From 19b87999580d596a3b14e38f44309f16307bfe0e Mon Sep 17 00:00:00 2001
From: Lars Knoll <lars.knoll@qt.io>
Date: Mon, 15 Oct 2018 08:36:17 +0200
Subject: Fix a crash when allocating huge memory segments

When allocating a huge item that requires it's own memory
segment, we were actually not committing enough memory from
the OS.

Fixes: QTBUG-71501
Change-Id: Ic86a648bba4d7f1eeeded78d8de0f0fc1d3a251d
Reviewed-by: Ulf Hermann <ulf.hermann@qt.io>
---
 src/qml/memory/qv4mm.cpp | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/qml/memory')

diff --git a/src/qml/memory/qv4mm.cpp b/src/qml/memory/qv4mm.cpp
index fb6d9478db..97254b9172 100644
--- a/src/qml/memory/qv4mm.cpp
+++ b/src/qml/memory/qv4mm.cpp
@@ -666,11 +666,10 @@ HeapItem *HugeItemAllocator::allocate(size_t size) {
     Chunk *c = nullptr;
     if (size >= MemorySegment::SegmentSize/2) {
         // too large to handle through the ChunkAllocator, let's get our own memory segement
-        size_t segmentSize = size + Chunk::HeaderSize; // space required for the Chunk header
+        size += Chunk::HeaderSize; // space required for the Chunk header
         size_t pageSize = WTF::pageSize();
-        segmentSize = (segmentSize + pageSize - 1) & ~(pageSize - 1); // align to page sizes
-        m = new MemorySegment(segmentSize);
         size = (size + pageSize - 1) & ~(pageSize - 1); // align to page sizes
+        m = new MemorySegment(size);
         c = m->allocate(size);
     } else {
         c = chunkAllocator->allocate(size);
-- 
cgit v1.2.3