So the random core dumps did not go away with the kcopy() bug fix.
But I looked at the 7 core dumps that occured during a `make all' in
/usr/src, and they all appear to be due to the same problem.

It appears that occasionally ld.so is not causing the I cache line(s)
backing a PLT entry to be flushed properly.  What happens in this case
is that the D cache line with the address (formerly the offset to
entry 0) now points to the function, but the code at the beginning of
the PLT entry still adds the address to the pc, rather than just
jumping to it.  This causes a branch to Somewhere Very Wrong --
sometimes to a random valid code block, sometimes into an invalid
page.  It more or less always causes a core dump.

I'm not yet sure why the cache isn't being synced correctly.