场景

如果虚拟机没有开启kdump，或者卡死了，那么可以进入qemu的monitor模式将虚机的内存保存到文件中，然后使用crash工具进行分析。

示例

• 启动虚拟机，然后按ctrl+a c进入monitor，查看帮助

(qemu) help dump-guest-memory
dump-guest-memory [-p] [-d] [-z|-l|-s|-w] filename [begin length] -- dump guest memory into file 'filename'.
                        -p: do paging to get guest's memory mapping.
                        -d: return immediately (do not wait for completion).
                        -z: dump in kdump-compressed format, with zlib compression.
                        -l: dump in kdump-compressed format, with lzo compression.
                        -s: dump in kdump-compressed format, with snappy compression.
                        -w: dump in Windows crashdump format (can be used instead of ELF-dump converting),
                            for Windows x64 guests with vmcoreinfo driver only.
                        begin: the starting physical address.
                        length: the memory size, in bytes.

• 保存虚机的全部内存，采用zlib压缩

(qemu) dump-guest-memory -z guest.img

$ ls -lh guest.img
-rwxrwxrwx 1 root root 241M Sep 22 05:17 guest.img

• 使用crash工具进行分析

$ crash guest.img linux-6.2/vmlinux

crash 8.0.3
Copyright (C) 2002-2022  Red Hat, Inc.
Copyright (C) 2004, 2005, 2006, 2010  IBM Corporation
Copyright (C) 1999-2006  Hewlett-Packard Co
Copyright (C) 2005, 2006, 2011, 2012  Fujitsu Limited
Copyright (C) 2006, 2007  VA Linux Systems Japan K.K.
Copyright (C) 2005, 2011, 2020-2022  NEC Corporation
Copyright (C) 1999, 2002, 2007  Silicon Graphics, Inc.
Copyright (C) 1999, 2000, 2001, 2002  Mission Critical Linux, Inc.
Copyright (C) 2015, 2021  VMware, Inc.
This program is free software, covered by the GNU General Public License,
and you are welcome to change it and/or distribute copies of it under
certain conditions.  Enter "help copying" to see the conditions.
This program has absolutely no warranty.  Enter "help warranty" for details.

GNU gdb (GDB) 10.2
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...

please wait... (determining panic task)
      KERNEL: linux-6.2/vmlinux
    DUMPFILE: guest.img  [PARTIAL DUMP]
        CPUS: 8
        DATE: Fri Sep 22 05:16:53 PDT 2023
      UPTIME: 00:01:12
LOAD AVERAGE: 0.39, 0.14, 0.05
       TASKS: 181
    NODENAME: ubuntu-vm
     RELEASE: 6.2.0+
     VERSION: #4 SMP PREEMPT_DYNAMIC Mon Aug 14 02:28:01 PDT 2023
     MACHINE: x86_64  (3194 Mhz)
      MEMORY: 8 GB
       PANIC: ""
         PID: 0
     COMMAND: "swapper/0"
        TASK: ffffffff8362cac0  (1 of 8)  [THREAD_INFO: ffffffff8362cac0]
         CPU: 0
       STATE: TASK_RUNNING (ACTIVE)
     WARNING: panic task not found

crash>

查看dmesg：

crash> dmesg
[    0.000000] Linux version 6.2.0+ (pengdl@ubuntu) (gcc (Ubuntu 8.4.0-3ubuntu2) 8.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #4 SMP PREEMPT_DYNAMIC Mon Aug 14 02:28:01 PDT 2023
[    0.000000] Command line: noinitrd rootfstype=ext4 root=/dev/vda rw console=ttyS0 crashkernel=1G  nokaslr
[    0.000000] x86/fpu: x87 FPU will use FXSAVE
[    0.000000] signal: max sigframe size: 1440
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdcfff] usable
[    0.000000] BIOS-e820: [mem 0x00000000bffdd000-0x00000000bfffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000023fffffff] usable
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[    0.000000] Hypervisor detected: KVM
[    0.000000] kvm-clock: Using msrs 4b564d01 and 4b564d00
[    0.000004] kvm-clock: using sched offset of 1180034822 cycles
[    0.000009] clocksource: kvm-clock: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns
[    0.000040] tsc: Detected 3194.004 MHz processor
[    0.001718] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
...

本栏目推荐文章
• ThreadLocal真的会造成内存泄漏吗？
• 数组内存图
• C++ 单例模式以及内存管理
• JVM内存参数设置
• 【C语言】动态内存申请，堆空间与栈空间差异
• 虚拟化与大页内存与numa
• 如何为进程创建DUMP文件
• Prometheus监控k8s集群节点主机内存/CPU使用率
• 生成 core_dump 文件。
• Prometheus监控容器内pod节点内存/CPU使用率

内存 crash qemu dump内存crash qemu dump window crash dump 布局 物理 内存crash 内存netcore docker dump crash crashed crashing qemu crash信息slub temporarily notebook exceeded crashing