From 2acb3e1b65e1273deb60b9999de25ecee511454b Mon Sep 17 00:00:00 2001
From: Philipp Oppermann <dev@phil-opp.com>
Date: Wed, 26 Jun 2019 15:11:03 +0200
Subject: [PATCH] Write remaining parts of post

---
 .../posts/10-heap-allocation/index.md         | 150 +++++++++++++++++-
 .../qemu-alloc-showcase.png                   | Bin 0 -> 9485 bytes
 2 files changed, 148 insertions(+), 2 deletions(-)
 create mode 100644 blog/content/second-edition/posts/10-heap-allocation/qemu-alloc-showcase.png

diff --git a/blog/content/second-edition/posts/10-heap-allocation/index.md b/blog/content/second-edition/posts/10-heap-allocation/index.md
index f8231114..537a3c90 100644
--- a/blog/content/second-edition/posts/10-heap-allocation/index.md
+++ b/blog/content/second-edition/posts/10-heap-allocation/index.md
@@ -501,9 +501,155 @@ We now have a mapped heap memory region that is ready to be used. The `Box::new`
 
 ## Using an Allocator Crate
 
-TODO
+Since implementing an allocator is somewhat complex, we start by using an external allocator crate. We will learn how to implement our own allocator in the next post.
+
+A simple allocator crate for `no_std` applications is the [`linked_list_allocator`] crate. It's name comes from the fact that it uses a linked list data structure to keep track of deallocated memory regions. See the next post for a more detailed explanation of this approach.
+
+To use the, we first need to add a dependency on it in our `Cargo.toml`:
+
+[`linked_list_allocator`]: https://github.com/phil-opp/linked-list-allocator/
+
+```toml
+# in Cargo.toml
+
+[dependencies]
+linked_list_allocator = "0.6.4"
+```
+
+Then we can replace our dummy allocator with the allocator provided by the crate:
+
+```rust
+// in src/lib.rs
+
+use linked_list_allocator::LockedHeap;
+
+#[global_allocator]
+static ALLOCATOR: LockedHeap = LockedHeap::empty();
+```
+
+The struct is named `LockedHeap` because it uses a [`spin::Mutex`] for synchronization. This is required because multiple threads could access the `ALLOCATOR` static at the same time. As always when using a `Mutex`, we need to be careful to not accidentally cause a deadlock. This means that we shouldn't perform any allocations in interrupt handlers, since they can run at an arbitrary time and might interrupt an in-progress allocation.
+
+[`spin::Mutex`]: https://docs.rs/spin/0.5.0/spin/struct.Mutex.html
+
+Setting the `LockedHeap` as global allocator is not enough. The reason is that we use the [`empty`] constructor function, which creates an allocator without any backing memory. Like our dummy allocator, it always returns an error on `alloc`. To fix this, we need to initialize the allocator after creating the heap:
+
+[`empty`]: https://docs.rs/linked_list_allocator/0.6.4/linked_list_allocator/struct.LockedHeap.html#method.empty
+
+```rust
+// in src/allocator.rs
+
+pub fn init_heap(
+    mapper: &mut impl Mapper<Size4KiB>,
+    frame_allocator: &mut impl FrameAllocator<Size4KiB>,
+) -> Result<(), MapToError> {
+    // […] map all heap pages to physical frames
+
+    // new
+    unsafe {
+        super::ALLOCATOR.lock().init(HEAP_START, HEAP_SIZE);
+    }
+
+    Ok(())
+}
+```
+
+We use the [`LockedHeap::lock`] method to get an exclusive reference to the wrapped [`Heap`] instance, on which we then call the [`init`] method with the heap bounds arguments. It is important that we initialize the heap _after_ mapping the heap pages, since the [`init`] function already tries to write to the heap memory.
+
+[`LockedHeap::lock`]: https://docs.rs/linked_list_allocator/0.6.4/linked_list_allocator/struct.LockedHeap.html#method.lock
+[`Heap`]: https://docs.rs/linked_list_allocator/0.6.4/linked_list_allocator/struct.Heap.html
+[`init`]: https://docs.rs/linked_list_allocator/0.6.4/linked_list_allocator/struct.Heap.html#method.init
+
+After initializing the heap, we can now use all allocation and collection types of the built-in [`alloc`] crate without error:
+
+```rust
+// in src/main.rs
+
+use alloc::{boxed::Box, vec::{vec, Vec}, rc::Rc};
+
+fn kernel_main(boot_info: &'static BootInfo) -> ! {
+    // […] initialize interrupts, mapper, frame_allocator, heap
+
+    // allocate a number on the heap
+    let heap_value = Box::new(41);
+    println!("heap_value at {:p}", heap_value);
+
+    // create a dynamically sized vector
+    let mut vec = Vec::new();
+    for i in 0..500 {
+        vec.push(i);
+    }
+    println!("vec at {:p}", vec.as_slice());
+
+    // create a reference counted vector -> will be freed when count reaches 0
+    let reference_counted = Rc::new(vec![1, 2, 3]);
+    let cloned_reference = reference_counted.clone();
+    println!("current reference count is {}", Rc::strong_count(&cloned_reference));
+    core::mem::drop(reference_counted);
+    println!("reference count is {} now", Rc::strong_count(&cloned_reference));
+
+    // […] call `test_main` in test context
+    println!("It did not crash!");
+    blog_os::hlt_loop();
+}
+```
+
+This code example shows some uses of the [`Box`], [`Vec`], and [`Rc`] types. For the `Box` and `Vec` types we print the underlying heap pointers using the [`{:p}` formatting specifier]. For showcasing `Rc`, we create a reference counted heap value and use the [`Rc::strong_count`] function to print the current reference count, before and after dropping an instance (using [`core::mem::drop`]).
+
+[`Vec`]: https://doc.rust-lang.org/alloc/vec/
+[`Rc`]: https://doc.rust-lang.org/alloc/rc/
+[`{:p}` formatting specifier]: https://doc.rust-lang.org/core/fmt/trait.Pointer.html
+[`Rc::strong_count`]: https://doc.rust-lang.org/alloc/rc/struct.Rc.html#method.strong_count
+[`core::mem::drop`]: https://doc.rust-lang.org/core/mem/fn.drop.html
+
+When we run it, we see the following:
+
+![QEMU printing `
+heap_value at 0x444444440000
+vec at 0x4444444408000
+current reference count is 2
+reference count is 1 now
+](qemu-alloc-showcase.png)
+
+As expected, we see that the `Box` and `Vec` values live on the heap, as indicated by the pointer starting with `0x_4444_4444`. The reference counted value also behaves as expected, with the reference count being two after the `clone` call, and 1 again after one of the instances was dropped.
+
+The reason that the vector starts at offset `0x800` is not that the boxed value is `0x800` bytes large, but the [reallocations] that occur when the vector needs to increase its capacity. For example, when the vector's capacity is 32 and we try to add the next element, the vector allocates a new backing array with capacity 64 behind the scenes and copies all elements over. Then it frees the old allocation, which in our case is equivalent to leaking it since our bump allocator doesn't reuse freed memory.
+
+[reallocations]: https://doc.rust-lang.org/alloc/vec/struct.Vec.html#capacity-and-reallocation
+
+Of course there are many more allocation and collection types in the `alloc` crate that we can now all use in our kernel, including:
+
+- the thread-safe reference counted pointer [`Arc`]
+- the owned string type [`String`] and the [`format!`] macro
+- [`LinkedList`]
+- the growable ring buffer [`VecDeque`]
+- the [`BinaryHeap`] priority queue
+- [`BTreeMap`] and [`BTreeSet`]
+
+[`Arc`]: https://doc.rust-lang.org/stable/alloc/sync/struct.Arc.html
+[`String`]: https://doc.rust-lang.org/collections/string/struct.String.html
+[`format!`]: https://doc.rust-lang.org/alloc/macro.format.html
+[`LinkedList`]: https://doc.rust-lang.org/collections/linked_list/struct.LinkedList.html
+[`VecDeque`]: https://doc.rust-lang.org/collections/vec_deque/struct.VecDeque.html
+[`BinaryHeap`]: https://doc.rust-lang.org/collections/binary_heap/struct.BinaryHeap.html
+[`BTreeMap`]: https://doc.rust-lang.org/collections/btree_map/struct.BTreeMap.html
+[`BTreeSet`]: https://doc.rust-lang.org/collections/btree_set/struct.BTreeSet.html
+
+These types will become very useful when we want to implement thread lists, scheduling queues, or support for async/await.
 
 ## Summary
 
+This post gave an introduction to dynamic memory and explained why and where it is needed. We saw how Rust's borrow checker prevents common vulnerabilities and learned how Rust's allocation API works.
+
+After creating a minimal implementation of Rust's allocator interface using a dummy allocator, we created a proper heap memory region for our kernel. For that we defined a virtual address range for the heap and then mapped all pages of that range to physical frames using the `Mapper` and `FrameAllocator` from the previous post.
+
+Finally, we added a dependency on the `linked_list_allocator` crate to add a proper allocator to our kernel. With this allocator, we were able to use `Box`, `Vec`, and other allocation and collection types from the `alloc` crate.
+
 ## What's next?
-allocator designs (optional)
\ No newline at end of file
+
+While we already added heap allocation support in this post, we left most of the work to the `linked_list_allocator` crate. The next post will show in detail how an allocator can be implemented from scratch. It will present multiple possible allocator designs, shows how to implement simple versions of them, and explain their advantages and drawbacks.
+
+TODO:
+- update date
+- resolve todos
+- check spelling
+- create post-10 tag
diff --git a/blog/content/second-edition/posts/10-heap-allocation/qemu-alloc-showcase.png b/blog/content/second-edition/posts/10-heap-allocation/qemu-alloc-showcase.png
new file mode 100644
index 0000000000000000000000000000000000000000..a849aa7bf010fe976bd6be6a4bafd895e84b2f1b
GIT binary patch
literal 9485
zcmeAS@N?(olHy`uVBq!ia0y~yV7kP>z_^x!je&u|`rBk>1_lO}VkgfK4h{~E8jh3>
z1_lO+64!{5;QX|b^2DN4hTO!GRNdm_qSVy9;*9)~6VpC;F)%1Fc)B=-RLpsMw|YX#
z^+fq+_upRMQzp(WpmKoK^`MGq;DgyB_ct(jv6XLD)D4#rSB{*dJ@o_s>B1*2VLOGU
z%V_&qE-jjx<2rSdQ1qIJX{y1Kbfd%^8w^?PR0ECVpUs})Fp=qF6w~i}m8IYJ{#=}%
zmY)9nVsTnodD`>et7hGKY4`n3vH$m^`r2oAidU_9d~f@{jgjvw85k@&?EZE7hh@*-
z{iyRPL+zWN<?AY+W<~Fr6Eb`HjZZ(cxng6hs*lJ2Jrr>~KgfM+Xye9yeQle#->YTi
z_Wx?o?!WQxV|M+WGT!hjfmder?oR%*Yt`Gh-=X4hMNh-8Y&{ykc5U{}C-1M`SbO7-
zy=t`l{+Ei$`<z?rJ6HF{ORZivS9ZT&cG-_QHP2a7|DT*%e=ARR_5U4bqt;o~HH#l#
zk^K77>?s-BZhv~VO8&I_q-j-o?aqPI`}J36oIRd+yL4^+pC4ay_y3fxDdX1LANl<6
zoqHd%=ij)vJoD`2*7<LE`EMV)zs2zW`A?6pi$y<gFnkrU|HO^|i4u>E%=I^3{pfG=
zF=Uc9^Vd`I?`mI5&yLQw-4!a#!0_OJRq?YoUNhEB3hc0}`Z7)WwiW}!4fb>MY^V3v
zKbjo++RdDWf#KWYSD-N5`E;7H`7T)ohBwK+mzS(sb)|Ifu9d<3vrSe`U#4d6xhmx9
zr@wZgv(o<luA4SLe^%Pkd#78?*QXmu^j*Ccw%SX3?Uq}iQES7Z*1ql6oo`)kH+L!<
z6N5wJvdl{+zHOy*t1Nu>+k4o`=(WC5Tbrf1VcYGOWw$-AN}biu+a%OA{q@QqRo}_W
zR$hM3e|$xH$i7vpwp=^C#rv()mBUxQK0R<hOLcCT^;<vdwSLxb!>VsL?%KRLkD1|t
zLNw>aW~;ydlElQsi@)D3f4**a-&4!;J8ie$t1?MHH|Ol;^LCSu%hxO2|8dOR=;G_8
zm*4idP1$U-$wn$FZ<bo~K?QE^Zp*Sa5pka;i9dg_cKfpr3!QgXd`tp`k-L1Y$^Bo~
zwy#^Ip564Jz~aoKM@j!KdG|f#Ex$W$cfZ^@+4g0hz8u|I^Y~5cpNEf^f8J+br?j^-
z?vkwR=D7y3cYj|qH*4pYzZJ;N*M9iSdHs~KGQH5y)T}HcVPWByCAX|sedqF>dvxc|
zGkQFi<ga;N^;&-W?3FJmYSyRkr@T5d&vt(I-_`u<cLi6TyV$v9k_q?pPiKDCt-4o|
zw|nVy?cJ+S{`vXYa{mM$Im=1P!l9EA_2%uHaC6se<?}O7rfl7oqiwuh?p)7$RfYqM
zn}im%AJ)<NcKK~t@&DTIPq*FfOS4#GEOTw;YsaXyez)F+-Fh45H{WhHfBh5Xm*0QC
zEZyy`d}(o}wD095_untSoA-2W{$BI)J0JI4`TFat&F3?lf8IE5H}7cZ*DGJ23ch@p
zFyXoHw$GdIf8QiyZ8CA0oLcGJW$S{sMtQEDy6WmVVR7+K<#xZ0+SuAha6Wsyqu}8q
z4G(!Mli)jzpFeX~e)}@h#CNja?zth06Yl11Eq=Y$-PrJ=_PT1<yXRYP&a63q`~Jl8
ze?P;Y?0#o6=h~l{e{N2<pUS`Q{lS_?FP}_Xney&W%Dr#p{}cb+Dv!U**sTBW^q(K+
z|J4~8o_KTm-rV?Ko$r1BU*13E|I6q0b6=e(nvrKzzweZG{U7-!`Fl6c?*D(s|B3ki
zTi(_GzWrJH|MBwA@pkWxe;$ATZ~y0?Ghh0I_==s=e-c{%S^Sgm`oCrW-unMvUwQwf
zWTF&<MF5+3u;s3~dH4Q(W54t+<fZ<%%S${rYuyN2s};Jcr1~xoyRTf`k7h}p-!Dsc
zWo})yRKV6_^{P+bw%bp*=Tg3Op2_s(O6%99Us(V7f;0c}ytbDmyR@H6@v-g9UNm?9
z{{QoQO#fc#{w%$1|JB)NVy>RO|KqOylb4Q@<F-!^%YN<pPd{$Ymdz_=KY#vgS^8?G
zjFrjcl`B`4R4=};XTydGt*xy!zh|Zw|1Qou{p5+uPtRG2dgpA-kJrD-fA0Qn=E(<l
zwtt#>{%<B*`+jBp+P@$F{K$@*JN@5$``PioPAO<l+-o;izxGXWWzE$SUp|~%J}FMy
z_wJKvxBHgGhR&?`YW=Ct{=56n-sO{=?=F$lN%`3N{!D!3--RJp4cznRdIsxH+b+xS
zK<%1|@2teh{~jg1`@OIFvPtuqvwUH0tES6`hOV_?Yp&aMH}2l2Y35Iy<$o1et-ToY
zeAl|oJ2p(%Ui<%V=GI9&Z|>B6CAsAG+h_Nx?{5k6Uwt)dmei&5_p3jbFDrgoA}03C
zY=4LM^UHJRoV#CtHn#G+`o4K(yXS^w@9BuC*_^ol{`sB7;%<snMMn024%<(;zW3Es
z&q?S1EI<D=yzXoG<tx6RJpSC~`L;)ya?Lke@BHlhZ)RU|-sfEHv-qd=zgyiu9oaB7
zYlckSRsQG8{~!PT`S1I>aJ%1=-=ADQd*wyP!|I<V)_>Lh`NGNi?Nfb`w|Qx5w<XVo
zSytWF%{29WbxrnX<NhCQf6kq+*E;N{{`Y3*o`>x3&&RG+^SylPVsyXC;o$JMC6`Uk
zzKFhd>zLWuzVa<h3^(-K4y*l5v@gF~sxx`=<e78lp8h1#yKCKarVkmRy;(2a4z5~t
z={>)Zsp;J0a@o_{=i5z<+dVz8eunk?J;v>6Y13YL%2hs5mgHf3J@0oTd!54Hy85N_
zf|vWHF0!3?Fk!;v@^eor&*uC}Kd<KLcUJG&%$;@bD$hNQl!&)Bp6z_MtWS2<iGp`d
z?`%p;{{Q^U|MY)#TA|75Bpz?as^7Ba_WNh-$~3aHoVx#8vi+>;xL>h5OI{{TdLpX-
zd)}WH{eL|E9o_$Ds?N9HGiT5CzxidN<FnWAPci3LJKpM!KbgPp`Qe{s?*sBO)jcP-
zp8sD}_w(`klmCnUXMa90yUw=$%kI_vYcI!3q?u^kJ@sVb$t9kztSpO8KMXnS{`unl
z`RDfLTh7~l|Le&=yYsJ0-mA2EUvoA^?*Cr@w12(%r{22rseip3zI9dPEvIj<8uor(
zo5;xUt^4V0p854}e$Jdd`*eXtOx3<PN!PftN|Q>Hh1=G>ma+c!$L8me$uG?oYbqV@
zyF2se&p_ML?RFmye2))3uiRf_^0%%&bLJi^{T;6(=G8np86q6Yb~y1}^}7(Z>F1Wq
z^-Owj`SamFcb3bY_TTsG=g#NbUe>&Q6Z7w4`n(hM|8I#uJ9jd0=E0?(cmCfQ{PV!&
z;+MTMpHDlscKiH)ZC?%c=BeM!Q(s^A^mNg`J3qJFTHF^oWB&Q<xR0OyL@l2kw|(}*
zf`F1fp7xdbf6v{i^`81`cKj*vbEQUwKZ<Pkb~^6+)#|>v;(vDW_wKj}ugcx47cBq%
z>Ce~y&uxFcKF#_%{qqC+AM-!2?)P7E+2`4biFvD@IoW;R*Z=&)_kR)p4xJ2tQeOA*
zbmhy=-^Je_iGT9H|NZHnpS<~}%I_6f%v~0D`IFk~<1cbP$S@o@yK>c}Wpd9hobeG8
z7oQYkdpWVv>)6xh?JHMl9e$`_eEIU?+5e4JrKhE-b$54%UokW{FL$*)?e?>%B>&!*
zAltQDg7{z898a10>r&3FU4E1H{Hb*R9Q=Nd{{I*E>n-YkzFYirZT_6o{&W6(u5>N6
z``T*kIcb;NGgjl^mF=a+&Xybvw!XDCENZp*;kepESwFw{TFw17>)h?OWu9tkMl+Yp
z+&$&y(&u5d>Yo1}<%mtb=-Yc*|H}Di#r-u_{ks17d3sN^#c#a~DSah#^5IOavxk<(
z*nDOGIrskW?w`BA+fDdwSE91M?z3*?vt<6~-{;RdrOobXTC8F0Ta@^<=5yLk-m_M<
zIa%xs1qCLaua<ePTH|wY#VW1+->c`}`7mSqo~OOqi?0e#etX6H=DIkpQ{b%j<kXy9
zzs@fXe0}k}u(0>nki}n@FQ5I-YlHu!UvIX5zT5u$=lXjey8i5!|DRL$M0fp})2}W|
z&atoEnHW0t<gWcjv+VjFt(3i+XMXshLGwX_`M)1c|9n@!GEhuRY?@x0(fq%E#4pM7
zT+Z5h`DF<gbK2Brk6L3gCcQdwQO0xf<;CB%JTG1GRqK;G=`t&3hsEr)pRErk|2$It
zztqlXzm5AYukuCH^Rj2`^hr(I<z;L=+gtL<#df<%`S-pz|2$p)dY#Ox8s+`pK3q3i
z@o)2)bE;R*_@u2;dp_IoSF_s5lx54^E<4W(3o;L$Id9dZFPm?iza+a<^*SfRhW{bn
zyLrx?J-0m5?XuOXRa1Yz|G#f)<;By}o_n7^dv<A_+u{qwn?El$@=ksJTs$ar@m=oe
z;pZZ(h4!vl_j>8mce8YKbb6NcZi!mCDopQ;Zc0+b^2}FLKgIvtto|u~f03U3pJ(CE
zYX5)q-uZiX{>krmiYiNYuDW{a=+2)Zq1kV2wr^=E+WhwTmoFi^?)u$&tM&hn?faAI
z_TP{C_@7Uys#2T(_s{fC`gK32U(VZp>2;}*scB$I-<GJ%`Twi-m96r7ePi{fU(c`4
ze6PRX?#!P<C2`+>O<yv*_0P$0`Q39i=<iSV?zj5edX#6Dn(s0r<Its%F=vvldOcs+
z|Lov-{U;wTI?w$5rv1~2m1Vbl?YX;sSG}C+WA3}^)lHjkKb&Tr>;5#&{O-JeM|Z~T
zv6y~PHvdd?+$BHb-xd3Q`drErjal3d0mtp?wnVL+V_9r=IC1X5gb5D|CfvMv^UT?^
zsd;&NpFe-ruAet|@05oH6CNf^c(~!*&CSm*Wo<X+I=6O?b$Q*=c^Av>ug;I!QzM*w
zDaAlSZ|?eYJBy!B-}Y<WrM&H*kBdLMyu{D;&2qVKpSNx<{<%|s{@MF~8m~W}TVD1#
zSpD9d`cG3g|GYHw=2Ro!;O7^+xiiaeCCB~dTUO@d>-+S@#pushg8i3WfBWou{b%z}
z@9+Qrx5P8;dD`XIUxTjuzT5HmoQ}?!=YM{FzHR3owDfwVj(pXN)s`Rc?=i9e@%VqK
z+;8>$6YXub&e+oTWa;}K?>{YGKilu~TlY^N(w|*AcWIUE+vJ_^*Z<3i+f<c2?N`XZ
z2iyNS@0)Sb$5+jA_l&y9Th#TQ^8de^|NJSp{)zc@4=&G~pRqJ5=FFj_AlZ4RLZ)u1
z{`+S+|DU{lKllE3jr*5eumAstZ~R$v{j*Q3-&YpCn-Otl@&3ODYu3F>(OOo<z`*Vv
zsyf$C{k+ZRw`b1yq*}-<TlH#7ROzj^*G}=aO*hY5Io)m2>k_NEbF50W?v|;q-Lh^~
z`j%}apV;d^xWArPZSZ3Gy4h2!tmfveS~fLq`}BU>YDN9(yh}R1<}>HbI`{vBc-*Y_
zkv3ERZJ&R(n_vFyeY=0leCGVRY|?x)u=Q=6TxHsXxbGK4m2b}0oOi46-JPF4zPz7K
zh3~T}E-sejVSicbe)w_s-=kZi-<IsYTk|@)|LLWr-bWcXzbY$!cX<Dl`d^FYpSi!|
zJ^QE0_T~9{bL{3H{IYgu>8`oY{)B&CU;ps_lhrR{<tF6aomTyBxBd4u>oPtZul!Rk
zcTRlQ<e9HRGJkbP=Bx@?>lf8utFiw_y=mt6s+k$)kr`s{%9r+@^w~Pg<f@BR|KGBI
z-|H*v?7xJ+JO4WF&!?LF>It9y>n;C3Y<_=wz3rzIwPjw**E2A@@h`o*<o4UAUtStl
zo_o7JebIH_*y}5!LT?@Z7Bu19C6z|C!&Nhu$@M19w<|VFKR@T>moE#Kcv;QWel5u}
zd(W?{>%Dg0jhgk$@YdfA>)aP#+FV?m85*j0_T00Z>GRHB`BD<3Dm+>E=ZBj&=h$32
z&%G+_)xo4bU*5?#)x(~-@SnGvEY9EVx!%v#+GF+Y)64bDex5j5)_2cp;?JGB*XG3q
zfjeJ&<H}!8lAbYd-Z|OwJ2S=iKT+NJ_uKPjp<6$Fx$OV+qWgc9<$iNdy?L|r(JuY$
zO%~Jd{QC6%H1qd;R_p8EdKW)G^0MaH_ImC8A1|nXUe0~jr`-LinBLj+x*c({YklNq
zop3Qd^QQIam)mz`=Dke$d-uxp*O}?R3iR(TZMnz8J~LioiG56z@W!iN+pnKZSzmf}
zjSxda^Mb2c=@t@c5!Wj}cE694Y>eAmc}jHlsx46~+kNF~zxZEzS90mK-;%3Rx$p1B
z%jmBEvq=2!&XBb|VP7Ib{U<G5DYsab?{dh`U)T4~TjI6;x^I5c7S0EU{y6oWnSb{D
zokC6bS^rKMRlMG||MJ<Nt7h;2eC6Sn^gfkLqZjM<mwnCZ?*1D%;a%D3<}Y7E_}L;O
zR(yK2|CjO4nUl9ay;A?jq3(0@{FC8w)oPoYtzMsTW@mUHl{sli=B1Zqn|JJ(@i1YF
z*q1L~zO=peIDhWkvy<xcy>{O{b>zttQFEbdrIU}gw(_)>_Q~!x4h|0XE?x6)YyH+O
zHTMke|GM^g<!h_SlZ97Ct^HCpJzs9l+_}Ex|AOw-KB<W_-#Fol_v#v*w*tYTp_j6r
z2XhPmOn=_L#J*BvZ=Ct(V(EPKeNp@G`~Pm$uQ_->f9o~*>36eNg=x>t`*cR!ZoYc@
zyK~w1zD&FGecSe@N3_L0f8?)Ioo?mU#>lX4`LfI){`Q$KzE0AzEdJ#qCMGs{mFMca
zUXw3Mo!z{7bLF?2mn*;BOuzivZ;83#MxjNkv$m8Kg@$^Y%bQu&{yLN4xmPQ5Yt+iu
zOY&Zw(LeM2&CJb}uU0O<{BDc!#n(%tPHlSYr@mNIA#~T>IJUKZc2x`K9v7R`x$30P
z)s#h3V^&1}4B9{ad)$nZ`)BS}-Rtar>GfA5YjgW=bDr;7=dOHd>Fx6S7QVl@n{~G3
zoh;w;qIKuuI-B|bH-CP)<!A;&!|UA2Cp#~{UE*c^*U|p)zXTKYs?1sLyRZ7~zU{gG
za%|MHyplJ!R6n`>pKo&3p!=^Q+uwtiO8TrquX?S%>b3l`-}dXitFvMSkL}*ux%yVv
zbzd>DXPbBInD8(mBz*N%DPQfEz9~sbM$P|{#KgrerR<r_GdaaTqOYl>`pn-W-{+})
z-QXD;`f^K421A4N(vwf8cHDk@E~BJUb$%@0?$fWm^S9W2`Sf|Q>7vPNZl+dkaXpc7
zrE<%r<4>!mJ@?4Jd2N^9-7At`+9M-kB5pDkTDKie{Q0T8+V$$HOXvRWV`FHTeXvMM
zI;W`k{#Fxf>+0C^*CqeX7vN%GxE;8s&xC<NCgpcs7CQsO9gexm?fuUVw#)6i_?Cg8
zq4x2U&d1U@Z`c_aa=a$6F*GnWnJ_Sj2rOY_SkR!r%fP_OlF7iJq2R&H;K1l8#lXPD
zafyK;z+qJBXb6mkz-S1JhQRO)fd!LQd_S*K@eJKt{<QV$Jn8G7HqMr{_nSHQ)(fe!
zqTI*xidX;Ie%bx{s(J<njdEYNCC54I%(E?IzVF(mwcRRX{Xb&{hU(^(vJ4CX3pUR^
z^t!hv?scYQ^~0Fe%Ol<#n<AoohJoSteNp90zMt1kJs!3C@RLu;UqA28Tt7GaZLxLc
z`5m9<h3~K1?AOf5aO3<siHULfB4um;TFu%OZT{}<lL~WwCWbpU+f27A3o=cA$<ENw
zoO|1`%Kp}R?F5e33=GxR`@-Jd$gukwx3O&A$GX|&d#?W$XLz6>ZSAps-@&}n1JU{u
z`iz<OM9zFWCwuuZ%j;!sTecU+UjL-##lWy`?W-r9kIy#q+tw_;&B(y;``Ah0<GCl8
z7#LKs)`bfu$L#!bt1cq`XVi`LwHvA=_s+et@mAi|?UA<Z8_!t$t+74Lz+ipZ>yPs6
zH|Onc^nP6)&c6R{#PzB<$^1z(3xEBrn#RabcJ4|abI#t2m*=vq-zyaLJqj-2p1xPz
z{MXknRsRL@L(>*tU;S#Y^(?=Qq0;7D{Hn_5rLRU_vcGM4->o#qjA`fXZMV;7-@o45
zXPJ@8&@lUasPZN0+}OR}t{<JvdUb7FeC@n!+o)}!)n%u5{59??{9UnlzW17Ya<y-F
zUfY&<M_(-awf&0JYt!V@Xa9U1%Eq8kezoIESYyJR`aRz#y}mo|?wsv=!gcz$<b9QH
z`RaD+xTLSW2FRY%yMnFFHqX7dQ(BfI-=(^&`e^s-tL@QStG{k(-I}_6*0;h7r`MRB
zd;S>Y)l+Y8&*nWov*^IP$o2CX8TdBIvc8nIWiKwBaj#qPSJgNFlRJ<7HQH46@B6Lf
z8+V}Lw|lWw<)ezv|M+G0{yCy%J|VaKYG3a%<~P?~iDkdOoptYB+GXKwn}d#R-M6mr
z_MW(#LbGFk?^s>d6MWrKfAjQPObl<%oD@Fp?)VGT@>!>D=ETNupswuGk&kch=Tz9{
znC3b#uroYx+x^b5>g}DgU!68C;9)orSAMs7%LE>V17{QN>(#R}FqlsQH;KMIIoo#q
zP+rc>J-5BPdN)^{bkx~=H}#3vYsu|A3<s+Cj&yv<%aPl3d-kNB;x~>un?vo_*VZon
zo;2tCX*Xkr1Aa0c3VVZJ_s)B#Qt@``g<aQAy$Q4L4?dr_e>uZ}gT~*k^c9xxxc%;3
zyY$qXezT9+p5J<hBW?HJ%~i(_oqc7Mk;=gEtvgnBqTKWA?;iils*{Pny7AZ6uXTDC
zP2S)7(tW_~`mTHDrLWcpoL-~5Kh%D`-sZr)(pNX%HDX}Mj-5Q4ce}Kg*WtHu-1euH
z*RH;8dX6{m^<9q238!<?_CDBi=Xst83&XnQ*+NU!yDyMT_d2<C!_}>8=WW}t?M>Ka
zJHD!!SIb@-oA}u>Sug}7y;&*y*e5pO?>|O{2hWN_C)~@~_u|&im8<99J`p#2aa7T|
z!u>80e!1youTS5y`1&J>gW*j`>8B$fLG91D%B1DyeRo%cTAR%d+6aoVwL(VkR>?lT
zQhMQZ&iAj`cjFiuw))Mps4Jbo#=u}!{^>}e^d<%d2TrWb&>d>l((hcWGr3>hjp*us
zoxR=8{(AD-S9hc0gcxqzX_T0F&wKWwJ1f?n)!aV+-r}vZnSRb;Jg~Jm!EMR+MOSB^
zC@_e5Juy-FJVU|XH7qaJ*2(U<=<&)e)oj*21HYMXx23Nx&Mo16d~2=Q`sFF*Ctlxd
ze|*I_Z)V|}V>`=!Z{8KS_x9GSQ|4tGsvh3<oT1=th`PT_{=NT=ix<mp6LdRv^H<g4
z+}+!?Hiv$Y+}=A|c6aRVi_hNXMB2XF`hJP+?5!K0>^gSSsMdJ*WZ%8j3=Aw&Kx+X?
z*Ihb)bnBl#Iic6{zCN^g&csmm4%Alne|zJl{l3RC`$K2$wRoGTo_p^__tCP~H`jif
za_hyM>z`xHXFolE?A2_k^2gox9beir>=0b{Q|9GdmREaanAVlf-X48E?#1D~f9l?{
zuRi?c(|OgF42B(cd`DKvZis(VvXoa*iecS+-sUf_CT`rDu>DrC?fUHXTYpwv+kE}j
zp6GR<)z_}=o_+e-+pTsi4YOTgk$LZ17U%4{54K(W_;_06`a5ZFZ@x;~`1RI4+1*#4
z?F~Es%INW(Gv<D_kGEtS?=D^U_Rg28wf6SXTYpD=c^Fpwg|Xpo;in@XPlF;>;`~YB
z<7X$bF*FEa?THllHhuZDYwNXjckRnw@4eOkx`dfw%8joId#~QQ^v3r0N84Ndxoix1
zde=*`+IbcD=3R}BiPv^AVb~yEGD+KgqWSHEYg3+YEi5ySiO$=8YxC^uTc?-3yL~RN
zWp?cETc2~bZN6`@?bhG??Y|1l>uwk7+9gY0<!87vC+g&}#+=fQh`+a91s?x;YR%uz
zS&y%5j(!{Y_fA-@-1A*#+QxmaE7ujSt9|?8qo4a^bL+D0>$11Mxt7k%V6nq0d;SeA
zk6baOu>N;%m(07H<-fA`T&3;#(#?_oa&*|QKYh-?@NM<#rZ1a%ozCU8&VPHYc<t@Y
zlg$j~T}`a|`F!@tvsJMS2Y#(lK3kgF#lldq`9|P`duvN;z9-vOuRXi_Y1G#A+`Z<}
zGvuECV_<mjENHGx;hxI>?0s=RpO`)4$lu0wq<39<>CD2g9TLmu72eu9^RCtPTLHVS
zo|1k2cTZ%k>b9!;>r&;XUD<kjesAF~NroMkb8HH0M3%_cym%;mSB!z-hPmH7i#$+A
zathY2VWW1L*`0Hnig$0^a^1pvUGL^8H}Z7uZkt`Uy8c_!+iz=^-e+iNe$*xS^6JBM
z>umGsy8>_b#(SIJPLsL)GJ5tT1_pM|^w&z}*W$QNGB9k&d84qmtfg@I{zLNVM~bY2
z?Y-9S>pOdH``x<|<(KRq&&%GOdoRoV@Yz#q%kvl-nseUF=3V`2Z@BN@8<`#VUj0}b
zcfU7adsX!FtJk;OGiiN#{krz%=)cDAc3ztn8=bb=>X_~ITc2i6l}yhPU^sC0(JueD
zH`WTCZ8kC5b<?!3TKJjUakI0#*KwR!`kaZuB15OXd~$>})4sATm75<=JH6XcfFYr#
z$t2nLwZ=+rh6ice7Axe66c_KlYJYvz{Oi|tODEn+XJW9>SjTbc@fzkm7kl#_M_Erz
z*!*EzWc9Y-^L}e>ucuw#cl+<=INRH`^UYq(e>;zxq2ctZ$?ARP{B~bH^yaZMFuajg
z_m?qumttV>qO`w#Ak=YJ=Dn%QDz7hN*DN+T&A?DFQxMdr4*;i<4-4D#ORO0f67E}6
sKH346P(*b0OD0{E;b&k-sQGU{nZve8y1Qd90|Nttr>mdKI;Vst0Mydvp#T5?

literal 0
HcmV?d00001