Node: typeof null works 60% of the time everytime

Created on 21 Jun 2016  路  4Comments  路  Source: nodejs/node

There's an upstream bug in v8 that was cherry-picked today and merged. The bug is as follows and also is reproducible in node itself:

Bug Description:

function foo() {
    return typeof null === 'undefined';
}

var a = 0;
var b = 0;

for (var i = 0; i < 10000; i++) {
    foo() === true ? a++ : b++;
}


var pa = ((a / (a + b)) * 100).toFixed(2);
var pb = ((b / (a + b)) * 100).toFixed(2);

console.log('true  ' + pa + '%');
console.log('false ' + pb + '%');

Outcome:

node typeof_null.js 
true  47.44%
false 52.56%

node typeof_null.js 
true  40.94%
false 59.06%
V8 Engine
Source
picture cookiengineer

Most helpful comment

thanks for posting @cookiengineer we have a backport in the review process :smile:

https://github.com/nodejs/node/pull/7348

picture MylesBorins on 21 Jun 2016
👍4

All 4 comments

thanks for posting @cookiengineer we have a backport in the review process :smile:

https://github.com/nodejs/node/pull/7348

MylesBorins picture MylesBorins on 21 Jun 2016
👍4

Awesome, just wanted to give you a hint about it. Most epic bug I've ever seen in a VM :) Haven't seen the backport pull request before.

cookiengineer picture cookiengineer on 21 Jun 2016

@cookiengineer Epic bug indeed.

If you run the source through uglifyjs -c it works every time.
;-)

function foo() {return !1;}
for (var a = 0, b = 0, i = 0; i < 1e4; i++) foo() === !0 ? a++ : b++;
var pa = (a / (a + b) * 100).toFixed(2), pb = (b / (a + b) * 100).toFixed(2);
console.log("true  " + pa + "%"), console.log("false " + pb + "%");
kzc picture kzc on 21 Jun 2016

Closing this as @TheAlphaNerd's PR was merged.

RReverser picture RReverser on 27 Jun 2016
Was this page helpful?
0 / 5 - 0 ratings

Related issues

cong88 picture cong88  路  3Comments
Icemic picture Icemic  路  3Comments
fanjunzhi picture fanjunzhi  路  3Comments
mcollina picture mcollina  路  3Comments
Brekmister picture Brekmister  路  3Comments