From c80b255885f38f4c5b9c9a0bd8c9c14a3148e73c Mon Sep 17 00:00:00 2001
From: Slava Pestov <slava@slava-pestovs-macbook-pro.local>
Date: Fri, 16 Oct 2009 04:37:27 -0500
Subject: [PATCH] vm: allocate stacks and data heap segments without execute
 permissions

---
 vm/code_heap.cpp  |  2 +-
 vm/contexts.cpp   |  4 ++--
 vm/data_heap.cpp  |  2 +-
 vm/heap.cpp       |  4 ++--
 vm/heap.hpp       |  2 +-
 vm/os-unix.cpp    | 11 +++++++----
 vm/os-windows.cpp |  4 ++--
 vm/segments.hpp   |  2 +-
 8 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/vm/code_heap.cpp b/vm/code_heap.cpp
index 18f089f0fa..d60ec189cd 100755
--- a/vm/code_heap.cpp
+++ b/vm/code_heap.cpp
@@ -3,7 +3,7 @@
 namespace factor
 {
 
-code_heap::code_heap(bool secure_gc, cell size) : heap(secure_gc,size) {}
+code_heap::code_heap(bool secure_gc, cell size) : heap(secure_gc,size,true) {}
 
 void code_heap::write_barrier(code_block *compiled)
 {
diff --git a/vm/contexts.cpp b/vm/contexts.cpp
index 7e0a2e195d..050f4b3db6 100644
--- a/vm/contexts.cpp
+++ b/vm/contexts.cpp
@@ -44,8 +44,8 @@ context *factor_vm::alloc_context()
 	else
 	{
 		new_context = new context;
-		new_context->datastack_region = new segment(ds_size);
-		new_context->retainstack_region = new segment(rs_size);
+		new_context->datastack_region = new segment(ds_size,false);
+		new_context->retainstack_region = new segment(rs_size,false);
 	}
 
 	return new_context;
diff --git a/vm/data_heap.cpp b/vm/data_heap.cpp
index d93c121db0..6b09953314 100755
--- a/vm/data_heap.cpp
+++ b/vm/data_heap.cpp
@@ -23,7 +23,7 @@ data_heap::data_heap(cell young_size_, cell aging_size_, cell tenured_size_)
 
 	total_size += deck_size;
 
-	seg = new segment(total_size);
+	seg = new segment(total_size,false);
 
 	cell cards_size = addr_to_card(total_size);
 
diff --git a/vm/heap.cpp b/vm/heap.cpp
index f6d17cd4d5..0f0da63df0 100644
--- a/vm/heap.cpp
+++ b/vm/heap.cpp
@@ -11,10 +11,10 @@ void heap::clear_free_list()
 	memset(&free,0,sizeof(heap_free_list));
 }
 
-heap::heap(bool secure_gc_, cell size) : secure_gc(secure_gc_)
+heap::heap(bool secure_gc_, cell size, bool executable_p) : secure_gc(secure_gc_)
 {
 	if(size > (1L << (sizeof(cell) * 8 - 6))) fatal_error("Heap too large",size);
-	seg = new segment(align_page(size));
+	seg = new segment(align_page(size),executable_p);
 	if(!seg) fatal_error("Out of memory in heap allocator",size);
 	clear_free_list();
 }
diff --git a/vm/heap.hpp b/vm/heap.hpp
index bc9653e3d7..ef09c2b238 100644
--- a/vm/heap.hpp
+++ b/vm/heap.hpp
@@ -15,7 +15,7 @@ struct heap {
 	heap_free_list free;
 	unordered_map<heap_block *, char *> forwarding;
 
-	explicit heap(bool secure_gc_, cell size);
+	explicit heap(bool secure_gc_, cell size, bool executable_p);
 
 	inline heap_block *next_block(heap_block *block)
 	{
diff --git a/vm/os-unix.cpp b/vm/os-unix.cpp
index 342be7a360..70d7e395de 100644
--- a/vm/os-unix.cpp
+++ b/vm/os-unix.cpp
@@ -83,16 +83,19 @@ void factor_vm::primitive_existsp()
 	box_boolean(stat(path,&sb) >= 0);
 }
 
-segment::segment(cell size_)
+segment::segment(cell size_, bool executable_p)
 {
 	size = size_;
 
 	int pagesize = getpagesize();
 
-	char *array = (char *)mmap(NULL,pagesize + size + pagesize,
-		PROT_READ | PROT_WRITE | PROT_EXEC,
-		MAP_ANON | MAP_PRIVATE,-1,0);
+	int prot;
+	if(executable_p)
+		prot = (PROT_READ | PROT_WRITE | PROT_EXEC);
+	else
+		prot = (PROT_READ | PROT_WRITE);
 
+	char *array = (char *)mmap(NULL,pagesize + size + pagesize,prot,MAP_ANON | MAP_PRIVATE,-1,0);
 	if(array == (char*)-1) out_of_memory();
 
 	if(mprotect(array,pagesize,PROT_NONE) == -1)
diff --git a/vm/os-windows.cpp b/vm/os-windows.cpp
index 48ddeffcb6..48745584d3 100755
--- a/vm/os-windows.cpp
+++ b/vm/os-windows.cpp
@@ -96,7 +96,7 @@ void factor_vm::primitive_existsp()
 	box_boolean(windows_stat(path));
 }
 
-segment::segment(cell size_)
+segment::segment(cell size_, bool executable_p)
 {
 	size = size_;
 
@@ -104,7 +104,7 @@ segment::segment(cell size_)
 	DWORD ignore;
 
 	if((mem = (char *)VirtualAlloc(NULL, getpagesize() * 2 + size,
-		MEM_COMMIT, PAGE_EXECUTE_READWRITE)) == 0)
+		MEM_COMMIT, executable_p ? PAGE_EXECUTE_READWRITE : PAGE_READWRITE)) == 0)
 		out_of_memory();
 
 	if (!VirtualProtect(mem, getpagesize(), PAGE_NOACCESS, &ignore))
diff --git a/vm/segments.hpp b/vm/segments.hpp
index 6ff2170974..5cedada578 100644
--- a/vm/segments.hpp
+++ b/vm/segments.hpp
@@ -13,7 +13,7 @@ struct segment {
 	cell size;
 	cell end;
 
-	explicit segment(cell size);
+	explicit segment(cell size, bool executable_p);
 	~segment();
 };