By ETW I mean "Event Tracing for Windows". According to my experimenting one virtue is that while by-design it occasionally fails to record events in Very-Busy conditions it otherwise Just Works, as you might expect from a Kernel feature. ETW is the only game in town if you want per-processor-buffering to avoid cache-vs-multi-thread-log...
This question is related to my another question. With trace enabled I can get the following(not quite verbose) trace of a page request: [2488] aspx.page: Begin PreInit [2488] aspx.page: End PreInit [2488] aspx.page: Begin Init [2488] aspx.page: End Init [2488] aspx.page: Begin InitComplete [2488] aspx.page: End InitComplet...
With the ASP.NET Events ETW (Event Tracing for Windows) provider, can I write custom messages to the trace from an ASP.NET page? ...
I have a written an ETW provider which is used by my system to log opaque blobs of binary data using the TraceEvent API function. My system is essentially a high throughput event processing system and I want to be able to (cheaply) capture the serialised state of certain objects as they pass through the system. This will give me a replay...
I'm researching Event Tracing for Windows (ETW) to allow a user-mode windows client to write out tracing information. The existing documentation is, to put it lightly, insanely incomplete. What would really help is a simple C++ example that writes out tracing messages using ETW. Does such an example exist? Is there other ETW documentatio...
Hi everyone, We have an application that parts of it are in .net, c++ usermode and C++ drivers. The application is divided into several executables that run on demand and communication with each other using LPC(the processes run in different sessions(winlogon)). Currently We have a home written logging service to which .net and c++ use...
An answer to this question has led me to look into using "Event Tracing for Windows" for our tracing needs. I have come across NTrace, which seems to be a good way to produce ETW events from C# code (using the XP-compatible "classic provider" model). However, I am unable to find an easy way to consume these events - to see them in real-...
We are observing 4-6 threads on Windows 7 x64 in the application which have 3 threads and behaves normally on any Windows (either 32 or 64 bit) prior Windows 7. Process Explorer shows the following "unknown" thread: ntdll.dll!EtwDeliverDataBlock+offset after random interval the following threads appear: ntdll.dll!TpCallbackIndepende...
xperf (part of Windows Performance Analysis Toolkit) is very helpful in tracking memory usage with its heap analysis. However, my app uses a custom allocator -- it grabs chunks via VirtualAlloc directly and manages its own heap. I'd like to generate HeapAlloc/HeapFree/etc. events myself from my own allocation functions, so that I can u...