SlideShare a Scribd company logo

Debugging TV Frame 0x25

Dmitry Vostokov, profile picture
Dmitry Vostokov

The document provides information on kernel debugging, including setting up a guest operating system and virtual machine for debugging, configuring the host Windbg, and examining the guest system. It discusses simulating a double fault and includes a stack trace as part of the debugging process. Additionally, it highlights upcoming training courses offered by the Software Diagnostics Institute.

Software
1 of 8
Download to read offline
1
2
3
4
5
6
7
8
Frame 0x25 Presenter: Dmitry Vostokov Sponsors Debugging.TV
• Setting guest OS and virtual machine for kernel debugging • Configuring host WinDbg for kernel debugging • Examining the guest system • Simulating a double fault Topics © 2013 Software Diagnostics Institute
Virtual Machine Setup © 2013 Software Diagnostics Institute
Guest OS Setup © 2013 Software Diagnostics Institute
Host WinDbg Setup © 2013 Software Diagnostics Institute
Double Fault © 2013 Software Diagnostics Institute 1: kd> k Child-SP RetAddr Call Site fffff980`00a9e968 fffff800`0184d8f3 nt!KeBugCheckEx fffff980`00a9e970 fffff800`0184c138 nt!KiBugCheckDispatch+0x73 fffff980`00a9eab0 fffff800`0184b754 nt!KiDoubleFaultAbort+0xb8 fffff980`00ce4f80 fffff800`0184d900 nt!KiDebugTrapOrFault+0x14 fffff980`00ce5118 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00ce5120 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 […] fffff980`00cea400 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea598 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea5a0 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea738 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea740 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea8d8 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea8e0 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00ceaa78 fffff800`0184bec3 nt!KiExceptionDispatch fffff980`00ceaa80 fffff980`13ac910b nt!KiInvalidOpcodeFault+0xc3 fffff980`00ceac10 fffff980`13ac9415 spsys!SPVersion+0x237db fffff980`00ceac50 fffff980`13ad4e6c spsys!SPVersion+0x23ae5 fffff980`00ceac90 fffff800`01859ca3 spsys!SPVersion+0x2f53c fffff980`00ceace0 fffff800`01ae1bbb nt!ExpWorkerThread+0x12a fffff980`00cead50 fffff800`018344f6 nt!PspSystemThreadStartup+0x5b fffff980`00cead80 00000000`00000000 nt!KxStartSystemThread+0x16
!Ad Hardcore Software Diagnostics Training May, 13, 2013 Philosophy of Software Diagnostics (FREE) June 17, 2013 Pattern-Oriented Network Trace Analysis (FREE) July, 19-22, 2013 Accelerated Windows Debugging3 July 24-29, 2013 Accelerated Windows Memory Dump Analysis 2013 The New Old Debugging © 2013 Software Diagnostics Institute Now Available for Booking
Debugging.TV Now on YouTube! http://www.youtube.com/DebuggingTV

More Related Content

PDF
Bigip exporter
Christoffer Gunning
 
PDF
[OpenStack Day in Korea 2015] Track 1-4 - VDI OpenStack? It Works!!!
OpenStack Korea Community
 
PDF
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON
 
PPTX
Malware Analysis For The Enterprise
Jason Ross
 
PPTX
Windows kernel debugging workshop in florida
Sisimon Soman
 
ODP
Linux kernel debugging(ODP format)
yang firo
 
PDF
Linux kernel debugging(PDF format)
yang firo
 
PDF
Debugging TV Frame 0x05
Dmitry Vostokov
 
Bigip exporter
Christoffer Gunning
 
[OpenStack Day in Korea 2015] Track 1-4 - VDI OpenStack? It Works!!!
OpenStack Korea Community
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON
 
Malware Analysis For The Enterprise
Jason Ross
 
Windows kernel debugging workshop in florida
Sisimon Soman
 
Linux kernel debugging(ODP format)
yang firo
 
Linux kernel debugging(PDF format)
yang firo
 
Debugging TV Frame 0x05
Dmitry Vostokov
 

Similar to Debugging TV Frame 0x25 (20)

PDF
VMworld 2013: ESXi Native Networking Driver Model - Delivering on Simplicity ...
VMworld
 
PPTX
Static analysis as means of improving code quality
Andrey Karpov
 
PDF
2v0 620 Exam-vSphere 6 Foundations
Isabella789
 
PDF
XPDS14 - Scaling Xen's Aggregate Storage Performance - Felipe Franciosi, Citrix
The Linux Foundation
 
PDF
Accelerated .NET Memory Dump Analysis training public slides
Dmitry Vostokov
 
PPTX
3DConsulting_Presentation
Joseph Baca
 
PDF
[cb22] Fight Against Malware Development Life Cycle by Shusei Tomonaga and Yu...
CODE BLUE
 
PPTX
Top Issues For Microsoft Support For Windows Server
Blauge
 
PDF
PhD Thesis Diogo Mónica
Diogo Mónica
 
PDF
Pharo Virtual Machine: News from the Front
ESUG
 
PDF
My old security advisories on HMI/SCADA and industrial software released betw...
Luigi Auriemma
 
PDF
Debugging TV Frame 0x16
Dmitry Vostokov
 
KEY
Varnish @ Velocity Ignite
Artur Bergman
 
PDF
the grinder testing certification
Vskills
 
PDF
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Michele Orru
 
PDF
Qemu device prototyping
Yan Vugenfirer
 
PDF
Defcon CTF quals
snyff
 
PDF
SSL/TLS for Mortals (J-Fall)
Maarten Mulders
 
PDF
NetBSD on Google Compute Engine (en)
Ryo ONODERA
 
PDF
laptop repairing course in delhi
Amit Gupta
 
VMworld 2013: ESXi Native Networking Driver Model - Delivering on Simplicity ...
VMworld
 
Static analysis as means of improving code quality
Andrey Karpov
 
2v0 620 Exam-vSphere 6 Foundations
Isabella789
 
XPDS14 - Scaling Xen's Aggregate Storage Performance - Felipe Franciosi, Citrix
The Linux Foundation
 
Accelerated .NET Memory Dump Analysis training public slides
Dmitry Vostokov
 
3DConsulting_Presentation
Joseph Baca
 
[cb22] Fight Against Malware Development Life Cycle by Shusei Tomonaga and Yu...
CODE BLUE
 
Top Issues For Microsoft Support For Windows Server
Blauge
 
PhD Thesis Diogo Mónica
Diogo Mónica
 
Pharo Virtual Machine: News from the Front
ESUG
 
My old security advisories on HMI/SCADA and industrial software released betw...
Luigi Auriemma
 
Debugging TV Frame 0x16
Dmitry Vostokov
 
Varnish @ Velocity Ignite
Artur Bergman
 
the grinder testing certification
Vskills
 
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Michele Orru
 
Qemu device prototyping
Yan Vugenfirer
 
Defcon CTF quals
snyff
 
SSL/TLS for Mortals (J-Fall)
Maarten Mulders
 
NetBSD on Google Compute Engine (en)
Ryo ONODERA
 
laptop repairing course in delhi
Amit Gupta
 
Ad

More from Dmitry Vostokov (20)

PDF
Accelerated Windows Debugging 3 training public slides
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x1C
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x1A
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x34
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x33
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x31
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x24
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x21
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x20
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x19
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x18
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x17
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x15
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x14
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x13
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x12
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x11
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x10
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x0F
Dmitry Vostokov
 
PDF
Debugging TV Frame 0x0D
Dmitry Vostokov
 
Accelerated Windows Debugging 3 training public slides
Dmitry Vostokov
 
Debugging TV Frame 0x1C
Dmitry Vostokov
 
Debugging TV Frame 0x1A
Dmitry Vostokov
 
Debugging TV Frame 0x34
Dmitry Vostokov
 
Debugging TV Frame 0x33
Dmitry Vostokov
 
Debugging TV Frame 0x31
Dmitry Vostokov
 
Debugging TV Frame 0x24
Dmitry Vostokov
 
Debugging TV Frame 0x21
Dmitry Vostokov
 
Debugging TV Frame 0x20
Dmitry Vostokov
 
Debugging TV Frame 0x19
Dmitry Vostokov
 
Debugging TV Frame 0x18
Dmitry Vostokov
 
Debugging TV Frame 0x17
Dmitry Vostokov
 
Debugging TV Frame 0x15
Dmitry Vostokov
 
Debugging TV Frame 0x14
Dmitry Vostokov
 
Debugging TV Frame 0x13
Dmitry Vostokov
 
Debugging TV Frame 0x12
Dmitry Vostokov
 
Debugging TV Frame 0x11
Dmitry Vostokov
 
Debugging TV Frame 0x10
Dmitry Vostokov
 
Debugging TV Frame 0x0F
Dmitry Vostokov
 
Debugging TV Frame 0x0D
Dmitry Vostokov
 
Ad

Recently uploaded (20)

PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PDF
System and Network Administraation Chapter 3
jaramharo
 
PPTX
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PDF
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
PDF
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
PDF
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
PDF
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
PDF
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
PPTX
history of c programming in notes for students .pptx
Vijayakumari829030
 
PDF
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
PDF
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PPTX
Introduction to Artificial Intelligence
lohedi9363
 
PDF
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
System and Network Administration Chapter 2
jaramharo
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
System and Network Administraation Chapter 3
jaramharo
 
Reimagine Home Health with the Power of Agentic AI​
AutomationEdge Technologies
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
Addressing The Cult of Project Management Tools-Why Disconnected Work is Hold...
OnePlan Solutions
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
EN-Survey-Report-SAP-LeanIX-EA-Insights-2025.pdf
deepakkhaitan3
 
How to Choose the Right IT Partner for Your Business in Malaysia
Asian Business Services & Technologies
 
history of c programming in notes for students .pptx
Vijayakumari829030
 
SAP S4 Hana Brochure 3 (PTS SYSTEMS AND SOLUTIONS)
pts464036
 
Understanding Forklifts - TECH EHS Solution
TECH EHS Solution
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
Introduction to Artificial Intelligence
lohedi9363
 
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 

Debugging TV Frame 0x25

  • 1. Frame 0x25 Presenter: Dmitry Vostokov Sponsors Debugging.TV
  • 2. • Setting guest OS and virtual machine for kernel debugging • Configuring host WinDbg for kernel debugging • Examining the guest system • Simulating a double fault Topics © 2013 Software Diagnostics Institute
  • 3. Virtual Machine Setup © 2013 Software Diagnostics Institute
  • 4. Guest OS Setup © 2013 Software Diagnostics Institute
  • 5. Host WinDbg Setup © 2013 Software Diagnostics Institute
  • 6. Double Fault © 2013 Software Diagnostics Institute 1: kd> k Child-SP RetAddr Call Site fffff980`00a9e968 fffff800`0184d8f3 nt!KeBugCheckEx fffff980`00a9e970 fffff800`0184c138 nt!KiBugCheckDispatch+0x73 fffff980`00a9eab0 fffff800`0184b754 nt!KiDoubleFaultAbort+0xb8 fffff980`00ce4f80 fffff800`0184d900 nt!KiDebugTrapOrFault+0x14 fffff980`00ce5118 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00ce5120 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 […] fffff980`00cea400 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea598 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea5a0 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea738 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea740 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00cea8d8 fffff800`0184b871 nt!KiExceptionDispatch fffff980`00cea8e0 fffff800`0184d900 nt!KiDebugTrapOrFault+0x131 fffff980`00ceaa78 fffff800`0184bec3 nt!KiExceptionDispatch fffff980`00ceaa80 fffff980`13ac910b nt!KiInvalidOpcodeFault+0xc3 fffff980`00ceac10 fffff980`13ac9415 spsys!SPVersion+0x237db fffff980`00ceac50 fffff980`13ad4e6c spsys!SPVersion+0x23ae5 fffff980`00ceac90 fffff800`01859ca3 spsys!SPVersion+0x2f53c fffff980`00ceace0 fffff800`01ae1bbb nt!ExpWorkerThread+0x12a fffff980`00cead50 fffff800`018344f6 nt!PspSystemThreadStartup+0x5b fffff980`00cead80 00000000`00000000 nt!KxStartSystemThread+0x16
  • 7. !Ad Hardcore Software Diagnostics Training May, 13, 2013 Philosophy of Software Diagnostics (FREE) June 17, 2013 Pattern-Oriented Network Trace Analysis (FREE) July, 19-22, 2013 Accelerated Windows Debugging3 July 24-29, 2013 Accelerated Windows Memory Dump Analysis 2013 The New Old Debugging © 2013 Software Diagnostics Institute Now Available for Booking