Correctness: MCP manager has no health check loop for server liveness #116

New issue

Open

opened 2026-05-11 23:08:58 +00:00 by thabeta · 0 comments

thabeta commented

2026-05-11 23:08:58 +00:00

Owner

Severity: High

Location

crates/hero_aibroker_lib/src/mcp.rs — McpManager

Finding

The MCP manager spawns servers at startup but never checks if they're still alive:

No SIGCHLD handler
No child.try_wait() polling
No periodic health check
Dead servers remain in the list with stale tool data
list_servers() shows dead servers as 'running' if they started successfully

Impact

Tools from crashed MCP servers appear available
Tool invocations fail with confusing errors
No automatic restart of crashed servers
Silent degradation of tool availability

Recommendation

Spawn a background task per MCP server that polls child.try_wait()
Implement periodic health checks (ping via JSON-RPC)
Auto-restart with backoff on unexpected exit
Remove tools from cache when server dies
Add a 'status' field that reflects actual liveness, not just startup success

## Severity: High ## Location `crates/hero_aibroker_lib/src/mcp.rs` — `McpManager` ## Finding The MCP manager spawns servers at startup but never checks if they're still alive: - No `SIGCHLD` handler - No `child.try_wait()` polling - No periodic health check - Dead servers remain in the list with stale tool data - `list_servers()` shows dead servers as 'running' if they started successfully ## Impact - Tools from crashed MCP servers appear available - Tool invocations fail with confusing errors - No automatic restart of crashed servers - Silent degradation of tool availability ## Recommendation - Spawn a background task per MCP server that polls `child.try_wait()` - Implement periodic health checks (ping via JSON-RPC) - Auto-restart with backoff on unexpected exit - Remove tools from cache when server dies - Add a 'status' field that reflects actual liveness, not just startup success