Comment 1 for bug 1928010

By attaching gdb to the guest, I believe I've identified where it's crashing. The executing frame appears to be in the _relocate() function:

reloc_aarch64.c:_relocate()
   case R_AARCH64_RELATIVE:
    addr = (unsigned long *)
     (ldbase + rel->r_offset);
    *addr = ldbase + rel->r_addend;
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    break;

   default:

The previous address points to the following code, which suggests my addresses are sane:
crt0-efi-aarch64.S:
 adrp x1, _DYNAMIC
 add x1, x1, #:lo12:_DYNAMIC
 bl _relocate
                 ^^^^^^^^^
 cbnz x0, 0f