I believe the offending lines are in the osg::Geometry copy constructor:
if ((copyop.getCopyFlags() & osg::CopyOp::DEEP_COPY_ARRAYS))
{
if (_useVertexBufferObjects)
{
// copying of arrays doesn't set up buffer objects so we'll need to force
// Geometry to assign these, we'll do this by switching off VBO's then renabling them.
setUseVertexBufferObjects(false);
setUseVertexBufferObjects(true);
}
}
Toggling the vertex buffer objects off then on again actually touches not only the arrays controlled by DEEP_COPY_ARRAYS, but also the PrimitiveSets which are controlled by DEEP_COPY_PRIMITIVES. This means if the user has copyflags of only DEEP_COPY_ARRAYS, we are modifying arrays that belong to the original const Geometry& we are copying from. I believe this shouldn't be allowed to happen because we are using a const& specifier for the original Geometry.
In my case the osgUtil::IncrementalCompileOperation was trying to compile the geometry, while in the main thread a clone operation toggled the VBO's off and on, a crash ensues.
In the attached patch, you will find a more efficient handling of VBO's in the osg::Geometry copy constructor, so that only the Arrays that were actually deep copied have their VBO assigned, and no changes are made to Arrays that already had a valid VBO assigned. In addition, the DEEP_COPY_PRIMITIVES flag is now honored so that VBO's are set up correctly should a user copy a Geometry with only that flag.
"
git-svn-id: http://svn.openscenegraph.org/osg/OpenSceneGraph/trunk@15129 16af8721-9629-0410-8352-f15c8da7e697
setVertexAttribArrayList(array) with array containing NULL vertexAttrib.
I added a test in order to avoid it
Code:
void Geometry::setVertexAttribArrayList(const ArrayList& arrayList)
{
_vertexAttribList = arrayList;
dirtyDisplayList();
if (_useVertexBufferObjects)
{
for(ArrayList::iterator itr = _vertexAttribList.begin();
itr != _vertexAttribList.end();
++itr)
{
if(itr->get())//ADDED
addVertexBufferObjectIfRequired(itr->get());
}
}
}
"
and
"The bug i ran into is a crash reading osgt Geometry with null vertexattribs.
The only thing i added is a not nul check on array passed to setVertexAttribArrayList."
--------------------This line, and those below, will be ignored--
M src/osg/Geometry.cpp
git-svn-id: http://svn.openscenegraph.org/osg/OpenSceneGraph/trunk@15121 16af8721-9629-0410-8352-f15c8da7e697
There are two problems:
1> for DrawElementsUShortPrimitiveType (and UInt) the source_pindex still equals -1 and causes a crash
in DrawElementsUBytePrimitiveType source_pindex is incremented, and in DrawElementsU(Short/Int)PrimitiveType primitiveNum is incremented, but never used
2> The drawelements need to be rewritten as the vertices are reordered.
created a patch for osg stable branch(r14038): attached as Geometry-osg-3.2.zip
and for svn brach(r14044): attached as Geometry_osg_svn.zip"
New methods osg::Geometry::containsDeprecatedData() and osg::Geometry::fixDeprecatedData() provide a means for converting geometries that still use the array indices and BIND_PER_PRIMITIVE across to complient
versions.
Cleaned up the rest of the OSG where use of array indices and BIND_PER_PRIMITIVE were accessed or used.
* avfoundation: added support for IOS (CoreVideo-support is still in development, works only for SDK >= 6.0, set IPHONE_SDKVER in cMake accordingly)
* zeroconf: added ZeroConf-device-plugin (Mac/Win only, linux implementation missing) to advertise and discover services via ZeroConf/Bonjour, on windows you'll need the Bonjour SDK from Apple
* osgosc: modified the example to demonstrate the usage of the ZeroConf-plugin (start the example with the command-line-argument --zeroconf)
* SlideShowConstructor: enable/disable CoreVideo via a environment variable (P3D_ENABLE_CORE_VIDEO)
* RestHttp: mouse-motion-events get interpolated
* RestHttp: unhandled http-requests get sent as an user-event to the event-queue, all arguments get attached as user-values to the event
* modified some CMakeModules to work correctly when compiling for IOS
* fixed a compile-error for IOS in GraphicsWindowIOS
* some minor bugfixes"
CID 11697: Uninitialized scalar field (UNINIT_CTOR)
Non-static class member _type is not initialized in this constructor nor in any functions that it calls.
CID 11698: Uninitialized scalar field (UNINIT_CTOR)
Non-static class member _type is not initialized in this constructor nor in any functions that it calls.
CID 12329: Resource leak (RESOURCE_LEAK)
Calling allocation function "osg::Object::clone(osg::CopyOp const &) const". (The virtual call resolves to "osg::Object * GDALPlugin::DataSetLayer::clone(osg::CopyOp const &) const".) [show details]
Failing to save storage allocated by "this->getVertexArray()->clone(struct osg::CopyOp const(128U))" leaks it.
Following are both false positives as the the scope they are in will always assign the object to a ref counted
structure. I've modified the code to use ref_ptr<> to just make it clear that it's underscope, although
this is not strictly neccessary as the code is OK, I introduced this for clarity and robustness in
presence of exceptions.
CID 11586: Resource leak (RESOURCE_LEAK)
Calling allocation function "operator new(unsigned long long)".
Variable "<storage from new>" is not freed or pointed-to in function "osg::VertexBufferObject::VertexBufferObject()". [show details]
Assigning: "vbo" = storage returned from "new osg::VertexBufferObject".
CID 11587: Resource leak (RESOURCE_LEAK)
Calling allocation function "operator new(unsigned long long)".
Variable "<storage from new>" is not freed or pointed-to in function "osg::ElementBufferObject::ElementBufferObject()". [show details]
Assigning: "ebo" = storage returned from "new osg::ElementBufferObject".
Pointer "indices" returned by "this->_vertexAttribList[0ULL].indices.get()" is never used."
Report highlighted the fact that later code wasn't using the indices variable when it should have been, so
potentially a higher impact that the severity suggested by Coverity.
are big enough to handle the primitives used in the geometry.
Added usage of verifyArray into osgfilecache so that it reports any problems on reading files in paged database.
