diff --git a/bin/etwcommonsettings.bat b/bin/etwcommonsettings.bat index dda3e52c..72772646 100644 --- a/bin/etwcommonsettings.bat +++ b/bin/etwcommonsettings.bat @@ -59,11 +59,11 @@ set _NT_SYMBOL_PATH=SRV*c:\symbols*http://msdl.microsoft.com/download/symbols;SR @rem Windows 7+ @echo Windows 7+ settings @rem Microsoft-Windows-Win32k adds Window focus events. This is available only -@rem on Windows 7 and above. -@set UserProviders=Microsoft-Windows-Win32k -@rem Theoretically better power monitoring, Windows 7+, not proven to -@rem actually work! -@rem @set UserProviders=%UserProviders%+Microsoft-Windows-Kernel-Processor-Power+Microsoft-Windows-Kernel-Power +@rem on Windows 7 and above. The filtering is to avoid excessive traffic from +@rem the UserCrit events. +@set UserProviders=Microsoft-Windows-Win32k:0xfdffffffefffffff +@rem Memory and power monitoring, copied from UIforETW. +@set UserProviders=%UserProviders%+Microsoft-Windows-Kernel-Memory:0xE0+Microsoft-Windows-Kernel-Power @ver | find "6.1." @if %errorlevel% == 0 goto Windows7 diff --git a/bin/etwrecord.bat b/bin/etwrecord.bat index 73089a67..b8e5177b 100644 --- a/bin/etwrecord.bat +++ b/bin/etwrecord.bat @@ -114,29 +114,14 @@ xperf -stop %SessionName% -stop @rem New method -- allows requesting trace compression. This is a NOP on @rem Windows 7 but on Windows 8 creates 5-7x smaller traces (that don't load on Windows 7) -@rem Rename c:\Windows\AppCompat\Programs\amcache.hve to avoid serious merge -@rem performance problems (up to six minutes!) -@set HVEDir=c:\Windows\AppCompat\Programs -@rename %HVEDir%\Amcache.hve Amcache_temp.hve 2>nul -@set RenameErrorCode=%errorlevel% - xperf -merge "%kernelfile%" "%userfile%" %FileAndCompressFlags% -@rem Rename the file back -@if not "%RenameErrorCode%" equ "0" goto SkipRename -@rename %HVEDir%\Amcache_temp.hve Amcache.hve -:SkipRename - @if not %errorlevel% equ 0 goto FailureToRecord @rem Delete the temporary ETL files @del "%kernelfile%"" @del "%userfile%" @echo Trace data is in %FileName% -- load it with wpa or xperfview or gpuview. @dir "%FileName%" | find /i ".etl" -@rem Preprocessing symbols to avoid delays with Chrome's huge symbols -@pushd "%batchdir%" -python StripChromeSymbols.py "%FileName%" -@popd start wpa "%FileName%" @exit /b