hello@Nizernizer, I want to know what the problem is solved by this commit?
From the code point of view, it seems to be for the hash of 'String' to do processing, but I do not quite understand why to do.

hello@Nizernizer, I want to know what the problem is solved by this commit? From the code point of view, it seems to be for the hash of 'String' to do processing, but I do not quite understand why to do.

Principle of IAST taint tracking: It involves computing the address hash of a taint and using that value to determine its propagation. In typical scenarios, this hash value is expected to be unique.

Reason for false positives: Address hash collision caused by certain factors, resulting in two unrelated objects having the same hash value. IAST mistakenly considers these two objects as the same taint, leading to false positives.

Subsequent fix: The taint's hash will be modified to use a dual binding of address hash and value hash, ensuring that hash collisions do not occur and resolving the issue of false positives.

So why not double hash bind any object?
Is it because most classes don't override 'hashcode()' so that 'address hash' is equal to 'value hash'?
Or some classes actively call hashcode () will report an error?
What other considerations?