public void CanReuseFileProcessorForNewFiles()
{
CheckElevated();
DateTime beforeStartTimestamp = DateTime.Now;
string firstFile = this.WriteTestFile("testMultipleFiles1.etl");
DateTime afterFirstFileTimestamp = DateTime.Now;
var reader = new ETWFileProcessor(firstFile);
reader.EventProcessed += this.ValidateEventArgs;
reader.Process();
Assert.AreEqual(4, this.eventsRead);
Assert.IsTrue(beforeStartTimestamp <= reader.StartTime);
Assert.IsTrue(afterFirstFileTimestamp >= reader.EndTime);
this.eventsRead = 0;
string secondFile = this.WriteTestFile("testMultipleFiles2.etl");
DateTime afterSecondFileTimestamp = DateTime.Now;
reader.SetFile(secondFile);
File.Delete(firstFile);
reader.Process();
Assert.AreEqual(4, this.eventsRead);
Assert.IsTrue(afterFirstFileTimestamp <= reader.StartTime);
Assert.IsTrue(afterSecondFileTimestamp >= reader.EndTime);
}
public void FileReaderProcessWithNoFilesThrowsOperationCanceledException()
{
var p = new ETWFileProcessor();
try
{
p.Process();
Assert.Fail();
}
catch (OperationCanceledException) { }
}
public void CanSerializeAndDeserializeEventsProcessedInFiles()
{
CheckElevated();
string fullFilename = this.WriteTestFile("testSerialize.etl");
var reader = new ETWFileProcessor(fullFilename);
reader.EventProcessed += this.ValidateEventArgs;
reader.EventProcessed +=
ev =>
{
var xmlSerializer = ETWEvent.GetXmlSerializer();
var jsonSerializer = ETWEvent.GetJsonSerializer();
var json = ev.ToJsonString();
var xml = ev.ToXmlString();
var jsonEv = jsonSerializer.ReadObject(new MemoryStream(Encoding.UTF8.GetBytes(json))) as ETWEvent;
// Note that we lose some precision in serialization... just check down to ms granularity by
// stripping the additional bits off.
var msResolutionTimestamp =
new DateTime(ev.Timestamp.Ticks - (ev.Timestamp.Ticks % TimeSpan.TicksPerMillisecond),
ev.Timestamp.Kind);
Assert.AreEqual(msResolutionTimestamp, jsonEv.Timestamp);
Assert.AreEqual(ev.ProviderID, jsonEv.ProviderID);
Assert.AreEqual(ev.ProviderName, jsonEv.ProviderName);
Assert.AreEqual(ev.ActivityID, jsonEv.ActivityID);
Assert.AreEqual(ev.ID, jsonEv.ID);
Assert.AreEqual(ev.EventName, jsonEv.EventName);
Assert.AreEqual(ev.Version, jsonEv.Version);
Assert.AreEqual(ev.Level, jsonEv.Level);
Assert.AreEqual(ev.OpCode, jsonEv.OpCode);
Assert.AreEqual(ev.Keywords, jsonEv.Keywords);
Assert.AreEqual(ev.ThreadID, jsonEv.ThreadID);
Assert.AreEqual(ev.ProcessID, jsonEv.ProcessID);
Assert.AreEqual(ev.Parameters.Count, jsonEv.Parameters.Count);
this.ValidateEventArgs(ev);
// When testing XML deserialize just check a couple fields to ensure data was copied correctly,
// if JSON serialization/deserialization worked we expect no hiccups here.
var xmlEv = xmlSerializer.ReadObject(new MemoryStream(Encoding.UTF8.GetBytes(xml))) as ETWEvent;
Assert.AreEqual(ev.ProviderID, xmlEv.ProviderID);
Assert.AreEqual(ev.ThreadID, xmlEv.ThreadID);
this.ValidateEventArgs(ev);
};
reader.Process();
Assert.AreEqual(12, this.eventsRead); // we validate three times per event.
}
private static void SetupFileProcessor()
{
string[] files = ProcessFilenames(options.Arguments);
if (files.Length < 1)
{
ShowErrorAndExit("No files specified to process.");
}
else if (files.Length > 1)
{
prefixWithFilename = true;
}
var fileProcessor = new ETWFileProcessor(files);
fileProcessor.BuffersLost += HandleBuffersLost;
processor = fileProcessor;
}
public void CanReadEventsWrittenToFile()
{
DateTime beforeStartTimestamp = DateTime.Now;
string fullFilename = WriteTestFile("testReader.etl");
DateTime afterEndTimestamp = DateTime.Now;
var reader = new ETWFileProcessor(fullFilename);
reader.EventProcessed += ValidateEventArgs;
reader.Process();
Assert.AreEqual(4, reader.Count);
reader.ProcessEventTypes = EventTypes.All;
reader.Process();
Assert.AreEqual(5, reader.Count); // We also get the kernel event at the head of the file
Assert.IsTrue(beforeStartTimestamp <= reader.StartTime);
Assert.IsTrue(afterEndTimestamp >= reader.EndTime);
}
public void ChangingETLFilenameCausesManifestToBeEmittedInNewFile()
{
const string prefix = "rotateFile";
var files = new[] { prefix + "1.etl", prefix + "2.etl", prefix + "3.etl" };
var resultFiles = new List <string>();
LogManager.Start();
LogManager.SetConfiguration(null);
LogManager.AllowEtwLogging = AllowEtwLoggingValues.Enabled;
string sessionName = null;
ETLFileLogger logger = null;
foreach (var logFilename in files)
{
string fullFilename = Path.Combine(LogManager.DefaultDirectory, logFilename);
try
{
File.Delete(fullFilename);
}
catch (DirectoryNotFoundException) { }
if (sessionName == null)
{
sessionName = Path.GetFileNameWithoutExtension(logFilename);
}
if (logger == null)
{
logger = LogManager.CreateETWLogger(sessionName, ".") as ETLFileLogger;
logger.SubscribeToEvents(TestLogger.Write.Guid, EventLevel.Verbose);
while (TraceEventSession.GetActiveSession(ETLFileLogger.SessionPrefix + sessionName) == null)
{
// Ensure session starts...
Thread.Sleep(100);
}
// Even after the session is listed it seemingly isn't "ready", periodic test failures seem to occur without
// an enforced pause here.
Thread.Sleep(100);
}
else
{
logger.Filename = fullFilename;
}
WriteTestEvents();
Assert.IsTrue(File.Exists(fullFilename));
resultFiles.Add(fullFilename);
}
LogManager.DestroyLogger(logger);
LogManager.Shutdown();
foreach (var fullFilename in resultFiles)
{
// It is critical to ensure we create a new reader for each file so that any history across files is
// not preserved
using (var reader = new ETWFileProcessor(fullFilename))
{
reader.EventProcessed += ValidateEventArgs;
reader.Process();
Assert.AreEqual(4, reader.Count);
}
}
}
