gvisor virtual filesystem.

https://github.com/google/gvisor/tree/master/pkg/sentry/fs

VFS2 addresses this by delegating path resolution to the filesystem, making it possible to send a single RPC for each syscall operation, instead of one RPC per path component in the operation. For example, stat(/foo/bar/goo) generates at least 3 RPC round trips to the gofer (foo, bar, goo), while VFS2 makes only 1.

This package provides an implementation of the Linux virtual filesystem.

[TOC]

Overview

• An fs.Dirent caches an fs.Inode in memory at a path in the VFS, giving the fs.Inode a relative position with respect to other fs.Inodes.

• If an fs.Dirent is referenced by two file descriptors, then those file descriptors are coherent with each other: they depend on the same fs.Inode.

• A mount point is an fs.Dirent for which fs.Dirent.mounted is true. It exposes the root of a mounted filesystem.

• The fs.Inode produced by a registered filesystem on mount(2) owns an fs.MountedFilesystem from which other fs.Inodes will be looked up. For a remote filesystem, the fs.MountedFilesystem owns the connection to that remote filesystem.

• In general:

fs.Inode <------------------------------
|                                      |
|                                      |
produced by                            |
exactly one                            |
|                             responsible for the
|                             virtual identity of
v                                      |
fs.MountedFilesystem -------------------

Glossary:

• VFS: virtual filesystem.

• inode: a virtual file object holding a cached view of a file on a backing filesystem (includes metadata and page caches).

• superblock: the virtual state of a mounted filesystem (e.g. the virtual inode number set).

• mount namespace: a view of the mounts under a root (during path traversal, the VFS makes visible/follows the mount point that is in the current task's mount namespace).

Save and restore

An application's hard dependencies on filesystem state can be broken down into two categories:

• The state necessary to execute a traversal on or view the virtual filesystem hierarchy, regardless of what files an application has open.

• The state necessary to represent open files.

The first is always necessary to save and restore. An application may never have any open file descriptors, but across save and restore it should see a coherent view of any mount namespace. NOTE(b/63601033): Currently only one "initial" mount namespace is supported.

The second is so that system calls across save and restore are coherent with each other (e.g. so that unintended re-reads or overwrites do not occur).

Specifically this state is:

• An fs.MountManager containing mount points.

• A kernel.FDTable containing pointers to open files.

Anything else managed by the VFS that can be easily loaded into memory from a filesystem is synced back to those filesystems and is not saved. Examples are pages in page caches used for optimizations (i.e. readahead and writeback), and directory entries used to accelerate path lookups.

Mount points

Saving and restoring a mount point means saving and restoring:

• The root of the mounted filesystem.

• Mount flags, which control how the VFS interacts with the mounted filesystem.

• Any relevant metadata about the mounted filesystem.

• All fs.Inodes referenced by the application that reside under the mount point.

fs.MountedFilesystem is metadata about a filesystem that is mounted. It is referenced by every fs.Inode loaded into memory under the mount point including the fs.Inode of the mount point itself. The fs.MountedFilesystem maps file objects on the filesystem to a virtualized fs.Inode number and vice versa.

To restore all fs.Inodes under a given mount point, each fs.Inode leverages its dependency on an fs.MountedFilesystem. Since the fs.MountedFilesystem knows how an fs.Inode maps to a file object on a backing filesystem, this mapping can be trivially consulted by each fs.Inode when the fs.Inode is restored.

In detail, a mount point is saved in two steps:

• First, after the kernel is paused but before state.Save, we walk all mount namespaces and install a mapping from fs.Inode numbers to file paths relative to the root of the mounted filesystem in each fs.MountedFilesystem. This is subsequently called the set of fs.Inode mappings.

• Second, during state.Save, each fs.MountedFilesystem decides whether to save the set of fs.Inode mappings. In-memory filesystems, like tmpfs, have no need to save a set of fs.Inode mappings, since the fs.Inodes can be entirely encoded in state file. Each fs.MountedFilesystem also optionally saves the device name from when the filesystem was originally mounted. Each fs.Inode saves its virtual identifier and a reference to a fs.MountedFilesystem.

A mount point is restored in two steps:

• First, before state.Load, all mount configurations are stored in a global fs.RestoreEnvironment. This tells us what mount points the user wants to restore and how to re-establish pointers to backing filesystems.

• Second, during state.Load, each fs.MountedFilesystem optionally searches for a mount in the fs.RestoreEnvironment that matches its saved device name. The fs.MountedFilesystem then reestablishes a pointer to the root of the mounted filesystem. For example, the mount specification provides the network connection for a mounted remote filesystem client to communicate with its remote file server. The fs.MountedFilesystem also trivially loads its set of fs.Inode mappings. When an fs.Inode is encountered, the fs.Inode loads its virtual identifier and its reference a fs.MountedFilesystem. It uses the fs.MountedFilesystem to obtain the root of the mounted filesystem and the fs.Inode mappings to obtain the relative file path to its data. With these, the fs.Inode re-establishes a pointer to its file object.

A mount point can trivially restore its fs.Inodes in parallel since fs.Inodes have a restore dependency on their fs.MountedFilesystem and not on each other.

Open files

An fs.File references the following filesystem objects:

fs.File -> fs.Dirent -> fs.Inode -> fs.MountedFilesystem

The fs.Inode is restored using its fs.MountedFilesystem. The Mount points section above describes how this happens in detail. The fs.Dirent restores its pointer to an fs.Inode, pointers to parent and children fs.Dirents, and the basename of the file.

Otherwise an fs.File restores flags, an offset, and a unique identifier (only used internally).

It may use the fs.Inode, which it indirectly holds a reference on through the fs.Dirent, to reestablish an open file handle on the backing filesystem (e.g. to continue reading and writing).

Overlay

The overlay implementation in the fs package takes Linux overlayfs as a frame of reference but corrects for several POSIX consistency errors.

In Linux overlayfs, the struct inode used for reading and writing to the same file may be different. This is because the struct inode is dissociated with the process of copying up the file from the upper to the lower directory. Since flock(2) and fcntl(2) locks, inotify(7) watches, page caches, and a file's identity are all stored directly or indirectly off the struct inode, these properties of the struct inode may be stale after the first modification. This can lead to file locking bugs, missed inotify events, and inconsistent data in shared memory mappings of files, to name a few problems.

The fs package maintains a single fs.Inode to represent a directory entry in an overlay and defines operations on this fs.Inode which synchronize with the copy up process. This achieves several things:

• File locks, inotify watches, and the identity of the file need not be copied at all.

• Memory mappings of files coordinate with the copy up process so that if a file in the lower directory is memory mapped, all references to it are invalidated, forcing the application to re-fault on memory mappings of the file under the upper directory.

The fs.Inode holds metadata about files in the upper and/or lower directories via an fs.overlayEntry. The fs.overlayEntry implements the fs.Mappable interface. It multiplexes between upper and lower directory memory mappings and stores a copy of memory references so they can be transferred to the upper directory fs.Mappable when the file is copied up.

The lower filesystem in an overlay may contain another (nested) overlay, but the upper filesystem may not contain another overlay. In other words, nested overlays form a tree structure that only allows branching in the lower filesystem.

Caching decisions in the overlay are delegated to the upper filesystem, meaning that the Keep and Revalidate methods on the overlay return the same values as the upper filesystem. A small wrinkle is that the lower filesystem is not allowed to return true from Revalidate, as the overlay can not reload inodes from the lower filesystem. A lower filesystem that does return true from Revalidate will trigger a panic.

The fs.Inode also holds a reference to a fs.MountedFilesystem that normalizes across the mounted filesystem state of the upper and lower directories.

When a file is copied from the lower to the upper directory, attempts to interact with the file block until the copy completes. All copying synchronizes with rename(2).

Future Work

Overlay

When a file is copied from a lower directory to an upper directory, several locks are taken: the global renamuMu and the copyMu of the fs.Inode being copied. This blocks operations on the file, including fault handling of memory mappings. Performance could be improved by copying files into a temporary directory that resides on the same filesystem as the upper directory and doing an atomic rename, holding locks only during the rename operation.

Additionally files are copied up synchronously. For large files, this causes a noticeable latency. Performance could be improved by pipelining copies at non-overlapping file offsets.

9p

root@cloud:~/onlyGvisor/gvisor# docker run --runtime=runsc-kvm --rm --name=test -d alpine sleep 1000
27d9dc8922efa87276d9d25493a35c05e726b9e849d685e9e2b2fe46ad0407a1
root@cloud:~/onlyGvisor/gvisor# docker exec -it test sh
/ # mount
none on / type overlayfs (rw)
none on /proc type proc (rw)
none on /dev type overlayfs (rw)
none on /dev/pts type devpts (rw)
none on /sys type overlayfs (ro)
none on /etc/resolv.conf type 9p (rw)
none on /etc/hostname type 9p (rw)
none on /etc/hosts type 9p (rw)
none on /tmp type tmpfs (rw)

demo1

 docker exec -it test  ping 8.8.8.8

root@cloud:~# dlv attach 960970
Type 'help' for list of commands.
(dlv) b FindInode
Breakpoint 1 set at 0x32f120 for gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode() pkg/sentry/fs/mounts.go:546
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode() pkg/sentry/fs/mounts.go:546 (hits goroutine(258):1 total:1) (PC: 0x32f120)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000032f120 in gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode
    at pkg/sentry/fs/mounts.go:546
 1  0x00000000006b7154 in gvisor.dev/gvisor/pkg/sentry/fs/user.getExecUserHome
    at pkg/sentry/fs/user/user.go:59
 2  0x00000000006b79bc in gvisor.dev/gvisor/pkg/sentry/fs/user.MaybeAddExecUserHome
    at pkg/sentry/fs/user/user.go:157
 3  0x00000000009258dc in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:962
 4  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
 5  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
 6  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
 7  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
 8  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
 9  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
10  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
11  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode() pkg/sentry/fs/mounts.go:547 (PC: 0x32f12c)
Warning: debugging optimized function
(dlv) p ctx
gvisor.dev/gvisor/pkg/context.Context(*gvisor.dev/gvisor/pkg/sentry/fs.rootContext) *{
        Context: gvisor.dev/gvisor/pkg/context.Context(gvisor.dev/gvisor/pkg/sentry/kernel.supervisorContext) {
                NoopSleeper: gvisor.dev/gvisor/pkg/context.NoopSleeper {},
                Logger: gvisor.dev/gvisor/pkg/log.Logger(*gvisor.dev/gvisor/pkg/log.BasicLogger) ...,
                k: *(*"gvisor.dev/gvisor/pkg/sentry/kernel.Kernel")(0x4000178f00),},
        root: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent {
                AtomicRefCount: (*"gvisor.dev/gvisor/pkg/refs.AtomicRefCount")(0x4000534630),
                userVisible: true,
                Inode: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Inode")(0x4000536700),
                name: "/",
                parent: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil,
                deleted: 0,
                mounted: false,
                direntEntry: (*"gvisor.dev/gvisor/pkg/sentry/fs.direntEntry")(0x40005346a8),
                dirMu: (*"gvisor.dev/gvisor/pkg/sync.RWMutex")(0x40005346b8),
                mu: (*"gvisor.dev/gvisor/pkg/sync.Mutex")(0x40005346d0),
                children: map[string]*gvisor.dev/gvisor/pkg/refs.WeakRef [...],},}
(dlv) p  root
*gvisor.dev/gvisor/pkg/sentry/fs.Dirent {
        AtomicRefCount: gvisor.dev/gvisor/pkg/refs.AtomicRefCount {
                refCount: 19,
                name: "",
                stack: []uintptr len: 0, cap: 0, nil,
                mu: (*"gvisor.dev/gvisor/pkg/sync.Mutex")(0x4000534660),
                weakRefs: (*"gvisor.dev/gvisor/pkg/refs.weakRefList")(0x4000534668),},
        userVisible: true,
        Inode: *gvisor.dev/gvisor/pkg/sentry/fs.Inode {
                AtomicRefCount: (*"gvisor.dev/gvisor/pkg/refs.AtomicRefCount")(0x4000536700),
                InodeOperations: gvisor.dev/gvisor/pkg/sentry/fs.InodeOperations nil,
                StableAttr: (*"gvisor.dev/gvisor/pkg/sentry/fs.StableAttr")(0x4000536758),
                LockCtx: (*"gvisor.dev/gvisor/pkg/sentry/fs.LockCtx")(0x4000536780),
                Watches: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Watches")(0x4000519e60),
                MountSource: *(*"gvisor.dev/gvisor/pkg/sentry/fs.MountSource")(0x4000132f80),
                overlay: *(*"gvisor.dev/gvisor/pkg/sentry/fs.overlayEntry")(0x4000177180),
                appendMu: (*"gvisor.dev/gvisor/pkg/sync.RWMutex")(0x4000536a28),},
        name: "/",
        parent: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil,
        deleted: 0,
        mounted: false,
        direntEntry: gvisor.dev/gvisor/pkg/sentry/fs.direntEntry {
                next: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil,
                prev: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil,},
        dirMu: gvisor.dev/gvisor/pkg/sync.RWMutex {
                m: (*"gvisor.dev/gvisor/pkg/sync.CrossGoroutineRWMutex")(0x40005346b8),},
        mu: gvisor.dev/gvisor/pkg/sync.Mutex {
                m: (*"gvisor.dev/gvisor/pkg/sync.CrossGoroutineMutex")(0x40005346d0),},
        children: map[string]*gvisor.dev/gvisor/pkg/refs.WeakRef [
                "proc": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000552cc0), 
                "dev": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x40005535c0), 
                "etc": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000552c60), 
                "usr": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000893440), 
                "bin": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000309080), 
                "sys": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000892d20), 
                "tmp": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x400029f440), 
                "sbin": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x4000308c00), 
                "lib": *(*"gvisor.dev/gvisor/pkg/refs.WeakRef")(0x40003d2870), 
        ],}
(dlv) p string
Command failed: could not find symbol value for string
(dlv) p *string
Command failed: could not find symbol value for string
(dlv) p path
"/etc/passwd"
(dlv) p wd
*gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil
(dlv) quit
Would you like to kill the process? [Y/n] n
root@cloud:~# 

root@cloud:~# dlv attach 960970
Type 'help' for list of commands.
(dlv) b openPath
Breakpoint 1 set at 0x4e08d0 for gvisor.dev/gvisor/pkg/sentry/loader.openPath() pkg/sentry/loader/loader.go:88
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/loader.openPath() pkg/sentry/loader/loader.go:88 (hits goroutine(266):1 total:1) (PC: 0x4e08d0)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000004e08d0 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:88
 1  0x00000000004e155c in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:151
 2  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
 3  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
 4  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
 5  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
 6  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
 7  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
 8  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
 9  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
10  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
11  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
12  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
13  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
14  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
15  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/loader.openPath() pkg/sentry/loader/loader.go:89 (PC: 0x4e08dc)
Warning: debugging optimized function
(dlv) p args.Filename
"/bin/ping"
(dlv) b OpenPath
Command failed: Location "OpenPath" ambiguous: gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath, gvisor.dev/gvisor/pkg/sentry/fsbridge.(*vfsLookup).OpenPath…
(dlv) b gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
Breakpoint 2 set at 0x396ec0 for gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath() pkg/sentry/fsbridge/fs.go:116
(dlv) b gvisor.dev/gvisor/pkg/sentry/fsbridge.(*vfsLookup).OpenPath
Breakpoint 3 set at 0x397b40 for gvisor.dev/gvisor/pkg/sentry/fsbridge.(*vfsLookup).OpenPath() pkg/sentry/fsbridge/vfs.go:124
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath() pkg/sentry/fsbridge/fs.go:116 (hits goroutine(266):1 total:1) (PC: 0x396ec0)
Warning: debugging optimized function
(dlv) bt
 0  0x0000000000396ec0 in gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
    at pkg/sentry/fsbridge/fs.go:116
 1  0x00000000004e0998 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:103
 2  0x00000000004e155c in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:151
 3  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
 4  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
 5  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
 6  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
 7  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
 8  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
 9  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
10  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
11  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
12  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
13  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
14  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
15  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
16  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) quit
Would you like to kill the process? [Y/n] n

gVisor uses basically 3 types of mounts: root, volume mounts, and tmpfs.

• Root: this is where the container's image is mounted. gVisor mounts it as a 9P volume that is accessed through a file proxy (called Gofer). Since the container has exclusive access to the image mount, it can cache file state more aggressively (read faster).
• Volume mounts: these are additional mounts declared in the container spec, including emptydir. gVisor mounts them as 9P volumes, similar to root, however it cannot assume exclusive access to the volume, i.e. file could be modified externally.  Thus it must revalidate the cache on every file access to ensure the file hasn't changed externally. This is the slowest type of mount.
• tmpfs: tmpfs memory backed mount inside gVisor and is the fastest of the 3 by a large amount. This is the default mount for /tmp, as long as your container doesn't have any files in /tmp.

Right now, emptydir is mounted on the host as a regular volume mount. We have changes in the pipeline that will make "memory" emptydir be mounted as tmpfs inside gVisor and for regular EmptyDir used by a single container to be mounted with exclusive access. I'll notify you when they become available (about a month from now).

docker run --runtime=runsc-kvm --rm --name=test  -v share:/share -d alpine sleep 1000
fa58db43f3b36e0a1168f0038aa8d73b5569db0e0962b622b9b3b7d1d04a37a7

root@cloud:~/onlyGvisor# docker exec -it test sh
/ # mount
none on / type overlayfs (rw)
none on /proc type proc (rw)
none on /dev type overlayfs (rw)
none on /dev/pts type devpts (rw)
none on /sys type overlayfs (ro)
none on /share type 9p (rw)
none on /etc/resolv.conf type 9p (rw)
none on /etc/hostname type 9p (rw)
none on /etc/hosts type 9p (rw)
none on /tmp type tmpfs (rw)
/ # 

/ # hostname 
fa58db43f3b3
/ # cat /etc/hostname
fa58db43f3b3
/ # cat /etc/hosts
127.0.0.1       localhost
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2      fa58db43f3b3
/ # cat /etc/resolv.conf 
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.

nameserver 8.8.8.8
/ # 

newTTYFile

root@cloud:~/onlyGvisor/gvisor# docker exec -it test sh
OCI runtime exec failed: /var/lib/docker/runtimes/runsc-kvm did not terminate successfully: : unknown
root@cloud:~/onlyGvisor/gvisor# docker exec -it test sh
OCI runtime exec failed: /var/lib/docker/runtimes/runsc-kvm did not terminate successfully: : unknown
root@cloud:~/onlyGvisor/gvisor# 

root@cloud:~# dlv attach 962684
Type 'help' for list of commands.
(dlv) b newTTYFile
Breakpoint 1 set at 0x69d578 for gvisor.dev/gvisor/pkg/sentry/fs/host.newFileFromDonatedFD() pkg/sentry/fs/host/tty.go:55
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/host.newFileFromDonatedFD() pkg/sentry/fs/host/tty.go:55 (hits goroutine(244):1 total:1) (PC: 0x69d578)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/host.newFileFromDonatedFD() pkg/sentry/fs/host/tty.go:55 (hits goroutine(274):1 total:2) (PC: 0x69d578)
Warning: debugging optimized function
(dlv) bt
0 0x000000000069d578 in gvisor.dev/gvisor/pkg/sentry/fs/host.newTTYFile
at pkg/sentry/fs/host/tty.go:55
1 0x000000000069d578 in gvisor.dev/gvisor/pkg/sentry/fs/host.newFileFromDonatedFD
at pkg/sentry/fs/host/file.go:116
2 0x00000000006b5834 in gvisor.dev/gvisor/pkg/sentry/fs/host.ImportFile
at pkg/sentry/fs/host/file.go:75
3 0x00000000006b5834 in gvisor.dev/gvisor/pkg/sentry/fdimport.importFS
at pkg/sentry/fdimport/fdimport.go:52
4 0x00000000006b570c in gvisor.dev/gvisor/pkg/sentry/fdimport.Import
at pkg/sentry/fdimport/fdimport.go:39
5 0x00000000006c0ec0 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
at pkg/sentry/control/proc.go:215
6 0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
at pkg/sentry/control/proc.go:133
7 0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
at runsc/boot/loader.go:972
8 0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
at runsc/boot/controller.go:321
9 0x0000000000075ec4 in runtime.call64
at src/runtime/asm_arm64.s:1
10 0x00000000000c0c80 in reflect.Value.call
at GOROOT/src/reflect/value.go:475
11 0x00000000000c0444 in reflect.Value.Call
at GOROOT/src/reflect/value.go:336
12 0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
at pkg/urpc/urpc.go:337
13 0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
at pkg/urpc/urpc.go:432
14 0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
at pkg/urpc/urpc.go:452
15 0x0000000000077c84 in runtime.goexit
at src/runtime/asm_arm64.s:1136
(dlv) c

pkg/sentry/fs/file.go NewFile

root@cloud:~/gvisor# grep FileOperations -rn * | grep NewFile
pkg/sentry/fs/file.go:108:func NewFile(ctx context.Context, dirent *Dirent, flags FileFlags, fops FileOperations) *File {
pkg/sentry/fs/inode_overlay.go:266:     overlayFile := NewFile(ctx, overlayDirent, flags, &overlayFileOperations{upper: upperFile})
pkg/sentry/fs/inode_overlay.go:499:             f, err := NewFile(ctx, d, flags, &overlayFileOperations{upper: upper}), nil
pkg/sentry/fs/inode_overlay.go:512:     return NewFile(ctx, d, flags, &overlayFileOperations{lower: lower}), nil
pkg/sentry/fs/tty/master.go:97: return fs.NewFile(ctx, d, flags, &masterFileOperations{
pkg/sentry/fs/tty/replica.go:89:        return fs.NewFile(ctx, d, flags, &replicaFileOperations{si: si}), nil
pkg/sentry/fs/tty/dir.go:224:   return fs.NewFile(ctx, dirent, flags, &dirFileOperations{di: d}), nil
pkg/sentry/fs/tmpfs/inode_file.go:162:  return fs.NewFile(ctx, d, flags, &regularFileOperations{iops: f}), nil
pkg/sentry/fs/dev/null.go:59:   return fs.NewFile(ctx, dirent, flags, &nullFileOperations{}), nil
pkg/sentry/fs/dev/null.go:102:  return fs.NewFile(ctx, dirent, flags, &zeroFileOperations{}), nil
pkg/sentry/fs/dev/full.go:58:   return fs.NewFile(ctx, dirent, flags, &fullFileOperations{}), nil
pkg/sentry/fs/dev/net_tun.go:64:        return fs.NewFile(ctx, d, flags, &netTunFileOperations{}), nil
pkg/sentry/fs/dev/random.go:56: return fs.NewFile(ctx, dirent, flags, &randomFileOperations{}), nil
pkg/sentry/fs/host/tty.go:55:   return fs.NewFile(ctx, dirent, flags, &TTYFileOperations{
pkg/sentry/fs/proc/seqfile/seqfile.go:152:      return fs.NewFile(ctx, dirent, flags, &seqFileOperations{seqFile: s}), nil
pkg/sentry/fs/proc/uid_gid_map.go:80:   return fs.NewFile(ctx, dirent, flags, &idMapFileOperations{
pkg/sentry/fs/ramfs/dir.go:406: return fs.NewFile(ctx, dirent, flags, &dirFileOperations{dir: d}), nil
pkg/sentry/fs/ramfs/symlink.go:87:      return fs.NewFile(ctx, dirent, flags, &symlinkFileOperations{}), nil
root@cloud:~/gvisor# 

调用方式1：

1、 b gvisor.dev/gvisor/pkg/sentry/fs.NewFile

2、docker exec -it test sh

root@cloud:~/onlyGvisor# docker exec -it test  sh
OCI runtime exec failed: /var/lib/docker/runtimes/runsc-kvm did not terminate successfully: : unknown

(dlv) b gvisor.dev/gvisor/pkg/sentry/fs.NewFile
Breakpoint 3 set at 0x31e7e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(374):1 total:1) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000006da6b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.NewFile
    at pkg/sentry/fs/gofer/file.go:103
 2  0x00000000006dfdb8 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).getFileDefault
    at pkg/sentry/fs/gofer/inode.go:549
 3  0x00000000006df5a4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).GetFile
    at pkg/sentry/fs/gofer/inode.go:485
 4  0x00000000003255b0 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:249
 5  0x0000000000320edc in gvisor.dev/gvisor/pkg/sentry/fs.overlayFile
    at pkg/sentry/fs/file_overlay.go:52
 6  0x0000000000329608 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:492
 7  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 8  0x00000000006b7218 in gvisor.dev/gvisor/pkg/sentry/fs/user.getExecUserHome
    at pkg/sentry/fs/user/user.go:80
 9  0x00000000006b79bc in gvisor.dev/gvisor/pkg/sentry/fs/user.MaybeAddExecUserHome
    at pkg/sentry/fs/user/user.go:157
10  0x00000000009258dc in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:962
11  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
12  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
13  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
14  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
15  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
16  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
17  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
18  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(374):2 total:2) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:109 (PC: 0x31e7ec)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7ec in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:109
 1  0x00000000003296e0 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:499
 2  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 3  0x00000000006b7218 in gvisor.dev/gvisor/pkg/sentry/fs/user.getExecUserHome
    at pkg/sentry/fs/user/user.go:80
 4  0x00000000006b79bc in gvisor.dev/gvisor/pkg/sentry/fs/user.MaybeAddExecUserHome
    at pkg/sentry/fs/user/user.go:157
 5  0x00000000009258dc in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:962
 6  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
 7  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
 8  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
 9  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
10  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
11  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
12  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
13  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) p dirent
*gvisor.dev/gvisor/pkg/sentry/fs.Dirent {
        AtomicRefCount: gvisor.dev/gvisor/pkg/refs.AtomicRefCount {
                refCount: 1,
                name: "",
                stack: []uintptr len: 0, cap: 0, nil,
                mu: (*"gvisor.dev/gvisor/pkg/sync.Mutex")(0x4000029840),
                weakRefs: (*"gvisor.dev/gvisor/pkg/refs.weakRefList")(0x4000029848),},
        userVisible: true,
        Inode: *gvisor.dev/gvisor/pkg/sentry/fs.Inode {
                AtomicRefCount: (*"gvisor.dev/gvisor/pkg/refs.AtomicRefCount")(0x400002b500),
                InodeOperations: gvisor.dev/gvisor/pkg/sentry/fs.InodeOperations nil,
                StableAttr: (*"gvisor.dev/gvisor/pkg/sentry/fs.StableAttr")(0x400002b558),
                LockCtx: (*"gvisor.dev/gvisor/pkg/sentry/fs.LockCtx")(0x400002b580),
                Watches: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Watches")(0x4000021e60),
                MountSource: *(*"gvisor.dev/gvisor/pkg/sentry/fs.MountSource")(0x40001c6700),
                overlay: *(*"gvisor.dev/gvisor/pkg/sentry/fs.overlayEntry")(0x4000024b40),
                appendMu: (*"gvisor.dev/gvisor/pkg/sync.RWMutex")(0x400002b828),},
        name: "passwd",
        parent: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent {
                AtomicRefCount: (*"gvisor.dev/gvisor/pkg/refs.AtomicRefCount")(0x4000017a20),
                userVisible: true,
                Inode: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Inode")(0x400001c700),
                name: "etc",
                parent: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Dirent")(0x40001b5550),
                deleted: 0,
                mounted: false,
                direntEntry: (*"gvisor.dev/gvisor/pkg/sentry/fs.direntEntry")(0x4000017a98),
                dirMu: (*"gvisor.dev/gvisor/pkg/sync.RWMutex")(0x4000017aa8),
                mu: (*"gvisor.dev/gvisor/pkg/sync.Mutex")(0x4000017ac0),
                children: map[string]*gvisor.dev/gvisor/pkg/refs.WeakRef [...],},
        deleted: 0,
        mounted: false,
        direntEntry: gvisor.dev/gvisor/pkg/sentry/fs.direntEntry {
                next: *(*"gvisor.dev/gvisor/pkg/sentry/fs.Dirent")(0x40001b5550),
                prev: *gvisor.dev/gvisor/pkg/sentry/fs.Dirent nil,},
        dirMu: gvisor.dev/gvisor/pkg/sync.RWMutex {
                m: (*"gvisor.dev/gvisor/pkg/sync.CrossGoroutineRWMutex")(0x4000029898),},
        mu: gvisor.dev/gvisor/pkg/sync.Mutex {
                m: (*"gvisor.dev/gvisor/pkg/sync.CrossGoroutineMutex")(0x40000298b0),},
        children: map[string]*gvisor.dev/gvisor/pkg/refs.WeakRef [],}
(dlv) b gvisor.dev/gvisor/pkg/sentry/fs.MountSource
Command failed: location "gvisor.dev/gvisor/pkg/sentry/fs.MountSource" not found
(dlv) quit
Would you like to kill the process? [Y/n] n
root@cloud:~# dlv attach 964319
could not attach to pid 964319: no such process
root@cloud:~# dlv attach  965511

Type 'help' for list of commands.
(dlv) 
(dlv) b gvisor.dev/gvisor/pkg/sentry/fs.NewFile
Breakpoint 1 set at 0x31e7e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):1 total:1) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):2 total:2) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):3 total:3) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):4 total:4) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):5 total:5) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):6 total:6) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(246):7 total:7) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) c
received SIGINT, stopping process (will not forward signal)
> syscall.Syscall6() src/syscall/asm_linux_arm64.s:43 (PC: 0x8dccc)
Warning: debugging optimized function
(dlv) clearall
Breakpoint 1 cleared at 0x31e7e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108
(dlv) c

root@cloud:~# dlv attach  965511
Type 'help' for list of commands.
(dlv) b gvisor.dev/gvisor/pkg/sentry/fs.NewFile
Breakpoint 1 set at 0x31e7e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):1 total:1) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000006da6b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.NewFile
    at pkg/sentry/fs/gofer/file.go:103
 2  0x00000000006dfdb8 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).getFileDefault
    at pkg/sentry/fs/gofer/inode.go:549
 3  0x00000000006df5a4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).GetFile
    at pkg/sentry/fs/gofer/inode.go:485
 4  0x00000000003255b0 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:249
 5  0x0000000000320edc in gvisor.dev/gvisor/pkg/sentry/fs.overlayFile
    at pkg/sentry/fs/file_overlay.go:52
 6  0x0000000000329608 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:492
 7  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 8  0x00000000006b7218 in gvisor.dev/gvisor/pkg/sentry/fs/user.getExecUserHome
    at pkg/sentry/fs/user/user.go:80
 9  0x00000000006b79bc in gvisor.dev/gvisor/pkg/sentry/fs/user.MaybeAddExecUserHome
    at pkg/sentry/fs/user/user.go:157
10  0x00000000009258dc in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:962
11  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
12  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
13  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
14  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
15  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
16  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
17  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
18  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):2 total:2) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000003296e0 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:499
 2  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 3  0x00000000006b7218 in gvisor.dev/gvisor/pkg/sentry/fs/user.getExecUserHome
    at pkg/sentry/fs/user/user.go:80
 4  0x00000000006b79bc in gvisor.dev/gvisor/pkg/sentry/fs/user.MaybeAddExecUserHome
    at pkg/sentry/fs/user/user.go:157
 5  0x00000000009258dc in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:962
 6  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
 7  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
 8  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
 9  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
10  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
11  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
12  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
13  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):3 total:3) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x000000000069d628 in gvisor.dev/gvisor/pkg/sentry/fs/host.newTTYFile
    at pkg/sentry/fs/host/tty.go:55          ----------tty
 2  0x000000000069d628 in gvisor.dev/gvisor/pkg/sentry/fs/host.newFileFromDonatedFD
    at pkg/sentry/fs/host/file.go:116
 3  0x00000000006b5834 in gvisor.dev/gvisor/pkg/sentry/fs/host.ImportFile
    at pkg/sentry/fs/host/file.go:75
 4  0x00000000006b5834 in gvisor.dev/gvisor/pkg/sentry/fdimport.importFS
    at pkg/sentry/fdimport/fdimport.go:52
 5  0x00000000006b570c in gvisor.dev/gvisor/pkg/sentry/fdimport.Import
    at pkg/sentry/fdimport/fdimport.go:39
 6  0x00000000006c0ec0 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:215
 7  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
 8  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
 9  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
10  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
11  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
12  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
13  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
14  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
15  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
16  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):4 total:4) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000006da6b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.NewFile
    at pkg/sentry/fs/gofer/file.go:103
 2  0x00000000006dfdb8 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).getFileDefault
    at pkg/sentry/fs/gofer/inode.go:549
 3  0x00000000006df5a4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).GetFile
    at pkg/sentry/fs/gofer/inode.go:485
 4  0x00000000003255b0 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:249
 5  0x0000000000320edc in gvisor.dev/gvisor/pkg/sentry/fs.overlayFile
    at pkg/sentry/fs/file_overlay.go:52
 6  0x0000000000329608 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:492
 7  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 8  0x000000000039715c in gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
    at pkg/sentry/fsbridge/fs.go:150
 9  0x00000000004e0998 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:103
10  0x00000000004e155c in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:151
11  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
12  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
13  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
14  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
15  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
16  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
17  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
18  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
19  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
20  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
21  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
22  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
23  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
24  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):5 total:5) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000003296e0 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:499
 2  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 3  0x000000000039715c in gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
    at pkg/sentry/fsbridge/fs.go:150
 4  0x00000000004e0998 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:103
 5  0x00000000004e155c in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:151
 6  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
 7  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
 8  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
 9  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
10  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
11  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
12  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
13  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
14  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
15  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
16  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
17  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
18  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
19  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):6 total:6) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000006da6b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.NewFile
    at pkg/sentry/fs/gofer/file.go:103
 2  0x00000000006dfdb8 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).getFileDefault
    at pkg/sentry/fs/gofer/inode.go:549
 3  0x00000000006df5a4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).GetFile
    at pkg/sentry/fs/gofer/inode.go:485
 4  0x00000000003255b0 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:249
 5  0x0000000000320edc in gvisor.dev/gvisor/pkg/sentry/fs.overlayFile
    at pkg/sentry/fs/file_overlay.go:52
 6  0x0000000000329608 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:492
 7  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 8  0x000000000039715c in gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
    at pkg/sentry/fsbridge/fs.go:150
 9  0x00000000004e0998 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:103
10  0x00000000004dfc64 in gvisor.dev/gvisor/pkg/sentry/loader.loadELF
    at pkg/sentry/loader/elf.go:666
11  0x00000000004e1204 in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:179
12  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
13  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
14  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
15  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
16  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
17  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
18  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
19  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
20  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
21  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
22  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
23  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
24  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
25  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(206):7 total:7) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000003296e0 in gvisor.dev/gvisor/pkg/sentry/fs.overlayGetFile
    at pkg/sentry/fs/inode_overlay.go:499
 2  0x000000000032561c in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).GetFile
    at pkg/sentry/fs/inode.go:246
 3  0x000000000039715c in gvisor.dev/gvisor/pkg/sentry/fsbridge.(*fsLookup).OpenPath
    at pkg/sentry/fsbridge/fs.go:150
 4  0x00000000004e0998 in gvisor.dev/gvisor/pkg/sentry/loader.openPath
    at pkg/sentry/loader/loader.go:103
 5  0x00000000004dfc64 in gvisor.dev/gvisor/pkg/sentry/loader.loadELF
    at pkg/sentry/loader/elf.go:666
 6  0x00000000004e1204 in gvisor.dev/gvisor/pkg/sentry/loader.loadExecutable
    at pkg/sentry/loader/loader.go:179
 7  0x00000000004e1824 in gvisor.dev/gvisor/pkg/sentry/loader.Load
    at pkg/sentry/loader/loader.go:222
 8  0x000000000051560c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).LoadTaskImage
    at pkg/sentry/kernel/task_image.go:150
 9  0x00000000004f4e80 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Kernel).CreateProcess
    at pkg/sentry/kernel/kernel.go:1022
10  0x00000000006c0f34 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:220
11  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
12  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
13  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
14  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
15  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
16  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
17  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
18  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
19  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
20  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c

   不走用户态系统调用doSyscall

pkg/sentry/fs/file.go NewFile

调用方式2：

1、docker exec -it test sh

2、 b gvisor.dev/gvisor/pkg/sentry/fs.NewFile

3、 touch hello.txt

root@cloud:~/onlyGvisor# docker exec -it test  sh
/ # touch hello.txt
/ # exit
root@cloud:~/onlyGvisor# 

(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108 (hits goroutine(239):1 total:1) (PC: 0x31e7e0)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000031e7e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewFile
    at pkg/sentry/fs/file.go:108
 1  0x00000000006da6b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.NewFile
    at pkg/sentry/fs/gofer/file.go:103
 2  0x00000000006e26b4 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).Create
    at pkg/sentry/fs/gofer/path.go:183
 3  0x0000000000327fe8 in gvisor.dev/gvisor/pkg/sentry/fs.overlayCreate
    at pkg/sentry/fs/inode_overlay.go:220
 4  0x0000000000324c10 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).Create
    at pkg/sentry/fs/inode.go:169
 5  0x0000000000318910 in gvisor.dev/gvisor/pkg/sentry/fs.(*Dirent).Create
    at pkg/sentry/fs/dirent.go:619
 6  0x000000000059d5ec in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.createAt.func1
    at pkg/sentry/syscalls/linux/sys_file.go:432
 7  0x000000000059c880 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.fileOpAt.func1
    at pkg/sentry/syscalls/linux/sys_file.go:58
 8  0x000000000056e58c in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.fileOpOn
    at pkg/sentry/syscalls/linux/sys_file.go:113
 9  0x000000000056e2a8 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.fileOpAt
    at pkg/sentry/syscalls/linux/sys_file.go:57
10  0x000000000056ed44 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.createAt
    at pkg/sentry/syscalls/linux/sys_file.go:318
11  0x000000000056eeb0 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Openat
    at pkg/sentry/syscalls/linux/sys_file.go:485
12  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
13  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
14  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
15  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
16  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
17  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
18  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) clearall
Breakpoint 2 cleared at 0x31e7e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewFile() pkg/sentry/fs/file.go:108
(dlv) quit
Would you like to kill the process? [Y/n] n
root@cloud:~# 

 走用户态系统调用流程

测试3

root@cloud:~# docker exec -it test sh
/ # ls
bin    dev    etc    home   lib    media  mnt    opt    proc   root   run    sbin   srv    sys    tmp    usr    var
/ # touch hello.txt
/ # echo 'hello' >> hello.txt
/ # exit
root@cloud:~# docker exec -it test  echo 'hello' >> hello.txt
root@cloud:~# 

(dlv) b pkg/sentry/fs/host/file.go:198
Breakpoint 9 set at 0x69df24 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:198
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:196 (hits goroutine(244):1 total:1) (PC: 0x69df10)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000069df10 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write
    at pkg/sentry/fs/host/file.go:196
 1  0x00000000006a2c90 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 2  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 3  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 4  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 5  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 6  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 7  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 8  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 9  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
10  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
11  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:198 (hits goroutine(244):1 total:1) (PC: 0x69df24)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:202 (PC: 0x69df3c)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:207 (PC: 0x69df7c)
Warning: debugging optimized function
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/inode.go:150 (PC: 0x69df84)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000069df84 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*inodeFileState).FD
    at pkg/sentry/fs/host/inode.go:150
 1  0x000000000069df84 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write
    at pkg/sentry/fs/host/file.go:207
 2  0x00000000006a2c90 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 3  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 4  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 5  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 6  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 7  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 8  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 9  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
10  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
11  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
12  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/fd/fd.go:40 (PC: 0x69df90)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:208 (PC: 0x69dfac)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:209 (PC: 0x69e078)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:212 (PC: 0x69e0a4)
Warning: debugging optimized function
(dlv) 

  走用户态系统调用流程

(dlv) b pkg/sentry/fs/file.go:306
Breakpoint 5 set at 0x31f734 for gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306 (hits goroutine(244):1 total:1) (PC: 0x31f734)
Warning: debugging optimized function
(dlv) bt
0  0x000000000031f734 in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
   at pkg/sentry/fs/file.go:306
1  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
   at pkg/sentry/syscalls/linux/sys_write.go:262
2  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
   at pkg/sentry/syscalls/linux/sys_write.go:149
3  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
   at pkg/sentry/kernel/task_syscall.go:104
4  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
   at pkg/sentry/kernel/task_syscall.go:239
5  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
   at pkg/sentry/kernel/task_syscall.go:199
6  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
   at pkg/sentry/kernel/task_syscall.go:174
7  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
   at pkg/sentry/kernel/task_run.go:282
8  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
   at pkg/sentry/kernel/task_run.go:97
9  0x0000000000077c84 in runtime.goexit
   at src/runtime/asm_arm64.s:1136
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:102 (PC: 0x6a2bd0)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000006a2bd0 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:102
 1  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 2  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 3  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 4  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 5  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 6  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 7  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 8  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
 9  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
10  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:280 (hits goroutine(244):2 total:2) (PC: 0x31f620)
Warning: debugging optimized function
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306 (hits goroutine(244):2 total:2) (PC: 0x31f734)
Warning: debugging optimized function
(dlv) bt
0  0x000000000031f734 in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
   at pkg/sentry/fs/file.go:306
1  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
   at pkg/sentry/syscalls/linux/sys_write.go:262
2  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
   at pkg/sentry/syscalls/linux/sys_write.go:149
3  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
   at pkg/sentry/kernel/task_syscall.go:104
4  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
   at pkg/sentry/kernel/task_syscall.go:239
5  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
   at pkg/sentry/kernel/task_syscall.go:199
6  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
   at pkg/sentry/kernel/task_syscall.go:174
7  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
   at pkg/sentry/kernel/task_run.go:282
8  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
   at pkg/sentry/kernel/task_run.go:97
9  0x0000000000077c84 in runtime.goexit
   at src/runtime/asm_arm64.s:1136
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:102 (PC: 0x6a2bd0)
Warning: debugging optimized function
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:103 (PC: 0x6a2bf0)
Warning: debugging optimized function
(dlv) b pkg/sentry/fs/host/tty.go:113
Breakpoint 6 set at 0x6a2c44 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:113
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:113 (hits goroutine(244):1 total:1) (PC: 0x6a2c44)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000006a2c44 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 1  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 2  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 3  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 4  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 5  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 6  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 7  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 8  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
 9  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
10  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:196 (PC: 0x69df10)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000069df10 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write
    at pkg/sentry/fs/host/file.go:196
 1  0x00000000006a2c90 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 2  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 3  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 4  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 5  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 6  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 7  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 8  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 9  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
10  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
11  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) b pkg/sentry/fs/host/file.go:218
Breakpoint 7 set at 0x69e250 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:218
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:280 (hits goroutine(244):3 total:3) (PC: 0x31f620)
Warning: debugging optimized function
(dlv) clearall
Breakpoint 2 cleared at 0x320c84 for gvisor.dev/gvisor/pkg/sentry/fs.(*lockedWriter).WriteAt() pkg/sentry/fs/file.go:555
Breakpoint 3 cleared at 0x31f620 for gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:280
Breakpoint 4 cleared at 0x31f9e0 for gvisor.dev/gvisor/pkg/sentry/fs.(*File).Pwritev() pkg/sentry/fs/file.go:320
Breakpoint 5 cleared at 0x31f734 for gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306
Breakpoint 6 cleared at 0x6a2c44 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:113
Breakpoint 7 cleared at 0x69e250 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:218
(dlv) b pkg/sentry/fs/host/file.go:196
Breakpoint 8 set at 0x69df10 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:196
(dlv) bt
0  0x000000000031f620 in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
   at pkg/sentry/fs/file.go:280
1  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
   at pkg/sentry/syscalls/linux/sys_write.go:262
2  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
   at pkg/sentry/syscalls/linux/sys_write.go:149
3  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
   at pkg/sentry/kernel/task_syscall.go:104
4  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
   at pkg/sentry/kernel/task_syscall.go:239
5  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
   at pkg/sentry/kernel/task_syscall.go:199
6  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
   at pkg/sentry/kernel/task_syscall.go:174
7  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
   at pkg/sentry/kernel/task_run.go:282
8  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
   at pkg/sentry/kernel/task_run.go:97
9  0x0000000000077c84 in runtime.goexit
   at src/runtime/asm_arm64.s:1136
(dlv) b pkg/sentry/fs/host/file.go:198
Breakpoint 9 set at 0x69df24 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:198
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:196 (hits goroutine(244):1 total:1) (PC: 0x69df10)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000069df10 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write
    at pkg/sentry/fs/host/file.go:196
 1  0x00000000006a2c90 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 2  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 3  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 4  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 5  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 6  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 7  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 8  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 9  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
10  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
11  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:198 (hits goroutine(244):1 total:1) (PC: 0x69df24)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:202 (PC: 0x69df3c)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:207 (PC: 0x69df7c)
Warning: debugging optimized function
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/inode.go:150 (PC: 0x69df84)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000069df84 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*inodeFileState).FD
    at pkg/sentry/fs/host/inode.go:150
 1  0x000000000069df84 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write
    at pkg/sentry/fs/host/file.go:207
 2  0x00000000006a2c90 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:113
 3  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 4  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 5  0x0000000000596d50 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Writev
    at pkg/sentry/syscalls/linux/sys_write.go:149
 6  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 7  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 8  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 9  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
10  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
11  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
12  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/fd/fd.go:40 (PC: 0x69df90)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:208 (PC: 0x69dfac)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:209 (PC: 0x69e078)
Warning: debugging optimized function
(dlv) n
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:212 (PC: 0x69e0a4)
Warning: debugging optimized function
(dlv) clearall
Breakpoint 8 cleared at 0x69df10 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:196
Breakpoint 9 cleared at 0x69df24 for gvisor.dev/gvisor/pkg/sentry/fs/host.(*fileOperations).Write() pkg/sentry/fs/host/file.go:198
(dlv) c
received SIGINT, stopping process (will not forward signal)
> syscall.Syscall6() src/syscall/asm_linux_arm64.s:43 (PC: 0x8dccc)
Warning: debugging optimized function
(dlv) b pkg/sentry/fs/file.go:306
Breakpoint 10 set at 0x31f734 for gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev() pkg/sentry/fs/file.go:306 (hits goroutine(308):1 total:1) (PC: 0x31f734)
Warning: debugging optimized function
(dlv) bt
0  0x000000000031f734 in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
   at pkg/sentry/fs/file.go:306
1  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
   at pkg/sentry/syscalls/linux/sys_write.go:262
2  0x0000000000596470 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Write
   at pkg/sentry/syscalls/linux/sys_write.go:72
3  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
   at pkg/sentry/kernel/task_syscall.go:104
4  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
   at pkg/sentry/kernel/task_syscall.go:239
5  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
   at pkg/sentry/kernel/task_syscall.go:199
6  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
   at pkg/sentry/kernel/task_syscall.go:174
7  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
   at pkg/sentry/kernel/task_run.go:282
8  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
   at pkg/sentry/kernel/task_run.go:97
9  0x0000000000077c84 in runtime.goexit
   at src/runtime/asm_arm64.s:1136
(dlv) s
> gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write() pkg/sentry/fs/host/tty.go:102 (PC: 0x6a2bd0)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000006a2bd0 in gvisor.dev/gvisor/pkg/sentry/fs/host.(*TTYFileOperations).Write
    at pkg/sentry/fs/host/tty.go:102
 1  0x000000000031f78c in gvisor.dev/gvisor/pkg/sentry/fs.(*File).Writev
    at pkg/sentry/fs/file.go:306
 2  0x0000000000597b28 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.writev
    at pkg/sentry/syscalls/linux/sys_write.go:262
 3  0x0000000000596470 in gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Write
    at pkg/sentry/syscalls/linux/sys_write.go:72
 4  0x0000000000522ea4 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall
    at pkg/sentry/kernel/task_syscall.go:104
 5  0x0000000000523c5c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke
    at pkg/sentry/kernel/task_syscall.go:239
 6  0x00000000005238dc in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter
    at pkg/sentry/kernel/task_syscall.go:199
 7  0x00000000005233e0 in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall
    at pkg/sentry/kernel/task_syscall.go:174
 8  0x0000000000518e00 in gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute
    at pkg/sentry/kernel/task_run.go:282
 9  0x0000000000517d9c in gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run
    at pkg/sentry/kernel/task_run.go:97
10  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) quit
Would you like to kill the process? [Y/n] n
root@cloud:~# 

  走用户态系统调用流程

func overlayGetFile(ctx context.Context, o *overlayEntry, d *Dirent, flags FileFlags) (*File, error) {
    // Hot path. Avoid defers.
    if flags.Write {
        if err := copyUp(ctx, d); err != nil {
            return nil, err
        }
    }

    o.copyMu.RLock()

    if o.upper != nil {
        upper, err := overlayFile(ctx, o.upper, flags)
        if err != nil {
            o.copyMu.RUnlock()
            return nil, err
        }
        flags.Pread = upper.Flags().Pread
        flags.Pwrite = upper.Flags().Pwrite
        f, err := NewFile(ctx, d, flags, &overlayFileOperations{upper: upper}), nil
        o.copyMu.RUnlock()
        return f, err
    }

    lower, err := overlayFile(ctx, o.lower, flags)
    if err != nil {
        o.copyMu.RUnlock()
        return nil, err
    }
    flags.Pread = lower.Flags().Pread
    flags.Pwrite = lower.Flags().Pwrite
    o.copyMu.RUnlock()
    return NewFile(ctx, d, flags, &overlayFileOperations{lower: lower}), nil
}

GetFile

// GetFile calls i.InodeOperations.GetFile with the given arguments.
func (i *Inode) GetFile(ctx context.Context, d *Dirent, flags FileFlags) (*File, error) {
        if i.overlay != nil {
                return overlayGetFile(ctx, i.overlay, d, flags)
        }
        fsmetric.Opens.Increment()
        return i.InodeOperations.GetFile(ctx, d, flags)
}

 NewInode

// NewInode constructs an Inode from InodeOperations, a MountSource, and stable attributes.
//
// NewInode takes a reference on msrc.
func NewInode(ctx context.Context, iops InodeOperations, msrc *MountSource, sattr StableAttr) *Inode {
        msrc.IncRef()
        i := Inode{
                InodeOperations: iops,
                StableAttr:      sattr,
                Watches:         newWatches(),
                MountSource:     msrc,
        }
        i.EnableLeakCheck("fs.Inode")
        return &i
}

root@cloud:~/onlyGvisor# docker run --runtime=runsc-kvm --rm --name=test -d alpine sleep 1000
52450e58237ca519d5822f40e980fcfde7679fea40e29e40f5a53fefbd55735f
root@cloud:~/onlyGvisor# docker inspect test | grep Pid | head -n 1
            "Pid": 978449,
root@cloud:~/onlyGvisor# docker exec -it test ping 8.8.8.8
OCI runtime exec failed: /var/lib/docker/runtimes/runsc-kvm did not terminate successfully: : unknown
root@cloud:~/onlyGvisor# 

root@cloud:~# dlv attach 978449
Type 'help' for list of commands.
(dlv) b NewInode
Command failed: Location "NewInode" ambiguous: gvisor.dev/gvisor/pkg/sentry/fs.NewInode, gvisor.dev/gvisor/pkg/sentry/fs/anon.NewInode…
(dlv) b gvisor.dev/gvisor/pkg/sentry/fs.NewInode
Breakpoint 1 set at 0x3244e0 for gvisor.dev/gvisor/pkg/sentry/fs.NewInode() pkg/sentry/fs/inode.go:84
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.NewInode() pkg/sentry/fs/inode.go:84 (hits goroutine(168):1 total:1) (PC: 0x3244e0)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000003244e0 in gvisor.dev/gvisor/pkg/sentry/fs.NewInode
    at pkg/sentry/fs/inode.go:84
 1  0x00000000006e1eb8 in gvisor.dev/gvisor/pkg/sentry/fs/gofer.(*inodeOperations).Lookup
    at pkg/sentry/fs/gofer/path.go:101
 2  0x0000000000324b60 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).Lookup
    at pkg/sentry/fs/inode.go:163
 3  0x0000000000327b0c in gvisor.dev/gvisor/pkg/sentry/fs.overlayLookup
    at pkg/sentry/fs/inode_overlay.go:73
 4  0x0000000000324b04 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).Lookup
    at pkg/sentry/fs/inode.go:160
 5  0x0000000000317db4 in gvisor.dev/gvisor/pkg/sentry/fs.(*Dirent).walk
    at pkg/sentry/fs/dirent.go:492
 6  0x0000000000318524 in gvisor.dev/gvisor/pkg/sentry/fs.(*Dirent).Walk
    at pkg/sentry/fs/dirent.go:568
 7  0x000000000032eed8 in gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindLink
    at pkg/sentry/fs/mounts.go:509
 8  0x000000000032f170 in gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode
    at pkg/sentry/fs/mounts.go:547
 9  0x00000000006b658c in gvisor.dev/gvisor/pkg/sentry/fs/user.resolve
    at pkg/sentry/fs/user/path.go:95
10  0x00000000006b6194 in gvisor.dev/gvisor/pkg/sentry/fs/user.ResolveExecutablePath
    at pkg/sentry/fs/user/path.go:72
11  0x00000000006c0d68 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:200
12  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
13  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
14  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
15  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
16  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
17  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
18  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
19  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
20  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
21  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) 

(dlv) b pkg/sentry/fs/user/path.go:95
Breakpoint 2 set at 0x6b6554 for gvisor.dev/gvisor/pkg/sentry/fs/user.resolve() pkg/sentry/fs/user/path.go:95
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs/user.resolve() pkg/sentry/fs/user/path.go:95 (hits goroutine(220):1 total:1) (PC: 0x6b6554)
Warning: debugging optimized function
(dlv) bt
 0  0x00000000006b6554 in gvisor.dev/gvisor/pkg/sentry/fs/user.resolve
    at pkg/sentry/fs/user/path.go:95
 1  0x00000000006b6194 in gvisor.dev/gvisor/pkg/sentry/fs/user.ResolveExecutablePath
    at pkg/sentry/fs/user/path.go:72
 2  0x00000000006c0d68 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:200
 3  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
 4  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
 5  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
 6  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
 7  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
 8  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
 9  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
10  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
11  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
12  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) p  binPath
"/usr/local/bin/ping"
(dlv) p  root

inode.overlay

func NewOverlayRootFile(ctx context.Context, upperMS *MountSource, lower *Inode, flags MountSourceFlags) (*Inode, error) {
        if !IsRegular(lower.StableAttr) {
                return nil, fmt.Errorf("lower Inode is not a regular file")
        }
        msrc := newOverlayMountSource(ctx, upperMS, lower.MountSource, flags)
        overlay, err := newOverlayEntry(ctx, nil, lower, true)
        if err != nil {
                msrc.DecRef(ctx)
                return nil, err
        }
        return newOverlayInode(ctx, overlay, msrc), nil
}

// newOverlayInode creates a new Inode for an overlay.
func newOverlayInode(ctx context.Context, o *overlayEntry, msrc *MountSource) *Inode {
        var inode *Inode
        if o.upper != nil {
                inode = NewInode(ctx, nil, msrc, o.upper.StableAttr)
        } else {
                inode = NewInode(ctx, nil, msrc, o.lower.StableAttr)
        }
        inode.overlay = o
        return inode
}

root@cloud:~/onlyGvisor# docker exec -it test ping 8.8.8.8
OCI runtime exec failed: /var/lib/docker/runtimes/runsc-kvm did not terminate successfully: : unknown
root@cloud:~/onlyGvisor# 

root@cloud:~# dlv attach 978874
Type 'help' for list of commands.
(dlv) b newOverlayInode
Breakpoint 1 set at 0x32fb60 for gvisor.dev/gvisor/pkg/sentry/fs.newOverlayInode() pkg/sentry/fs/overlay.go:138
(dlv) c
> gvisor.dev/gvisor/pkg/sentry/fs.newOverlayInode() pkg/sentry/fs/overlay.go:138 (hits goroutine(222):1 total:1) (PC: 0x32fb60)
Warning: debugging optimized function
(dlv) bt
 0  0x000000000032fb60 in gvisor.dev/gvisor/pkg/sentry/fs.newOverlayInode
    at pkg/sentry/fs/overlay.go:138
 1  0x0000000000327720 in gvisor.dev/gvisor/pkg/sentry/fs.overlayLookup
    at pkg/sentry/fs/inode_overlay.go:204
 2  0x0000000000324b04 in gvisor.dev/gvisor/pkg/sentry/fs.(*Inode).Lookup
    at pkg/sentry/fs/inode.go:160
 3  0x0000000000317db4 in gvisor.dev/gvisor/pkg/sentry/fs.(*Dirent).walk
    at pkg/sentry/fs/dirent.go:492
 4  0x0000000000318524 in gvisor.dev/gvisor/pkg/sentry/fs.(*Dirent).Walk
    at pkg/sentry/fs/dirent.go:568
 5  0x000000000032eed8 in gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindLink
    at pkg/sentry/fs/mounts.go:509
 6  0x000000000032f170 in gvisor.dev/gvisor/pkg/sentry/fs.(*MountNamespace).FindInode
    at pkg/sentry/fs/mounts.go:547
 7  0x00000000006b658c in gvisor.dev/gvisor/pkg/sentry/fs/user.resolve
    at pkg/sentry/fs/user/path.go:95
 8  0x00000000006b6194 in gvisor.dev/gvisor/pkg/sentry/fs/user.ResolveExecutablePath
    at pkg/sentry/fs/user/path.go:72
 9  0x00000000006c0d68 in gvisor.dev/gvisor/pkg/sentry/control.(*Proc).execAsync
    at pkg/sentry/control/proc.go:200
10  0x00000000006c0970 in gvisor.dev/gvisor/pkg/sentry/control.ExecAsync
    at pkg/sentry/control/proc.go:133
11  0x0000000000925470 in gvisor.dev/gvisor/runsc/boot.(*Loader).executeAsync
    at runsc/boot/loader.go:972
12  0x0000000000916a88 in gvisor.dev/gvisor/runsc/boot.(*containerManager).ExecuteAsync
    at runsc/boot/controller.go:321
13  0x0000000000075ec4 in runtime.call64
    at src/runtime/asm_arm64.s:1
14  0x00000000000c0c80 in reflect.Value.call
    at GOROOT/src/reflect/value.go:475
15  0x00000000000c0444 in reflect.Value.Call
    at GOROOT/src/reflect/value.go:336
16  0x0000000000688c30 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleOne
    at pkg/urpc/urpc.go:337
17  0x00000000006897d0 in gvisor.dev/gvisor/pkg/urpc.(*Server).handleRegistered
    at pkg/urpc/urpc.go:432
18  0x000000000068adbc in gvisor.dev/gvisor/pkg/urpc.(*Server).StartHandling.func1
    at pkg/urpc/urpc.go:452
19  0x0000000000077c84 in runtime.goexit
    at src/runtime/asm_arm64.s:1136
(dlv) quit
Would you like to kill the process? [Y/n] n
root@cloud:~# 

再执行一次不会在断点处停止，只有初次会

root@cloud:~/onlyGvisor# docker exec -it test ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=42 time=13.944 ms
64 bytes from 8.8.8.8: seq=1 ttl=42 time=11.780 ms
64 bytes from 8.8.8.8: seq=2 ttl=42 time=11.194 ms
64 bytes from 8.8.8.8: seq=3 ttl=42 time=11.527 ms
64 bytes from 8.8.8.8: seq=4 ttl=42 time=11.203 ms
64 bytes from 8.8.8.8: seq=5 ttl=42 time=26.833 ms
64 bytes from 8.8.8.8: seq=6 ttl=42 time=11.438 ms
64 bytes from 8.8.8.8: seq=7 ttl=42 time=11.317 ms
64 bytes from 8.8.8.8: seq=8 ttl=42 time=24.364 ms
64 bytes from 8.8.8.8: seq=9 ttl=42 time=11.315 ms
64 bytes from 8.8.8.8: seq=10 ttl=42 time=11.410 ms
64 bytes from 8.8.8.8: seq=11 ttl=42 time=23.928 ms
64 bytes from 8.8.8.8: seq=12 ttl=42 time=23.940 ms
64 bytes from 8.8.8.8: seq=13 ttl=42 time=31.921 ms
64 bytes from 8.8.8.8: seq=14 ttl=42 time=11.238 ms
64 bytes from 8.8.8.8: seq=15 ttl=42 time=11.055 ms
64 bytes from 8.8.8.8: seq=16 ttl=42 time=11.129 ms
64 bytes from 8.8.8.8: seq=17 ttl=42 time=11.164 ms
64 bytes from 8.8.8.8: seq=18 ttl=42 time=11.120 ms
64 bytes from 8.8.8.8: seq=19 ttl=42 time=11.123 ms
64 bytes from 8.8.8.8: seq=20 ttl=42 time=11.105 ms
^C
--- 8.8.8.8 ping statistics ---
21 packets transmitted, 21 packets received, 0% packet loss
round-trip min/avg/max = 11.055/14.954/31.921 ms
root@cloud:~/onlyGvisor#