Chromium 148+: Math.tanh now leaks the underlying OS via floating-point rounding
Original: Since Chromium 148, Math.tanh is now fingerprintable to link underlying OS
Why This Matters
A single JS math call can now silently expose OS identity, raising stakes for bot detection and browser privacy.
Since Chrome 148, V8 delegates Math.tanh to the host OS math library (libm), causing Linux, macOS, and Windows to return slightly different floating-point results — enabling OS-level browser fingerprinting. Chrome 147 and earlier were not affected.
Starting with Chrome 148 (V8 commit c1486295ae5, V8 14.8.57), the JavaScript engine replaced its bundled fdlibm implementation of Math.tanh with a call to the host system's std::tanh. This means the result routes through the OS's native math library: glibc on Linux, libsystem_m on macOS, and UCRT (ucrtbase.dll) on Windows.
Because IEEE 754 does not require transcendental functions to be correctly rounded, each vendor ships its own libm with different minimax coefficients and lookup tables. The three implementations agree on roughly three-quarters of inputs but diverge by one or two units in the last place (ULP) on the rest. For example, Math.tanh(0.8) returns 0.6640367702678491 on Linux, 0.664036770267849 on macOS, and 0.6640367702678489 on Windows — all three values differ.
A single carefully chosen tanh probe is sufficient to classify the OS with high confidence. If a browser claims macOS via its User-Agent but returns Linux math bits, the contradiction is detectable. The same signal exists in CSS trigonometric functions and the Web Audio API's dynamics compressor, which also route through the host libm.
Chrome 147 and earlier used an internal fdlibm port, producing identical results across all platforms. Chrome 148, 149, and 150 expose the leak. Anti-bot and fingerprinting systems can exploit this to verify or contradict reported OS identity with no additional overhead.