From b5d0e9eafce608ab12825b830a5d598c98db5319 Mon Sep 17 00:00:00 2001 From: rdb Date: Tue, 5 May 2020 13:19:26 +0200 Subject: [PATCH 1/4] task: Fix memory leak when removing a task awaiting non-Panda future --- panda/src/event/pythonTask.cxx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/panda/src/event/pythonTask.cxx b/panda/src/event/pythonTask.cxx index 86200802a9..6264345348 100644 --- a/panda/src/event/pythonTask.cxx +++ b/panda/src/event/pythonTask.cxx @@ -779,6 +779,12 @@ void PythonTask:: upon_death(AsyncTaskManager *manager, bool clean_exit) { AsyncTask::upon_death(manager, clean_exit); + // If we were polling something when we were removed, get rid of it. + if (_future_done != nullptr) { + Py_DECREF(_future_done); + _future_done = nullptr; + } + if (_upon_death != Py_None) { #if defined(HAVE_THREADS) && !defined(SIMPLE_THREADS) // Use PyGILState to protect this asynchronous call. From 68d094dba460871c21d86778fe698cdfa3366567 Mon Sep 17 00:00:00 2001 From: rdb Date: Tue, 5 May 2020 13:20:20 +0200 Subject: [PATCH 2/4] dtoolutil: fix buffer overrun on FreeBSD extracting long cmdline args This happens when compiling with CMake, which passes very long command-lines. --- dtool/src/dtoolutil/executionEnvironment.cxx | 26 +++++++++++--------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/dtool/src/dtoolutil/executionEnvironment.cxx b/dtool/src/dtoolutil/executionEnvironment.cxx index 9fce349268..ca8f45d876 100644 --- a/dtool/src/dtoolutil/executionEnvironment.cxx +++ b/dtool/src/dtoolutil/executionEnvironment.cxx @@ -748,21 +748,25 @@ read_args() { #elif defined(IS_FREEBSD) // In FreeBSD, we can use sysctl to determine the command-line arguments. - size_t bufsize = 4096; - char buffer[4096]; + size_t bufsize = 0; int mib[4] = {CTL_KERN, KERN_PROC, KERN_PROC_ARGS, 0}; mib[3] = getpid(); - if (sysctl(mib, 4, (void*) buffer, &bufsize, nullptr, 0) == -1) { + if (sysctl(mib, 4, nullptr, &bufsize, nullptr, 0) == -1) { perror("sysctl"); } else { - if (_binary_name.empty()) { - _binary_name = buffer; - } - size_t idx = strlen(buffer) + 1; - while (idx < bufsize) { - _args.push_back((char*)(buffer + idx)); - size_t newidx = strlen(buffer + idx); - idx += newidx + 1; + char *buffer = (char *)alloca(bufsize); + if (sysctl(mib, 4, buffer, &bufsize, nullptr, 0) == -1) { + perror("sysctl"); + } else { + if (_binary_name.empty()) { + _binary_name = buffer; + } + size_t idx = strlen(buffer) + 1; + while (idx < bufsize) { + _args.push_back((char*)(buffer + idx)); + size_t newidx = strlen(buffer + idx); + idx += newidx + 1; + } } } From 2ed4516cb29e215f7622d6fbf199cf931a0cb715 Mon Sep 17 00:00:00 2001 From: rdb Date: Tue, 5 May 2020 14:51:31 +0200 Subject: [PATCH 3/4] collide: Unexpose CollisionPolygon constructor taking point array This could never work in Python, and does indeed cause a crash, so I don't consider this compat-breaking. Fixes #908 --- panda/src/collide/collisionPolygon.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/panda/src/collide/collisionPolygon.h b/panda/src/collide/collisionPolygon.h index f7fa771bfa..2ef47c97de 100644 --- a/panda/src/collide/collisionPolygon.h +++ b/panda/src/collide/collisionPolygon.h @@ -32,12 +32,12 @@ PUBLISHED: const LVecBase3 &c); INLINE CollisionPolygon(const LVecBase3 &a, const LVecBase3 &b, const LVecBase3 &c, const LVecBase3 &d); - INLINE CollisionPolygon(const LPoint3 *begin, const LPoint3 *end); private: INLINE CollisionPolygon(); public: + INLINE CollisionPolygon(const LPoint3 *begin, const LPoint3 *end); CollisionPolygon(const CollisionPolygon ©); virtual CollisionSolid *make_copy(); From ed733942759cf794e92cae2d0a0479be06796e6d Mon Sep 17 00:00:00 2001 From: rdb Date: Tue, 5 May 2020 16:33:20 +0200 Subject: [PATCH 4/4] collide: fix erroneous collision if sphere is under edge of polygon Reproducible by the code in #907, occurs if the sphere is close to the edge, but its center is off and under the polygon. --- panda/src/collide/collisionPolygon.cxx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/panda/src/collide/collisionPolygon.cxx b/panda/src/collide/collisionPolygon.cxx index a2e7b7d44f..791cbdea87 100644 --- a/panda/src/collide/collisionPolygon.cxx +++ b/panda/src/collide/collisionPolygon.cxx @@ -508,8 +508,8 @@ test_intersection_from_sphere(const CollisionEntry &entry) const { max_dist = csqrt(max_dist_2); } - if (dist > max_dist) { - // There's no intersection: the sphere is hanging off the edge. + if (dist > max_dist || -dist > max_dist) { + // There's no intersection: the sphere is hanging above or under the edge. return nullptr; }