// pack the argv data and emit the event using TraceEvent
internal unsafe override uint EventWrite(EventTrace.Event eventID, EventTrace.Keyword keywords, EventTrace.Level level, int argc, EventData *argv)
{
ClassicEtw.EVENT_HEADER header;
header.Header.ClientContext = 0;
header.Header.Flags = ClassicEtw.WNODE_FLAG_TRACED_GUID | ClassicEtw.WNODE_FLAG_USE_MOF_PTR;
header.Header.Guid = EventTrace.GetGuidForEvent(eventID);
header.Header.Level = (byte)level;
header.Header.Type = (byte)EventTrace.GetOpcodeForEvent(eventID);
header.Header.Version = (ushort)EventTrace.GetVersionForEvent(eventID);
// Extra copy on XP to move argv to the end of the EVENT_HEADER
EventData *eventData = &header.Data;
if (argc > ClassicEtw.MAX_MOF_FIELDS)
{
// Data will be lost on XP
argc = ClassicEtw.MAX_MOF_FIELDS;
}
header.Header.Size = (ushort)(argc * sizeof(EventData) + 48);
for (int x = 0; x < argc; x++)
{
eventData[x].Ptr = argv[x].Ptr;
eventData[x].Size = argv[x].Size;
}
return(ClassicEtw.TraceEvent(_traceHandle, &header));
}
private unsafe uint ClassicShimUnregister()
{
uint num = ClassicEtw.UnregisterTraceGuids(this.m_regHandle);
this.m_regHandle = 0L;
this.m_classicControlCallback = null;
this.m_classicSessionHandle = 0L;
if (this.m_classicEventHeader != null)
{
Marshal.FreeHGlobal((IntPtr)this.m_classicEventHeader);
this.m_classicEventHeader = null;
}
return(num);
}
private unsafe uint ClassicShimRegister(Guid providerId, ManifestEtw.EtwEnableCallback enableCallback)
{
ClassicEtw.TRACE_GUID_REGISTRATION trace_guid_registration;
if (this.m_regHandle != 0L)
{
throw new Exception();
}
this.m_classicEventHeader = (ClassicEtw.EVENT_HEADER *)Marshal.AllocHGlobal(sizeof(ClassicEtw.EVENT_HEADER));
ZeroMemory((IntPtr)this.m_classicEventHeader, sizeof(ClassicEtw.EVENT_HEADER));
trace_guid_registration.RegHandle = null;
trace_guid_registration.Guid = &providerId;
this.m_classicControlCallback = new ClassicEtw.ControlCallback(this.ClassicControlCallback);
return(ClassicEtw.RegisterTraceGuidsW(this.m_classicControlCallback, null, ref providerId, 1, &trace_guid_registration, null, null, out this.m_regHandle));
}
private unsafe uint ClassicControlCallback(ClassicEtw.WMIDPREQUESTCODE requestCode, IntPtr requestContext, IntPtr reserved, ClassicEtw.WNODE_HEADER* data)
{
int traceEnableFlags = ClassicEtw.GetTraceEnableFlags(data.HistoricalContext);
byte traceEnableLevel = ClassicEtw.GetTraceEnableLevel(data.HistoricalContext);
int isEnabled = 0;
if (requestCode == ClassicEtw.WMIDPREQUESTCODE.EnableEvents)
{
this.m_classicSessionHandle = ClassicEtw.GetTraceLoggerHandle(data);
isEnabled = 1;
}
else if (requestCode == ClassicEtw.WMIDPREQUESTCODE.DisableEvents)
{
this.m_classicSessionHandle = 0L;
isEnabled = 0;
}
this.m_etwCallback(ref this.m_providerId, isEnabled, traceEnableLevel, (long) traceEnableFlags, 0L, null, null);
return 0;
}
private unsafe uint ClassicControlCallback(ClassicEtw.WMIDPREQUESTCODE requestCode, IntPtr requestContext, IntPtr reserved, ClassicEtw.WNODE_HEADER *data)
{
int traceEnableFlags = ClassicEtw.GetTraceEnableFlags(data.HistoricalContext);
byte traceEnableLevel = ClassicEtw.GetTraceEnableLevel(data.HistoricalContext);
int isEnabled = 0;
if (requestCode == ClassicEtw.WMIDPREQUESTCODE.EnableEvents)
{
this.m_classicSessionHandle = ClassicEtw.GetTraceLoggerHandle(data);
isEnabled = 1;
}
else if (requestCode == ClassicEtw.WMIDPREQUESTCODE.DisableEvents)
{
this.m_classicSessionHandle = 0L;
isEnabled = 0;
}
this.m_etwCallback(ref this.m_providerId, isEnabled, traceEnableLevel, (long)traceEnableFlags, 0L, null, null);
return(0);
}
//
// Registers the providerGuid with an inbuilt callback
//
internal override unsafe void Register(Guid providerGuid)
{
ulong registrationHandle;
ClassicEtw.TRACE_GUID_REGISTRATION guidReg;
Guid dummyGuid = new Guid(0xb4955bf0,
0x3af1,
0x4740,
0xb4, 0x75,
0x99, 0x05, 0x5d, 0x3f, 0xe9, 0xaa);
_etwProc = new ClassicEtw.ControlCallback(EtwEnableCallback);
// This dummyGuid is there for ETW backward compat issues and is the same for all downlevel trace providers
guidReg.Guid = &dummyGuid;
guidReg.RegHandle = null;
ClassicEtw.RegisterTraceGuidsW(_etwProc, IntPtr.Zero, ref providerGuid, 1, ref guidReg, null, null, out registrationHandle);
_registrationHandle.Value = registrationHandle;
}
//
// This callback function is called by ETW to enable or disable this provider
//
private unsafe uint EtwEnableCallback(ClassicEtw.WMIDPREQUESTCODE requestCode, IntPtr context, IntPtr bufferSize, ClassicEtw.WNODE_HEADER *buffer)
{
try
{
switch (requestCode)
{
case ClassicEtw.WMIDPREQUESTCODE.EnableEvents:
_traceHandle = buffer->HistoricalContext;
_keywords = (EventTrace.Keyword)ClassicEtw.GetTraceEnableFlags((ulong)buffer->HistoricalContext);
_level = (EventTrace.Level)ClassicEtw.GetTraceEnableLevel((ulong)buffer->HistoricalContext);
_enabled = true;
break;
case ClassicEtw.WMIDPREQUESTCODE.DisableEvents:
_enabled = false;
_traceHandle = 0;
_level = EventTrace.Level.LogAlways;
_keywords = 0;
break;
default:
_enabled = false;
_traceHandle = 0;
break;
}
return(0);
}
catch (Exception e)
{
if (CriticalExceptions.IsCriticalException(e))
{
throw;
}
else
{
return(0);
}
}
}
private unsafe uint ClassicShimEventWrite(ref EventDescriptorInternal eventDescriptor, uint userDataCount, EventData *userData)
{
this.m_classicEventHeader.Header.ClientContext = 0;
this.m_classicEventHeader.Header.Flags = 0x120000;
this.m_classicEventHeader.Header.Guid = GenTaskGuidFromProviderGuid(this.m_providerId, (ushort)eventDescriptor.Task);
this.m_classicEventHeader.Header.Level = eventDescriptor.Level;
this.m_classicEventHeader.Header.Type = eventDescriptor.Opcode;
this.m_classicEventHeader.Header.Version = eventDescriptor.Version;
EventData *dataPtr = &this.m_classicEventHeader.Data;
if (userDataCount > 0x10)
{
throw new Exception();
}
this.m_classicEventHeader.Header.Size = (ushort)(((ulong)0x30L) + (userDataCount * sizeof(EventData)));
for (int i = 0; i < userDataCount; i++)
{
dataPtr[i].Ptr = userData[i].Ptr;
dataPtr[i].Size = userData[i].Size;
}
return(ClassicEtw.TraceEvent(this.m_classicSessionHandle, this.m_classicEventHeader));
}
private uint ClassicControlCallback(ClassicEtw.WMIDPREQUESTCODE requestCode, IntPtr requestContext, IntPtr reserved, ClassicEtw.WNODE_HEADER* data)
{
int flags = ClassicEtw.GetTraceEnableFlags(data->HistoricalContext);
byte level = ClassicEtw.GetTraceEnableLevel(data->HistoricalContext);
int enabled = 0;
if (requestCode == ClassicEtw.WMIDPREQUESTCODE.EnableEvents)
{
m_classicSessionHandle = ClassicEtw.GetTraceLoggerHandle(data);
enabled = 1;
}
else if (requestCode == ClassicEtw.WMIDPREQUESTCODE.DisableEvents)
{
m_classicSessionHandle = 0;
enabled = 0;
}
m_etwCallback(ref m_providerId, enabled, level, flags, 0, null, null);
return 0;
}
