Comment 1 for bug 172286

Here's what ddaa had to say about this:

<mwhudson> so from the "oh crap" department:
<mwhudson> when a branch puller worker times out and is killed, it leaves the branch locked
<mwhudson> jml: ^^
<ddaa> I thought that was "told you so" dept.
<ddaa> need to kill with SIGINT
<mwhudson> well, you certainly never told _me_ that
<ddaa> we occasionally need to poke published data directly, so quietly breaking locks is not a great idea
<mwhudson> though it's kind of obvious in retrospect
<ddaa> I'm pretty sure I told someone :)
<mwhudson> the problem with sigint, of course, is that it might not always work
<ddaa> sure
<ddaa> and there's always the "elmo tripped on the power cable" scenario
<mwhudson> anyway, i need coffee before thinking about this
<ddaa> one nice way
<ddaa> would be to put some distinctive UID in the lock
<ddaa> different from what bzr would naturally put there
<ddaa> and have this UID be passed from high up the call chain
<ddaa> so when we find this in the lock we know we should be able to break it
<ddaa> this way, we still have the option to safely poke data directly, e.g. for mass reconciling of branches in a concurrent script
<ddaa> but in the normal case, the way to kill should be something like "SIGINT, wait some time for child to terminate, if not terminated yet then SIGKILL".