typeof null works 60% of the time everytime

[cookiengineer]

There's an upstream bug in v8 that was cherry-picked today and merged. The bug is as follows and also is reproducible in node itself:

Bug Description:

• https://bugs.chromium.org/p/chromium/issues/detail?id=604033
• https://codereview.chromium.org/2088783002

function foo() {
    return typeof null === 'undefined';
}

var a = 0;
var b = 0;

for (var i = 0; i < 10000; i++) {
    foo() === true ? a++ : b++;
}


var pa = ((a / (a + b)) * 100).toFixed(2);
var pb = ((b / (a + b)) * 100).toFixed(2);

console.log('true  ' + pa + '%');
console.log('false ' + pb + '%');

Outcome:

node typeof_null.js 
true  47.44%
false 52.56%

node typeof_null.js 
true  40.94%
false 59.06%

[MylesBorins]

thanks for posting @cookiengineer we have a backport in the review process 😄

#7348

[cookiengineer]

Awesome, just wanted to give you a hint about it. Most epic bug I've ever seen in a VM :) Haven't seen the backport pull request before.

[kzc]

@cookiengineer Epic bug indeed.

If you run the source through uglifyjs -c it works every time.
;-)

function foo() {return !1;}
for (var a = 0, b = 0, i = 0; i < 1e4; i++) foo() === !0 ? a++ : b++;
var pa = (a / (a + b) * 100).toFixed(2), pb = (b / (a + b) * 100).toFixed(2);
console.log("true  " + pa + "%"), console.log("false " + pb + "%");

[RReverser]

Closing this as @thealphanerd's PR was merged.