Last week I was teaching unmanaged code debugging to one of my customers. They were using 32-bit applications on 64-bit servers, which does create some unique problems. For example, capturing a ‘hang’ dump using right click on the Task Manager –> Processes list, will create a ‘64-bit dump’ (if that makes sense 
) and the stacks visible by default will be that of the wow64 emulation layer, which in turn cause problems for regular commands, debugging extensions like PSSCOR / SOS and even for some of the inbuilt extensions.
So here is a comprehensive listing of what happens when you use a specific style of capturing a dump / ETW log / using other tools. A similar themed post on all the tools we have is here.
|
32-bit OS + 32-bit application |
64-bit OS + 32-bit application (i.e. WOW64) |
64-bit OS + 64-bit application |
|
|
Production Live Debugging |
Attach 32-bit WinDbg / CDB | Attach 32-bit WinDbg / CDB | Attach 64-bit WinDbg / CDB |
|
Gathering a ‘hang’ dump * |
1. Use ProcDump, preferably with –r switch
2. Use the Processes tab in DebugDiag 3. Use the 32-bit WinDbg / CDB in non-invasive mode and issue the .dump command |
1. Use ProcDump, preferably with –r switch
2. Use the Processes tab in DebugDiag 3. Use the 32-bit WinDbg / CDB in non-invasive mode and issue the .dump command Avoid using Task Manager. |
1. Use ProcDump, preferably with –r switch
2. Use the Processes tab in DebugDiag 3. Use the 64-bit WinDbg / CDB in non-invasive mode and issue the .dump command |
| Gathering a ‘crash’ dump * | 1. Create a crash rule using DebugDiag x86 – ‘just works’
2. ProcDump –e ‘just works’ 3. Use the appropriate debugger as per above guidance for hang dumps |
1. Create a crash rule using DebugDiag x64 – ‘just works’. #
2. ProcDump –e ‘just works’ 3. Use the appropriate debugger as per above guidance for hang dumps |
1. Create a crash rule using DebugDiag x64 – ‘just works’
2. ProcDump –e ‘just works’ 3. Use the appropriate debugger as per above guidance for hang dumps |
| Troubleshooting High CPU usage using XPerf |
Use 32-bit Windows Performance Toolkit |
Use 64-bit Windows Performance Toolkit |
Use 64-bit Windows Performance Toolkit |
| Troubleshooting a Performance issue using PerfView | PerfView works correctly regardless of the ‘bitness mix’ | – same – | – same – |
| Dump analysis of a dump containing only native code ^ |
Any debugger should work but the same ‘bitness’ is recommended as far as possible. | – same – | – same – |
| Dump analysis of a dump containing any managed code ^ | Debug using a 32-bit debugger and 32-bit PSSCOR / SOS. | Debug using a 32-bit debugger and 32-bit PSSCOR / SOS. |
Debug using a 64-bit debugger and 64-bit PSSCOR / SOS. |
| ‘Live’ kernel debugging using LiveKD | LiveKD ‘just works’ provided you have installed x86 Debugging Tools for Windows. | LiveKD ‘just works’ provided you have installed x64 Debugging Tools for Windows. | LiveKD ‘just works’ provided you have installed x64 Debugging Tools for Windows. |
| GFLAGS utility | Use the x86 version of GFlags | Use the x86 version of GFlags | Use the x64 version of GFlags |
| Application Verifier | Install x86 version of Application Verifier | Install x64 version of Application Verifier (automatically includes x86 binaries) and launch the ‘Application Verifier (WOW)’ program. $ | Install x64 version of Application Verifier. |
# Note that you will not be able to / should not install the 32-bit version of DebugDiag on 64-bit OS.
* Note: for ProcDump, must also use –ma switch for detailed debugging, especially if you are debugging memory issues and for managed code dumps it is a must as well.
^ Note: Dump must be gathered ‘correctly’ with one of the above supported mechanisms.
$ Empirically, running either the native or WOW version of the GUI seems to put entries under both sets of keys. Please check this post from Chris Jackson for some related details.
The other thing you need to understand before proceeding further is the role of the WOW64 layer. The following blog posts would help you in that case:
- How do I switch to 32bit mode when I use windbg to debug a dump of a 32bit application running on an x64 machine?
- How to use Windbg to debug a dump of a 32bit .NET app running on a x64 machine
Hope this cheat sheet is useful for you. And if you do, I would really appreciate you taking a minute to rate this post and leave a comment!
Arvind Shyamsundar's technical blog 