svf-tools 1.0.981 → 1.0.982

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.981",
+  "version": "1.0.982",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf/include/AE/Svfexe/AEDetector.h

@@ -218,21 +218,9 @@ public:
      */
     void addBugToReporter(const AEException& e, const ICFGNode* node)
     {
-        const SVFInstruction* inst = nullptr;
-
-        // Determine the instruction associated with the ICFG node
-        if (const CallICFGNode* call = SVFUtil::dyn_cast<CallICFGNode>(node))
-        {
-            inst = call->getCallSite(); // If the node is a call node, get the call site instruction
-        }
-        else
-        {
-            inst = node->getSVFStmts().back()->getInst(); // Otherwise, get the last instruction of the node's
-            // statements
-        }
 
         GenericBug::EventStack eventStack;
-        SVFBugEvent sourceInstEvent(SVFBugEvent::EventType::SourceInst, inst);
+        SVFBugEvent sourceInstEvent(SVFBugEvent::EventType::SourceInst, node);
         eventStack.push_back(sourceInstEvent); // Add the source instruction event to the event stack
 
         if (eventStack.empty())

package/svf/include/Graphs/ICFGNode.h

@@ -132,6 +132,8 @@ public:
 
     virtual const std::string toString() const;
 
+    virtual const std::string getSourceLoc() const = 0;
+
     void dump() const;
 
 protected:
@@ -172,6 +174,11 @@ public:
     //@}
 
     virtual const std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return "Global ICFGNode";
+    }
 };
 
 /*!
@@ -218,6 +225,11 @@ public:
     //@}
 
     const std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return inst->getSourceLoc();
+    }
 };
 
 class InterICFGNode : public ICFGNode
@@ -252,6 +264,7 @@ public:
                || node->getNodeKind() == FunRetBlock;
     }
     //@}
+    virtual const std::string getSourceLoc() const = 0;
 };
 
 
@@ -316,6 +329,11 @@ public:
     //@}
 
     const virtual std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return "function entry: " + fun->getSourceLoc();
+    }
 };
 
 /*!
@@ -377,6 +395,11 @@ public:
     //@}
 
     virtual const std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return "function ret: " + fun->getSourceLoc();
+    }
 };
 
 /*!
@@ -478,6 +501,11 @@ public:
     //@}
 
     virtual const std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return "CallICFGNode: " + cs->getSourceLoc();
+    }
 };
 
 
@@ -554,6 +582,11 @@ public:
     //@}
 
     virtual const std::string toString() const;
+
+    virtual const std::string getSourceLoc() const
+    {
+        return "RetICFGNode: " + cs->getSourceLoc();
+    }
 };
 
 } // End namespace SVF

package/svf/include/Graphs/VFGNode.h

@@ -181,12 +181,6 @@ public:
                || node->getNodeKind() == Store
                || node->getNodeKind() == Load;
     }
-
-    inline const SVFInstruction* getInst() const
-    {
-        /// should return a valid instruction unless it is a global PAGEdge
-        return pagEdge->getInst();
-    }
     //@}
 
     const SVFValue* getValue() const override;

package/svf/include/MTA/LockAnalysis.h

@@ -339,7 +339,7 @@ private:
     void handleIntra(const CxtStmt& cts);
 
     /// Handle call relations
-    void handleCallRelation(CxtLockProc& clp, const CallGraphEdge* cgEdge, CallSite call);
+    void handleCallRelation(CxtLockProc& clp, const CallGraphEdge* cgEdge, const CallICFGNode* call);
 
     /// Return true it a lock matches an unlock
     bool isAliasedLocks(const CxtLock& cl1, const CxtLock& cl2)

package/svf/include/MTA/TCT.h

@@ -167,15 +167,6 @@ public:
     {
         destroy();
     }
-    /// Get CallICFGNode given inst
-    CallICFGNode* getCallICFGNode(const SVFInstruction* inst)
-    {
-        return pta->getICFG()->getCallICFGNode(inst);
-    }
-    const ICFGNode* getICFGNode(const SVFInstruction* inst)
-    {
-        return pta->getICFG()->getICFGNode(inst);
-    }
 
     /// Get SVFFModule
     SVFModule* getSVFModule() const
@@ -497,7 +488,7 @@ private:
     //@}
 
     /// Handle call relations
-    void handleCallRelation(CxtThreadProc& ctp, const CallGraphEdge* cgEdge, CallSite call);
+    void handleCallRelation(CxtThreadProc& ctp, const CallGraphEdge* cgEdge, const CallICFGNode* call);
 
     /// Get or create a tct node based on CxtThread
     //@{

package/svf/include/SABER/SaberCondAllocator.h

@@ -49,7 +49,7 @@ class SaberCondAllocator
 public:
 
     typedef Z3Expr Condition;   /// z3 condition
-    typedef Map<u32_t, const SVFInstruction *> IndexToTermInstMap; /// id to instruction map for z3
+    typedef Map<u32_t, const ICFGNode*> IndexToTermInstMap; /// id to instruction map for z3
     typedef Map<u32_t,Condition> CondPosMap;		///< map a branch to its Condition
     typedef Map<const SVFBasicBlock*, CondPosMap > BBCondMap;	/// map bb to a Condition
     typedef Set<const SVFBasicBlock*> BasicBlockSet;
@@ -118,21 +118,21 @@ public:
     }
 
     /// Allocate a new condition
-    Condition newCond(const SVFInstruction* inst);
+    Condition newCond(const ICFGNode* inst);
 
     /// Perform path allocation
     void allocate(const SVFModule* module);
 
     /// Get/Set instruction based on Z3 expression id
     //{@
-    inline const SVFInstruction* getCondInst(u32_t id) const
+    inline const ICFGNode* getCondInst(u32_t id) const
     {
         IndexToTermInstMap::const_iterator it = idToTermInstMap.find(id);
         assert(it != idToTermInstMap.end() && "this should be a fresh condition");
         return it->second;
     }
 
-    inline void setCondInst(const Condition &condition, const SVFInstruction* inst)
+    inline void setCondInst(const Condition &condition, const ICFGNode* inst)
     {
         assert(idToTermInstMap.find(condition.id()) == idToTermInstMap.end() && "this should be a fresh condition");
         idToTermInstMap[condition.id()] = inst;
@@ -235,7 +235,7 @@ public:
 
 
     /// mark neg Z3 expression
-    inline void setNegCondInst(const Condition &condition, const SVFInstruction* inst)
+    inline void setNegCondInst(const Condition &condition, const ICFGNode* inst)
     {
         setCondInst(condition, inst);
         negConds.set(condition.id());

package/svf/include/Util/SVFBugReport.h

@@ -62,10 +62,10 @@ public:
 
 protected:
     u32_t typeAndInfoFlag;
-    const SVFInstruction *eventInst;
+    const ICFGNode *eventInst;
 
 public:
-    SVFBugEvent(u32_t typeAndInfoFlag, const SVFInstruction *eventInst): typeAndInfoFlag(typeAndInfoFlag), eventInst(eventInst) { };
+    SVFBugEvent(u32_t typeAndInfoFlag, const ICFGNode *eventInst): typeAndInfoFlag(typeAndInfoFlag), eventInst(eventInst) { };
     virtual ~SVFBugEvent() = default;
 
     inline u32_t getEventType() const

package/svf/include/Util/SVFUtil.h

@@ -206,7 +206,12 @@ inline bool isNonInstricCallSite(const ICFGNode* inst)
     return isCallSite(inst);
 }
 
-/// Return LLVM callsite given an instruction
+
+
+/// Return callsite given an instruction
+CallSite getSVFCallSite(const ICFGNode* inst);
+
+/// Return callsite given an instruction
 inline CallSite getSVFCallSite(const SVFInstruction* inst)
 {
     assert(isCallSite(inst) && "not a callsite?");

package/svf/lib/Graphs/IRGraph.cpp

@@ -273,13 +273,11 @@ struct DOTGraphTraits<IRGraph*> : public DefaultDOTGraphTraits
         assert(edge && "No edge found!!");
         if(const CallPE* calledge = SVFUtil::dyn_cast<CallPE>(edge))
         {
-            const SVFInstruction* callInst= calledge->getCallSite()->getCallSite();
-            return callInst->getSourceLoc();
+            return calledge->getCallSite()->getSourceLoc();
         }
         else if(const RetPE* retedge = SVFUtil::dyn_cast<RetPE>(edge))
         {
-            const SVFInstruction* callInst= retedge->getCallSite()->getCallSite();
-            return callInst->getSourceLoc();
+            return retedge->getCallSite()->getSourceLoc();
         }
         return "";
     }

package/svf/lib/MTA/LockAnalysis.cpp

@@ -286,7 +286,7 @@ void LockAnalysis::collectCxtLock()
                 DBOUT(DMTA,
                       outs() << "\nCollecting CxtLocks: handling direct call:" << **cit << "\t" << cgEdge->getSrcNode()->getFunction()->getName()
                       << "-->" << cgEdge->getDstNode()->getFunction()->getName() << "\n");
-                handleCallRelation(clp, cgEdge, getSVFCallSite((*cit)->getCallSite()));
+                handleCallRelation(clp, cgEdge, *cit);
             }
             for (CallGraphEdge::CallInstSet::const_iterator ind = cgEdge->indirectCallsBegin(), eind = cgEdge->indirectCallsEnd();
                     ind != eind; ++ind)
@@ -295,7 +295,7 @@ void LockAnalysis::collectCxtLock()
                       outs() << "\nCollecting CxtLocks: handling indirect call:" << **ind << "\t"
                       << cgEdge->getSrcNode()->getFunction()->getName() << "-->" << cgEdge->getDstNode()->getFunction()->getName()
                       << "\n");
-                handleCallRelation(clp, cgEdge, getSVFCallSite((*ind)->getCallSite()));
+                handleCallRelation(clp, cgEdge, *ind);
             }
         }
     }
@@ -305,11 +305,11 @@ void LockAnalysis::collectCxtLock()
 /*!
  * Handling call relations when collecting context-sensitive locks
  */
-void LockAnalysis::handleCallRelation(CxtLockProc& clp, const CallGraphEdge* cgEdge, CallSite cs)
+void LockAnalysis::handleCallRelation(CxtLockProc& clp, const CallGraphEdge* cgEdge, const CallICFGNode* cs)
 {
 
     CallStrCxt cxt(clp.getContext());
-    const ICFGNode* curNode = tct->getICFGNode(cs.getInstruction());
+    const ICFGNode* curNode = cs;
     if (isTDAcquire(curNode))
     {
         addCxtLock(cxt,curNode);

package/svf/lib/MTA/MHP.cpp

@@ -912,7 +912,7 @@ void ForkJoinAnalysis::handleRet(const CxtStmt& cts)
                 cit != ecit; ++cit)
         {
             CallStrCxt newCxt = curCxt;
-            const ICFGNode* curNode = tct->getICFGNode((*cit)->getCallSite());
+            const ICFGNode* curNode = (*cit);
             if (matchCxt(newCxt, SVFUtil::cast<CallICFGNode>(curNode), curFunNode->getFunction()))
             {
                 for(const ICFGEdge* outEdge : curNode->getOutEdges())
@@ -930,7 +930,7 @@ void ForkJoinAnalysis::handleRet(const CxtStmt& cts)
                 cit != ecit; ++cit)
         {
             CallStrCxt newCxt = curCxt;
-            const ICFGNode* curNode = tct->getICFGNode((*cit)->getCallSite());
+            const ICFGNode* curNode = (*cit);
 
             if (matchCxt(newCxt, SVFUtil::cast<CallICFGNode>(curNode), curFunNode->getFunction()))
             {

package/svf/lib/MTA/MTA.cpp

@@ -135,7 +135,6 @@ void MTA::detect(SVFModule* module)
     SVFIR* pag = SVFIR::getPAG();
     PointerAnalysis* pta = AndersenWaveDiff::createAndersenWaveDiff(pag);
 
-    Set<const SVFInstruction*> needcheckinst;
     // Add symbols for all of the functions and the instructions in them.
     for (const SVFFunction* F : module->getFunctionSet())
     {

package/svf/lib/MTA/TCT.cpp

@@ -240,13 +240,13 @@ void TCT::collectMultiForkedThreads()
 /*!
  * Handle call relations
  */
-void TCT::handleCallRelation(CxtThreadProc& ctp, const CallGraphEdge* cgEdge, CallSite cs)
+void TCT::handleCallRelation(CxtThreadProc& ctp, const CallGraphEdge* cgEdge, const CallICFGNode* cs)
 {
     const SVFFunction* callee = cgEdge->getDstNode()->getFunction();
 
     CallStrCxt cxt(ctp.getContext());
     CallStrCxt oldCxt = cxt;
-    const CallICFGNode* callNode = SVFUtil::cast<CallICFGNode>(getICFGNode(cs.getInstruction()));
+    const CallICFGNode* callNode = cs;
     pushCxt(cxt,callNode,callee);
 
     if(cgEdge->getEdgeKind() == CallGraphEdge::CallRetEdge)
@@ -416,13 +416,13 @@ void TCT::build()
                     ecit = cgEdge->directCallsEnd(); cit!=ecit; ++cit)
             {
                 DBOUT(DMTA,outs() << "\nTCT handling direct call:" << **cit << "\t" << cgEdge->getSrcNode()->getFunction()->getName() << "-->" << cgEdge->getDstNode()->getFunction()->getName() << "\n");
-                handleCallRelation(ctp,cgEdge,getSVFCallSite((*cit)->getCallSite()));
+                handleCallRelation(ctp,cgEdge,*cit);
             }
             for(CallGraphEdge::CallInstSet::const_iterator ind = cgEdge->indirectCallsBegin(),
                     eind = cgEdge->indirectCallsEnd(); ind!=eind; ++ind)
             {
                 DBOUT(DMTA,outs() << "\nTCT handling indirect call:" << **ind << "\t" << cgEdge->getSrcNode()->getFunction()->getName() << "-->" << cgEdge->getDstNode()->getFunction()->getName() << "\n");
-                handleCallRelation(ctp,cgEdge,getSVFCallSite((*ind)->getCallSite()));
+                handleCallRelation(ctp,cgEdge,*ind);
             }
         }
     }

package/svf/lib/MemoryModel/PointerAnalysis.cpp

@@ -509,11 +509,9 @@ void PointerAnalysis::validateSuccessTests(std::string fun)
 
         for(const CallICFGNode* callNode : pag->getCallSiteSet())
         {
-            const SVFInstruction* svfInst = callNode->getCallSite();
-            if (SVFUtil::getCallee(svfInst) == checkFun)
+            if (SVFUtil::getCallee(callNode) == checkFun)
             {
-
-                CallSite cs(svfInst);
+                CallSite cs = SVFUtil::getSVFCallSite(callNode);
                 assert(cs.getNumArgOperands() == 2
                        && "arguments should be two pointers!!");
                 const SVFValue* V1 = cs.getArgOperand(0);
@@ -551,12 +549,12 @@ void PointerAnalysis::validateSuccessTests(std::string fun)
 
                 if (checkSuccessful)
                     outs() << sucMsg("\t SUCCESS :") << fun << " check <id:" << id1 << ", id:" << id2 << "> at ("
-                           << svfInst->getSourceLoc() << ")\n";
+                           << callNode->getSourceLoc() << ")\n";
                 else
                 {
                     SVFUtil::errs() << errMsg("\t FAILURE :") << fun
                                     << " check <id:" << id1 << ", id:" << id2
-                                    << "> at (" << svfInst->getSourceLoc() << ")\n";
+                                    << "> at (" << callNode->getSourceLoc() << ")\n";
                     assert(false && "test case failed!");
                 }
             }
@@ -577,10 +575,9 @@ void PointerAnalysis::validateExpectedFailureTests(std::string fun)
 
         for(const CallICFGNode* callNode : pag->getCallSiteSet())
         {
-            const SVFInstruction* svfInst = callNode->getCallSite();
-            if (SVFUtil::getCallee(svfInst) == checkFun)
+            if (SVFUtil::getCallee(callNode) == checkFun)
             {
-                CallSite call = getSVFCallSite(svfInst);
+                CallSite call = getSVFCallSite(callNode);
                 assert(call.arg_size() == 2
                        && "arguments should be two pointers!!");
                 const SVFValue* V1 = call.getArgOperand(0);

package/svf/lib/SABER/DoubleFreeChecker.cpp

@@ -42,7 +42,7 @@ void DoubleFreeChecker::reportBug(ProgSlice* slice)
         GenericBug::EventStack eventStack;
         slice->evalFinalCond2Event(eventStack);
         eventStack.push_back(
-            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())->getCallSite()));
+            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())));
         report.addSaberBug(GenericBug::DOUBLEFREE, eventStack);
     }
     if(Options::ValidateTests())

package/svf/lib/SABER/FileChecker.cpp

@@ -39,10 +39,7 @@ void FileChecker::reportBug(ProgSlice* slice)
     if(isAllPathReachable() == false && isSomePathReachable() == false)
     {
         // full leakage
-        GenericBug::EventStack eventStack =
-        {
-            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())->getCallSite())
-        };
+        GenericBug::EventStack eventStack = { SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())) };
         report.addSaberBug(GenericBug::FILENEVERCLOSE, eventStack);
     }
     else if (isAllPathReachable() == false && isSomePathReachable() == true)
@@ -50,7 +47,7 @@ void FileChecker::reportBug(ProgSlice* slice)
         GenericBug::EventStack eventStack;
         slice->evalFinalCond2Event(eventStack);
         eventStack.push_back(
-            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())->getCallSite()));
+            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())));
         report.addSaberBug(GenericBug::FILEPARTIALCLOSE, eventStack);
     }
 }

package/svf/lib/SABER/LeakChecker.cpp

@@ -154,7 +154,7 @@ void LeakChecker::reportBug(ProgSlice* slice)
         // full leakage
         GenericBug::EventStack eventStack =
         {
-            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())->getCallSite())
+            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource()))
         };
         report.addSaberBug(GenericBug::NEVERFREE, eventStack);
     }
@@ -164,7 +164,7 @@ void LeakChecker::reportBug(ProgSlice* slice)
         GenericBug::EventStack eventStack;
         slice->evalFinalCond2Event(eventStack);
         eventStack.push_back(
-            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())->getCallSite()));
+            SVFBugEvent(SVFBugEvent::SourceInst, getSrcCSID(slice->getSource())));
         report.addSaberBug(GenericBug::PARTIALLEAK, eventStack);
     }
 

package/svf/lib/SABER/ProgSlice.cpp

@@ -198,7 +198,7 @@ void ProgSlice::evalFinalCond2Event(GenericBug::EventStack &eventStack) const
     NodeBS elems = pathAllocator->exactCondElem(finalCond);
     for(NodeBS::iterator it = elems.begin(), eit = elems.end(); it!=eit; ++it)
     {
-        const SVFInstruction* tinst = pathAllocator->getCondInst(*it);
+        const ICFGNode* tinst = pathAllocator->getCondInst(*it);
         if(pathAllocator->isNegCond(*it))
             eventStack.push_back(SVFBugEvent(
                                      SVFBugEvent::Branch|((((u32_t)false) << 4) & BRANCHFLAGMASK), tinst));
@@ -226,7 +226,7 @@ std::string ProgSlice::evalFinalCond() const
 
     for(NodeBS::iterator it = elems.begin(), eit = elems.end(); it!=eit; ++it)
     {
-        const SVFInstruction* tinst = pathAllocator->getCondInst(*it);
+        const ICFGNode* tinst = pathAllocator->getCondInst(*it);
         if(pathAllocator->isNegCond(*it))
             locations.insert(tinst->getSourceLoc()+"|False");
         else

package/svf/lib/SABER/SaberCondAllocator.cpp

@@ -99,7 +99,7 @@ void SaberCondAllocator::allocateForBB(const SVFBasicBlock &bb)
         std::vector<Condition> condVec;
         for (u32_t i = 0; i < bit_num; i++)
         {
-            const SVFInstruction* svfInst = cast<IntraICFGNode>(bb.back())->getInst();
+            const IntraICFGNode* svfInst = cast<IntraICFGNode>(bb.back());
             condVec.push_back(newCond(svfInst));
         }
 
@@ -593,7 +593,7 @@ void SaberCondAllocator::printPathCond()
 }
 
 /// Allocate a new condition
-SaberCondAllocator::Condition SaberCondAllocator::newCond(const SVFInstruction* inst)
+SaberCondAllocator::Condition SaberCondAllocator::newCond(const ICFGNode* inst)
 {
     u32_t condCountIdx = totalCondNum++;
     Condition expr = Condition::getContext().bool_const(("c" + std::to_string(condCountIdx)).c_str());

package/svf/lib/Util/SVFBugReport.cpp

@@ -276,7 +276,7 @@ void PartialNullPtrDereferenceBug::printBugToTerminal() const
 
 const std::string SVFBugEvent::getFuncName() const
 {
-    return eventInst->getFunction()->getName();
+    return eventInst->getFun()->getName();
 }
 
 const std::string SVFBugEvent::getEventLoc() const

package/svf/lib/Util/SVFUtil.cpp

@@ -330,6 +330,13 @@ bool SVFUtil::isCallSite(const ICFGNode* inst)
     return SVFUtil::isa<CallICFGNode>(inst);
 }
 
+CallSite SVFUtil::getSVFCallSite(const ICFGNode* inst)
+{
+    assert(isCallSite(inst) && "not a callsite?");
+    CallSite cs(cast<CallICFGNode>(inst)->getCallSite());
+    return cs;
+}
+
 bool SVFUtil::isIntrinsicInst(const ICFGNode* inst)
 {
     if (const CallICFGNode* call = SVFUtil::dyn_cast<CallICFGNode>(inst))