Hi,
> > Not a bad selector; CanBeHere() is passed an object and a list of objects. > > Of couse that'd make it much easier to track it down (snk); inspecting > > objects can be done with 'obj <address>', whereas lists can be dumped with > > 'listinfo <address>'. > > I have verified it's in the list passed to CanBeHere(). Output from the > debugger after the VM crash: > > "Lookup selector functions: Method selector offset 12ffb of object at b7d0 > is invalid This is weird. It most likely means that the object on the heap has been damaged. > GFX Warning: E:\src\freesci\src\gfx\operations.c, L1659:Attempt to verify > loop/cel values for invalid view 20082 > Warning: Attempt to get priority band 3385 Or destroyed. > Now I look at the parameters passed to CanBeHere right before the crash. > Note that after the crash, the list and it's entries can no longer > be examined. Why? As far as I can tell, only the accumulator should be written to, this sounds like a bug in itself. (Note that, in general, this may make sense, since many fuctions alter the heap in some way). > Looking at heapobj 0x3002 looks ok. listinfo 0x85f6 gives us: > > ">listinfo 0x85f6 > List at 85f6: > - Node at b50c: Key=3002 Val=3002 > - Node at b5d8: Key=b566 Val=b566 > - Node at b820: Key=b7d0 Val=b7d0 > - Node at b846: Key=95ea Val=95ea > 4 registered nodes." > > Note that this is the list after a "restart" is issued. Any list may be passed to CanBeHere() at any time; in practice, they use the same list all the time. > The list is > different during the intro before the restart. I don't know if this > matters or not. List members are usually the objects that are also passed to 'Animate', i.e. the objects drawn and animated. > > ">heapobj 0xb7d0 > Clone AutoDoor > Species=b6fe, Superclass=b6fe > Local variables @ 0x0000 > Variable selectors: [...] > locked[011e] = 0001 (1) > openSnd[011f] = 0000 (0) > closeSnd[0120] = 0000 (0) > --INVALID--[0121] = 0000 (0) Interesting. The value looks sane, though; either this is an actual selector name, or the selector list (like the kernel function list) is incomplete. > code[0104] = 0000 (0) > illegalBits[0012] = 0000 (0) > > -- View information: No funcselectors, yet there is an error trying to look them up... > cel 8/0/0 at (132,100) > Priority = 6 (band starts at 95) Looks sane. [...] When did you produce the heapobj output above? If possible, it should happen _right before_ the terminal CanBeHere() is called, since this may be something similar to the SQ3 ladder bug, where a statical object is called despite its script having been deallocated. llap, Christoph
