Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wJECm-000BZr-0d
	for pgsql-hackers@arkaria.postgresql.org;
	Sat, 02 May 2026 17:32:40 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wJECj-001o5H-2N
	for pgsql-hackers@arkaria.postgresql.org;
	Sat, 02 May 2026 17:32:37 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <jim.jones@uni-muenster.de>)
	id 1wJECj-001o59-1K
	for pgsql-hackers@lists.postgresql.org;
	Sat, 02 May 2026 17:32:37 +0000
Received: from udcm-wwu2.uni-muenster.de ([128.176.118.28])
	by magus.postgresql.org with esmtps  (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <jim.jones@uni-muenster.de>)
	id 1wJECh-000000008yl-0b6v
	for pgsql-hackers@postgresql.org;
	Sat, 02 May 2026 17:32:37 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=uni-muenster.de; i=@uni-muenster.de; q=dns/txt;
  s=uniout; t=1777743155; x=1809279155;
  h=message-id:date:mime-version:subject:to:cc:references:
   from:in-reply-to:content-transfer-encoding;
  bh=Agap4i1EyXfSyFeQaSP/LdYsxnABNegtQ7vX3Ka46m8=;
  b=VU7tMlhFURVuNuaRkOHFsbq/1EI//UJPyphNoGL1K1JpzNzlrMaJkQ/D
   FXklcO+6xodwgRSHlzmzqKq43DdePbpKiRP059NDPpe3hDgCouphA4TW0
   fXWKrwR4pMMhCNSlYX3Y+K4HaHU31LmFOL8VWcauxRGTMtHI1BP8i9hjZ
   6MbutwCjIQMQT8g+3PtqkeCE6NdjYo+oFK/IGjUEgrdsDsbedFG5yDazI
   p5nmop/tnXfckRo8v0Y7/7C4rzlnMoS13em/mI+MglX9Yw0dHrTdEj2n/
   IyCjr2fd3crmeON8hUmVIrsZVEuwZH+P8UHiLoyGEZI74I5E/sy/QlZWW
   g==;
X-CSE-ConnectionGUID: 1FuonMLSRIaP1AChEFAxtQ==
X-CSE-MsgGUID: eSWm39odQ0ON/fDdJyW33A==
X-IronPort-AV: E=Sophos;i="6.23,212,1770591600";
   d="scan'208";a="392802780"
Received: from secmail.uni-muenster.de ([128.176.118.4])
  by UDCM-RELAY2.UNI-MUENSTER.DE with ESMTP; 02 May 2026 19:32:33 +0200
Received: from [192.168.178.40]
 (dynamic-093-133-088-046.93.133.pool.telefonica.de [93.133.88.46])
	by SECMAIL.UNI-MUENSTER.DE (Postfix) with ESMTPSA id 5834B20ADF03;
	Sat,  2 May 2026 19:32:32 +0200 (CEST)
Message-ID: <239d181d-1415-49ee-ad57-b307f1a7ba66@uni-muenster.de>
Date: Sat, 2 May 2026 19:32:30 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: Fix bug with accessing to temporary tables of other sessions
To: Alexander Korotkov <aekorotkov@gmail.com>,
 Daniil Davydov <3danissimo@gmail.com>
Cc: Michael Paquier <michael@paquier.xyz>,
 Soumya S Murali <soumyamurali.work@gmail.com>, Tom Lane <tgl@sss.pgh.pa.us>,
 Stepan Neretin <slpmcf@gmail.com>,
 PostgreSQL Hackers <pgsql-hackers@postgresql.org>,
 Mohamed Ali <moali.pg@gmail.com>, Nazneen Jafri <jafrinazneen@gmail.com>,
 Shawn McCoy <shawn.the.mccoy@gmail.com>
References: <e58a9580-7bbf-4d70-ad99-833fab77cf88@uni-muenster.de>
 <CAJDiXghBO_TqvHOSui8MOxiFmwLT20+SAnH5nW1rpWHk7Jwffg@mail.gmail.com>
 <402bbc8d-728b-4467-8024-31c2bc101ead@uni-muenster.de>
 <CAJDiXgi0JFk0f2KWWQkzLBC5P7erX9WP18qqnbi-rjZ-K-P=3w@mail.gmail.com>
 <CAMtXxw_hBNuAWQUdSRMpoeRVRYr+5+S7p0bSzuqtHxfpzJPd3w@mail.gmail.com>
 <b6614954-6c71-451a-a1d7-345d255b4afb@uni-muenster.de>
 <CAMtXxw_2VnP5U7U+2ObOCC2voEkAzUqAgH=rPTQBXrb_8K=pyA@mail.gmail.com>
 <CAPpHfdtsGSywUExfKMakAuRz8-+61d-4XHkVf=pNQeYTZTVYoA@mail.gmail.com>
 <CAMtXxw8J7L0r8aXt9NBFfqqSnaNyU=-_Uq4tW4aO3PHyVeXLAQ@mail.gmail.com>
 <CAPpHfdvLCgXgdhSvuPCkek+r=P4E-WiNceWfh7UQztiMzfFcvg@mail.gmail.com>
 <aegLPbRmc95UbOZG@paquier.xyz>
 <CAPpHfdsOkkeobCfO9hJvaE2fRcdGmWJoX0umx--DnApmtmefCg@mail.gmail.com>
 <CAJDiXgjNySH7Od3nZGjWy30sKv+-12c=kajL7Qfkj3y+CDRwtA@mail.gmail.com>
 <CAPpHfds8pwuwF69JFs0SQz58op-U4ddR3KWv0NVEij2mpkzgpw@mail.gmail.com>
Content-Language: de-DE, en-GB
From: Jim Jones <jim.jones@uni-muenster.de>
In-Reply-To: 
 <CAPpHfds8pwuwF69JFs0SQz58op-U4ddR3KWv0NVEij2mpkzgpw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/239d181d-1415-49ee-ad57-b307f1a7ba66%40uni-muenster.de>
Precedence: bulk

Hi

On 02/05/2026 18:34, Alexander Korotkov wrote:
> On Sat, May 2, 2026 at 6:37 PM Daniil Davydov <3danissimo@gmail.com> wrote:
>> On Sat, May 2, 2026 at 9:16 PM Alexander Korotkov <aekorotkov@gmail.com> wrote:
>>>
>>> Thank you for your feedback.  I think the scope of this patch is well
>>> described in [1].  We don't want to restrict the superuser from
>>> something, but our buffer manager just technically can't access the
>>> local buffers of other sessions.  Read streams introduced a new code
>>> path for reading relations, which was lacking of the proper check for
>>> local buffers of other sessions.  And this patch attempts to fix that.
>>> DROP TABLE is an exclusion.  It actually don't need to read contents
>>> of buffers, just drop them.  And DropRelationBuffers() have a special
>>> exclusion for this case.  So, DROP TABLE appears to be the only
>>> operation that makes sense, it's a conscious exclusion, and there is
>>> no intention to forbid it.
>>
>> Yep, exactly.

+1

>>> I've revised the patch.  0001 contains tests and states the current
>>> behavior.  0002 contains fix and the corresponding changes in the
>>> tests.  I made a change in 0001: removed the check in
>>> ReadBufferExtended().  We added the same check to ReadBuffer_common(),
>>> and I don't think it makes sense to do this check twice in the row.
>>
>> Thank you! But I'm afraid that you forgot to attach the patches..
> 
> Here they are.


Thanks for the comprehensive additional tests!

In addition to the DROP TABLE exception:

It is also possible to LOCK temporary tables from other sessions:

postgres=# BEGIN;
BEGIN
postgres=*# LOCK TABLE pg_temp_91.t IN ACCESS SHARE MODE ;
LOCK TABLE

pg_temp_91.t lives as long the transaction is open -- even after the
origin session closes, which is totally expected. I'd say it falls into
the same category of DROP TABLE, where the table contents are never
read, so I'd argue it's ok.

> 
>> BTW, what do you think about this proposal? :
>>> On the other hand, we have an error message that says "cannot access...", which
>>> may look like every kind of "access" is forbidden. I bet that this is the place
>>> that has confused you. More accurate error message would be "cannot access
>>> pages..." or "cannot access content...". I think we can change our error
>>> message in this way. What do you think?
>>
>> We can easily include it in the first patch.
> 
> This is possible, but I would keep that in a separate patch.  We now
> have clear scope for both patches: 0001 includes additional tests,
> 0002 fixes the bug and restores old behavior.

+1 for a separate patch. I think the scope of the current patch is good
as-is.

Thanks!

Best, Jim