Fix harmless access to uninitialized memory.

When cache invalidations arrive while ri_LoadConstraintInfo() is busy
filling a new cache entry, InvalidateConstraintCacheCallBack() compares
the - not yet initialized - oidHashValue field with the to-be-invalidated
hash value. To fix, check whether the entry is already marked as invalid.

Andres Freund

diff --git a/src/backend/utils/adt/ri_triggers.c b/src/backend/utils/adt/ri_triggers.c
index d30847b34e6416e56d4d43f037a1d00173ee4901..e4d7b2c34b6501e0eb2fb0b0bdbdbeaf46bcfabc 100644 (file)
--- a/src/backend/utils/adt/ri_triggers.c
+++ b/src/backend/utils/adt/ri_triggers.c
@@ -2934,7 +2934,8 @@ InvalidateConstraintCacheCallBack(Datum arg, int cacheid, uint32 hashvalue)
    hash_seq_init(&status, ri_constraint_cache);
    while ((hentry = (RI_ConstraintInfo *) hash_seq_search(&status)) != NULL)
    {
-       if (hashvalue == 0 || hentry->oidHashValue == hashvalue)
+       if (hentry->valid &&
+           (hashvalue == 0 || hentry->oidHashValue == hashvalue))
            hentry->valid = false;
    }
 }