Stephen Frost <sfrost@snowman.net> writes:
> On Sunday, January 3, 2016, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> CREATE POLICY takes AccessExclusiveLock on the table a policy is being
>> added to -- good -- and then releases it when done -- bad. Correct
>> behavior is to hold the lock till commit, because otherwise there is
>> no guarantee that other backends will see the updated catalog rows in
>> time, or indeed at all.
> Agreed.
On closer inspection, I'd misidentified the functions containing the
bad code --- it was really RemovePolicyById and RemoveRoleFromObjectPolicy
that were wrong. Fix pushed.
regards, tom lane