Hi Bertrand,
I reviewed the v4 patch, the OID-based error message and the CURRENT_USER
permutation both look good.
One minor note on the new permutation: it grants first and drops second, so
s1 already holds AccessShareLock on the member when s2's DROP arrives.
That exercises the lock/no-orphan path, but the DROP just waits and the
recheck
never fails, so the "role with OID %u does not exist" branch itself still
isn't covered.
If we reorder like the DROP commits before the GRANT i.e (s1 SET ROLE,
s2 DROP, then s1 GRANT ... TO CURRENT_USER) this would exercise that error
path.
It is not essential, because the code there is now straightforward.
Otherwise this looks ready to me.
Regards,
Surya Poondla