76adfd1c86
Bug: chromium:1203122 Change-Id: Ief88320b620dbf2f347bf6f6fc1ebd459e60af3d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3138194 Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/main@{#76639}
24 lines
424 B
JavaScript
24 lines
424 B
JavaScript
// Copyright 2021 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
function main() {
|
|
class C {
|
|
m() {
|
|
super.prototype;
|
|
}
|
|
}
|
|
// Home object's __proto__ is a function.
|
|
function f() {}
|
|
C.prototype.__proto__ = f;
|
|
|
|
let c = new C();
|
|
|
|
f.prototype;
|
|
c.m();
|
|
}
|
|
|
|
for (let i = 0; i < 100; ++i) {
|
|
main();
|
|
}
|