I started analysing a production crash dump at my desk, with a set of libraries that don’t match those installed on the production server. Typically windbg would complain:
> !clrstack
The version of SOS does not match the version of CLR you are debugging. Please
load the matching version of SOS for the version of CLR you are debugging.
CLR Version: 4.0.30319.1026
SOS Version: 4.0.30319.18444
Failed to load data access DLL, 0x80004005
Verify that 1) you have a recent build of the debugger (6.2.14 or newer)
2) the file mscordacwks.dll that matches your version of clr.dll is
in the version directory or on the symbol path
3) or, if you are debugging a dump file, verify that the file
mscordacwks_
The first step is to get hold of the correct libraries from the server:
cp \\server\c$\windows\microsoft.net\Framework64\v4.0.30319\sos.dll c:\temp
cp \\server\c$\windows\microsoft.net\Framework64\v4.0.30319\mscordacwks.dll c:\temp
cp \\server\c$\windows\microsoft.net\Framework64\v4.0.30319\clr.dll c:\temp
In theory at that point, I should just be able to run
> .load c:\temp\sos.dll
> !clrstack
but sadly still no joy. If I run
> .chain
it tells me that it knows about more than one version of SOS
…
Extension DLL chain:
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\sos: image 4.0.30319.18444, API 1.0.0, built Wed Oct 30 21:40:20 2013
[path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\sos.dll]
c:\temp\sos.dll: image 4.0.30319.1026, API 1.0.0, built Thu Jul 03 07:58:50 2014
[path: c:\temp\sos.dll]
…
I can unload the non-useful one
> .unload C:\Windows\Microsoft.NET\Framework64\v4.0.30319\sos
and then run SOS commands happily.
