Ocamlopt & security wx-flag

When i put the security feature w^x on the os (freebsd) i.e.
so pages are write-able OR executable but not both, the ocaml compiler spits out errors.
Maybe this is normal & expected behavior, maybe it isn’t ?
Can someone enlighten ?

I don’t know about freebsd but openbsd has been w^x for sometime.

Ocaml I understand runs fine on it which leads me to believe that this could be something specific to freebsd and not intrinsic to the Ocaml compiler/runtime.

I vaguely know that @avsm is familiar with openbsd – perhaps he would be familiar with freebsd too?

A compiler has to be written in a certain way in order not to make use of pages with execute & write flag.
I think it’s not O.S. related as other compilers also not function with the security feature w^x enabled.

What I wanted to say is:

  • AFAIK OCaml on openBSD works fine. OpenBSD has W^X by default. Given that OCaml works on it, this means that OCaml is capable of producing code that will work in a W^X situation
  • It’s possible OCaml does not run on Freebsd with W^X enabled because some special compiler switches need to be used or OCaml compiler cannot deal with the specific FreeBSD implementation
  • Its also possible that there is something wrong with FreeBSD assumptions of W^X implementation that violate OCaml’s W^X implementation. There might also be some OS settings you may need to tweak…

To be honest I don’t know much about this.

It might be a better idea to file a detailed bug report on github.com/ocaml/ocaml – the OCaml maintainers are quite responsive and you will have definitive answer soon. Please give as many details as possible when filing your ticket…

1 Like

OP created an upstream issue, it seems to be a matter of fixing the build configuration.

1 Like