Casr: crash analysis and severity reporting tool
Casr creates automatic reports for crashes happened during program testing or deployment. The tool works by analyz-ing Linux coredump files. The resulting reports contain the crash’s severity and additional data that is helpful for pin-pointing the error cause.
Features and advantages
Casr solves the same problem as Apport, an open source system, but in contrast with it, Casr estimates a crash’s sever-ity and provides a list of open files and network connections at a crash time.
- Detecting critical program faults that can lead to hijacking control flow.
- Classifying crashes into one of 23 classes based on a pro-gram state at a crash time (function return address corruption, null pointer dereference etc.). Fatal errors are further grouped based on severity, such as exploitable, potentially exploitable, or denial of service errors.
- Collecting a list of open files and network connections that could be the reason of a crash.
- An extended crash report containing the fatal error’s severity and other data (OS and package versions, executed com-mand line, call stack, open files and network connections, register state etc.).
- Reports for hard to reproduce crashes such as non-determin-istic errors, cases when the original execution environment is hard or impossible to reconstruct etc.).
- Integration with monitoring tools (such as Zabbix) that allows system administrators and devops to receive on the fly notifi-cations about critical program crashes.
Who is Casr target audience?
- Companies that need to receive the data regarding user-de-ployed programs’ crashes to develop high reliability and security software.
- Companies that need to certify the developed software.
- Certification laboratories.
Casr deployment stories
Casr is deployed in a number of Russian companies and ven-dors as an add-on tool to ISP Crusher. Casr will be included in the Crusher distribution within the next two years.
Linux-based OS for x86, x86-64, or ARMv7. Casr can be de-ployed as a deb package.