Fix an issue of a raw pointer being returned after possible allocation.

Review URL: http://codereview.chromium.org/14833 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix an issue of a raw pointer being returned after possible allocation.
Review URL: http://codereview.chromium.org/14833 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
e33f70db · sgjesse@chromium.org · 358591f9 · e33f70db
Commit e33f70db authored Dec 18, 2008 by sgjesse@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 1 deletion

ic.cc src/ic.cc +6 -1

No files found.
--- a/src/ic.cc
+++ b/src/ic.cc
@@ -355,14 +355,19 @@ Object* CallIC::LoadFunction(State state,
    // If performing debug step into then flood this function with one-shot
    // break points if it is called from where step into was requested.
    if (Debug::StepInActive() && fp() == Debug::step_in_fp()) {
+      // Protect the result in a handle as the debugger can allocate and might
+      // cause GC.
+      HandleScope scope;
+      Handle<Object> result_handle(result);
      // Don't allow step into functions in the native context.
      if (JSFunction::cast(result)->context()->global() !=
          Top::context()->builtins()) {
-        HandleScope scope;
        Handle<SharedFunctionInfo> shared(JSFunction::cast(result)->shared());
        Debug::FloodWithOneShot(shared);
      }
+      return *result_handle;
    }
+
    return result;
  }