Crash Handling System
The Crash Handling System is a crucial component of the system diagnostic and troubleshooting process. It allows for the collection and analysis of critical information when a system experiences a crash or unexpected failure. Two key artifacts used in this process are coredumps and SOS-Reports.
Coredump
A coredump is a file that contains the memory image of a process when it encounters a fatal error or crashes. It captures the state of the process, including its memory contents, registers, and stack trace. The coredump serves as a valuable resource for post-mortem analysis to identify the root cause of the crash. It provides insights into the specific memory locations and code execution paths that led to the failure.
SOS-Report
An SOS-Report, is a comprehensive snapshot of system information and configuration settings at the time of a crash. It includes various logs, kernel parameters, network configuration, hardware details, and other relevant diagnostic data. The SOS-Report provides a holistic view of the system’s state, aiding in troubleshooting and identifying potential issues that may have contributed to the crash.
It is important to exercise caution when handling SOS-Reports, as they may contain sensitive information. Before sharing an SOS-Report with the support team or any external party, it is essential to review its contents and ensure that no sensitive or confidential data is included. Sensitive data may include passwords, IP addresses, customer-specific information, or any other data that should not be disclosed. Removing or obfuscating sensitive data helps protect the privacy and security of the system and its users.
To review an SOS-Report for sensitive data, carefully examine the report’s content, such as log files and system configuration files. Ensure that any sensitive information is appropriately redacted or removed. It is advisable to follow established data protection guidelines and internal security policies while handling and sharing SOS-Reports.
CLI
- show crashinfo
The command is used to display information about system crashes or failures that have occurred on a device. It provides details about the crash, including the time of the crash and the program that has crashed.
Example:
- copy crashinfo: sftp:
The command is used to copy crash information files from a local device to a remote server using the Secure File Transfer Protocol (SFTP).
Note
sftp URI is: sftp:[user]:[password]@[host]:[path].
Note
crashinfo URI is: crashinfo:[index].
Examples:
soodar# ! copy second crashinfo with full URI soodar# copy crashinfo:2 sftp:john:1234@test:/data/crashinfo Address or name of remote host [test]? Remote host user [john]? Remote host password [*****]? Remote path [/data/crashinfo]? Index to export [2]? soodar# ! copy crashinfo without providing anything soodar# copy crashinfo: sftp: Address or name of remote host [192.168.1.1]? Remote host user [admin]? Remote host password [admin]? Remote path [/home/admin]? Index to export [-1]?
- delete crashinfo:
The command is used to delete crash-related files stored in the crashinfo directory on a device.
Note
crashinfo URI is: crashinfo:[index].
Note
index 0 means every crashinfo, so using this index with delete( or copy) command will remove( or export) all crashes.