Actually, this is fairly easy to diagnose. You are ripping everything out from underneath the kernel in memory. All it takes is a reference to a shared library, a spawn of a network daemon from inetd or simply the end of the client program which returns to the kernel. The details of what happens at that moment are dependent on the amount of RAM, the model of the computer, the version of various patches, and so on. I would expect exactly this behavior from most large scale systems.
My question is: why do you (or the customer) care about a program crash? The OS has been destroyed on the disk so the job is done. If you really want a clean shutdown then you'll need to write a memory resident piece of code (really difficult since there is no OS) and boot this code off a CD or tape. I know of no practical way to make this work cleanly, especially for something that appears to be using networking (SSL).
If the customer wants 'official' confirmation that the wipe is complete, the display of the message would never be adequate for me. I would have to try to boot off all the installed disks before I was sure the disks were at least partially wiped. The only traceable method would be to move the disks to another server, wipe them and then use dd to read selected tracks. It all depends on what the security requirements might be.
Bill Hassell, sysadmin
