Cancellation
What happens when a pending future is dropped?
The runtime will no longer poll it, therefore it won't make any further progress.
In other words, its execution has been cancelled.
In the wild, this often happens when working with timeouts. For example:
#![allow(unused)] fn main() { use tokio::time::timeout; use tokio::sync::oneshot; use std::time::Duration; async fn http_call() { // [...] } async fn run() { // Wrap the future with a `Timeout` set to expire in 10 milliseconds. let duration = Duration::from_millis(10); if let Err(_) = timeout(duration, http_call()).await { println!("Didn't receive a value within 10 ms"); } } }
When the timeout expires, the future returned by http_call will be cancelled.
Let's imagine that this is http_call's body:
#![allow(unused)] fn main() { use std::net::TcpStream; async fn http_call() { let (stream, _) = TcpStream::connect(/* */).await.unwrap(); let request: Vec<u8> = /* */; stream.write_all(&request).await.unwrap(); } }
Each yield point becomes a cancellation point.
http_call can't be preempted by the runtime, so it can only be discarded after
it has yielded control back to the executor via .await.
This applies recursively—e.g. stream.write_all(&request) is likely to have multiple
yield points in its implementation. It is perfectly possible to see http_call pushing
a partial request before being cancelled, thus dropping the connection and never
finishing transmitting the body.
Clean up
Rust's cancellation mechanism is quite powerful—it allows the caller to cancel an ongoing task
without needing any form of cooperation from the task itself.
At the same time, this can be quite dangerous. It may be desirable to perform a
graceful cancellation, to ensure that some clean-up tasks are performed
before aborting the operation.
For example, consider this fictional API for a SQL transaction:
#![allow(unused)] fn main() { async fn transfer_money( connection: SqlConnection, payer_id: u64, payee_id: u64, amount: u64 ) -> Result<(), anyhow::Error> { let transaction = connection.begin_transaction().await?; update_balance(payer_id, amount, &transaction).await?; decrease_balance(payee_id, amount, &transaction).await?; transaction.commit().await?; } }
On cancellation, it'd be ideal to explicitly abort the pending transaction rather than leaving it hanging. Rust, unfortunately, doesn't provide a bullet-proof mechanism for this kind of asynchronous clean up operations.
The most common strategy is to rely on the Drop trait to schedule the required
clean-up work. This can be by:
- Spawning a new task on the runtime
- Enqueueing a message on a channel
- Spawning a background thread
The optimal choice is contextual.
Cancelling spawned tasks
When you spawn a task using tokio::spawn, you can no longer drop it;
it belongs to the runtime.
Nonetheless, you can use its JoinHandle to cancel it if needed:
#![allow(unused)] fn main() { async fn run() { let handle = tokio::spawn(/* some async task */); // Cancel the spawned task handle.abort(); } }
Further reading
- Be extremely careful when using
tokio'sselect!macro to "race" two different futures. Retrying the same task in a loop is dangerous unless you can ensure cancellation safety. Check outselect!'s documentation for more details.
If you need to interleave two asynchronous streams of data (e.g. a socket and a channel), prefer usingStreamExt::mergeinstead. - A
CancellationTokenmay be preferable toJoinHandle::abortin some cases.
Exercise
The exercise for this section is located in 08_futures/07_cancellation