<mwhudson> so from the "oh crap" department:
<mwhudson> when a branch puller worker times out and is killed, it leaves the branch locked
<mwhudson> jml: ^^
<ddaa> I thought that was "told you so" dept.
<ddaa> need to kill with SIGINT
<mwhudson> well, you certainly never told _me_ that
<ddaa> we occasionally need to poke published data directly, so quietly breaking locks is not a great idea
<mwhudson> though it's kind of obvious in retrospect
<ddaa> I'm pretty sure I told someone :)
<mwhudson> the problem with sigint, of course, is that it might not always work
<ddaa> sure
<ddaa> and there's always the "elmo tripped on the power cable" scenario
<mwhudson> anyway, i need coffee before thinking about this
<ddaa> one nice way
<ddaa> would be to put some distinctive UID in the lock
<ddaa> different from what bzr would naturally put there
<ddaa> and have this UID be passed from high up the call chain
<ddaa> so when we find this in the lock we know we should be able to break it
<ddaa> this way, we still have the option to safely poke data directly, e.g. for mass reconciling of branches in a concurrent script
<ddaa> but in the normal case, the way to kill should be something like "SIGINT, wait some time for child to terminate, if not terminated yet then SIGKILL".
Here's what ddaa had to say about this:
<mwhudson> so from the "oh crap" department:
<mwhudson> when a branch puller worker times out and is killed, it leaves the branch locked
<mwhudson> jml: ^^
<ddaa> I thought that was "told you so" dept.
<ddaa> need to kill with SIGINT
<mwhudson> well, you certainly never told _me_ that
<ddaa> we occasionally need to poke published data directly, so quietly breaking locks is not a great idea
<mwhudson> though it's kind of obvious in retrospect
<ddaa> I'm pretty sure I told someone :)
<mwhudson> the problem with sigint, of course, is that it might not always work
<ddaa> sure
<ddaa> and there's always the "elmo tripped on the power cable" scenario
<mwhudson> anyway, i need coffee before thinking about this
<ddaa> one nice way
<ddaa> would be to put some distinctive UID in the lock
<ddaa> different from what bzr would naturally put there
<ddaa> and have this UID be passed from high up the call chain
<ddaa> so when we find this in the lock we know we should be able to break it
<ddaa> this way, we still have the option to safely poke data directly, e.g. for mass reconciling of branches in a concurrent script
<ddaa> but in the normal case, the way to kill should be something like "SIGINT, wait some time for child to terminate, if not terminated yet then SIGKILL".