wallfacer-core 0.7.0

Runtime fuzzing and invariant-testing harness for MCP servers — catch crashes, hangs, schema drift, and state leaks before they ship.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351

//! MCP client wrapper.
//!
//! Phase E1 puts the underlying `rmcp` service behind an
//! `Arc<RwLock<...>>` so:
//!
//! * `Client` is `Clone` (cheap `Arc::clone`); torture can fan out across
//!   many tasks sharing the same connection.
//! * `list_tools` and `call_tool` take `&self` and acquire a *read* lock,
//!   allowing concurrent calls to be in flight at once.
//! * `reconnect` takes `&self` and acquires a *write* lock to atomically
//!   tear down and rebuild the underlying service. Concurrent callers see
//!   either the old or the new transport, never a torn state.

use std::{
    collections::HashMap, future::Future, path::Path, process::Stdio, sync::Arc, time::Duration,
};

use http::{HeaderName, HeaderValue};
use rmcp::{
    model::{CallToolRequestParams, CallToolResult, Prompt, Resource, ServerCapabilities, Tool},
    service::{RoleClient, RunningService, RxJsonRpcMessage, TxJsonRpcMessage},
    transport::{
        async_rw::AsyncRwTransport, streamable_http_client::StreamableHttpClientTransportConfig,
        StreamableHttpClientTransport, Transport as RmcpTransport,
    },
    ServiceExt,
};
use serde_json::Value;
use thiserror::Error;
use tokio::{
    process::{Child, ChildStdin, ChildStdout, Command},
    sync::RwLock,
    time,
};

use crate::target::{Target, Transport as TargetTransport};

const CHILD_SHUTDOWN_TIMEOUT: Duration = Duration::from_secs(3);

#[derive(Debug, Error)]
pub enum ClientError {
    #[error("failed to spawn stdio transport: {0}")]
    Spawn(#[source] std::io::Error),
    #[error("failed to initialize MCP client: {0}")]
    Initialize(String),
    #[error("invalid HTTP header {name}: {message}")]
    InvalidHeader { name: String, message: String },
    #[error("failed to shut down MCP client: {0}")]
    Shutdown(#[source] tokio::task::JoinError),
    #[error("MCP request failed: {0}")]
    Request(String),
}

pub type Result<T> = std::result::Result<T, ClientError>;

/// Cheaply-cloneable MCP client. Cloning shares the same underlying
/// transport via `Arc`. After [`Client::shutdown`] the transport is gone
/// and further calls return `ClientError::Request`.
#[derive(Clone)]
pub struct Client {
    /// `Some` while the transport is live; `None` after `shutdown`.
    /// `RwLock` allows concurrent `&self` calls (read) and exclusive
    /// `reconnect` (write).
    service: Arc<RwLock<Option<RunningService<RoleClient, ()>>>>,
    target: Target,
}

#[derive(Debug)]
pub enum CallOutcome {
    Ok(CallToolResult),
    Hang(Duration),
    Crash(String),
    ProtocolError(String),
}

impl Client {
    pub async fn connect(target: &Target) -> Result<Self> {
        let service = build_service(target).await?;
        Ok(Self {
            service: Arc::new(RwLock::new(Some(service))),
            target: target.clone(),
        })
    }

    /// Tears down the current transport and opens a new one. Other tasks
    /// holding a `&self` reference will see the new transport on their
    /// next call. Phase E1 changed this from `&mut self` to `&self` so
    /// callers can recover after a fault without exclusive ownership of
    /// the `Client`.
    pub async fn reconnect(&self) -> Result<()> {
        // Build the replacement *before* dropping the old one to keep the
        // window where the client has no transport as small as possible.
        let replacement = build_service(&self.target).await?;
        let mut guard = self.service.write().await;
        if let Some(old) = guard.take() {
            let _ = old.cancel().await;
        }
        *guard = Some(replacement);
        Ok(())
    }

    pub async fn list_tools(&self) -> Result<Vec<Tool>> {
        let guard = self.service.read().await;
        let service = guard
            .as_ref()
            .ok_or_else(|| ClientError::Request("client has been shut down".into()))?;
        service
            .list_all_tools()
            .await
            .map_err(|error| ClientError::Request(error.to_string()))
    }

    /// Returns a clone of the server's announced [`ServerCapabilities`]
    /// from the initial `initialize` handshake, or `None` if the client
    /// has been shut down or the handshake hadn't completed.
    ///
    /// Per MCP spec, clients should not call `resources/list` or
    /// `prompts/list` against a server that didn't declare the
    /// corresponding capability — doing so produces a noisy
    /// `-32601 method not found` from compliant servers. Use this to
    /// gate optional listing calls.
    pub async fn server_capabilities(&self) -> Option<ServerCapabilities> {
        let guard = self.service.read().await;
        guard
            .as_ref()
            .and_then(|service| service.peer_info())
            .map(|info| info.capabilities.clone())
    }

    /// Lists the server's resources. Returns `Ok(vec![])` (silently)
    /// when the server didn't declare the `resources` capability at
    /// init time — this avoids spamming a `-32601 method not found`
    /// failure for servers that legitimately don't expose resources.
    /// Callers needing to distinguish "not advertised" from "empty"
    /// should check [`Self::server_capabilities`] first.
    pub async fn list_resources(&self) -> Result<Vec<Resource>> {
        let advertises = self
            .server_capabilities()
            .await
            .is_some_and(|caps| caps.resources.is_some());
        if !advertises {
            return Ok(Vec::new());
        }
        let guard = self.service.read().await;
        let service = guard
            .as_ref()
            .ok_or_else(|| ClientError::Request("client has been shut down".into()))?;
        service
            .list_all_resources()
            .await
            .map_err(|error| ClientError::Request(error.to_string()))
    }

    /// Lists the server's prompts. Same capability-aware short-circuit
    /// as [`Self::list_resources`]: returns `Ok(vec![])` when the
    /// server didn't declare the `prompts` capability.
    pub async fn list_prompts(&self) -> Result<Vec<Prompt>> {
        let advertises = self
            .server_capabilities()
            .await
            .is_some_and(|caps| caps.prompts.is_some());
        if !advertises {
            return Ok(Vec::new());
        }
        let guard = self.service.read().await;
        let service = guard
            .as_ref()
            .ok_or_else(|| ClientError::Request("client has been shut down".into()))?;
        service
            .list_all_prompts()
            .await
            .map_err(|error| ClientError::Request(error.to_string()))
    }

    pub async fn call_tool(&self, name: &str, arguments: Value, timeout: Duration) -> CallOutcome {
        let arguments = match arguments {
            Value::Object(map) => Some(map),
            Value::Null => None,
            other => {
                return CallOutcome::ProtocolError(format!(
                    "tool arguments must be a JSON object or null, got {other}"
                ));
            }
        };

        let request = match arguments {
            Some(arguments) => {
                CallToolRequestParams::new(name.to_owned()).with_arguments(arguments)
            }
            None => CallToolRequestParams::new(name.to_owned()),
        };

        // Snapshot the current transport for the duration of the call. We
        // hold the read lock across the await so a concurrent reconnect
        // waits until our call finishes before swapping.
        let guard = self.service.read().await;
        let Some(service) = guard.as_ref() else {
            return CallOutcome::ProtocolError("client has been shut down".into());
        };
        match time::timeout(timeout, service.call_tool(request)).await {
            Ok(Ok(result)) => CallOutcome::Ok(result),
            Ok(Err(error)) if service.is_transport_closed() => {
                CallOutcome::Crash(error.to_string())
            }
            Ok(Err(error)) => CallOutcome::ProtocolError(error.to_string()),
            Err(_) => CallOutcome::Hang(timeout),
        }
    }

    /// Shuts the underlying transport down. After this call other clones of
    /// this `Client` keep working semantically but return `ProtocolError`
    /// on every method (the transport is gone).
    pub async fn shutdown(&self) -> Result<()> {
        let mut guard = self.service.write().await;
        match guard.take() {
            Some(service) => service
                .cancel()
                .await
                .map(|_| ())
                .map_err(ClientError::Shutdown),
            None => Ok(()),
        }
    }

    pub fn target(&self) -> &Target {
        &self.target
    }
}

async fn build_service(target: &Target) -> Result<RunningService<RoleClient, ()>> {
    let service = match &target.transport {
        TargetTransport::Stdio { command, args, env } => {
            let mut process = Command::new(command);
            process.args(args).envs(env);
            let transport = StdioChildTransport::spawn(process).map_err(ClientError::Spawn)?;
            ().serve(transport)
                .await
                .map_err(|error| ClientError::Initialize(error.to_string()))?
        }
        TargetTransport::Http { url, headers } => {
            let headers = header_map(headers)?;
            let config =
                StreamableHttpClientTransportConfig::with_uri(url.clone()).custom_headers(headers);
            let transport = StreamableHttpClientTransport::from_config(config);
            ().serve(transport)
                .await
                .map_err(|error| ClientError::Initialize(error.to_string()))?
        }
    };
    Ok(service)
}

pub fn fixture_config_path(repo_root: &Path) -> std::path::PathBuf {
    repo_root.join("tests/fixtures/wallfacer.toml")
}

fn header_map(headers: &HashMap<String, String>) -> Result<HashMap<HeaderName, HeaderValue>> {
    headers
        .iter()
        .map(|(name, value)| {
            let header_name = HeaderName::from_bytes(name.as_bytes()).map_err(|error| {
                ClientError::InvalidHeader {
                    name: name.clone(),
                    message: error.to_string(),
                }
            })?;
            let header_value =
                HeaderValue::from_str(value).map_err(|error| ClientError::InvalidHeader {
                    name: name.clone(),
                    message: error.to_string(),
                })?;
            Ok((header_name, header_value))
        })
        .collect()
}

struct StdioChildTransport {
    child: Option<Child>,
    transport: AsyncRwTransport<RoleClient, ChildStdout, ChildStdin>,
}

impl StdioChildTransport {
    fn spawn(mut command: Command) -> std::io::Result<Self> {
        command
            .stdin(Stdio::piped())
            .stdout(Stdio::piped())
            .stderr(Stdio::inherit());

        let mut child = command.spawn()?;
        let stdout = child
            .stdout
            .take()
            .ok_or_else(|| std::io::Error::other("child stdout was already taken"))?;
        let stdin = child
            .stdin
            .take()
            .ok_or_else(|| std::io::Error::other("child stdin was already taken"))?;

        Ok(Self {
            child: Some(child),
            transport: AsyncRwTransport::new_client(stdout, stdin),
        })
    }

    async fn close_child(&mut self) -> std::io::Result<()> {
        self.transport.close().await?;

        if let Some(mut child) = self.child.take() {
            match time::timeout(CHILD_SHUTDOWN_TIMEOUT, child.wait()).await {
                Ok(status) => {
                    status?;
                }
                Err(_) => {
                    child.kill().await?;
                }
            }
        }

        Ok(())
    }
}

impl Drop for StdioChildTransport {
    fn drop(&mut self) {
        if let Some(mut child) = self.child.take() {
            let _ = child.start_kill();
            tokio::spawn(async move {
                let _ = child.wait().await;
            });
        }
    }
}

impl RmcpTransport<RoleClient> for StdioChildTransport {
    type Error = std::io::Error;

    fn send(
        &mut self,
        item: TxJsonRpcMessage<RoleClient>,
    ) -> impl Future<Output = std::result::Result<(), Self::Error>> + Send + 'static {
        self.transport.send(item)
    }

    fn receive(&mut self) -> impl Future<Output = Option<RxJsonRpcMessage<RoleClient>>> + Send {
        self.transport.receive()
    }

    fn close(&mut self) -> impl Future<Output = std::result::Result<(), Self::Error>> + Send {
        self.close_child()
    }
}