/
diagnostics-ipc-message.bt
98 lines (86 loc) · 2.61 KB
/
diagnostics-ipc-message.bt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
//------------------------------------------------
//--- 010 Editor v11.0.1 Binary Template
//
// File: Event Pipes data dump
// Authors: Sebastian Solnica
// Version: 1.0
// Category: .NET
//------------------------------------------------
typedef enum <ubyte> {
Dump = 0x01,
EventPipe = 0x02,
Profiler = 0x03,
Process = 0x04,
Server = 0xFF,
} CommandSet;
typedef enum <ubyte> {
OK = 0x00,
Error = 0xFF,
} ServerCommandId;
typedef enum <ubyte> {
// reserved = 0x00,
StopTracing = 0x01, // stop a given session
CollectTracing = 0x02, // create/start a given session
CollectTracing2 = 0x03, // create/start a given session with/without rundown
} EventPipeCommandId;
typedef enum <ubyte> {
// reserved = 0x00,
CreateCoreDump = 0x01,
// future
} DumpCommandId;
typedef enum <ubyte> {
// reserved = 0x00,
AttachProfiler = 0x01,
// future
} ProfilerCommandId;
typedef enum <byte> {
ProcessInfo = 0x00,
ResumeRuntime = 0x01,
// future
} ProcessCommandId;
typedef struct {
uint32 length;
wchar_t text[length];
} WString <read=DisplayWString>;
string DisplayWString (WString &ws) {
return ws.text;
}
typedef struct {
uint64 keywords <format=hex>;
uint32 loglevel;
WString provider_name <bgcolor=cLtRed>;
WString filter_data <bgcolor=cLtGreen>;
} ProviderConfig;
typedef struct {
byte magic[14] <bgcolor=cYellow>;
uint16 size;
CommandSet command_set <bgcolor=cBlue, fgcolor=cWhite>;
if (command_set == Dump) {
DumpCommandId command_id <bgcolor=cBlue, fgcolor=cWhite>;
} else if (command_set == EventPipe) {
EventPipeCommandId command_id <bgcolor=cBlue, fgcolor=cWhite>;
} else if (command_set == Profiler) {
ProfilerCommandId command_id <bgcolor=cBlue, fgcolor=cWhite>;
} else if (command_set == Process) {
ProcessCommandId command_id <bgcolor=cBlue, fgcolor=cWhite>;
} else if (command_set == Server) {
ServerCommandId command_id <bgcolor=cBlue, fgcolor=cWhite>;
} else {
ubyte command_id;
}
uint16 reserved;
if (command_set == EventPipe && command_id == CollectTracing2) {
uint32 circularBufferMB;
uint32 format;
byte requestRundown;
uint32 providers_count;
ProviderConfig providers[providers_count] <optimize=false>;
} else {
byte payload[size - 20];
}
} IPC_Message;
LittleEndian();
IPC_Message client_msg;
if (!FEof()) {
IPC_Message server_msg;
}