DTrace limited on Centos/Fedora

I wanted to work on a problem on a Centos 6 box. I ran dtrace and it failed. It doesn't accept -n or -l or -P or any command line options. It claims to ONLY accept -h, -G, -C, -I, -s, and -o. I figured this must be some weird Centos thing, so I went to verify on a Fedora 22 box. Same issue. It only accepts a very limited number of command line options. I went to try an Oracle box, which is very much RedHat like Centos and similar to Fedora. It worked fine. I was able to run just dtrace and get a long list of all the command line options. I went back to Centos and Fedora. When I enter dtrace, the output is Usage /bin/dtrace [--help] [-h | -G] [-C [-I<Path>]] -s File.d [-o <File>]. So, after an hour of Googling, I've given up. How do you get dtrace to work properly on Centos/Fedora? I've tried both as root and a user. I've searched for packages to increase the functionality. I've tried removing and reinstalling dtrace. The only thing left is to remove the package and install dtrace from source.


Solution 1:

The dtrace you find on Oracle Linux is not the dtrace which comes with Linux systemtap and that you will find on every other Linux distribution.

Rather, it is a port of Solaris dtrace provided by Oracle and only available on Oracle Linux.

The two commands are completely different and have different purposes.

The standard Linux kernel tracing facility is known as systemtap, and Oracle's dtrace is just a proprietary wrapper over that. You can always use systemtap directly.

Solution 2:

The dtrace script that comes on non-Oracle linux distros is a little tool from the systemtap project. It provides only the <sys/sdt.h>-related object/header-file building functionality of solaris dtrace. It maps it to systemtap data structures, so stap -L 'process("a.out").mark("*") probes will list the instrumentation.

Solution 3:

Now you can use BPFtrace!

https://github.com/iovisor/bpftrace

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap. BPFtrace was created by Alastair Robertson.

bpftrace probe types

Old answer:

You can install the Linux port of Sun/Oracle dtrace from source here: https://github.com/dtrace4linux/linux