aboutsummaryrefslogtreecommitdiff
path: root/vendor/winapi/src/shared/evntrace.rs
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/winapi/src/shared/evntrace.rs')
-rw-r--r--vendor/winapi/src/shared/evntrace.rs990
1 files changed, 0 insertions, 990 deletions
diff --git a/vendor/winapi/src/shared/evntrace.rs b/vendor/winapi/src/shared/evntrace.rs
deleted file mode 100644
index 23a93ee..0000000
--- a/vendor/winapi/src/shared/evntrace.rs
+++ /dev/null
@@ -1,990 +0,0 @@
-// Licensed under the Apache License, Version 2.0
-// <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
-// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your option.
-// All files in the project carrying such notice may not be copied, modified, or distributed
-// except according to those terms.
-use shared::basetsd::{SIZE_T, ULONG32, ULONG64};
-use shared::evntprov::PEVENT_FILTER_DESCRIPTOR;
-use shared::guiddef::{GUID, LPCGUID, LPGUID};
-use shared::minwindef::{DWORD, LPFILETIME, PULONG, UCHAR, UINT, ULONG, USHORT};
-use shared::wmistr::{WMIDPREQUESTCODE, WNODE_HEADER};
-use um::evntcons::PEVENT_RECORD;
-use um::handleapi::INVALID_HANDLE_VALUE;
-use um::timezoneapi::TIME_ZONE_INFORMATION;
-use um::winnt::{
- ANYSIZE_ARRAY, BOOLEAN, HANDLE, LARGE_INTEGER, LONG, LONGLONG, LPCSTR, LPCWSTR, LPSTR, LPWSTR,
- PVOID, ULONGLONG, WCHAR
-};
-use vc::vadefs::va_list;
-DEFINE_GUID!{EventTraceGuid,
- 0x68fdd900, 0x4a3e, 0x11d1, 0x84, 0xf4, 0x00, 0x00, 0xf8, 0x04, 0x64, 0xe3}
-DEFINE_GUID!{SystemTraceControlGuid,
- 0x9e814aad, 0x3204, 0x11d2, 0x9a, 0x82, 0x00, 0x60, 0x08, 0xa8, 0x69, 0x39}
-DEFINE_GUID!{EventTraceConfigGuid,
- 0x01853a65, 0x418f, 0x4f36, 0xae, 0xfc, 0xdc, 0x0f, 0x1d, 0x2f, 0xd2, 0x35}
-DEFINE_GUID!{DefaultTraceSecurityGuid,
- 0x0811c1af, 0x7a07, 0x4a06, 0x82, 0xed, 0x86, 0x94, 0x55, 0xcd, 0xf7, 0x13}
-DEFINE_GUID!{PrivateLoggerNotificationGuid,
- 0x3595ab5c, 0x042a, 0x4c8e, 0xb9, 0x42, 0x2d, 0x05, 0x9b, 0xfe, 0xb1, 0xb1}
-pub const KERNEL_LOGGER_NAME: &'static str = "NT Kernel Logger";
-pub const GLOBAL_LOGGER_NAME: &'static str = "GlobalLogger";
-pub const EVENT_LOGGER_NAME: &'static str = "EventLog";
-pub const DIAG_LOGGER_NAME: &'static str = "DiagLog";
-pub const MAX_MOF_FIELDS: SIZE_T = 16;
-DECLARE_HANDLE!{TRACEHANDLE, __TRACEHANDLE}
-pub type PTRACEHANDLE = *mut TRACEHANDLE;
-pub const EVENT_TRACE_TYPE_INFO: DWORD = 0x00;
-pub const EVENT_TRACE_TYPE_START: DWORD = 0x01;
-pub const EVENT_TRACE_TYPE_END: DWORD = 0x02;
-pub const EVENT_TRACE_TYPE_STOP: DWORD = 0x02;
-pub const EVENT_TRACE_TYPE_DC_START: DWORD = 0x03;
-pub const EVENT_TRACE_TYPE_DC_END: DWORD = 0x04;
-pub const EVENT_TRACE_TYPE_EXTENSION: DWORD = 0x05;
-pub const EVENT_TRACE_TYPE_REPLY: DWORD = 0x06;
-pub const EVENT_TRACE_TYPE_DEQUEUE: DWORD = 0x07;
-pub const EVENT_TRACE_TYPE_RESUME: DWORD = 0x07;
-pub const EVENT_TRACE_TYPE_CHECKPOINT: DWORD = 0x08;
-pub const EVENT_TRACE_TYPE_SUSPEND: DWORD = 0x08;
-pub const EVENT_TRACE_TYPE_WINEVT_SEND: DWORD = 0x09;
-pub const EVENT_TRACE_TYPE_WINEVT_RECEIVE: DWORD = 0xF0;
-pub const TRACE_LEVEL_CRITICAL: UCHAR = 1;
-pub const TRACE_LEVEL_ERROR: UCHAR = 2;
-pub const TRACE_LEVEL_WARNING: UCHAR = 3;
-pub const TRACE_LEVEL_INFORMATION: UCHAR = 4;
-pub const TRACE_LEVEL_VERBOSE: UCHAR = 5;
-pub const TRACE_LEVEL_RESERVED6: UCHAR = 6;
-pub const TRACE_LEVEL_RESERVED7: UCHAR = 7;
-pub const TRACE_LEVEL_RESERVED8: UCHAR = 8;
-pub const TRACE_LEVEL_RESERVED9: UCHAR = 9;
-pub const EVENT_TRACE_TYPE_LOAD: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_TERMINATE: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_IO_READ: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_IO_WRITE: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_IO_READ_INIT: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_IO_WRITE_INIT: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_IO_FLUSH: DWORD = 0x0E;
-pub const EVENT_TRACE_TYPE_IO_FLUSH_INIT: DWORD = 0x0F;
-pub const EVENT_TRACE_TYPE_IO_REDIRECTED_INIT: DWORD = 0x10;
-pub const EVENT_TRACE_TYPE_MM_TF: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_MM_DZF: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_MM_COW: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_MM_GPF: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_MM_HPF: DWORD = 0x0E;
-pub const EVENT_TRACE_TYPE_MM_AV: DWORD = 0x0F;
-pub const EVENT_TRACE_TYPE_SEND: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_RECEIVE: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_CONNECT: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_DISCONNECT: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_RETRANSMIT: DWORD = 0x0E;
-pub const EVENT_TRACE_TYPE_ACCEPT: DWORD = 0x0F;
-pub const EVENT_TRACE_TYPE_RECONNECT: DWORD = 0x10;
-pub const EVENT_TRACE_TYPE_CONNFAIL: DWORD = 0x11;
-pub const EVENT_TRACE_TYPE_COPY_TCP: DWORD = 0x12;
-pub const EVENT_TRACE_TYPE_COPY_ARP: DWORD = 0x13;
-pub const EVENT_TRACE_TYPE_ACKFULL: DWORD = 0x14;
-pub const EVENT_TRACE_TYPE_ACKPART: DWORD = 0x15;
-pub const EVENT_TRACE_TYPE_ACKDUP: DWORD = 0x16;
-pub const EVENT_TRACE_TYPE_GUIDMAP: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_CONFIG: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_SIDINFO: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_SECURITY: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_DBGID_RSDS: DWORD = 0x40;
-pub const EVENT_TRACE_TYPE_REGCREATE: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_REGOPEN: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_REGDELETE: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_REGQUERY: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_REGSETVALUE: DWORD = 0x0E;
-pub const EVENT_TRACE_TYPE_REGDELETEVALUE: DWORD = 0x0F;
-pub const EVENT_TRACE_TYPE_REGQUERYVALUE: DWORD = 0x10;
-pub const EVENT_TRACE_TYPE_REGENUMERATEKEY: DWORD = 0x11;
-pub const EVENT_TRACE_TYPE_REGENUMERATEVALUEKEY: DWORD = 0x12;
-pub const EVENT_TRACE_TYPE_REGQUERYMULTIPLEVALUE: DWORD = 0x13;
-pub const EVENT_TRACE_TYPE_REGSETINFORMATION: DWORD = 0x14;
-pub const EVENT_TRACE_TYPE_REGFLUSH: DWORD = 0x15;
-pub const EVENT_TRACE_TYPE_REGKCBCREATE: DWORD = 0x16;
-pub const EVENT_TRACE_TYPE_REGKCBDELETE: DWORD = 0x17;
-pub const EVENT_TRACE_TYPE_REGKCBRUNDOWNBEGIN: DWORD = 0x18;
-pub const EVENT_TRACE_TYPE_REGKCBRUNDOWNEND: DWORD = 0x19;
-pub const EVENT_TRACE_TYPE_REGVIRTUALIZE: DWORD = 0x1A;
-pub const EVENT_TRACE_TYPE_REGCLOSE: DWORD = 0x1B;
-pub const EVENT_TRACE_TYPE_REGSETSECURITY: DWORD = 0x1C;
-pub const EVENT_TRACE_TYPE_REGQUERYSECURITY: DWORD = 0x1D;
-pub const EVENT_TRACE_TYPE_REGCOMMIT: DWORD = 0x1E;
-pub const EVENT_TRACE_TYPE_REGPREPARE: DWORD = 0x1F;
-pub const EVENT_TRACE_TYPE_REGROLLBACK: DWORD = 0x20;
-pub const EVENT_TRACE_TYPE_REGMOUNTHIVE: DWORD = 0x21;
-pub const EVENT_TRACE_TYPE_CONFIG_CPU: DWORD = 0x0A;
-pub const EVENT_TRACE_TYPE_CONFIG_PHYSICALDISK: DWORD = 0x0B;
-pub const EVENT_TRACE_TYPE_CONFIG_LOGICALDISK: DWORD = 0x0C;
-pub const EVENT_TRACE_TYPE_CONFIG_NIC: DWORD = 0x0D;
-pub const EVENT_TRACE_TYPE_CONFIG_VIDEO: DWORD = 0x0E;
-pub const EVENT_TRACE_TYPE_CONFIG_SERVICES: DWORD = 0x0F;
-pub const EVENT_TRACE_TYPE_CONFIG_POWER: DWORD = 0x10;
-pub const EVENT_TRACE_TYPE_CONFIG_NETINFO: DWORD = 0x11;
-pub const EVENT_TRACE_TYPE_CONFIG_OPTICALMEDIA: DWORD = 0x12;
-pub const EVENT_TRACE_TYPE_CONFIG_IRQ: DWORD = 0x15;
-pub const EVENT_TRACE_TYPE_CONFIG_PNP: DWORD = 0x16;
-pub const EVENT_TRACE_TYPE_CONFIG_IDECHANNEL: DWORD = 0x17;
-pub const EVENT_TRACE_TYPE_CONFIG_NUMANODE: DWORD = 0x18;
-pub const EVENT_TRACE_TYPE_CONFIG_PLATFORM: DWORD = 0x19;
-pub const EVENT_TRACE_TYPE_CONFIG_PROCESSORGROUP: DWORD = 0x1A;
-pub const EVENT_TRACE_TYPE_CONFIG_PROCESSORNUMBER: DWORD = 0x1B;
-pub const EVENT_TRACE_TYPE_CONFIG_DPI: DWORD = 0x1C;
-pub const EVENT_TRACE_TYPE_CONFIG_CI_INFO: DWORD = 0x1D;
-pub const EVENT_TRACE_TYPE_CONFIG_MACHINEID: DWORD = 0x1E;
-pub const EVENT_TRACE_TYPE_CONFIG_DEFRAG: DWORD = 0x1F;
-pub const EVENT_TRACE_TYPE_CONFIG_MOBILEPLATFORM: DWORD = 0x20;
-pub const EVENT_TRACE_TYPE_CONFIG_DEVICEFAMILY: DWORD = 0x21;
-pub const EVENT_TRACE_TYPE_CONFIG_FLIGHTID: DWORD = 0x22;
-pub const EVENT_TRACE_TYPE_CONFIG_PROCESSOR: DWORD = 0x23;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_READ: DWORD = 0x37;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_WRITE: DWORD = 0x38;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_FLUSH: DWORD = 0x39;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_READ_INIT: DWORD = 0x3a;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_WRITE_INIT: DWORD = 0x3b;
-pub const EVENT_TRACE_TYPE_OPTICAL_IO_FLUSH_INIT: DWORD = 0x3c;
-pub const EVENT_TRACE_TYPE_FLT_PREOP_INIT: DWORD = 0x60;
-pub const EVENT_TRACE_TYPE_FLT_POSTOP_INIT: DWORD = 0x61;
-pub const EVENT_TRACE_TYPE_FLT_PREOP_COMPLETION: DWORD = 0x62;
-pub const EVENT_TRACE_TYPE_FLT_POSTOP_COMPLETION: DWORD = 0x63;
-pub const EVENT_TRACE_TYPE_FLT_PREOP_FAILURE: DWORD = 0x64;
-pub const EVENT_TRACE_TYPE_FLT_POSTOP_FAILURE: DWORD = 0x65;
-pub const EVENT_TRACE_FLAG_PROCESS: DWORD = 0x00000001;
-pub const EVENT_TRACE_FLAG_THREAD: DWORD = 0x00000002;
-pub const EVENT_TRACE_FLAG_IMAGE_LOAD: DWORD = 0x00000004;
-pub const EVENT_TRACE_FLAG_DISK_IO: DWORD = 0x00000100;
-pub const EVENT_TRACE_FLAG_DISK_FILE_IO: DWORD = 0x00000200;
-pub const EVENT_TRACE_FLAG_MEMORY_PAGE_FAULTS: DWORD = 0x00001000;
-pub const EVENT_TRACE_FLAG_MEMORY_HARD_FAULTS: DWORD = 0x00002000;
-pub const EVENT_TRACE_FLAG_NETWORK_TCPIP: DWORD = 0x00010000;
-pub const EVENT_TRACE_FLAG_REGISTRY: DWORD = 0x00020000;
-pub const EVENT_TRACE_FLAG_DBGPRINT: DWORD = 0x00040000;
-pub const EVENT_TRACE_FLAG_PROCESS_COUNTERS: DWORD = 0x00000008;
-pub const EVENT_TRACE_FLAG_CSWITCH: DWORD = 0x00000010;
-pub const EVENT_TRACE_FLAG_DPC: DWORD = 0x00000020;
-pub const EVENT_TRACE_FLAG_INTERRUPT: DWORD = 0x00000040;
-pub const EVENT_TRACE_FLAG_SYSTEMCALL: DWORD = 0x00000080;
-pub const EVENT_TRACE_FLAG_DISK_IO_INIT: DWORD = 0x00000400;
-pub const EVENT_TRACE_FLAG_ALPC: DWORD = 0x00100000;
-pub const EVENT_TRACE_FLAG_SPLIT_IO: DWORD = 0x00200000;
-pub const EVENT_TRACE_FLAG_DRIVER: DWORD = 0x00800000;
-pub const EVENT_TRACE_FLAG_PROFILE: DWORD = 0x01000000;
-pub const EVENT_TRACE_FLAG_FILE_IO: DWORD = 0x02000000;
-pub const EVENT_TRACE_FLAG_FILE_IO_INIT: DWORD = 0x04000000;
-pub const EVENT_TRACE_FLAG_DISPATCHER: DWORD = 0x00000800;
-pub const EVENT_TRACE_FLAG_VIRTUAL_ALLOC: DWORD = 0x00004000;
-pub const EVENT_TRACE_FLAG_VAMAP: DWORD = 0x00008000;
-pub const EVENT_TRACE_FLAG_NO_SYSCONFIG: DWORD = 0x10000000;
-pub const EVENT_TRACE_FLAG_JOB: DWORD = 0x00080000;
-pub const EVENT_TRACE_FLAG_DEBUG_EVENTS: DWORD = 0x00400000;
-pub const EVENT_TRACE_FLAG_EXTENSION: DWORD = 0x80000000;
-pub const EVENT_TRACE_FLAG_FORWARD_WMI: DWORD = 0x40000000;
-pub const EVENT_TRACE_FLAG_ENABLE_RESERVE: DWORD = 0x20000000;
-pub const EVENT_TRACE_FILE_MODE_NONE: DWORD = 0x00000000;
-pub const EVENT_TRACE_FILE_MODE_SEQUENTIAL: DWORD = 0x00000001;
-pub const EVENT_TRACE_FILE_MODE_CIRCULAR: DWORD = 0x00000002;
-pub const EVENT_TRACE_FILE_MODE_APPEND: DWORD = 0x00000004;
-pub const EVENT_TRACE_REAL_TIME_MODE: DWORD = 0x00000100;
-pub const EVENT_TRACE_DELAY_OPEN_FILE_MODE: DWORD = 0x00000200;
-pub const EVENT_TRACE_BUFFERING_MODE: DWORD = 0x00000400;
-pub const EVENT_TRACE_PRIVATE_LOGGER_MODE: DWORD = 0x00000800;
-pub const EVENT_TRACE_ADD_HEADER_MODE: DWORD = 0x00001000;
-pub const EVENT_TRACE_USE_GLOBAL_SEQUENCE: DWORD = 0x00004000;
-pub const EVENT_TRACE_USE_LOCAL_SEQUENCE: DWORD = 0x00008000;
-pub const EVENT_TRACE_RELOG_MODE: DWORD = 0x00010000;
-pub const EVENT_TRACE_USE_PAGED_MEMORY: DWORD = 0x01000000;
-pub const EVENT_TRACE_FILE_MODE_NEWFILE: DWORD = 0x00000008;
-pub const EVENT_TRACE_FILE_MODE_PREALLOCATE: DWORD = 0x00000020;
-pub const EVENT_TRACE_NONSTOPPABLE_MODE: DWORD = 0x00000040;
-pub const EVENT_TRACE_SECURE_MODE: DWORD = 0x00000080;
-pub const EVENT_TRACE_USE_KBYTES_FOR_SIZE: DWORD = 0x00002000;
-pub const EVENT_TRACE_PRIVATE_IN_PROC: DWORD = 0x00020000;
-pub const EVENT_TRACE_MODE_RESERVED: DWORD = 0x00100000;
-pub const EVENT_TRACE_NO_PER_PROCESSOR_BUFFERING: DWORD = 0x10000000;
-pub const EVENT_TRACE_SYSTEM_LOGGER_MODE: DWORD = 0x02000000;
-pub const EVENT_TRACE_ADDTO_TRIAGE_DUMP: DWORD = 0x80000000;
-pub const EVENT_TRACE_STOP_ON_HYBRID_SHUTDOWN: DWORD = 0x00400000;
-pub const EVENT_TRACE_PERSIST_ON_HYBRID_SHUTDOWN: DWORD = 0x00800000;
-pub const EVENT_TRACE_INDEPENDENT_SESSION_MODE: DWORD = 0x08000000;
-pub const EVENT_TRACE_COMPRESSED_MODE: DWORD = 0x04000000;
-pub const EVENT_TRACE_CONTROL_QUERY: DWORD = 0;
-pub const EVENT_TRACE_CONTROL_STOP: DWORD = 1;
-pub const EVENT_TRACE_CONTROL_UPDATE: DWORD = 2;
-pub const EVENT_TRACE_CONTROL_FLUSH: DWORD = 3;
-pub const TRACE_MESSAGE_SEQUENCE: DWORD = 1;
-pub const TRACE_MESSAGE_GUID: DWORD = 2;
-pub const TRACE_MESSAGE_COMPONENTID: DWORD = 4;
-pub const TRACE_MESSAGE_TIMESTAMP: DWORD = 8;
-pub const TRACE_MESSAGE_PERFORMANCE_TIMESTAMP: DWORD = 16;
-pub const TRACE_MESSAGE_SYSTEMINFO: DWORD = 32;
-pub const TRACE_MESSAGE_POINTER32: DWORD = 0x0040;
-pub const TRACE_MESSAGE_POINTER64: DWORD = 0x0080;
-pub const TRACE_MESSAGE_FLAG_MASK: DWORD = 0xFFFF;
-pub const TRACE_MESSAGE_MAXIMUM_SIZE: SIZE_T = 64 * 1024;
-pub const EVENT_TRACE_USE_PROCTIME: DWORD = 0x0001;
-pub const EVENT_TRACE_USE_NOCPUTIME: DWORD = 0x0002;
-pub const TRACE_HEADER_FLAG_USE_TIMESTAMP: DWORD = 0x00000200;
-pub const TRACE_HEADER_FLAG_TRACED_GUID: DWORD = 0x00020000;
-pub const TRACE_HEADER_FLAG_LOG_WNODE: DWORD = 0x00040000;
-pub const TRACE_HEADER_FLAG_USE_GUID_PTR: DWORD = 0x00080000;
-pub const TRACE_HEADER_FLAG_USE_MOF_PTR: DWORD = 0x00100000;
-ENUM!{enum ETW_COMPRESSION_RESUMPTION_MODE {
- EtwCompressionModeRestart = 0,
- EtwCompressionModeNoDisable = 1,
- EtwCompressionModeNoRestart = 2,
-}}
-STRUCT!{struct EVENT_TRACE_HEADER_u1_s {
- HeaderType: UCHAR,
- MarkerFlags: UCHAR,
-}}
-UNION!{union EVENT_TRACE_HEADER_u1 {
- [u16; 1],
- FieldTypeFlags FieldTypeFlags_mut: USHORT,
- s s_mut: EVENT_TRACE_HEADER_u1_s,
-}}
-STRUCT!{struct EVENT_TRACE_HEADER_u2_CLASS {
- Type: UCHAR,
- Level: UCHAR,
- Version: USHORT,
-}}
-UNION!{union EVENT_TRACE_HEADER_u2 {
- [u32; 1],
- Version Version_mut: ULONG,
- Class Class_mut: EVENT_TRACE_HEADER_u2_CLASS,
-}}
-UNION!{union EVENT_TRACE_HEADER_u3 {
- [u64; 2],
- Guid Guid_mut: GUID,
- GuidPtr GuidPtr_mut: ULONGLONG,
-}}
-STRUCT!{struct EVENT_TRACE_HEADER_u4_s1 {
- ClientContext: ULONG,
- Flags: ULONG,
-}}
-STRUCT!{struct EVENT_TRACE_HEADER_u4_s2 {
- KernelTime: ULONG,
- UserTime: ULONG,
-}}
-UNION!{union EVENT_TRACE_HEADER_u4 {
- [u64; 1],
- s1 s1_mut: EVENT_TRACE_HEADER_u4_s1,
- s2 s2_mut: EVENT_TRACE_HEADER_u4_s2,
- ProcessorTime ProcessorTime_mut: ULONG64,
-}}
-STRUCT!{struct EVENT_TRACE_HEADER {
- Size: USHORT,
- u1: EVENT_TRACE_HEADER_u1,
- u2: EVENT_TRACE_HEADER_u2,
- ThreadId: ULONG,
- ProcessId: ULONG,
- TimeStamp: LARGE_INTEGER,
- u3: EVENT_TRACE_HEADER_u3,
- u4: EVENT_TRACE_HEADER_u4,
-}}
-pub type PEVENT_TRACE_HEADER = *mut EVENT_TRACE_HEADER;
-STRUCT!{struct EVENT_INSTANCE_HEADER_u1_s {
- HeaderType: UCHAR,
- MarkerFlags: UCHAR,
-}}
-UNION!{union EVENT_INSTANCE_HEADER_u1 {
- [u16; 1],
- FieldTypeFlags FieldTypeFlags_mut: USHORT,
- s s_mut: EVENT_INSTANCE_HEADER_u1_s,
-}}
-STRUCT!{struct EVENT_INSTANCE_HEADER_u2_CLASS {
- Type: UCHAR,
- Level: UCHAR,
- Version: USHORT,
-}}
-UNION!{union EVENT_INSTANCE_HEADER_u2 {
- [u32; 1],
- Version Version_mut: ULONG,
- Class Class_mut: EVENT_INSTANCE_HEADER_u2_CLASS,
-}}
-STRUCT!{struct EVENT_INSTANCE_HEADER_u3_s1 {
- KernelTime: ULONG,
- UserTime: ULONG,
-}}
-STRUCT!{struct EVENT_INSTANCE_HEADER_u3_s2 {
- EventId: ULONG,
- Flags: ULONG,
-}}
-UNION!{union EVENT_INSTANCE_HEADER_u3 {
- [u64; 1],
- s1 s1_mut: EVENT_INSTANCE_HEADER_u3_s1,
- ProcessorTime ProcessorTime_mut: ULONG64,
- s2 s2_mut: EVENT_INSTANCE_HEADER_u3_s2,
-}}
-STRUCT!{struct EVENT_INSTANCE_HEADER {
- Size: USHORT,
- u1: EVENT_INSTANCE_HEADER_u1,
- u2: EVENT_INSTANCE_HEADER_u2,
- ThreadId: ULONG,
- ProcessId: ULONG,
- TimeStamp: LARGE_INTEGER,
- RegHandle: ULONGLONG,
- InstanceId: ULONG,
- ParentInstanceId: ULONG,
- u3: EVENT_INSTANCE_HEADER_u3,
- ParentRegHandle: ULONGLONG,
-}}
-pub type PEVENT_INSTANCE_HEADER = *mut EVENT_INSTANCE_HEADER;
-pub const ETW_NULL_TYPE_VALUE: ULONG = 0;
-pub const ETW_OBJECT_TYPE_VALUE: ULONG = 1;
-pub const ETW_STRING_TYPE_VALUE: ULONG = 2;
-pub const ETW_SBYTE_TYPE_VALUE: ULONG = 3;
-pub const ETW_BYTE_TYPE_VALUE: ULONG = 4;
-pub const ETW_INT16_TYPE_VALUE: ULONG = 5;
-pub const ETW_UINT16_TYPE_VALUE: ULONG = 6;
-pub const ETW_INT32_TYPE_VALUE: ULONG = 7;
-pub const ETW_UINT32_TYPE_VALUE: ULONG = 8;
-pub const ETW_INT64_TYPE_VALUE: ULONG = 9;
-pub const ETW_UINT64_TYPE_VALUE: ULONG = 10;
-pub const ETW_CHAR_TYPE_VALUE: ULONG = 11;
-pub const ETW_SINGLE_TYPE_VALUE: ULONG = 12;
-pub const ETW_DOUBLE_TYPE_VALUE: ULONG = 13;
-pub const ETW_BOOLEAN_TYPE_VALUE: ULONG = 14;
-pub const ETW_DECIMAL_TYPE_VALUE: ULONG = 15;
-pub const ETW_GUID_TYPE_VALUE: ULONG = 101;
-pub const ETW_ASCIICHAR_TYPE_VALUE: ULONG = 102;
-pub const ETW_ASCIISTRING_TYPE_VALUE: ULONG = 103;
-pub const ETW_COUNTED_STRING_TYPE_VALUE: ULONG = 104;
-pub const ETW_POINTER_TYPE_VALUE: ULONG = 105;
-pub const ETW_SIZET_TYPE_VALUE: ULONG = 106;
-pub const ETW_HIDDEN_TYPE_VALUE: ULONG = 107;
-pub const ETW_BOOL_TYPE_VALUE: ULONG = 108;
-pub const ETW_COUNTED_ANSISTRING_TYPE_VALUE: ULONG = 109;
-pub const ETW_REVERSED_COUNTED_STRING_TYPE_VALUE: ULONG = 110;
-pub const ETW_REVERSED_COUNTED_ANSISTRING_TYPE_VALUE: ULONG = 111;
-pub const ETW_NON_NULL_TERMINATED_STRING_TYPE_VALUE: ULONG = 112;
-pub const ETW_REDUCED_ANSISTRING_TYPE_VALUE: ULONG = 113;
-pub const ETW_REDUCED_STRING_TYPE_VALUE: ULONG = 114;
-pub const ETW_SID_TYPE_VALUE: ULONG = 115;
-pub const ETW_VARIANT_TYPE_VALUE: ULONG = 116;
-pub const ETW_PTVECTOR_TYPE_VALUE: ULONG = 117;
-pub const ETW_WMITIME_TYPE_VALUE: ULONG = 118;
-pub const ETW_DATETIME_TYPE_VALUE: ULONG = 119;
-pub const ETW_REFRENCE_TYPE_VALUE: ULONG = 120;
-// TODO: DEFINE_TRACE_MOF_FIELD
-STRUCT!{struct MOF_FIELD {
- DataPtr: ULONG64,
- Length: ULONG,
- DataType: ULONG,
-}}
-pub type PMOF_FIELD = *mut MOF_FIELD;
-STRUCT!{struct TRACE_LOGFILE_HEADER_u1_VERSIONDETAIL {
- MajorVersion: UCHAR,
- MinorVersion: UCHAR,
- SubVersion: UCHAR,
- SubMinorVersion: UCHAR,
-}}
-UNION!{union TRACE_LOGFILE_HEADER_u1 {
- [u32; 1],
- Version Version_mut: ULONG,
- VersionDetail VersionDetail_mut: TRACE_LOGFILE_HEADER_u1_VERSIONDETAIL,
-}}
-STRUCT!{struct TRACE_LOGFILE_HEADER_u2_s {
- StartBuffers: ULONG,
- PointerSize: ULONG,
- EventsLost: ULONG,
- CpuSpeedInMHz: ULONG,
-}}
-UNION!{union TRACE_LOGFILE_HEADER_u2 {
- [u32; 4],
- LogInstanceGuid LogInstanceGuid_mut: GUID,
- s s_mut: TRACE_LOGFILE_HEADER_u2_s,
-}}
-STRUCT!{struct TRACE_LOGFILE_HEADER {
- BufferSize: ULONG,
- u1: TRACE_LOGFILE_HEADER_u1,
- ProviderVersion: ULONG,
- NumberOfProcessors: ULONG,
- EndTime: LARGE_INTEGER,
- TimerResolution: ULONG,
- MaximumFileSize: ULONG,
- LogFileMode: ULONG,
- BuffersWritten: ULONG,
- u2: TRACE_LOGFILE_HEADER_u2,
- LoggerName: LPWSTR,
- LogFileName: LPWSTR,
- TimeZone: TIME_ZONE_INFORMATION,
- BootTime: LARGE_INTEGER,
- PrefFreq: LARGE_INTEGER,
- StartTime: LARGE_INTEGER,
- ReservedFlags: ULONG,
- BuffersLost: ULONG,
-}}
-pub type PTRACE_LOGFILE_HEADER = *mut TRACE_LOGFILE_HEADER;
-STRUCT!{struct TRACE_LOGFILE_HEADER32 {
- BufferSize: ULONG,
- u1: TRACE_LOGFILE_HEADER_u1,
- ProviderVersion: ULONG,
- NumberOfProcessors: ULONG,
- EndTime: LARGE_INTEGER,
- TimerResolution: ULONG,
- MaximumFileSize: ULONG,
- LogFileMode: ULONG,
- BuffersWritten: ULONG,
- u2: TRACE_LOGFILE_HEADER_u2,
- LoggerName: ULONG32,
- LogFileName: ULONG32,
- TimeZone: TIME_ZONE_INFORMATION,
- BootTime: LARGE_INTEGER,
- PrefFreq: LARGE_INTEGER,
- StartTime: LARGE_INTEGER,
- ReservedFlags: ULONG,
- BuffersLost: ULONG,
-}}
-pub type PTRACE_LOGFILE_HEADER32 = *mut TRACE_LOGFILE_HEADER32;
-STRUCT!{struct TRACE_LOGFILE_HEADER64 {
- BufferSize: ULONG,
- u1: TRACE_LOGFILE_HEADER_u1,
- ProviderVersion: ULONG,
- NumberOfProcessors: ULONG,
- EndTime: LARGE_INTEGER,
- TimerResolution: ULONG,
- MaximumFileSize: ULONG,
- LogFileMode: ULONG,
- BuffersWritten: ULONG,
- u2: TRACE_LOGFILE_HEADER_u2,
- LoggerName: ULONG64,
- LogFileName: ULONG64,
- TimeZone: TIME_ZONE_INFORMATION,
- BootTime: LARGE_INTEGER,
- PrefFreq: LARGE_INTEGER,
- StartTime: LARGE_INTEGER,
- ReservedFlags: ULONG,
- BuffersLost: ULONG,
-}}
-pub type PTRACE_LOGFILE_HEADER64 = *mut TRACE_LOGFILE_HEADER64;
-STRUCT!{struct EVENT_INSTANCE_INFO {
- RegHandle: HANDLE,
- InstanceId: ULONG,
-}}
-pub type PEVENT_INSTANCE_INFO = *mut EVENT_INSTANCE_INFO;
-UNION!{union EVENT_TRACE_PROPERTIES_u {
- [u32; 1],
- AgeLimit AgeLimit_mut: LONG,
- FlushThreshold FlushThreshold_mut: LONG,
-}}
-STRUCT!{struct EVENT_TRACE_PROPERTIES {
- Wnode: WNODE_HEADER,
- BufferSize: ULONG,
- MinimumBuffers: ULONG,
- MaximumBuffers: ULONG,
- MaximumFileSize: ULONG,
- LogFileMode: ULONG,
- FlushTimer: ULONG,
- EnableFlags: ULONG,
- u: EVENT_TRACE_PROPERTIES_u,
- NumberOfBuffers: ULONG,
- FreeBuffers: ULONG,
- EventsLost: ULONG,
- BuffersWritten: ULONG,
- LogBuffersLost: ULONG,
- RealTimeBuffersLost: ULONG,
- LoggerThreadId: HANDLE,
- LogFileNameOffset: ULONG,
- LoggerNameOffset: ULONG,
-}}
-pub type PEVENT_TRACE_PROPERTIES = *mut EVENT_TRACE_PROPERTIES;
-UNION!{union EVENT_TRACE_PROPERTIES_V2_u1 {
- [u32; 1],
- AgeLimit AgeLimit_mut: LONG,
- FlushThreshold FlushThreshold_mut: LONG,
-}}
-STRUCT!{struct EVENT_TRACE_PROPERTIES_V2_u2_s {
- bitfield: ULONG,
-}}
-BITFIELD!{EVENT_TRACE_PROPERTIES_V2_u2_s bitfield: ULONG [
- VersionNumber set_VersionNumber[0..8],
-]}
-UNION!{union EVENT_TRACE_PROPERTIES_V2_u2 {
- [u32; 1],
- s s_mut: EVENT_TRACE_PROPERTIES_V2_u2_s,
- V2Control V2Control_mut: ULONG,
-}}
-STRUCT!{struct EVENT_TRACE_PROPERTIES_V2_u3_s {
- bitfield: ULONG,
-}}
-BITFIELD!{EVENT_TRACE_PROPERTIES_V2_u3_s bitfield: ULONG [
- Wow set_Wow[0..1],
-]}
-UNION!{union EVENT_TRACE_PROPERTIES_V2_u3 {
- [u64; 1],
- s s_mut: EVENT_TRACE_PROPERTIES_V2_u3_s,
- V2Options V2Options_mut: ULONG64,
-}}
-STRUCT!{struct EVENT_TRACE_PROPERTIES_V2 {
- Wnode: WNODE_HEADER,
- BufferSize: ULONG,
- MinimumBuffers: ULONG,
- MaximumBuffers: ULONG,
- MaximumFileSize: ULONG,
- LogFileMode: ULONG,
- FlushTimer: ULONG,
- EnableFlags: ULONG,
- u1: EVENT_TRACE_PROPERTIES_u,
- NumberOfBuffers: ULONG,
- FreeBuffers: ULONG,
- EventsLost: ULONG,
- BuffersWritten: ULONG,
- LogBuffersLost: ULONG,
- RealTimeBuffersLost: ULONG,
- LoggerThreadId: HANDLE,
- LogFileNameOffset: ULONG,
- LoggerNameOffset: ULONG,
- u2: EVENT_TRACE_PROPERTIES_V2_u2,
- FilterDescCount: ULONG,
- FilterDesc: PEVENT_FILTER_DESCRIPTOR,
- u3: EVENT_TRACE_PROPERTIES_V2_u3,
-}}
-pub type PEVENT_TRACE_PROPERTIES_V2 = *mut EVENT_TRACE_PROPERTIES_V2;
-STRUCT!{struct TRACE_GUID_REGISTRATION {
- Guid: LPCGUID,
- RegHandle: HANDLE,
-}}
-pub type PTRACE_GUID_REGISTRATION = *mut TRACE_GUID_REGISTRATION;
-STRUCT!{struct TRACE_GUID_PROPERTIES {
- Guid: GUID,
- GuidType: ULONG,
- LoggerId: ULONG,
- EnableLevel: ULONG,
- EnableFlags: ULONG,
- IsEnable: BOOLEAN,
-}}
-pub type PTRACE_GUID_PROPERTIES = *mut TRACE_GUID_PROPERTIES;
-STRUCT!{struct ETW_BUFFER_CONTEXT_u_s {
- ProcessorNumber: UCHAR,
- Alignment: UCHAR,
-}}
-UNION!{union ETW_BUFFER_CONTEXT_u {
- [u16; 1],
- s s_mut: ETW_BUFFER_CONTEXT_u_s,
- ProcessorIndex ProcessorIndex_mut: USHORT,
-}}
-STRUCT!{struct ETW_BUFFER_CONTEXT {
- u: ETW_BUFFER_CONTEXT_u,
- LoggerId: USHORT,
-}}
-pub type PETW_BUFFER_CONTEXT = *mut ETW_BUFFER_CONTEXT;
-pub const TRACE_PROVIDER_FLAG_LEGACY: ULONG = 0x00000001;
-pub const TRACE_PROVIDER_FLAG_PRE_ENABLE: ULONG = 0x00000002;
-STRUCT!{struct TRACE_ENABLE_INFO {
- IsEnabled: ULONG,
- Level: UCHAR,
- Reserved1: UCHAR,
- LoggerId: USHORT,
- EnabledProperty: ULONG,
- Reserved2: ULONG,
- MatchAnyKeyword: ULONGLONG,
- MatchAllKeyword: ULONGLONG,
-}}
-pub type PTRACE_ENABLE_INFO = *mut TRACE_ENABLE_INFO;
-STRUCT!{struct TRACE_PROVIDER_INSTANCE_INFO {
- NameOffset: ULONG,
- EnableCount: ULONG,
- Pid: ULONG,
- Flags: ULONG,
-}}
-pub type PTRACE_PROVIDER_INSTANCE_INFO = *mut TRACE_PROVIDER_INSTANCE_INFO;
-STRUCT!{struct TRACE_GUID_INFO {
- InstanceCount: ULONG,
- Reserved: ULONG,
-}}
-pub type PTRACE_GUID_INFO = *mut TRACE_GUID_INFO;
-STRUCT!{struct PROFILE_SOURCE_INFO {
- NextEntryOffset: ULONG,
- Source: ULONG,
- MinInterval: ULONG,
- MaxInterval: ULONG,
- Reserved: ULONG64,
- Description: [WCHAR; ANYSIZE_ARRAY],
-}}
-pub type PPROFILE_SOURCE_INFO = *mut PROFILE_SOURCE_INFO;
-UNION!{union EVENT_TRACE_u {
- [u32; 1],
- ClientContext ClientContext_mut: ULONG,
- BufferContext BufferContext_mut: ETW_BUFFER_CONTEXT,
-}}
-STRUCT!{struct EVENT_TRACE {
- Header: EVENT_TRACE_HEADER,
- InstanceId: ULONG,
- ParentInstanceId: ULONG,
- ParentGuid: GUID,
- MofData: PVOID,
- MofLength: ULONG,
- u: EVENT_TRACE_u,
-}}
-pub type PEVENT_TRACE = *mut EVENT_TRACE;
-pub const EVENT_CONTROL_CODE_DISABLE_PROVIDER: ULONG = 0;
-pub const EVENT_CONTROL_CODE_ENABLE_PROVIDER: ULONG = 1;
-pub const EVENT_CONTROL_CODE_CAPTURE_STATE: ULONG = 2;
-FN!{stdcall PEVENT_TRACE_BUFFER_CALLBACKW(
- PEVENT_TRACE_LOGFILEW,
-) -> ULONG}
-FN!{stdcall PEVENT_TRACE_BUFFER_CALLBACKA(
- PEVENT_TRACE_LOGFILEA,
-) -> ULONG}
-FN!{stdcall PEVENT_CALLBACK(
- pEvent: PEVENT_TRACE,
-) -> ()}
-FN!{stdcall PEVENT_RECORD_CALLBACK(
- EventRecord: PEVENT_RECORD,
-) -> ()}
-FN!{stdcall WMIDPREQUEST(
- RequestCode: WMIDPREQUESTCODE,
- RequestContext: PVOID,
- BufferSize: *mut ULONG,
- Buffer: PVOID,
-) -> ULONG}
-UNION!{union EVENT_TRACE_LOGFILE_u1 {
- [u32; 1],
- LogFileMode LogFileMode_mut: ULONG,
- ProcessTraceMode ProcessTraceMode_mut: ULONG,
-}}
-UNION!{union EVENT_TRACE_LOGFILE_u2 {
- [u32; 1] [u64; 1],
- EventCallback EventCallback_mut: PEVENT_CALLBACK,
- EventRecordCallback EventRecordCallback_mut: PEVENT_RECORD_CALLBACK,
-}}
-STRUCT!{struct EVENT_TRACE_LOGFILEW {
- LogFileName: LPWSTR,
- LoggerName: LPWSTR,
- CurrentTime: LONGLONG,
- BuffersRead: ULONG,
- u1: EVENT_TRACE_LOGFILE_u1,
- CurrentEvent: EVENT_TRACE,
- LogfileHeader: TRACE_LOGFILE_HEADER,
- BufferCallback: PEVENT_TRACE_BUFFER_CALLBACKW,
- BufferSize: ULONG,
- Filled: ULONG,
- EventsLost: ULONG,
- u2: EVENT_TRACE_LOGFILE_u2,
- IsKernelTrace: ULONG,
- Context: PVOID,
-}}
-pub type PEVENT_TRACE_LOGFILEW = *mut EVENT_TRACE_LOGFILEW;
-STRUCT!{struct EVENT_TRACE_LOGFILEA {
- LogFileName: LPSTR,
- LoggerName: LPSTR,
- CurrentTime: LONGLONG,
- BuffersRead: ULONG,
- u1: EVENT_TRACE_LOGFILE_u1,
- CurrentEvent: EVENT_TRACE,
- LogfileHeader: TRACE_LOGFILE_HEADER,
- BufferCallback: PEVENT_TRACE_BUFFER_CALLBACKA,
- BufferSize: ULONG,
- Filled: ULONG,
- EventsLost: ULONG,
- u2: EVENT_TRACE_LOGFILE_u2,
- IsKernelTrace: ULONG,
- Context: PVOID,
-}}
-pub type PEVENT_TRACE_LOGFILEA = *mut EVENT_TRACE_LOGFILEA;
-extern "system" {
- pub fn StartTraceW(
- SessionHandle: PTRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn StartTraceA(
- SessionHandle: PTRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn StopTraceW(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn StopTraceA(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn QueryTraceW(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn QueryTraceA(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn UpdateTraceW(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn UpdateTraceA(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn FlushTraceW(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn FlushTraceA(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ) -> ULONG;
- pub fn ControlTraceW(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCWSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ControlCode: ULONG,
- ) -> ULONG;
- pub fn ControlTraceA(
- SessionHandle: TRACEHANDLE,
- SessionName: LPCSTR,
- Properties: PEVENT_TRACE_PROPERTIES,
- ControlCode: ULONG,
- ) -> ULONG;
- pub fn QueryAllTracesW(
- PropertyArray: *mut PEVENT_TRACE_PROPERTIES,
- PropertyArrayCount: ULONG,
- SessionCount: PULONG,
- ) -> ULONG;
- pub fn QueryAllTracesA(
- PropertyArray: *mut PEVENT_TRACE_PROPERTIES,
- PropertyArrayCount: ULONG,
- SessionCount: PULONG,
- ) -> ULONG;
- pub fn EnableTrace(
- Enable: ULONG,
- EnableFlag: ULONG,
- EnableLevel: ULONG,
- ControlGuid: LPCGUID,
- SessionHandle: TRACEHANDLE,
- ) -> ULONG;
- pub fn EnableTraceEx(
- ProviderId: LPCGUID,
- SourceId: LPCGUID,
- TraceHandle: TRACEHANDLE,
- IsEnabled: ULONG,
- Level: UCHAR,
- MatchAnyKeyword: ULONGLONG,
- MatchAllKeyword: ULONGLONG,
- EnableProperty: ULONG,
- EnableFilterDesc: PEVENT_FILTER_DESCRIPTOR,
- ) -> ULONG;
-}
-pub const ENABLE_TRACE_PARAMETERS_VERSION: ULONG = 1;
-pub const ENABLE_TRACE_PARAMETERS_VERSION_2: ULONG = 2;
-STRUCT!{struct ENABLE_TRACE_PARAMETERS_V1 {
- Version: ULONG,
- EnableProperty: ULONG,
- ControlFlags: ULONG,
- SourceId: GUID,
- EnableFilterDesc: PEVENT_FILTER_DESCRIPTOR,
-}}
-pub type PENABLE_TRACE_PARAMETERS_V1 = *mut ENABLE_TRACE_PARAMETERS_V1;
-STRUCT!{struct ENABLE_TRACE_PARAMETERS {
- Version: ULONG,
- EnableProperty: ULONG,
- ControlFlags: ULONG,
- SourceId: GUID,
- EnableFilterDesc: PEVENT_FILTER_DESCRIPTOR,
- FilterDescCount: ULONG,
-}}
-pub type PENABLE_TRACE_PARAMETERS = *mut ENABLE_TRACE_PARAMETERS;
-extern "system" {
- pub fn EnableTraceEx2(
- TraceHandle: TRACEHANDLE,
- ProviderId: LPCGUID,
- ControlCode: ULONG,
- Level: UCHAR,
- MatchAnyKeyword: ULONGLONG,
- MatchAllKeyword: ULONGLONG,
- Timeout: ULONG,
- EnableParameters: PENABLE_TRACE_PARAMETERS,
- ) -> ULONG;
-}
-ENUM!{enum TRACE_QUERY_INFO_CLASS {
- TraceGuidQueryList,
- TraceGuidQueryInfo,
- TraceGuidQueryProcess,
- TraceStackTracingInfo,
- TraceSystemTraceEnableFlagsInfo,
- TraceSampledProfileIntervalInfo,
- TraceProfileSourceConfigInfo,
- TraceProfileSourceListInfo,
- TracePmcEventListInfo,
- TracePmcCounterListInfo,
- TraceSetDisallowList,
- TraceVersionInfo,
- TraceGroupQueryList,
- TraceGroupQueryInfo,
- TraceDisallowListQuery,
- TraceCompressionInfo,
- TracePeriodicCaptureStateListInfo,
- TracePeriodicCaptureStateInfo,
- TraceProviderBinaryTracking,
- TraceMaxLoggersQuery,
- MaxTraceSetInfoClass,
-}}
-pub type TRACE_INFO_CLASS = TRACE_QUERY_INFO_CLASS;
-extern "system" {
- pub fn EnumerateTraceGuidsEx(
- TraceQueryInfoClass: TRACE_QUERY_INFO_CLASS,
- InBuffer: PVOID,
- InBufferSize: ULONG,
- OutBuffer: PVOID,
- OutBufferSize: ULONG,
- ReturnLength: PULONG,
- ) -> ULONG;
-}
-STRUCT!{struct CLASSIC_EVENT_ID {
- EventGuid: GUID,
- Type: UCHAR,
- Reserved: [UCHAR; 7],
-}}
-pub type PCLASSIC_EVENT_ID = *mut CLASSIC_EVENT_ID;
-STRUCT!{struct TRACE_PROFILE_INTERVAL {
- Source: ULONG,
- Interval: ULONG,
-}}
-pub type PTRACE_PROFILE_INTERVAL = *mut TRACE_PROFILE_INTERVAL;
-STRUCT!{struct TRACE_VERSION_INFO {
- EtwTraceProcessingVersion: UINT,
- Reserved: UINT,
-}}
-pub type PTRACE_VERSION_INFO = *mut TRACE_VERSION_INFO;
-STRUCT!{struct TRACE_PERIODIC_CAPTURE_STATE_INFO {
- CaptureStateFrequencyInSeconds: ULONG,
- ProviderCount: USHORT,
- Reserved: USHORT,
-}}
-pub type PTRACE_PERIODIC_CAPTURE_STATE_INFO = *mut TRACE_PERIODIC_CAPTURE_STATE_INFO;
-extern "system" {
- pub fn TraceSetInformation(
- SessionHandle: TRACEHANDLE,
- InformationClass: TRACE_INFO_CLASS,
- TraceInformation: PVOID,
- InformationLength: ULONG,
- ) -> ULONG;
- pub fn TraceQueryInformation(
- SessionHandle: TRACEHANDLE,
- InformationClass: TRACE_QUERY_INFO_CLASS,
- TraceInformation: PVOID,
- InformationLength: ULONG,
- ReturnLength: PULONG,
- ) -> ULONG;
- pub fn CreateTraceInstanceId(
- RegHandle: HANDLE,
- pInstInfo: PEVENT_INSTANCE_INFO,
- ) -> ULONG;
- pub fn TraceEvent(
- SessionHandle: TRACEHANDLE,
- EventTrace: PEVENT_TRACE_HEADER,
- ) -> ULONG;
- pub fn TraceEventInstance(
- SessionHandle: TRACEHANDLE,
- EventTrace: PEVENT_TRACE_HEADER,
- pInstInfo: PEVENT_INSTANCE_INFO,
- pParentInstInfo: PEVENT_INSTANCE_INFO,
- ) -> ULONG;
- pub fn RegisterTraceGuidsW(
- RequestAddress: WMIDPREQUEST,
- RequestContext: PVOID,
- ControlGuid: LPCGUID,
- GuidCount: ULONG,
- TraceGuidReg: PTRACE_GUID_REGISTRATION,
- MofImagePath: LPCWSTR,
- MofResourceName: LPCWSTR,
- RegistrationHandle: PTRACEHANDLE,
- ) -> ULONG;
- pub fn RegisterTraceGuidsA(
- RequestAddress: WMIDPREQUEST,
- RequestContext: PVOID,
- ControlGuid: LPCGUID,
- GuidCount: ULONG,
- TraceGuidReg: PTRACE_GUID_REGISTRATION,
- MofImagePath: LPCSTR,
- MofResourceName: LPCSTR,
- RegistrationHandle: PTRACEHANDLE,
- ) -> ULONG;
- pub fn EnumerateTraceGuids(
- GuidPropertiesArray: *mut PTRACE_GUID_PROPERTIES,
- PropertyArrayCount: ULONG,
- GuidCount: PULONG,
- ) -> ULONG;
- pub fn UnregisterTraceGuids(
- RegistrationHandle: TRACEHANDLE,
- ) -> ULONG;
- pub fn GetTraceLoggerHandle(
- Buffer: PVOID,
- ) -> TRACEHANDLE;
- pub fn GetTraceEnableLevel(
- SessionHandle: TRACEHANDLE,
- ) -> UCHAR;
- pub fn GetTraceEnableFlags(
- SessionHandle: TRACEHANDLE,
- ) -> ULONG;
- pub fn OpenTraceW(
- Logfile: PEVENT_TRACE_LOGFILEW,
- ) -> TRACEHANDLE;
- pub fn ProcessTrace(
- HandleArray: PTRACEHANDLE,
- HandleCount: ULONG,
- StartTime: LPFILETIME,
- EndTime: LPFILETIME,
- ) -> ULONG;
- pub fn CloseTrace(
- TraceHandle: TRACEHANDLE,
- ) -> ULONG;
-}
-ENUM!{enum ETW_PROCESS_HANDLE_INFO_TYPE {
- EtwQueryPartitionInformation = 1,
- EtwQueryProcessHandleInfoMax,
-}}
-STRUCT!{struct ETW_TRACE_PARTITION_INFORMATION {
- PartitionId: GUID,
- ParentId: GUID,
- Reserved: ULONG64,
- PartitionType: ULONG,
-}}
-pub type PETW_TRACE_PARTITION_INFORMATION = *mut ETW_TRACE_PARTITION_INFORMATION;
-extern "system" {
- pub fn QueryTraceProcessingHandle(
- ProcessingHandle: TRACEHANDLE,
- InformationClass: ETW_PROCESS_HANDLE_INFO_TYPE,
- InBuffer: PVOID,
- InBufferSize: ULONG,
- OutBuffer: PVOID,
- OutBufferSize: ULONG,
- ReturnLength: PULONG,
- ) -> ULONG;
- pub fn OpenTraceA(
- Logfile: PEVENT_TRACE_LOGFILEA,
- ) -> TRACEHANDLE;
- pub fn SetTraceCallback(
- pGuid: LPCGUID,
- EventCallback: PEVENT_CALLBACK,
- ) -> ULONG;
- pub fn RemoveTraceCallback(
- pGuid: LPCGUID,
- ) -> ULONG;
-}
-extern "C" {
- pub fn TraceMessage(
- SessionHandle: TRACEHANDLE,
- MessageFlags: ULONG,
- MessageGuid: LPGUID,
- MessageNumber: USHORT,
- ...
- ) -> ULONG;
- pub fn TraceMessageVa(
- SessionHandle: TRACEHANDLE,
- MessageFlags: ULONG,
- MessageGuid: LPGUID,
- MessageNumber: USHORT,
- MessageArgList: va_list,
- );
-}
-pub const INVALID_PROCESSTRACE_HANDLE: TRACEHANDLE = INVALID_HANDLE_VALUE as TRACEHANDLE;
Copyright © 2024 Valentin A. Popov. All Rights Reverse Engineered.