Fix harmless access to uninitialized memory.

When cache invalidations arrive while ri_LoadConstraintInfo() is busy
filling a new cache entry, InvalidateConstraintCacheCallBack() compares
the - not yet initialized - oidHashValue field with the to-be-invalidated
hash value. To fix, check whether the entry is already marked as invalid.

Andres Freund

diff --git a/src/backend/utils/adt/ri_triggers.c b/src/backend/utils/adt/ri_triggers.c
index d30847b34e6416e56d4d43f037a1d00173ee4901..e4d7b2c34b6501e0eb2fb0b0bdbdbeaf46bcfabc 100644 (file)
--- a/src/backend/utils/adt/ri_triggers.c
+++ b/src/backend/utils/adt/ri_triggers.c
@@ -2934,7 +2934,8 @@ InvalidateConstraintCacheCallBack(Datum arg, int cacheid, uint32 hashvalue)
        hash_seq_init(&status, ri_constraint_cache);
        while ((hentry = (RI_ConstraintInfo *) hash_seq_search(&status)) != NULL)
        {
-               if (hashvalue == 0 || hentry->oidHashValue == hashvalue)
+               if (hentry->valid &&
+                       (hashvalue == 0 || hentry->oidHashValue == hashvalue))
                        hentry->valid = false;
        }
 }