diff --git a/ChangeLog b/ChangeLog
index 6e0963f941..717588978a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Mon Nov 15 23:54:45 2010  Yusuke Endoh  <mame@tsg.ne.jp>
+
+	* eval_intern.h (CHECK_STACK_OVERFLOW): it was not intended to add
+	  size_t to a pointer typed VALUE*.  Coverity Scan found this defect.
+
 Mon Nov 15 23:41:21 2010  Yusuke Endoh  <mame@tsg.ne.jp>
 
 	* compile.c (iseq_set_exception_local_table, iseq_set_local_table,
diff --git a/eval_intern.h b/eval_intern.h
index 549953acfc..428a2d81ff 100644
--- a/eval_intern.h
+++ b/eval_intern.h
@@ -172,7 +172,7 @@ enum ruby_tag_type {
 #define SCOPE_SET(f)   (rb_vm_cref()->nd_visi = (f))
 
 #define CHECK_STACK_OVERFLOW(cfp, margin) do \
-  if (((VALUE *)(cfp)->sp) + (margin) + sizeof(rb_control_frame_t) >= ((VALUE *)cfp)) { \
+  if ((VALUE *)((char *)(((VALUE *)(cfp)->sp) + (margin)) + sizeof(rb_control_frame_t)) >= ((VALUE *)cfp)) { \
       rb_exc_raise(sysstack_error); \
   } \
 while (0)