DTrace: Difference between revisions

DTrace
Developer(s)	Sun Microsystems
Initial release	January 2005
Operating system	Unix-like
Type	tracing
License	Common Development and Distribution License
Website	http://opensolaris.org/os/community/dtrace/

Browse history interactively

← Previous edit Next edit →

Content deleted Content added

VisualWikitext

Inline

Revision as of 21:28, 5 August 2010

DTrace is a comprehensive dynamic tracing framework created by Sun Microsystems for troubleshooting kernel and application problems on production systems in real time. Originally developed for Solaris, it has since been released under the free Common Development and Distribution License (CDDL) and has been ported to several other Unix-like systems.

DTrace can be used to get a global overview of a running system, such as the amount of memory, CPU time, filesystem and network resources used by the active processes. It can also provide much more fine-grained information, such as a log of the arguments with which a specific function is being called, or a list of the processes accessing a specific file.

Description

DTrace is designed to give operational insights that allow users to tune and troubleshoot applications and the OS itself.

Tracing programs (also referred to as scripts) are written using the D programming language (not to be confused with other programming languages named "D"). The language is a subset of C with added functions and variables specific to tracing. D programs resemble awk programs in structure; they consist of a list of one or more probes (instrumentation points), and each probe is associated with an action. Whenever the condition for the probe is met, the associated action is executed (the probe "fires"). A typical probe might fire when a certain file is opened, or a process is started, or a certain line of code is executed. A probe that fires may analyze the run-time situation by accessing the call stack and context variables and evaluating expressions; it can then print out or log some information, record it in a database, or modify context variables. The reading and writing of context variables allows probes to pass information to each other, allowing them to cooperatively analyze the correlation of different events.

Special consideration has been taken to make DTrace safe to use in a production environment. For example, there is minimal probe effect when tracing is underway, and no performance impact associated with any disabled probe; this is important since there are tens of thousands of DTrace probes that can be enabled. New probes can also be created dynamically.

Command line examples

DTrace scripts can be invoked directly from the command line, providing one or more probes and actions as arguments. Some examples:

# New processes with arguments,
dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }'
 
# Files opened by process,
dtrace -n 'syscall::open*:entry { printf("%s %s",execname,copyinstr(arg0)); }'
 
# Syscall count by program,
dtrace -n 'syscall:::entry { @num[execname] = count(); }'
 
# Syscall count by syscall,
dtrace -n 'syscall:::entry { @num[probefunc] = count(); }'
 
# Syscall count by process,
dtrace -n 'syscall:::entry { @num[pid,execname] = count(); }'
 
# Disk size by process,
dtrace -n 'io:::start { printf("%d %s %d",pid,execname,args[0]->b_bcount); }'   
 
# Pages paged in by process,
dtrace -n 'vminfo:::pgpgin { @pg[execname] = sum(arg0); }'

Scripts can also be written which can reach hundreds of lines in length, although typically only tens of lines are needed for advanced troubleshooting and analysis. Over 200 examples of open source DTrace scripts can be found in the DTraceToolkit^[1], which also provides documentation and demonstrations of each.

Supported platforms

DTrace was first made available for use in November 2003, and was formally released as part of Sun's Solaris 10 in January 2005. DTrace was the first component of the OpenSolaris project to have its source code released under the Common Development and Distribution License (CDDL).

DTrace has been ported to FreeBSD^[2] and NetBSD^[3] as a substitute for the ktrace utility.

Apple added DTrace support in Mac OS X 10.5 "Leopard", including a GUI called Instruments.^[4] Over 40 DTrace scripts from the DTraceToolkit are included in /usr/bin^[5], including tools to examine disk I/O (iosnoop) and process execution (execsnoop). Unlike other platforms that DTrace is supported on, Mac OS X has a flag (P_LNOATTACH) that a program may set that disallows tracing of that process by debugging utilities such as DTrace and gdb. In the original Mac OS X DTrace implementation, this could affect tracing of other system information, as unrelated probes that should fire while a program with this flag set was running would fail to do so.^[6] This problem was addressed a few months later in the Mac OS X 10.5.3 update.^[7]

There is an early DTrace port to Linux which works with several providers - FBT, SYSCALL, USDT and a new one called the Instruction Provider. This implementation is provided as a loadable kernel module with no changes to kernel source code. This is desirable to ensure portability, but also to avoid licensing conflicts (CDDL vs GPL). ^[8]

DTrace is also being developed to support QNX 6.

Authors and awards

DTrace was designed and implemented by Bryan Cantrill, Mike Shapiro, and Adam Leventhal. The authors received recognition in 2005 for the innovations in DTrace from InfoWorld and Technology Review.^[9]^[10] DTrace won the top prize in the Wall Street Journal's 2006 Technology Innovation Awards competition.^[11] The authors were recognized by USENIX with the Software Tools User Group (STUG) award in 2008.^[12]

References

Bryan Cantrill (2006). "Hidden in Plain Sight". ACM Queue. 4 (1): 26–36. doi:10.1145/1117389.1117401. ISSN 1542-7730. Retrieved 2006-09-08. {{cite journal}}: Unknown parameter |month= ignored (help)
Bryan M. Cantrill, Michael W. Shapiro and Adam H. Leventhal (2004). "Dynamic Instrumentation of Production Systems". Proceedings of the 2004 USENIX Annual Technical Conference. Retrieved 2006-09-08. {{cite conference}}: Unknown parameter |booktitle= ignored (|book-title= suggested) (help); Unknown parameter |month= ignored (help)

Notes

^ "DTraceToolkit". OpenSolaris.org. Retrieved 2010-05-31.
^ "FreeBSD 7.1-RELEASE Announcement date=2009-01-06". Retrieved 2009-01-06. {{cite web}}: Missing pipe in: |title= (help)
^ "NetBSD source changes, 21 February 2010".
^ "Mac OS X Leopard - Developer Tools - Instruments". Apple, Inc. Retrieved 2007-10-19.
^ "Mac OS X DTrace". Apple, Inc. Retrieved 2010-05-31.
^ "Mac OS X and the missing probes". Leventhal, Adam H. January 18, 2008. Retrieved 2008-01-20.
^ "Apple Updates DTrace". Leventhal, Adam H. June 7, 2008. Retrieved 2008-06-16.
^ "CRiSP Weblog". Retrieved 2009-06-13.
^ "Tracing software in real time". Technology Review. MIT. 2005. Retrieved 2007-03-31.
^ McAllister, Neil (2005). "Innovation is alive and well in 2005". InfoWorld. IDG. Retrieved 2007-03-31. {{cite web}}: Unknown parameter |month= ignored (help)
^ Totty, Michael (2006). "The Winners Are..." The Wall Street Journal. Dow Jones & Company, Inc. Retrieved 2007-03-31. {{cite web}}: Unknown parameter |month= ignored (help)
^ "2008 USENIX Annual Technical Conference (USENIX '08)". 2008. Retrieved 2008-11-26.

External links

Project D-Light Tutorial - a DTrace plug-in for the Sun Studio IDE
Exploring Leopard with DTrace -- how to use DTrace for debugging and exploration
Google Tech Talk on DTrace given by Bryan Cantrill

[1] "DTraceToolkit". OpenSolaris.org. Retrieved 2010-05-31.

[2] "FreeBSD 7.1-RELEASE Announcement date=2009-01-06". Retrieved 2009-01-06. {{cite web}}: Missing pipe in: |title= (help)

[3] "NetBSD source changes, 21 February 2010".

[4] "Mac OS X Leopard - Developer Tools - Instruments". Apple, Inc. Retrieved 2007-10-19.

[5] "Mac OS X DTrace". Apple, Inc. Retrieved 2010-05-31.

[6] "Mac OS X and the missing probes". Leventhal, Adam H. January 18, 2008. Retrieved 2008-01-20.

[7] "Apple Updates DTrace". Leventhal, Adam H. June 7, 2008. Retrieved 2008-06-16.

[8] "CRiSP Weblog". Retrieved 2009-06-13.

[9] "Tracing software in real time". Technology Review. MIT. 2005. Retrieved 2007-03-31.

[10] McAllister, Neil (2005). "Innovation is alive and well in 2005". InfoWorld. IDG. Retrieved 2007-03-31. {{cite web}}: Unknown parameter |month= ignored (help)

[11] Totty, Michael (2006). "The Winners Are..." The Wall Street Journal. Dow Jones & Company, Inc. Retrieved 2007-03-31. {{cite web}}: Unknown parameter |month= ignored (help)

[12] "2008 USENIX Annual Technical Conference (USENIX '08)". 2008. Retrieved 2008-11-26.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

@@ Line 81: / Line 81: @@
 }}</ref>
-As of March 2010, no major Linux vendor either ships or supports DTrace, compared to [[SystemTap]] which is included in every major distribution. There is a beta dtrace port for [[Linux]] which works for the key providers - FBT, SYSCALL and a new one called the Instruction Provider. This implementation is provided as a loadable [[kernel module]] with no changes to kernel source code. This is desirable to ensure portability, but also to avoid licensing conflicts (CDDL vs GPL). USDT (user space probes) are available. The Instruction Provider provides a way to trace any call/jump/interrupt change or LOCK/REP prefix instruction in the kernel.<ref>{{cite web
+There is an early DTrace port to [[Linux]] which works with several providers - FBT, SYSCALL, USDT and a new one called the Instruction Provider. This implementation is provided as a loadable [[kernel module]] with no changes to kernel source code. This is desirable to ensure portability, but also to avoid licensing conflicts (CDDL vs GPL). <ref>{{cite web
  | url = http://www.crisp.demon.co.uk/blog/index.html
  | title = CRiSP Weblog

v t e Oracle Solaris
Technologies	Direct binding Doors DTrace IPMP JumpStart mdb MPxIO SMF snoop Containers Crossbow Cluster Trusted Extensions ZFS
OpenSolaris, illumos	BeleniX Nexenta OS OpenIndiana OmniOS CE OpenSolaris for System z SmartOS Tribblix