From: hpayer@chromium.org <hpayer@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Wed, 28 Nov 2012 10:53:39 +0000 (+0000)
Subject: Fixed pointer arithmetic in write barrier for large objects when marking progress... 
X-Git-Tag: upstream/4.7.83~15551
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=5a6c1e51098d67b03af31a42fd3205a727b89cac;p=platform%2Fupstream%2Fv8.git

Fixed pointer arithmetic in write barrier for large objects when marking progress bar is used.

BUG=

Review URL: https://codereview.chromium.org/11421123

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---

diff --git a/src/spaces.h b/src/spaces.h
index c246c94..2e5367a 100644
--- a/src/spaces.h
+++ b/src/spaces.h
@@ -506,7 +506,7 @@ class MemoryChunk {
   bool IsLeftOfProgressBar(Object** slot) {
     Address slot_address = reinterpret_cast<Address>(slot);
     ASSERT(slot_address > this->address());
-    return (slot_address - this->address() + kObjectStartOffset) <
+    return (slot_address - (this->address() + kObjectStartOffset)) <
            progress_bar();
   }