Sharing about a crash we spotted in the State Tree compiler code, specifically in FStateTreeCompiler::CreateBindingsForNodes.
If you add enough bindings in your state tree, eventually, you’ll hit a 100% reproducible crash in this function. The function takes a TArrayView<FInstancedStruct> Instances. This function call CreatePropertyFunctionsForStruct within the CreateBindingsForNodes can then reallocate FStateTreeCompiler::SharedInstanceStructs.
When CreateBindingsForNodes is called in FStateTreeCompiler::CreateStateTransitions, the parameter passed into the function is SharedInstanceStructs, which is then used to initialize a TArrayView, which later on will be viewing an outdated version of SharedInstanceStructs because of the reallocation, triggering the garbage memory crash.
The fix for this would be updating the function signature from:
bool FStateTreeCompiler::CreateBindingsForNodes(TConstArrayView<FStateTreeEditorNode> EditorNodes, FStateTreeIndex16 NodesBegin, TArrayView<FInstancedStruct> Instances)
into
bool FStateTreeCompiler::CreateBindingsForNodes(TConstArrayView<FStateTreeEditorNode> EditorNodes, FStateTreeIndex16 NodesBegin, TArray<FInstancedStruct>& Instances)
where the Instances parameter is instead a TArray<FInstancedStruct>&.