Initial fetch timeout (with working tests)

[chrisbobbe]

This is the "minimal version" of a fix Greg describes in the issue; as he mentions there, it would be good to make follow-up improvements.

Fixes: #4165

EDIT: The below hack is no longer necessary, and this branch doesn't use it (Greg and I worked it out on the phone).

EDIT, again: Deleted the description of that hack in case it was deterring a review. 🙂

[chrisbobbe]

(Deleted a long comment about being stalled on a RN thing, which we've moved past; see below.)

[chrisbobbe]

The current status of this is that I'm not sure I want to ram through a change in React Native (in our fork) that I know breaks React Native's tests, even if the code seems to work for us:

And, as I just noted at zulip/react-native#5 (comment), we've found an easier, less invasive way! I'll push a new revision with that soon and finally un-mark this as a draft.

[chrisbobbe]

And, as I just noted at zulip/react-native#5 (comment), we've found an easier, less invasive way! I'll push a new revision with that soon and finally un-mark this as a draft.

OK!

[chrisbobbe]

I just fixed some conflicts and made a few commit-message tweaks. 🙂

[chrisbobbe]

I just fixed some conflicts. 🙂

[chrisbobbe]

Just fixed a small conflict; small bump for a review (if still a P1 issue, at least). 🙂

[WesleyAC]

Reviewed up until the commits removing Lolex.

Thanks for working on this!

[WesleyAC]

This commit talks about 5xx errors, the previous commit about 4xx errors. Is that correct? Does this action get sent if there's a 4xx error, or not?

[chrisbobbe]

This commit talks about 5xx errors, the previous commit about 4xx errors. Is that correct?

I believe so, although I think I could be clearer. 🙂 Specifically, the role I have in mind for INITIAL_FETCH_ABORT is not for cases where breaking from the retry loop is the only rational choice—rather, it's for when we just have a pretty good idea that retrying has stopped being useful, even if that isn't proven. Possibly renaming INITIAL_FETCH_ABORT could help here; at least, I should expand the jsdoc.

On a 4xx error, breaking from the retry loop is the only rational choice, and I don't have this action getting dispatched on those. It's a client error; what we've been sending the server isn't any good, and we should bail on this retry loop. We should send a Sentry error report, if the server tells us we've given it garbage; or log out, if the auth is invalid; and so on. I suppose, if we were nimble enough as a client, there might be cases where we have some other reasonable input to try giving the server as a fallback—but I think even in those cases it's cleanest to throw out the current retry loop and start a new one, with fresh backoff state.

If we've just waited long enough (that we don't think we'll get an answer soon, or that we think the user wants to stop waiting, etc.), that's a suggestion that we should break out of the retry loop, but it's not a proof that waiting longer would be useless. Same with 5xx errors, I think—the server hasn't told us we've done anything wrong, and the issue might clear up in a second or two. But, realistically, what are the chances that it'll be cleared up soon anyway...might as well give up, even though we might have gotten lucky if we kept trying. 🤷

(I do see that I haven't actually started dispatching INITIAL_FETCH_ABORT on 5xx errors in this revision, which is quite old…huh, perhaps I should do that! 🤔)

[chrisbobbe]

Though, seeing the ratio of the amount I've said just now, above, to what actually made it into comments/jsdoc, I think it could be helpful to have my assumptions examined, possibly on CZO; what do you think? 🙂

[WesleyAC]

Is this a common pattern? It seems strange to me, I'd expect the navigation to be driven by the receiver of the action, not the sender. But I don't know much about this.

[chrisbobbe]

I'd expect the navigation to be driven by the receiver of the action, not the sender.

Yeah; we used to have something like that.

Before #3804 was resolved, we would store React Navigation's state in our Redux store, and we had a navReducer that we could make recognize an action like initialFetchAbortPlain() and update the nav state accordingly.

(We actually mixed that approach with dispatching actions from the action creators in navActions, with the same dispatch we use for all the other actions. NavigationService is a stepping stone toward using React Navigation's navigation prop/object.)

With React Navigation's state not in our Redux store anymore, that old approach in navReducer isn't available.

We also can't add a go-navigate-somewhere side effect to our existing reducers because reducers explicitly aren't the place for side effects.

The choice to put NavigationService.dispatch(resetToAccountPicker()); (or I guess, one day, navigation.reset({ index: 0, routes: [{ name: 'account-pick' }] }); or similar) in the thunk action creator initialFetchAbort is a bit subtle: it follows our strategy to eliminate a class of bugs where we try to do stuff before the store has rehydrated; Greg has a good explanation of that here.

I've also thought it might be nice to not count on remembering to call go-navigate-somewhere code alongside dispatching things like logoutPlain(). The fact that we do is a reminder that dispatching logoutPlain() doesn't…finish the job of logging out: navigating away from the logged-in screens is an important part of that. 🙂

store.subscribe() comes to mind, but that's a low-level API and it doesn't tell a passed handler about actions that have been dispatched; only the fact that an action has been dispatched.

I think that leaves Redux middleware—I could imagine writing some middleware that does things like see an INITIAL_FETCH_ABORT-type action go by, and navigate based on that.

[chrisbobbe]

I've also thought it might be nice to not count on remembering to call go-navigate-somewhere code alongside dispatching things like logoutPlain(). The fact that we do is a reminder that dispatching logoutPlain() doesn't…finish the job of logging out: navigating away from the logged-in screens is an important part of that. 🙂

Ah, I just edited logout() here to logoutPlain(), after I saw that that's what I meant. I think the situation there isn't quite as bad as I'd thought; logout() (the thunk action) does do the essential job of navigating, which makes it a bit more understandable that logoutPlain() does not. 🙂

[chrisbobbe]

Similarly, in this PR, the thunk action initialFetchAbort() does do the essential job of navigating, while the plain action initialFetchAbortPlain() doesn't.

[chrisbobbe]

Let me know if I can unpack any of that, maybe on CZO. 🙂

[WesleyAC]

The word "outcome" here (and in the ¶ below) is a bit confusing to me — is this common Promise terminology? I'd find something like:

Returns a new Promise that resolves to whatever `promise` resolved to, if
`promise` completes in time.

If `promise` does not complete before `timeLimitMs` has passed, this function
calls `onTimeout` and returns a promise that resolves to its return value.

clearer.

[chrisbobbe]

Yeah; I looked around for a more common term to use; the MDN doc on Promise just uses "outcome" once, and I liked it when it did. Hmm.

I meant to write the interface without assuming promise will resolve; instead, it might reject. See Greg's comment at #4166 (comment).

Maybe something like this:

 * Returns a new Promise with the same outcome (resolved/rejected) as
 * `promise`, if `promise` completes in time.
 *
 * If `promise` does not complete before `timeLimitMs` has passed,
 * `onTimeout` is called, and its outcome is used as the outcome of
 * the returned Promise.

[WesleyAC]

s/a certain duration/MAX_TIME_MS/

[chrisbobbe]

(EDIT: my point below is moot in the current revision)

---

I think the following point will be moot if we move MAX_TIME_MS (with a rename) somewhere else, like in config.js. 🙂 But it's a chance to bring up one of our habits so far.

In the code you're looking at, I intentionally left MAX_TIME_MS out of the jsdoc. Our pattern with functions has been to use jsdoc for interface, and //-style comments for implementation. While I haven't always gotten this right, I think I might have in this case (though with the big asterisk in my previous paragraph 😉): someone reading the jsdoc can't resolve MAX_TIME_MS to a meaningful value without peeking under the hood and looking at its definition in the function's implementation. For that reason, I figured it didn't belong in the jsdoc.

I realized one thing quite a while after learning about that pattern: VSCode, at least with our config, parses a function's jsdoc and shows it to would-be callers on a hover interaction, etc. (I imagine other editors can be made to do that too.) When I remember this, it can help me decide what's interface vs. implementation: a good jsdoc will help callers do their business without even having to open the file that the function is defined in.

I think the right way forward, here, might be to define the constant in config.js, in which case we can freely refer to it in the jsdoc because config.js is a scope that callers will naturally be aware of. Does that sound right? And @gnprice, how's my interpretation of the jsdoc / // pattern here; is it too rigid? 🙂

[WesleyAC]

Aren't we using Flow 0.128.0 now? Does that have this same bug?

[chrisbobbe]

Yeah, looks like it; I'll update the comment.

[chrisbobbe]

Er, and this has disappeared with the change to promiseTimeout's interface described at #4193 (comment).

🎉

[WesleyAC]

A minute seems quite long for this timeout. How'd you decide on that?

(It could be reasonable, certainly it's quite bad if we get into a failure loop because we picked too optimistic a value, I'm just curious how you arrived here)

[chrisbobbe]

That came from the description of #4165; it's not super precise:

As a minimal version, if the initial fetch takes a completely unreasonable amount of time (maybe one minute), we should give up and take you to the account-picker screen so you can try a different account and server.

Still, good idea to say something in a code comment—possibly this actually belongs in config.js?

[chrisbobbe]

Thanks for the review, @WesleyAC! I've left some responses on each of your comments.

Looking again, I wonder if we really want to model promiseTimeout so closely on that Dart API. I don't really know anything about Dart, but it seems like we could reasonably simplify our promiseTimeout by omitting onTimeout and just having the returned Promise reject with a TimeoutError if the time is up and promise hasn't resolved/rejected yet.

[chrisbobbe]

(Awaiting discussion here before continuing with my revision.)

I've got an answer there and am ready to continue working on this. 🙂

[chrisbobbe]

Revision pushed!

This one keeps having tryFetch retry on 5xx errors, but then the initial fetch stops using tryFetch and just uses promiseTimeout directly instead, since it's clear that we don't want to retry the initial fetch on 5xx errors (which is to say, we don't want to retry the initial fetch at all).

And this revision starts using tryFetch with GET /messages; we've discussed having that time out after a minute, as mentioned in that commit.

There are a lot of commits in this revision, so if you spot an opportunity to merge the first n commits, or something, feel free to do that, to help focus the review. I'm also happy to split this into multiple PRs. 🙂

[chrisbobbe]

Closing as superseded by #4753 and #4754; we've decided it's best to split this into two PRs.