Skip to content

Commit 5576cbc

Browse files
committed
Fix intermittent self-test failures caused by the stats_ext test.
Commit d7f8d26 added new tests to the stats_ext regression test that included creating a view in the public schema, without realising that the stats_ext test runs in the same parallel group as the rules test, which makes doing that unsafe. This led to intermittent failures of the rules test on the buildfarm, although I wasn't able to reproduce that locally. Fix by creating the view in a different schema. Tomas Vondra and Dean Rasheed, report and diagnosis by Thomas Munro. Discussion: https://postgr.es/m/CA+hUKGKX9hFZrYA7rQzAMRE07L4hziCc-nO_b3taJpiuKyLLxg@mail.gmail.com
1 parent 1c6b62a commit 5576cbc

File tree

2 files changed

+44
-38
lines changed

2 files changed

+44
-38
lines changed

src/test/regress/expected/stats_ext.out

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -735,59 +735,63 @@ SELECT * FROM check_estimated_rows('SELECT * FROM mcv_lists_bool WHERE NOT a AND
735735
-- the underlying table.
736736
--
737737
-- Currently this is only relevant for MCV stats.
738-
CREATE TABLE priv_test_tbl (
738+
CREATE SCHEMA tststats;
739+
CREATE TABLE tststats.priv_test_tbl (
739740
a int,
740741
b int
741742
);
742-
INSERT INTO priv_test_tbl
743+
INSERT INTO tststats.priv_test_tbl
743744
SELECT mod(i,5), mod(i,10) FROM generate_series(1,100) s(i);
744-
CREATE STATISTICS priv_test_stats (mcv) ON a, b
745-
FROM priv_test_tbl;
746-
ANALYZE priv_test_tbl;
745+
CREATE STATISTICS tststats.priv_test_stats (mcv) ON a, b
746+
FROM tststats.priv_test_tbl;
747+
ANALYZE tststats.priv_test_tbl;
747748
-- User with no access
748749
CREATE USER regress_stats_user1;
750+
GRANT USAGE ON SCHEMA tststats TO regress_stats_user1;
749751
SET SESSION AUTHORIZATION regress_stats_user1;
750-
SELECT * FROM priv_test_tbl; -- Permission denied
752+
SELECT * FROM tststats.priv_test_tbl; -- Permission denied
751753
ERROR: permission denied for table priv_test_tbl
752754
-- Attempt to gain access using a leaky operator
753755
CREATE FUNCTION op_leak(int, int) RETURNS bool
754756
AS 'BEGIN RAISE NOTICE ''op_leak => %, %'', $1, $2; RETURN $1 < $2; END'
755757
LANGUAGE plpgsql;
756758
CREATE OPERATOR <<< (procedure = op_leak, leftarg = int, rightarg = int,
757759
restrict = scalarltsel);
758-
SELECT * FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
760+
SELECT * FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
759761
ERROR: permission denied for table priv_test_tbl
760-
DELETE FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
762+
DELETE FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
761763
ERROR: permission denied for table priv_test_tbl
762764
-- Grant access via a security barrier view, but hide all data
763765
RESET SESSION AUTHORIZATION;
764-
CREATE VIEW priv_test_view WITH (security_barrier=true)
765-
AS SELECT * FROM priv_test_tbl WHERE false;
766-
GRANT SELECT, DELETE ON priv_test_view TO regress_stats_user1;
766+
CREATE VIEW tststats.priv_test_view WITH (security_barrier=true)
767+
AS SELECT * FROM tststats.priv_test_tbl WHERE false;
768+
GRANT SELECT, DELETE ON tststats.priv_test_view TO regress_stats_user1;
767769
-- Should now have access via the view, but see nothing and leak nothing
768770
SET SESSION AUTHORIZATION regress_stats_user1;
769-
SELECT * FROM priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
771+
SELECT * FROM tststats.priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
770772
a | b
771773
---+---
772774
(0 rows)
773775

774-
DELETE FROM priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
776+
DELETE FROM tststats.priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
775777
-- Grant table access, but hide all data with RLS
776778
RESET SESSION AUTHORIZATION;
777-
ALTER TABLE priv_test_tbl ENABLE ROW LEVEL SECURITY;
778-
GRANT SELECT, DELETE ON priv_test_tbl TO regress_stats_user1;
779+
ALTER TABLE tststats.priv_test_tbl ENABLE ROW LEVEL SECURITY;
780+
GRANT SELECT, DELETE ON tststats.priv_test_tbl TO regress_stats_user1;
779781
-- Should now have direct table access, but see nothing and leak nothing
780782
SET SESSION AUTHORIZATION regress_stats_user1;
781-
SELECT * FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
783+
SELECT * FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
782784
a | b
783785
---+---
784786
(0 rows)
785787

786-
DELETE FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
788+
DELETE FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
787789
-- Tidy up
788790
DROP OPERATOR <<< (int, int);
789791
DROP FUNCTION op_leak(int, int);
790792
RESET SESSION AUTHORIZATION;
791-
DROP VIEW priv_test_view;
792-
DROP TABLE priv_test_tbl;
793+
DROP SCHEMA tststats CASCADE;
794+
NOTICE: drop cascades to 2 other objects
795+
DETAIL: drop cascades to table tststats.priv_test_tbl
796+
drop cascades to view tststats.priv_test_view
793797
DROP USER regress_stats_user1;

src/test/regress/sql/stats_ext.sql

Lines changed: 21 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -483,58 +483,60 @@ SELECT * FROM check_estimated_rows('SELECT * FROM mcv_lists_bool WHERE NOT a AND
483483
-- the underlying table.
484484
--
485485
-- Currently this is only relevant for MCV stats.
486-
CREATE TABLE priv_test_tbl (
486+
CREATE SCHEMA tststats;
487+
488+
CREATE TABLE tststats.priv_test_tbl (
487489
a int,
488490
b int
489491
);
490492

491-
INSERT INTO priv_test_tbl
493+
INSERT INTO tststats.priv_test_tbl
492494
SELECT mod(i,5), mod(i,10) FROM generate_series(1,100) s(i);
493495

494-
CREATE STATISTICS priv_test_stats (mcv) ON a, b
495-
FROM priv_test_tbl;
496+
CREATE STATISTICS tststats.priv_test_stats (mcv) ON a, b
497+
FROM tststats.priv_test_tbl;
496498

497-
ANALYZE priv_test_tbl;
499+
ANALYZE tststats.priv_test_tbl;
498500

499501
-- User with no access
500502
CREATE USER regress_stats_user1;
503+
GRANT USAGE ON SCHEMA tststats TO regress_stats_user1;
501504
SET SESSION AUTHORIZATION regress_stats_user1;
502-
SELECT * FROM priv_test_tbl; -- Permission denied
505+
SELECT * FROM tststats.priv_test_tbl; -- Permission denied
503506

504507
-- Attempt to gain access using a leaky operator
505508
CREATE FUNCTION op_leak(int, int) RETURNS bool
506509
AS 'BEGIN RAISE NOTICE ''op_leak => %, %'', $1, $2; RETURN $1 < $2; END'
507510
LANGUAGE plpgsql;
508511
CREATE OPERATOR <<< (procedure = op_leak, leftarg = int, rightarg = int,
509512
restrict = scalarltsel);
510-
SELECT * FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
511-
DELETE FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
513+
SELECT * FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
514+
DELETE FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Permission denied
512515

513516
-- Grant access via a security barrier view, but hide all data
514517
RESET SESSION AUTHORIZATION;
515-
CREATE VIEW priv_test_view WITH (security_barrier=true)
516-
AS SELECT * FROM priv_test_tbl WHERE false;
517-
GRANT SELECT, DELETE ON priv_test_view TO regress_stats_user1;
518+
CREATE VIEW tststats.priv_test_view WITH (security_barrier=true)
519+
AS SELECT * FROM tststats.priv_test_tbl WHERE false;
520+
GRANT SELECT, DELETE ON tststats.priv_test_view TO regress_stats_user1;
518521

519522
-- Should now have access via the view, but see nothing and leak nothing
520523
SET SESSION AUTHORIZATION regress_stats_user1;
521-
SELECT * FROM priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
522-
DELETE FROM priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
524+
SELECT * FROM tststats.priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
525+
DELETE FROM tststats.priv_test_view WHERE a <<< 0 AND b <<< 0; -- Should not leak
523526

524527
-- Grant table access, but hide all data with RLS
525528
RESET SESSION AUTHORIZATION;
526-
ALTER TABLE priv_test_tbl ENABLE ROW LEVEL SECURITY;
527-
GRANT SELECT, DELETE ON priv_test_tbl TO regress_stats_user1;
529+
ALTER TABLE tststats.priv_test_tbl ENABLE ROW LEVEL SECURITY;
530+
GRANT SELECT, DELETE ON tststats.priv_test_tbl TO regress_stats_user1;
528531

529532
-- Should now have direct table access, but see nothing and leak nothing
530533
SET SESSION AUTHORIZATION regress_stats_user1;
531-
SELECT * FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
532-
DELETE FROM priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
534+
SELECT * FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
535+
DELETE FROM tststats.priv_test_tbl WHERE a <<< 0 AND b <<< 0; -- Should not leak
533536

534537
-- Tidy up
535538
DROP OPERATOR <<< (int, int);
536539
DROP FUNCTION op_leak(int, int);
537540
RESET SESSION AUTHORIZATION;
538-
DROP VIEW priv_test_view;
539-
DROP TABLE priv_test_tbl;
541+
DROP SCHEMA tststats CASCADE;
540542
DROP USER regress_stats_user1;

0 commit comments

Comments
 (0)