Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log
Repository URL

evntrace.h@ 1186

Last change on this file since 1186 was 1166, checked in by rossy, 3 years ago
Daodan: Replace MinGW build env with an up-to-date MSYS2 env
File size: 32.0 KB

Line
1	/**
2	* This file is part of the mingw-w64 runtime package.
3	* No warranty is given; refer to the file DISCLAIMER within this package.
4	*/
5
6	#include <winapifamily.h>
7
8	#ifndef _EVNTRACE_
9	#define _EVNTRACE_
10
11	#if defined (_WINNT_) \|\| defined (WINNT)
12
13	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
14
15	#if !defined (WMIAPI) && !defined (__WIDL__) && !defined (MIDL_PASS)
16	#ifdef _WMI_SOURCE_
17	#ifdef _ARM_
18	#define WMIAPI
19	#else
20	#define WMIAPI __stdcall
21	#endif
22	#else
23	#ifdef _ARM_
24	#define WMIAPI DECLSPEC_IMPORT
25	#else
26	#define WMIAPI DECLSPEC_IMPORT __stdcall
27	#endif
28	#endif
29	#endif
30
31	#include <guiddef.h>
32
33	#if defined (_NTDDK_) \|\| defined (_NTIFS_) \|\| defined (_WMIKM_)
34	#define _EVNTRACE_KERNEL_MODE
35	#endif
36
37	#ifndef _EVNTRACE_KERNEL_MODE
38	#include <wmistr.h>
39	#endif
40
41	DEFINE_GUID (EventTraceGuid, 0x68fdd900, 0x4a3e, 0x11d1, 0x84, 0xf4, 0x00, 0x00, 0xf8, 0x04, 0x64, 0xe3);
42	DEFINE_GUID (SystemTraceControlGuid, 0x9e814aad, 0x3204, 0x11d2, 0x9a, 0x82, 0x00, 0x60, 0x08, 0xa8, 0x69, 0x39);
43	DEFINE_GUID (EventTraceConfigGuid, 0x01853a65, 0x418f, 0x4f36, 0xae, 0xfc, 0xdc, 0x0f, 0x1d, 0x2f, 0xd2, 0x35);
44	DEFINE_GUID (DefaultTraceSecurityGuid, 0x0811c1af, 0x7a07, 0x4a06, 0x82, 0xed, 0x86, 0x94, 0x55, 0xcd, 0xf7, 0x13);
45
46	#define KERNEL_LOGGER_NAMEW L"NT Kernel Logger"
47	#define GLOBAL_LOGGER_NAMEW L"GlobalLogger"
48	#define EVENT_LOGGER_NAMEW L"EventLog"
49	#define DIAG_LOGGER_NAMEW L"DiagLog"
50
51	#define KERNEL_LOGGER_NAMEA "NT Kernel Logger"
52	#define GLOBAL_LOGGER_NAMEA "GlobalLogger"
53	#define EVENT_LOGGER_NAMEA "EventLog"
54	#define DIAG_LOGGER_NAMEA "DiagLog"
55
56	#define MAX_MOF_FIELDS 16
57
58	#ifndef _TRACEHANDLE_DEFINED
59	#define _TRACEHANDLE_DEFINED
60	typedef ULONG64 TRACEHANDLE,*PTRACEHANDLE;
61	#endif
62
63	#define SYSTEM_EVENT_TYPE 1
64
65	#define EVENT_TRACE_TYPE_INFO 0x00
66	#define EVENT_TRACE_TYPE_START 0x01
67	#define EVENT_TRACE_TYPE_END 0x02
68	#define EVENT_TRACE_TYPE_STOP 0x02
69	#define EVENT_TRACE_TYPE_DC_START 0x03
70	#define EVENT_TRACE_TYPE_DC_END 0x04
71	#define EVENT_TRACE_TYPE_EXTENSION 0x05
72	#define EVENT_TRACE_TYPE_REPLY 0x06
73	#define EVENT_TRACE_TYPE_DEQUEUE 0x07
74	#define EVENT_TRACE_TYPE_RESUME 0x07
75	#define EVENT_TRACE_TYPE_CHECKPOINT 0x08
76	#define EVENT_TRACE_TYPE_SUSPEND 0x08
77	#define EVENT_TRACE_TYPE_WINEVT_SEND 0x09
78	#define EVENT_TRACE_TYPE_WINEVT_RECEIVE 0xf0
79
80	#define TRACE_LEVEL_NONE 0
81	#define TRACE_LEVEL_CRITICAL 1
82	#define TRACE_LEVEL_FATAL 1
83	#define TRACE_LEVEL_ERROR 2
84	#define TRACE_LEVEL_WARNING 3
85	#define TRACE_LEVEL_INFORMATION 4
86	#define TRACE_LEVEL_VERBOSE 5
87	#define TRACE_LEVEL_RESERVED6 6
88	#define TRACE_LEVEL_RESERVED7 7
89	#define TRACE_LEVEL_RESERVED8 8
90	#define TRACE_LEVEL_RESERVED9 9
91
92	#define EVENT_TRACE_TYPE_LOAD 0x0a
93	#define EVENT_TRACE_TYPE_TERMINATE 0x0b
94
95	#define EVENT_TRACE_TYPE_IO_READ 0x0a
96	#define EVENT_TRACE_TYPE_IO_WRITE 0x0b
97	#define EVENT_TRACE_TYPE_IO_READ_INIT 0x0c
98	#define EVENT_TRACE_TYPE_IO_WRITE_INIT 0x0d
99	#define EVENT_TRACE_TYPE_IO_FLUSH 0x0e
100	#define EVENT_TRACE_TYPE_IO_FLUSH_INIT 0x0f
101
102	#define EVENT_TRACE_TYPE_MM_TF 0x0a
103	#define EVENT_TRACE_TYPE_MM_DZF 0x0b
104	#define EVENT_TRACE_TYPE_MM_COW 0x0c
105	#define EVENT_TRACE_TYPE_MM_GPF 0x0d
106	#define EVENT_TRACE_TYPE_MM_HPF 0x0e
107	#define EVENT_TRACE_TYPE_MM_AV 0x0f
108
109	#define EVENT_TRACE_TYPE_SEND 0x0a
110	#define EVENT_TRACE_TYPE_RECEIVE 0x0b
111	#define EVENT_TRACE_TYPE_CONNECT 0x0c
112	#define EVENT_TRACE_TYPE_DISCONNECT 0x0d
113	#define EVENT_TRACE_TYPE_RETRANSMIT 0x0e
114	#define EVENT_TRACE_TYPE_ACCEPT 0x0f
115	#define EVENT_TRACE_TYPE_RECONNECT 0x10
116	#define EVENT_TRACE_TYPE_CONNFAIL 0x11
117	#define EVENT_TRACE_TYPE_COPY_TCP 0x12
118	#define EVENT_TRACE_TYPE_COPY_ARP 0x13
119	#define EVENT_TRACE_TYPE_ACKFULL 0x14
120	#define EVENT_TRACE_TYPE_ACKPART 0x15
121	#define EVENT_TRACE_TYPE_ACKDUP 0x16
122
123	#define EVENT_TRACE_TYPE_GUIDMAP 0x0a
124	#define EVENT_TRACE_TYPE_CONFIG 0x0b
125	#define EVENT_TRACE_TYPE_SIDINFO 0x0c
126	#define EVENT_TRACE_TYPE_SECURITY 0x0d
127	#define EVENT_TRACE_TYPE_DBGID_RSDS 0x40
128
129	#define EVENT_TRACE_TYPE_REGCREATE 0x0a
130	#define EVENT_TRACE_TYPE_REGOPEN 0x0b
131	#define EVENT_TRACE_TYPE_REGDELETE 0x0c
132	#define EVENT_TRACE_TYPE_REGQUERY 0x0d
133	#define EVENT_TRACE_TYPE_REGSETVALUE 0x0e
134	#define EVENT_TRACE_TYPE_REGDELETEVALUE 0x0f
135	#define EVENT_TRACE_TYPE_REGQUERYVALUE 0x10
136	#define EVENT_TRACE_TYPE_REGENUMERATEKEY 0x11
137	#define EVENT_TRACE_TYPE_REGENUMERATEVALUEKEY 0x12
138	#define EVENT_TRACE_TYPE_REGQUERYMULTIPLEVALUE 0x13
139	#define EVENT_TRACE_TYPE_REGSETINFORMATION 0x14
140	#define EVENT_TRACE_TYPE_REGFLUSH 0x15
141	#define EVENT_TRACE_TYPE_REGKCBCREATE 0x16
142	#define EVENT_TRACE_TYPE_REGKCBDELETE 0x17
143	#define EVENT_TRACE_TYPE_REGKCBRUNDOWNBEGIN 0x18
144	#define EVENT_TRACE_TYPE_REGKCBRUNDOWNEND 0x19
145	#define EVENT_TRACE_TYPE_REGVIRTUALIZE 0x1a
146	#define EVENT_TRACE_TYPE_REGCLOSE 0x1b
147	#define EVENT_TRACE_TYPE_REGSETSECURITY 0x1c
148	#define EVENT_TRACE_TYPE_REGQUERYSECURITY 0x1d
149	#define EVENT_TRACE_TYPE_REGCOMMIT 0x1e
150	#define EVENT_TRACE_TYPE_REGPREPARE 0x1f
151	#define EVENT_TRACE_TYPE_REGROLLBACK 0x20
152	#define EVENT_TRACE_TYPE_REGMOUNTHIVE 0x21
153
154	#define EVENT_TRACE_TYPE_CONFIG_CPU 0x0a
155	#define EVENT_TRACE_TYPE_CONFIG_PHYSICALDISK 0x0b
156	#define EVENT_TRACE_TYPE_CONFIG_LOGICALDISK 0x0c
157	#define EVENT_TRACE_TYPE_CONFIG_NIC 0x0d
158	#define EVENT_TRACE_TYPE_CONFIG_VIDEO 0x0e
159	#define EVENT_TRACE_TYPE_CONFIG_SERVICES 0x0f
160	#define EVENT_TRACE_TYPE_CONFIG_POWER 0x10
161	#define EVENT_TRACE_TYPE_CONFIG_NETINFO 0x11
162	#define EVENT_TRACE_TYPE_CONFIG_OPTICALMEDIA 0x12
163
164	#define EVENT_TRACE_TYPE_CONFIG_IRQ 0x15
165	#define EVENT_TRACE_TYPE_CONFIG_PNP 0x16
166	#define EVENT_TRACE_TYPE_CONFIG_IDECHANNEL 0x17
167	#define EVENT_TRACE_TYPE_CONFIG_NUMANODE 0x18
168	#define EVENT_TRACE_TYPE_CONFIG_PLATFORM 0x19
169	#define EVENT_TRACE_TYPE_CONFIG_PROCESSORGROUP 0x1a
170	#define EVENT_TRACE_TYPE_CONFIG_PROCESSORNUMBER 0x1b
171	#define EVENT_TRACE_TYPE_CONFIG_DPI 0x1c
172	#define EVENT_TRACE_TYPE_CONFIG_CI_INFO 0x1d
173	#define EVENT_TRACE_TYPE_CONFIG_MACHINEID 0x1e
174	#define EVENT_TRACE_TYPE_CONFIG_DEFRAG 0x1f
175	#define EVENT_TRACE_TYPE_CONFIG_MOBILEPLATFORM 0x20
176	#define EVENT_TRACE_TYPE_CONFIG_DEVICEFAMILY 0x21
177	#define EVENT_TRACE_TYPE_CONFIG_FLIGHTID 0x22
178	#define EVENT_TRACE_TYPE_CONFIG_PROCESSOR 0x23
179
180	#define EVENT_TRACE_TYPE_OPTICAL_IO_READ 0x37
181	#define EVENT_TRACE_TYPE_OPTICAL_IO_WRITE 0x38
182	#define EVENT_TRACE_TYPE_OPTICAL_IO_FLUSH 0x39
183	#define EVENT_TRACE_TYPE_OPTICAL_IO_READ_INIT 0x3a
184	#define EVENT_TRACE_TYPE_OPTICAL_IO_WRITE_INIT 0x3b
185	#define EVENT_TRACE_TYPE_OPTICAL_IO_FLUSH_INIT 0x3c
186
187	#define EVENT_TRACE_TYPE_FLT_PREOP_INIT 0x60
188	#define EVENT_TRACE_TYPE_FLT_POSTOP_INIT 0x61
189	#define EVENT_TRACE_TYPE_FLT_PREOP_COMPLETION 0x62
190	#define EVENT_TRACE_TYPE_FLT_POSTOP_COMPLETION 0x63
191	#define EVENT_TRACE_TYPE_FLT_PREOP_FAILURE 0x64
192	#define EVENT_TRACE_TYPE_FLT_POSTOP_FAILURE 0x65
193
194	#define EVENT_TRACE_FLAG_PROCESS 0x00000001
195	#define EVENT_TRACE_FLAG_THREAD 0x00000002
196	#define EVENT_TRACE_FLAG_IMAGE_LOAD 0x00000004
197
198	#define EVENT_TRACE_FLAG_DISK_IO 0x00000100
199	#define EVENT_TRACE_FLAG_DISK_FILE_IO 0x00000200
200
201	#define EVENT_TRACE_FLAG_MEMORY_PAGE_FAULTS 0x00001000
202	#define EVENT_TRACE_FLAG_MEMORY_HARD_FAULTS 0x00002000
203
204	#define EVENT_TRACE_FLAG_NETWORK_TCPIP 0x00010000
205
206	#define EVENT_TRACE_FLAG_REGISTRY 0x00020000
207	#define EVENT_TRACE_FLAG_DBGPRINT 0x00040000
208
209	#define EVENT_TRACE_FLAG_PROCESS_COUNTERS 0x00000008
210	#define EVENT_TRACE_FLAG_CSWITCH 0x00000010
211	#define EVENT_TRACE_FLAG_DPC 0x00000020
212	#define EVENT_TRACE_FLAG_INTERRUPT 0x00000040
213	#define EVENT_TRACE_FLAG_SYSTEMCALL 0x00000080
214
215	#define EVENT_TRACE_FLAG_DISK_IO_INIT 0x00000400
216	#define EVENT_TRACE_FLAG_ALPC 0x00100000
217	#define EVENT_TRACE_FLAG_SPLIT_IO 0x00200000
218
219	#define EVENT_TRACE_FLAG_DRIVER 0x00800000
220	#define EVENT_TRACE_FLAG_PROFILE 0x01000000
221	#define EVENT_TRACE_FLAG_FILE_IO 0x02000000
222	#define EVENT_TRACE_FLAG_FILE_IO_INIT 0x04000000
223
224	#define EVENT_TRACE_FLAG_DISPATCHER 0x00000800
225	#define EVENT_TRACE_FLAG_VIRTUAL_ALLOC 0x00004000
226
227	#define EVENT_TRACE_FLAG_VAMAP 0x00008000
228	#define EVENT_TRACE_FLAG_NO_SYSCONFIG 0x10000000
229
230	#define EVENT_TRACE_FLAG_JOB 0x00080000
231	#define EVENT_TRACE_FLAG_DEBUG_EVENTS 0x00400000
232
233	#define EVENT_TRACE_FLAG_EXTENSION 0x80000000
234	#define EVENT_TRACE_FLAG_FORWARD_WMI 0x40000000
235	#define EVENT_TRACE_FLAG_ENABLE_RESERVE 0x20000000
236
237	#define EVENT_TRACE_FILE_MODE_NONE 0x00000000
238	#define EVENT_TRACE_FILE_MODE_SEQUENTIAL 0x00000001
239	#define EVENT_TRACE_FILE_MODE_CIRCULAR 0x00000002
240	#define EVENT_TRACE_FILE_MODE_APPEND 0x00000004
241
242	#define EVENT_TRACE_REAL_TIME_MODE 0x00000100
243	#define EVENT_TRACE_DELAY_OPEN_FILE_MODE 0x00000200
244	#define EVENT_TRACE_BUFFERING_MODE 0x00000400
245	#define EVENT_TRACE_PRIVATE_LOGGER_MODE 0x00000800
246	#define EVENT_TRACE_ADD_HEADER_MODE 0x00001000
247
248	#define EVENT_TRACE_USE_GLOBAL_SEQUENCE 0x00004000
249	#define EVENT_TRACE_USE_LOCAL_SEQUENCE 0x00008000
250
251	#define EVENT_TRACE_RELOG_MODE 0x00010000
252
253	#define EVENT_TRACE_USE_PAGED_MEMORY 0x01000000
254
255	#define EVENT_TRACE_FILE_MODE_NEWFILE 0x00000008
256	#define EVENT_TRACE_FILE_MODE_PREALLOCATE 0x00000020
257
258	#define EVENT_TRACE_NONSTOPPABLE_MODE 0x00000040
259	#define EVENT_TRACE_SECURE_MODE 0x00000080
260	#define EVENT_TRACE_USE_KBYTES_FOR_SIZE 0x00002000
261	#define EVENT_TRACE_PRIVATE_IN_PROC 0x00020000
262	#define EVENT_TRACE_MODE_RESERVED 0x00100000
263
264	#define EVENT_TRACE_NO_PER_PROCESSOR_BUFFERING 0x10000000
265
266	#define EVENT_TRACE_SYSTEM_LOGGER_MODE 0x02000000
267	#define EVENT_TRACE_ADDTO_TRIAGE_DUMP 0x80000000
268	#define EVENT_TRACE_STOP_ON_HYBRID_SHUTDOWN 0x00400000
269	#define EVENT_TRACE_PERSIST_ON_HYBRID_SHUTDOWN 0x00800000
270
271	#define EVENT_TRACE_INDEPENDENT_SESSION_MODE 0x08000000
272	#define EVENT_TRACE_COMPRESSED_MODE 0x04000000
273
274	#define EVENT_TRACE_CONTROL_QUERY 0
275	#define EVENT_TRACE_CONTROL_STOP 1
276	#define EVENT_TRACE_CONTROL_UPDATE 2
277	#define EVENT_TRACE_CONTROL_FLUSH 3
278	#define EVENT_TRACE_CONTROL_INCREMENT_FILE 4
279
280	#define TRACE_MESSAGE_SEQUENCE 1
281	#define TRACE_MESSAGE_GUID 2
282	#define TRACE_MESSAGE_COMPONENTID 4
283	#define TRACE_MESSAGE_TIMESTAMP 8
284	#define TRACE_MESSAGE_PERFORMANCE_TIMESTAMP 16
285	#define TRACE_MESSAGE_SYSTEMINFO 32
286
287	#define TRACE_MESSAGE_POINTER32 0x0040
288	#define TRACE_MESSAGE_POINTER64 0x0080
289
290	#define TRACE_MESSAGE_FLAG_MASK 0xffff
291
292	#define TRACE_MESSAGE_MAXIMUM_SIZE (64 * 1024)
293
294	#define EVENT_TRACE_USE_PROCTIME 0x0001
295	#define EVENT_TRACE_USE_NOCPUTIME 0x0002
296
297	#define TRACE_HEADER_FLAG_USE_TIMESTAMP 0x00000200
298	#define TRACE_HEADER_FLAG_TRACED_GUID 0x00020000
299	#define TRACE_HEADER_FLAG_LOG_WNODE 0x00040000
300	#define TRACE_HEADER_FLAG_USE_GUID_PTR 0x00080000
301	#define TRACE_HEADER_FLAG_USE_MOF_PTR 0x00100000
302
303	typedef enum {
304	EtwCompressionModeRestart = 0,
305	EtwCompressionModeNoDisable = 1,
306	EtwCompressionModeNoRestart = 2
307	} ETW_COMPRESSION_RESUMPTION_MODE;
308
309	typedef struct _EVENT_TRACE_HEADER {
310	USHORT Size;
311	__C89_NAMELESS union {
312	USHORT FieldTypeFlags;
313	__C89_NAMELESS struct {
314	UCHAR HeaderType;
315	UCHAR MarkerFlags;
316	} DUMMYSTRUCTNAME;
317	} DUMMYUNIONNAME;
318	__C89_NAMELESS union {
319	ULONG Version;
320	struct {
321	UCHAR Type;
322	UCHAR Level;
323	USHORT Version;
324	} Class;
325	} DUMMYUNIONNAME2;
326	ULONG ThreadId;
327	ULONG ProcessId;
328	LARGE_INTEGER TimeStamp;
329	__C89_NAMELESS union {
330	GUID Guid;
331	ULONGLONG GuidPtr;
332	} DUMMYUNIONNAME3;
333	__C89_NAMELESS union {
334	__C89_NAMELESS struct {
335	ULONG KernelTime;
336	ULONG UserTime;
337	} DUMMYSTRUCTNAME;
338	ULONG64 ProcessorTime;
339	__C89_NAMELESS struct {
340	ULONG ClientContext;
341	ULONG Flags;
342	} DUMMYSTRUCTNAME2;
343	} DUMMYUNIONNAME4;
344	} EVENT_TRACE_HEADER,*PEVENT_TRACE_HEADER;
345
346	typedef struct _EVENT_INSTANCE_HEADER {
347	USHORT Size;
348	__C89_NAMELESS union {
349	USHORT FieldTypeFlags;
350	__C89_NAMELESS struct {
351	UCHAR HeaderType;
352	UCHAR MarkerFlags;
353	} DUMMYSTRUCTNAME;
354	} DUMMYUNIONNAME;
355	__C89_NAMELESS union {
356	ULONG Version;
357	struct {
358	UCHAR Type;
359	UCHAR Level;
360	USHORT Version;
361	} Class;
362	} DUMMYUNIONNAME2;
363	ULONG ThreadId;
364	ULONG ProcessId;
365	LARGE_INTEGER TimeStamp;
366	ULONGLONG RegHandle;
367	ULONG InstanceId;
368	ULONG ParentInstanceId;
369	__C89_NAMELESS union {
370	__C89_NAMELESS struct {
371	ULONG KernelTime;
372	ULONG UserTime;
373	} DUMMYSTRUCTNAME;
374	ULONG64 ProcessorTime;
375	__C89_NAMELESS struct {
376	ULONG EventId;
377	ULONG Flags;
378	} DUMMYSTRUCTNAME2;
379	} DUMMYUNIONNAME3;
380	ULONGLONG ParentRegHandle;
381	} EVENT_INSTANCE_HEADER,*PEVENT_INSTANCE_HEADER;
382
383	#define ETW_NULL_TYPE_VALUE 0
384	#define ETW_OBJECT_TYPE_VALUE 1
385	#define ETW_STRING_TYPE_VALUE 2
386	#define ETW_SBYTE_TYPE_VALUE 3
387	#define ETW_BYTE_TYPE_VALUE 4
388	#define ETW_INT16_TYPE_VALUE 5
389	#define ETW_UINT16_TYPE_VALUE 6
390	#define ETW_INT32_TYPE_VALUE 7
391	#define ETW_UINT32_TYPE_VALUE 8
392	#define ETW_INT64_TYPE_VALUE 9
393	#define ETW_UINT64_TYPE_VALUE 10
394	#define ETW_CHAR_TYPE_VALUE 11
395	#define ETW_SINGLE_TYPE_VALUE 12
396	#define ETW_DOUBLE_TYPE_VALUE 13
397	#define ETW_BOOLEAN_TYPE_VALUE 14
398	#define ETW_DECIMAL_TYPE_VALUE 15
399
400	#define ETW_GUID_TYPE_VALUE 101
401	#define ETW_ASCIICHAR_TYPE_VALUE 102
402	#define ETW_ASCIISTRING_TYPE_VALUE 103
403	#define ETW_COUNTED_STRING_TYPE_VALUE 104
404	#define ETW_POINTER_TYPE_VALUE 105
405	#define ETW_SIZET_TYPE_VALUE 106
406	#define ETW_HIDDEN_TYPE_VALUE 107
407	#define ETW_BOOL_TYPE_VALUE 108
408	#define ETW_COUNTED_ANSISTRING_TYPE_VALUE 109
409	#define ETW_REVERSED_COUNTED_STRING_TYPE_VALUE 110
410	#define ETW_REVERSED_COUNTED_ANSISTRING_TYPE_VALUE 111
411	#define ETW_NON_NULL_TERMINATED_STRING_TYPE_VALUE 112
412	#define ETW_REDUCED_ANSISTRING_TYPE_VALUE 113
413	#define ETW_REDUCED_STRING_TYPE_VALUE 114
414	#define ETW_SID_TYPE_VALUE 115
415	#define ETW_VARIANT_TYPE_VALUE 116
416	#define ETW_PTVECTOR_TYPE_VALUE 117
417	#define ETW_WMITIME_TYPE_VALUE 118
418	#define ETW_DATETIME_TYPE_VALUE 119
419	#define ETW_REFRENCE_TYPE_VALUE 120
420
421	#define DEFINE_TRACE_MOF_FIELD(M, P, LEN, TYP) (M)->DataPtr = (ULONG64) (ULONG_PTR) P; (M)->Length = (ULONG) LEN; (M)->DataType = (ULONG) TYP;
422
423	typedef struct _MOF_FIELD {
424	ULONG64 DataPtr;
425	ULONG Length;
426	ULONG DataType;
427	} MOF_FIELD,*PMOF_FIELD;
428
429	#if !defined (_EVNTRACE_KERNEL_MODE) \|\| defined (_WMIKM_)
430	typedef struct _TRACE_LOGFILE_HEADER {
431	ULONG BufferSize;
432	__C89_NAMELESS union {
433	ULONG Version;
434	struct {
435	UCHAR MajorVersion;
436	UCHAR MinorVersion;
437	UCHAR SubVersion;
438	UCHAR SubMinorVersion;
439	} VersionDetail;
440	} DUMMYUNIONNAME;
441	ULONG ProviderVersion;
442	ULONG NumberOfProcessors;
443	LARGE_INTEGER EndTime;
444	ULONG TimerResolution;
445	ULONG MaximumFileSize;
446	ULONG LogFileMode;
447	ULONG BuffersWritten;
448	__C89_NAMELESS union {
449	GUID LogInstanceGuid;
450	__C89_NAMELESS struct {
451	ULONG StartBuffers;
452	ULONG PointerSize;
453	ULONG EventsLost;
454	ULONG CpuSpeedInMHz;
455	} DUMMYSTRUCTNAME;
456	} DUMMYUNIONNAME2;
457	#if defined (_WMIKM_)
458	PWCHAR LoggerName;
459	PWCHAR LogFileName;
460	RTL_TIME_ZONE_INFORMATION TimeZone;
461	#else
462	LPWSTR LoggerName;
463	LPWSTR LogFileName;
464	TIME_ZONE_INFORMATION TimeZone;
465	#endif
466	LARGE_INTEGER BootTime;
467	LARGE_INTEGER PerfFreq;
468	LARGE_INTEGER StartTime;
469	ULONG ReservedFlags;
470	ULONG BuffersLost;
471	} TRACE_LOGFILE_HEADER,*PTRACE_LOGFILE_HEADER;
472
473	typedef struct _TRACE_LOGFILE_HEADER32 {
474	ULONG BufferSize;
475	__C89_NAMELESS union {
476	ULONG Version;
477	struct {
478	UCHAR MajorVersion;
479	UCHAR MinorVersion;
480	UCHAR SubVersion;
481	UCHAR SubMinorVersion;
482	} VersionDetail;
483	};
484	ULONG ProviderVersion;
485	ULONG NumberOfProcessors;
486	LARGE_INTEGER EndTime;
487	ULONG TimerResolution;
488	ULONG MaximumFileSize;
489	ULONG LogFileMode;
490	ULONG BuffersWritten;
491	__C89_NAMELESS union {
492	GUID LogInstanceGuid;
493	__C89_NAMELESS struct {
494	ULONG StartBuffers;
495	ULONG PointerSize;
496	ULONG EventsLost;
497	ULONG CpuSpeedInMHz;
498	};
499	};
500	ULONG32 LoggerName;
501	ULONG32 LogFileName;
502	#if defined (_WMIKM_)
503	RTL_TIME_ZONE_INFORMATION TimeZone;
504	#else
505	TIME_ZONE_INFORMATION TimeZone;
506	#endif
507	LARGE_INTEGER BootTime;
508	LARGE_INTEGER PerfFreq;
509	LARGE_INTEGER StartTime;
510	ULONG ReservedFlags;
511	ULONG BuffersLost;
512	} TRACE_LOGFILE_HEADER32,*PTRACE_LOGFILE_HEADER32;
513
514	typedef struct _TRACE_LOGFILE_HEADER64 {
515	ULONG BufferSize;
516	__C89_NAMELESS union {
517	ULONG Version;
518	__C89_NAMELESS struct {
519	UCHAR MajorVersion;
520	UCHAR MinorVersion;
521	UCHAR SubVersion;
522	UCHAR SubMinorVersion;
523	} VersionDetail;
524	};
525	ULONG ProviderVersion;
526	ULONG NumberOfProcessors;
527	LARGE_INTEGER EndTime;
528	ULONG TimerResolution;
529	ULONG MaximumFileSize;
530	ULONG LogFileMode;
531	ULONG BuffersWritten;
532	__C89_NAMELESS union {
533	GUID LogInstanceGuid;
534	__C89_NAMELESS struct {
535	ULONG StartBuffers;
536	ULONG PointerSize;
537	ULONG EventsLost;
538	ULONG CpuSpeedInMHz;
539	};
540	};
541	ULONG64 LoggerName;
542	ULONG64 LogFileName;
543	#if defined (_WMIKM_)
544	RTL_TIME_ZONE_INFORMATION TimeZone;
545	#else
546	TIME_ZONE_INFORMATION TimeZone;
547	#endif
548	LARGE_INTEGER BootTime;
549	LARGE_INTEGER PerfFreq;
550	LARGE_INTEGER StartTime;
551	ULONG ReservedFlags;
552	ULONG BuffersLost;
553	} TRACE_LOGFILE_HEADER64,*PTRACE_LOGFILE_HEADER64;
554	#endif
555
556	typedef struct EVENT_INSTANCE_INFO {
557	HANDLE RegHandle;
558	ULONG InstanceId;
559	} EVENT_INSTANCE_INFO,*PEVENT_INSTANCE_INFO;
560
561	#ifndef _EVNTRACE_KERNEL_MODE
562
563	typedef struct _EVENT_FILTER_DESCRIPTOR EVENT_FILTER_DESCRIPTOR, *PEVENT_FILTER_DESCRIPTOR;
564
565	typedef struct _EVENT_TRACE_PROPERTIES {
566	WNODE_HEADER Wnode;
567	ULONG BufferSize;
568	ULONG MinimumBuffers;
569	ULONG MaximumBuffers;
570	ULONG MaximumFileSize;
571	ULONG LogFileMode;
572	ULONG FlushTimer;
573	ULONG EnableFlags;
574	LONG AgeLimit;
575	ULONG NumberOfBuffers;
576	ULONG FreeBuffers;
577	ULONG EventsLost;
578	ULONG BuffersWritten;
579	ULONG LogBuffersLost;
580	ULONG RealTimeBuffersLost;
581	HANDLE LoggerThreadId;
582	ULONG LogFileNameOffset;
583	ULONG LoggerNameOffset;
584	} EVENT_TRACE_PROPERTIES,*PEVENT_TRACE_PROPERTIES;
585
586	typedef struct _EVENT_TRACE_PROPERTIES_V2 {
587	WNODE_HEADER Wnode;
588	ULONG BufferSize;
589	ULONG MinimumBuffers;
590	ULONG MaximumBuffers;
591	ULONG MaximumFileSize;
592	ULONG LogFileMode;
593	ULONG FlushTimer;
594	ULONG EnableFlags;
595	__C89_NAMELESS union {
596	LONG AgeLimit;
597	LONG FlushThreshold;
598	};
599	ULONG NumberOfBuffers;
600	ULONG FreeBuffers;
601	ULONG EventsLost;
602	ULONG BuffersWritten;
603	ULONG LogBuffersLost;
604	ULONG RealTimeBuffersLost;
605	HANDLE LoggerThreadId;
606	ULONG LogFileNameOffset;
607	ULONG LoggerNameOffset;
608	__C89_NAMELESS union {
609	__C89_NAMELESS struct {
610	ULONG VersionNumber : 8;
611	};
612	ULONG V2Control;
613	};
614	ULONG FilterDescCount;
615	PEVENT_FILTER_DESCRIPTOR FilterDesc;
616	__C89_NAMELESS union {
617	__C89_NAMELESS struct {
618	ULONG Wow : 1;
619	ULONG QpcDeltaTracking : 1;
620	};
621	ULONG64 V2Options;
622	};
623	} EVENT_TRACE_PROPERTIES_V2, *PEVENT_TRACE_PROPERTIES_V2;
624
625	typedef struct _TRACE_GUID_REGISTRATION {
626	LPCGUID Guid;
627	HANDLE RegHandle;
628	} TRACE_GUID_REGISTRATION,*PTRACE_GUID_REGISTRATION;
629	#endif
630
631	typedef struct _TRACE_GUID_PROPERTIES {
632	GUID Guid;
633	ULONG GuidType;
634	ULONG LoggerId;
635	ULONG EnableLevel;
636	ULONG EnableFlags;
637	BOOLEAN IsEnable;
638	} TRACE_GUID_PROPERTIES,*PTRACE_GUID_PROPERTIES;
639
640	#ifndef ETW_BUFFER_CONTEXT_DEF
641	#define ETW_BUFFER_CONTEXT_DEF
642
643	typedef struct _ETW_BUFFER_CONTEXT {
644	__C89_NAMELESS union {
645	__C89_NAMELESS struct {
646	UCHAR ProcessorNumber;
647	UCHAR Alignment;
648	} DUMMYSTRUCTNAME;
649	USHORT ProcessorIndex;
650	} DUMMYUNIONNAME;
651	USHORT LoggerId;
652	} ETW_BUFFER_CONTEXT,*PETW_BUFFER_CONTEXT;
653	#endif
654
655	#define TRACE_PROVIDER_FLAG_LEGACY (0x00000001)
656	#define TRACE_PROVIDER_FLAG_PRE_ENABLE (0x00000002)
657
658	typedef struct _TRACE_ENABLE_INFO {
659	ULONG IsEnabled;
660	UCHAR Level;
661	UCHAR Reserved1;
662	USHORT LoggerId;
663	ULONG EnableProperty;
664	ULONG Reserved2;
665	ULONGLONG MatchAnyKeyword;
666	ULONGLONG MatchAllKeyword;
667	} TRACE_ENABLE_INFO,*PTRACE_ENABLE_INFO;
668
669	typedef struct _TRACE_PROVIDER_INSTANCE_INFO {
670	ULONG NextOffset;
671	ULONG EnableCount;
672	ULONG Pid;
673	ULONG Flags;
674	} TRACE_PROVIDER_INSTANCE_INFO,*PTRACE_PROVIDER_INSTANCE_INFO;
675
676	typedef struct _TRACE_GUID_INFO {
677	ULONG InstanceCount;
678	ULONG Reserved;
679	} TRACE_GUID_INFO,*PTRACE_GUID_INFO;
680
681	typedef struct _PROFILE_SOURCE_INFO {
682	ULONG NextEntryOffset;
683	ULONG Source;
684	ULONG MinInterval;
685	ULONG MaxInterval;
686	ULONG64 Reserved;
687	WCHAR Description[ANYSIZE_ARRAY];
688	} PROFILE_SOURCE_INFO,*PPROFILE_SOURCE_INFO;
689
690	typedef struct _EVENT_TRACE {
691	EVENT_TRACE_HEADER Header;
692	ULONG InstanceId;
693	ULONG ParentInstanceId;
694	GUID ParentGuid;
695	PVOID MofData;
696	ULONG MofLength;
697	__C89_NAMELESS union {
698	ULONG ClientContext;
699	ETW_BUFFER_CONTEXT BufferContext;
700	} DUMMYUNIONNAME;
701	} EVENT_TRACE,*PEVENT_TRACE;
702
703	#define EVENT_CONTROL_CODE_DISABLE_PROVIDER 0
704	#define EVENT_CONTROL_CODE_ENABLE_PROVIDER 1
705	#define EVENT_CONTROL_CODE_CAPTURE_STATE 2
706	#endif
707
708	#ifndef _EVNTRACE_KERNEL_MODE
709	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
710	typedef struct _EVENT_RECORD EVENT_RECORD,*PEVENT_RECORD;
711	typedef struct _EVENT_TRACE_LOGFILEW EVENT_TRACE_LOGFILEW,*PEVENT_TRACE_LOGFILEW;
712	typedef struct _EVENT_TRACE_LOGFILEA EVENT_TRACE_LOGFILEA,*PEVENT_TRACE_LOGFILEA;
713	typedef ULONG (WINAPI *PEVENT_TRACE_BUFFER_CALLBACKW) (PEVENT_TRACE_LOGFILEW Logfile);
714	typedef ULONG (WINAPI *PEVENT_TRACE_BUFFER_CALLBACKA) (PEVENT_TRACE_LOGFILEA Logfile);
715	typedef VOID (WINAPI *PEVENT_CALLBACK) (PEVENT_TRACE pEvent);
716	typedef VOID (WINAPI *PEVENT_RECORD_CALLBACK) (PEVENT_RECORD EventRecord);
717	typedef ULONG (WINAPI WMIDPREQUEST) (WMIDPREQUESTCODE RequestCode, PVOID RequestContext, ULONG BufferSize, PVOID Buffer);
718
719	struct _EVENT_TRACE_LOGFILEW {
720	LPWSTR LogFileName;
721	LPWSTR LoggerName;
722	LONGLONG CurrentTime;
723	ULONG BuffersRead;
724	__C89_NAMELESS union {
725	ULONG LogFileMode;
726	ULONG ProcessTraceMode;
727	} DUMMYUNIONNAME;
728	EVENT_TRACE CurrentEvent;
729	TRACE_LOGFILE_HEADER LogfileHeader;
730	PEVENT_TRACE_BUFFER_CALLBACKW BufferCallback;
731	ULONG BufferSize;
732	ULONG Filled;
733	ULONG EventsLost;
734	__C89_NAMELESS union {
735	PEVENT_CALLBACK EventCallback;
736	PEVENT_RECORD_CALLBACK EventRecordCallback;
737	} DUMMYUNIONNAME2;
738	ULONG IsKernelTrace;
739	PVOID Context;
740	};
741
742	struct _EVENT_TRACE_LOGFILEA {
743	LPSTR LogFileName;
744	LPSTR LoggerName;
745	LONGLONG CurrentTime;
746	ULONG BuffersRead;
747	__C89_NAMELESS union {
748	ULONG LogFileMode;
749	ULONG ProcessTraceMode;
750	} DUMMYUNIONNAME;
751	EVENT_TRACE CurrentEvent;
752	TRACE_LOGFILE_HEADER LogfileHeader;
753	PEVENT_TRACE_BUFFER_CALLBACKA BufferCallback;
754	ULONG BufferSize;
755	ULONG Filled;
756	ULONG EventsLost;
757	__C89_NAMELESS union {
758	PEVENT_CALLBACK EventCallback;
759	PEVENT_RECORD_CALLBACK EventRecordCallback;
760	} DUMMYUNIONNAME2;
761	ULONG IsKernelTrace;
762	PVOID Context;
763	};
764
765	#if defined (_UNICODE) \|\| defined (UNICODE)
766	#define PEVENT_TRACE_BUFFER_CALLBACK PEVENT_TRACE_BUFFER_CALLBACKW
767	#define EVENT_TRACE_LOGFILE EVENT_TRACE_LOGFILEW
768	#define PEVENT_TRACE_LOGFILE PEVENT_TRACE_LOGFILEW
769	#define KERNEL_LOGGER_NAME KERNEL_LOGGER_NAMEW
770	#define GLOBAL_LOGGER_NAME GLOBAL_LOGGER_NAMEW
771	#define EVENT_LOGGER_NAME EVENT_LOGGER_NAMEW
772	#else
773	#define PEVENT_TRACE_BUFFER_CALLBACK PEVENT_TRACE_BUFFER_CALLBACKA
774	#define EVENT_TRACE_LOGFILE EVENT_TRACE_LOGFILEA
775	#define PEVENT_TRACE_LOGFILE PEVENT_TRACE_LOGFILEA
776	#define KERNEL_LOGGER_NAME KERNEL_LOGGER_NAMEA
777	#define GLOBAL_LOGGER_NAME GLOBAL_LOGGER_NAMEA
778	#define EVENT_LOGGER_NAME EVENT_LOGGER_NAMEA
779	#endif
780	#endif
781
782	#ifdef __cplusplus
783	extern "C" {
784	#endif
785
786	#define ENABLE_TRACE_PARAMETERS_VERSION 1
787	#define ENABLE_TRACE_PARAMETERS_VERSION_2 2
788
789	typedef enum _TRACE_QUERY_INFO_CLASS {
790	TraceGuidQueryList,
791	TraceGuidQueryInfo,
792	TraceGuidQueryProcess,
793	TraceStackTracingInfo,
794	TraceSystemTraceEnableFlagsInfo,
795	TraceSampledProfileIntervalInfo,
796	TraceProfileSourceConfigInfo,
797	TraceProfileSourceListInfo,
798	TracePmcEventListInfo,
799	TracePmcCounterListInfo,
800	TraceSetDisallowList,
801	TraceVersionInfo,
802	TraceGroupQueryList,
803	TraceGroupQueryInfo,
804	TraceDisallowListQuery,
805	TraceCompressionInfo,
806	TracePeriodicCaptureStateListInfo,
807	TracePeriodicCaptureStateInfo,
808	TraceProviderBinaryTracking,
809	TraceMaxLoggersQuery,
810	MaxTraceSetInfoClass
811	} TRACE_QUERY_INFO_CLASS, TRACE_INFO_CLASS;
812
813	typedef struct _EVENT_FILTER_DESCRIPTOR EVENT_FILTER_DESCRIPTOR,*PEVENT_FILTER_DESCRIPTOR;
814
815	typedef struct _ENABLE_TRACE_PARAMETERS_V1 {
816	ULONG Version;
817	ULONG EnableProperty;
818	ULONG ControlFlags;
819	GUID SourceId;
820	PEVENT_FILTER_DESCRIPTOR EnableFilterDesc;
821	} ENABLE_TRACE_PARAMETERS_V1, *PENABLE_TRACE_PARAMETERS_V1;
822
823	typedef struct _ENABLE_TRACE_PARAMETERS {
824	ULONG Version;
825	ULONG EnableProperty;
826	ULONG ControlFlags;
827	GUID SourceId;
828	PEVENT_FILTER_DESCRIPTOR EnableFilterDesc;
829	ULONG FilterDescCount;
830	} ENABLE_TRACE_PARAMETERS, *PENABLE_TRACE_PARAMETERS;
831
832	/To enable the read event type for disk IO events, set GUID to 3d6fa8d4-fe05-11d0-9dda-00c04fd7ba7c and Type to 10./
833	typedef struct _CLASSIC_EVENT_ID {
834	GUID EventGuid;
835	UCHAR Type;
836	UCHAR Reserved[7];
837	} CLASSIC_EVENT_ID, *PCLASSIC_EVENT_ID;
838
839	typedef struct _TRACE_PROFILE_INTERVAL {
840	ULONG Source;
841	ULONG Interval;
842	} TRACE_PROFILE_INTERVAL, *PTRACE_PROFILE_INTERVAL;
843
844	typedef struct _TRACE_VERSION_INFO {
845	UINT EtwTraceProcessingVersion;
846	UINT Reserved;
847	} TRACE_VERSION_INFO, *PTRACE_VERSION_INFO;
848
849	typedef struct _TRACE_PERIODIC_CAPTURE_STATE_INFO {
850	ULONG CaptureStateFrequencyInSeconds;
851	USHORT ProviderCount;
852	USHORT Reserved;
853	} TRACE_PERIODIC_CAPTURE_STATE_INFO, *PTRACE_PERIODIC_CAPTURE_STATE_INFO;
854
855	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
856	EXTERN_C ULONG WMIAPI ControlTraceA (TRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties, ULONG ControlCode);
857	EXTERN_C ULONG WMIAPI FlushTraceA (TRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties); EXTERN_C ULONG WMIAPI QueryTraceA (TRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties); EXTERN_C ULONG WMIAPI StartTraceA (PTRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
858	EXTERN_C ULONG WMIAPI StopTraceA (TRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
859	EXTERN_C ULONG WMIAPI RegisterTraceGuidsA (WMIDPREQUEST RequestAddress, PVOID RequestContext, LPCGUID ControlGuid, ULONG GuidCount, PTRACE_GUID_REGISTRATION TraceGuidReg, LPCSTR MofImagePath, LPCSTR MofResourceName, PTRACEHANDLE RegistrationHandle);
860	EXTERN_C TRACEHANDLE WMIAPI OpenTraceA (PEVENT_TRACE_LOGFILEA Logfile);
861	EXTERN_C ULONG WMIAPI CloseTrace (TRACEHANDLE TraceHandle);
862	EXTERN_C ULONG WMIAPI ProcessTrace (PTRACEHANDLE HandleArray, ULONG HandleCount, LPFILETIME StartTime, LPFILETIME EndTime);
863	#endif
864
865	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_DESKTOP)
866	EXTERN_C ULONG WMIAPI UpdateTraceW (TRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
867	EXTERN_C ULONG WMIAPI UpdateTraceA (TRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
868	EXTERN_C ULONG WMIAPI QueryAllTracesW (PEVENT_TRACE_PROPERTIES *PropertyArray, ULONG PropertyArrayCount, PULONG LoggerCount);
869	EXTERN_C ULONG WMIAPI QueryAllTracesA (PEVENT_TRACE_PROPERTIES *PropertyArray, ULONG PropertyArrayCount, PULONG LoggerCount);
870	EXTERN_C ULONG WMIAPI CreateTraceInstanceId (HANDLE RegHandle, PEVENT_INSTANCE_INFO InstInfo);
871	EXTERN_C ULONG WMIAPI TraceEvent (TRACEHANDLE TraceHandle, PEVENT_TRACE_HEADER EventTrace);
872	EXTERN_C ULONG WMIAPI TraceEventInstance (TRACEHANDLE TraceHandle, PEVENT_INSTANCE_HEADER EventTrace, PEVENT_INSTANCE_INFO InstInfo, PEVENT_INSTANCE_INFO ParentInstInfo);
873	EXTERN_C ULONG WMIAPI EnumerateTraceGuids (PTRACE_GUID_PROPERTIES *GuidPropertiesArray, ULONG PropertyArrayCount, PULONG GuidCount);
874	EXTERN_C ULONG WMIAPI SetTraceCallback (LPCGUID pGuid, PEVENT_CALLBACK EventCallback);
875	EXTERN_C ULONG WMIAPI RemoveTraceCallback (LPCGUID pGuid);
876	EXTERN_C ULONG TraceMessageVa (TRACEHANDLE LoggerHandle, ULONG MessageFlags, LPCGUID MessageGuid, USHORT MessageNumber, va_list MessageArgList);
877	#if WINVER >= 0x0601
878	EXTERN_C ULONG WMIAPI TraceSetInformation (TRACEHANDLE SessionHandle, TRACE_INFO_CLASS InformationClass, PVOID TraceInformation, ULONG InformationLength);
879	#endif
880	#if WINVER >= 0x0602
881	EXTERN_C ULONG WMIAPI TraceQueryInformation (TRACEHANDLE SessionHandle, TRACE_INFO_CLASS InformationClass, PVOID TraceInformation, ULONG InformationLength, PULONG ReturnLength);
882	#endif
883	#endif /* WINAPI_PARTITION_DESKTOP */
884
885	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
886
887	typedef enum _ETW_PROCESS_HANDLE_INFO_TYPE {
888	EtwQueryPartitionInformation = 1,
889	EtwQueryProcessHandleInfoMax
890	} ETW_PROCESS_HANDLE_INFO_TYPE;
891
892	typedef struct _ETW_TRACE_PARTITION_INFORMATION {
893	GUID PartitionId;
894	GUID ParentId;
895	LONG64 QpcOffsetFromRoot;
896	ULONG PartitionType;
897	} ETW_TRACE_PARTITION_INFORMATION, *PETW_TRACE_PARTITION_INFORMATION;
898
899	EXTERN_C TRACEHANDLE WMIAPI OpenTraceW (PEVENT_TRACE_LOGFILEW Logfile);
900	#if WINVER >= 0x0600
901	EXTERN_C ULONG WMIAPI EnableTraceEx (LPCGUID ProviderId, LPCGUID SourceId, TRACEHANDLE TraceHandle, ULONG IsEnabled, UCHAR Level, ULONGLONG MatchAnyKeyword, ULONGLONG MatchAllKeyword, ULONG EnableProperty, PEVENT_FILTER_DESCRIPTOR EnableFilterDesc);
902	EXTERN_C ULONG WMIAPI EnumerateTraceGuidsEx (TRACE_QUERY_INFO_CLASS TraceQueryInfoClass, PVOID InBuffer, ULONG InBufferSize, PVOID OutBuffer, ULONG OutBufferSize, PULONG ReturnLength);
903	#endif
904	#if WINVER >= 0x0601
905	EXTERN_C ULONG WMIAPI EnableTraceEx2 (TRACEHANDLE TraceHandle, LPCGUID ProviderId, ULONG ControlCode, UCHAR Level, ULONGLONG MatchAnyKeyword, ULONGLONG MatchAllKeyword, ULONG Timeout, PENABLE_TRACE_PARAMETERS EnableParameters);
906	#endif
907	EXTERN_C ULONG WMIAPI StartTraceA (PTRACEHANDLE TraceHandle, LPCSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
908	EXTERN_C ULONG WMIAPI StartTraceW (PTRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
909	EXTERN_C ULONG WMIAPI StopTraceW (TRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
910	EXTERN_C ULONG WMIAPI QueryTraceW (TRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
911	EXTERN_C ULONG WMIAPI FlushTraceW (TRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties);
912	EXTERN_C ULONG WMIAPI ControlTraceW (TRACEHANDLE TraceHandle, LPCWSTR InstanceName, PEVENT_TRACE_PROPERTIES Properties, ULONG ControlCode);
913	EXTERN_C ULONG WMIAPI EnableTrace (ULONG Enable, ULONG EnableFlag, ULONG EnableLevel, LPCGUID ControlGuid, TRACEHANDLE TraceHandle);
914	EXTERN_C ULONG WMIAPI RegisterTraceGuidsW (WMIDPREQUEST RequestAddress, PVOID RequestContext, LPCGUID ControlGuid, ULONG GuidCount, PTRACE_GUID_REGISTRATION TraceGuidReg, LPCWSTR MofImagePath, LPCWSTR MofResourceName, PTRACEHANDLE RegistrationHandle);
915	EXTERN_C ULONG WMIAPI UnregisterTraceGuids (TRACEHANDLE RegistrationHandle);
916	EXTERN_C TRACEHANDLE WMIAPI GetTraceLoggerHandle (PVOID Buffer);
917	EXTERN_C UCHAR WMIAPI GetTraceEnableLevel (TRACEHANDLE TraceHandle);
918	EXTERN_C ULONG WMIAPI GetTraceEnableFlags (TRACEHANDLE TraceHandle);
919	EXTERN_C ULONG __cdecl TraceMessage (TRACEHANDLE LoggerHandle, ULONG MessageFlags, LPCGUID MessageGuid, USHORT MessageNumber,...);
920	EXTERN_C ULONG WMIAPI QueryTraceProcessingHandle (TRACEHANDLE ProcessingHandle, ETW_PROCESS_HANDLE_INFO_TYPE InformationClass, PVOID InBuffer, ULONG InBufferSize, PVOID OutBuffer, ULONG OutBufferSize, PULONG ReturnLength);
921	#endif /* WINAPI_PARTITION_APP */
922
923	#ifdef __cplusplus
924	}
925	#endif
926
927	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
928	#define INVALID_PROCESSTRACE_HANDLE ((TRACEHANDLE)INVALID_HANDLE_VALUE)
929	#endif
930
931	#if defined (UNICODE) \|\| defined (_UNICODE)
932	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
933	#define RegisterTraceGuids RegisterTraceGuidsW
934	#define StartTrace StartTraceW
935	#define ControlTrace ControlTraceW
936
937	#ifdef __TRACE_W2K_COMPATIBLE
938	#define StopTrace(a, b, c) ControlTraceW ((a),(b),(c), EVENT_TRACE_CONTROL_STOP)
939	#define QueryTrace(a, b, c) ControlTraceW ((a),(b),(c), EVENT_TRACE_CONTROL_QUERY)
940	#define UpdateTrace(a, b, c) ControlTraceW ((a),(b),(c), EVENT_TRACE_CONTROL_UPDATE)
941	#else
942	#define StopTrace StopTraceW
943	#define QueryTrace QueryTraceW
944	#define UpdateTrace UpdateTraceW
945	#endif
946
947	#define FlushTrace FlushTraceW
948	#define QueryAllTraces QueryAllTracesW
949	#define OpenTrace OpenTraceW
950	#endif
951	#else
952
953	#if WINAPI_FAMILY_PARTITION (WINAPI_PARTITION_APP)
954	#define RegisterTraceGuids RegisterTraceGuidsA
955	#define StartTrace StartTraceA
956	#define ControlTrace ControlTraceA
957
958	#ifdef __TRACE_W2K_COMPATIBLE
959	#define StopTrace(a, b, c) ControlTraceA ((a),(b),(c), EVENT_TRACE_CONTROL_STOP)
960	#define QueryTrace(a, b, c) ControlTraceA ((a),(b),(c), EVENT_TRACE_CONTROL_QUERY)
961	#define UpdateTrace(a, b, c) ControlTraceA ((a),(b),(c), EVENT_TRACE_CONTROL_UPDATE)
962	#else
963	#define StopTrace StopTraceA
964	#define QueryTrace QueryTraceA
965	#define UpdateTrace UpdateTraceA
966	#endif
967
968	#define FlushTrace FlushTraceA
969	#define QueryAllTraces QueryAllTracesA
970	#define OpenTrace OpenTraceA
971	#endif
972	#endif
973	#endif
974	#endif
975	#endif

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: Daodan/MSYS2/mingw32/i686-w64-mingw32/include/evntrace.h@ 1186

Download in other formats: