svf-tools 1.0.1002 → 1.0.1004

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.1002",
+  "version": "1.0.1004",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/Graphs/CallGraph.h

@@ -189,6 +189,11 @@ public:
 
     }
 
+    inline const std::string &getName() const
+    {
+        return fun->getName();
+    }
+
     /// Get function of this call node
     inline const SVFFunction* getFunction() const
     {
@@ -254,8 +259,6 @@ public:
     };
 
 private:
-    CGEK kind;
-
     /// Indirect call map
     CallEdgeMap indirectCallMap;
 
@@ -270,6 +273,7 @@ protected:
 
     NodeID callGraphNodeNum;
     u32_t numOfResolvedIndCallEdge;
+    CGEK kind;
 
     /// Clean up memory
     void destroy();
@@ -278,7 +282,9 @@ public:
     /// Constructor
     CallGraph(CGEK k = NormCallGraph);
 
-    /// Add callgraph Node
+    /// Copy constructor
+    CallGraph(const CallGraph& other);
+
     void addCallGraphNode(const SVFFunction* fun);
 
     /// Destructor

package/svf/include/Graphs/ICFG.h

@@ -143,7 +143,7 @@ protected:
     /// Add intraprocedural and interprocedural control-flow edges.
     //@{
     ICFGEdge* addIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode);
-    ICFGEdge* addConditionalIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode, const SVFValue* condition, s32_t branchCondVal);
+    ICFGEdge* addConditionalIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode, s64_t branchCondVal);
     ICFGEdge* addCallEdge(ICFGNode* srcNode, ICFGNode* dstNode);
     ICFGEdge* addRetEdge(ICFGNode* srcNode, ICFGNode* dstNode);
     //@}

package/svf/include/Graphs/ICFGEdge.h

@@ -114,6 +114,8 @@ class IntraCFGEdge : public ICFGEdge
 {
     friend class SVFIRWriter;
     friend class SVFIRReader;
+    friend class ICFG;
+    friend class SVFIRBuilder;
 
 public:
     /// Constructor
@@ -137,7 +139,7 @@ public:
     }
     //@}
 
-    const SVFValue* getCondition() const
+    const SVFVar* getCondition() const
     {
         return conditionVar;
     }
@@ -148,12 +150,6 @@ public:
         return branchCondVal;
     }
 
-    void setBranchCondition(const SVFValue* c, s64_t bVal)
-    {
-        conditionVar = c;
-        branchCondVal = bVal;
-    }
-
     virtual const std::string toString() const;
 
 private:
@@ -166,8 +162,18 @@ private:
     ///       Inst3: label 1;
     /// for edge between Inst1 and Inst 2, the first element is %cmp and
     /// the second element is 0
-    const SVFValue* conditionVar;
+    const SVFVar* conditionVar;
     s64_t branchCondVal;
+
+    inline void setConditionVar(const SVFVar* c)
+    {
+        conditionVar = c;
+    }
+
+    inline void setBranchCondVal(s64_t bVal)
+    {
+        branchCondVal = bVal;
+    }
 };
 
 /*!

package/svf/include/Graphs/ThreadCallGraph.h

@@ -172,7 +172,10 @@ public:
     typedef Map<const CallICFGNode*, ParForEdgeSet> CallInstToParForEdgesMap;
 
     /// Constructor
-    ThreadCallGraph();
+    ThreadCallGraph(const CallGraph& cg);
+
+    ThreadCallGraph(ThreadCallGraph& cg) = delete;
+
     /// Destructor
     virtual ~ThreadCallGraph()
     {

package/svf/include/SVFIR/SVFIR.h

@@ -98,6 +98,7 @@ private:
     ICFG* icfg; // ICFG
     CommonCHGraph* chgraph; // class hierarchy graph
     CallSiteSet callSiteSet; /// all the callsites of a program
+    CallGraph* callGraph; /// call graph
 
     static std::unique_ptr<SVFIR> pag;	///< Singleton pattern here to enable instance of SVFIR can only be created once.
 
@@ -182,6 +183,18 @@ public:
         assert(chgraph && "empty ICFG! Build SVF IR first!");
         return chgraph;
     }
+
+    /// Set/Get CG
+    inline void setCallGraph(CallGraph* c)
+    {
+        callGraph = c;
+    }
+    inline CallGraph* getCallGraph()
+    {
+        assert(callGraph && "empty CallGraph! Build SVF IR first!");
+        return callGraph;
+    }
+
     /// Get/set methods to get SVFStmts based on their kinds and ICFGNodes
     //@{
     /// Get edges set according to its kind

package/svf/include/SVFIR/SVFModule.h

@@ -130,23 +130,6 @@ public:
 
     /// Iterators
     ///@{
-    iterator begin()
-    {
-        return FunctionSet.begin();
-    }
-    const_iterator begin() const
-    {
-        return FunctionSet.begin();
-    }
-    iterator end()
-    {
-        return FunctionSet.end();
-    }
-    const_iterator end() const
-    {
-        return FunctionSet.end();
-    }
-
     global_iterator global_begin()
     {
         return GlobalSet.begin();

package/svf/include/Util/CallGraphBuilder.h

@@ -38,34 +38,18 @@ namespace SVF
 {
 
 class ICFG;
+class SVFModule;
 
 class CallGraphBuilder
 {
-
-protected:
-    CallGraph* callgraph;
-    ICFG* icfg;
 public:
-    CallGraphBuilder(CallGraph* cg, ICFG* i): callgraph(cg),icfg(i)
-    {
-    }
-
-    /// Build normal callgraph
-    CallGraph* buildCallGraph(SVFModule* svfModule);
-
-};
+    CallGraphBuilder()=default;
 
-class ThreadCallGraphBuilder : public CallGraphBuilder
-{
-
-public:
-    ThreadCallGraphBuilder(ThreadCallGraph* cg, ICFG* i): CallGraphBuilder(cg,i)
-    {
-    }
+    /// Buidl SVFIR callgraoh
+    CallGraph* buildSVFIRCallGraph(SVFModule* svfModule);
 
     /// Build thread-aware callgraph
-    CallGraph* buildThreadCallGraph(SVFModule* svfModule);
-
+    ThreadCallGraph* buildThreadCallGraph();
 };
 
 } // End namespace SVF

package/svf/include/Util/SVFUtil.h

@@ -327,29 +327,11 @@ inline bool isProgEntryFunction(const SVFFunction* fun)
     return fun && fun->getName() == "main";
 }
 
-/// Get program entry function from module.
-inline const SVFFunction* getProgFunction(SVFModule* svfModule, const std::string& funName)
-{
-    for (SVFModule::const_iterator it = svfModule->begin(), eit = svfModule->end(); it != eit; ++it)
-    {
-        const SVFFunction *fun = *it;
-        if (fun->getName()==funName)
-            return fun;
-    }
-    return nullptr;
-}
+/// Get program entry function from function name.
+const SVFFunction* getProgFunction(const std::string& funName);
 
-/// Get program entry function from module.
-inline const SVFFunction* getProgEntryFunction(SVFModule* svfModule)
-{
-    for (SVFModule::const_iterator it = svfModule->begin(), eit = svfModule->end(); it != eit; ++it)
-    {
-        const SVFFunction *fun = *it;
-        if (isProgEntryFunction(fun))
-            return (fun);
-    }
-    return nullptr;
-}
+/// Get program entry function.
+const SVFFunction* getProgEntryFunction();
 
 /// Return true if this is a program exit function call
 //@{

package/svf/lib/AE/Svfexe/AbstractInterpretation.cpp

@@ -452,9 +452,7 @@ bool AbstractInterpretation::isSwitchBranchFeasible(const SVFVar* var, s64_t suc
 bool AbstractInterpretation::isBranchFeasible(const IntraCFGEdge* intraEdge,
         AbstractState& as)
 {
-    const SVFValue *cond = intraEdge->getCondition();
-    NodeID cmpID = svfir->getValueNode(cond);
-    SVFVar *cmpVar = svfir->getGNode(cmpID);
+    const SVFVar *cmpVar = intraEdge->getCondition();
     if (cmpVar->getInEdges().empty())
     {
         return isSwitchBranchFeasible(cmpVar,

package/svf/lib/Graphs/CallGraph.cpp

@@ -112,6 +112,39 @@ CallGraph::CallGraph(CGEK k): kind(k)
     numOfResolvedIndCallEdge = 0;
 }
 
+/// Copy constructor
+CallGraph::CallGraph(const CallGraph& other)
+{
+    callGraphNodeNum = other.callGraphNodeNum;
+    numOfResolvedIndCallEdge = 0;
+    kind = other.kind;
+
+    /// copy call graph nodes
+    for (const auto& item : other)
+    {
+        const CallGraphNode* cgn = item.second;
+        CallGraphNode* callGraphNode = new CallGraphNode(cgn->getId(), cgn->getFunction());
+        addGNode(cgn->getId(),callGraphNode);
+        funToCallGraphNodeMap[cgn->getFunction()] = callGraphNode;
+    }
+
+    /// copy edges
+    for (const auto& item : other.callinstToCallGraphEdgesMap)
+    {
+        const CallICFGNode* cs = item.first;
+        for (const CallGraphEdge* edge : item.second)
+        {
+            CallGraphNode* src = getCallGraphNode(edge->getSrcID());
+            CallGraphNode* dst = getCallGraphNode(edge->getDstID());
+            CallGraphEdge* newEdge = new CallGraphEdge(src,dst,CallGraphEdge::CallRetEdge,edge->getCallSiteID());
+            newEdge->addDirectCallSite(cs);
+            addEdge(newEdge);
+            callinstToCallGraphEdgesMap[cs].insert(newEdge);
+        }
+    }
+
+}
+
 /*!
  *  Memory has been cleaned up at GenericGraph
  */
@@ -124,10 +157,10 @@ void CallGraph::destroy()
  */
 void CallGraph::addCallGraphNode(const SVFFunction* fun)
 {
-    NodeID id = callGraphNodeNum;
-    CallGraphNode* callGraphNode = new CallGraphNode(id, fun);
-    addGNode(id,callGraphNode);
-    funToCallGraphNodeMap[fun] = callGraphNode;
+    NodeID id  = callGraphNodeNum;
+    CallGraphNode *callGraphNode = new CallGraphNode(id, fun);
+    addGNode(id, callGraphNode);
+    funToCallGraphNodeMap[callGraphNode->getFunction()] = callGraphNode;
     callGraphNodeNum++;
 }
 

package/svf/lib/Graphs/ICFG.cpp

@@ -341,7 +341,7 @@ ICFGEdge* ICFG::addIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode)
 /*!
  * Add conditional intraprocedural edges between two nodes
  */
-ICFGEdge* ICFG::addConditionalIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode, const SVFValue* condition, s32_t branchCondVal)
+ICFGEdge* ICFG::addConditionalIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode, s64_t branchCondVal)
 {
 
     checkIntraEdgeParents(srcNode, dstNode);
@@ -354,7 +354,7 @@ ICFGEdge* ICFG::addConditionalIntraEdge(ICFGNode* srcNode, ICFGNode* dstNode, co
     else
     {
         IntraCFGEdge* intraEdge = new IntraCFGEdge(srcNode,dstNode);
-        intraEdge->setBranchCondition(condition,branchCondVal);
+        intraEdge->setBranchCondVal(branchCondVal);
         return (addICFGEdge(intraEdge) ? intraEdge : nullptr);
     }
 }

package/svf/lib/Graphs/SVFG.cpp

@@ -427,9 +427,7 @@ void SVFG::connectIndirectSVFGEdges()
  */
 void SVFG::connectFromGlobalToProgEntry()
 {
-    SVFModule* svfModule = mssa->getPTA()->getModule();
-    const SVFFunction* mainFunc =
-        SVFUtil::getProgEntryFunction(svfModule);
+    const SVFFunction* mainFunc = SVFUtil::getProgEntryFunction();
     FormalINSVFGNodeSet& formalIns = getFormalINSVFGNodes(mainFunc);
     if (formalIns.empty())
         return;

package/svf/lib/Graphs/ThreadCallGraph.cpp

@@ -39,9 +39,10 @@ using namespace SVFUtil;
 /*!
  * Constructor
  */
-ThreadCallGraph::ThreadCallGraph() :
-    CallGraph(ThdCallGraph), tdAPI(ThreadAPI::getThreadAPI())
+ThreadCallGraph::ThreadCallGraph(const CallGraph& cg) :
+    CallGraph(cg), tdAPI(ThreadAPI::getThreadAPI())
 {
+    kind = ThdCallGraph;
     DBOUT(DGENERAL, outs() << SVFUtil::pasMsg("Building ThreadCallGraph\n"));
 }
 

package/svf/lib/MSSA/MemRegion.cpp

@@ -173,11 +173,10 @@ SVFIR::SVFStmtList& MRGenerator::getPAGEdgesFromInst(const ICFGNode* node)
 void MRGenerator::collectModRefForLoadStore()
 {
 
-    SVFModule* svfModule = pta->getModule();
-    for (SVFModule::const_iterator fi = svfModule->begin(), efi = svfModule->end(); fi != efi;
-            ++fi)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
-        const SVFFunction& fun = **fi;
+        const SVFFunction& fun = *item.second->getFunction();
 
         /// if this function does not have any caller, then we do not care its MSSA
         if (Options::IgnoreDeadFun() && fun.isUncalledFunction())

package/svf/lib/MSSA/MemSSA.cpp

@@ -575,10 +575,10 @@ u32_t MemSSA::getBBPhiNum() const
 void MemSSA::dumpMSSA(OutStream& Out)
 {
 
-    for (SVFModule::iterator fit = pta->getModule()->begin(), efit = pta->getModule()->end();
-            fit != efit; ++fit)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
-        const SVFFunction* fun = *fit;
+        const SVFFunction* fun = item.second->getFunction();
         if(Options::MSSAFun()!="" && Options::MSSAFun()!=fun->getName())
             continue;
 

package/svf/lib/MSSA/SVFGBuilder.cpp

@@ -101,12 +101,11 @@ std::unique_ptr<MemSSA> SVFGBuilder::buildMSSA(BVDataPTAImpl* pta, bool ptrOnlyM
 
     auto mssa = std::make_unique<MemSSA>(pta, ptrOnlyMSSA);
 
-    SVFModule* svfModule = mssa->getPTA()->getModule();
-    for (SVFModule::const_iterator iter = svfModule->begin(), eiter = svfModule->end();
-            iter != eiter; ++iter)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
 
-        const SVFFunction *fun = *iter;
+        const SVFFunction *fun = item.second->getFunction();
         if (isExtCall(fun))
             continue;
 

package/svf/lib/MTA/TCT.cpp

@@ -185,9 +185,10 @@ void TCT::markRelProcs(const SVFFunction* svffun)
  */
 void TCT::collectEntryFunInCallGraph()
 {
-    for(SVFModule::const_iterator it = getSVFModule()->begin(), eit = getSVFModule()->end(); it!=eit; ++it)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
-        const SVFFunction* fun = (*it);
+        const SVFFunction* fun = item.second->getFunction();
         if (SVFUtil::isExtCall(fun))
             continue;
         CallGraphNode* node = tcg->getCallGraphNode(fun);

package/svf/lib/MemoryModel/PointerAnalysis.cpp

@@ -111,15 +111,13 @@ void PointerAnalysis::initialize()
     /// initialise pta call graph for every pointer analysis instance
     if(Options::EnableThreadCallGraph())
     {
-        ThreadCallGraph* cg = new ThreadCallGraph();
-        ThreadCallGraphBuilder bd(cg, pag->getICFG());
-        callgraph = bd.buildThreadCallGraph(pag->getModule());
+        CallGraphBuilder bd;
+        callgraph = bd.buildThreadCallGraph();
     }
     else
     {
-        CallGraph* cg = new CallGraph();
-        CallGraphBuilder bd(cg,pag->getICFG());
-        callgraph = bd.buildCallGraph(pag->getModule());
+        CallGraph* cg = pag->getCallGraph();
+        callgraph = new CallGraph(*cg);
     }
     callGraphSCCDetection();
 

package/svf/lib/SABER/SaberCondAllocator.cpp

@@ -59,8 +59,10 @@ void SaberCondAllocator::allocate(const SVFModule *M)
 {
     DBOUT(DGENERAL, outs() << pasMsg("path condition allocation starts\n"));
 
-    for (const auto &func: *M)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
+        const SVFFunction *func = (item.second)->getFunction();
         if (!SVFUtil::isExtCall(func))
         {
             // Allocate conditions for a program.

package/svf/lib/SVFIR/SVFIR.cpp

@@ -544,6 +544,8 @@ void SVFIR::destroy()
     chgraph = nullptr;
     SVFModule::releaseSVFModule();
     svfModule = nullptr;
+    delete callGraph;
+    callGraph = nullptr;
 }
 
 /*!

package/svf/lib/Util/CDGBuilder.cpp

@@ -27,6 +27,7 @@
  *      Author: Xiao Cheng
  */
 #include "Util/CDGBuilder.h"
+#include "Graphs/CallGraph.h"
 
 using namespace SVF;
 using namespace SVFUtil;
@@ -122,8 +123,10 @@ s64_t CDGBuilder::getBBSuccessorBranchID(const SVFBasicBlock *BB, const SVFBasic
  */
 void CDGBuilder::buildControlDependence(const SVFModule *svfgModule)
 {
-    for (const auto &svfFun: *svfgModule)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
+        const SVFFunction *svfFun = (item.second)->getFunction();
         if (SVFUtil::isExtCall(svfFun)) continue;
         // extract basic block edges to be processed
         Map<const SVFBasicBlock *, std::vector<const SVFBasicBlock *>> BBS;

package/svf/lib/Util/CallGraphBuilder.cpp

@@ -36,18 +36,17 @@
 using namespace SVF;
 using namespace SVFUtil;
 
-CallGraph* CallGraphBuilder::buildCallGraph(SVFModule* svfModule)
+CallGraph* CallGraphBuilder::buildSVFIRCallGraph(SVFModule* svfModule)
 {
-    /// create nodes
-    for (SVFModule::const_iterator F = svfModule->begin(), E = svfModule->end(); F != E; ++F)
+    CallGraph* callgraph = new CallGraph();
+    for (const SVFFunction* svfFunc: svfModule->getFunctionSet())
     {
-        callgraph->addCallGraphNode(*F);
+        callgraph->addCallGraphNode(svfFunc);
     }
 
-    /// create edges
-    for (SVFModule::const_iterator F = svfModule->begin(), E = svfModule->end(); F != E; ++F)
+    for (const auto& item : *callgraph)
     {
-        for (const SVFBasicBlock* svfbb : (*F)->getBasicBlockList())
+        for (const SVFBasicBlock* svfbb : (item.second)->getFunction()->getBasicBlockList())
         {
             for (const ICFGNode* inst : svfbb->getICFGNodeList())
             {
@@ -56,28 +55,24 @@ CallGraph* CallGraphBuilder::buildCallGraph(SVFModule* svfModule)
                     const CallICFGNode* callBlockNode = cast<CallICFGNode>(inst);
                     if(const SVFFunction* callee = callBlockNode->getCalledFunction())
                     {
-                        callgraph->addDirectCallGraphEdge(callBlockNode,*F,callee);
+                        callgraph->addDirectCallGraphEdge(callBlockNode,(item.second)->getFunction(),callee);
                     }
                 }
             }
         }
     }
-
     return callgraph;
 }
 
-CallGraph* ThreadCallGraphBuilder::buildThreadCallGraph(SVFModule* svfModule)
+ThreadCallGraph* CallGraphBuilder::buildThreadCallGraph()
 {
-
-    buildCallGraph(svfModule);
-
-    ThreadCallGraph* cg = dyn_cast<ThreadCallGraph>(callgraph);
-    assert(cg && "not a thread callgraph?");
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    ThreadCallGraph* cg = new ThreadCallGraph(*svfirCallGraph);
 
     ThreadAPI* tdAPI = ThreadAPI::getThreadAPI();
-    for (SVFModule::const_iterator F = svfModule->begin(), E = svfModule->end(); F != E; ++F)
+    for (const auto& item: *svfirCallGraph)
     {
-        for (const SVFBasicBlock* svfbb : (*F)->getBasicBlockList())
+        for (const SVFBasicBlock* svfbb : (item.second)->getFunction()->getBasicBlockList())
         {
             for (const ICFGNode* inst : svfbb->getICFGNodeList())
             {
@@ -100,9 +95,9 @@ CallGraph* ThreadCallGraphBuilder::buildThreadCallGraph(SVFModule* svfModule)
         }
     }
     // record join sites
-    for (SVFModule::const_iterator F = svfModule->begin(), E = svfModule->end(); F != E; ++F)
+    for (const auto& item: *svfirCallGraph)
     {
-        for (const SVFBasicBlock* svfbb : (*F)->getBasicBlockList())
+        for (const SVFBasicBlock* svfbb : (item.second)->getFunction()->getBasicBlockList())
         {
             for (const ICFGNode* node : svfbb->getICFGNodeList())
             {
@@ -117,7 +112,3 @@ CallGraph* ThreadCallGraphBuilder::buildThreadCallGraph(SVFModule* svfModule)
 
     return cg;
 }
-
-
-
-

package/svf/lib/Util/SVFStat.cpp

@@ -214,13 +214,12 @@ void SVFStat::performStat()
 
 void SVFStat::branchStat()
 {
-    SVFModule* module = SVFIR::getPAG()->getModule();
     u32_t numOfBB_2Succ = 0;
     u32_t numOfBB_3Succ = 0;
-    for (SVFModule::const_iterator funIter = module->begin(), funEiter = module->end();
-            funIter != funEiter; ++funIter)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
-        const SVFFunction* func = *funIter;
+        const SVFFunction* func = item.second->getFunction();
         for (SVFFunction::const_iterator bbIt = func->begin(), bbEit = func->end();
                 bbIt != bbEit; ++bbIt)
         {

package/svf/lib/Util/SVFUtil.cpp

@@ -396,4 +396,30 @@ bool SVFUtil::isRetInstNode(const ICFGNode* node)
 bool SVFUtil::isProgExitCall(const CallICFGNode* cs)
 {
     return isProgExitFunction(cs->getCalledFunction());
+}
+
+/// Get program entry function from module.
+const SVFFunction* SVFUtil::getProgFunction(const std::string& funName)
+{
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
+    {
+        const CallGraphNode*fun = item.second;
+        if (fun->getName()==funName)
+            return fun->getFunction();
+    }
+    return nullptr;
+}
+
+/// Get program entry function from module.
+const SVFFunction* SVFUtil::getProgEntryFunction()
+{
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
+    {
+        const CallGraphNode*fun = item.second;
+        if (isProgEntryFunction(fun->getFunction()))
+            return (fun->getFunction());
+    }
+    return nullptr;
 }

package/svf/lib/Util/ThreadAPI.cpp

@@ -33,6 +33,7 @@
 #include "Util/ThreadAPI.h"
 #include "Util/SVFUtil.h"
 #include "SVFIR/SVFIR.h"
+#include "Graphs/CallGraph.h"
 
 #include <iostream>		/// std output
 #include <stdio.h>
@@ -269,9 +270,10 @@ void ThreadAPI::performAPIStat(SVFModule* module)
 
     statInit(tdAPIStatMap);
 
-    for (SVFModule::const_iterator it = module->begin(), eit = module->end(); it != eit; ++it)
+    CallGraph* svfirCallGraph = PAG::getPAG()->getCallGraph();
+    for (const auto& item: *svfirCallGraph)
     {
-        for (SVFFunction::const_iterator bit = (*it)->begin(), ebit = (*it)->end(); bit != ebit; ++bit)
+        for (SVFFunction::const_iterator bit = (item.second)->getFunction()->begin(), ebit = (item.second)->getFunction()->end(); bit != ebit; ++bit)
         {
             const SVFBasicBlock* bb = *bit;
             for (const auto& svfInst: bb->getICFGNodeList())

package/svf-llvm/include/SVF-LLVM/LLVMModule.h

@@ -105,6 +105,7 @@ private:
     InstToBlockNodeMapTy InstToBlockNodeMap; ///< map a basic block to its ICFGNode
     FunToFunEntryNodeMapTy FunToFunEntryNodeMap; ///< map a function to its FunExitICFGNode
     FunToFunExitNodeMapTy FunToFunExitNodeMap; ///< map a function to its FunEntryICFGNode
+    CallGraph* callgraph;
 
     /// Constructor
     LLVMModuleSet();

package/svf-llvm/lib/ICFGBuilder.cpp

@@ -157,7 +157,7 @@ void ICFGBuilder::processFunBody(WorkList& worklist)
         }
         InstVec nextInsts;
         LLVMUtil::getNextInsts(inst, nextInsts);
-        u32_t branchID = 0;
+        s64_t branchID = 0;
         for (InstVec::const_iterator nit = nextInsts.begin(), enit =
                     nextInsts.end(); nit != enit; ++nit)
         {
@@ -185,7 +185,7 @@ void ICFGBuilder::processFunBody(WorkList& worklist)
             {
                 assert(branchID <= 1 && "if/else has more than two branches?");
                 if(br->isConditional())
-                    icfg->addConditionalIntraEdge(srcNode, dstNode, llvmModuleSet()->getSVFValue(br->getCondition()), 1 - branchID);
+                    icfg->addConditionalIntraEdge(srcNode, dstNode, 1 - branchID);
                 else
                     icfg->addIntraEdge(srcNode, dstNode);
             }
@@ -197,7 +197,7 @@ void ICFGBuilder::processFunBody(WorkList& worklist)
                 s64_t val = -1;
                 if (condVal && condVal->getBitWidth() <= 64)
                     val = condVal->getSExtValue();
-                icfg->addConditionalIntraEdge(srcNode, dstNode, llvmModuleSet()->getSVFValue(si->getCondition()),val);
+                icfg->addConditionalIntraEdge(srcNode, dstNode,val);
             }
             else
                 icfg->addIntraEdge(srcNode, dstNode);

package/svf-llvm/lib/LLVMModule.cpp

@@ -41,6 +41,8 @@
 #include "SVF-LLVM/ObjTypeInference.h"
 #include "llvm/Transforms/Utils/Cloning.h"
 #include "SVF-LLVM/ICFGBuilder.h"
+#include "Graphs/CallGraph.h"
+#include "Util/CallGraphBuilder.h"
 
 using namespace std;
 using namespace SVF;
@@ -169,6 +171,9 @@ void LLVMModuleSet::build()
     initSVFFunction();
     ICFGBuilder icfgbuilder;
     icfg = icfgbuilder.build();
+
+    CallGraphBuilder callGraphBuilder;
+    callgraph = callGraphBuilder.buildSVFIRCallGraph(svfModule);
 }
 
 void LLVMModuleSet::createSVFDataStructure()

package/svf-llvm/lib/SVFIRBuilder.cpp

@@ -38,6 +38,7 @@
 #include "SVFIR/SVFFileSystem.h"
 #include "SVFIR/SVFModule.h"
 #include "SVFIR/SVFValue.h"
+#include "Util/CallGraphBuilder.h"
 #include "Util/Options.h"
 #include "Util/SVFUtil.h"
 
@@ -62,6 +63,9 @@ SVFIR* SVFIRBuilder::build()
     // Build ICFG
     pag->setICFG(llvmModuleSet()->getICFG());
 
+    // Set callgraph
+    pag->setCallGraph(llvmModuleSet()->callgraph);
+
     // Set icfgnode in memobj
     for (auto& it : SymbolTableInfo::SymbolInfo()->idToObjMap())
     {
@@ -971,6 +975,17 @@ void SVFIRBuilder::visitBranchInst(BranchInst &inst)
         branchID++;
     }
     addBranchStmt(brinst, cond, successors);
+    /// set conditional svf var
+    if (inst.isConditional())
+    {
+        for (auto& edge : llvmModuleSet()->getICFGNode(&inst)->getOutEdges())
+        {
+            if (IntraCFGEdge* intraEdge = SVFUtil::dyn_cast<IntraCFGEdge>(edge))
+            {
+                intraEdge->setConditionVar(pag->getGNode(cond));
+            }
+        }
+    }
 }
 
 
@@ -1039,6 +1054,14 @@ void SVFIRBuilder::visitSwitchInst(SwitchInst &inst)
         successors.push_back(std::make_pair(icfgNode, val));
     }
     addBranchStmt(brinst, cond, successors);
+    /// set conditional svf var
+    for (auto& edge : llvmModuleSet()->getICFGNode(&inst)->getOutEdges())
+    {
+        if (IntraCFGEdge* intraEdge = SVFUtil::dyn_cast<IntraCFGEdge>(edge))
+        {
+            intraEdge->setConditionVar(pag->getGNode(cond));
+        }
+    }
 }