0:000> kv ChildEBP RetAddr Args to Child 00829e2c 7c90df4a 7c809590 00000002 00829e58 ntdll!KiFastSystemCallRet (FPO: [0,0,0]) 00829e30 7c809590 00000002 00829e58 00000001 ntdll!ZwWaitForMultipleObjects+0xc (FPO: [5,0,0]) 00829ecc 7c80a115 00000002 00829ffc 00000000 kernel32!WaitForMultipleObjectsEx+0x12c (FPO: [Non-Fpo]) 00829ee8 6945763c 00000002 00829ffc 00000000 kernel32!WaitForMultipleObjects+0x18 (FPO: [4,0,0]) 0082a87c 694582b1 0082bbac ffffffff 00198310 faultrep!StartDWException+0x5df (FPO: [Non-Fpo]) 0082b8f0 7c864526 0082bbac ffffffff c0000005 faultrep!ReportFault+0x533 (FPO: [Non-Fpo]) 0082bb64 77c32f0f 0082bbac 00000000 00000000 kernel32!UnhandledExceptionFilter+0x55b (FPO: [Non-Fpo]) 0082bb80 0128b1a9 00000000 0082bbac 77c35cf5 msvcrt!_XcptFilter+0x161 (FPO: [2,1,4]) 0082ffc0 7c817077 0011efd4 00000000 7ffda000 xemacs!mainCRTStartup+0x101 0082fff0 00000000 0128b0a8 00000000 78746341 kernel32!BaseProcessStart+0x23 (FPO: [Non-Fpo]) 0:000> $$>a< dump_exception_pointers.windbg 0082bbac ExceptionAddress: 010b6588 (xemacs!assert_failed+0x000000de) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000001 Parameter[1]: 00000000 Attempt to write to address 00000000 Evaluate expression: 8567996 = 0082bcbc eax=00000000 ebx=7ffda000 ecx=00829fe5 edx=00000000 esi=00000278 edi=0011efd4 eip=010b6588 esp=0082bf88 ebp=0082bf88 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206 xemacs!assert_failed+0xde: 010b6588 c705000000009a020000 mov dword ptr ds:[0],29Ah ds:0023:00000000=???????? ChildEBP RetAddr 0082bf88 011eff8c xemacs!assert_failed(char * file = 0x015b2488 "C:\XEmacsBuild\xemacs-21.5.29\src\buffer.h", int line = 595, char * expr = 0x015b2450 "(x) >= ((Charbpos) 1) && x <= ((buf)->text->bufz + 0)")+0xde [C:\XEmacsBuild\xemacs-21.5.29\src\emacs.c @ 4035] 0082bfb4 011efebb xemacs!charbpos_to_bytebpos(struct buffer * buf = 0x02f71230, long x = 135070)+0x6e [C:\XEmacsBuild\xemacs-21.5.29\src\buffer.h @ 595] 0082bfd0 011f0f42 xemacs!scan_buffer(struct buffer * buf = 0x02f71230, int target = 10, long start = 135070, long end = 0, long count = -49, long * shortage = 0x00000000, int allow_quit = 0)+0x13 [C:\XEmacsBuild\xemacs-21.5.29\src\search.c @ 787] 0082bff4 011d3826 xemacs!find_next_newline_no_quit(struct buffer * buf = 0x02f71230, long from = 135070, int count = -49)+0x1c [C:\XEmacsBuild\xemacs-21.5.29\src\search.c @ 806] 0082c074 011d41b2 xemacs!point_in_line_start_cache(struct window * w = 0x060f38a0, long point = 22481, int min_past = 0)+0x1f0 [C:\XEmacsBuild\xemacs-21.5.29\src\redisplay.c @ 7809] 0082c0c0 011d43d1 xemacs!start_end_of_last_line(struct window * w = 0x060f38a0, long startp = 22481, int end = 1, int may_error = 0)+0xcf [C:\XEmacsBuild\xemacs-21.5.29\src\redisplay.c @ 8059] 0082c0d8 012314c4 xemacs!end_of_last_line(struct window * w = 0x060f38a0, long startp = 22481)+0x14 [C:\XEmacsBuild\xemacs-21.5.29\src\redisplay.c @ 8135] 0082c0f4 010bf85a xemacs!Fwindow_end(long window = 101660832, long guarantee = 24534664)+0xab [C:\XEmacsBuild\xemacs-21.5.29\src\window.c @ 1902] 0082c188 0107dfaf xemacs!Ffuncall(int nargs = 3, long * args = 0x0082c1a8)+0x33d [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3907] 0082c394 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x02c23068 "???", int stack_depth = 7, long * constants_data = 0x0278f760)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082c414 010bfb0a xemacs!funcall_compiled_function(long fun = 44615600, int nargs = 1, long * args = 0x0082c4c4)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082c4ac 0107dfaf xemacs!Ffuncall(int nargs = 2, long * args = 0x0082c4c0)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082c6b4 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x02c23018 "???", int stack_depth = 6, long * constants_data = 0x01905614)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082c734 010bfb0a xemacs!funcall_compiled_function(long fun = 26431552, int nargs = 3, long * args = 0x0082c7e4)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082c7cc 0107dfaf xemacs!Ffuncall(int nargs = 4, long * args = 0x0082c7e0)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082c9d0 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x02c11c40 "???", int stack_depth = 5, long * constants_data = 0x02799c90)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082ca50 010bfb0a xemacs!funcall_compiled_function(long fun = 44615204, int nargs = 1, long * args = 0x0082cb00)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082cae8 0107dfaf xemacs!Ffuncall(int nargs = 2, long * args = 0x0082cafc)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082cce8 01084ef2 xemacs!execute_optimized_program(unsigned char * program = 0x0082ccfc "???", int stack_depth = 4, long * constants_data = 0x02799c08)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082cdc0 010be105 xemacs!Fbyte_code(long instructions = 44715628, long constants = 41524216, long stack_depth = 9)+0x1ca [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 2622] 0082cfd0 010b99f5 xemacs!Feval(long form = 44716236)+0xa9c [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3655] 0082d040 01080613 xemacs!internal_catch(long tag = 44688596, * func = 0x010bd669, long arg = 44716236, int * threw = 0x00000000, long * thrown_tag = 0x00000000, long * backtrace_before_throw = 0x00000000)+0xa2 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1531] 0082d0c8 0107dca5 xemacs!execute_rare_opcode(long * stack_ptr = 0x0082d0e0, unsigned char * unused_program_ptr = 0x02c11b3d "???", Opcode opcode = Bcatch (141))+0xee [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 1419] 0082d2c4 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x02c11b18 "???", int stack_depth = 2, long * constants_data = 0x02799c50)+0x1d5 [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 754] 0082d344 010bfb0a xemacs!funcall_compiled_function(long fun = 44615160, int nargs = 0, long * args = 0x0082d47c)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082d3dc 010c0c15 xemacs!Ffuncall(int nargs = 1, long * args = 0x0082d478)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082d444 010c0d3e xemacs!run_hook_with_args_in_buffer(struct buffer * buf = 0x02f71230, int nargs = 1, long * args = 0x0082d478, run_hooks_condition cond = RUN_HOOKS_TO_COMPLETION (0))+0x36e [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4429] 0082d45c 010c10f3 xemacs!run_hook_with_args(int nargs = 1, long * args = 0x0082d478, run_hooks_condition cond = RUN_HOOKS_TO_COMPLETION (0))+0x1a [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4442] 0082d470 010c3af9 xemacs!run_hook(long hook = 44688212)+0x10 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4511] 0082d480 010c2914 xemacs!safe_run_hook_trapping_problems_1(void * puta = 0x017358b8)+0x13 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 5597] 0082d490 010ba83a xemacs!call_trapping_problems_2(long opaque = 78071752)+0x2d [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4947] 0082d4a4 010c2935 xemacs!call_with_condition_handler( * handler = 0x010c293a, long handler_arg = 78071752, * fun = 0x010c28e7, long arg = 78071752)+0x6a [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 2136] 0082d4bc 010b99f5 xemacs!call_trapping_problems_1(long opaque = 78071752)+0x1a [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4954] 0082d52c 010c261b xemacs!internal_catch(long tag = 25050536, * func = 0x010c291b, long arg = 78071752, int * threw = 0x0082d5cc, long * thrown_tag = 0x0082d5dc, long * backtrace_before_throw = 0x0082d600)+0xa2 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1531] 0082d608 010c389c xemacs!call_trapping_problems(long warning_class = 24532672, char * warning_string = 0x00000000 "", int flags = 131235, struct call_trapping_problems_result * problem = 0x0082d678, * fun = 0x010c3ae6, void * arg = 0x017358b8)+0x21a [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 5227] 0082d698 010c868b xemacs!safe_run_hook_trapping_problems(long warning_class = 24339760, long hook_symbol = 24336568, int flags = 160)+0xe3 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 5623] 0082d6ac 011d1852 xemacs!run_pre_idle_hook(void)+0x36 [C:\XEmacsBuild\xemacs-21.5.29\src\event-stream.c @ 2110] 0082d6b4 010c8b79 xemacs!redisplay(void)+0x8 [C:\XEmacsBuild\xemacs-21.5.29\src\redisplay.c @ 7162] 0082d738 010903ae xemacs!Fnext_event(long event = 82272060, long prompt = 24535624)+0x4e9 [C:\XEmacsBuild\xemacs-21.5.29\src\event-stream.c @ 2289] 0082d77c 01090189 xemacs!Fcommand_loop_1(void)+0x223 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 599] 0082d784 010b9e63 xemacs!command_loop_1(long unused_dummy = 24535624)+0x29 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 511] 0082d844 0108ff4f xemacs!condition_case_1(long handlers = 24532672, * bfun = 0x01090160, long barg = 24535624, * hfun = 0x0108fdb6, long harg = 24535624)+0x12b [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1925] 0082d860 0108ff0e xemacs!command_loop_3(void)+0x3f [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 262] 0082d868 010b99f5 xemacs!command_loop_2(long unused_dummy = 24535624)+0x8 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 277] 0082d8d8 01090062 xemacs!internal_catch(long tag = 24508072, * func = 0x0108ff06, long arg = 24535624, int * threw = 0x00000000, long * thrown_tag = 0x00000000, long * backtrace_before_throw = 0x00000000)+0xa2 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1531] 0082d904 010bf82e xemacs!Frecursive_edit(void)+0xd3 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 376] 0082d990 0107dfaf xemacs!Ffuncall(int nargs = 1, long * args = 0x0082d9a4)+0x311 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3907] 0082db8c 01084ef2 xemacs!execute_optimized_program(unsigned char * program = 0x0082dba0 "???", int stack_depth = 3, long * constants_data = 0x055f9320)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082dce4 010be105 xemacs!Fbyte_code(long instructions = 48856164, long constants = 90149648, long stack_depth = 7)+0x1ca [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 2622] 0082def4 010b81ac xemacs!Feval(long form = 88206052)+0xa9c [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3655] 0082df30 010805a6 xemacs!Fprogn(long args = 88206088)+0x9e [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 954] 0082dfa4 0107dca5 xemacs!execute_rare_opcode(long * stack_ptr = 0x0082dfbc, unsigned char * unused_program_ptr = 0x04e166b6 "???", Opcode opcode = Bsave_window_excursion (139))+0x81 [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 1406] 0082e1f8 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x04e16618 "???", int stack_depth = 24, long * constants_data = 0x05897388)+0x1d5 [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 754] 0082e278 010be88e xemacs!funcall_compiled_function(long fun = 94480016, int nargs = 1, long * args = 0x0082e28c)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082e48c 010b81ac xemacs!Feval(long form = 87331636)+0x1225 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3716] 0082e4c8 010c07e5 xemacs!Fprogn(long args = 74223244)+0x9e [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 954] 0082e50c 010bfbb1 xemacs!funcall_lambda(long fun = 74223328, int nargs = 5, long * args = 0x0082e5bc)+0x25a [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4263] 0082e5a4 0107dfaf xemacs!Ffuncall(int nargs = 6, long * args = 0x0082e5b8)+0x694 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3956] 0082e7f0 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x031f4288 "???", int stack_depth = 23, long * constants_data = 0x04ddae98)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082e870 010bfb0a xemacs!funcall_compiled_function(long fun = 94527412, int nargs = 4, long * args = 0x0082e920)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082e908 0107dfaf xemacs!Ffuncall(int nargs = 5, long * args = 0x0082e91c)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082eb34 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x047475e8 "???", int stack_depth = 15, long * constants_data = 0x02d81cf0)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082ebb4 010bfb0a xemacs!funcall_compiled_function(long fun = 47616944, int nargs = 1, long * args = 0x0082ec64)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082ec4c 0107dfaf xemacs!Ffuncall(int nargs = 2, long * args = 0x0082ec60)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082ee44 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x0493c770 "???", int stack_depth = 2, long * constants_data = 0x02d81ed0)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082eec4 010bfb0a xemacs!funcall_compiled_function(long fun = 47617120, int nargs = 0, long * args = 0x0082f194)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082ef5c 010c0268 xemacs!Ffuncall(int nargs = 1, long * args = 0x0082f190)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082efd4 010bfa72 xemacs!Fapply(int nargs = 2, long * args = 0x0082f190)+0x122 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4149] 0082f068 010c02a6 xemacs!Ffuncall(int nargs = 3, long * args = 0x0082f18c)+0x555 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3930] 0082f0e0 010bfa72 xemacs!Fapply(int nargs = 3, long * args = 0x0082f18c)+0x160 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4154] 0082f174 0107dfaf xemacs!Ffuncall(int nargs = 4, long * args = 0x0082f188)+0x555 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3930] 0082f37c 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x02c8d018 "???", int stack_depth = 6, long * constants_data = 0x01d49520)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082f3fc 010bfb0a xemacs!funcall_compiled_function(long fun = 42388288, int nargs = 2, long * args = 0x0082f4ac)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082f494 0107dfaf xemacs!Ffuncall(int nargs = 3, long * args = 0x0082f4a8)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082f698 010bf2fd xemacs!execute_optimized_program(unsigned char * program = 0x04b70ca8 "???", int stack_depth = 5, long * constants_data = 0x02bc5a18)+0x4df [C:\XEmacsBuild\xemacs-21.5.29\src\bytecode.c @ 862] 0082f718 010bfb0a xemacs!funcall_compiled_function(long fun = 45883928, int nargs = 1, long * args = 0x0082f864)+0x43f [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3496] 0082f7b0 010c02a6 xemacs!Ffuncall(int nargs = 2, long * args = 0x0082f860)+0x5ed [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3946] 0082f828 010c116f xemacs!Fapply(int nargs = 2, long * args = 0x0082f860)+0x160 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4154] 0082f868 01085b57 xemacs!apply1(long fn = 45883928, long arg = 81257800)+0x77 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 4533] 0082fa94 010bcc40 xemacs!Fcall_interactively(long function = 42248988, long record_flag = 24535624, long keys = 24535624)+0x81b [C:\XEmacsBuild\xemacs-21.5.29\src\callint.c @ 459] 0082fae8 010ce88f xemacs!Fcommand_execute(long cmd = 42248988, long record_flag = 24535624, long keys = 24535624)+0x1df [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 3117] 0082fb30 010ccddb xemacs!execute_command_event(struct command_builder * command_builder = 0x027e0cb8, long event = 45724628)+0x28a [C:\XEmacsBuild\xemacs-21.5.29\src\event-stream.c @ 4288] 0082fbd4 010903ba xemacs!Fdispatch_event(long event = 45724628)+0x837 [C:\XEmacsBuild\xemacs-21.5.29\src\event-stream.c @ 4600] 0082fc14 01090189 xemacs!Fcommand_loop_1(void)+0x22f [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 600] 0082fc1c 010b9e63 xemacs!command_loop_1(long unused_dummy = 24535624)+0x29 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 511] 0082fcdc 0108ff4f xemacs!condition_case_1(long handlers = 24532672, * bfun = 0x01090160, long barg = 24535624, * hfun = 0x0108fdb6, long harg = 24535624)+0x12b [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1925] 0082fcf8 0108ff0e xemacs!command_loop_3(void)+0x3f [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 262] 0082fd00 010b99f5 xemacs!command_loop_2(long unused_dummy = 24535624)+0x8 [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 277] 0082fd70 0108fcfb xemacs!internal_catch(long tag = 24255520, * func = 0x0108ff06, long arg = 24535624, int * threw = 0x00000000, long * thrown_tag = 0x00000000, long * backtrace_before_throw = 0x00000000)+0xa2 [C:\XEmacsBuild\xemacs-21.5.29\src\eval.c @ 1531] 0082fd90 010b4d8f xemacs!initial_command_loop(long load_me = 24535624)+0xdd [C:\XEmacsBuild\xemacs-21.5.29\src\cmdloop.c @ 313] 0082fe30 010b5ca1 xemacs!xemacs_21_5_b29_i586_pc_win32(int argc = 2, unsigned short ** argv = 0x0082fee8, unsigned short ** unused_envp = 0x00000000, int restart = 0)+0x1025 [C:\XEmacsBuild\xemacs-21.5.29\src\emacs.c @ 2720] 0082ff4c 0128b18b xemacs!main(int argc = 2, char ** argv = 0x00f53d28, char ** unused_envp = 0x00f52e80)+0x25c [C:\XEmacsBuild\xemacs-21.5.29\src\emacs.c @ 3167] 0082ffc0 7c817077 xemacs!mainCRTStartup+0xe3 0082fff0 00000000 kernel32!BaseProcessStart+0x23