Skip to main content

Asynchronous timeouts with CompletableFuture

One day I was rewriting poorly implemented multi-threaded code that was blocking at some point on Future.get():

public void serve() throws InterruptedException, ExecutionException, TimeoutException {
    final Future<Response> responseFuture = asyncCode();
    final Response response = responseFuture.get(1, SECONDS);
    send(response);
}

private void send(Response response) {
    //...
}
This was actually an Akka application written in Java with a thread pool of 1000 threads (sic!) - all of them blocked on this get() call. Otherwise system couldn't keep up with the number of concurrent requests. After refactoring we got rid of all these threads and introduced just one, significantly reducing memory footprint. Let's simplify a bit and show examples in Java 8. The first step is to introduce CompletableFuture instead of plain Future (see: tip 9). It's simple if:

  • you control how tasks are submitted to ExecutorService: just use CompletableFuture.supplyAsync(..., executorService) instead of executorService.submit(...)
  • you deal with callback-based API: use promises
Otherwise (if you have blocking API or Future<T> already) there will be some thread blocked. That's why there are so many asynchronous APIs being born right now. So let's say we somehow rewritten our code to receive CompletableFuture:

public void serve() throws InterruptedException, ExecutionException, TimeoutException {
    final CompletableFuture<Response> responseFuture = asyncCode();
    final Response response = responseFuture.get(1, SECONDS);
    send(response);
}
Obviously that doesn't fix anything, we have to take advantage of new reactive style of programming:

public void serve() {
    final CompletableFuture<Response> responseFuture = asyncCode();
    responseFuture.thenAccept(this::send);
}
This is functionally equivalent, but now serve() should run in no-time (no blocking or waiting). Just remember that this::send will be executed in the same thread that completed responseFuture. If you don't want to overload some arbitrary thread pool somewhere or send() is expensive, consider separate thread pool for that: thenAcceptAsync(this::send, sendPool). Great, but we lost two important properties: error propagation and timeout. Error propagation is hard because we changed API. When serve() method exits, asynchronous operations is probably not yet finished. If you care about exceptions, consider either returning responseFuture or some alternative mechanism. At minimum, log exception because otherwise it will be swallowed:

final CompletableFuture<Response> responseFuture = asyncCode();
responseFuture.exceptionally(throwable -> {
    log.error("Unrecoverable error", throwable);
    return null;
});
responseFuture.thenAccept(this::send);
Be careful with the code above: exceptionally() tries to recover from failure, returning alternative result. It works here but if you chain exceptionally() with thenAccept() it will send() will be called even in case of failure, but with null argument (or whatever we return from exceptionally():

final CompletableFuture<Response> responseFuture = asyncCode();
responseFuture
    .exceptionally(throwable -> {
        log.error("Unrecoverable error", throwable);
        return null;
    })
    .thenAccept(this::send);  //probably not what you think
Problem with lost 1 second timeout is subtle. Our original code was waiting (blocking) for at most 1 second until Future finishes. Otherwise TimeoutException was thrown. We lost this functionality, even worse unit tests for timeouts are inconvenient and often skipped. In order to port timeouts without sacrificing event-driven spirit we need one extra building block: a future that always fails after a given time:

public static <T> CompletableFuture<T> failAfter(Duration duration) {
    final CompletableFuture<T> promise = new CompletableFuture<>();
    scheduler.schedule(() -> {
        final TimeoutException ex = new TimeoutException("Timeout after " + duration);
        return promise.completeExceptionally(ex);
    }, duration.toMillis(), MILLISECONDS);
    return promise;
}

private static final ScheduledExecutorService scheduler =
        Executors.newScheduledThreadPool(
                1,
                new ThreadFactoryBuilder()
                        .setDaemon(true)
                        .setNameFormat("failAfter-%d")
                        .build());
That's simple: we create a promise (future without underlying task or thread pool) and complete it with TimeoutException after a given java.time.Duration. If you get() such future somewhere, TimeoutException will be thrown after blocking for at least that much time. Actually, it will be ExecutionException wrapping TimeoutException, no way around that. Notice that I use fixed scheduler thread pool with just one thread. It's not only for educational purposes: "1 thread ought to be enough for anybody" [1] in this scenario. failAfter() on its own is rather useless, but combine it with our responseFuture and we have a solution!

final CompletableFuture<Response> responseFuture = asyncCode();
final CompletableFuture<Response> oneSecondTimeout = failAfter(Duration.ofSeconds(1));
responseFuture
        .acceptEither(oneSecondTimeout, this::send)
        .exceptionally(throwable -> {
            log.error("Problem", throwable);
            return null;
        });
A lot is going on here. After receiving responseFuture with our background task we also create "synthetic" oneSecondTimeout future that will never complete successfully but always fails after 1 second. Now we combine the two by calling acceptEither. This operator will execute block of code against first completed future, either responseFuture or oneSecondTimeout and simply ignore outcome of the slower one. If asyncCode() completes within 1 second this::send will be invoked and exception from oneSecondTimeout will get ignored. However! If asyncCode() is really slow, oneSecondTimeout kicks in first. But since it fails with an exception, exceptionally error handler is invoked instead of this::send. You can take for granted that either send() or exceptionally will be called, not both. Of course if we had two "ordinary" futures completing normally, send() would be called with a response from the first one, discarding the latter.

This wasn't the cleanest solution. Cleaner one would wrap original future and make sure it finishes within given time. Such operator is available in com.twitter.util.Future (Scala; called within()), however is missing in scala.concurrent.Future (supposedly inspired by the former). Let's leave Scala behind and implement similar operator for CompletableFuture. It takes one future as input and returns a future that completes when underlying one is completed. However if it takes too long to complete the underlying future, exception is thrown:

public static <T> CompletableFuture<T> within(CompletableFuture<T> future, Duration duration) {
    final CompletableFuture<T> timeout = failAfter(duration);
    return future.applyToEither(timeout, Function.identity());
}
This leads to final, clean and flexible solution:

final CompletableFuture<Response> responseFuture = within(
        asyncCode(), Duration.ofSeconds(1));
responseFuture
        .thenAccept(this::send)
        .exceptionally(throwable -> {
            log.error("Unrecoverable error", throwable);
            return null;
        });
Hope you enjoyed this article, as you can see reactive programming in Java is no longer a thing of the future (no pun intended).

Comments

  1. I liked this approach because the threads won't be blocking each other on timeout and its a clean solution. However it will fail in those cases when the future thread (not the timeout one) is blocking on a monitor (example waiting on BlockingQ)

    After repeated tests locally, it seems there is no way to complete a future which is blocking in this way.

    ReplyDelete
  2. But then even in the case of timeout, the future thread (the real one) will keep running so that thread is still busy, right?

    ReplyDelete
    Replies
    1. Yes, that's true (and requires a little bit more managed). You can use management thread not only to provide self-exploding futures, but also to cancel ones you want to cancel. Things may go hard down from here (e.g. if you have a black-boxy component that simply stalls and has no idea of cancellation feedback), but if you write your code all the way like that, you'll find it much easier to keep much closer scope for your code (you don't need to call some weird manager tons of application layers out there - you simply *work with task represented by future*); besides, in many situations you'll want heavy tasks to complete rather than being interrupted in the middle of the prcoess (probably leaving application in inconsistent state). This is certainly not a "that's a feature, not a bug" situation - i see what you're talking about and i see that this approach makes things harder in some ways - but this was a hard decision to decouple tasks (completable futures) from actual threads (completable futures may be created and resolved by hand with no thread involved rather than main). Tomasz wrote about in his other post about cf.cancel() and thread interruption.

      Delete
  3. Hello, I tried example here. As someone mentioned when asynchronous job exceed given time there is exception in log but asynchronous job continues without interruption. From my perspective code is nice but doesn't do what I expected.

    ReplyDelete
  4. One question lets assume
    public void serve() is
    public Response serve()
    So I should return the response or some value if timeout happened before asyncCode() ends. What should I change to the code?

    ReplyDelete
  5. the executor for timeout, should it be singleton or one per completablefuture?

    also what will happen the async call blocks forever? since the timeout doesnt' really cancel the async call

    ReplyDelete
    Replies
    1. Indeed, timeout can't really interrupt asynchronous call with std. Javva 8 CompletableFuture as it is explained in another article on this blog - http://www.nurkiewicz.com/2015/03/completablefuture-cant-be-interrupted.html

      I developed a library - https://github.com/vsilaev/tascalate-concurrent - that supports truly cancelable (interruptible) CompletionStage implementations as well as timeouts, so you can do:

      ====
      CompletableTask.supplyAsync(someFunction, executor).orTimeout( Duration.ofMillis(200) );
      ====

      or

      ====
      CompletableTask.supplyAsync(someFunction, executor).onTimeout( someDefaultValue, Duration.ofMillis(200) );
      ====

      Delete

Post a Comment