http://www.slony.info/bugzilla/show_bug.cgi?id=296

--- Comment #1 from Steve Singer <ssinger at ca.afilias.info> 2013-06-21 12:28:53 PDT ---
If one tries the FAILOVER command like:

----
FAILOVER(node=(id=1,backup node=2), node=(id=3,backup node=5),
node=(id=4,backup node=2));   
-----

slonik segfaults

This turns out to reveal a more generic problem where if you try a FAILOVER
when no valid failover targets exist for the node (in sl_failover_targers)
slonik is segfaulting.  We can avoid this by a check on num_nodes in 
fail_node_promote but I wondering if that masks the symptoms.

If a origin node really has no failover targets then what should happen?

If the node is an origin node then I think we need to log an error.  Slonik
currently has a error message "error no failover candidates for %d"  but that
isn't working properly (requires a 2 line fix)

If the node is not an origin then we could, treat the node as failed so we
don't consider it as a failover candidate for another node but not actually
call the
failover functions for it

This can still leave as with a problem of what to do with the sl_subscribe
entries with sl_receiver=this_node when sl_provider=another_failed_node.  
Currently slony tries to set sl_provider=backup_node but if the paths are
missing then this fails.  We could create 'fake paths' or remove the
sl_subscribe rows with sl_receiver being the failed node , with no backup, that
is going away. Other ideas are also welcome

-- 
Configure bugmail: http://www.slony.info/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
You are the assignee for the bug.