diff --git a/arm64-fix-backtraces-of-KASAN-kernel-dumpfile-truncated.patch b/arm64-fix-backtraces-of-KASAN-kernel-dumpfile-truncated.patch
new file mode 100644
index 0000000000000000000000000000000000000000..82bb571ce155de7ea0e286ad6e3b8a71a008c9fa
--- /dev/null
+++ b/arm64-fix-backtraces-of-KASAN-kernel-dumpfile-truncated.patch
@@ -0,0 +1,181 @@
+From 41f9396b3ec962121553a2e59027db7b08741321 Mon Sep 17 00:00:00 2001
+From: Ding Hui <dinghui@sangfor.com.cn>
+Date: Thu, 1 Dec 2022 11:59:33 +0800
+Subject: [PATCH] arm64: fix backtraces of KASAN kernel dumpfile truncated
+
+We met "bt" cmd on KASAN kernel vmcore display truncated backtraces
+like this:
+
+crash> bt
+PID: 4131   TASK: ffff8001521df000  CPU: 3   COMMAND: "bash"
+ #0 [ffff2000224b0cb0] machine_kexec_prepare at ffff2000200bff4c
+
+After digging the root cause, it turns out that arm64_in_kdump_text()
+found wrong bt->bptr at "machine_kexec" branch.
+
+If CONFIG_KASAN=y, disassemble machine_kexec() of KASAN vmlinux (gcc 7.3.0)
+like this:
+
+crash> dis -x machine_kexec
+0xffff2000200bff50 <machine_kexec>:     stp     x29, x30, [sp,#-208]!
+0xffff2000200bff54 <machine_kexec+0x4>: mov     x29, sp
+0xffff2000200bff58 <machine_kexec+0x8>: stp     x19, x20, [sp,#16]
+0xffff2000200bff5c <machine_kexec+0xc>: str     x24, [sp,#56]
+0xffff2000200bff60 <machine_kexec+0x10>:        str     x26, [sp,#72]
+0xffff2000200bff64 <machine_kexec+0x14>:        mov     x2, #0x8ab3
+0xffff2000200bff68 <machine_kexec+0x18>:        add     x1, x29, #0x70
+0xffff2000200bff6c <machine_kexec+0x1c>:        lsr     x1, x1, #3
+0xffff2000200bff70 <machine_kexec+0x20>:        movk    x2, #0x41b5, lsl #16
+0xffff2000200bff74 <machine_kexec+0x24>:        mov     x19, #0x200000000000
+0xffff2000200bff78 <machine_kexec+0x28>:        adrp    x3, 0xffff2000224b0000
+0xffff2000200bff7c <machine_kexec+0x2c>:        movk    x19, #0xdfff, lsl #48
+0xffff2000200bff80 <machine_kexec+0x30>:        add     x3, x3, #0xcb0
+0xffff2000200bff84 <machine_kexec+0x34>:        add     x4, x1, x19
+0xffff2000200bff88 <machine_kexec+0x38>:        stp     x2, x3, [x29,#112]
+0xffff2000200bff8c <machine_kexec+0x3c>:        adrp    x2, 0xffff2000200bf000 <swsusp_arch_resume+0x1e8>
+0xffff2000200bff90 <machine_kexec+0x40>:        add     x2, x2, #0xf50
+0xffff2000200bff94 <machine_kexec+0x44>:        str     x2, [x29,#128]
+0xffff2000200bff98 <machine_kexec+0x48>:        mov     w2, #0xf1f1f1f1
+0xffff2000200bff9c <machine_kexec+0x4c>:        str     w2, [x1,x19]
+0xffff2000200bffa0 <machine_kexec+0x50>:        mov     w2, #0xf200
+0xffff2000200bffa4 <machine_kexec+0x54>:        mov     w1, #0xf3f3f3f3
+0xffff2000200bffa8 <machine_kexec+0x58>:        movk    w2, #0xf2f2, lsl #16
+0xffff2000200bffac <machine_kexec+0x5c>:        stp     w2, w1, [x4,#4]
+
+We notice that:
+1. machine_kexec() start address is 0xffff2000200bff50
+2. the instruction at machine_kexec+0x44 store the same value
+   0xffff2000200bff50 (comes from 0xffff2000200bf000 + 0xf50)
+   into stack postion [x29,#128].
+
+When arm64_in_kdump_text() search LR from stack, it met
+0xffff2000200bff50 firstly, so got wrong bt->bptr.
+
+We know that the real LR is always great than the start address
+of a function, so let's fix it by change the search conditon to
+(*ptr > xxx_start) && (*ptr < xxx_end).
+
+[ dh: port for SDEI stack ]
+
+Signed-off-by: Ding Hui <dinghui@sangfor.com.cn>
+
+Index: crash-7.3.0/arm64.c
+===================================================================
+--- crash-7.3.0.orig/arm64.c
++++ crash-7.3.0/arm64.c
+@@ -3060,7 +3060,7 @@ arm64_in_kdump_text(struct bt_info *bt,
+ 	ms = machdep->machspec;
+ 	for (ptr = start - 8; ptr >= base; ptr--) {
+ 		if (bt->flags & BT_OPT_BACK_TRACE) {
+-			if ((*ptr >= ms->crash_kexec_start) &&
++			if ((*ptr > ms->crash_kexec_start) &&
+ 			    (*ptr < ms->crash_kexec_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base)
+@@ -3069,7 +3069,7 @@ arm64_in_kdump_text(struct bt_info *bt,
+ 					fprintf(fp, "%lx: %lx (crash_kexec)\n", bt->bptr, *ptr);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) &&
++			if ((*ptr > ms->crash_save_cpu_start) &&
+ 			    (*ptr < ms->crash_save_cpu_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base)
+@@ -3079,14 +3079,14 @@ arm64_in_kdump_text(struct bt_info *bt,
+ 				return TRUE;
+ 			}
+ 		} else {
+-			if ((*ptr >= ms->machine_kexec_start) && (*ptr < ms->machine_kexec_end)) {
++			if ((*ptr > ms->machine_kexec_start) && (*ptr < ms->machine_kexec_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base)
+ 					   + task_to_stackbase(bt->tc->task);
+ 				if (CRASHDEBUG(1))
+ 					fprintf(fp, "%lx: %lx (machine_kexec)\n", bt->bptr, *ptr);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
++			if ((*ptr > ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
+ 				/*
+ 				 *  Stash the first crash_kexec frame in case the machine_kexec
+ 				 *  frame is not found.
+@@ -3100,7 +3100,7 @@ arm64_in_kdump_text(struct bt_info *bt,
+ 				}
+ 				continue;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
++			if ((*ptr > ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base)
+ 					   + task_to_stackbase(bt->tc->task);
+ 				if (CRASHDEBUG(1))
+@@ -3149,7 +3149,7 @@ arm64_in_kdump_text_on_sdei_stack(struct
+ 
+ 	for (ptr = start - 8; ptr >= base; ptr--) {
+ 		if (bt->flags & BT_OPT_BACK_TRACE) {
+-			if ((*ptr >= ms->crash_kexec_start) &&
++			if ((*ptr > ms->crash_kexec_start) &&
+ 			    (*ptr < ms->crash_kexec_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base) + stackbase;
+@@ -3159,7 +3159,7 @@ arm64_in_kdump_text_on_sdei_stack(struct
+ 				FREEBUF(stackbuf);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) &&
++			if ((*ptr > ms->crash_save_cpu_start) &&
+ 			    (*ptr < ms->crash_save_cpu_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base) + stackbase;
+@@ -3170,7 +3170,7 @@ arm64_in_kdump_text_on_sdei_stack(struct
+ 				return TRUE;
+ 			}
+ 		} else {
+-			if ((*ptr >= ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
++			if ((*ptr > ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base) + stackbase;
+ 				if (CRASHDEBUG(1))
+ 					fprintf(fp, "%lx: %lx (crash_kexec on IRQ stack)\n",
+@@ -3178,7 +3178,7 @@ arm64_in_kdump_text_on_sdei_stack(struct
+ 				FREEBUF(stackbuf);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
++			if ((*ptr > ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base) + stackbase;
+ 				if (CRASHDEBUG(1))
+ 					fprintf(fp, "%lx: %lx (crash_save_cpu on IRQ stack)\n",
+@@ -3222,7 +3222,7 @@ arm64_in_kdump_text_on_irq_stack(struct
+ 
+ 	for (ptr = start - 8; ptr >= base; ptr--) {
+ 		if (bt->flags & BT_OPT_BACK_TRACE) {
+-			if ((*ptr >= ms->crash_kexec_start) &&
++			if ((*ptr > ms->crash_kexec_start) &&
+ 			    (*ptr < ms->crash_kexec_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base) + stackbase;
+@@ -3232,7 +3232,7 @@ arm64_in_kdump_text_on_irq_stack(struct
+ 				FREEBUF(stackbuf);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) &&
++			if ((*ptr > ms->crash_save_cpu_start) &&
+ 			    (*ptr < ms->crash_save_cpu_end) &&
+ 			    INSTACK(*(ptr - 1), bt)) {
+ 				bt->bptr = ((ulong)(ptr - 1) - (ulong)base) + stackbase;
+@@ -3243,7 +3243,7 @@ arm64_in_kdump_text_on_irq_stack(struct
+ 				return TRUE;
+ 			}
+ 		} else {
+-			if ((*ptr >= ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
++			if ((*ptr > ms->crash_kexec_start) && (*ptr < ms->crash_kexec_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base) + stackbase;
+ 				if (CRASHDEBUG(1))
+ 					fprintf(fp, "%lx: %lx (crash_kexec on IRQ stack)\n", 
+@@ -3251,7 +3251,7 @@ arm64_in_kdump_text_on_irq_stack(struct
+ 				FREEBUF(stackbuf);
+ 				return TRUE;
+ 			}
+-			if ((*ptr >= ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
++			if ((*ptr > ms->crash_save_cpu_start) && (*ptr < ms->crash_save_cpu_end)) {
+ 				bt->bptr = ((ulong)ptr - (ulong)base) + stackbase;
+ 				if (CRASHDEBUG(1))
+ 					fprintf(fp, "%lx: %lx (crash_save_cpu on IRQ stack)\n", 
diff --git a/crash.spec b/crash.spec
index 334c545d82e271f5dba5943ad12a280dda08079a..2cc46b1dca428600470046b504c084df6e68be65 100644
--- a/crash.spec
+++ b/crash.spec
@@ -1,6 +1,6 @@
 Name: crash
 Version: 7.3.0
-Release: 7
+Release: 8
 Summary: Linux kernel crash utility.
 License: GPLv3
 URL: https://crash-utility.github.io
@@ -19,6 +19,7 @@ Patch9: 0002-CVE-2019-1010180-DWARF-reader-Reject-sections-with-invalid-sizes.pa
 %ifarch sw_64
 Patch10: crash-7.3.0-sw.patch
 %endif
+Patch11: arm64-fix-backtraces-of-KASAN-kernel-dumpfile-truncated.patch
 
 BuildRequires: ncurses-devel zlib-devel lzo-devel snappy-devel
 BuildRequires: gcc gcc-c++ bison m4
@@ -84,6 +85,9 @@ install -D -m 0644 defs.h %{buildroot}%{_includedir}/%{name}/defs.h
 %{_mandir}/man8/crash.8*
 
 %changelog
+* Thu Dec 1 2022 Ding Hui <dinghui@sangfor.com.cn> - 7.3.0-8
+- fix backtraces of arm64 KASAN kernel dumpfile truncated
+
 * Wed Oct 19 2022 wuzx<wuzx1226@qq.com> - 7.3.0-7
 - add sw64 patch