Segfault with Array/PoolArray type mismatch in release builds

[mashumafi]

Godot version

3.4.2

System information

Windows 10

Issue description

It's easy to unintentionally or even intentionally assign an Array to a Pool*Array or visa-versa. The main issue here is that there are no warnings to stop you from doing so. It may not seem like a problem while testing using the debug build but once exported in release mode though this causes a segfault.

    var test := []
    test = PoolStringArray() # no warning, but this is not valid
    print(test.find("test")) # Segfault

    var test := PoolByteArray()
    test = [] # no warning, but this is not valid
    print(test.compress()) # Segfault

This only happens when using the type checking. Removing the : (colon) will prevent the segfault from occuring. I think the solution would either:

• Prevent the assignment (User must explicitly cast)
• Cast to the correct type

Steps to reproduce

• Use any of the above examples from the Issue Description in a project.
• Export in release mode. (I only tested windows)

Minimal reproduction project

SegfaultArrayFind.zip

[qarmin]

This only happens in release builds

core/variant_call.cpp:1199:45: runtime error: member call on null pointer of type 'struct Element'
core/map.h:85:11: runtime error: member access within null pointer of type 'struct Element'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==36527==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000038 (pc 0x00000f285770 bp 0x7ffd3abbbe00 sp 0x7ffd3abbbb80 T0)
==36527==The signal is caused by a READ memory access.
==36527==Hint: address points to the zero page.
    #0 0xf28576f in _VariantCall::FuncData::call(Variant&, Variant&, Variant const**, int, Variant::CallError&) core/variant_call.cpp:91
    #1 0xf28576f in Variant::call_ptr(StringName const&, Variant const**, int, Variant*, Variant::CallError&) core/variant_call.cpp:1200
    #2 0x18b588a in GDScriptFunction::call(GDScriptInstance*, Variant const**, int, Variant::CallError&, GDScriptFunction::CallState*) modules/gdscript/gdscript_function.cpp:1044
    #3 0x1730789 in GDScriptInstance::_ml_call_reversed(GDScript*, StringName const&, Variant const**, int) modules/gdscript/gdscript.cpp:1214
    #4 0x1730b2a in GDScriptInstance::call_multilevel_reversed(StringName const&, Variant const**, int) modules/gdscript/gdscript.cpp:1220
    #5 0x4e58855 in Node::_notification(int) scene/main/node.cpp:146
    #6 0x6ab2a0 in Node::_notificationv(int, bool) scene/main/node.h:45
    #7 0x4bcd037 in CanvasItem::_notificationv(int, bool) scene/2d/canvas_item.h:163
    #8 0x4bcf9a3 in Node2D::_notificationv(int, bool) scene/2d/node_2d.h:37
    #9 0xee90eaa in Object::notification(int, bool) core/object.cpp:927
    #10 0x4e5b871 in Node::_propagate_ready() scene/main/node.cpp:179
    #11 0x4e5b0c8 in Node::_propagate_ready() scene/main/node.cpp:171
    #12 0x4ed11b6 in Node::_set_tree(SceneTree*) scene/main/node.cpp:2595
    #13 0x4f9d4d8 in SceneTree::init() scene/main/scene_tree.cpp:473
    #14 0x50b381 in OS_X11::run() platform/x11/os_x11.cpp:3696
    #15 0x466f7e in main platform/x11/godot_x11.cpp:55
    #16 0x7f44b504cfcf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
    #17 0x7f44b504d07c in __libc_start_main_impl ../csu/libc-start.c:409
    #18 0x466b9d in _start (/home/rafal/Downloads/FFF/SegfaultArrayFind.x86_64+0x466b9d)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV core/variant_call.cpp:91 in _VariantCall::FuncData::call(Variant&, Variant&, Variant const**, int, Variant::CallError&)
==36527==ABORTING

[akien-mga]

Duplicate of #48090