--- Coro/Coro/State.xs	2021/06/25 01:13:21	1.480
+++ Coro/Coro/State.xs	2021/08/19 22:43:02	1.481
@@ -3625,23 +3625,20 @@
 
   map_len = load_len + save_len + 16;
 
-  map_base = mmap (0, map_len, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
-
-  if (map_base == (char *)MAP_FAILED)
-    map_base = mmap (0, map_len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+  map_base = mmap (0, map_len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
 
   assert (("Coro: unable to mmap jit code page, cannot continue.", map_base != (char *)MAP_FAILED));
 
   load_perl_slots = (load_save_perl_slots_type)map_base;
-  memcpy (map_base, load_ptr, load_len);
-
-  map_base += (load_len + 15) & ~15;
+  memcpy (load_perl_slots, load_ptr, load_len);
 
-  save_perl_slots = (load_save_perl_slots_type)map_base;
-  memcpy (map_base, save_ptr, save_len);
+  save_perl_slots = (load_save_perl_slots_type)(map_base + ((load_len + 15) & ~15));
+  memcpy (save_perl_slots, save_ptr, save_len);
 
   /* we are good citizens and try to make the page read-only, so the evil evil */
   /* hackers might have it a bit more difficult */
+  /* we do this in two steps, to potentially appease some security frameworks */
+  mprotect (map_base, map_len, PROT_READ);
   mprotect (map_base, map_len, PROT_READ | PROT_EXEC);
 
   PUTBACK;