Fix an issue of a raw pointer being returned after possible allocation.

Review URL: http://codereview.chromium.org/14833

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/ic.cc

@@ -355,14 +355,19 @@ Object* CallIC::LoadFunction(State state,
     // If performing debug step into then flood this function with one-shot
     // break points if it is called from where step into was requested.
     if (Debug::StepInActive() && fp() == Debug::step_in_fp()) {
+      // Protect the result in a handle as the debugger can allocate and might
+      // cause GC.
+      HandleScope scope;
+      Handle<Object> result_handle(result);
       // Don't allow step into functions in the native context.
       if (JSFunction::cast(result)->context()->global() !=
           Top::context()->builtins()) {
-        HandleScope scope;
         Handle<SharedFunctionInfo> shared(JSFunction::cast(result)->shared());
         Debug::FloodWithOneShot(shared);
       }
+      return *result_handle;
     }
+
     return result;
   }