Operational: No graceful shutdown for MCP servers #87

New issue

Open

opened 2026-05-11 13:48:52 +00:00 by thabeta · 0 comments

thabeta commented

2026-05-11 13:48:52 +00:00

Owner

Severity: Medium

Location

crates/hero_aibroker_lib/src/mcp.rs — Drop impl for McpManager

Finding

When the broker shuts down, MCP servers are killed without any graceful shutdown sequence:

impl Drop for McpManager {
    fn drop(&mut self) {
        for mut server in servers.drain(..) {
            let _ = server.kill();  // SIGKILL, no graceful shutdown
        }
    }
}

Impact

MCP servers lose in-flight state
No JSON-RPC notifications/initialized teardown
External resources held by MCP servers are not released cleanly
kill() returning Result means failures are silently swallowed

Recommendation

Send JSON-RPC shutdown notification before killing
Implement graceful timeout (e.g., 5s) before force kill
Log shutdown status per server

## Severity: Medium ## Location `crates/hero_aibroker_lib/src/mcp.rs` — `Drop` impl for `McpManager` ## Finding When the broker shuts down, MCP servers are killed without any graceful shutdown sequence: ```rust impl Drop for McpManager { fn drop(&mut self) { for mut server in servers.drain(..) { let _ = server.kill(); // SIGKILL, no graceful shutdown } } } ``` ## Impact - MCP servers lose in-flight state - No JSON-RPC `notifications/initialized` teardown - External resources held by MCP servers are not released cleanly - `kill()` returning Result means failures are silently swallowed ## Recommendation - Send JSON-RPC shutdown notification before killing - Implement graceful timeout (e.g., 5s) before force kill - Log shutdown status per server