SuperDump is an automated crash-dump analysis service designed to simplify and accelerate the initial assessment of Windows (.dmp) and Linux (.core) crash dumps for developers. It offers a web and REST interface for uploading dumps, providing detailed reports, and enabling interactive debugging sessions without requiring local installation of analysis tools.

How It Works

SuperDump leverages CLRMD for .NET analysis and integrates with WinDbg (via cdb.exe) and GDB for interactive debugging sessions through browser-based terminals. For Windows dumps, it automatically runs WinDbg commands and DebugDiag, generating .json reports with stack traces, loaded modules, and memory analysis. Linux core dumps require specific archive formats including system libraries for symbol resolution. Analysis results can be pushed to Elasticsearch for statistics and notifications can be sent via Slack.

Quick Start & Requirements

• Docker: docker run -d -p 80:5000 -v superdump:C:\superdump\data\dumps discostu105/superdump (Access via container IP:80 due to Docker networking).
• Prerequisites: Windows Containers enabled for Docker, Visual Studio 2019, .NET 5, .NET Framework 4.8 (developer pack), NPM, Bower, Git, DebugDiag, Windows Debugging Tools (for interactive mode). Linux analysis requires libunwind and gdb.
• Setup: Building requires Visual Studio and several dependencies. Running via Docker is simpler but has networking caveats.
• Demo: https://youtu.be/XdyDjkW8MDk

Highlighted Details

• Web-based interactive debugging sessions for both Windows (WinDbg) and Linux (GDB).
• Automated analysis including stack traces, loaded modules, memory analysis, exception detection, and deadlock detection.
• Optional LDAP or Token authentication with role-based access control.
• Elasticsearch integration for crash dump statistics and Slack notifications.

Maintenance & Community

• Created as an internship project at Dynatrace, now community-supported.
• Feedback, tickets, and PRs are welcome.
• Future ideas include pluggable analyzers and a worker-based architecture for better scalability (e.g., Kubernetes deployment).

Licensing & Compatibility

• MIT License.
• Generally compatible with commercial and closed-source applications, but the project is intended for internal use and not as a publicly hosted service.

Limitations & Caveats

The interactive mode is not sandboxed, posing a security risk if the debugger process is escaped. Uploading executables is not restricted, potentially allowing remote code execution. There is no access control between users who upload dumps, meaning users with 'User' roles can access other users' dumps. Dynatrace-specific stack frame detection is included. Test coverage is low, and CI is not automated.