Incorrect optimization of 'typeof null' causes false positives

[michaelshopsin]

• 6.2.2:
• Darwin XCF032616035008 15.4.0 Darwin Kernel Version 15.4.0: Fri Feb 26 22:08:05 PST 2016; root:xnu-3248.40.184~3/RELEASE_X86_64 x86_64:
• Core:

There is a serious bug in Node.js where typeof null comparison changes inside a loop. This bug is reported on StackOverflow, Reddit, and Chrome. The sample code from StackOverflow should always return false but becomes true when the bug is present:

function foo() {
    return typeof null === 'undefined';
}
for(var i = 0; i < 1000; i++) console.log(foo());

verwaest on GitHub committed a fix for the bug to v8 but Node.js 6.2.2 still has the bug. Errors in typeof is a very serious regression and will cause undefined behavior.

[MylesBorins]

A backport PR is already in. We are just figuring out if we want to float a patch or have it backported to specific V8 release lines

[MylesBorins]

#7348

[michaelshopsin]

This for pointing out that the backport of the fix is already in progress. I'm going to close my issue as a duplicate.