diff --git a/SOURCES/0001-arm64-Support-overflow-stack-panic.patch b/SOURCES/0001-arm64-Support-overflow-stack-panic.patch
new file mode 100644
index 0000000..e8cb3ac
--- /dev/null
+++ b/SOURCES/0001-arm64-Support-overflow-stack-panic.patch
@@ -0,0 +1,379 @@
+From c05db8d7d83389a342664073547bd29eda900158 Mon Sep 17 00:00:00 2001
+From: Hong YANG <hong.yang3@nio.com>
+Date: Mon, 15 Nov 2021 15:41:01 +0800
+Subject: [PATCH 1/2] arm64: Support overflow stack panic
+
+Kernel commit <872d8327ce89> ("arm64: add VMAP_STACK overflow detection")
+has supported the overflow stack exception handling. Without the patch, the
+"bt" command will make crash generate a core dump because of segmentation
+fault. With the patch, the "bt" command can display the overflow stack.
+
+Before:
+crash> bt
+PID: 3607 TASK: ffffffcbf9a4da00 CPU: 2 COMMAND: "sh"
+Segmentation fault (core dumped)
+
+After:
+crash> bt
+PID: 3607 TASK: ffffffcbf9a4da00 CPU: 2 COMMAND: "sh"
+ #0 [ffffffccbfd85f50] __delay at ffffff8008ceded8
+...
+ #5 [ffffffccbfd85fd0] emergency_restart at ffffff80080d49fc
+ #6 [ffffffccbfd86140] panic at ffffff80080af4c0
+ #7 [ffffffccbfd86150] nmi_panic at ffffff80080af150
+ #8 [ffffffccbfd86190] handle_bad_stack at ffffff800808b0b8
+ #9 [ffffffccbfd862d0] __bad_stack at ffffff800808285c
+ PC: ffffff8008082e80 [el1_sync]
+ LR: ffffff8000d6c214 [stack_overflow_demo+84]
+ SP: ffffff1a79930070 PSTATE: 204003c5
+ X29: ffffff8011b03d00 X28: ffffffcbf9a4da00 X27: ffffff8008e02000
+ X26: 0000000000000040 X25: 0000000000000124 X24: ffffffcbf9a4da00
+ X23: 0000007daec2e288 X22: ffffffcbfe03b800 X21: 0000007daec2e288
+ X20: 0000000000000002 X19: 0000000000000002 X18: 0000000000000002
+ X17: 00000000000003e7 X16: 0000000000000000 X15: 0000000000000000
+ X14: ffffffcc17facb00 X13: ffffffccb4c25c00 X12: 0000000000000000
+ X11: ffffffcc17fad660 X10: 0000000000000af0 X9: 0000000000000000
+ X8: ffffff1a799334f0 X7: 0000000000000000 X6: 000000000000003f
+ X5: 0000000000000040 X4: 0000000000000010 X3: 00000065981d07f0
+ X2: 00000065981d07f0 X1: 0000000000000000 X0: ffffff1a799334f0
+
+Signed-off-by: Hong YANG <hong.yang3@nio.com>
+---
+ arm64.c | 169 ++++++++++++++++++++++++++++++++++++++++++++++++++------
+ defs.h | 6 ++
+ 2 files changed, 159 insertions(+), 16 deletions(-)
+
+diff --git a/arm64.c b/arm64.c
+index 94681d1a37db..23c3d75d85aa 100644
+--- a/arm64.c
++++ b/arm64.c
+@@ -45,6 +45,7 @@ static int arm64_vtop_3level_4k(ulong, ulong, physaddr_t *, int);
+ static int arm64_vtop_4level_4k(ulong, ulong, physaddr_t *, int);
+ static ulong arm64_get_task_pgd(ulong);
+ static void arm64_irq_stack_init(void);
++static void arm64_overflow_stack_init(void);
+ static void arm64_stackframe_init(void);
+ static int arm64_eframe_search(struct bt_info *);
+ static int arm64_is_kernel_exception_frame(struct bt_info *, ulong);
+@@ -63,6 +64,7 @@ static int arm64_get_dumpfile_stackframe(struct bt_info *, struct arm64_stackfra
+ static int arm64_in_kdump_text(struct bt_info *, struct arm64_stackframe *);
+ static int arm64_in_kdump_text_on_irq_stack(struct bt_info *);
+ static int arm64_switch_stack(struct bt_info *, struct arm64_stackframe *, FILE *);
++static int arm64_switch_stack_from_overflow(struct bt_info *, struct arm64_stackframe *, FILE *);
+ static int arm64_get_stackframe(struct bt_info *, struct arm64_stackframe *);
+ static void arm64_get_stack_frame(struct bt_info *, ulong *, ulong *);
+ static void arm64_gen_hidden_frame(struct bt_info *bt, ulong, struct arm64_stackframe *);
+@@ -78,8 +80,11 @@ static int arm64_get_smp_cpus(void);
+ static void arm64_clear_machdep_cache(void);
+ static int arm64_on_process_stack(struct bt_info *, ulong);
+ static int arm64_in_alternate_stack(int, ulong);
++static int arm64_in_alternate_stackv(int cpu, ulong stkptr, ulong *stacks, ulong stack_size);
+ static int arm64_on_irq_stack(int, ulong);
++static int arm64_on_overflow_stack(int, ulong);
+ static void arm64_set_irq_stack(struct bt_info *);
++static void arm64_set_overflow_stack(struct bt_info *);
+ static void arm64_set_process_stack(struct bt_info *);
+ static int arm64_get_kvaddr_ranges(struct vaddr_range *);
+ static void arm64_get_crash_notes(void);
+@@ -463,6 +468,7 @@ arm64_init(int when)
+ machdep->hz = 100;
+
+ arm64_irq_stack_init();
++ arm64_overflow_stack_init();
+ arm64_stackframe_init();
+ break;
+
+@@ -1715,6 +1721,49 @@ arm64_irq_stack_init(void)
+ }
+ }
+
++/*
++ * Gather Overflow stack values.
++ *
++ * Overflow stack supported since 4.14, in commit 872d8327c
++ */
++static void
++arm64_overflow_stack_init(void)
++{
++ int i;
++ struct syment *sp;
++ struct gnu_request request, *req;
++ struct machine_specific *ms = machdep->machspec;
++ req = &request;
++
++ if (symbol_exists("overflow_stack") &&
++ (sp = per_cpu_symbol_search("overflow_stack")) &&
++ get_symbol_type("overflow_stack", NULL, req)) {
++ if (CRASHDEBUG(1)) {
++ fprintf(fp, "overflow_stack: \n");
++ fprintf(fp, " type: %x, %s\n",
++ (int)req->typecode,
++ (req->typecode == TYPE_CODE_ARRAY) ?
++ "TYPE_CODE_ARRAY" : "other");
++ fprintf(fp, " target_typecode: %x, %s\n",
++ (int)req->target_typecode,
++ req->target_typecode == TYPE_CODE_INT ?
++ "TYPE_CODE_INT" : "other");
++ fprintf(fp, " target_length: %ld\n",
++ req->target_length);
++ fprintf(fp, " length: %ld\n", req->length);
++ }
++
++ if (!(ms->overflow_stacks = (ulong *)malloc((size_t)(kt->cpus * sizeof(ulong)))))
++ error(FATAL, "cannot malloc overflow_stack addresses\n");
++
++ ms->overflow_stack_size = ARM64_OVERFLOW_STACK_SIZE;
++ machdep->flags |= OVERFLOW_STACKS;
++
++ for (i = 0; i < kt->cpus; i++)
++ ms->overflow_stacks[i] = kt->__per_cpu_offset[i] + sp->value;
++ }
++}
++
+ /*
+ * Gather and verify all of the backtrace requirements.
+ */
+@@ -1960,6 +2009,7 @@ static char *arm64_exception_functions[] = {
+ "do_mem_abort",
+ "do_el0_irq_bp_hardening",
+ "do_sp_pc_abort",
++ "handle_bad_stack",
+ NULL
+ };
+
+@@ -1978,7 +2028,10 @@ arm64_in_exception_text(ulong ptr)
+ if ((ptr >= ms->__exception_text_start) &&
+ (ptr < ms->__exception_text_end))
+ return TRUE;
+- } else if ((name = closest_symbol(ptr))) { /* Linux 5.5 and later */
++ }
++
++ name = closest_symbol(ptr);
++ if (name != NULL) { /* Linux 5.5 and later */
+ for (func = &arm64_exception_functions[0]; *func; func++) {
+ if (STREQ(name, *func))
+ return TRUE;
+@@ -2252,15 +2305,14 @@ arm64_unwind_frame(struct bt_info *bt, struct arm64_stackframe *frame)
+ if ((frame->fp == 0) && (frame->pc == 0))
+ return FALSE;
+
+- if (!(machdep->flags & IRQ_STACKS))
+- return TRUE;
+-
+- if (!(machdep->flags & IRQ_STACKS))
++ if (!(machdep->flags & (IRQ_STACKS | OVERFLOW_STACKS)))
+ return TRUE;
+
+ if (machdep->flags & UNW_4_14) {
+- if ((bt->flags & BT_IRQSTACK) &&
+- !arm64_on_irq_stack(bt->tc->processor, frame->fp)) {
++ if (((bt->flags & BT_IRQSTACK) &&
++ !arm64_on_irq_stack(bt->tc->processor, frame->fp)) ||
++ ((bt->flags & BT_OVERFLOW_STACK) &&
++ !arm64_on_overflow_stack(bt->tc->processor, frame->fp))) {
+ if (arm64_on_process_stack(bt, frame->fp)) {
+ arm64_set_process_stack(bt);
+
+@@ -2677,6 +2729,9 @@ arm64_back_trace_cmd(struct bt_info *bt)
+ if (arm64_on_irq_stack(bt->tc->processor, bt->frameptr)) {
+ arm64_set_irq_stack(bt);
+ bt->flags |= BT_IRQSTACK;
++ } else if (arm64_on_overflow_stack(bt->tc->processor, bt->frameptr)) {
++ arm64_set_overflow_stack(bt);
++ bt->flags |= BT_OVERFLOW_STACK;
+ }
+ stackframe.sp = bt->stkptr;
+ stackframe.pc = bt->instptr;
+@@ -2731,7 +2786,9 @@ arm64_back_trace_cmd(struct bt_info *bt)
+ break;
+
+ if (arm64_in_exception_text(bt->instptr) && INSTACK(stackframe.fp, bt)) {
+- if (!(bt->flags & BT_IRQSTACK) ||
++ if (bt->flags & BT_OVERFLOW_STACK) {
++ exception_frame = stackframe.fp - KERN_EFRAME_OFFSET;
++ } else if (!(bt->flags & BT_IRQSTACK) ||
+ ((stackframe.sp + SIZE(pt_regs)) < bt->stacktop)) {
+ if (arm64_is_kernel_exception_frame(bt, stackframe.fp - KERN_EFRAME_OFFSET))
+ exception_frame = stackframe.fp - KERN_EFRAME_OFFSET;
+@@ -2745,6 +2802,12 @@ arm64_back_trace_cmd(struct bt_info *bt)
+ break;
+ }
+
++ if ((bt->flags & BT_OVERFLOW_STACK) &&
++ !arm64_on_overflow_stack(bt->tc->processor, stackframe.fp)) {
++ bt->flags &= ~BT_OVERFLOW_STACK;
++ if (arm64_switch_stack_from_overflow(bt, &stackframe, ofp) == USER_MODE)
++ break;
++ }
+
+ level++;
+ }
+@@ -3131,6 +3194,43 @@ arm64_switch_stack(struct bt_info *bt, struct arm64_stackframe *frame, FILE *ofp
+ return KERNEL_MODE;
+ }
+
++static int
++arm64_switch_stack_from_overflow(struct bt_info *bt, struct arm64_stackframe *frame, FILE *ofp)
++{
++ int i;
++ ulong stacktop, words, addr;
++ ulong *stackbuf;
++ char buf[BUFSIZE];
++ struct machine_specific *ms = machdep->machspec;
++
++ if (bt->flags & BT_FULL) {
++ stacktop = ms->overflow_stacks[bt->tc->processor] + ms->overflow_stack_size;
++ words = (stacktop - bt->bptr) / sizeof(ulong);
++ stackbuf = (ulong *)GETBUF(words * sizeof(ulong));
++ readmem(bt->bptr, KVADDR, stackbuf, words * sizeof(long),
++ "top of overflow stack", FAULT_ON_ERROR);
++
++ addr = bt->bptr;
++ for (i = 0; i < words; i++) {
++ if (!(i & 1))
++ fprintf(ofp, "%s %lx: ", i ? "\n" : "", addr);
++ fprintf(ofp, "%s ", format_stack_entry(bt, buf, stackbuf[i], 0));
++ addr += sizeof(ulong);
++ }
++ fprintf(ofp, "\n");
++ FREEBUF(stackbuf);
++ }
++ fprintf(ofp, "--- <Overflow stack> ---\n");
++
++ if (frame->fp == 0)
++ return USER_MODE;
++
++ if (!(machdep->flags & UNW_4_14))
++ arm64_print_exception_frame(bt, frame->sp, KERNEL_MODE, ofp);
++
++ return KERNEL_MODE;
++}
++
+ static int
+ arm64_get_dumpfile_stackframe(struct bt_info *bt, struct arm64_stackframe *frame)
+ {
+@@ -3682,6 +3782,16 @@ arm64_display_machine_stats(void)
+ machdep->machspec->irq_stacks[i]);
+ }
+ }
++ if (machdep->machspec->overflow_stack_size) {
++ fprintf(fp, "OVERFLOW STACK SIZE: %ld\n",
++ machdep->machspec->overflow_stack_size);
++ fprintf(fp, " OVERFLOW STACKS:\n");
++ for (i = 0; i < kt->cpus; i++) {
++ pad = (i < 10) ? 3 : (i < 100) ? 2 : (i < 1000) ? 1 : 0;
++ fprintf(fp, "%s CPU %d: %lx\n", space(pad), i,
++ machdep->machspec->overflow_stacks[i]);
++ }
++ }
+ }
+
+ static int
+@@ -3875,24 +3985,41 @@ arm64_on_process_stack(struct bt_info *bt, ulong stkptr)
+ }
+
+ static int
+-arm64_on_irq_stack(int cpu, ulong stkptr)
++arm64_in_alternate_stackv(int cpu, ulong stkptr, ulong *stacks, ulong stack_size)
+ {
+- return arm64_in_alternate_stack(cpu, stkptr);
++ if ((cpu >= kt->cpus) || (stacks == NULL) || !stack_size)
++ return FALSE;
++
++ if ((stkptr >= stacks[cpu]) &&
++ (stkptr < (stacks[cpu] + stack_size)))
++ return TRUE;
++
++ return FALSE;
+ }
+
+ static int
+ arm64_in_alternate_stack(int cpu, ulong stkptr)
++{
++ return (arm64_on_irq_stack(cpu, stkptr) ||
++ arm64_on_overflow_stack(cpu, stkptr));
++}
++
++static int
++arm64_on_irq_stack(int cpu, ulong stkptr)
+ {
+ struct machine_specific *ms = machdep->machspec;
+
+- if (!ms->irq_stack_size || (cpu >= kt->cpus))
+- return FALSE;
++ return arm64_in_alternate_stackv(cpu, stkptr,
++ ms->irq_stacks, ms->irq_stack_size);
++}
+
+- if ((stkptr >= ms->irq_stacks[cpu]) &&
+- (stkptr < (ms->irq_stacks[cpu] + ms->irq_stack_size)))
+- return TRUE;
++static int
++arm64_on_overflow_stack(int cpu, ulong stkptr)
++{
++ struct machine_specific *ms = machdep->machspec;
+
+- return FALSE;
++ return arm64_in_alternate_stackv(cpu, stkptr,
++ ms->overflow_stacks, ms->overflow_stack_size);
+ }
+
+ static void
+@@ -3905,6 +4032,16 @@ arm64_set_irq_stack(struct bt_info *bt)
+ alter_stackbuf(bt);
+ }
+
++static void
++arm64_set_overflow_stack(struct bt_info *bt)
++{
++ struct machine_specific *ms = machdep->machspec;
++
++ bt->stackbase = ms->overflow_stacks[bt->tc->processor];
++ bt->stacktop = bt->stackbase + ms->overflow_stack_size;
++ alter_stackbuf(bt);
++}
++
+ static void
+ arm64_set_process_stack(struct bt_info *bt)
+ {
+diff --git a/defs.h b/defs.h
+index 43eff46b105d..caaa11e50c87 100644
+--- a/defs.h
++++ b/defs.h
+@@ -3218,6 +3218,7 @@ typedef signed int s32;
+ #define UNW_4_14 (0x200)
+ #define FLIPPED_VM (0x400)
+ #define HAS_PHYSVIRT_OFFSET (0x800)
++#define OVERFLOW_STACKS (0x1000)
+
+ /*
+ * Get kimage_voffset from /dev/crash
+@@ -3260,6 +3261,7 @@ typedef signed int s32;
+
+ #define ARM64_STACK_SIZE (16384)
+ #define ARM64_IRQ_STACK_SIZE ARM64_STACK_SIZE
++#define ARM64_OVERFLOW_STACK_SIZE (4096)
+
+ #define _SECTION_SIZE_BITS 30
+ #define _SECTION_SIZE_BITS_5_12 27
+@@ -3332,6 +3334,9 @@ struct machine_specific {
+ char *irq_stackbuf;
+ ulong __irqentry_text_start;
+ ulong __irqentry_text_end;
++ ulong overflow_stack_size;
++ ulong *overflow_stacks;
++ char *overflow_stackbuf;
+ /* for exception vector code */
+ ulong exp_entry1_start;
+ ulong exp_entry1_end;
+@@ -5778,6 +5783,7 @@ ulong cpu_map_addr(const char *type);
+ #define BT_CPUMASK (0x1000000000000ULL)
+ #define BT_SHOW_ALL_REGS (0x2000000000000ULL)
+ #define BT_REGS_NOT_FOUND (0x4000000000000ULL)
++#define BT_OVERFLOW_STACK (0x8000000000000ULL)
+ #define BT_SYMBOL_OFFSET (BT_SYMBOLIC_ARGS)
+
+ #define BT_REF_HEXVAL (0x1)
+--
+2.30.2
+
diff --git a/SOURCES/0002-defs.h-fix-breakage-of-compatibility-of-struct-symbo.patch b/SOURCES/0002-defs.h-fix-breakage-of-compatibility-of-struct-symbo.patch
new file mode 100644
index 0000000..1415a8c
--- /dev/null
+++ b/SOURCES/0002-defs.h-fix-breakage-of-compatibility-of-struct-symbo.patch
@@ -0,0 +1,41 @@
+From a0eec39c14ee1db95a6c1a649a8f69b97e260dc6 Mon Sep 17 00:00:00 2001
+From: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
+Date: Wed, 8 Dec 2021 12:07:34 +0000
+Subject: [PATCH 2/2] defs.h: fix breakage of compatibility of struct
+ symbol_table_data for extension modules
+
+Commit <3ab39203ddd9> ("symbols: Implement install and remove operations
+for mod_symname_hash") added new member variable mod_symname_hash in the
+middle of struct symbol_table_date, which breaks compatibility of struct
+symbol_table_data for extension modules. As the result, crash trace command
+results in segmentation fault.
+
+Fixes: 3ab39203ddd9 ("symbols: Implement install and remove operations for mod_symname_hash")
+Signed-off-by: HATAYAMA Daisuke <d.hatayama@fujitsu.com>
+---
+ defs.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/defs.h b/defs.h
+index caaa11e50c87..41b6cbc6cc85 100644
+--- a/defs.h
++++ b/defs.h
+@@ -2753,7 +2753,6 @@ struct symbol_table_data {
+ double val_hash_searches;
+ double val_hash_iterations;
+ struct syment *symname_hash[SYMNAME_HASH];
+- struct syment *mod_symname_hash[SYMNAME_HASH];
+ struct symbol_namespace kernel_namespace;
+ struct syment *ext_module_symtable;
+ struct syment *ext_module_symend;
+@@ -2780,6 +2779,7 @@ struct symbol_table_data {
+ ulong kaiser_init_vmlinux;
+ int kernel_symbol_type;
+ ulong linux_banner_vmlinux;
++ struct syment *mod_symname_hash[SYMNAME_HASH];
+ };
+
+ /* flags for st */
+--
+2.30.2
+
diff --git a/SPECS/crash.spec b/SPECS/crash.spec
index b187d45..efcdfd2 100644
--- a/SPECS/crash.spec
+++ b/SPECS/crash.spec
@@ -4,7 +4,7 @@
Summary: Kernel analysis utility for live systems, netdump, diskdump, kdump, LKCD or mcore dumpfiles
Name: crash
Version: 7.3.1
-Release: 2%{?dist}
+Release: 3%{?dist}
License: GPLv3
Group: Development/Debuggers
Source0: https://github.com/crash-utility/crash/archive/crash-%{version}.tar.gz
@@ -19,6 +19,8 @@ Provides: bundled(gdb) = 7.6
Patch0: lzo_snappy_zstd.patch
Patch1: rhel8_build.patch
Patch2: rhel8_freepointer.patch
+Patch3: 0001-arm64-Support-overflow-stack-panic.patch
+Patch4: 0002-defs.h-fix-breakage-of-compatibility-of-struct-symbo.patch
%description
The core analysis suite is a self-contained tool that can be used to
@@ -42,6 +44,8 @@ offered by Mission Critical Linux, or the LKCD kernel patch.
%patch0 -p1 -b lzo_snappy_zstd.patch
%patch1 -p1 -b rhel8_build.patch
%patch2 -p1 -b rhel8_freepointer.patch
+%patch3 -p1
+%patch4 -p1
%build
cp %{SOURCE1} .
@@ -72,6 +76,10 @@ rm -rf %{buildroot}
%{_includedir}/*
%changelog
+* Mon Dec 13 2021 Lianbo Jiang <lijiang@redhat.com> - 7.3.1-3
+- Fix segmentation fault caused by crash extension modules
+- Support the overflow stack exception handling on aarch64
+
* Tue Dec 07 2021 Lianbo Jiang <lijiang@redhat.com> - 7.3.1-2
- Enable ZSTD feature support