Comment 29 for bug 774175

OK, I think I've got it - it certainly smells like a linkerism but I didn't want to blame it until I actually found the bad code, but I believe it's another instance of bug 745843 - a problem with the fixup for the cortex-a8 branch erratum:

In the bad build we have:

00021fe0 <_GLOBAL__sub_I_netrc.cc>:
   21fe0: b538 push {r3, r4, r5, lr}
   21fe2: 4d08 ldr r5, [pc, #32] ; (22004 <_GLOBAL__sub_I_netrc.cc+0x24>)
   21fe4: 4c08 ldr r4, [pc, #32] ; (22008 <_GLOBAL__sub_I_netrc.cc+0x28>)
   21fe6: 447d add r5, pc
   21fe8: 447c add r4, pc
   21fea: 4628 mov r0, r5
   21fec: f7ff e86c blx 210c8 <_init+0x290>
   21ff0: 4b06 ldr r3, [pc, #24] ; (2200c <_GLOBAL__sub_I_netrc.cc+0x2c>)
   21ff2: 4628 mov r0, r5
   21ff4: 58e1 ldr r1, [r4, r3]
   21ff6: 4b06 ldr r3, [pc, #24] ; (22010 <_GLOBAL__sub_I_netrc.cc+0x30>)
   21ff8: 58e2 ldr r2, [r4, r3]
   21ffa: e8bd 4038 ldmia.w sp!, {r3, r4, r5, lr}
   21ffe: f081 bfa3 b.w a3f48

Now that branch is on a word boundary which kicks the a8 erratum case, so it has planted:

   a3f48: f77d bc20 b.w 2178c <_init+0x954>

Now note we're in Thumb at the moment.

which unfortunately branches to the following ARM code in the PLT - it should have branched a few bytes earlier, which is what Richard's fix in bug 745843 fixed.
   2178c: e28fc600 add ip, pc, #0
   21790: e28cca9f add ip, ip, #651264 ; 0x9f000
   21794: e5bcfb84 ldr pc, [ip, #2948]! ; 0xb84

We reckoned that was a really unlikely bug to hit - maybe one in a few thousand executables - trust it to land in apt!

Dave