WMI_BUFFER_HEADER - NtDoc
Native API online documentation, based on the System Informer
(formerly Process Hacker) phnt
headers
#ifndef _NTWMI_H
#ifndef ETW_WOW6432
typedef struct _WMI_BUFFER_HEADER
{
ULONG BufferSize; // BufferSize
ULONG SavedOffset; // Temp saved offset
volatile ULONG CurrentOffset; // Current offset
volatile LONG ReferenceCount; // Reference count
LARGE_INTEGER TimeStamp; // Flush time stamp
LONGLONG SequenceNumber; // Buffer sequence number
union
{
struct
{ // DBG_INFO buffers send to debugger
ULONGLONG ClockType : 3;
ULONGLONG Frequency : 61;
} DUMMYSTRUCTNAME;
SINGLE_LIST_ENTRY SlistEntry; // Local list when flushing
PWMI_BUFFER_HEADER NextBuffer; // FlushList
} DUMMYUNIONNAME;
ETW_BUFFER_CONTEXT ClientContext; // LoggerId/ProcessorIndex
ETW_BUFFER_STATE State; // (Free/GeneralLogging/Flush)
ULONG Offset; // Offset when flushing (can overlap SavedOffset)
USHORT BufferFlag; // (flush marker, events lost)
USHORT BufferType; // (generic/rundown/cswitch/reftime)
union
{
ULONG Padding1[4];
ETW_REF_CLOCK ReferenceTime; // persistent real-time
LIST_ENTRY GlobalEntry; // Global list entry
struct
{
PVOID Pointer0;
PVOID Pointer1;
} DUMMYSTRUCTNAME2;
} DUMMYUNIONNAME2;
} WMI_BUFFER_HEADER, *PWMI_BUFFER_HEADER;
View code on GitHubNo description available.