From 7f6e6aa0cd9cfb857ce440d1b385a17231c18b37 Mon Sep 17 00:00:00 2001
From: WHOIM1205 <rathourprateek8@gmail.com>
Date: Fri, 5 Jun 2026 11:47:51 -0700
Subject: [PATCH] fix(unikontainers): reject non-positive pid in kill/signal
 paths

Signed-off-by: WHOIM1205 <rathourprateek8@gmail.com>
---
 pkg/unikontainers/hypervisors/utils.go |  7 +++++++
 pkg/unikontainers/unikontainers.go     | 15 +++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/pkg/unikontainers/hypervisors/utils.go b/pkg/unikontainers/hypervisors/utils.go
index 1bee33104..165a88323 100644
--- a/pkg/unikontainers/hypervisors/utils.go
+++ b/pkg/unikontainers/hypervisors/utils.go
@@ -68,6 +68,13 @@ func BytesToStringMB(argMem uint64) string {
 
 func killProcess(pid int) error {
 	const timeout = 2 * time.Second
+	// Guard against non-positive PIDs. unix.Kill interprets pid <= 0 as a
+	// process-group/broadcast target (e.g. -1 means every process the caller
+	// may signal), so a sentinel PID (-1) from a partially-created container
+	// would SIGKILL the whole host.
+	if pid <= 0 {
+		return fmt.Errorf("refusing to kill invalid pid %d", pid)
+	}
 	err := unix.Kill(pid, unix.SIGKILL)
 	if err != nil {
 		if errors.Is(err, unix.ESRCH) {
diff --git a/pkg/unikontainers/unikontainers.go b/pkg/unikontainers/unikontainers.go
index fc297f937..78ca91f9c 100644
--- a/pkg/unikontainers/unikontainers.go
+++ b/pkg/unikontainers/unikontainers.go
@@ -692,6 +692,13 @@ func setupUser(user specs.User) error {
 
 // Signal sends a specified signal to container's init.
 func (u *Unikontainer) Signal(signal unix.Signal) error {
+	// Guard against non-positive PIDs. A partially-created container persists
+	// a sentinel PID (-1) in its state, and unix.Kill treats pid <= 0 as a
+	// process-group/broadcast target, which would signal every process on the
+	// host instead of the container's monitor.
+	if u.State.Pid <= 0 {
+		return fmt.Errorf("container %s has no valid pid to signal", u.State.ID)
+	}
 	vmmType := u.State.Annotations[annotHypervisor]
 	vmm, err := hypervisors.NewVMM(hypervisors.VmmType(vmmType), u.UruncCfg.Monitors)
 	if err != nil {
@@ -1293,6 +1300,14 @@ func (u *Unikontainer) SendMessage(message IPCMessage) error {
 func (u *Unikontainer) isRunning() bool {
 	vmmType := hypervisors.VmmType(u.State.Annotations[annotHypervisor])
 	if vmmType != hypervisors.HedgeVmm {
+		// A non-positive PID means the container never reached a running
+		// state (e.g. it failed during creation while still holding the
+		// sentinel PID -1). Treat it as not running so it can be cleaned up.
+		// This also avoids syscall.Kill(-1, 0) returning nil and falsely
+		// reporting the container as running.
+		if u.State.Pid <= 0 {
+			return false
+		}
 		return syscall.Kill(u.State.Pid, syscall.Signal(0)) == nil
 	}
 	hedge := hypervisors.Hedge{}