Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\CRASHDMP.DMP]
Kernel Complete Dump File: Full address space is available

Symbol search path is: D:\Symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_rtm.040803-2158
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805531a0
Debug session time: Sun Feb 13 06:34:57.897 17420 (GMT+4)
System Uptime: 3 days 4:14:47.773
WARNING: Process directory table base 00373000 doesn't match CR3 05A4E5E0
WARNING: Process directory table base 00373000 doesn't match CR3 05A4E5E0
Loading Kernel Symbols
.................................................. .................................................. ..................................
Loading User Symbols

Loading unloaded module list
..............
*** ERROR: Module load completed but symbols could not be loaded for LiveKdD.SYS
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {80000003, f8beb4d7, 0, 0}

Probably caused by : gendump.sys ( gendump!InitializeDumpHeader+77 )

Followup: MachineOwner
---------

kd> !analyze -v
************************************************** *****************************
* *
* Bugcheck Analysis *
* *
************************************************** *****************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 80000003, The exception code that was not handled
Arg2: f8beb4d7, The address that the exception occurred at
Arg3: 00000000, Parameter 0 of the exception
Arg4: 00000000, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid

FAULTING_IP:
gendump!InitializeDumpHeader+77 [d:\progs\driverdev\gendump\gendump.cpp @ 171]
f8beb4d7 58 pop eax

EXCEPTION_PARAMETER1: 00000000

EXCEPTION_PARAMETER2: 00000000

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x1E

PROCESS_NAME: System

LAST_CONTROL_TRANSFER: from 00000000 to f8bc02d1

STACK_TEXT:
f188ac50 00000000 00000000 00000000 00000001 LiveKdD+0x12d1


STACK_COMMAND: .bugcheck ; kb

FOLLOWUP_IP:
gendump!InitializeDumpHeader+77 [d:\progs\driverdev\gendump\gendump.cpp @ 171]
f8beb4d7 58 pop eax

FAULTING_SOURCE_CODE:
167: mov [ctx.Ebp], ebp
168:
169: call _1
170: // This address will appear in kd as crash address:
> 171: _1: pop eax
172: mov [ctx.Eip], eax
173:
174: pushfd
175: pop eax
176: mov [ctx.EFlags], eax


SYMBOL_NAME: gendump!InitializeDumpHeader+77

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: gendump

IMAGE_NAME: gendump.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 45004080

FAILURE_BUCKET_ID: 0x1E_gendump!InitializeDumpHeader+77

BUCKET_ID: 0x1E_gendump!InitializeDumpHeader+77

Followup: MachineOwner
---------