This PR reworks how we interpret SummarizedCallable::clearsContent(int i, Content c). Before this PR, we would insert content-clearing at the relevant argument nodes to a summarized callable. However, that does not work when we want to model a callable that consumes some content, that is, both reads from the contents and afterwards clears it, since clearing at the argument would not allow for reading the content inside the summarized callable.

This PR instead synthesizes two new nodes inside the callable:

p --local--> synth1
 \
  --local--> synth2

where p is the ith parameter node for the callable. Content-clearing is inserted at synth1, and synth1 becomes a post-update node for synth2. This effectively allows for flow into p and back out again, but only if data is not stored in the relevant content. (We could in principle have avoided synth2 and make synth1 a post-update node for p, but that may break the invariant that each node has at most one post-update node).

The above only works, however, if flow at calls to the summarized callable does not skip over the argument. Example

a.b = taint;
a.clearB(); // assume we have a flow summary for `clearB` that clears `b` on the qualifier
sink(a.b);

In the above, flow should not pass from a on the first line (or the second line) to a on the third line. Instead, the flow summary will allow for flow from a on line 2 to the post-update node for a on that line, and from there use-use flow to a on the third line.