Page fault on Redox accessing invalid TLS address

[jackpot51]

Something in this commit range is causing the TLS size to be calculated incorrectly, and the code accesses TLS addresses slightly beyond the size of the TLS:

The first commit and last commit in this range have been tested, with the first working and the last not working:
4bf5c99...0389d40

For example, Command::new attempts to access offset 0x100, but the TLS is only 0xF0

[jackpot51]

I have now narrowed it down to this: 4bf5c99...27650ee

[jackpot51]

So, the failure is as follows:
Page fault: 04:000001FFFFFFFFF0 at 23:000000000040CF4A

Where 0x1FFFFFFFFF0 is exactly 16 bytes beyond the end of TLS.

The readelf seems to indicate that the TLS is 0xF0 bytes in length:

Elf file type is EXEC (Executable file)
Entry point 0x400130
There are 4 program headers, starting at offset 64

Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz   Flg Align
  LOAD           0x000000 0x0000000000400000 0x0000000000400000 0x02432c 0x02432c R E 0x200000
  LOAD           0x024340 0x0000000000624340 0x0000000000624340 0x001130 0x001230 RW  0x200000
  TLS            0x024340 0x0000000000624340 0x0000000000624340 0x0000e8 0x0000f0 R   0x20
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW  0x10

 Section to Segment mapping:
  Segment Sections...
   00     .init .text .fini .rodata .eh_frame 
   01     .tdata .ctors .dtors .data .bss 
   02     .tdata .tbss 
   03  

Yet, it attempts to access address 0x100 in the TLS:

  40cf41:       64 48 8b 04 25 00 00 00 00    mov    rax,QWORD PTR fs:0x0
  40cf4a:       48 83 b8 00 ff ff ff 00       cmp    QWORD PTR [rax-0x100],0x0

Here you can find the good and bad binaries, with their listings:
init-test.tar.gz

[jackpot51]

I have opened this PR to temporarily fix this issue: #42762

[steveklabnik]

Triage: this issue is very old. @jackpot51 is it still relevant?

[jackpot51]

It hasn't come up again, so maybe not