I'm working on a wrapper of a FFI -sys module that implements the ability to create plugins for a C program. I recently happened upon a bad access crash which I think I've resolved but I'd like to know more if possible.
The thing that triggered the problem an allocation method called by the C FFI, where my wrapper was creating a nearly 1M struct on the stack, which was later wrapped in struct that is wrapped in a struct .. that eventually ends up on the heap. Its sort of convoluted but this is the entry point for allocation: https://github.com/Cycling74/median/blob/414b93a6fc349dc6b3642abe6070f4d0727247aa/median/src/wrapper.rs#L518
Unfortunately the plugin runs in a proprietary environment (Max/MSP) so I can't just share a simple example.
The crash indicated is:
Stop reason: EXC_BAD_ACCESS (code=2, address=0x7ffeef3ff568)
from this line 17B485727: 48 85 64 24 08 testq %rsp, 0x8(%rsp) in:
; id = {0x00000b32}, range = [0x0000000000077710-0x0000000000077750), mangled="__rust_probestack"
; Source location: unknown
17B485710: 55 pushq %rbp
17B485711: 48 89 E5 movq %rsp, %rbp
17B485714: 49 89 C3 movq %rax, %r11
17B485717: 49 81 FB 00 10 00 00 cmpq $0x1000, %r11 ; imm = 0x1000
17B48571E: 76 1C jbe 0x17b48573c ; <+44>
17B485720: 48 81 EC 00 10 00 00 subq $0x1000, %rsp ; imm = 0x1000
17B485727: 48 85 64 24 08 testq %rsp, 0x8(%rsp)
17B48572C: 49 81 EB 00 10 00 00 subq $0x1000, %r11 ; imm = 0x1000
17B485733: 49 81 FB 00 10 00 00 cmpq $0x1000, %r11 ; imm = 0x1000
17B48573A: 77 E4 ja 0x17b485720 ; <+16>
17B48573C: 4C 29 DC subq %r11, %rsp
17B48573F: 48 85 64 24 08 testq %rsp, 0x8(%rsp)
17B485744: 48 01 C4 addq %rax, %rsp
17B485747: C9 leave
17B485748: C3 retq
17B485749: 90 nop
17B48574A: 90 nop
17B48574B: 90 nop
17B48574C: 90 nop
17B48574D: 90 nop
17B48574E: 90 nop
17B48574F: 90 nop
I'm wondering if I've just overflowed the stack or if something else wrong is happening? Could I be setting something up incorrectly?
If I wrap this large inner struct in Box the problem goes away..
Thanks for any insights!