don't hash an union field when such a read is unsafe

A unsafe read is either use without initialization or loading of possible padding bits

src/FactUnion.cpp

@@ -275,6 +275,15 @@ FactUnion::imply(const Fact& f) const
 	return false;
 }
 
+bool
+FactUnion::is_field_readable(const Variable* v, int fid, const vector<const Fact*>& facts)
+{
+	assert(v->type->eType == eUnion && fid >=0 && fid < v->type->fields.size());
+	FactUnion tmp(v, fid);
+	const FactUnion* fu = dynamic_cast<const FactUnion*>(find_related_fact(facts, &tmp));
+	return (fu && tmp.imply(*fu)) ;
+}
+
 void 
 FactUnion::Output(std::ostream &out) const
 { 

src/FactUnion.h

@@ -59,6 +59,7 @@ class FactUnion : public Fact
 	virtual const Variable* get_var(void) const { return var;};
 	const Type* get_last_written_type(void) const;
 	int   get_last_written_fid(void) const { return last_written_fid; };
+	static bool is_field_readable(const Variable* v, int fid, const vector<const Fact*>& facts);
 
 	// lattice functions
 	virtual bool is_top(void) const { return last_written_fid == TOP;}

src/Variable.cpp

@@ -54,6 +54,7 @@
 #include "Fact.h"
 #include "FactMgr.h"
 #include "FactPointTo.h"
+#include "FactUnion.h"
 #include "random.h"
 #include "util.h"
 #include "Lhs.h"
@@ -983,8 +984,13 @@ void
 Variable::hash(std::ostream& out) const
 {  
 	if (type->is_aggregate()) {
-        size_t i;
+        size_t i; 
+		FactMgr* fm = get_fact_mgr_for_func(GetFirstFunction()); 
 		for (i=0; i<field_vars.size(); i++) {
+			if (type->eType == eUnion && !FactUnion::is_field_readable(this, i, fm->global_facts)) { 
+				// don't read union fields that is not last written into or have possible padding bits 
+				continue;
+			}
 			field_vars[i]->hash(out);
 		}
     }