Skip to content

IOS / IOS-XE を意図的にクラッシュさせる隠しコマンド「test crash」

Cisco IOS / IOS-XE は意図的に「クラッシュしたように見せかけてルータを再起動する」為の隠しコマンドがあります。 これは実際にルータが再起動してしまう為、本番環境での利用は絶対に NG です。 「クラッシュ時のトラブルシューティング練習用」として、検証環境でのみ利用すべきです。 今回はこの「意図的なクラッシュ」の実行方法をメモしておきます。 今回は以下の環境で実行しました。

  • IOS 15.9(3)M4
  • IOS-XE 17.09.01a

尚、NX-OS や ASA に類似のコマンドは存在しないようです。

test crash」隠しコマンド

クラッシュは test crash コマンドで実行します。 但し、これは隠しコマンドである為、通常は CLI の補完候補に表示されません。

1
2
Router# test cr?
crypto

フルスペルで入力すれば ? 入力時に <CR> が表示され、実行可能であることが分かります。

1
2
Router# test crash ?
  <cr>  <cr>

余談ですが IOS-XE 16.8 以降の隠しコマンドの扱いについて で IOS-XE について言及されていますが、IOS / IOS-XE ともに現在は隠しコマンドを表示したい場合に service internal 設定を投入しておく必要があります。 ですが、test crashservice internal が設定されていてもコマンドの候補には表示されません。

1
2
3
4
5
6
7
Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# service internal
Router(config)# exit
Router#
Router# test cr?
crypto

実際にクラッシュさせる

例えば 5 (Jump to zero) でクラッシュさようと 5 を入力しても、「先に C を入力しろ」と表示され、クラッシュしません。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Router# test crash
WARNING: Command selections marked with '(crash router)' will crash
         router when issued. However a selection 'C' will need to
         be issued IMMEDIATELY before these selections to enable them.


Type the number for the selected crash:
--------------------------------------
 1  (crash router) Bus Error, due to invalid address access
 2  (crash router) Bus Error, due to parity error in Main memory
 3  (crash router) Bus Error, due to parity error in I/O memory
 4  (crash router) Address Error, due to fetching code from odd address
 5  (crash router) Jump to zero
 6  (crash router) Software forced crash
 7  (crash router) Illegal read of address zero
 8  (crash router) Divide by zero
 9  (crash router) Corrupt memory
 C  Enable crash router selection marked with (crash router)
 R  (crash router) User enter read bus error address
 U  (crash router) User enter write bus error address
 W  (crash router) Software watchdog timeout (*** Watch Dog Timeout ***)
 w  (crash router) Process watchdog timeout (SYS-2-WATCHDOG)
 x  Exit crash menu
? 5

**Need to enter 'C' to enable crash test first

その為、まず C を入力した後、5 を入力します。 これでクラッシュします。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Type the number for the selected crash:
--------------------------------------
 1  (crash router) Bus Error, due to invalid address access
 2  (crash router) Bus Error, due to parity error in Main memory
 3  (crash router) Bus Error, due to parity error in I/O memory
 4  (crash router) Address Error, due to fetching code from odd address
 5  (crash router) Jump to zero
 6  (crash router) Software forced crash
 7  (crash router) Illegal read of address zero
 8  (crash router) Divide by zero
 9  (crash router) Corrupt memory
 C  Enable crash router selection marked with (crash router)
 R  (crash router) User enter read bus error address
 U  (crash router) User enter write bus error address
 W  (crash router) Software watchdog timeout (*** Watch Dog Timeout ***)
 w  (crash router) Process watchdog timeout (SYS-2-WATCHDOG)
 x  Exit crash menu
? C


Type the number for the selected crash:
--------------------------------------
 1  (crash router) Bus Error, due to invalid address access
 2  (crash router) Bus Error, due to parity error in Main memory
 3  (crash router) Bus Error, due to parity error in I/O memory
 4  (crash router) Address Error, due to fetching code from odd address
 5  (crash router) Jump to zero
 6  (crash router) Software forced crash
 7  (crash router) Illegal read of address zero
 8  (crash router) Divide by zero
 9  (crash router) Corrupt memory
 C  Enable crash router selection marked with (crash router)
 R  (crash router) User enter read bus error address
 U  (crash router) User enter write bus error address
 W  (crash router) Software watchdog timeout (*** Watch Dog Timeout ***)
 w  (crash router) Process watchdog timeout (SYS-2-WATCHDOG)
 x  Exit crash menu
? 5
Jumping to address 0x0 (Null pointer) ...

IOS-XE で再起動後、show version を確認したところ、Last reload reason は以下のように表示されました。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
Router# show version
(snip)
ROM: IOS-XE ROMMON

Router uptime is 0 minutes
Uptime for this control processor is 2 minutes
System returned to ROM by reload
System image file is "bootflash:packages.conf"
Last reload reason: Critical software exception, system report at bootflash:core/2-c8kv-system-report_20230114-214906-JST.tar.gz
(snip)

クラッシュ一覧

選択可能なクラッシュの種類は IOS と IOS-XE で異なります。 各々、選択可能なメニューを引用しておきます。

IOS 15.9(3)M4

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Router# test crash
WARNING: Command selections marked with '(crash router)' will crash
         router when issued. However a selection 'C' will need to
         be issued IMMEDIATELY before these selections to enable them.


Type the number for the selected crash:
--------------------------------------
 1  (crash router) Bus Error, due to invalid address access
 2  (crash router) Bus Error, due to parity error in Main memory
 3  (crash router) Bus Error, due to parity error in I/O memory
 4  (crash router) Address Error, due to fetching code from odd address
 5  (crash router) Jump to zero
 6  (crash router) Software forced crash
 7  (crash router) Illegal read of address zero
 8  (crash router) Divide by zero
 9  (crash router) Corrupt memory
 C  Enable crash router selection marked with (crash router)
 R  (crash router) User enter read bus error address
 U  (crash router) User enter write bus error address
 W  (crash router) Software watchdog timeout (*** Watch Dog Timeout ***)
 w  (crash router) Process watchdog timeout (SYS-2-WATCHDOG)
 x  Exit crash menu
?

IOS-XE 17.09.01a

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Router# test crash

WARNING: Command selections marked with '(crash router)' will crash
         router when issued. However a selection 'C' will need to
         be issued IMMEDIATELY before these selections to enable them.


Type the number for the selected crash:
--------------------------------------
 1  (crash router) Bus Error, due to invalid address access
 2  (crash router) Bus Error, due to parity error in Main memory
 3  (crash router) Bus Error, due to parity error in I/O memory
 4  (crash router) Address Error, due to fetching code from odd address
 5  (crash router) Jump to zero
 6  (crash router) Software forced crash
 7  (crash router) Illegal read of address zero
 8  (crash router) Divide by zero
 9  (crash router) Corrupt memory
 A  (crash router) Test assert() failure
 C  Enable crash router selection marked with (crash router)
 D  (crash router) Via duplicate free()
 P  (crash router) Test assert_production() failure
 R  (crash router) User enter read bus error address
 U  (crash router) User enter write bus error address
 W  (crash router) Software watchdog timeout (*** Watch Dog Timeout ***)
 w  (crash router) Process watchdog timeout (SYS-2-WATCHDOG)
 d  Disable crashinfo collection
 e  Enable crashinfo collection
 i  Display contents of current crashinfo flash file
 m  Write crashinfo on crashinfo RAM
 n  Change crashinfo flash file name
 q  Exit crash menu
 s  Save crashinfo to current crashinfo flash file
 c  Close current crashinfo flash file
 t  Write crashinfo on console TTY
 N  Register/deregister from crashinfo interesting addr notification service
 I  (crash router) Cause exception, while refering to data for interesting address notify
 X  (crash router) Execute bit checks
 x  Exit crash menu
?
Jan 14 21:27:07.942: %PARSER-5-HIDDEN: Warning!!! ' test crash ' is a hidden command. Use of this command is not recommended/supported and will be removed in future.