Andres Freund <andres@anarazel.de> writes:
> Well, the question is if that'd ever have us defer killing the process
> for longer. quickdie is intended to actually die quickly.
Yeah. Though now that we have the postmaster mechanism to wait-five-
seconds-then-SIGKILL, maybe we could rethink that requirement? If we
reimplemented SIGQUIT to work more like SIGTERM, it would surely be
a lot safer. There would be cases where a stuck backend wouldn't
respond and it'd eventually get SIGKILL'd, but in return we'd get rid
of problems like this one.
On balance I'm not sure whether that solution is more or less user-
friendly than the current setup, but for sure it'd be a lot easier
to reason about.
regards, tom lane