Bug 258766

Summary: JSC doesn't throw TypeError when call Uint8Array without new
Product: WebKit Reporter: YuHao Hu <yuhao.6218>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: mark.lam, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   

Description YuHao Hu 2023-07-01 06:28:14 PDT 
git commit id: 8cdb27dae2a958f4ad5ff00f4900a7c235835247

```
function opt(f) {
    try{
        return f(Uint8Array);
    }catch(e){
        print(e)
    }
}

print(opt(opt))
print(opt(opt))
```

run args:
WebKitBuild/Debug/bin/jsc --useConcurrentJIT=0 --jitPolicyScale=0.001 test.js

program output:
TypeError: calling Uint8Array constructor without new is invalid
undefined
0,0,0

expected output:
TypeError: calling Uint8Array constructor without new is invalid
undefined
TypeError: calling Uint8Array constructor without new is invalid
undefined

At the last call to the `opt` function, `f` is `UInt8Array`. The engine need to throw an exception instead of creating the array object.
Comment 1 Radar WebKit Bug Importer 2023-07-08 06:29:16 PDT 
<rdar://problem/111952807>
Comment 2 YuHao Hu 2024-08-20 01:23:02 PDT 
seems this bug has been fixed