UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36

Steps to reproduce the problem:
Consider the following object definition:

```
var MyObj = function () { };
MyObj.prototype = {
    constructor: MyObj,

    tooltip: function (text) {

        if (typeof text === "undefined")
            return "UNDEF_ARG_GIVEN";
        else
            return this;
    },

    otherFunction: function (cnt) {
        return true;
    }
};
```

Now consider the following loop:

```
    for (var i = 0; i < 100000; i++) {
        (new MyObj()).tooltip(null).otherFunction(i);
        console.log(i);
    }

```

The above loop crashes after a few thousand iterations, with an error saying "otherFunction is not a function".

What is the expected behavior?
I expect the loop to go through all the way to 100,000 iterations.

What went wrong?
It crashes after a certain number of iterations (appears random).

Did this work before? Yes It worked fine in chrome v49.

Chrome version: 50.0.2661.75  Channel: stable
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 21.0 r0

See attached HTML file for how to reproduce.  Simply click the "Launch Test" button.

If I change `if` condition in the tooltip method to avoid keyword `typeof` then things work fine.  For instance, if I use `if (text === undefined)` or `if (arguments.length < 1)`, the code behaves as expected.

Also, if I put a breakpoint at `return "UNDEF_ARG_GIVEN"` in the tooltip using the Dev Tools, then it works fine too.

I suspect the JIT compiler is being tripped by the `typeof` keyword.
 

Deleted: chrome-v50_bug.htm 879 bytes

chrome-v50_bug.htm 879 bytes View Download