Windows 10 to ship with DTrace open source debugging and diagnostic tool

Windows 10 will now be shipped with DTrace, an open source debugging and diagnostic tool. DTrace will be shipped in Windows 10 v1903, according to the announcement on Microsoft Tech Community. The spokesperson of Microsoft mentioned that by including DTrace in the Windows 10 machines, Microsoft is engaging with open source communities to produce better solutions for the community and the customers.

What is DTrace open source debugging & diagnostic tool

Open source debugging and diagnostic tool

As Microsoft mentions, DTrace is one of the most useful debugging tools that have arrived in the last decade. DTrace is an open source debugging and diagnostic tool that has a dynamic tracing framework. The framework allows an admin or developer to get a real-time look into a system either in user or kernel mode.

“DTrace has a C-style high level and powerful programming language that allows you to dynamically insert trace points. Using these dynamically inserted trace points, you can filter on conditions or errors, write code to analyze lock patterns, detect deadlocks, etc. ETW while powerful, is static and does not provide the ability to programmatically insert trace points at runtime.”

Microsoft will now add support for DTrace on Windows using OpenDTrace port. OpenDTrace is the portable implementation of DTrace for different operating systems. OpenDTrace development had started in 2016 on GitHub.

DTrace on GitHub

The source code for the ported DTrace tool is available on GitHub. Microsoft has created a Windows branch for “DTrace on Windows” under the OpenDTrace project on GitHub. All the changes made to support DTrace on Windows are available here. Over time, Microsoft plans to work with the OpenDTrace community to merge our changes. All our source code is also available at the 3rd party sources website maintained by Microsoft.

What do you need to run DTrace on Windows 10?

To run DTrace on Windows 10 machine, you would need a Windows 10 Build 18342 or higher. Besides, DTrace open source debugging and diagnostic tool is available only on x64 Windows and captures tracing info only for 64-bit processes. You need to enable Windows Insider Program and configure it with valid Windows Insider Account.

How to download and run DTrace

BCD configuration set:

bcdedit /set dtrace on

Download and install the DTrace package from the download center.

Now set up the symbol path. For this:

  • Create a new directory for caching symbols locally. Example: mkdir c:\symbols.
  • Set _NT_SYMBOL_PATH=srv*C:\symbols*
  • DTrace automatically downloads the symbols necessary from the symbol server and caches to the local path.

Optional process:

Setup Kernel debugger connection to the target machine (MSDN link). This is only required if you want to trace Kernel events using FBT or other providers.

Note that you will need to disable Secureboot and BitLocker on C:, (if enabled) if you want to set up a kernel debugger. Now reboot the target machine.

You can read more about the debugger and how to use it here on Microsoft Tech Community.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.