This repository has been archived on 2024-12-16. You can view files and clone it, but cannot push or open issues or pull requests.
CodeBlocksPortable/WATCOM/h/nt/evntrace.h

809 lines
29 KiB
C
Raw Permalink Normal View History

/*
* evntrace.h Event tracing functions
*
* =========================================================================
*
* Open Watcom Project
*
* Copyright (c) 2004-2010 The Open Watcom Contributors. All Rights Reserved.
*
* This file is automatically generated. Do not edit directly.
*
* =========================================================================
*/
#ifndef _EVNTRACE_
#define _EVNTRACE_
#ifndef _ENABLE_AUTODEPEND
#pragma read_only_file;
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Macro to specify WMI functions */
#define WMIAPI DECLSPEC_IMPORT __stdcall
/* Primitive data types */
typedef ULONG64 TRACEHANDLE;
typedef ULONG64 *PTRACEHANDLE;
/* Logger names */
#define KERNEL_LOGGER_NAMEA "NT Kernel Logger"
#define KERNEL_LOGGER_NAMEW L"NT Kernel Logger"
#define GLOBAL_LOGGER_NAMEA "GlobalLogger"
#define GLOBAL_LOGGER_NAMEW L"GlobalLogger"
#define EVENT_LOGGER_NAMEA "EventLog"
#define EVENT_LOGGER_NAMEW L"EventLog"
#define DIAG_LOGGER_NAMEA "DiagLog"
#define DIAG_LOGGER_NAMEW L"DiagLog"
#ifdef UNICODE
#define KERNEL_LOGGER_NAME KERNEL_LOGGER_NAMEW
#define GLOBAL_LOGGER_NAME GLOBAL_LOGGER_NAMEW
#define EVENT_LOGGER_NAME EVENT_LOGGER_NAMEW
#else
#define KERNEL_LOGGER_NAME KERNEL_LOGGER_NAMEA
#define GLOBAL_LOGGER_NAME GLOBAL_LOGGER_NAMEA
#define EVENT_LOGGER_NAME EVENT_LOGGER_NAMEA
#endif
/* Maximum number of MOF fields */
#define MAX_MOF_FIELDS 16
/* System event type */
#define SYSTEM_EVENT_TYPE 1
/* Event trace types */
#define EVENT_TRACE_TYPE_INFO 0x00
#define EVENT_TRACE_TYPE_START 0x01
#define EVENT_TRACE_TYPE_END 0x02
#define EVENT_TRACE_TYPE_STOP 0x02
#define EVENT_TRACE_TYPE_DC_START 0x03
#define EVENT_TRACE_TYPE_DC_END 0x04
#define EVENT_TRACE_TYPE_EXTENSION 0x05
#define EVENT_TRACE_TYPE_REPLY 0x06
#define EVENT_TRACE_TYPE_DEQUEUE 0x07
#define EVENT_TRACE_TYPE_RESUME 0x07
#define EVENT_TRACE_TYPE_CHECKPOINT 0x08
#define EVENT_TRACE_TYPE_SUSPEND 0x08
#define EVENT_TRACE_TYPE_WINEVT_SEND 0x09
#define EVENT_TRACE_TYPE_WINEVT_RECEIVE 0xF0
#define EVENT_TRACE_TYPE_LOAD 0x0A
#define EVENT_TRACE_TYPE_IO_READ 0x0A
#define EVENT_TRACE_TYPE_IO_WRITE 0x0B
#define EVENT_TRACE_TYPE_IO_READ_INIT 0x0C
#define EVENT_TRACE_TYPE_IO_WRITE_INIT 0x0D
#define EVENT_TRACE_TYPE_IO_FLUSH 0x0E
#define EVENT_TRACE_TYPE_IO_FLUSH_INIT 0x0F
#define EVENT_TRACE_TYPE_MM_TF 0x0A
#define EVENT_TRACE_TYPE_MM_DZF 0x0B
#define EVENT_TRACE_TYPE_MM_COW 0x0C
#define EVENT_TRACE_TYPE_MM_GPF 0x0D
#define EVENT_TRACE_TYPE_MM_HPF 0x0E
#define EVENT_TRACE_TYPE_MM_AV 0x0F
#define EVENT_TRACE_TYPE_SEND 0x0A
#define EVENT_TRACE_TYPE_RECEIVE 0x0B
#define EVENT_TRACE_TYPE_CONNECT 0x0C
#define EVENT_TRACE_TYPE_DISCONNECT 0x0D
#define EVENT_TRACE_TYPE_RETRANSMIT 0x0E
#define EVENT_TRACE_TYPE_ACCEPT 0x0F
#define EVENT_TRACE_TYPE_RECONNECT 0x10
#define EVENT_TRACE_TYPE_CONNFAIL 0x11
#define EVENT_TRACE_TYPE_COPY_TCP 0x12
#define EVENT_TRACE_TYPE_COPY_ARP 0x13
#define EVENT_TRACE_TYPE_ACKFULL 0x14
#define EVENT_TRACE_TYPE_ACKPART 0x15
#define EVENT_TRACE_TYPE_ACKDUP 0x16
#define EVENT_TRACE_TYPE_GUIDMAP 0x0A
#define EVENT_TRACE_TYPE_CONFIG 0x0B
#define EVENT_TRACE_TYPE_SIDINFO 0x0C
#define EVENT_TRACE_TYPE_SECURITY 0x0D
#define EVENT_TRACE_TYPE_REGCREATE 0x0A
#define EVENT_TRACE_TYPE_REGOPEN 0x0B
#define EVENT_TRACE_TYPE_REGDELETE 0x0C
#define EVENT_TRACE_TYPE_REGQUERY 0x0D
#define EVENT_TRACE_TYPE_REGSETVALUE 0x0E
#define EVENT_TRACE_TYPE_REGDELETEVALUE 0x0F
#define EVENT_TRACE_TYPE_REGQUERYVALUE 0x10
#define EVENT_TRACE_TYPE_REGENUMERATEKEY 0x11
#define EVENT_TRACE_TYPE_REGENUMERATEVALUEKEY 0x12
#define EVENT_TRACE_TYPE_REGQUERYMULTIPLEVALUE 0x13
#define EVENT_TRACE_TYPE_REGSETINFORMATION 0x14
#define EVENT_TRACE_TYPE_REGFLUSH 0x15
#define EVENT_TRACE_TYPE_REGKCBCREATE 0x16
#define EVENT_TRACE_TYPE_REGKCBDELETE 0x17
#define EVENT_TRACE_TYPE_REGKCBRUNDOWNBEGIN 0x18
#define EVENT_TRACE_TYPE_REGKCBRUNDOWNEND 0x19
#define EVENT_TRACE_TYPE_REGVIRTUALIZE 0x1A
#define EVENT_TRACE_TYPE_REGCLOSE 0x1B
#define EVENT_TRACE_TYPE_REGSETSECURITY 0x1C
#define EVENT_TRACE_TYPE_REGQUERYSECURITY 0x1D
#define EVENT_TRACE_TYPE_REGCOMMIT 0x1E
#define EVENT_TRACE_TYPE_REGPREPARE 0x1F
#define EVENT_TRACE_TYPE_REGROLLBACK 0x20
#define EVENT_TRACE_TYPE_REGMOUNTHIVE 0x21
#define EVENT_TRACE_TYPE_CONFIG_CPU 0x0A
#define EVENT_TRACE_TYPE_CONFIG_PHYSICALDISK 0x0B
#define EVENT_TRACE_TYPE_CONFIG_LOGICALDISK 0x0C
#define EVENT_TRACE_TYPE_CONFIG_NIC 0x0D
#define EVENT_TRACE_TYPE_CONFIG_VIDEO 0x0E
#define EVENT_TRACE_TYPE_CONFIG_SERVICES 0x0F
#define EVENT_TRACE_TYPE_CONFIG_POWER 0x10
#define EVENT_TRACE_TYPE_CONFIG_NETINFO 0x11
#define EVENT_TRACE_TYPE_CONFIG_IRQ 0x15
#define EVENT_TRACE_TYPE_CONFIG_PNP 0x16
#define EVENT_TRACE_TYPE_CONFIG_IDECHANNEL 0x17
#define EVENT_TRACE_TYPE_CONFIG_PLATFORM 0x19
/* Trace levels */
#define TRACE_LEVEL_NONE 0
#define TRACE_LEVEL_CRITICAL 1
#define TRACE_LEVEL_FATAL 1
#define TRACE_LEVEL_ERROR 2
#define TRACE_LEVEL_WARNING 3
#define TRACE_LEVEL_INFORMATION 4
#define TRACE_LEVEL_VERBOSE 5
/* Event trace flags */
#define EVENT_TRACE_FLAG_PROCESS 0x00000001L
#define EVENT_TRACE_FLAG_THREAD 0x00000002L
#define EVENT_TRACE_FLAG_IMAGE_LOAD 0x00000004L
#define EVENT_TRACE_FLAG_PROCESS_COUNTERS 0x00000008L
#define EVENT_TRACE_FLAG_CSWITCH 0x00000010L
#define EVENT_TRACE_FLAG_DPC 0x00000020L
#define EVENT_TRACE_FLAG_INTERRUPT 0x00000040L
#define EVENT_TRACE_FLAG_SYSTEMCALL 0x00000080L
#define EVENT_TRACE_FLAG_DISK_IO 0x00000100L
#define EVENT_TRACE_FLAG_DISK_FILE_IO 0x00000200L
#define EVENT_TRACE_FLAG_DISK_IO_INIT 0x00000400L
#define EVENT_TRACE_FLAG_DISPATCHER 0x00000800L
#define EVENT_TRACE_FLAG_MEMORY_PAGE_FAULTS 0x00001000L
#define EVENT_TRACE_FLAG_MEMORY_HARD_FAULTS 0x00002000L
#define EVENT_TRACE_FLAG_VIRTUAL_ALLOC 0x00004000L
#define EVENT_TRACE_FLAG_NETWORK_TCPIP 0x00010000L
#define EVENT_TRACE_FLAG_REGISTRY 0x00020000L
#define EVENT_TRACE_FLAG_DBGPRINT 0x00040000L
#define EVENT_TRACE_FLAG_ALPC 0x00100000L
#define EVENT_TRACE_FLAG_SPLIT_IO 0x00200000L
#define EVENT_TRACE_FLAG_DRIVER 0x00800000L
#define EVENT_TRACE_FLAG_PROFILE 0x01000000L
#define EVENT_TRACE_FLAG_FILE_IO 0x02000000L
#define EVENT_TRACE_FLAG_FILE_IO_INIT 0x04000000L
#define EVENT_TRACE_FLAG_ENABLE_RESERVE 0x20000000L
#define EVENT_TRACE_FLAG_FORWARD_WMI 0x40000000L
#define EVENT_TRACE_FLAG_EXTENSION 0x80000000L
/* Event trace file modes */
#define EVENT_TRACE_FILE_MODE_NONE 0x00000000L
#define EVENT_TRACE_FILE_MODE_SEQUENTIAL 0x00000001L
#define EVENT_TRACE_FILE_MODE_CIRCULAR 0x00000002L
#define EVENT_TRACE_FILE_MODE_APPEND 0x00000004L
#define EVENT_TRACE_FILE_MODE_NEWFILE 0x00000008L
#define EVENT_TRACE_FILE_MODE_PREALLOCATE 0x00000020L
#define EVENT_TRACE_NONSTOPPABLE_MODE 0x00000040L
#define EVENT_TRACE_SECURE_MODE 0x00000080L
#define EVENT_TRACE_REAL_TIME_MODE 0x00000100L
#define EVENT_TRACE_DELAY_OPEN_FILE_MODE 0x00000200L
#define EVENT_TRACE_BUFFERING_MODE 0x00000400L
#define EVENT_TRACE_PRIVATE_LOGGER_MODE 0x00000800L
#define EVENT_TRACE_ADD_HEADER_MODE 0x00001000L
#define EVENT_TRACE_USE_KBYTES_FOR_SIZE 0x00002000L
#define EVENT_TRACE_USE_GLOBAL_SEQUENCE 0x00004000L
#define EVENT_TRACE_USE_LOCAL_SEQUENCE 0x00008000L
#define EVENT_TRACE_RELOG_MODE 0x00010000L
#define EVENT_TRACE_PRIVATE_IN_PROC 0x00020000L
#define EVENT_TRACE_USE_PAGED_MEMORY 0x01000000L
#define EVENT_TRACE_NO_PER_PROCESSOR_BUFFERING 0x10000000L
/* Event trace control codes */
#define EVENT_TRACE_CONTROL_QUERY 0
#define EVENT_TRACE_CONTROL_STOP 1
#define EVENT_TRACE_CONTROL_UPDATE 2
#define EVENT_TRACE_CONTROL_FLUSH 3
/* Trace message flags */
#define TRACE_MESSAGE_SEQUENCE 0x0001
#define TRACE_MESSAGE_GUID 0x0002
#define TRACE_MESSAGE_COMPONENTID 0x0004
#define TRACE_MESSAGE_TIMESTAMP 0x0008
#define TRACE_MESSAGE_PERFORMANCE_TIMESTAMP 0x0010
#define TRACE_MESSAGE_SYSTEMINFO 0x0020
#define TRACE_MESSAGE_POINTER32 0x0040
#define TRACE_MESSAGE_POINTER64 0x0080
#define TRACE_MESSAGE_FLAG_MASK 0xFFFF
/* Trace message maximum size */
#define TRACE_MESSAGE_MAXIMUM_SIZE 8192
/* Event trace header field type flags */
#define EVENT_TRACE_USE_PROCTIME 0x0001
#define EVENT_TRACE_USE_NOCPUTIME 0x0002
/* Trace header flags */
#define TRACE_HEADER_FLAG_USE_TIMESTAMP 0x00000200L
#define TRACE_HEADER_FLAG_TRACED_GUID 0x00020000L
#define TRACE_HEADER_FLAG_LOG_WNODE 0x00040000L
#define TRACE_HEADER_FLAG_USE_GUID_PTR 0x00080000L
#define TRACE_HEADER_FLAG_USE_MOF_PTR 0x00100000L
/* Event tracing data types */
#define ETW_NULL_TYPE_VALUE 0
#define ETW_OBJECT_TYPE_VALUE 1
#define ETW_STRING_TYPE_VALUE 2
#define ETW_SBYTE_TYPE_VALUE 3
#define ETW_BYTE_TYPE_VALUE 4
#define ETW_INT16_TYPE_VALUE 5
#define ETW_UINT16_TYPE_VALUE 6
#define ETW_INT32_TYPE_VALUE 7
#define ETW_UINT32_TYPE_VALUE 8
#define ETW_INT64_TYPE_VALUE 9
#define ETW_UINT64_TYPE_VALUE 10
#define ETW_CHAR_TYPE_VALUE 11
#define ETW_SINGLE_TYPE_VALUE 12
#define ETW_DOUBLE_TYPE_VALUE 13
#define ETW_BOOLEAN_TYPE_VALUE 14
#define ETW_DECIMAL_TYPE_VALUE 15
#define ETW_GUID_TYPE_VALUE 101
#define ETW_ASCIICHAR_TYPE_VALUE 102
#define ETW_ASCIISTRING_TYPE_VALUE 103
#define ETW_COUNTED_STRING_TYPE_VALUE 104
#define ETW_POINTER_TYPE_VALUE 105
#define ETW_SIZET_TYPE_VALUE 106
#define ETW_HIDDEN_TYPE_VALUE 107
#define ETW_BOOL_TYPE_VALUE 108
#define ETW_COUNTED_ANSISTRING_TYPE_VALUE 109
#define ETW_REVERSED_COUNTED_STRING_TYPE_VALUE 110
#define ETW_REVERSED_COUNTED_ANSISTRING_TYPE_VALUE 111
#define ETW_NON_NULL_TERMINATED_STRING_TYPE_VALUE 112
#define ETW_REDUCED_ANSISTRING_TYPE_VALUE 113
#define ETW_REDUCED_STRING_TYPE_VALUE 114
#define ETW_SID_TYPE_VALUE 115
#define ETW_VARIANT_TYPE_VALUE 116
#define ETW_PTVECTOR_TYPE_VALUE 117
#define ETW_WMITIME_TYPE_VALUE 118
#define ETW_DATETIME_TYPE_VALUE 119
#define ETW_REFRENCE_TYPE_VALUE 120
/* Trace provider flags */
#define TRACE_PROVIDER_FLAG_LEGACY 0x00000001L
#define TRACE_PROVIDER_FLAG_PRE_ENABLE 0x00000002L
/* Event control codes */
#define EVENT_CONTROL_CODE_DISABLE_PROVIDER 0
#define EVENT_CONTROL_CODE_ENABLE_PROVIDER 1
#define EVENT_CONTROL_CODE_CAPTURE_STATE 2
/* Event trace parameters version number */
#ifndef _WDMDDK_
#define EVENT_TRACE_PARAMETERS_VERSION 1L
#endif
/* Trace handle special value */
#ifndef _WDMDDK_
#define INVALID_PROCESSTRACE_HANDLE ((TRACEHANDLE)INVALID_HANDLE_VALUE)
#endif
/* Opaque data types */
#ifndef _WDMDDK_
typedef struct _EVENT_FILTER_DESCRIPTOR EVENT_FILTER_DESCRIPTOR;
typedef struct _EVENT_FILTER_DESCRIPTOR *PEVENT_FILTER_DESCRIPTOR;
#endif
/* Event trace header */
typedef struct _EVENT_TRACE_HEADER {
USHORT Size;
union {
USHORT FieldTypeFlags;
struct {
UCHAR HeaderType;
UCHAR MarkerFlags;
};
};
union {
ULONG Version;
struct {
UCHAR Type;
UCHAR Level;
USHORT Version;
} Class;
};
ULONG ThreadId;
ULONG ProcessId;
LARGE_INTEGER TimeStamp;
union {
GUID Guid;
ULONGLONG GuidPtr;
};
union {
struct {
ULONG KernelTime;
ULONG UserTime;
};
ULONG64 ProcessorTime;
struct {
ULONG ClientContext;
ULONG Flags;
};
};
} EVENT_TRACE_HEADER;
typedef EVENT_TRACE_HEADER *PEVENT_TRACE_HEADER;
/* Event instance header */
typedef struct _EVENT_INSTANCE_HEADER {
USHORT Size;
union {
USHORT FieldTypeFlags;
struct {
UCHAR HeaderType;
UCHAR MarkerFlags;
};
};
union {
ULONG Version;
struct {
UCHAR Type;
UCHAR Level;
USHORT Version;
} Class;
};
ULONG ThreadId;
ULONG ProcessId;
LARGE_INTEGER TimeStamp;
ULONGLONG RegHandle;
ULONG InstanceId;
ULONG ParentInstanceId;
union {
struct {
ULONG KernelTime;
ULONG UserTime;
};
ULONG64 ProcessorTime;
struct {
ULONG EventId;
ULONG Flags;
};
};
ULONGLONG ParentRegHandle;
} EVENT_INSTANCE_HEADER;
typedef EVENT_INSTANCE_HEADER *PEVENT_INSTANCE_HEADER;
/* MOF field */
typedef struct _MOF_FIELD {
ULONG64 DataPtr;
ULONG Length;
ULONG DataType;
} MOF_FIELD;
typedef MOF_FIELD *PMOF_FIELD;
/* Macro to define an MOF field */
#define DEFINE_TRACE_MOF_FIELD( x, p1, p2, p3 ) \
(x)->DataPtr = (ULONG64)(ULONG_PTR)(p1); \
(x)->Length = (ULONG)(p2); \
(x)->DataType = (ULONG)(p3);
/* Trace log file header */
#ifndef _WDMDDK_
typedef struct _TRACE_LOGFILE_HEADER {
ULONG BufferSize;
union {
ULONG Version;
struct {
UCHAR MajorVersion;
UCHAR MinorVersion;
UCHAR SubVersion;
UCHAR SubMinorVersion;
} VersionDetail;
};
ULONG ProviderVersion;
ULONG NumberOfProcessors;
LARGE_INTEGER EndTime;
ULONG TimerResolution;
ULONG MaximumFileSize;
ULONG LogFileMode;
ULONG BuffersWritten;
union {
GUID LogInstanceGuid;
struct {
ULONG StartBuffers;
ULONG PointerSize;
ULONG EventsLost;
ULONG CpuSpeedInMHz;
};
};
LPWSTR LoggerName;
LPWSTR LogFileName;
TIME_ZONE_INFORMATION TimeZone;
LARGE_INTEGER BootTime;
LARGE_INTEGER PerfFreq;
LARGE_INTEGER StartTime;
ULONG ReservedFlags;
ULONG BuffersLost;
} TRACE_LOGFILE_HEADER;
typedef TRACE_LOGFILE_HEADER *PTRACE_LOGFILE_HEADER;
#endif
/* Trace log file header (32-bit version) */
#ifndef _WDMDDK_
typedef struct _TRACE_LOGFILE_HEADER32 {
ULONG BufferSize;
union {
ULONG Version;
struct {
UCHAR MajorVersion;
UCHAR MinorVersion;
UCHAR SubVersion;
UCHAR SubMinorVersion;
} VersionDetail;
};
ULONG ProviderVersion;
ULONG NumberOfProcessors;
LARGE_INTEGER EndTime;
ULONG TimerResolution;
ULONG MaximumFileSize;
ULONG LogFileMode;
ULONG BuffersWritten;
union {
GUID LogInstanceGuid;
struct {
ULONG StartBuffers;
ULONG PointerSize;
ULONG EventsLost;
ULONG CpuSpeedInMHz;
};
};
ULONG32 LoggerName;
ULONG32 LogFileName;
TIME_ZONE_INFORMATION TimeZone;
LARGE_INTEGER BootTime;
LARGE_INTEGER PerfFreq;
LARGE_INTEGER StartTime;
ULONG ReservedFlags;
ULONG BuffersLost;
} TRACE_LOGFILE_HEADER32;
typedef TRACE_LOGFILE_HEADER32 *PTRACE_LOGFILE_HEADER32;
#endif
/* Trace log file header (64-bit version) */
#ifndef _WDMDDK_
typedef struct _TRACE_LOGFILE_HEADER64 {
ULONG BufferSize;
union {
ULONG Version;
struct {
UCHAR MajorVersion;
UCHAR MinorVersion;
UCHAR SubVersion;
UCHAR SubMinorVersion;
} VersionDetail;
};
ULONG ProviderVersion;
ULONG NumberOfProcessors;
LARGE_INTEGER EndTime;
ULONG TimerResolution;
ULONG MaximumFileSize;
ULONG LogFileMode;
ULONG BuffersWritten;
union {
GUID LogInstanceGuid;
struct {
ULONG StartBuffers;
ULONG PointerSize;
ULONG EventsLost;
ULONG CpuSpeedInMHz;
};
};
ULONG64 LoggerName;
ULONG64 LogFileName;
TIME_ZONE_INFORMATION TimeZone;
LARGE_INTEGER BootTime;
LARGE_INTEGER PerfFreq;
LARGE_INTEGER StartTime;
ULONG ReservedFlags;
ULONG BuffersLost;
} TRACE_LOGFILE_HEADER64;
typedef TRACE_LOGFILE_HEADER64 *PTRACE_LOGFILE_HEADER64;
#endif
/* Event instance information */
typedef struct EVENT_INSTANCE_INFO {
HANDLE RegHandle;
ULONG InstanceId;
} EVENT_INSTANCE_INFO;
typedef EVENT_INSTANCE_INFO *PEVENT_INSTANCE_INFO;
/* Event trace properties */
#ifndef _WDMDDK_
typedef struct _EVENT_TRACE_PROPERTIES {
WNODE_HEADER Wnode;
ULONG BufferSize;
ULONG MinimumBuffers;
ULONG MaximumBuffers;
ULONG MaximumFileSize;
ULONG LogFileMode;
ULONG FlushTimer;
ULONG EnableFlags;
LONG AgeLimit;
ULONG NumberOfBuffers;
ULONG FreeBuffers;
ULONG EventsLost;
ULONG BuffersWritten;
ULONG LogBuffersLost;
ULONG RealTimeBuffersLost;
HANDLE LoggerThreadId;
ULONG LogFileNameOffset;
ULONG LoggerNameOffset;
} EVENT_TRACE_PROPERTIES;
typedef EVENT_TRACE_PROPERTIES *PEVENT_TRACE_PROPERTIES;
#endif
/* Trace GUID registration */
#ifndef _WDMDDK_
typedef struct _TRACE_GUID_REGISTRATION {
LPCGUID Guid;
HANDLE RegHandle;
} TRACE_GUID_REGISTRATION;
typedef TRACE_GUID_REGISTRATION *PTRACE_GUID_REGISTRATION;
#endif
/* Trace GUID properties */
typedef struct _TRACE_GUID_PROPERTIES {
GUID Guid;
ULONG GuidType;
ULONG LoggerId;
ULONG EnableLevel;
ULONG EnableFlags;
BOOLEAN IsEnable;
} TRACE_GUID_PROPERTIES;
typedef TRACE_GUID_PROPERTIES *PTRACE_GUID_PROPERTIES;
/* Event tracing buffer context */
typedef struct _ETW_BUFFER_CONTEXT {
UCHAR ProcessorNumber;
UCHAR Alignment;
USHORT LoggerId;
} ETW_BUFFER_CONTEXT;
typedef ETW_BUFFER_CONTEXT *PETW_BUFFER_CONTEXT;
/* Trace enable information */
typedef struct _TRACE_ENABLE_INFO {
ULONG IsEnabled;
UCHAR Level;
UCHAR Reserved1;
USHORT LoggerId;
ULONG EnableProperty;
ULONG Reserved2;
ULONGLONG MatchAnyKeyword;
ULONGLONG MatchAllKeyword;
} TRACE_ENABLE_INFO;
typedef TRACE_ENABLE_INFO *PTRACE_ENABLE_INFO;
/* Trace provider instance information */
typedef struct _TRACE_PROVIDER_INSTANCE_INFO {
ULONG NextOffset;
ULONG EnableCount;
ULONG Pid;
ULONG Flags;
} TRACE_PROVIDER_INSTANCE_INFO;
typedef TRACE_PROVIDER_INSTANCE_INFO *PTRACE_PROVIDER_INSTANCE_INFO;
/* Trace GUID information */
typedef struct _TRACE_GUID_INFO {
ULONG InstanceCount;
ULONG Reserved;
} TRACE_GUID_INFO;
typedef TRACE_GUID_INFO *PTRACE_GUID_INFO;
/* Event trace */
typedef struct _EVENT_TRACE {
EVENT_TRACE_HEADER Header;
ULONG InstanceId;
ULONG ParentInstanceId;
GUID ParentGuid;
PVOID MofData;
ULONG MofLength;
union {
ULONG ClientContext;
ETW_BUFFER_CONTEXT BufferContext;
};
} EVENT_TRACE;
typedef EVENT_TRACE *PEVENT_TRACE;
/* Event tracing callbacks */
#ifndef _WDMDDK_
typedef ULONG (WINAPI *PEVENT_TRACE_BUFFER_CALLBACKA)( struct _EVENT_TRACE_LOGFILEA * );
typedef ULONG (WINAPI *PEVENT_TRACE_BUFFER_CALLBACKW)( struct _EVENT_TRACE_LOGFILEW * );
typedef VOID (WINAPI *PEVENT_CALLBACK)( PEVENT_TRACE );
typedef VOID (WINAPI *PEVENT_RECORD_CALLBACK)( struct _EVENT_RECORD * );
typedef ULONG (WINAPI *WMIDPREQUEST)( WMIDPREQUESTCODE, PVOID, ULONG *, PVOID );
#ifdef UNICODE
typedef PEVENT_TRACE_BUFFER_CALLBACKW PEVENT_TRACE_BUFFER_CALLBACK;
#else
typedef PEVENT_TRACE_BUFFER_CALLBACKA PEVENT_TRACE_BUFFER_CALLBACK;
#endif
#endif
/* Event trace log file */
#ifndef _WDMDDK_
typedef struct _EVENT_TRACE_LOGFILEA {
LPSTR LogFileName;
LPSTR LoggerName;
LONGLONG CurrentTime;
ULONG BuffersRead;
union {
ULONG LogFileMode;
ULONG ProcessTraceMode;
};
EVENT_TRACE CurrentEvent;
TRACE_LOGFILE_HEADER LogfileHeader;
PEVENT_TRACE_BUFFER_CALLBACKA BufferCallback;
ULONG BufferSize;
ULONG Filled;
ULONG EventsLost;
union {
PEVENT_CALLBACK EventCallback;
PEVENT_RECORD_CALLBACK EventRecordCallback;
};
ULONG IsKernelTrace;
PVOID Context;
} EVENT_TRACE_LOGFILEA;
typedef EVENT_TRACE_LOGFILEA *PEVENT_TRACE_LOGFILEA;
typedef struct _EVENT_TRACE_LOGFILEW {
LPWSTR LogFileName;
LPWSTR LoggerName;
LONGLONG CurrentTime;
ULONG BuffersRead;
union {
ULONG LogFileMode;
ULONG ProcessTraceMode;
};
EVENT_TRACE CurrentEvent;
TRACE_LOGFILE_HEADER LogfileHeader;
PEVENT_TRACE_BUFFER_CALLBACKW BufferCallback;
ULONG BufferSize;
ULONG Filled;
ULONG EventsLost;
union {
PEVENT_CALLBACK EventCallback;
PEVENT_RECORD_CALLBACK EventRecordCallback;
};
ULONG IsKernelTrace;
PVOID Context;
} EVENT_TRACE_LOGFILEW;
typedef EVENT_TRACE_LOGFILEW *PEVENT_TRACE_LOGFILEW;
#ifdef UNICODE
typedef EVENT_TRACE_LOGFILEW EVENT_TRACE_LOGFILE;
typedef PEVENT_TRACE_LOGFILEW PEVENT_TRACE_LOGFILE;
#else
typedef EVENT_TRACE_LOGFILEA EVENT_TRACE_LOGFILE;
typedef PEVENT_TRACE_LOGFILEA PEVENT_TRACE_LOGFILE;
#endif
#endif
/* EnableTraceEx2() parameters */
#ifndef _WDMDDK_
typedef struct _ENABLE_TRACE_PARAMETERS {
ULONG Version;
ULONG EnableProperty;
ULONG ControlFlags;
GUID SourceId;
PEVENT_FILTER_DESCRIPTOR EnableFilterDesc;
} ENABLE_TRACE_PARAMETERS;
typedef ENABLE_TRACE_PARAMETERS *PENABLE_TRACE_PARAMETERS;
#endif
/* Trace query information classes */
#ifndef _WDMDDK_
typedef enum _TRACE_QUERY_INFO_CLASS {
TraceGuidQueryList = 0,
TraceGuidQueryInfo = 1,
TraceGuidQueryProcess = 2,
TraceStackTracingInfo = 3,
MaxTraceSetInfoClass = 4
} TRACE_QUERY_INFO_CLASS;
#endif
/* Classic event identifier */
#ifndef _WDMDDK_
typedef struct _CLASSIC_EVENT_ID {
GUID EventGuid;
UCHAR Type;
UCHAR Reserved[7];
} CLASSIC_EVENT_ID;
typedef CLASSIC_EVENT_ID *PCLASSIC_EVENT_ID;
#endif
/* GUIDs */
EXTERN_C const GUID EventTraceGuid;
EXTERN_C const GUID SystemTraceControlGuid;
EXTERN_C const GUID EventTraceConfigGuid;
EXTERN_C const GUID DefaultTraceSecurityGuid;
/* Functions in ADVAPI32.DLL */
#ifndef _WDMDDK_
EXTERN_C ULONG WMIAPI CloseTrace( TRACEHANDLE );
EXTERN_C ULONG WMIAPI ControlTraceA( TRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES, ULONG );
EXTERN_C ULONG WMIAPI ControlTraceW( TRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES, ULONG );
EXTERN_C ULONG WMIAPI CreateTraceInstanceId( HANDLE, PEVENT_INSTANCE_INFO );
EXTERN_C ULONG WMIAPI EnableTrace( ULONG, ULONG, ULONG, LPCGUID, TRACEHANDLE );
EXTERN_C ULONG WMIAPI GetTraceEnableFlags( TRACEHANDLE );
EXTERN_C UCHAR WMIAPI GetTraceEnableLevel( TRACEHANDLE );
EXTERN_C TRACEHANDLE WMIAPI GetTraceLoggerHandle( PVOID );
EXTERN_C TRACEHANDLE WMIAPI OpenTraceA( PEVENT_TRACE_LOGFILEA );
EXTERN_C TRACEHANDLE WMIAPI OpenTraceW( PEVENT_TRACE_LOGFILEW );
EXTERN_C ULONG WMIAPI ProcessTrace( PTRACEHANDLE, ULONG, LPFILETIME, LPFILETIME );
EXTERN_C ULONG WMIAPI QueryAllTracesA( PEVENT_TRACE_PROPERTIES *, ULONG, PULONG );
EXTERN_C ULONG WMIAPI QueryAllTracesW( PEVENT_TRACE_PROPERTIES *, ULONG, PULONG );
EXTERN_C ULONG WMIAPI QueryTraceA( TRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI QueryTraceW( TRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI RegisterTraceGuidsA( WMIDPREQUEST, PVOID, LPCGUID, ULONG, PTRACE_GUID_REGISTRATION, LPCSTR, LPCSTR, PTRACEHANDLE );
EXTERN_C ULONG WMIAPI RegisterTraceGuidsW( WMIDPREQUEST, PVOID, LPCGUID, ULONG, PTRACE_GUID_REGISTRATION, LPCWSTR, LPCWSTR, PTRACEHANDLE );
EXTERN_C ULONG WMIAPI RemoveTraceCallback( LPCGUID );
EXTERN_C ULONG WMIAPI SetTraceCallback( LPCGUID, PEVENT_CALLBACK );
EXTERN_C ULONG WMIAPI StartTraceA( PTRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI StartTraceW( PTRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI StopTraceA( TRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI StopTraceW( TRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI TraceEvent( TRACEHANDLE, PEVENT_TRACE_HEADER );
EXTERN_C ULONG WMIAPI TraceEventInstance( TRACEHANDLE, PEVENT_INSTANCE_HEADER, PEVENT_INSTANCE_INFO, PEVENT_INSTANCE_INFO );
EXTERN_C ULONG __cdecl TraceMessage( TRACEHANDLE, ULONG, LPCGUID, USHORT, ... );
EXTERN_C ULONG WMIAPI TraceMessageVa( TRACEHANDLE, ULONG, LPCGUID, USHORT, void * );
EXTERN_C ULONG WMIAPI UnregisterTraceGuids( TRACEHANDLE );
EXTERN_C ULONG WMIAPI UpdateTraceA( TRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI UpdateTraceW( TRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES );
#if (WINVER >= 0x0501)
EXTERN_C ULONG WMIAPI EnumerateTraceGuids( PTRACE_GUID_PROPERTIES *, ULONG, PULONG );
EXTERN_C ULONG WMIAPI FlushTraceA( TRACEHANDLE, LPCSTR, PEVENT_TRACE_PROPERTIES );
EXTERN_C ULONG WMIAPI FlushTraceW( TRACEHANDLE, LPCWSTR, PEVENT_TRACE_PROPERTIES );
#endif
#if (WINVER >= 0x0600)
EXTERN_C ULONG WMIAPI EnableTraceEx( LPCGUID, LPCGUID, TRACEHANDLE, ULONG, UCHAR, ULONGLONG, ULONGLONG, ULONG, PEVENT_FILTER_DESCRIPTOR );
EXTERN_C ULONG WMIAPI EnumerateTraceGuidsEx( TRACE_QUERY_INFO_CLASS, PVOID, ULONG, PVOID, ULONG, PULONG );
#endif
#if (WINVER >= 0x0601)
EXTERN_C ULONG WMIAPI EnableTraceEx2( TRACEHANDLE, LPCGUID, ULONG, UCHAR, ULONGLONG, ULONGLONG, ULONG, PENABLE_TRACE_PARAMETERS );
EXTERN_C ULONG WMIAPI TraceSetInformation( TRACEHANDLE, TRACE_INFO_CLASS, PVOID, ULONG );
#endif
#endif
/* Microsoft defines va_list differently from Open Watcom, so it must be indexed
* before being passed to any Win32 API functions.
*/
#define TraceMessageVa( p1, p2, p3, p4, p5 ) TraceMessageVa( p1, p2, p3, p4, (p5)[0] )
/* Map generic function names to the appropriate ANSI or Unicode version. */
#ifndef _WDMDDK_
#ifdef UNICODE
#define ControlTrace ControlTraceW
#define OpenTrace OpenTraceW
#define QueryAllTraces QueryAllTracesW
#define QueryTrace QueryTraceW
#define RegisterTraceGuids RegisterTraceGuidsW
#define StartTrace StartTraceW
#define StopTrace StopTraceW
#define UpdateTrace UpdateTraceW
#if (NTDDI_VERSION >= 0x05010000)
#define FlushTrace FlushTraceW
#endif
#else
#define ControlTrace ControlTraceA
#define OpenTrace OpenTraceA
#define QueryAllTraces QueryAllTracesA
#define QueryTrace QueryTraceA
#define RegisterTraceGuids RegisterTraceGuidsA
#define StartTrace StartTraceA
#define StopTrace StopTraceA
#define UpdateTrace UpdateTraceA
#if (NTDDI_VERSION >= 0x05010000)
#define FlushTrace FlushTraceA
#endif
#endif
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* _EVNTRACE_ */