I got this idea when I read that vale-lang somehow obfuscates/encrypts
pointers before passing them to FFI / "unsafe code". SLUL uses the
"C ABI" natively, so there is no distiction between "foreign" and
"non-foreign" functions, so this technique could instead be applied
to *all* cross-module calls that cause an opaque type to enter or leave
the module that it is defined in.

Implementation idea:

* xor all opaque or internal pointers with values encoded into the binary.
    - use a pattern that forces ones into bits that are always 0, to trigger traps:
        - use 1.......... (high bit) to trigger a page fault
        - use ..........1 (low bit) to trigger an alignment fault

* opaque pointers are xor'ed with a per-type value.
* internal pointers (i.e. fields inside opaque types) are xor'ed with a
  per-field value.
* return adresses are xor'ed with a per-function value.
  (tail calls need special handling, so this only works for private functions
   where the caller knows the xor value of the callee)

this would acheive the following:
* exploits that swap one pointer with another stop working if:
    - there is a type confusion attack
    - the pointers are in different fields
    - the pointers are of different kinds (opaque pointer, internal pointer, return pointer)
* supporting different versions in an exploit gets trickier
  (and there could be a tool to change the xor values!
   or it could be changed at load time!)