https://github.com/microsoft/DTrace-on-Windows Skip to content Sign up * Product + Features + Mobile + Actions + Codespaces + Copilot + Packages + Security + Code review + Issues + Discussions + Integrations + GitHub Sponsors + Customer stories * Team * Enterprise * Explore + Explore GitHub + Learn and contribute + Topics + Collections + Trending + Skills + GitHub Sponsors + Open source guides + Connect with others + The ReadME Project + Events + Community forum + GitHub Education + GitHub Stars program * Marketplace * Pricing + Plans + Compare plans + Contact Sales + Education [ ] * # In this repository All GitHub | Jump to | * No suggested jump to results * # In this repository All GitHub | Jump to | * # In this organization All GitHub | Jump to | * # In this repository All GitHub | Jump to | Sign in Sign up {{ message }} microsoft / DTrace-on-Windows Public forked from opendtrace/opendtrace * Notifications * Fork 73 * Star 241 Code for the cross platform, single source, OpenDTrace implementation License View license 241 stars 73 forks Star Notifications * Code * Issues 10 * Pull requests 0 * Discussions * Actions * Projects 0 * Security * Insights More * Code * Issues * Pull requests * Discussions * Actions * Projects * Security * Insights microsoft/DTrace-on-Windows This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. windows Switch branches/tags [ ] Branches Tags Could not load branches Nothing to show {{ refName }} default View all branches Could not load tags Nothing to show {{ refName }} default View all tags 2 branches 0 tags Code * Clone HTTPS GitHub CLI [https://github.com/m] Use Git or checkout with SVN using the web URL. [gh repo clone micros] Work fast with our official CLI. Learn more. * Open with GitHub Desktop * Download ZIP Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Launching GitHub Desktop If nothing happens, download GitHub Desktop and try again. Launching Xcode If nothing happens, download Xcode and try again. Launching Visual Studio Code Your codespace will open once ready. There was a problem preparing your codespace, please try again. This branch is 12 commits ahead of opendtrace:windows. Contribute * This branch is 12 commits ahead of opendtrace:windows. Open a pull request to contribute your changes upstream. * Open pull request Latest commit ashedel@ntdev.microsoft.com Updating samples ... 6eddceb Apr 26, 2022 Updating samples 6eddceb Git stats * 19 commits Files Permalink Failed to load latest commit information. Type Name Latest commit message Commit time cmd Updating DTrace Apr 21, 2022 lib Updating samples Apr 26, 2022 releng Make Get-ExternalTools dl in releng/ if run in root Mar 1, 2021 samples/windows Updating samples Apr 26, 2022 sys Updating DTrace Apr 21, 2022 .gitignore Add Visual Studio projects, scripts, and docs Mar 24, 2019 COMPILING.md Updating DTrace Apr 21, 2022 LICENSE Add the original CDDL/OPENSOLARIS License to the repo Nov 11, 2017 README.md Updating samples Apr 26, 2022 opendtrace.sln DTrace on Windows - etw_trace(), lkd(), bug fixes. Aug 31, 2019 View code DTrace on Windows Install Examples Learn more License README.md DTrace on Windows Here at Microsoft, we are always looking to engage with open source communities to produce better solutions for the community and our customers. One of the more useful debugging advances that have arrived in the last decade is DTrace. DTrace of course needs no introduction: it's a dynamic tracing framework that allows an admin or developer to get a real-time look into a system either in user or kernel mode. DTrace has a C-style high level and powerful programming language that allows you to dynamically insert trace points. Using these dynamically inserted trace points, you can filter on conditions or errors, write code to analyze lock patterns, detect deadlocks, etc. ETW, while powerful, is static and does not provide the ability to programmatically insert trace points at runtime. There are a lot of websites and resources from the community to learn about DTrace. One comprehensive option is the Dynamic Tracing Guide. This book describes DTrace in detail and is the authoritative guide for DTrace. We also have Windows specific examples below. Starting in 2016, the OpenDTrace effort began on GitHub that tried to ensure a portable implementation of DTrace for different operating systems. We decided to add support for DTrace on Windows using this OpenDTrace port. This is a fork of the 'opendtrace' repository and contains the unified, cross platform, source code for the OpenDTrace system including kernel components. Install Follow MSDN instructions. Prerequisites: * Windows 10 x64 Build 1903 or higher Limitations: * Only available for 64-bit platforms * Only captures traces for 64-bit processes Steps: 1. Enable dtrace in the Boot Configuration Data (BCD) store. (bcdedit /set dtrace on) You will need to repeat this step every time you install a newer build of Windows. 2. Download and execute the dtrace installer. 3. Configure the _NT_SYMBOL_PATH environment variable for local symbol caching. 4. Reboot the target machine. Examples Note: DTrace on Windows leverages additional Windows security features that may impact your experience. // Syscall summary by program for 5 seconds: dtrace -Fn "tick-5sec { exit(0);} syscall:::entry{ @num[pid,execname] = count();} " // Summarize timer set/cancel program for 3 seconds: dtrace -Fn "tick-3sec { exit(0);} syscall::Nt*Timer*:entry { @[probefunc, execname, pid] = count();}" // Dump System Process kernel structure: (requires symbol path to be set) dtrace -n "BEGIN{print(*(struct nt`_EPROCESS *) nt`PsInitialSystemProcess);exit(0);}" // Tracing paths through NTFS when running notepad.exe (requires KD attach): Run below command and launch notepad.exe dtrace -Fn "fbt:ntfs::/execname==\"notepad.exe\"/{}" Learn more * MSDN * DTrace on Windows * Compiling OpenDTrace for Windows * OpenDTrace Documentation Repository * Dynamic Tracing Guide License OpenDTrace is under the CDDL license, see the LICENSE file in this repository for details. About Code for the cross platform, single source, OpenDTrace implementation Resources Readme License View license Code of conduct Code of conduct Stars 241 stars Watchers 16 watching Forks 73 forks Releases No releases published Packages 0 No packages published Languages * C 94.8% * C++ 3.2% * Assembly 0.7% * Roff 0.5% * Lex 0.4% * Yacc 0.3% * Other 0.1% Footer (c) 2022 GitHub, Inc. Footer navigation * Terms * Privacy * Security * Status * Docs * Contact GitHub * Pricing * API * Training * Blog * About You can't perform that action at this time. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.