|)|=NN^wH7wD67PQvPF!|DzFaz%6Sje~DM8r5h7VSW9E0O%5Z%nn}C
zjXyx-9V}yUum`aDj-Axw5P%4`K6tVQwMTXSJZB<zDF;*iyCZi1S2p3qP@PQN0WmL+
zui)0-l@#8uzdOj@S)}IoEJK#)H6s4~OIo<}-ho0-BCD_f?022Us;k1xknw87K-gEs
zUffPenTlRSNnxYUAUjoOyvgl!BvIIu^jDSbnjD=5a`z5;o<z=Og0!{+t}}dOza#rh
z@<vtKcCnYNy<+)&{s?_r@5e{cd*&A2CEedequ04jdYH4TPEq&ZMz59S9}byOeDFn1
zL--d9F(=%EdXLQER;Ypt=CRM6cBX-QdN#?zvOb>RvX++dwWTDJte;`AgRPVBF|wS_
ze&yPG#_EWNlHjL_>et%id&m0=dr17TLNu}h4yf{epM;ca<T|5W$|L;rK{jmE5A^Dz
z0;JZ?PF6{+cKKp9Ld!ITQ+-E=-$}8%tz`Zo{-nTax_N+LqJ~-r|3mr2Uf#Fay}8mX
z<`q^E3x&!JcYxmLg&QeJ$(>SMl&P&6ny9)p6LEg2%VXlYlk<%Cs7QO8F{@M2?7*l}
zcs9~)Y<t@aHQg;WwJ(-kui6{FQVhlH@56~EJ*+3O=p$}{uKD}bHVfWPNZ=6Gj}Tqo
z3+ppnQsxKGaZof<T9d2vNc{L(41w?-7^w>alZ}z=U3t_>&+H7V$*djy0`ta5b^C9l
z_>ub2;ev_xDE4M-W^|Tt*^pz1SW^f$!ldTF1y!jndM51{-Zm|+rOw9yKdu0Z&2S_d
zdcSM#GC<?J98D8Ff(p8ii6;g`ypQ*;Bbpq8bc0;o$f#?m3TMru#pVO6K~ia!ksZ|D
zp=fUNM@>06AS4<7T~J`A#h}^{9=Ky?5wUq>Vti@5=5e#!P@1T6`M?i{stbNis!km9
z_9k*{Yim~A5zDlN!NJweY|c;<GZbL0a8~J)o5GDnV+$&g0Phek5*DiW-pXb<hzZ=8
z4jK&(C>!wYN$ZFsy=%}KWIwgwS;&njV~4b4h>$-RK@KeX_5l7yGmNKYe@YMw)e0{9
zMNvhsWt|9<SN{6J&6#O5?8V*B$j*>E+)ljBvX;+MFxJI|pf|`1;!Y~xY@_sg8|I-&
zHTth&>G4w#aVKzXq<;TFAp(PC6<tZPdQ6b%zzKN0ZO+L#IO-3&^$a>HKbPP!>(B_(
zy;;G|Kzbyf$c^X;;uuhQar@EH&u6~)MNCkM^N$6xgb4(~46^7UoLIYtWuCCX<}iz?
zM)8GCxEP`%vtvZ`JV%^Wy%XoOVNIn6=Tz0hPTt}|r3U*!kJCnh{a-?L{6xi2@2Mg_
z9)sNwRdpXLn54^2=6Qfrf@8LeV18>m$#EigFh~+BdgEMfa`3$=c<Zg&#Ma#LA4Q08
zRT8RpU|gjVhOdK<)lem0en;cT*(W1(4{G9bAN8DRC2UJ|OEW-ry}^=8Kb209UtmVV
zg{!i8iA_fj8Fom2Z=6eiWi{qvMxCsfv-O=Qw~;5hO_s)I)%ip#a12oVGrO2)j7tiW
zLX5au+{SDLj_kfZghajrw|{Hwq?ttTm9{J}RN#+;jxFS=Zk;mn#!n)n=K&({9x246
z8mcXN)<)3>iK!hkFN&{qPA1WJHN_QK-#WOwK1RTko%cZ>Mc_G)i~zWkj4R(n5Fg^h
z^7KA>E?Ahzc<U<ZWy?oVp980Gn@L5p(##$`9lG@{&s3b5wv}k5vqOBHb@k!!AREi4
zOtKAUm$R6ZVfM(p)o6A1@^MJI8USo1O>qIDkmg2`s-)IP<P1Qxb^w_v{ZIX2nHqJK
zzkO|o1$sDHaprcXb9Ge<dw_z?0fJl6Jy1Mf+1BobXeuLn@)yt-ijb;F^M`?mX4-@4
zE*~lm!_6kO{Zk6kil-$kR&_AuP6hFaeJ)Mj`G}bW_~UKqi}A3WPz-X@cL75cDyw}P
z11kxGB~XX{ygd%Fqt)$YXVJAPCkgy`;4F9T)b}@U?&UKLG`}w+ZZsU_7dwCH*Dop5
zw5`uIRXC+Av;Gd#(Y5?t-S-4!dIM1Szyly-j!og#xO#vSb!;O~F>6oyEfkKF$IGG`
zJT#3IL`2(LTSnJTLjHLtn5`JLoLu@(ZXrA9`2dReg0J?(cRxxmSTL=U-!mNMJjKA_
z7};QX@?X>CO>o>IQ9H=i7Ybj9Ats5SJ|=_)|3_MGgWpUI$EAIY{z0bQY=F&PlR?Lr
z9{8Hkz{v|Ba|2>Vyb*OGePJ9R=OHxy0HLdZY-Zm85WEx+>`xQ}JGy!0Ab|eb&}I+B
zgFnc;ucjCPFw*W{J}Cel#amSu0O0$JmTC-39&R8B2yFq}6#ONfmg##?L!uY*hvCh_
zg~2q^-n0V~IK`;9cmp)^&i(&?RFd_%=}?Pi;~MDy2X;y)(rz%X>lcy6xNWnIjho>M
zvV|SOq{Fw=%74JIv?2I|h`Lpe?aj3&_*G)lr2X}aD^o$TG&~oiCr0As;KppYr5njI
zUov*ht#Lv3DMs$60f(&A0jXV%Z4sc!w*+)=6z!Msi;1ni4_6U@PLrb;fG{vS8SqrL
z%Lo$8Nii=X-4WV~#E}0s!Iqz1-@iH4NyB1I!P=}m0C^_3ZKjQl{P2Y;h@y6wm~BV(
z=JxWyKQiKy0h6&5bB8QUG{xWvU0HgtA)vz$<v4P;k@Nx#!$I4ZBPaF%YYiExL~W~<
z1%D1V6oz+mTUE$*2p%qc90I8@2h3mN2SD-?_?xU$OQv}VDU9RkAtngSlvGY^MW+DP
znlsZ_E0y2>$)k6Dv03$_8{apii@WfdpE$q1n!Y|<pv@E`_}`W`;EgVTu+MxU?ngoQ
zmM|tEI<qMzo2b9%c(=CSU?w)@J>QkD2=i_MY+4!tMs0Wm_Ud(0nIaZzDBz`zH5Rr(
z1Y1x-a0(o5(Z$dg!3$xYBx0Thq`@3kpISNiZp>V8y&hw`Ntr*eVLKkFOUto#>e8Iw
zW%gC*#Rfg<xyL)OL&5AQlMrc?VXw~j9{w9M#avG%Fz;AN`VnMZ%Af3oa;9aL$f!<I
zlF{0jv`;Q(g0)^}T*>F<dG+lNVXNK)X+2*O$}+d1iH`*6^JuEms*KsHS7%d$>ra@-
z${1UH&UaVI(##LDWy(_{h@>_b-y_r<;TzmC@EKZyE$d_7mjQA=SY#_JVv4I^vHmuG
z9nM{bxm@t9!G@c_^3Z9XlCiW9Swl&a4=s8p2C<?QUod^lAZgoqX+99T*MNyDo<BGK
zQblq78zyIoibMDvvH2e9Z&azSqMS}HNFGOd7xqp3MoS)2tE1KF%pEpD@rAB7$-{+@
zcQ5>PgBKz0x7Zq>EMe5J(5UcZt>%E$7j!MJQ_SHz5AmKfh1pSHYMMc}8;`jOH?;Zv
zrWLCcu{Yj97}qKccif&zbcruHkPHjJe_PsQT%vN)7$$h7g|p0DJ^~V|?XWGHjXx6f
z%^??s`@l{j)nEESS|b1sXy>q!Z@{Usn)<DKyVzN+!01Br!@*^}=D-i7DUUczHRRW;
zF^Oy)bHfqhYvbNn<(3o#p|WI~<F^^H4DL9v!1Nm}e3+=R$QG&mZtA3y+?V5QLFwO?
z>dG@U^wiW_V4&OZ-aiu@qLNIfH^Tf8v)~-un=czYDk7!vSiYK_v)DtaDhNNbMDARo
zvhZ#(wq|#dB2Sv?%RF1*$_Yeb-V<1i_YODbxpFxFy<P0eoPPP=V=!bX%X~Q+^d<Ae
zIOpG+@G8_s!V;B@wujjwS^5Q{Sx+VWwPUqYr|i9T&ft1UxrnW2FbD%p8#E$r4%~GO
z?1L1S>h30Ewr?!%WWu9=yI4rAk0^KK(iU@9oP415sE3qn5^6wb?<6!ItU{goppc3?
zw9Dqnlj*HN=De=QhWz(cYx2FY32(ECrd%>4PF465)FX<nQ_K!Ik0VATln;ekLe+l-
zU4e+x+}PrxD_1creOM%`_x;kLoAtn5J@PzPkJ6nz`{&F)y<PIp!$UWdYVE;`K!rRH
z5~}B)Blr3M755MQZhbqjdiJ1h=Nw*kY&MNI;Okwy%~H@pHa?$sn^BWGiEMZ{rET@x
zC~v%_8`eicGVL2ML>7S9yhuT@=px5a>(^6h!{~gk^5ot7`{7ojMGHJF#80-6kR;09
z;eZF|iG`RMf^!P&EZ#T=Nu%}iO{)R-u0f`-ODnmcCRDg=@*&PC{yTrsR26C+H5#uE
zNx#|{gRl;t8V5J2Jz}n@Tu=<MNDCi~PP+Lgic2qCPKvCrS^?&K8yxB|wsm;jU6rmI
zsRe4M2eFFT_h9_kq*iIO(R!pZID&WxbQ$sF0wKYqdgf;)Z$S70hCD#Fakb5`cCZA|
zIozGvcWyq~%pQB#0@1^P1==y+m?w9y!a5+oXjN<&3MQV-S#v$&P1|WRG43XQFNSjp
z@nxa01{m8#u++j!<iAxje+t7FWL}Ax^}P9UxNkuJ&uQIyDgIu5u9I{yxjD=gPcR8;
zVe`)3ZP^Of9Oax-ZCL>yH`VHc%PMcK6lk#LKn$eKfhy#84Fp%mrt4Jha9-OgRuaRa
zJyotvDa<B5KSN=#n^_$TI>y%E0xK__4>}ED0<OQ-X(v0AA?nyiU<Ri(+|sfJD5WP}
zdnv*t@!WCoGmXLs%BBz?FiOlse^LurKafp*5XDy<7x&z$uHB1EfX_<4`h?=&3JP%J
zIAU^jEl)?cELV6#egqMVQ5r|xqbp*76&&}$M`>~w;}gn>P2#e)fjQ$6KJ8~v5l`{x
zC2G8@Ey52uU_S*ZZKfFr$HuEj^#2Pfsdygf`3*N1aJWRnC=h2*wrcBD#n3kmHT=DM
zl7A~AAd*u}H0wZd@dh1a9t2=PtYZ70ZVfb*k&+QNgu3Q0nXOh(h{Ebg!=ei!sB;mu
zZD_g%_Qr*@=cB5t(#_qE!L8nU0B+StEU>wbGUj=?G-20P##j?qciFjx&UoWE52lP>
zEH^}eRWn7o7eVduP`G@kfy-r@2|{z>L(CZg^MhRLenxJbbDgpYp#C(quw9E<qD}x|
z*+lmHP$AK&6gRHTWdPHBw<((PP+14@QxLl&uyd^!zzymm+i;*`gTA)DjJd`eXbY3l
z5UaFCt^c(2MYjYDYqZ+UsXs0nxw8J(&D9g*1MC!tG!<xNJ3Y_j)kZFN7zkYGulMOF
zYS0;E=fUnjFV{x}^+I7C3lQ@vU(&d$eq)5!?;uIzHPrt%?F%q1S#ELsx>T-_{E24w
zz_3_%;mPb_<%JQ66|GVE|L7X%8_m2P$-iu+Y$LJk$YBsn)vZBWZe*P%d6oGV%Y9TR
zp34Ma6r75snY?h@)Xiqq6=A>0hhW}x%SOer-1&DVWNr<Kdm79CZ+rahfNf$SpSX)I
zcT?bP>|i(WD*?BNtXw5KKg+`l^smIp-z`6m$X5pJx%4e{-x_%^_X(ZyKUQhR0GfTc
z@+Pa@7>ddbOK-d!NY%otrzjOlFvITIpS|#QoYEz9SxR43z0wVQ{9Cb9lt~j*UZu-(
z^z>PE<f?!vti-YP>6Xg8G@g)I|EvSPc|A_-(p$1-9eXq()hEreLjsikQvvC30~PTI
zCkQ2{CRCsf`TKL)d4|Nk#;$pxp$qhBspDf_W`H*mCHATp!?b&~!>ULE5OZ2Czg-s~
zQ`EH%8@c1@I+Z@`p;I)P=Qeaf_3}c<?a@QuRi+|;Nf3(lb-5S#R@d4ny-w$Xy;ql9
z$VhsKF3kY$zR%!0rSI3r{EQ#?`Isghbc&kv2bXmYy0VEqCUUP;U33<XEn2Nw)0}#1
z>c;9Ojf!dVdu8f`P4Pcalg*QYkVW8Igme!B!_c1rmD`7P5wJ;Xm`^pRwfVqKk9EY7
z?o$%7DQ`rPOm;VYbFVq3Y}{YlWaBp2^QY>i5_r1yOM-O50=pJ0KdJdqkF2M(Ar=0>
z-qU0m)q+lC(ml)QBsVJz<@{bMOCFYAf1d3<RpZ^c7a?EZNB2gMTu}SlBRAL!e@{*c
zST=}x^<W1I>Gs>(BaMgW<dnz)u#Dh;L)OrSOq9K(Cf4J{^#)z-#+NuI<I^sRT-AZQ
z2<Hs0Mji}hQ(prrr)3H1HC_OO$;oUOWj27CJ0Ql%Xg@~km$?Vdr)`25pl|XI)}Ln0
z9e|TXXXi?bU%q=O`s=`es^alE#e(p=AU4gU$iK;i)rq%FYd);wqeK>RIhUt5_xB#;
zs9-|m$pVH0F4jGrS^zOW9Tj6eDm>SMOlz*|#ol&F9q0=AR=_SzXLpmf!RK6q1YkN0
zg`p-rqo#?-4N;Q0Ja<yF!h$%_bp^>|fZR}yit0Rcsx20Uq*-)j^)A+ElxAvFgb9&r
z`w8K`>IC=B>I0eieB(Y3!t%T9$szD;64wW}a>Xg9v%3S=EuEh=-5f=j^=LNb;6=gJ
z9Kc|k>IeJab~<`06TcTp_w#UW-(*wC3m)L?KWcPJJmP_}61g(&hq82Ti><FDR&3c?
zzWOs|V--W)35G$^Kxhuc90MF$>OGDw<`=BgDm~%Zn+?TWsjCRp-W<Ggl%N1P!8ftV
zaB%tK(VAPJV*(p%xn7vV_^s&;-(~eZ)~<wQr^4xr)`E(!tW(-n)v|#FL}RjYg_ZqU
zpvmT`@fxP+_LUOnwC)^b63lf9shW@l_@Mlbf{`Ckt#orfJ{k6^NRnKjR(yiv7y<!1
z(~C3a^Hi7i!AkC1F-91u$}FfqxwmlKu9e2)geQ6Cd@n6cFNn)A@Ehy5NH+xHmjrz$
z^M9|VD2X&4cy=wE;Ajj~n07WXrWcR+ls+W6gqTCY&4kZbWXK=uFgZG#BIP{`aQfYB
zw-9c%^CyJ^y>Q7VB0tlVz49Lp2JFRXr}-`>)-jW6uGik9KgN7lW&H|0?)%PNXP9lp
zzavxs`>pyuKC5SU%hqr?d8`*v82(|0g&(|GDDMGsr~cvZPNKAya3B_n9=6YgJZt<%
zx6@gu130VAmZL~E!;(y{@PRs02Z{nLXEQ>2CFX4($@!UA-brXKLjIoa&1E>8Vlse~
zssFH{71JlM(;YrPCa3D{x8XeUN{bNsEUUP&&+A>o&Wi~oKp~Ei^;@+3Q!f8|OheKl
z>&}u}xJuIkYH~7$KWBzjsFYQi4!g6W77k(xCFESyv$A`U{d-ZOuKbK>E%1zxU^7Gd
zoaPkjx>)G_Q;qO~E0@wzqpT`Cl_o2P3bS3cmQU21DsI{eUA2I3bYvO*JkY_HD7YQ_
z_l&7{@gxcAoN4A#(PTC%ESO{2v+9GEwOot>hzw7cN6sOet$__S{oxtSlcR)Fb)Pe>
zJG_72J{|Enb6aOBhtlC4szi0tF(`Nd4d&*=l1tfjfxk%ZQ{0ADa?8A*VQ%;<$g>d|
z2N}B{TO`-XcXWSI1L_TK9GDgov$05`g!kBwrOw&B;tay3C-J}U_&;S#yA7Bj_<x}~
zvu5ymlb+ccKlwPxy|gRyw)?<0VG2q%K*a62@@!J){RBsmaNy8SJo+NjcD?Lf@I7u}
z;lxC<9?5o%bo(={f<GziO|E>v<By;C+VKdT0b<dO8x;?#J5(WdXK7Sj0s~+f1f;%X
z-dzvUv-1AoIxez~XYHJwE4DDFroi(@@q*G$P|_Dm`Ma$W#f7IDbPPXd+sb24H%pMH
zjv-xi5C-tXg)kIa_Z64QHMk72pU|;?R?TPB_z(~EJdoT={cZ=p+H>}~7va!E;cM^{
z{0v+l8xx|pplDL9KCM24J01xG`m$Bi=@RT_=Em-72eAq5Ia(xKr)yOZ<6mYgpD2e=
zlGsb_$kwox=YD(eB__<SjG*?&`EWuMAZViWlf_eSBzFjyNqFDL(^HUrU;#o>@zaR|
z%a3pY(Cm5-kq5ES+}o+WwQOVcJ}}??#{lJG(avf4D=KWhwP7QgwKp!co>V-d_Y?_}
zYZ~T)vj|Qi$s{RY-9w%N+91@obQERRNwW_iR=lK8+B}fgx}+$zEWIIu+gsnD!>mV0
z)V4G;;H1>DsFXSTs8$qzYVgy+(vuC3Tez%Cmjz%?L0=`84Ry7ag)m6udD@T&k?37g
z!3c0|AqTuNf{g}Ak{{a{JX7Nz_Ud?PeLU2`SImXp%7uRupUZ5ym)TR|EHr(bRdG=<
zpSp%B&iJpvdoodY8_5iLwgmPu68ooYhJ3^tU_GU}!p3I!DKmh&?@uTmx%B>yXlk~R
zeDzzMs5P-p${#+zXoI;X8@V29HnPEZy&E6FwifsCXaEW~q}{p?xR24bhS4JG!P}dn
zVOXtejVu3@Iil?}G~HG_-#>|dmtlk*;^PtQsFK9v*rx7>Ni<U5_s!Wk%{5tnbyGOr
zXa;~;l95CL85fJr+O>0_HrMwqD|15Z^uSHfIy`EjNu@Eeq+sHMo5IybGlzG4#+HQ!
zrBgrTB#$($sikhGUpS?_HM*o)(6W`+??vxhk5Mb0Pd+eWw)%?uC^;d;MiEp`BlrDt
z*ytGm=`&9X4E$9Uf4>Y7SW+x{#%tW&fx5!sx%}WL*(w4#KL*cd(-KUm+@l*vBd!Vo
zt-fYGx)V5v51|jfTO@p@7=(q?Z}M?%XR|<l(Q@eX<bdf*cAb0#=rjr&D+CnPFUwcz
z2DT~GxlzMmzUqZ;vC*8IjGNop<Hla%bSn&(vL5x6wp8s*A%Pc6{`0%d1<W`2ae!Ed
zuO;Se(m_-TfmG_XKfQh}adFiYj9Vr53|hL|Z?buT<nU<7b*v^nPLL$`n`i8vD96#I
zbw6(5iVs#|1;2tiFubhXruuYiLSKdCb7Tj|NnrbT30AY504{(?-=%T&4|rP54x|o)
zWCq~sk5f<p)MA5ribqDa(b(|i@v#30?iQvZ2ln`my^GY*+punP*pAtK<G?Y=mn$0$
zB;HZ;`o3nNt&ZZ6%e%(#^7)JC3Yw^Lfx8gmTs-l{E|GO5#4S-<waSgJ#H!o<vqZIX
z?RUNJ#Uq2eL9T{RXNBSX?{Iq|R9OnU#V5k)i2Bc&T9djc7$rnzbstsLWiaC;WG8wI
zCWc$MtF~|)vITM!Ad5X9TST-cM-U{xn2w$l<a-;eiN6*;uTWT3vfku5PSrTNZH)*x
zACb9x7jFhn8O0I$XRBSZg|VG|h3t7)mA8r|nH{0tR`MrWSQYiH-nT5P81s2cxjUp?
znRfB(LH+`;SL+p8VwCu4;Hz79-k)JzSuPEIr0=r^uo+`_8|(6TO6e~DMnI0KeET<6
zVc{<Ewy7GQ*yl6fYfiKfg}iF4QjblCU=KrU)qS(7sziSx*lb1m(e)6>5rESm=KiC#
z-DkXK_g0#s0cv;1O4hUb+_BZ<zoM`jqD_^t4T6pb16;QrxJQd>*E^ibV|L7aEu|&1
zg2gFEUj~j)>^3-S$*zw18JVq@*AfrYw#8dOQbKF~GBfl4ykK_y?l@lY^|Yok?3*$p
zO|kZGRU=v>JprFN!plZ~Fd(+I_j0n$0QItLrOO<Y1qGe=YvrD(umg#Q3Cckh-EL+h
zbC3DTCEeG)G=i`r`NY?@jc({kv3j4{;*sG3%-~pqGi5!5V^7k7@Ni3(Y3&!res2#s
zMB^Q;Bs64R$Ff1?L%cQErF)}2C51}Cq+$yeucxNvnH_exteWUBe(Ynvi1H(A0r9DY
z2ysr%T2Ot(wDE-qHL>w=7S0X(RkHG4tv^%4fd9Qgt4-UIOx~!7ac>n!t12*CAoHWZ
zpf}DuJ|^<=%f|4cGk8DvxO!V>=-0{WBzt{PShUSp+3UgJN(#>gH}gi(MV8StsBRbS
zFd4y`<BKQ0Hn5*0_1}XY3^B`dWK|hF5j_gecRL-W(OIkdS5XjR2by=$17}NM%%EY-
zL!e(6#(#i-&mga{fDqlJ%hwW}BQ$&-;TMZX=;!JW3+exdUrCG5{JWog?r?LK5cls5
zwlKXA>=OT8P?aKcc+FiRCutYNOVG8XD3wiUb3^h#e>h0%G&qSV1F7aa=|0epyYuk>
z*n;%N-+Pw#8@}p>SDn)pJ>tz$0@@?80~B1U$AN%wQ<`{IJnw({C~*AHm7CvkXC3Uc
zB)Z@}0PE`Y$AR{VF<ZQ>zi%>BeDIJPnA}&U8CN8SL26beFa=t5K#r2rYz%9z%}!-g
znVGI%98iI2BB+bypxLtI2`A&kDHDDBT}*MtVUW)`Y25c*iXJn>?lQPGARKwfb9Ekt
z!!3UTtYf1T4aR9O*NXmVqODI|hOekjKZymLI&k<FfH``Q(GgA;SwQo8*qt8LzX}`r
z5%Gx_^6om(lqw05@D9l#0Ecq#6(1@1!hX<u|Defj2rllUGuXW)exlWO-X*}mwv!IB
z1@aXjc0a&t@~(+-(lwu5!Egg>9Io`pnn#=li?I=FR;qCBJ(mdWpGr4(i!iQm4M|*@
zR#?Q;4{zNp5*ZpU$Ox&p0K5zk@mpYry4}Rqqp|zVO=Y-GN7mxaA^2iXOZ>H!7DVDk
zrEhnpXQ~#0_&Mwx;tTuMQI1IB+>wOOkRZmEEy6~!*St*a|7`EwKdcN5h9L9KYy?I_
zSC;yA!)?HzT>Edc!;Y%o?>Dg}{j5J4dh191^bhYZ#g%Y=>_5UfUEq26e?6vuwmbXP
zPD(N~w1RSq#D=nIckkZ<PH8ZJf)_|TjMAgwFq#fV^TB92Fj@|bmII^Z01@Rt!~gqz
zvK+wH0|UpW?Q%~J0htnlz#aC$1p-QtR)q_&tpeO}-vMlL0N0BM0*{sj0%a!w5argQ
b0HS(Wwq0qk-ju}^0OEPN`njxgN@xNAYXb^%

literal 0
HcmV?d00001


From 15109520fd7869adb18d0fcc577c755f0710e3f0 Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 25 Apr 2022 18:53:34 +0800
Subject: [PATCH 06/36] Update README.md

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ed49403..cf3002d 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,8 @@
 # ByteCodeDL
 
-![logo](./bdl-logo.png)
+<div align="center">
+	<img src="./bdl-logo.png" alt="ByteCodeDL" width="200">
+</div>
 
 A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
 

From 1a63d1fcb6d8cd44ab522bca67121074957cd8b2 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Thu, 28 Apr 2022 15:50:13 +0800
Subject: [PATCH 07/36] add call and node header

---
 .gitignore               | 1 -
 neo4j/CallEdgeHeader.csv | 1 +
 neo4j/CallNodeHeader.csv | 1 +
 3 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 neo4j/CallEdgeHeader.csv
 create mode 100644 neo4j/CallNodeHeader.csv

diff --git a/.gitignore b/.gitignore
index 0fa412e..56b5210 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,3 @@
-*.csv
 output/*.csv
 .DS_Store
 .idea
diff --git a/neo4j/CallEdgeHeader.csv b/neo4j/CallEdgeHeader.csv
new file mode 100644
index 0000000..a163d36
--- /dev/null
+++ b/neo4j/CallEdgeHeader.csv
@@ -0,0 +1 @@
+:START_ID	:END_ID
\ No newline at end of file
diff --git a/neo4j/CallNodeHeader.csv b/neo4j/CallNodeHeader.csv
new file mode 100644
index 0000000..bff2ea0
--- /dev/null
+++ b/neo4j/CallNodeHeader.csv
@@ -0,0 +1 @@
+method:ID	:LABEL
\ No newline at end of file

From 0fc41d2c144a630bc648bedcca7e2f24ba1711d7 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 29 Apr 2022 00:04:04 +0800
Subject: [PATCH 08/36] add datalog plugin

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index cf3002d..2d23b55 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ you can use the docker we builded like docker-compose.yml
 ## Features
 
 - [x] 搜索功能
-- [ ] 调用图分析
+- [x] 调用图分析
   - [x] CHA
   - [x] RTA
 - [ ] 指针分析
@@ -46,7 +46,8 @@ you can use the docker we builded like docker-compose.yml
 ## Plugin
 
 - IDEA
-  - [BDLH](https://github.com/BytecodeDL/BDLH)
+  - ByteCodeDL helper [BDLH](https://github.com/BytecodeDL/BDLH)
+  - Datalog language plugin [intellij-datalog](https://github.com/BytecodeDL/intellij-datalog)
 
 ## Acknowledgement
 

From 57be83aac6d61ac3f0de018fa4ac901440ce2fc8 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 29 Apr 2022 18:29:42 +0800
Subject: [PATCH 09/36] include relative path instead include dir

---
 example/cha-example-1.dl      |  4 +---
 example/ctf-buggyLoader.dl    |  4 +---
 example/ctf-ezchain.dl        |  4 +---
 example/pt-noctx-example-1.dl |  4 +---
 example/ptaint-example-1.dl   |  4 +---
 example/ptaint-example-2.dl   |  4 +---
 example/query-example-1.dl    |  2 +-
 logic/cha.dl                  |  4 +++-
 logic/inputDeclaration.dl     | 14 ++++++++------
 logic/pt-noctx.dl             |  3 +++
 logic/rta.dl                  |  6 +++++-
 logic/utils.dl                |  3 +++
 12 files changed, 29 insertions(+), 27 deletions(-)

diff --git a/example/cha-example-1.dl b/example/cha-example-1.dl
index 415df41..32beeb2 100644
--- a/example/cha-example-1.dl
+++ b/example/cha-example-1.dl
@@ -1,8 +1,6 @@
 #define MAXSTEP 8
 
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "cha.dl"
+#include "../logic/cha.dl"
 
 
 // init entrypoint 
diff --git a/example/ctf-buggyLoader.dl b/example/ctf-buggyLoader.dl
index f6052d9..266911a 100644
--- a/example/ctf-buggyLoader.dl
+++ b/example/ctf-buggyLoader.dl
@@ -1,9 +1,7 @@
 #define MAXSTEP 5
 #define CHAO 2
 
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "cha.dl"
+#include "../logic/cha.dl"
 
 
 .decl NonParamPublicMethod(method:Method, class:Class)
diff --git a/example/ctf-ezchain.dl b/example/ctf-ezchain.dl
index 59355fa..7a5be3d 100644
--- a/example/ctf-ezchain.dl
+++ b/example/ctf-ezchain.dl
@@ -1,9 +1,7 @@
 #define MAXSTEP 5
 #define CHAO 2
 
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "cha.dl"
+#include "../logic/cha.dl"
 
 
 .decl NonParamPublicMethod(method:Method, class:Class)
diff --git a/example/pt-noctx-example-1.dl b/example/pt-noctx-example-1.dl
index 665b49f..48ce998 100644
--- a/example/pt-noctx-example-1.dl
+++ b/example/pt-noctx-example-1.dl
@@ -1,6 +1,4 @@
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "pt-noctx.dl"
+#include "../logic/pt-noctx.dl"
 
 .init cipt = ContextInsensitivePt
 
diff --git a/example/ptaint-example-1.dl b/example/ptaint-example-1.dl
index 4ca9a2a..369f48b 100644
--- a/example/ptaint-example-1.dl
+++ b/example/ptaint-example-1.dl
@@ -1,6 +1,4 @@
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "ptaint.dl"
+#include "../logic/ptaint.dl"
 
 .init ptaint = PTaint
 
diff --git a/example/ptaint-example-2.dl b/example/ptaint-example-2.dl
index 8b8826e..5ca1171 100644
--- a/example/ptaint-example-2.dl
+++ b/example/ptaint-example-2.dl
@@ -1,6 +1,4 @@
-#include "inputDeclaration.dl"
-#include "utils.dl"
-#include "ptaint.dl"
+#include "../logic/ptaint.dl"
 
 .init ptaint = PTaint
 
diff --git a/example/query-example-1.dl b/example/query-example-1.dl
index e7d5aa6..58a63a2 100644
--- a/example/query-example-1.dl
+++ b/example/query-example-1.dl
@@ -1,4 +1,4 @@
-#include "inputDeclaration.dl"
+#include "../logic/inputDeclaration.dl"
 
 .decl QueryResult(class:Class, method:Method)
 .output QueryResult
diff --git a/logic/cha.dl b/logic/cha.dl
index 1e592fe..77387fb 100644
--- a/logic/cha.dl
+++ b/logic/cha.dl
@@ -1,3 +1,5 @@
+#pragma once
+#include "utils.dl"
 
 .decl EntryPoint(simplename:symbol, descriptor:symbol, class:Class)
 .decl Reachable(method:Method, step:number)
@@ -91,7 +93,7 @@ ShortestPathToSink(callee, sink, n-1) :-
 
 .decl RefinedReachable(method:Method)
 
-#if defined(CHAO)
+#ifdef CHAO
     #if CHAO == 1
         RefinedReachable(method) :-
             SinkReachable(method, _, _).
diff --git a/logic/inputDeclaration.dl b/logic/inputDeclaration.dl
index 904d634..833ce6b 100644
--- a/logic/inputDeclaration.dl
+++ b/logic/inputDeclaration.dl
@@ -1,3 +1,5 @@
+#pragma once
+
 .type Insn <: symbol
 .type Var <: symbol
 .type Heap <: symbol
@@ -29,10 +31,10 @@
 // method 
 
 .decl MethodInfo(method:Method, simplename:symbol, param:symbol, class:Class, return:Class, jvmDescriptor:symbol, arity:number)
-.input MethodInfo(IO="file", filename="Method.facts", delimiter="\t")
+.input MethodInfo(IO=file, filename="Method.facts", delimiter="\t")
 
 .decl MethodModifier(mod:symbol, method:Method)
-.input MethodModifier(filename="Method-Modifier.facts")
+.input MethodModifier(IO=file, filename="Method-Modifier.facts", delimiter="\t")
 
 .decl ThisVar(method:Method, this:Var)
 .input ThisVar
@@ -61,10 +63,10 @@
 // Field
 
 .decl FieldInfo(field:Field, declaringType:Class, simplename:symbol, type:Class)
-.input FieldInfo(IO="file", filename="Field.facts", delimiter="\t")
+.input FieldInfo(IO=file, filename="Field.facts", delimiter="\t")
 
 .decl FieldModifier(modifier:symbol, field:Field)
-.input FieldModifier(filename="Field-Modifier.facts")
+.input FieldModifier(IO=file, filename="Field-Modifier.facts", delimiter="\t")
 
 .decl LoadInstanceField(insn:Insn, index:number, var:Var, base:Var, field:Field, inMethod:Method)
 .input LoadInstanceField
@@ -90,13 +92,13 @@
 
 // others
 .decl VarType(var:Var, class:Class)
-.input VarType(IO="file", filename="Var-Type.facts", delimiter="\t")
+.input VarType(IO=file, filename="Var-Type.facts", delimiter="\t")
 
 .decl AssignLocal(insn:Insn, index:number, from:Var, to:Var, inMethod: Method)
 .input AssignLocal
 
 .decl AssignCast(insn:Insn, index:number, from:Var, to:Var, type:Class, inMethod:Method)
-.input AssignCast(filename="AssignCast.facts")
+.input AssignCast(IO=file, filename="AssignCast.facts", delimiter="\t")
 
 .decl AssignHeapAllocation(insn:Insn, index:number, heap:Heap, var:Var, inMethod:Method, linenumber:number)
 .input AssignHeapAllocation
diff --git a/logic/pt-noctx.dl b/logic/pt-noctx.dl
index e662258..217a15f 100644
--- a/logic/pt-noctx.dl
+++ b/logic/pt-noctx.dl
@@ -1,3 +1,6 @@
+#pragma once
+#include "utils.dl"
+
 .comp ContextInsensitivePt{
     .decl VarPointsTo(heap:Heap, var:Var)
     .decl InstanceFieldPointsTo(heap:Heap, baseHeap:Heap, field:Field)
diff --git a/logic/rta.dl b/logic/rta.dl
index f2720cb..deb2019 100644
--- a/logic/rta.dl
+++ b/logic/rta.dl
@@ -1,3 +1,7 @@
+#pragma once
+#include "inputDeclaration.dl"
+#include "utils.dl"
+
 .comp RTA{
     .decl EntryPoint(simplename:symbol, descriptor:symbol, class:Class)
     .decl Reachable(method:Method, step:number)
@@ -97,7 +101,7 @@
 
     .decl RefinedReachable(method:Method)
 
-    #if defined(RTAO)
+    #ifdef RTAO
         #if RTAO == 1
             RefinedReachable(method) :-
                 SinkReachable(method, _, _).
diff --git a/logic/utils.dl b/logic/utils.dl
index bb8a9b0..9bcc016 100644
--- a/logic/utils.dl
+++ b/logic/utils.dl
@@ -1,3 +1,6 @@
+#pragma once
+#include "inputDeclaration.dl"
+
 //self define relation
 
 // Utils

From c564ec4f68218e83461e759bde501f4333c92a58 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 29 Apr 2022 18:43:33 +0800
Subject: [PATCH 10/36] include relative path instead include dir

---
 logic/ptaint.dl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/logic/ptaint.dl b/logic/ptaint.dl
index d9043de..0c88847 100644
--- a/logic/ptaint.dl
+++ b/logic/ptaint.dl
@@ -1,3 +1,4 @@
+#pragma once
 #include "pt-noctx.dl"
 
 .comp PTaint{

From b718f0d99dfca12d0283d8e48655ee674720537f Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 29 Apr 2022 18:51:38 +0800
Subject: [PATCH 11/36] add rta example

---
 example/rta-example-1.dl | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 example/rta-example-1.dl

diff --git a/example/rta-example-1.dl b/example/rta-example-1.dl
new file mode 100644
index 0000000..8b80869
--- /dev/null
+++ b/example/rta-example-1.dl
@@ -0,0 +1,7 @@
+#define MAXSTEP 8
+
+#include "../logic/RTA.dl"
+
+.init rta = RTA
+
+rta.EntryPoint("main", "([Ljava/lang/String;)V", "com.bytecodedl.benchmark.demo.VirtualCallDemo1").
\ No newline at end of file

From 3f6fbdfc9aaa2903b685f1fd45ae0bc6bcb71c7c Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 29 Apr 2022 19:02:05 +0800
Subject: [PATCH 12/36] update docs

---
 docs/callgraph.md                     | 2 +-
 docs/context-insensitive-points-to.md | 2 +-
 docs/ptaint.md                        | 2 +-
 docs/readme.md                        | 4 ++++
 docs/utils.md                         | 2 +-
 5 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/docs/callgraph.md b/docs/callgraph.md
index 38f7d74..5183f9b 100644
--- a/docs/callgraph.md
+++ b/docs/callgraph.md
@@ -140,7 +140,7 @@ CHA只会存在误报，但是RTA既可能存在误报也可能存在漏报。
 1. 执行下面命令将结果输出到output文件夹
    
    ```bash
-   souffle -I ~/code/ByteCodeDL/logic -F factsdir -D ~/code/ByteCodeDL/output ~/code/ByteCodeDL/example/cha-example-1.dl
+   souffle -F factsdir -D ~/code/ByteCodeDL/output ~/code/ByteCodeDL/example/cha-example-1.dl
    ```
 
 2. 执行bash importOutput2Neo4j.sh neoImportCall.sh dbname
diff --git a/docs/context-insensitive-points-to.md b/docs/context-insensitive-points-to.md
index 848eec1..5aa8ecf 100644
--- a/docs/context-insensitive-points-to.md
+++ b/docs/context-insensitive-points-to.md
@@ -263,7 +263,7 @@ cipt.Reachable(method) :-
 然后执行
 
 ```bash
-souffle -I ByteCodeDL/logic -F factsdir -D ByteCodeDL/output ByteCodeDL/example/pt-noctx-example-1.dl
+souffle -F factsdir -D ByteCodeDL/output ByteCodeDL/example/pt-noctx-example-1.dl
 ```
 
 分析结果保存在 output/cipt.VarPointsTo
diff --git a/docs/ptaint.md b/docs/ptaint.md
index 469ab5a..654dcb9 100644
--- a/docs/ptaint.md
+++ b/docs/ptaint.md
@@ -375,7 +375,7 @@ java8 -jar ~/code/soot-fact-generator/build/libs/soot-fact-generator.jar -i Benc
 // 切换目录
 cd tainttest
 // 执行souffle
-souffle -I ~/code/ByteCodeDL/logic -F . -D output ~/code/ByteCodeDL/example/ptaint-example-1.dl
+souffle -F . -D output ~/code/ByteCodeDL/example/ptaint-example-1.dl
 ```
 
 然后在ouput目录能够看到`grep "Demo3" TaintVar.csv`结果
diff --git a/docs/readme.md b/docs/readme.md
index ea6a55e..9f66840 100644
--- a/docs/readme.md
+++ b/docs/readme.md
@@ -10,3 +10,7 @@
 3. [utils.md](utils.md)
 4. [query.md](query.md)
 5. [callgraph.md](callgraph.md)
+6. [cha-optimization.md](cha-optimization.md)
+7. [cha-in-ctf.md](cha-in-ctf.md)
+8. [context-insensitive-points-to.md](context-insensitive-points-to.md)
+9. [ptaint](ptaint.md)
diff --git a/docs/utils.md b/docs/utils.md
index b78025d..3162464 100644
--- a/docs/utils.md
+++ b/docs/utils.md
@@ -1,6 +1,6 @@
 # utils
 
-## Class Hierachy
+## Class Hierarchy
 
 需要构建一个类型层次图，用于寻找某个类的子类、父类，或者用于判断两个类之间是否有继承关系。
 

From 1ee8174463e237f5747150e6644ab2b3355e5386 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 19:27:15 +0800
Subject: [PATCH 13/36] add one callsite context sensitive points-to

---
 .../one-callsite-sensitive-pt-example-1.dl    |  10 ++
 logic/inputDeclaration.dl                     |   1 +
 logic/one-callsite-sensitive-pt.dl            | 118 ++++++++++++++++++
 3 files changed, 129 insertions(+)
 create mode 100644 example/one-callsite-sensitive-pt-example-1.dl
 create mode 100644 logic/one-callsite-sensitive-pt.dl

diff --git a/example/one-callsite-sensitive-pt-example-1.dl b/example/one-callsite-sensitive-pt-example-1.dl
new file mode 100644
index 0000000..d640850
--- /dev/null
+++ b/example/one-callsite-sensitive-pt-example-1.dl
@@ -0,0 +1,10 @@
+#define MAXSTEP 8
+#include "../logic/one-callsite-sensitive-pt.dl"
+
+.init callsitecsDemo1 = OneCallsiteSensitivePT
+callsitecsDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
+.output callsitecsDemo1.VarPointsTo
+
+.init callsitecsDemo2 = OneCallsiteSensitivePT
+callsitecsDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
+.output callsitecsDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/inputDeclaration.dl b/logic/inputDeclaration.dl
index 833ce6b..a8fcf28 100644
--- a/logic/inputDeclaration.dl
+++ b/logic/inputDeclaration.dl
@@ -6,6 +6,7 @@
 .type Field <: symbol
 .type Method <: symbol
 .type Class <: symbol
+.type Context = symbol
 
 // load data from facts
 // class
diff --git a/logic/one-callsite-sensitive-pt.dl b/logic/one-callsite-sensitive-pt.dl
new file mode 100644
index 0000000..33822b9
--- /dev/null
+++ b/logic/one-callsite-sensitive-pt.dl
@@ -0,0 +1,118 @@
+#pragma once
+#include "utils.dl"
+
+.comp OneCallsiteSensitivePT{
+    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
+    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
+    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
+    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
+    .decl Reachable(method:Method, ctx:Context, n:number)
+    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+
+    // new
+    VarPointsTo(heap, ctx, var, ctx) :-
+        Reachable(method, ctx, _),
+        AssignHeapAllocation(_, _, heap, var, method, _).
+
+    // assign
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        VarPointsTo(heap, hctx, from, ctx),
+        AssignLocal(_, _, from, to, method).
+
+    // cast
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        AssignCast(_, _, from, to, _, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadInstanceField(_, _, to, base, field, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
+
+    // store field
+    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
+        Reachable(method, ctx, _),
+        StoreInstanceField(_, _, from, base, field, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    // load staic field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadStaticField(_, _, to, field, method),
+        StaticFieldPointsTo(heap, hctx, field).
+
+    // store static field
+    StaticFieldPointsTo(heap, hctx, field) :-
+        Reachable(method, ctx, _),
+        StoreStaticField(_, _, from, field, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load from array
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadArrayIndex(_, _, to, base, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
+
+    // store into array
+    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
+        Reachable(method, ctx, _),
+        StoreArrayIndex(_, _, from, base, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        calleeCtx = insn,
+        SpecialMethodInvocation(insn, _, callee, _, caller).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        calleeCtx = insn,
+        StaticMethodInvocation(insn, _, callee, caller).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        VirtualMethodInvocation(insn, _, method, base, caller),
+        calleeCtx = insn,
+        VarPointsTo(baseHeap, _, base, callerCtx),
+        NormalHeap(baseHeap, class),
+        MethodInfo(method, simplename, _, _, _, descriptor, _),
+        Dispatch(simplename, descriptor, class, callee).
+
+    // param
+    VarPointsTo(heap, hctx, param, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        ActualParam(n, insn, arg),
+        FormalParam(n, callee, param),
+        VarPointsTo(heap, hctx, arg, callerCtx),
+        NormalHeap(heap, _).
+
+    // return
+    VarPointsTo(heap, hctx, return, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        Return(_, _, var, callee),
+        AssignReturnValue(insn, return),
+        VarPointsTo(heap, hctx, var, calleeCtx).
+
+    // this
+    VarPointsTo(heap, hctx, this, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
+        ThisVar(callee, this),
+        VarPointsTo(heap, hctx, base, callerCtx).
+}
\ No newline at end of file

From 19e063171cefb0be52acff458ae6bd527cbbf4c1 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 19:27:51 +0800
Subject: [PATCH 14/36] add one object context sensitive points-to

---
 example/one-object-sensitive-pt-example-1.dl |  10 ++
 logic/one-object-sensitive-pt.dl             | 119 +++++++++++++++++++
 2 files changed, 129 insertions(+)
 create mode 100644 example/one-object-sensitive-pt-example-1.dl
 create mode 100644 logic/one-object-sensitive-pt.dl

diff --git a/example/one-object-sensitive-pt-example-1.dl b/example/one-object-sensitive-pt-example-1.dl
new file mode 100644
index 0000000..69f37d1
--- /dev/null
+++ b/example/one-object-sensitive-pt-example-1.dl
@@ -0,0 +1,10 @@
+#define MAXSTEP 8
+#include "../logic/one-object-sensitive-pt.dl"
+
+.init objectDemo1 = OneObjectSensitivePT
+objectDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
+.output objectDemo1.VarPointsTo
+
+.init objectDemo2 = OneObjectSensitivePT
+objectDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
+.output objectDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/one-object-sensitive-pt.dl b/logic/one-object-sensitive-pt.dl
new file mode 100644
index 0000000..47b1363
--- /dev/null
+++ b/logic/one-object-sensitive-pt.dl
@@ -0,0 +1,119 @@
+#pragma once
+#include "utils.dl"
+
+.comp OneObjectSensitivePT{
+    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
+    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
+    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
+    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
+    .decl Reachable(method:Method, ctx:Context, n:number)
+    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+
+    // new
+    VarPointsTo(heap, ctx, var, ctx) :-
+        Reachable(method, ctx, _),
+        AssignHeapAllocation(_, _, heap, var, method, _).
+
+    // assign
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        VarPointsTo(heap, hctx, from, ctx),
+        AssignLocal(_, _, from, to, method).
+
+    // cast
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        AssignCast(_, _, from, to, _, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadInstanceField(_, _, to, base, field, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
+
+    // store field
+    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
+        Reachable(method, ctx, _),
+        StoreInstanceField(_, _, from, base, field, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    // load staic field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadStaticField(_, _, to, field, method),
+        StaticFieldPointsTo(heap, hctx, field).
+
+    // store static field
+    StaticFieldPointsTo(heap, hctx, field) :-
+        Reachable(method, ctx, _),
+        StoreStaticField(_, _, from, field, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load from array
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadArrayIndex(_, _, to, base, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
+
+    // store into array
+    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
+        Reachable(method, ctx, _),
+        StoreArrayIndex(_, _, from, base, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        SpecialMethodInvocation(insn, _, callee, base, caller),
+        VarPointsTo(baseHeap, _, base, callerCtx),
+        calleeCtx = baseHeap.
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        StaticMethodInvocation(insn, _, callee, caller),
+        calleeCtx = insn. // maybe have bug
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        VirtualMethodInvocation(insn, _, method, base, caller),
+        VarPointsTo(baseHeap, _, base, callerCtx),
+        NormalHeap(baseHeap, class),
+        MethodInfo(method, simplename, _, _, _, descriptor, _),
+        Dispatch(simplename, descriptor, class, callee),
+        calleeCtx = baseHeap.
+
+    // param
+    VarPointsTo(heap, hctx, param, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        ActualParam(n, insn, arg),
+        FormalParam(n, callee, param),
+        VarPointsTo(heap, hctx, arg, callerCtx),
+        NormalHeap(heap, _).
+
+    // return
+    VarPointsTo(heap, hctx, return, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        Return(_, _, var, callee),
+        AssignReturnValue(insn, return),
+        VarPointsTo(heap, hctx, var, calleeCtx).
+
+    // this
+    VarPointsTo(heap, hctx, this, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
+        ThisVar(callee, this),
+        VarPointsTo(heap, hctx, base, callerCtx).
+}
\ No newline at end of file

From b662b1e7e615b887dc676a8f7eafffb6632e2cb7 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 19:29:17 +0800
Subject: [PATCH 15/36] add one type context sensitive point-to

---
 example/one-type-sensitive-pt-example-1.dl |  10 ++
 logic/one-type-sensitive-pt.dl             | 123 +++++++++++++++++++++
 2 files changed, 133 insertions(+)
 create mode 100644 example/one-type-sensitive-pt-example-1.dl
 create mode 100644 logic/one-type-sensitive-pt.dl

diff --git a/example/one-type-sensitive-pt-example-1.dl b/example/one-type-sensitive-pt-example-1.dl
new file mode 100644
index 0000000..741891e
--- /dev/null
+++ b/example/one-type-sensitive-pt-example-1.dl
@@ -0,0 +1,10 @@
+#define MAXSTEP 8
+#include "../logic/one-type-sensitive-pt.dl"
+
+.init typeDemo1 = OneTypeSensitivePT
+typeDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
+.output typeDemo1.VarPointsTo
+
+.init typeDemo2 = OneTypeSensitivePT
+typeDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
+.output typeDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/one-type-sensitive-pt.dl b/logic/one-type-sensitive-pt.dl
new file mode 100644
index 0000000..bdf9efc
--- /dev/null
+++ b/logic/one-type-sensitive-pt.dl
@@ -0,0 +1,123 @@
+#pragma once
+#include "utils.dl"
+
+.comp OneTypeSensitivePT{
+    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
+    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
+    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
+    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
+    .decl Reachable(method:Method, ctx:Context, n:number)
+    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+
+    // new
+    VarPointsTo(heap, ctx, var, ctx) :-
+        Reachable(method, ctx, _),
+        AssignHeapAllocation(_, _, heap, var, method, _).
+
+    // assign
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        VarPointsTo(heap, hctx, from, ctx),
+        AssignLocal(_, _, from, to, method).
+
+    // cast
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        AssignCast(_, _, from, to, _, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadInstanceField(_, _, to, base, field, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
+
+    // store field
+    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
+        Reachable(method, ctx, _),
+        StoreInstanceField(_, _, from, base, field, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    // load staic field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadStaticField(_, _, to, field, method),
+        StaticFieldPointsTo(heap, hctx, field).
+
+    // store static field
+    StaticFieldPointsTo(heap, hctx, field) :-
+        Reachable(method, ctx, _),
+        StoreStaticField(_, _, from, field, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load from array
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadArrayIndex(_, _, to, base, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
+
+    // store into array
+    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
+        Reachable(method, ctx, _),
+        StoreArrayIndex(_, _, from, base, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        SpecialMethodInvocation(insn, _, callee, base, caller),
+        VarPointsTo(baseHeap, _, base, callerCtx),
+        AssignHeapAllocation(_, _, baseHeap, _, inmethod, _),
+        MethodInfo(inmethod, _, _, inType, _, _, _),
+        calleeCtx = inType.
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        StaticMethodInvocation(insn, _, callee, caller),
+        calleeCtx = insn. // maybe have bug
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        VirtualMethodInvocation(insn, _, method, base, caller),
+        VarPointsTo(baseHeap, _, base, callerCtx),
+        NormalHeap(baseHeap, class),
+        MethodInfo(method, simplename, _, _, _, descriptor, _),
+        Dispatch(simplename, descriptor, class, callee),
+        AssignHeapAllocation(_, _, baseHeap, _, inmethod, _),
+        MethodInfo(inmethod, _, _, inType, _, _, _),
+        calleeCtx = inType.
+
+    // param
+    VarPointsTo(heap, hctx, param, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        ActualParam(n, insn, arg),
+        FormalParam(n, callee, param),
+        VarPointsTo(heap, hctx, arg, callerCtx),
+        NormalHeap(heap, _).
+
+    // return
+    VarPointsTo(heap, hctx, return, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        Return(_, _, var, callee),
+        AssignReturnValue(insn, return),
+        VarPointsTo(heap, hctx, var, calleeCtx).
+
+    // this
+    VarPointsTo(heap, hctx, this, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
+        ThisVar(callee, this),
+        VarPointsTo(heap, hctx, base, callerCtx).
+}
\ No newline at end of file

From 4471af9c5fc2bc9be0dae61a4c32215821712bd2 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 19:35:08 +0800
Subject: [PATCH 16/36] update readme

---
 README.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 2d23b55..e043fa5 100644
--- a/README.md
+++ b/README.md
@@ -33,11 +33,13 @@ you can use the docker we builded like docker-compose.yml
   - [x] RTA
 - [ ] 指针分析
   - [x] 上下文无关指针分析
-  - [ ] 一阶上下文调用点敏感指针分析
-  - [ ] 一阶上下文对象敏感指针分析
-  - [ ] 一阶上下文类型敏感指针分析
+  - [x] 一阶上下文调用点敏感指针分析
+  - [x] 一阶上下文对象敏感指针分析
+  - [x] 一阶上下文类型敏感指针分析
+  - [ ] 可选择上下文敏感指针分析
 - [ ] 污点分析
   - [x] 上下文无关ptaint
+  - [ ] 上下文敏感ptaint
 
 ## Usage
 

From b711de0c8b962ac455af4b26771c4b47b3bff6c6 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 22:39:05 +0800
Subject: [PATCH 17/36] refactor one callsite sensitive points-to

---
 .../one-callsite-sensitive-pt-example-1.dl    |   4 +-
 logic/inputDeclaration.dl                     |   1 -
 logic/one-callsite-sensitive-pt.dl            | 128 +++---------------
 3 files changed, 18 insertions(+), 115 deletions(-)

diff --git a/example/one-callsite-sensitive-pt-example-1.dl b/example/one-callsite-sensitive-pt-example-1.dl
index d640850..0a07ead 100644
--- a/example/one-callsite-sensitive-pt-example-1.dl
+++ b/example/one-callsite-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-callsite-sensitive-pt.dl"
 
-.init callsitecsDemo1 = OneCallsiteSensitivePT
+.init callsitecsDemo1 = OneCallsiteSensitivePT<HContext, Context>
 callsitecsDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output callsitecsDemo1.VarPointsTo
 
-.init callsitecsDemo2 = OneCallsiteSensitivePT
+.init callsitecsDemo2 = OneCallsiteSensitivePT<HContext, Context>
 callsitecsDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output callsitecsDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/inputDeclaration.dl b/logic/inputDeclaration.dl
index a8fcf28..833ce6b 100644
--- a/logic/inputDeclaration.dl
+++ b/logic/inputDeclaration.dl
@@ -6,7 +6,6 @@
 .type Field <: symbol
 .type Method <: symbol
 .type Class <: symbol
-.type Context = symbol
 
 // load data from facts
 // class
diff --git a/logic/one-callsite-sensitive-pt.dl b/logic/one-callsite-sensitive-pt.dl
index 33822b9..253c6c2 100644
--- a/logic/one-callsite-sensitive-pt.dl
+++ b/logic/one-callsite-sensitive-pt.dl
@@ -1,118 +1,22 @@
 #pragma once
-#include "utils.dl"
+#include "abstract-context-sensitive-pt.dl"
 
-.comp OneCallsiteSensitivePT{
-    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
-    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
-    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
-    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
-    .decl Reachable(method:Method, ctx:Context, n:number)
-    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+.type HContext = Insn
+.type Context = Insn
 
-    // new
-    VarPointsTo(heap, ctx, var, ctx) :-
-        Reachable(method, ctx, _),
-        AssignHeapAllocation(_, _, heap, var, method, _).
-
-    // assign
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        VarPointsTo(heap, hctx, from, ctx),
-        AssignLocal(_, _, from, to, method).
-
-    // cast
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        AssignCast(_, _, from, to, _, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadInstanceField(_, _, to, base, field, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
-
-    // store field
-    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
-        Reachable(method, ctx, _),
-        StoreInstanceField(_, _, from, base, field, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    // load staic field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadStaticField(_, _, to, field, method),
-        StaticFieldPointsTo(heap, hctx, field).
-
-    // store static field
-    StaticFieldPointsTo(heap, hctx, field) :-
-        Reachable(method, ctx, _),
-        StoreStaticField(_, _, from, field, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load from array
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadArrayIndex(_, _, to, base, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
-
-    // store into array
-    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
-        Reachable(method, ctx, _),
-        StoreArrayIndex(_, _, from, base, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        calleeCtx = insn,
-        SpecialMethodInvocation(insn, _, callee, _, caller).
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        calleeCtx = insn,
-        StaticMethodInvocation(insn, _, callee, caller).
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        VirtualMethodInvocation(insn, _, method, base, caller),
-        calleeCtx = insn,
-        VarPointsTo(baseHeap, _, base, callerCtx),
-        NormalHeap(baseHeap, class),
-        MethodInfo(method, simplename, _, _, _, descriptor, _),
-        Dispatch(simplename, descriptor, class, callee).
-
-    // param
-    VarPointsTo(heap, hctx, param, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        ActualParam(n, insn, arg),
-        FormalParam(n, callee, param),
-        VarPointsTo(heap, hctx, arg, callerCtx),
-        NormalHeap(heap, _).
-
-    // return
-    VarPointsTo(heap, hctx, return, callerCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        Return(_, _, var, callee),
-        AssignReturnValue(insn, return),
-        VarPointsTo(heap, hctx, var, calleeCtx).
-
-    // this
-    VarPointsTo(heap, hctx, this, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+.comp OneCallsiteSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+    .override SelectInvocationContext
+    SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
+        Reachable(caller, callerCtx, _),
         (
-            VirtualMethodInvocation(insn, _, _, base, _);
-            SpecialMethodInvocation(insn, _, _, base, _)
+            SpecialMethodInvocation(insn, _, _, base, caller);
+            VirtualMethodInvocation(insn, _, _, base, caller)
         ),
-        ThisVar(callee, this),
-        VarPointsTo(heap, hctx, base, callerCtx).
+        VarPointsTo(baseHeap, hctx, base, callerCtx),
+        calleeCtx = insn.
+
+    SelectStaticInvocationContext(callerCtx, insn, calleeCtx) :-
+        Reachable(caller, callerCtx, _),
+        StaticMethodInvocation(insn, _, _, caller),
+        calleeCtx = insn.
 }
\ No newline at end of file

From 18cecc4c1a387d9bfc549c73b1d1f33d95ca55f1 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 22:39:25 +0800
Subject: [PATCH 18/36] refactor one object sensitive points-to

---
 example/one-object-sensitive-pt-example-1.dl |   4 +-
 logic/one-object-sensitive-pt.dl             | 124 ++-----------------
 2 files changed, 13 insertions(+), 115 deletions(-)

diff --git a/example/one-object-sensitive-pt-example-1.dl b/example/one-object-sensitive-pt-example-1.dl
index 69f37d1..becfa38 100644
--- a/example/one-object-sensitive-pt-example-1.dl
+++ b/example/one-object-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-object-sensitive-pt.dl"
 
-.init objectDemo1 = OneObjectSensitivePT
+.init objectDemo1 = OneObjectSensitivePT<HContext, Context>
 objectDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output objectDemo1.VarPointsTo
 
-.init objectDemo2 = OneObjectSensitivePT
+.init objectDemo2 = OneObjectSensitivePT<HContext, Context>
 objectDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output objectDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/one-object-sensitive-pt.dl b/logic/one-object-sensitive-pt.dl
index 47b1363..7ca1f24 100644
--- a/logic/one-object-sensitive-pt.dl
+++ b/logic/one-object-sensitive-pt.dl
@@ -1,119 +1,17 @@
 #pragma once
-#include "utils.dl"
+#include "abstract-context-sensitive-pt.dl"
 
-.comp OneObjectSensitivePT{
-    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
-    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
-    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
-    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
-    .decl Reachable(method:Method, ctx:Context, n:number)
-    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+.type HContext = Heap
+.type Context = Heap
 
-    // new
-    VarPointsTo(heap, ctx, var, ctx) :-
-        Reachable(method, ctx, _),
-        AssignHeapAllocation(_, _, heap, var, method, _).
-
-    // assign
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        VarPointsTo(heap, hctx, from, ctx),
-        AssignLocal(_, _, from, to, method).
-
-    // cast
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        AssignCast(_, _, from, to, _, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadInstanceField(_, _, to, base, field, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
-
-    // store field
-    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
-        Reachable(method, ctx, _),
-        StoreInstanceField(_, _, from, base, field, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    // load staic field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadStaticField(_, _, to, field, method),
-        StaticFieldPointsTo(heap, hctx, field).
-
-    // store static field
-    StaticFieldPointsTo(heap, hctx, field) :-
-        Reachable(method, ctx, _),
-        StoreStaticField(_, _, from, field, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load from array
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadArrayIndex(_, _, to, base, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
-
-    // store into array
-    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
-        Reachable(method, ctx, _),
-        StoreArrayIndex(_, _, from, base, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        SpecialMethodInvocation(insn, _, callee, base, caller),
-        VarPointsTo(baseHeap, _, base, callerCtx),
-        calleeCtx = baseHeap.
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        StaticMethodInvocation(insn, _, callee, caller),
-        calleeCtx = insn. // maybe have bug
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        VirtualMethodInvocation(insn, _, method, base, caller),
-        VarPointsTo(baseHeap, _, base, callerCtx),
-        NormalHeap(baseHeap, class),
-        MethodInfo(method, simplename, _, _, _, descriptor, _),
-        Dispatch(simplename, descriptor, class, callee),
-        calleeCtx = baseHeap.
-
-    // param
-    VarPointsTo(heap, hctx, param, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        ActualParam(n, insn, arg),
-        FormalParam(n, callee, param),
-        VarPointsTo(heap, hctx, arg, callerCtx),
-        NormalHeap(heap, _).
-
-    // return
-    VarPointsTo(heap, hctx, return, callerCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        Return(_, _, var, callee),
-        AssignReturnValue(insn, return),
-        VarPointsTo(heap, hctx, var, calleeCtx).
-
-    // this
-    VarPointsTo(heap, hctx, this, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+.comp OneObjectSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+    .override SelectInvocationContext
+    SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
+        Reachable(caller, callerCtx, _),
         (
-            VirtualMethodInvocation(insn, _, _, base, _);
-            SpecialMethodInvocation(insn, _, _, base, _)
+            SpecialMethodInvocation(insn, _, _, base, caller);
+            VirtualMethodInvocation(insn, _, _, base, caller)
         ),
-        ThisVar(callee, this),
-        VarPointsTo(heap, hctx, base, callerCtx).
+        VarPointsTo(baseHeap, hctx, base, callerCtx),
+        calleeCtx = baseHeap.
 }
\ No newline at end of file

From 5f15b439a8dbb0f1e7711aaaaa38baf3308569a5 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 22:39:58 +0800
Subject: [PATCH 19/36] refactor one type sensitive points-to

---
 example/one-type-sensitive-pt-example-1.dl |   4 +-
 logic/one-type-sensitive-pt.dl             | 128 ++-------------------
 2 files changed, 14 insertions(+), 118 deletions(-)

diff --git a/example/one-type-sensitive-pt-example-1.dl b/example/one-type-sensitive-pt-example-1.dl
index 741891e..f24d9b2 100644
--- a/example/one-type-sensitive-pt-example-1.dl
+++ b/example/one-type-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-type-sensitive-pt.dl"
 
-.init typeDemo1 = OneTypeSensitivePT
+.init typeDemo1 = OneTypeSensitivePT<HContext, Context>
 typeDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output typeDemo1.VarPointsTo
 
-.init typeDemo2 = OneTypeSensitivePT
+.init typeDemo2 = OneTypeSensitivePT<HContext, Context>
 typeDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output typeDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/one-type-sensitive-pt.dl b/logic/one-type-sensitive-pt.dl
index bdf9efc..fa0f716 100644
--- a/logic/one-type-sensitive-pt.dl
+++ b/logic/one-type-sensitive-pt.dl
@@ -1,123 +1,19 @@
 #pragma once
-#include "utils.dl"
+#include "abstract-context-sensitive-pt.dl"
 
-.comp OneTypeSensitivePT{
-    .decl VarPointsTo(heap:Heap, hctx:Context, var:Var, vCtx:Context)
-    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
-    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
-    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
-    .decl Reachable(method:Method, ctx:Context, n:number)
-    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+.type HContext = Class
+.type Context = Class
 
-    // new
-    VarPointsTo(heap, ctx, var, ctx) :-
-        Reachable(method, ctx, _),
-        AssignHeapAllocation(_, _, heap, var, method, _).
-
-    // assign
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        VarPointsTo(heap, hctx, from, ctx),
-        AssignLocal(_, _, from, to, method).
-
-    // cast
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        AssignCast(_, _, from, to, _, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadInstanceField(_, _, to, base, field, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
-
-    // store field
-    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
-        Reachable(method, ctx, _),
-        StoreInstanceField(_, _, from, base, field, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    // load staic field
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadStaticField(_, _, to, field, method),
-        StaticFieldPointsTo(heap, hctx, field).
-
-    // store static field
-    StaticFieldPointsTo(heap, hctx, field) :-
-        Reachable(method, ctx, _),
-        StoreStaticField(_, _, from, field, method),
-        VarPointsTo(heap, hctx, from, ctx).
-
-    // load from array
-    VarPointsTo(heap, hctx, to, ctx) :-
-        Reachable(method, ctx, _),
-        LoadArrayIndex(_, _, to, base, method),
-        VarPointsTo(baseHeap, bhCtx, base, ctx),
-        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
-
-    // store into array
-    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
-        Reachable(method, ctx, _),
-        StoreArrayIndex(_, _, from, base, method),
-        VarPointsTo(heap, hctx, from, ctx),
-        VarPointsTo(baseHeap, bhCtx, base, ctx).
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        SpecialMethodInvocation(insn, _, callee, base, caller),
-        VarPointsTo(baseHeap, _, base, callerCtx),
-        AssignHeapAllocation(_, _, baseHeap, _, inmethod, _),
-        MethodInfo(inmethod, _, _, inType, _, _, _),
-        calleeCtx = inType.
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        StaticMethodInvocation(insn, _, callee, caller),
-        calleeCtx = insn. // maybe have bug
-
-    Reachable(callee, calleeCtx, n+1),
-    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
-        Reachable(caller, callerCtx, n),
-        n < MAXSTEP,
-        VirtualMethodInvocation(insn, _, method, base, caller),
-        VarPointsTo(baseHeap, _, base, callerCtx),
-        NormalHeap(baseHeap, class),
-        MethodInfo(method, simplename, _, _, _, descriptor, _),
-        Dispatch(simplename, descriptor, class, callee),
+.comp OneTypeSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+    .override SelectInvocationContext
+    SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
+        Reachable(caller, callerCtx, _),
+        (
+            SpecialMethodInvocation(insn, _, _, base, caller);
+            VirtualMethodInvocation(insn, _, _, base, caller)
+        ),
+        VarPointsTo(baseHeap, hctx, base, callerCtx),
         AssignHeapAllocation(_, _, baseHeap, _, inmethod, _),
         MethodInfo(inmethod, _, _, inType, _, _, _),
         calleeCtx = inType.
-
-    // param
-    VarPointsTo(heap, hctx, param, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        ActualParam(n, insn, arg),
-        FormalParam(n, callee, param),
-        VarPointsTo(heap, hctx, arg, callerCtx),
-        NormalHeap(heap, _).
-
-    // return
-    VarPointsTo(heap, hctx, return, callerCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        Return(_, _, var, callee),
-        AssignReturnValue(insn, return),
-        VarPointsTo(heap, hctx, var, calleeCtx).
-
-    // this
-    VarPointsTo(heap, hctx, this, calleeCtx) :-
-        CallGraph(insn, _, callerCtx, callee, calleeCtx),
-        (
-            VirtualMethodInvocation(insn, _, _, base, _);
-            SpecialMethodInvocation(insn, _, _, base, _)
-        ),
-        ThisVar(callee, this),
-        VarPointsTo(heap, hctx, base, callerCtx).
 }
\ No newline at end of file

From f3f223404c5330553c9798fd9bbeb9a325ba826c Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 1 May 2022 23:03:26 +0800
Subject: [PATCH 20/36] refactor ptaint use compotent inheritance

---
 example/ptaint-example-1.dl |  6 +++---
 example/ptaint-example-2.dl | 12 ++++++------
 logic/ptaint.dl             | 23 +++++++++++------------
 3 files changed, 20 insertions(+), 21 deletions(-)

diff --git a/example/ptaint-example-1.dl b/example/ptaint-example-1.dl
index 369f48b..8252655 100644
--- a/example/ptaint-example-1.dl
+++ b/example/ptaint-example-1.dl
@@ -2,7 +2,7 @@
 
 .init ptaint = PTaint
 
-ptaint.cipt.Reachable("<com.bytecodedl.benchmark.demo.TaintDemo3: void main(java.lang.String[])>").
+ptaint.Reachable("<com.bytecodedl.benchmark.demo.TaintDemo3: void main(java.lang.String[])>").
 
 ptaint.SourceMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: java.lang.String Source()>").
 ptaint.SinkMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: void Sink(java.lang.String)>", 0).
@@ -18,11 +18,11 @@ ptaint.SanitizeMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: java.lang.Stri
 .decl TaintVar(var:Var)
 
 TaintVar(var) :-
-    ptaint.cipt.VarPointsTo(heap, var),
+    ptaint.VarPointsTo(heap, var),
     ptaint.TaintHeap(_, heap).
 
 .output TaintVar
 
 .output ptaint.TaintHeap
 .output ptaint.TransferTaint
-.output ptaint.cipt.VarPointsTo
\ No newline at end of file
+.output ptaint.VarPointsTo
\ No newline at end of file
diff --git a/example/ptaint-example-2.dl b/example/ptaint-example-2.dl
index 5ca1171..a8c3ac7 100644
--- a/example/ptaint-example-2.dl
+++ b/example/ptaint-example-2.dl
@@ -7,11 +7,11 @@
 EntryMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: void test1(java.lang.String)>").
 
 
-ptaint.cipt.Reachable(method) :-
+ptaint.Reachable(method) :-
     EntryMethod(method).
 
 NormalHeap(heap, class),
-ptaint.cipt.VarPointsTo(heap, this) :-
+ptaint.VarPointsTo(heap, this) :-
     ThisVar(method, this),
     EntryMethod(method),
     VarType(this, class),
@@ -19,8 +19,8 @@ ptaint.cipt.VarPointsTo(heap, this) :-
 
 NormalHeap(heap, class),
 ptaint.TaintHeap(insn, taintHeap),
-ptaint.cipt.VarPointsTo(heap, param),
-ptaint.cipt.VarPointsTo(taintHeap, param) :- 
+ptaint.VarPointsTo(heap, param),
+ptaint.VarPointsTo(taintHeap, param) :-
     EntryMethod(method),
     FormalParam(_, method, param),
     VarType(param, class),
@@ -43,11 +43,11 @@ ptaint.SanitizeMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: java.lang.Stri
 .decl TaintVar(var:Var)
 
 TaintVar(var) :-
-    ptaint.cipt.VarPointsTo(heap, var),
+    ptaint.VarPointsTo(heap, var),
     ptaint.TaintHeap(_, heap).
 
 .output TaintVar
 
 .output ptaint.TaintHeap
 .output ptaint.TransferTaint
-.output ptaint.cipt.VarPointsTo
\ No newline at end of file
+.output ptaint.VarPointsTo
\ No newline at end of file
diff --git a/logic/ptaint.dl b/logic/ptaint.dl
index 0c88847..a557cd6 100644
--- a/logic/ptaint.dl
+++ b/logic/ptaint.dl
@@ -1,8 +1,7 @@
 #pragma once
 #include "pt-noctx.dl"
 
-.comp PTaint{
-    .init cipt = ContextInsensitivePt
+.comp PTaint : ContextInsensitivePt{
 
     .decl TaintHeap(insn:Insn, heap:Heap)
     .decl SourceMethod(method:Method)
@@ -17,41 +16,41 @@
     
     
     // taint arg to param
-    cipt.VarPointsTo(heap, param) :- 
-        cipt.CallGraph(insn, _, callee),
+    VarPointsTo(heap, param) :-
+        CallGraph(insn, _, callee),
         ActualParam(n, insn, arg),
         FormalParam(n, callee, param),
-        cipt.VarPointsTo(heap, arg),
+        VarPointsTo(heap, arg),
         TaintHeap(_, heap),
         !SanitizeMethod(callee).
     
     
     TaintHeap(insn, heap),
-    cipt.VarPointsTo(heap, to) :-
+    VarPointsTo(heap, to) :-
         SourceMethod(callee),
-        cipt.CallGraph(insn, _, callee),
+        CallGraph(insn, _, callee),
         AssignReturnValue(insn, to),
         heap = cat("NewTainted::", insn).
 
     IsTaintedFrom(insn, base, ret) :-
-        cipt.CallGraph(insn, _, callee),
+        CallGraph(insn, _, callee),
         BaseToRetTransfer(callee),
         VirtualMethodInvocation(insn, _, _, base, _),
         AssignReturnValue(insn, ret).
     
     IsTaintedFrom(insn, arg, ret) :-
-        cipt.CallGraph(insn, _, callee),
+        CallGraph(insn, _, callee),
         ArgToRetTransfer(callee, n),
         ActualParam(n, insn, arg),
         AssignReturnValue(insn, ret).
 
     TaintHeap(insn, newHeap),
     TransferTaint(heap, newHeap),
-    cipt.VarPointsTo(newHeap, var) :- 
+    VarPointsTo(newHeap, var) :-
         IsTaintedFrom(insn, from, to),
-        cipt.VarPointsTo(heap, from),
+        VarPointsTo(heap, from),
         TaintHeap(_, heap),
         newHeap = cat("TransferTaint::", insn),
-        cipt.VarPointsTo(oldHeap, to),
+        VarPointsTo(oldHeap, to),
         AssignHeapAllocation(_, _, oldHeap, var, _, _).
 }
\ No newline at end of file

From ef5b167805d1c750e5e6daeeae79d3e370752212 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 6 May 2022 10:56:01 +0800
Subject: [PATCH 21/36] remove type parameterisation

---
 example/one-callsite-sensitive-pt-example-1.dl | 4 ++--
 example/one-object-sensitive-pt-example-1.dl   | 4 ++--
 example/one-type-sensitive-pt-example-1.dl     | 4 ++--
 logic/one-callsite-sensitive-pt.dl             | 2 +-
 logic/one-object-sensitive-pt.dl               | 2 +-
 logic/one-type-sensitive-pt.dl                 | 2 +-
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/example/one-callsite-sensitive-pt-example-1.dl b/example/one-callsite-sensitive-pt-example-1.dl
index 0a07ead..d640850 100644
--- a/example/one-callsite-sensitive-pt-example-1.dl
+++ b/example/one-callsite-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-callsite-sensitive-pt.dl"
 
-.init callsitecsDemo1 = OneCallsiteSensitivePT<HContext, Context>
+.init callsitecsDemo1 = OneCallsiteSensitivePT
 callsitecsDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output callsitecsDemo1.VarPointsTo
 
-.init callsitecsDemo2 = OneCallsiteSensitivePT<HContext, Context>
+.init callsitecsDemo2 = OneCallsiteSensitivePT
 callsitecsDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output callsitecsDemo2.VarPointsTo
\ No newline at end of file
diff --git a/example/one-object-sensitive-pt-example-1.dl b/example/one-object-sensitive-pt-example-1.dl
index becfa38..69f37d1 100644
--- a/example/one-object-sensitive-pt-example-1.dl
+++ b/example/one-object-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-object-sensitive-pt.dl"
 
-.init objectDemo1 = OneObjectSensitivePT<HContext, Context>
+.init objectDemo1 = OneObjectSensitivePT
 objectDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output objectDemo1.VarPointsTo
 
-.init objectDemo2 = OneObjectSensitivePT<HContext, Context>
+.init objectDemo2 = OneObjectSensitivePT
 objectDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output objectDemo2.VarPointsTo
\ No newline at end of file
diff --git a/example/one-type-sensitive-pt-example-1.dl b/example/one-type-sensitive-pt-example-1.dl
index f24d9b2..741891e 100644
--- a/example/one-type-sensitive-pt-example-1.dl
+++ b/example/one-type-sensitive-pt-example-1.dl
@@ -1,10 +1,10 @@
 #define MAXSTEP 8
 #include "../logic/one-type-sensitive-pt.dl"
 
-.init typeDemo1 = OneTypeSensitivePT<HContext, Context>
+.init typeDemo1 = OneTypeSensitivePT
 typeDemo1.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo1: void main(java.lang.String[])>", "initCtx", 0).
 .output typeDemo1.VarPointsTo
 
-.init typeDemo2 = OneTypeSensitivePT<HContext, Context>
+.init typeDemo2 = OneTypeSensitivePT
 typeDemo2.Reachable("<com.bytecodedl.benchmark.demo.ContextSensitiveDemo2: void main(java.lang.String[])>", "initCtx", 0).
 .output typeDemo2.VarPointsTo
\ No newline at end of file
diff --git a/logic/one-callsite-sensitive-pt.dl b/logic/one-callsite-sensitive-pt.dl
index 253c6c2..1267533 100644
--- a/logic/one-callsite-sensitive-pt.dl
+++ b/logic/one-callsite-sensitive-pt.dl
@@ -4,7 +4,7 @@
 .type HContext = Insn
 .type Context = Insn
 
-.comp OneCallsiteSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+.comp OneCallsiteSensitivePT: AbstractContextSensitivePT<HContext, Context>{
     .override SelectInvocationContext
     SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
         Reachable(caller, callerCtx, _),
diff --git a/logic/one-object-sensitive-pt.dl b/logic/one-object-sensitive-pt.dl
index 7ca1f24..d3f204d 100644
--- a/logic/one-object-sensitive-pt.dl
+++ b/logic/one-object-sensitive-pt.dl
@@ -4,7 +4,7 @@
 .type HContext = Heap
 .type Context = Heap
 
-.comp OneObjectSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+.comp OneObjectSensitivePT: AbstractContextSensitivePT<HContext, Context>{
     .override SelectInvocationContext
     SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
         Reachable(caller, callerCtx, _),
diff --git a/logic/one-type-sensitive-pt.dl b/logic/one-type-sensitive-pt.dl
index fa0f716..48ff9cf 100644
--- a/logic/one-type-sensitive-pt.dl
+++ b/logic/one-type-sensitive-pt.dl
@@ -4,7 +4,7 @@
 .type HContext = Class
 .type Context = Class
 
-.comp OneTypeSensitivePT<HContext, Context> : AbstractContextSensitivePT<HContext, Context>{
+.comp OneTypeSensitivePT: AbstractContextSensitivePT<HContext, Context>{
     .override SelectInvocationContext
     SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx) :-
         Reachable(caller, callerCtx, _),

From 62082d3e76a9f428dd63ed3dc7a20949eff74402 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 6 May 2022 15:22:39 +0800
Subject: [PATCH 22/36] add abstract-context-sensitive-pt

---
 logic/abstract-context-sensitive-pt.dl | 127 +++++++++++++++++++++++++
 1 file changed, 127 insertions(+)
 create mode 100644 logic/abstract-context-sensitive-pt.dl

diff --git a/logic/abstract-context-sensitive-pt.dl b/logic/abstract-context-sensitive-pt.dl
new file mode 100644
index 0000000..1967fab
--- /dev/null
+++ b/logic/abstract-context-sensitive-pt.dl
@@ -0,0 +1,127 @@
+#pragma once
+#include "utils.dl"
+
+.comp AbstractContextSensitivePT<HContext, Context>{
+    .decl VarPointsTo(heap:Heap, hctx:HContext, var:Var, vCtx:Context)
+    .decl InstanceFieldPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context, field:Field)
+    .decl StaticFieldPointsTo(heap:Heap, hctx:Context, field:Field)
+    .decl ArrayIndexPointsTo(heap:Heap, hctx:Context, baseHeap:Heap, bhCtx:Context)
+    .decl Reachable(method:Method, ctx:Context, n:number)
+    .decl CallGraph(insn:Insn, caller:Method, callerCtx:Context, callee:Method, calleeCtx:Context)
+
+    .decl SelectInvocationContext(callerCtx:Context, invocation:Insn, baseHeap:Heap, hctx:HContext, calleeCtx:Context) overridable
+    .decl SelectStaticInvocationContext(callerCtx:Context, invocation:Insn, calleeCtx:Context) overridable
+
+    SelectStaticInvocationContext(callerCtx, insn, calleeCtx) :-
+        Reachable(caller, callerCtx, _),
+        StaticMethodInvocation(insn, _, _, caller),
+        calleeCtx = callerCtx.
+
+    // new
+    VarPointsTo(heap, ctx, var, ctx) :-
+        Reachable(method, ctx, _),
+        AssignHeapAllocation(_, _, heap, var, method, _).
+
+    // assign
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        VarPointsTo(heap, hctx, from, ctx),
+        AssignLocal(_, _, from, to, method).
+
+    // cast
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        AssignCast(_, _, from, to, _, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadInstanceField(_, _, to, base, field, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field).
+
+    // store field
+    InstanceFieldPointsTo(heap, hctx, baseHeap, bhCtx, field) :-
+        Reachable(method, ctx, _),
+        StoreInstanceField(_, _, from, base, field, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    // load staic field
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadStaticField(_, _, to, field, method),
+        StaticFieldPointsTo(heap, hctx, field).
+
+    // store static field
+    StaticFieldPointsTo(heap, hctx, field) :-
+        Reachable(method, ctx, _),
+        StoreStaticField(_, _, from, field, method),
+        VarPointsTo(heap, hctx, from, ctx).
+
+    // load from array
+    VarPointsTo(heap, hctx, to, ctx) :-
+        Reachable(method, ctx, _),
+        LoadArrayIndex(_, _, to, base, method),
+        VarPointsTo(baseHeap, bhCtx, base, ctx),
+        ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx).
+
+    // store into array
+    ArrayIndexPointsTo(heap, hctx, baseHeap, bhCtx) :-
+        Reachable(method, ctx, _),
+        StoreArrayIndex(_, _, from, base, method),
+        VarPointsTo(heap, hctx, from, ctx),
+        VarPointsTo(baseHeap, bhCtx, base, ctx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        SpecialMethodInvocation(insn, _, callee, base, caller),
+        VarPointsTo(baseHeap, hctx, base, calleeCtx),
+        SelectInvocationContext(callerCtx, insn, baseHeap, hctx, callerCtx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        StaticMethodInvocation(insn, _, callee, caller),
+        SelectStaticInvocationContext(callerCtx, insn, calleeCtx).
+
+    Reachable(callee, calleeCtx, n+1),
+    CallGraph(insn, caller, callerCtx, callee, calleeCtx) :-
+        Reachable(caller, callerCtx, n),
+        n < MAXSTEP,
+        VirtualMethodInvocation(insn, _, method, base, caller),
+        VarPointsTo(baseHeap, hctx, base, callerCtx),
+        NormalHeap(baseHeap, class),
+        MethodInfo(method, simplename, _, _, _, descriptor, _),
+        Dispatch(simplename, descriptor, class, callee),
+        SelectInvocationContext(callerCtx, insn, baseHeap, hctx, calleeCtx).
+
+    // param
+    VarPointsTo(heap, hctx, param, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        ActualParam(n, insn, arg),
+        FormalParam(n, callee, param),
+        VarPointsTo(heap, hctx, arg, callerCtx),
+        NormalHeap(heap, _).
+
+    // return
+    VarPointsTo(heap, hctx, return, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        Return(_, _, var, callee),
+        AssignReturnValue(insn, return),
+        VarPointsTo(heap, hctx, var, calleeCtx).
+
+    // this
+    VarPointsTo(heap, hctx, this, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
+        ThisVar(callee, this),
+        VarPointsTo(heap, hctx, base, callerCtx).
+}
\ No newline at end of file

From 1d644ea6edbd34d955d5fb64f03bbae2ef7878e7 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 6 May 2022 15:25:52 +0800
Subject: [PATCH 23/36] add context sensitive ptaint

---
 example/cs-ptaint-example-1.dl | 39 +++++++++++++++++++++
 logic/cs-ptaint.dl             | 64 ++++++++++++++++++++++++++++++++++
 2 files changed, 103 insertions(+)
 create mode 100644 example/cs-ptaint-example-1.dl
 create mode 100644 logic/cs-ptaint.dl

diff --git a/example/cs-ptaint-example-1.dl b/example/cs-ptaint-example-1.dl
new file mode 100644
index 0000000..d1614c0
--- /dev/null
+++ b/example/cs-ptaint-example-1.dl
@@ -0,0 +1,39 @@
+#define MAXSTEP 8
+//#include "../logic/one-callsite-sensitive-pt.dl"
+#include "../logic/cs-ptaint.dl"
+#include "../logic/one-object-sensitive-pt.dl"
+
+//.comp MyCallsitePtaint : CSPTaint<HContext, Context>, OneCallsiteSensitivePT{
+//}
+//.init csptaint = MyCallsitePtaint
+.comp MyObjectPtaint : CSPTaint<HContext, Context>, OneObjectSensitivePT{
+}
+
+
+.init csptaint = MyObjectPtaint
+
+
+csptaint.Reachable("<com.bytecodedl.benchmark.demo.TaintDemo3: void main(java.lang.String[])>", "initCtx", 0).
+
+csptaint.SourceMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: java.lang.String Source()>").
+csptaint.SinkMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: void Sink(java.lang.String)>", 0).
+
+csptaint.BaseToRetTransfer("<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>").
+csptaint.BaseToRetTransfer("<java.lang.StringBuilder: java.lang.String toString()>").
+
+csptaint.ArgToRetTransfer("<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>", 0).
+
+csptaint.SanitizeMethod("<com.bytecodedl.benchmark.demo.TaintDemo3: java.lang.String Sanitize(java.lang.String)>").
+
+
+.decl TaintVar(var:Var, vCtx:Context)
+
+TaintVar(var, vCtx) :-
+    csptaint.VarPointsTo(heap, _, var, vCtx),
+    csptaint.TaintHeap(_, heap).
+
+.output TaintVar
+
+.output csptaint.TaintHeap
+.output csptaint.TransferTaint
+.output csptaint.VarPointsTo
\ No newline at end of file
diff --git a/logic/cs-ptaint.dl b/logic/cs-ptaint.dl
new file mode 100644
index 0000000..524394c
--- /dev/null
+++ b/logic/cs-ptaint.dl
@@ -0,0 +1,64 @@
+#pragma once
+#include "utils.dl"
+#include "abstract-context-sensitive-pt.dl"
+
+.comp CSPTaint<HContext, Context>{
+    //.init cspt = AbstractContextSensitivePT
+    //.init cspt = CSPT
+
+    .decl TaintHeap(insn:Insn, heap:Heap)
+    .decl SourceMethod(method:Method)
+    .decl SinkMethod(method:Method, n:number)
+
+    .decl SanitizeMethod(method:Method)
+
+    .decl BaseToRetTransfer(method:Method)
+    .decl ArgToRetTransfer(method:Method, n:number)
+    .decl IsTaintedFrom(insn:Insn, from:Var, fromCtx:Context, to:Var, toCtx:Context)
+    .decl TransferTaint(heap:Heap, newHeap:Heap)
+
+
+    // taint arg to param
+    VarPointsTo(heap, hctx, param, calleeCtx) :-
+        CallGraph(insn, _, callerCtx, callee, calleeCtx),
+        ActualParam(n, insn, arg),
+        FormalParam(n, callee, param),
+        VarPointsTo(heap, hctx, arg, callerCtx),
+        TaintHeap(_, heap), // sensitive?
+        !SanitizeMethod(callee).
+
+
+    TaintHeap(insn, heap),
+    VarPointsTo(heap, hctx, to, callerCtx):-
+        SourceMethod(callee),
+        CallGraph(insn, _, callerCtx, callee, _),
+        AssignReturnValue(insn, to),
+        heap = cat("NewTainted::", insn),
+        hctx = "Mock::".
+
+    IsTaintedFrom(insn, base, callerCtx, ret, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, _),
+        BaseToRetTransfer(callee),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
+        AssignReturnValue(insn, ret).
+
+    IsTaintedFrom(insn, arg, callerCtx, ret, callerCtx) :-
+        CallGraph(insn, _, callerCtx, callee, _),
+        ArgToRetTransfer(callee, n),
+        ActualParam(n, insn, arg),
+        AssignReturnValue(insn, ret).
+
+    TaintHeap(insn, newHeap),
+    TransferTaint(heap, newHeap),
+    VarPointsTo(heap, hctx, var, vCtx) :-
+        IsTaintedFrom(insn, from, fromCtx, to, toCtx),
+        VarPointsTo(heap, hctx, from, fromCtx),
+        TaintHeap(_, heap),
+        newHeap = cat("TransferTaint::", insn),
+        VarPointsTo(oldHeap, oldHCtx, to, toCtx),
+        VarPointsTo(oldHeap, oldHCtx, var, vCtx),
+        AssignHeapAllocation(_, _, oldHeap, var, _, _).
+}
\ No newline at end of file

From 1d1c189f80ad39e4951eb435d9c6c94fdb59fa7d Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 6 May 2022 15:26:22 +0800
Subject: [PATCH 24/36] update ptaint

---
 logic/ptaint.dl | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/logic/ptaint.dl b/logic/ptaint.dl
index a557cd6..2d83ea0 100644
--- a/logic/ptaint.dl
+++ b/logic/ptaint.dl
@@ -35,7 +35,10 @@
     IsTaintedFrom(insn, base, ret) :-
         CallGraph(insn, _, callee),
         BaseToRetTransfer(callee),
-        VirtualMethodInvocation(insn, _, _, base, _),
+        (
+            VirtualMethodInvocation(insn, _, _, base, _);
+            SpecialMethodInvocation(insn, _, _, base, _)
+        ),
         AssignReturnValue(insn, ret).
     
     IsTaintedFrom(insn, arg, ret) :-

From b99ea8652f2f20053e010f9d92b71f7b515e2586 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Fri, 6 May 2022 15:33:25 +0800
Subject: [PATCH 25/36] update readme

---
 README.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index e043fa5..f81858c 100644
--- a/README.md
+++ b/README.md
@@ -37,9 +37,12 @@ you can use the docker we builded like docker-compose.yml
   - [x] 一阶上下文对象敏感指针分析
   - [x] 一阶上下文类型敏感指针分析
   - [ ] 可选择上下文敏感指针分析
-- [ ] 污点分析
+- [x] 污点分析
   - [x] 上下文无关ptaint
-  - [ ] 上下文敏感ptaint
+  - [x] 上下文敏感ptaint
+- [ ] 输出sarif
+- [ ] 实现JackEE
+- [ ] 性能优化
 
 ## Usage
 

From 6edd373b1086affe9914f78caa8f1da9bc44864a Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 30 May 2022 15:43:46 +0800
Subject: [PATCH 26/36] add support info

---
 README.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/README.md b/README.md
index f81858c..c3a2af1 100644
--- a/README.md
+++ b/README.md
@@ -48,6 +48,16 @@ you can use the docker we builded like docker-compose.yml
 
 见docs文件夹
 
+## Support
+
+在使用中遇到什么问题，可以通过
+
+- email: help@bytecodedl.com
+- github: issue/discussion
+- telegram: [bytecodedl](https://t.me/bytecodedl)
+
+三种途径向我们反馈
+
 ## Plugin
 
 - IDEA

From 1328e80a551ca3e73bdca1343550cf9511905e2e Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sun, 28 Aug 2022 22:32:50 +0800
Subject: [PATCH 27/36] fix little bug

---
 logic/cha.dl   | 2 +-
 logic/utils.dl | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/logic/cha.dl b/logic/cha.dl
index 77387fb..dcb7e91 100644
--- a/logic/cha.dl
+++ b/logic/cha.dl
@@ -14,7 +14,7 @@
 SinkMethod(method) :-
     SinkDesc(simplename, class),
     SubEqClass(subeqclass, class),
-    !ClassModifier("abstract", subeqclass),
+    !MethodModifier("abstract", method),
     MethodInfo(method, simplename, _, subeqclass, _, _, _).
 
 EntryMethod(method),
diff --git a/logic/utils.dl b/logic/utils.dl
index 9bcc016..a7e564a 100644
--- a/logic/utils.dl
+++ b/logic/utils.dl
@@ -7,6 +7,9 @@
 .decl SubClass(subclass:Class, class:Class)
 .decl SubEqClass(subeqclass:Class, class:Class)
 
+SubEqClass("byte", "byte").
+SubEqClass("byte[]", "byte[]").
+
 SubEqClass(subclass, class) :- SubClass(subclass, class).
 SubEqClass(class, class) :- ClassType(class).
 

From 244b7ed954d0d50353565d3fdd99094116af894d Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Fri, 10 Mar 2023 17:58:44 +0800
Subject: [PATCH 28/36] update import headers

---
 neo4j/CallEdgeHeader.csv | 2 +-
 neo4j/CallNodeHeader.csv | 2 +-
 neo4j/ChaEdgeHeader.csv  | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)
 create mode 100644 neo4j/ChaEdgeHeader.csv

diff --git a/neo4j/CallEdgeHeader.csv b/neo4j/CallEdgeHeader.csv
index a163d36..eec8984 100644
--- a/neo4j/CallEdgeHeader.csv
+++ b/neo4j/CallEdgeHeader.csv
@@ -1 +1 @@
-:START_ID	:END_ID
\ No newline at end of file
+:START_ID(Method)	:END_ID(Method)
\ No newline at end of file
diff --git a/neo4j/CallNodeHeader.csv b/neo4j/CallNodeHeader.csv
index bff2ea0..27f9b61 100644
--- a/neo4j/CallNodeHeader.csv
+++ b/neo4j/CallNodeHeader.csv
@@ -1 +1 @@
-method:ID	:LABEL
\ No newline at end of file
+method:ID(Method)	:LABEL
\ No newline at end of file
diff --git a/neo4j/ChaEdgeHeader.csv b/neo4j/ChaEdgeHeader.csv
new file mode 100644
index 0000000..27b0681
--- /dev/null
+++ b/neo4j/ChaEdgeHeader.csv
@@ -0,0 +1 @@
+:START_ID(Method)	method	:END_ID(Method)
\ No newline at end of file

From 774df7eb2d2d7a8d4a798ee2a198576cdb2fe493 Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 13 Mar 2023 22:45:52 +0800
Subject: [PATCH 29/36] add simple-cha and log4shell example

---
 example/simple-cha-log4shell.dl |  19 ++++++
 logic/simple-cha.dl             | 105 ++++++++++++++++++++++++++++++++
 2 files changed, 124 insertions(+)
 create mode 100644 example/simple-cha-log4shell.dl
 create mode 100644 logic/simple-cha.dl

diff --git a/example/simple-cha-log4shell.dl b/example/simple-cha-log4shell.dl
new file mode 100644
index 0000000..e4ac3ff
--- /dev/null
+++ b/example/simple-cha-log4shell.dl
@@ -0,0 +1,19 @@
+#define MAXSTEP 33
+
+#include "../logic/simple-cha.dl"
+
+
+SinkDesc("lookup", "javax.naming.Context").
+
+// init entrypoint 
+EntryPoint(simplename, descriptor, class) :-
+    MethodInfo(_, simplename, _, class, _, descriptor, _),
+    simplename = "error",
+    class = "org.apache.logging.log4j.spi.AbstractLogger",
+    descriptor = "(Ljava/lang/String;)V".
+
+
+.output EntryPoint
+.output EntryMethod
+.output SinkMethod
+.output SimpleCallGraph
\ No newline at end of file
diff --git a/logic/simple-cha.dl b/logic/simple-cha.dl
new file mode 100644
index 0000000..240a3b2
--- /dev/null
+++ b/logic/simple-cha.dl
@@ -0,0 +1,105 @@
+#pragma once
+#include "utils.dl"
+
+.decl EntryPoint(simplename:symbol, descriptor:symbol, class:Class)
+.decl Reachable(method:Method, step:number)
+.decl SinkDesc(simplename:symbol, class:Class)
+.decl SinkMethod(method:Method)
+.decl EntryMethod(method:Method)
+.decl BanCaller(method:Method)
+
+BanCaller(method) :-
+    MethodInfo(method, simplename, _, class, _, _, _),
+    contains("java.util", class).
+
+.output BanCaller
+
+
+.decl CallGraph(insn:Insn, caller:Method, callee:Method)
+.decl SimpleCallGraph(insn:Insn, caller:Method, callee:Method)
+.decl ChaGraph(caller:Method, implementation:Method, callee:Method)
+
+SinkMethod(method) :-
+    SinkDesc(simplename, class),
+    SubEqClass(subeqclass, class),
+    !MethodModifier("abstract", method),
+    MethodInfo(method, simplename, _, subeqclass, _, _, _).
+
+EntryMethod(method),
+Reachable(method, 0) :- 
+    EntryPoint(simplename, descriptor, class),
+    Dispatch(simplename, descriptor, class, method).
+
+Reachable(callee, n+1),
+SimpleCallGraph(insn, caller, callee),
+CallGraph(insn, caller, callee) :-
+    Reachable(caller, n),
+    !BanCaller(caller),
+    n < MAXSTEP,
+    SpecialMethodInvocation(insn, _, callee, _, caller).
+
+Reachable(callee, n+1),
+SimpleCallGraph(insn, caller, callee),
+CallGraph(insn, caller, callee) :-
+    Reachable(caller, n),
+    !BanCaller(caller),
+    n < MAXSTEP,
+    StaticMethodInvocation(insn, _, callee, caller).
+
+Reachable(method, n+1),
+Reachable(callee, n+1),
+SimpleCallGraph(insn, caller, method),
+CallGraph(insn, caller, callee) :-
+    Reachable(caller, n),
+    !BanCaller(caller),
+    n < MAXSTEP,
+    VirtualMethodInvocation(insn, _, method, receiver, caller),
+    MethodInfo(method, simplename, _, _, _, descriptor, _),
+    VarType(receiver, class),
+    SubEqClass(subeqclass, class),
+    !ClassModifier("abstract", subeqclass),
+    Dispatch(simplename, descriptor, subeqclass, callee).
+
+Reachable(callee, n+1),
+SimpleCallGraph(insn, caller, callee),
+CallGraph(insn, caller, callee) :- 
+    Reachable(caller, n),
+    !BanCaller(caller),
+    n < MAXSTEP,
+    StaticMethodInvocation(insn, _, method, caller),
+    MethodInfo(method, "doPrivileged", _, "java.security.AccessController", _, _, _),
+    ActualParam(0, insn, param),
+    VarType(param, class),
+    MethodInfo(callee, "run", _, class, _, _, 0).
+
+ChaGraph(caller, implementation, callee) :-
+    Reachable(caller, _),
+    MethodInfo(caller, simplename, _, class, _, descriptor, _),
+    SubClass(subclass, class),
+    Dispatch(simplename, descriptor, subclass, implementation),
+    caller != implementation,
+    SimpleCallGraph(_, implementation, callee).
+
+.output ChaGraph
+
+.decl CallNode(node:Method, label:symbol)
+.output CallNode
+
+CallNode(node, "method") :-
+    !EntryMethod(node),
+    !SinkMethod(node),
+    Reachable(node, _).
+
+CallNode(node, "sink") :-
+    Reachable(node, _),
+    SinkMethod(node).
+
+CallNode(node, "entry") :-
+    Reachable(node, _),
+    EntryMethod(node).
+
+.decl CallEdge(caller:Method, callee:Method)
+.output CallEdge
+
+CallEdge(caller, callee) :-
+    SimpleCallGraph(_, caller, callee).

From 3afb958e7d3c0a3262bd93cda304e1a4cc7c9365 Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 13 Mar 2023 22:49:46 +0800
Subject: [PATCH 30/36] add import simple cha results script

---
 neoImportChaCall.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 neoImportChaCall.sh

diff --git a/neoImportChaCall.sh b/neoImportChaCall.sh
new file mode 100644
index 0000000..d1445e9
--- /dev/null
+++ b/neoImportChaCall.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+dbname=$1$(date "+%m%d%H%M")
+
+neo4j-admin import --nodes=Method="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv" --relationships=Cha="/bytecodedl/neo4j/ChaEdgeHeader.csv,/bytecodedl/output/ChaGraph.csv" --database=$dbname --delimiter="\t"
+
+if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
+    sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+else
+    echo "dbms.active_database=$dbname" >> /var/lib/neo4j/conf/neo4j.conf
+fi
\ No newline at end of file

From 1e7ea622e5e06ca22b0354ab0e6839cedd6e6269 Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 13 Mar 2023 23:02:36 +0800
Subject: [PATCH 31/36] neo4j docker add apoc plugin

---
 docker-compose.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 0f77ab8..364657e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,5 +14,10 @@ services:
       - "0.0.0.0:7687:7687"
     environment:
       - NEO4J_AUTH=neo4j/bytecodedl
+      - NEO4J_apoc_export_file_enabled=true
+      - NEO4J_apoc_import_file_enabled=true
+      - NEO4J_apoc_import_file_use__neo4j__config=true
+      - NEO4JLABS_PLUGINS=["apoc"]
+      - NEO4J_dbms_security_procedures_unrestricted=apoc.*
     volumes:
         - ./:/bytecodedl
\ No newline at end of file

From dc472472afc72d3112e8b614721f9f2f766c898a Mon Sep 17 00:00:00 2001
From: yxxx <yxwuman@gmail.com>
Date: Mon, 13 Mar 2023 23:03:57 +0800
Subject: [PATCH 32/36] add simple-cha

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index c3a2af1..785250a 100644
--- a/README.md
+++ b/README.md
@@ -30,6 +30,7 @@ you can use the docker we builded like docker-compose.yml
 - [x] 搜索功能
 - [x] 调用图分析
   - [x] CHA
+  - [x] SIMPLE-CHA 
   - [x] RTA
 - [ ] 指针分析
   - [x] 上下文无关指针分析

From eb6449206de4a488c06df4f58edb5a7d763717de Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Thu, 28 Dec 2023 19:13:36 +0800
Subject: [PATCH 33/36] add cha-log4shell example

---
 docker-compose.yml       | 11 ++---------
 example/cha-log4shell.dl | 18 ++++++++++++++++++
 logic/cha.dl             |  6 +++---
 neo4j/CallEdgeHeader.csv |  2 +-
 neoImportCall-4.4.sh     | 11 +++++++++++
 neoImportCall.sh         | 10 +++++-----
 neoImportChaCall-4.4.sh  | 11 +++++++++++
 neoImportChaCall.sh      | 10 +++++-----
 8 files changed, 56 insertions(+), 23 deletions(-)
 create mode 100644 example/cha-log4shell.dl
 create mode 100644 neoImportCall-4.4.sh
 create mode 100644 neoImportChaCall-4.4.sh

diff --git a/docker-compose.yml b/docker-compose.yml
index 364657e..e21273c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,17 +7,10 @@ services:
     volumes:
         - ./:/bytecodedl
   neo:
-    image: neo4j:4.4.4-community
+    image: neo4j-server:5.12.0-bytecodedl-pathfinder-1.0.0 
     restart: always
     ports:
       - "0.0.0.0:7474:7474"
       - "0.0.0.0:7687:7687"
-    environment:
-      - NEO4J_AUTH=neo4j/bytecodedl
-      - NEO4J_apoc_export_file_enabled=true
-      - NEO4J_apoc_import_file_enabled=true
-      - NEO4J_apoc_import_file_use__neo4j__config=true
-      - NEO4JLABS_PLUGINS=["apoc"]
-      - NEO4J_dbms_security_procedures_unrestricted=apoc.*
     volumes:
-        - ./:/bytecodedl
\ No newline at end of file
+        - ./:/bytecodedl
diff --git a/example/cha-log4shell.dl b/example/cha-log4shell.dl
new file mode 100644
index 0000000..4b9f606
--- /dev/null
+++ b/example/cha-log4shell.dl
@@ -0,0 +1,18 @@
+#define MAXSTEP 33
+#define CHAO 1
+
+#include "../logic/cha.dl"
+
+BanCaller(method) :-
+    MethodInfo(method, _, _, class, _, _, _),
+    !contains("org.apache.logging.log4j", class).
+
+
+SinkDesc("lookup", "javax.naming.Context").
+
+// init entrypoint 
+EntryPoint(simplename, descriptor, class) :-
+    MethodInfo(_, simplename, _, class, _, descriptor, _),
+    simplename = "error",
+    class = "org.apache.logging.log4j.spi.AbstractLogger",
+    descriptor = "(Ljava/lang/String;)V".
\ No newline at end of file
diff --git a/logic/cha.dl b/logic/cha.dl
index dcb7e91..d290216 100644
--- a/logic/cha.dl
+++ b/logic/cha.dl
@@ -123,10 +123,10 @@ CallNode(node, "entry") :-
     RefinedReachable(node),
     EntryMethod(node).
 
-.decl CallEdge(caller:Method, callee:Method)
+.decl CallEdge(caller:Method, insn:Insn, callee:Method)
 .output CallEdge
 
-CallEdge(caller, callee) :-
+CallEdge(caller, insn, callee) :-
     RefinedReachable(caller),
     RefinedReachable(callee),
-    CallGraph(_, caller, callee).
+    CallGraph(insn, caller, callee).
diff --git a/neo4j/CallEdgeHeader.csv b/neo4j/CallEdgeHeader.csv
index eec8984..5e2a8da 100644
--- a/neo4j/CallEdgeHeader.csv
+++ b/neo4j/CallEdgeHeader.csv
@@ -1 +1 @@
-:START_ID(Method)	:END_ID(Method)
\ No newline at end of file
+:START_ID(Method)	insn	:END_ID(Method)
\ No newline at end of file
diff --git a/neoImportCall-4.4.sh b/neoImportCall-4.4.sh
new file mode 100644
index 0000000..0e82b0d
--- /dev/null
+++ b/neoImportCall-4.4.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+dbname=$1$(date "+%m%d%H%M")
+
+neo4j-admin database import full --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/.*CallEdge.csv" --nodes="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv"  --delimiter="\t" $dbname
+
+if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
+    sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+else
+    echo "dbms.active_database=$dbname" >> /var/lib/neo4j/conf/neo4j.conf
+fi
diff --git a/neoImportCall.sh b/neoImportCall.sh
index da1e711..7e2ae73 100644
--- a/neoImportCall.sh
+++ b/neoImportCall.sh
@@ -2,10 +2,10 @@
 
 dbname=$1$(date "+%m%d%H%M")
 
-neo4j-admin import --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/.*CallEdge.csv" --nodes="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --database=$dbname --delimiter="\t"
+neo4j-admin database import full --nodes="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv" --delimiter="\t" $dbname
 
-if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
-    sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+if grep -q "#initial.dbms.default_database" /var/lib/neo4j/conf/neo4j.conf; then
+    sed -i -E "s/#initial.dbms.default_database=\S+/initial.dbms.default_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
 else
-    echo "dbms.active_database=$dbname" >> /var/lib/neo4j/conf/neo4j.conf
-fi
\ No newline at end of file
+    sed -i -E "s/initial.dbms.default_database=\S+/initial.dbms.default_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+fi
diff --git a/neoImportChaCall-4.4.sh b/neoImportChaCall-4.4.sh
new file mode 100644
index 0000000..ef763e4
--- /dev/null
+++ b/neoImportChaCall-4.4.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+dbname=$1$(date "+%m%d%H%M")
+
+neo4j-admin database import --nodes=Method="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv" --relationships=Cha="/bytecodedl/neo4j/ChaEdgeHeader.csv,/bytecodedl/output/ChaGraph.csv" --database=$dbname --delimiter="\t"
+
+if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
+    sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+else
+    echo "dbms.active_database=$dbname" >> /var/lib/neo4j/conf/neo4j.conf
+fi
diff --git a/neoImportChaCall.sh b/neoImportChaCall.sh
index d1445e9..130c7bb 100644
--- a/neoImportChaCall.sh
+++ b/neoImportChaCall.sh
@@ -2,10 +2,10 @@
 
 dbname=$1$(date "+%m%d%H%M")
 
-neo4j-admin import --nodes=Method="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv" --relationships=Cha="/bytecodedl/neo4j/ChaEdgeHeader.csv,/bytecodedl/output/ChaGraph.csv" --database=$dbname --delimiter="\t"
+neo4j-admin database import full --nodes=Method="/bytecodedl/neo4j/CallNodeHeader.csv,/bytecodedl/output/.*CallNode.csv" --relationships=Call="/bytecodedl/neo4j/CallEdgeHeader.csv,/bytecodedl/output/CallEdge.csv" --relationships=Cha="/bytecodedl/neo4j/ChaEdgeHeader.csv,/bytecodedl/output/ChaEdge.csv" --delimiter="\t" $dbname
 
-if grep -q "dbms.active_database" /var/lib/neo4j/conf/neo4j.conf; then
-    sed -i -E "s/dbms.active_database=\w+/dbms.active_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+if grep -q "#initial.dbms.default_database" /var/lib/neo4j/conf/neo4j.conf; then
+    sed -i -E "s/#initial.dbms.default_database=\w+/initial.dbms.default_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
 else
-    echo "dbms.active_database=$dbname" >> /var/lib/neo4j/conf/neo4j.conf
-fi
\ No newline at end of file
+    sed -i -E "s/initial.dbms.default_database=\w+/initial.dbms.default_database=$dbname/g" /var/lib/neo4j/conf/neo4j.conf
+fi

From 85e4bb7d09a5b2efc2941a91c464ad27034eeac7 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Thu, 28 Dec 2023 19:19:23 +0800
Subject: [PATCH 34/36] update neo4j docker image

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index e21273c..8f8e453 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,7 +7,7 @@ services:
     volumes:
         - ./:/bytecodedl
   neo:
-    image: neo4j-server:5.12.0-bytecodedl-pathfinder-1.0.0 
+    image: wuxxxxx/neo4j-server:5.12.0-bytecodedl-pathfinder-1.0.0 
     restart: always
     ports:
       - "0.0.0.0:7474:7474"

From a5be2913ac971fd5699a8c03c100589b2e1eecb5 Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sat, 30 Dec 2023 10:10:15 +0800
Subject: [PATCH 35/36] update neo4j image name

---
 docker-compose.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 8f8e453..5a834cf 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,13 +1,13 @@
 version: '2.4'
 services:
   bytecodedl:
-    image: wuxxxxx/bytecodedl:1.0.0
+    image: wuxxxxx/bytecodedl:1.0.1
     restart: always
     command: sleep infinity
     volumes:
         - ./:/bytecodedl
   neo:
-    image: wuxxxxx/neo4j-server:5.12.0-bytecodedl-pathfinder-1.0.0 
+    image: wuxxxxx/neo4j-server:5.12.0-bytecodedl-pathfinder-1.0.1 
     restart: always
     ports:
       - "0.0.0.0:7474:7474"

From d7a833973cc8d68c944288270b6a50092c65f98e Mon Sep 17 00:00:00 2001
From: yxxx <i@sometimenaive.com>
Date: Sat, 6 Jan 2024 16:53:02 +0800
Subject: [PATCH 36/36] update bytecodedl docker

---
 docker-compose.yml             |  2 +-
 docker/bytecodedl/Dockerfile   | 16 ++++++++++++++++
 docker/neo4j-server/Dockerfile |  9 +++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)
 create mode 100644 docker/bytecodedl/Dockerfile
 create mode 100644 docker/neo4j-server/Dockerfile

diff --git a/docker-compose.yml b/docker-compose.yml
index 5a834cf..e4435eb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,7 @@
 version: '2.4'
 services:
   bytecodedl:
-    image: wuxxxxx/bytecodedl:1.0.1
+    image: wuxxxxx/bytecodedl:1.0.2
     restart: always
     command: sleep infinity
     volumes:
diff --git a/docker/bytecodedl/Dockerfile b/docker/bytecodedl/Dockerfile
new file mode 100644
index 0000000..b5e456a
--- /dev/null
+++ b/docker/bytecodedl/Dockerfile
@@ -0,0 +1,16 @@
+From ubuntu:22.04
+
+LABEL version="1.0.2"
+LABEL maintainer="yxxx <yxwuman@gmail.com>"
+
+RUN apt-get update \
+    && apt-get install -y vim \
+    && apt-get install -y wget \
+    && apt-get install -y git \
+    && apt-get install -y openjdk-8-jdk
+
+RUN wget https://souffle-lang.github.io/ppa/souffle-key.public -O /usr/share/keyrings/souffle-archive-keyring.gpg \
+    && echo "deb [signed-by=/usr/share/keyrings/souffle-archive-keyring.gpg] https://souffle-lang.github.io/ppa/ubuntu/ stable main" | tee /etc/apt/sources.list.d/souffle.list \
+    && apt update && apt install -y souffle
+
+RUN wget https://github.com/BytecodeDL/soot-fact-generator/releases/download/v1.4.2/soot-fact-generator-1.4.2.jar
\ No newline at end of file
diff --git a/docker/neo4j-server/Dockerfile b/docker/neo4j-server/Dockerfile
new file mode 100644
index 0000000..303c642
--- /dev/null
+++ b/docker/neo4j-server/Dockerfile
@@ -0,0 +1,9 @@
+From neo4j:5.12.0
+
+LABEL version="1.0.1"
+LABEL maintainer="yxxx <yxwuman@gmail.com>"
+
+RUN wget https://github.com/BytecodeDL/bytecodedl-pathfinder-neo4j-procedure/releases/download/v1.0.1/bytecodedl-pathfinder-1.0.1.jar -O /var/lib/neo4j/plugins/bytecodedl-pathfinder-1.0.1.jar
+
+ENV NEO4J_AUTH=neo4j/bytecodedl \
+    NEO4J_dbms_security_procedures_unrestricted=bytecodedl.*
\ No newline at end of file