[Webkit-unassigned] [Bug 98627] New: Using float/double as WTF hash table key is unreliable.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Oct 7 19:59:21 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=98627
Summary: Using float/double as WTF hash table key is
unreliable.
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Web Template Framework
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: kling at webkit.org
There's a flaw in the way WTF::FloatHash is implemented, hash() hashes the raw underlying bits of the key value, but equal() compares using the regular float/double operator==.
Since there are multiple ways to represent the same value in floating point format, we can end up with values that hash() to different results, yet are equal according to equal(). I first discovered this problem when lowering the default minimum table size of WTF hash tables. One unlucky HashMap<double, whatever> got zero (0) and signed zero (-0) values in the same bucket, and hence the first one got picked every time by lookup of both keys since equal() would return true for either one of them.
I propose that we fix this by making FloatHash::equal() do a bitwise compare instead.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list