public void SelectAPIEvent(Logging.TIMELINE_EVENT evt)
{
SelectedAPIEvent = null;
SelectedEntity = null;
_selectedNode = null;
if (_rootTrace == null)
{
return;
}
switch (evt.TimelineEventType)
{
case Logging.eTimelineEvent.ProcessStart:
case Logging.eTimelineEvent.ProcessEnd:
TraceRecord?trace = _rootTrace.GetTraceByID(evt.ID);
if (trace == null)
{
return;
}
foreach (var node in sbgraph.Vertices)
{
if (node.reference == trace)
{
_selectedNode = node;
}
}
break;
case Logging.eTimelineEvent.ThreadStart:
case Logging.eTimelineEvent.ThreadEnd:
ProtoGraph?graph = _rootTrace.GetProtoGraphByTID(evt.ID);
if (graph == null)
{
return;
}
foreach (var node in sbgraph.Vertices)
{
if (node.reference == graph)
{
_selectedNode = node;
}
}
break;
case Logging.eTimelineEvent.APICall:
{
SelectedAPIEvent = evt;
if (_timelineEventEntities.TryGetValue(evt, out ItemNode? newSelectedEntity))
{
SelectedEntity = newSelectedEntity;
_selectedNode = newSelectedEntity;
}
}
break;
}
}
public ItemNode?GetInteractedEntity(Logging.TIMELINE_EVENT evt)
{
lock (_lock)
{
if (_timelineEventEntities.TryGetValue(evt, out ItemNode? evtNode) && evtNode is not null)
{
return(evtNode);
}
}
return(null);
}
/// <summary>
/// Draw a chart node
/// </summary>
/// <param name="node">The node</param>
/// <param name="position">Where on the chart to draw it</param>
/// <param name="font">The font to use for text</param>
/// <returns>If the node was clicked</returns>
private bool DrawNode(ItemNode node, Vector2 position, ImFontPtr font)
{
Vector2 cursor = ImGui.GetCursorScreenPos();
if (!InFrame(position - cursor))
{
return(false);
}
var DrawList = ImGui.GetWindowDrawList();
bool isSelected = node == _selectedNode;
switch (node.TLtype)
{
case Logging.eTimelineEvent.ProcessStart:
case Logging.eTimelineEvent.ProcessEnd:
{
TraceRecord trace = (TraceRecord)node.reference;
switch (trace.TraceState)
{
case TraceRecord.ProcessState.eTerminated:
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff0000ff, $"{ImGuiController.FA_ICON_COGS}");
DrawList.AddText(position + new Vector2(20, -14), 0xff000000, $"Process {trace.PID} (Exited)");
break;
case TraceRecord.ProcessState.eRunning:
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff00ff00, $"{ImGuiController.FA_ICON_COGS}");
DrawList.AddText(position + new Vector2(20, -14), 0xff000000, $"Process {trace.PID} (Running)");
break;
case TraceRecord.ProcessState.eSuspended:
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff00ffff, $"{ImGuiController.FA_ICON_COGS}");
DrawList.AddText(position + new Vector2(20, -14), 0xff000000, $"Process {trace.PID} (Suspended)");
break;
default:
Debug.Assert(false, "Bad trace state");
break;
}
}
break;
case Logging.eTimelineEvent.ThreadStart:
case Logging.eTimelineEvent.ThreadEnd:
{
ProtoGraph graph = (ProtoGraph)node.reference;
if (graph.Terminated)
{
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff0000ff, $"{ImGuiController.FA_ICON_COG}");
DrawList.AddText(position + new Vector2(20, -14), 0xff000000, $"Thread {graph.ThreadID} (Exited)");
}
else
{
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff00ff00, $"{ImGuiController.FA_ICON_COG}");
DrawList.AddText(position + new Vector2(20, -14), 0xff000000, $"Thread {graph.ThreadID} (Active)");
}
}
break;
case Logging.eTimelineEvent.APICall:
Logging.TIMELINE_EVENT apiEvent = (Logging.TIMELINE_EVENT)node.reference;
Logging.APICALL apicall = (Logging.APICALL)apiEvent.Item;
if (!apicall.APIDetails.HasValue)
{
return(false);
}
APIDetailsWin.API_ENTRY details = apicall.APIDetails.Value;
DrawList.AddCircleFilled(position, 18, isSelected ? 0xffDDDDDD : 0xFFFFFFFF);
switch (details.FilterType)
{
case "File":
DrawList.AddText(font, 20, position - new Vector2(10f, 10f), 0xff000000, $"{ImGuiController.FA_ICON_FILECODE}");
DrawList.AddText(position + new Vector2(20, -15), 0xff000000, "File Interaction");
DrawList.AddText(position + new Vector2(20, 5), 0xff000000, node.label);
break;
case "Registry":
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff000000, $"{ImGuiController.FA_ICON_SQUAREGRID}");
DrawList.AddText(position + new Vector2(20, -15), 0xff000000, "Registry Interaction");
DrawList.AddText(position + new Vector2(20, 5), 0xff000000, node.label);
break;
case "Process":
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff000000, $"{ImGuiController.FA_ICON_COGS}");
DrawList.AddText(position + new Vector2(20, -15), 0xff000000, "Process Interaction");
DrawList.AddText(position + new Vector2(20, 5), 0xff000000, node.label);
break;
case "Network":
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff000000, $"{ImGuiController.FA_ICON_NETWORK}");
DrawList.AddText(position + new Vector2(20, -15), 0xff000000, "Network Interaction");
DrawList.AddText(position + new Vector2(20, 5), 0xff000000, node.label);
break;
default:
DrawList.AddText(font, 25, position - new Vector2(12.5f, 12.5f), 0xff000000, $"{ImGuiController.FA_ICON_UP}");
DrawList.AddText(position + new Vector2(20, -15), 0xff000000, details.FilterType);
DrawList.AddText(position + new Vector2(20, 5), 0xff000000, node.label);
break;
}
break;
default:
DrawList.AddCircleFilled(position, nodeSize, 0xff000000);
break;
}
if (node == _selectedNode)
{
DrawList.AddCircle(position, 18, 0xff222222);
}
ImGui.SetCursorScreenPos(position - new Vector2(12, 12));
ImGui.InvisibleButton($"##{position.X}-{position.Y}", new Vector2(25, 25));
bool clicked = false;
if (ImGui.IsItemClicked())
{
clicked = true;
_selectedNode = node;
if (_selectedNode.TLtype == Logging.eTimelineEvent.APICall)
{
SelectedEntity = node;
SelectedAPIEvent = (Logging.TIMELINE_EVENT)node.reference;
}
else
{
SelectedEntity = null;
SelectedAPIEvent = null;
}
}
//Vector2 labelSize = ImGui.CalcTextSize(node.label);
//DrawList.AddRectFilled(position, position + labelSize, 0xddffffff);
ImGui.SetCursorScreenPos(cursor);
return(clicked);
}
