search

Chinamming / bullet

Automatically exported from code.google.com/p/bullet
Other
0 stars 0 forks source link

Out of bounds memory access in btParallelConstraintSolver.cpp #675

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Use parallel-constraint threading interface
2. Add a decent amount of active bodies (5735) stacked and one kinematic body.
3. Run simulation

What version of the product are you using? On what operating system?
OS X

btParallelConstraintSolver.cpp, line 1300
  Accessing m_memoryCache->m_mystates[-2] if one of the objects is a kinematic. The companion id is being set to -2 for the object and btParallelConstraintSolver is not handling this possibility.

Two fixes come to mind, but I'm not aware of the btParallelConstraintSolver
btParallelConstraintSolver.cpp, line 1268 :
 Change if (!obAisActive && !obBisActive) to if (!obAisActive || !obBisActive)

btParallelConstraintSolver.cpp, line 1297 :
  Test idA and idB individually before calling pfxSetRigidBodyIdA and pfxSetMotionMaskA

Original issue reported on code.google.com by machTyr...@gmail.com on 25 Nov 2012 at 5:42

GoogleCodeExporter commented 9 years ago 
Known limitation,  getSimulationIslandManager()->setSplitIslands(false) works

Original comment by machTyr...@gmail.com on 26 Nov 2012 at 1:10

GoogleCodeExporter commented 9 years ago 

We should make it obvious that 
"getSimulationIslandManager()->setSplitIslands(false)" is required.

You didn't hit a useful assert in debug mode?

Original comment by erwin.coumans on 26 Nov 2012 at 3:34

GoogleCodeExporter commented 9 years ago 
The first assert hit was in btAlignedObjectArray.h  from 
btParallelConstraintSolver::solveGroup:
  m_memoryCache->m_mystates[-2].

Not really useful, to understand it's a known issue with the setup. Would be 
nice if an assert happens earlier if setSplitIslands(false) is not called when 
btParallelConstraintSolver is used but I can't find a place to do this check 
(without some sort of dynamic-casting).

Adding a comment right under the licensing info in MultiThreadedDemo.cpp would 
be a start.

Original comment by machTyr...@gmail.com on 26 Nov 2012 at 4:42

GoogleCodeExporter commented 9 years ago 
BulletMultiThreaded is discontinued. Also development is moved to 
https://github.com/bulletphysics/bullet3

Original comment by erwin.coumans on 30 Mar 2014 at 6:25