Windows 10 will now be shipped with DTrace, an open source debugging and diagnostic tool. DTrace will be shipped in Windows 10 v1903, according to the announcement on Microsoft Tech Community. The spokesperson of Microsoft mentioned that by including DTrace in the Windows 10 machines, Microsoft is engaging with open source communities to produce better solutions for the community and the customers.
What is DTrace open source debugging & diagnostic tool
As Microsoft mentions, DTrace is one of the most useful debugging tools that have arrived in the last decade. DTrace is an open source debugging and diagnostic tool that has a dynamic tracing framework. The framework allows an admin or developer to get a real-time look into a system either in user or kernel mode.
“DTrace has a C-style high level and powerful programming language that allows you to dynamically insert trace points. Using these dynamically inserted trace points, you can filter on conditions or errors, write code to analyze lock patterns, detect deadlocks, etc. ETW while powerful, is static and does not provide the ability to programmatically insert trace points at runtime.”
Microsoft will now add support for DTrace on Windows using OpenDTrace port. OpenDTrace is the portable implementation of DTrace for different operating systems. OpenDTrace development had started in 2016 on GitHub.
DTrace on GitHub
The source code for the ported DTrace tool is available on GitHub. Microsoft has created a Windows branch for “DTrace on Windows” under the OpenDTrace project on GitHub. All the changes made to support DTrace on Windows are available here. Over time, Microsoft plans to work with the OpenDTrace community to merge our changes. All our source code is also available at the 3rd party sources website maintained by Microsoft.
What do you need to run DTrace on Windows 10?
To run DTrace on Windows 10 machine, you would need a Windows 10 Build 18342 or higher. Besides, DTrace open source debugging and diagnostic tool is available only on x64 Windows and captures tracing info only for 64-bit processes. You need to enable Windows Insider Program and configure it with valid Windows Insider Account.
How to download and run DTrace
BCD configuration set:
bcdedit /set dtrace on
Download and install the DTrace package from the download center.
Now set up the symbol path. For this:
- Create a new directory for caching symbols locally. Example: mkdir c:\symbols.
- Set _NT_SYMBOL_PATH=srv*C:\symbols*http://msdl.microsoft.com/download/symbols
- DTrace automatically downloads the symbols necessary from the symbol server and caches to the local path.
Setup Kernel debugger connection to the target machine (MSDN link). This is only required if you want to trace Kernel events using FBT or other providers.
Note that you will need to disable Secureboot and BitLocker on C:, (if enabled) if you want to set up a kernel debugger. Now reboot the target machine.
You can read more about the debugger and how to use it here on Microsoft Tech Community.