event-trace-kit
event-trace-kit copied to clipboard
gix
Allow optional inclusion of provider name in provider traits for Windows version 1703 and earlier
Background
Using CreateMergedTraceFile (for example via xperf -merge) injects event metadata into the merged trace as long as the event provider includes the compiled binary manifest as a resource in its executable and enables the EventProviderBinaryTrackInfo flag (see EventSetInformation). This is done using the TDH API (such as TdhLoadManifestFromBinary and TdhGetEventInformation) and injects special events containing TRACE_EVENT_INFO structures (which include provider/event/level/task/opcode/keyword names).
Since Windows 10 1709 the TDH understands a new section in the compiled binary manifest called provider attributes, which can include the provider name. The provider name can also be included in the provider traits sent with every logged event. For efficiency reasons, provider traits should be kept as small as possible. So if the provider name is already included in the provider attributes, it should be omitted from the traits.
Currently compiling a manifest has the option of either including or not including the provider name. This should be changed to a runtime decision which includes the provider name only when running on older Windows versions.
Suggestion
When the provider name option in the manifest is enabled, generate two provider traits, one with and one without the name and pick the correct one when registering the provider.
