mattwarren/CLRMD-Based-Tools.md Secret

## CLRMD-Based-Tools.md

      
    Raw
  

              CLRMD-Based-Tools.md
            
          
    Criteria:

Tools that replace some (or all) of the functionality of WinDBG

as WinDBG isn't always easy to use! (Note to self: careful what you tweet, the WinDBG Product Manager might read your tweets and get a bit upset!!)


Based on CLRMD

this is probably 'goes without saying' as AFAIK it's the only way to re-implement what WinDBG does?
actually you can use the underlying COM interfaces directly
Note: these tools are not x-plat, because CLRMD is Windows-only. For x-plat options see Analyzing a .NET Core Core Dump on Linux


The List

✅ = definately using ClrMD
Also see this Twitter thread

DumpMiner (GitHub) ✅

UI tool for playing with ClrMD


SuperDump (GitHub) ✅

A service for automated crash-dump analysis (presentation)


msos (GitHub) ✅

Command-line environment a-la WinDbg for executing SOS commands without having SOS available.


DebugDiag

The DebugDiag tool is designed to assist in troubleshooting issues such as hangs, slow performance, memory leaks or memory fragmentation, and crashes in any user-mode process (now with 'CLRMD Integration')


MemoScope.Net (GitHub) ✅

A tool to analyze .Net process memory: it can dump an application's memory in a file and read it later. The dump file contains all data (objects) and threads (state, stack, call stack). MemoScope.Net will analyze the data and help you to find memory leaks and deadlocks


dnSpy (GitHub) ✅

.NET debugger and assembly editor


TUNE (GitHub) ✅

The Ultimate .NET Experiment (Tune) as its purpose is to learn .NET internals and performance tuning by experiments with C# code.


SharpLab (GitHub) ✅

SharpLab is a .NET code playground that shows intermediate steps and results of code compilation
Nice new feature! https://twitter.com/ashmind/status/894058159223955456


MemAnalyzer (GitHub) ✅

is a command line memory analysis tool for managed code. It can show which objects use most space on the managed heap just like !DumpHeap from Windbg without the need to install and attach a debugger.


Shed (GitHub) by https://twitter.com/s4tan ✅

Shed is an application that allow to inspect the .NET runtime of a program in order to extract useful information. It can be used to inspect malicious applications in order to have a first general overview of which information are stored once that the malware is executed. Shed is able to:

Extract all objects stored in the managed heap
Print strings stored in memory
Save the snapshot of the heap in a JSON format for post-processing
Dump all modules that are loaded in memory


netext (GitHub) ✅

WinDBG application that makes .NET debugging much easier as compared to the current options: sos or psscor


Trace CLI (GitHub)

A production debugging and tracing tool
Uses the .NET Debugging APIs


SOSEX (might not be developed any more)

... a debugging extension for managed code that begins to alleviate some of my frustrations with SOS


Also
http://labs.criteo.com/2017/09/extending-new-windbg-part-1-buttons-commands/
http://labs.criteo.com/2018/01/extending-new-windbg-part-2-tool-windows-command-output/
https://github.com/kevingosse/windbg-extensions
https://github.com/rodneyviana/netext
Question: what remaining SOS commands need to be ported to Linux/OS X #8363
ObjectLayoutInspector by Sergey Teplyakov:

There is no official documentation about fields layout because the CLR authors reserved the right to change it in the future. But knowledge about the layout can be helpful if you're curious or if you're working on a performance critical application.
How can we inspect the layout? We can look at a raw memory in Visual Studio or use !dumpobj command in SOS Debugging Extension. These approaches are tedious and boring, so we'll try to write a tool that will print an object layout at runtime.