DTrace is a comprehensive dynamic tracing framework originally created by Sun Microsystems for troubleshooting kernel and application problems on production systems in real time. Originally developed for Solaris, it has since been released under the free Common Development and Distribution License (CDDL) in OpenSolaris and its descendant illumos, and has been ported to several other Unix-like systems.

DTrace
Original author(s)Bryan Cantrill, Adam Leventhal, Mike Shapiro (Sun Microsystems)
Developer(s)Sun Microsystems, Oracle, Microsoft
Initial releaseJanuary 2005; 20 years ago (2005-01)
Repositorygithub.com/opendtrace
Written inC
Operating systemSolaris, illumos, macOS, FreeBSD, NetBSD, Linux,[1] Windows[2]
TypeTracing
LicenseCDDL, GPLv2, UPL
Websitedtrace.org

DTrace can be used to get a global overview of a running system, such as the amount of memory, CPU time, filesystem and network resources used by the active processes. It can also provide much more fine-grained information, such as a log of the arguments with which a specific function is being called, or a list of the processes accessing a specific file.

In 2010, Oracle Corporation acquired Sun Microsystems and announced the discontinuation of OpenSolaris. As a community effort of some core Solaris engineers to create a truly open source Solaris, illumos operating system was announced via webinar on Thursday, 3 August 2010,[3] as a fork on OpenSolaris OS/Net consolidation, including DTrace technology.

In October 2011, Oracle announced the porting of DTrace to Linux,[4] and in 2019 official DTrace for Fedora is available on GitHub. For several years an unofficial DTrace port to Linux was available, with no changes in licensing terms.[5]

In August 2017, Oracle released DTrace kernel code under the GPLv2+ license, and user space code under GPLv2 and UPL licensing.[6] In September 2018 Microsoft announced that they had ported DTrace from FreeBSD to Windows.[2]

In September 2016 the OpenDTrace effort began on github with both code and comprehensive documentation of the system's internals. The OpenDTrace effort maintains the original CDDL licensing for the code from OpenSolaris with additional code contributions coming under a BSD 2 Clause license. The goal of OpenDTrace is to provide an OS agnostic, portable implementation of DTrace that is acceptable to all consumers, including macOS, FreeBSD, OpenBSD, NetBSD, and Linux as well as embedded systems.

Description

edit

Sun Microsystems designed DTrace to give operational insights that allow users to tune and troubleshoot applications and the OS itself.

Testers write tracing programs (also referred to as scripts) using the D programming language (not to be confused with other programming languages named "D"). The language, inspired by C, includes added functions and variables specific to tracing. D programs resemble AWK programs in structure; they consist of a list of one or more probes (instrumentation points), and each probe is associated with an action. These probes are comparable to a pointcut in aspect-oriented programming. Whenever the condition for the probe is met, the associated action is executed (the probe "fires"). A typical probe might fire when a certain file is opened, or a process is started, or a certain line of code is executed. A probe that fires may analyze the run-time situation by accessing the call stack and context variables and evaluating expressions; it can then print out or log some information, record it in a database, or modify context variables. The reading and writing of context variables allows probes to pass information to each other, allowing them to cooperatively analyze the correlation of different events.

Special consideration has been taken to make DTrace safe to use in a production environment. For example, there is minimal probe effect when tracing is underway, and no performance impact associated with any disabled probe; this is important since there are tens of thousands of DTrace probes that can be enabled. New probes can also be created dynamically.

Command line examples

edit

DTrace scripts can be invoked directly from the command line, providing one or more probes and actions as arguments. Some examples:

# New processes with arguments
dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }'

# Files opened by process
dtrace -n 'syscall::open*:entry { printf("%s %s",execname,copyinstr(arg0)); }'

# Syscall count by program
dtrace -n 'syscall:::entry { @num[execname] = count(); }'

# Syscall count by syscall
dtrace -n 'syscall:::entry { @num[probefunc] = count(); }'

# Syscall count by process
dtrace -n 'syscall:::entry { @num[pid,execname] = count(); }'

# Disk size by process
dtrace -n 'io:::start { printf("%d %s %d",pid,execname,args[0]->b_bcount); }'

# Pages paged in by process
dtrace -n 'vminfo:::pgpgin { @pg[execname] = sum(arg0); }'

Scripts can also be written which can reach hundreds of lines in length, although typically only tens of lines are needed for advanced troubleshooting and analysis. Over 200 examples of open source DTrace scripts can be found in the DTraceToolkit,[7] created by Brendan Gregg (author of the DTrace book[8]), which also provides documentation and demonstrations of each.

Supported platforms

edit

DTrace first became available for use in November 2003, and was formally released as part of Sun's Solaris 10 in January 2005. DTrace was the first component of the OpenSolaris project to have its source code released under the Common Development and Distribution License (CDDL).

DTrace is an integral part of illumos and related distributions.

DTrace is a standard part of FreeBSD[9] and NetBSD.[10]

Apple added DTrace support in Mac OS X 10.5 "Leopard", including a GUI called Instruments.[11] Over 40 DTrace scripts from the DTraceToolkit are included in /usr/bin,[12] including tools to examine disk I/O (iosnoop) and process execution (execsnoop). Unlike other platforms that DTrace is supported on, Mac OS X has a flag (P_LNOATTACH) that a program may set that disallows tracing of that process by debugging utilities such as DTrace and gdb. In the original Mac OS X DTrace implementation, this could affect tracing of other system information, as unrelated probes that should fire while a program with this flag set was running would fail to do so.[13] The OS X 10.5.3 update addressed this issue a few months later.[14] However, since El Capitan, System Integrity Protection prevents user from DTracing protected binary by default.

The Linux port of DTrace has been available since 2008;[15] work continues actively to enhance and fix issues. There is also an active implementation on github. Standard core providers are available (fbt, syscall, profile), plus a special "instr" provider (some of the Solaris providers are not yet available as of 2013). The Linux DTrace implementation is a loadable kernel module, which means that the kernel itself requires no modification, and thus allows DTrace to avoid CDDL vs. GPL licensing conflicts (in its source form, at least). However, once DTrace is loaded the kernel instance will be marked as tainted.

In 2007, a developer at QNX Software Systems announced on his blog that he and a colleague were working on incorporating DTrace into the QNX operating system.[16]

Oracle Corporation added beta DTrace support for Oracle Linux in 2011,[1] as a technology preview in the Unbreakable Enterprise Kernel release 2, which is under GPLv2 (the DTrace Linux kernel module was originally released under CDDL).[17] General availability was announced in December 2012.[18][19]

On March 11, 2019, Microsoft released a version of DTrace for Windows 10 insider builds.[20] Microsoft included DTrace as a built-in tool in Windows Server 2025.[21][22]

Language and application providers

edit

With a supported language provider, DTrace can retrieve context of the code, including function, source file, and line number location. Further, dynamic memory allocation and garbage collection can be made available if supported by the language.[23] Supported language providers include assembly language[clarification needed], C, C++, Java, Erlang, JavaScript, Perl, PHP, Python, Ruby, shell script, and Tcl.

Application providers allow DTrace to follow the operation of applications through system calls and into the kernel. Applications that offer DTrace application providers include MySQL, PostgreSQL, Oracle Database, Oracle Grid Engine, and Firefox.[23][24][25]

Authors and awards

edit

DTrace was designed and implemented by Bryan Cantrill, Mike Shapiro, and Adam Leventhal.

The authors received recognition in 2005 for the innovations in DTrace from InfoWorld and Technology Review.[26][27] DTrace won the top prize in The Wall Street Journal's 2006 Technology Innovation Awards competition.[28] The authors were recognized by USENIX with the Software Tools User Group (STUG) award in 2008.[29]

See also

edit
  • eBPF – Linux kernel tracing backend providing a set of features similar to DTrace[30] since kernel version 4.9
  • ftrace – a tracing framework for the Linux kernel, capable of tracing scheduling events, interrupts, memory-mapped I/O, CPU power state transitions, etc.
  • ktrace – a BSD Unix and macOS utility that traces kernel–program interactions
  • ltrace – a Linux debugging utility, displays the calls a userland application makes to shared libraries
  • strace – a debugging utility for Linux, monitors system calls used by a program and all received signals
  • SystemTap – a scripting language and utility used for instrumenting Linux installations
  • LTTng
  • IBM ProbeVue

References

edit
  • Cantrill, Bryan (February 2006). "Hidden in Plain Sight". ACM Queue. 4 (1): 26–36. doi:10.1145/1117389.1117401. Retrieved 2017-12-19.
  • Bryan M. Cantrill, Michael W. Shapiro and Adam H. Leventhal (June 2004). Dynamic Instrumentation of Production Systems. Proceedings of the 2004 USENIX Annual Technical Conference. Retrieved 2006-09-08.

Notes

edit
  1. ^ a b Wim Coekaerts (2011-10-09). "Trying out dtrace". blogs.oracle.com. Retrieved 2018-02-15.
  2. ^ a b "OS internals: Technical deep-dive into operating system innovations - BRK3365". Microsoft Ignite Channel. 2018-10-08.
  3. ^ D'Amore, Garrett (3 August 2010). "Illumos - Hope and Light Springs Anew - Presented by Garrett D'Amore" (PDF). illumos.org. Retrieved 3 August 2010.
  4. ^ "Oracle To Bring Dtrace To Linux". Slashdot. 2011-10-04. Retrieved 2020-11-11.
  5. ^ [1] "The original DTrace is licensed under Sun's (now Oracle) CDDL license. Original copyrights are left intact. No GPL code is incorporated into the release, to avoid legal conflicts."
  6. ^ Wielaard, Mark J. (2018-02-14). "dtrace for linux; Oracle does the right thing". Mark J. Wielaard blog. Retrieved 2018-02-14.
  7. ^ "DTraceToolkit". Brendan Gregg. Retrieved 2014-06-08.
  8. ^ DTrace: Dynamic Tracing in Oracle Solaris, Mac OS X and FreeBSD. Safari Books. 2011. ISBN 978-0132091510. Archived from the original on 2011-04-06. Retrieved 2011-01-03.
  9. ^ "FreeBSD 7.1-RELEASE Announcement". 2009-01-06. Retrieved 2009-01-06.
  10. ^ "NetBSD source changes, 21 February 2010".
  11. ^ "Mac OS X Leopard - Developer Tools - Instruments". Apple Inc. Archived from the original on 2007-10-24. Retrieved 2007-10-19.
  12. ^ "Mac OS X DTrace". Apple Inc. Retrieved 2010-05-31.
  13. ^ "Mac OS X and the missing probes". Leventhal, Adam H. January 18, 2008. Retrieved 2008-01-20.
  14. ^ "Apple Updates DTrace". Leventhal, Adam H. June 7, 2008. Retrieved 2008-06-16.
  15. ^ "CRiSP tools download page". Archived from the original on 2020-11-16. Retrieved 2011-03-02.
  16. ^ "DTrace on QNX!". Oracle The Observation Deck Blog. November 8, 2007.
  17. ^ Zannoni, Elena; Van Hees, Kris (2012). DTrace on Linux (PDF). Linux Foundation Collaboration Summit. Archived from the original (PDF) on 2014-07-07. Retrieved 2012-04-05.
  18. ^ Koch, Zeynep (December 12, 2012). "Announcement: DTrace for Oracle Linux General Availability". Oracle Linux Blog.
  19. ^ DTrace module source code for Linux[permanent dead link]
  20. ^ Pulapaka, Hari (March 11, 2019). "DTrace on Windows". Microsoft Tech Community.
  21. ^ "DTrace". Microsoft Learn. 2024-04-19. Retrieved 2024-11-07.
  22. ^ Gatlan, Sergiu (2024-11-04). "Windows Server 2025 released—here are the new features". BleepingComputer. Archived from the original on 2024-11-05. Retrieved 2024-11-07.
  23. ^ a b DTrace: Dynamic Tracing in Oracle Solaris, Mac OS X and FreeBSD. Prentice Hall. 2011. p. 1152. ISBN 9780132091510.
  24. ^ "Open Grid Scheduler / Grid Engine Documentation". Open Grid Scheduler. Retrieved December 30, 2012.
  25. ^ "DTrace – MDN". Mozilla. Archived from the original on September 5, 2014. Retrieved December 30, 2012.
  26. ^ "Tracing software in real time". Technology Review. MIT. 2005. Retrieved 2007-03-31.
  27. ^ McAllister, Neil (August 2005). "Innovation is alive and well in 2005". InfoWorld. IDG. Archived from the original on 2005-11-23. Retrieved 2007-03-31.
  28. ^ Totty, Michael (September 2006). "The Winners Are..." The Wall Street Journal. Dow Jones & Company, Inc. Retrieved 2007-03-31.
  29. ^ "2008 USENIX Annual Technical Conference (USENIX '08)". 2008. Retrieved 2008-11-26.
  30. ^ "DTrace Tools". Retrieved 2017-11-27.
edit