fix(runtime): reap detached box's full cgroup tree on stop/remove

[G4614]

Problem

A detached box's boxlite stop / rm -f returns success and removes the
box record, but leaves its VM running — an untracked orphan. This is the
runtime root of detached-box accumulation ("积压") on long-lived hosts
(#137/#141).

Cause: kill_process(recorded_pid) only SIGKILLs the outer bwrap launcher
(shim.pid records it). A box's tree is outer bwrap → inner pid-ns bwrap → shim → VM. Since #851 stopped applying --die-with-parent to detached boxes,
killing the outer one leaves the inner pid-ns tree alive.

Fix — reap the box's whole cgroup by id

• cgroup::kill_cgroup(box_id) — write 1 to <cgroup>/cgroup.kill
  (cgroup v2). Tears down every process in the box's cgroup atomically,
  regardless of pid-namespace / process-group structure. Best-effort,
  idempotent — a no-op when the cgroup is gone/empty or absent.
• remove_box force path — kill_cgroup(id) before the single-pid
  fallback; keyed on id, so it reaps even after recovery cleared
  state.pid.
• stop — kill_cgroup as a final step after graceful guest shutdown; a
  no-op once the box has exited cleanly.

kill_process stays as the fallback for hosts without the cgroup jailer
(disabled / macOS seatbelt), where the box tree is a single shim process.

Tests

• Unit (CI, no root) — kill_cgroup on an absent cgroup is a no-op
  (returns false); locks the best-effort contract for the no-jailer / macOS
  path.
• Integration (Linux, VM) — detached_box_force_remove_reaps_whole_tree:
  boot a detached box, assert a live tree, remove(force), assert 0 box
  processes remain (/proc scan by box id). Reproduced two-sided as root:
  with the rm -f reap disabled it FAILS (left: 2, right: 0 — the leaked
  inner bwrap + shim); restored, it passes.

Verified (root, repeated)

Boxes boot on the test host once euid 0 bypasses the jailer's RLIMIT_NPROC
ceiling.

path	before	after
rm -f detached ×5	3 procs	0 each
stop detached ×2	2 procs	0 each
non-detached run --rm	—	prints output, exit 0, 0 leak

Compiles; cargo fmt clean.

⚠️ Not run: the full cargo/CI integration suites (need a KVM runner with
process headroom). macOS seatbelt path falls back to kill_process and is
unchanged.

Related

The test-side counterpart (recovery tests reaping their own stranded detached
trees) is #870. This PR fixes the underlying production leak that those tests
were tripping over.

🤖 Generated with Claude Code

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 40810cbd-a580-4400-af9c-6848791d3b46

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}