Basic usage of DTrace

I’m slowly getting used to seeing and using DTrace in my everyday work…

For example, here’s a start of the most basic analysis.

My setup: The system is constantly busy with something, and our task is to find what’s responsible for this. How? One of the possible solutions is to simply watch the system for a certain period of time (5 seconds in our case) to see what process makes most system calles… And it’s clearly seen now that the most active consumer of system calls is Java VM which happens to run a very complex graphics applet at this very moment.

As for rxvt terminals, we’re seeing so many calls simply because we’re building our list based on the command name and not PID, so in the table we really see the cumulative number of system calls made by roughly 40 terminals I’ve got running on my box, and not a single session as one might think. Had I done the PID-based list, all the 40+ rxvt processes would have been shown separately.

Here it goes:

solaris# dtrace -n syscall:::entry'{@[execname] = count()} tick-5sec {printa(@); clear(@);}'

And this is the result of such a command line. Every 5 seconds you’ll see an output similar to this:

dtrace: description 'syscall:::entry' matched 227 probes
CPU     ID                    FUNCTION:NAME
1  36588                       :tick-5sec
svc.configd                                                       1
expect                                                            3
telnet                                                            4
svc.startd                                                        6
sendmail                                                         10
thunderbird-bin                                                  10
htt_server                                                       10
nscd                                                             13
mozilla-bin                                                      19
soffice.bin                                                      77
xautolock                                                       106
dtrace                                                          173
icewm                                                           225
Xorg                                                            874
rxvt                                                           2008
java_vm                                                        2651