New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add missing TraceLoggingRegister calls #16467
Conversation
src/host/tracing.cpp
Outdated
TraceLoggingOptionMicrosoftTelemetry()); | ||
|
||
static const auto cleanup = []() { | ||
TraceLoggingRegister(g_hConhostV2EventTraceProvider); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we not register this in WinMain()
? Since we're inside host
and all.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could do that! I assume you would prefer that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
feels less "weird", but for no good reason.
Unfortunately, this has exploded Audit Mode |
17cc109 and e9de646 both made the same mistake: When cleaning up our telemetry code they also removed the calls to `TraceLoggingRegister` which also broke regular tracing. Windows Defender in particular uses the "CookedRead" event to monitor for malicious shell commands. This doesn't fix it the "right way", because destructors of statics aren't executed when DLLs are unloaded. But I felt like that this is fine because we have way more statics than that in conhost land, all of which have the same kind of issue. (cherry picked from commit a65d5f3) Service-Card-Id: 91337330 Service-Version: 1.19
17cc109 and e9de646 both made the same mistake: When cleaning up our
telemetry code they also removed the calls to
TraceLoggingRegister
which also broke regular tracing. Windows Defender in particular uses
the "CookedRead" event to monitor for malicious shell commands.
This doesn't fix it the "right way", because destructors of statics
aren't executed when DLLs are unloaded. But I felt like that this is
fine because we have way more statics than that in conhost land,
all of which have the same kind of issue.