From c4321962d9595b522afee661f0c3045a8db33eae Mon Sep 17 00:00:00 2001
From: ulan <ulan@chromium.org>
Date: Wed, 8 Apr 2015 08:58:14 -0700
Subject: [PATCH] Check mark bit of the found object in
 MarkCompactCollector::IsSlotInBlackObject.

BUG=

Review URL: https://codereview.chromium.org/1069763002

Cr-Commit-Position: refs/heads/master@{#27673}
---
 src/heap/mark-compact.cc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/heap/mark-compact.cc b/src/heap/mark-compact.cc
index 6f81beb..931206f 100644
--- a/src/heap/mark-compact.cc
+++ b/src/heap/mark-compact.cc
@@ -3138,6 +3138,7 @@ bool MarkCompactCollector::IsSlotInBlackObject(Page* p, Address slot,
   cell_base += (start_index - cell_base_start_index) * 32 * kPointerSize;
   Address address = cell_base + offset * kPointerSize;
   HeapObject* object = HeapObject::FromAddress(address);
+  CHECK(Marking::IsBlack(Marking::MarkBitFrom(object)));
   CHECK(object->address() < reinterpret_cast<Address>(slot));
   if (object->address() <= slot &&
       (object->address() + object->Size()) > slot) {
-- 
2.7.4