TraceEvent

// ADVAPI32.dll
#include <windows.h>

WIN32_ERROR TraceEvent(
    ULONGLONG TraceHandle,
    EVENT_TRACE_HEADER* EventTrace
);

<DllImport("ADVAPI32.dll", ExactSpelling:=True)>
Public Shared Function TraceEvent(
    TraceHandle As ULong,   ' ULONGLONG
    EventTrace As IntPtr   ' EVENT_TRACE_HEADER*
) As UInteger
End Function

' TraceHandle : ULONGLONG
' EventTrace : EVENT_TRACE_HEADER*
Declare PtrSafe Function TraceEvent Lib "advapi32" ( _
    ByVal TraceHandle As LongLong, _
    ByVal EventTrace As LongPtr) As Long
' VBA7前提(PtrSafe)。32bit Office では LongPtr→Long。Integer=16bit / Long=32bit / LongLong=64bit。

import ctypes
from ctypes import wintypes

TraceEvent = ctypes.windll.advapi32.TraceEvent
TraceEvent.restype = wintypes.DWORD
TraceEvent.argtypes = [
    ctypes.c_ulonglong,  # TraceHandle : ULONGLONG
    ctypes.c_void_p,  # EventTrace : EVENT_TRACE_HEADER*
]

require 'fiddle'
require 'fiddle/import'

lib = Fiddle.dlopen('ADVAPI32.dll')
TraceEvent = Fiddle::Function.new(
  lib['TraceEvent'],
  [
    -Fiddle::TYPE_LONG_LONG,  # TraceHandle : ULONGLONG
    Fiddle::TYPE_VOIDP,  # EventTrace : EVENT_TRACE_HEADER*
  ],
  -Fiddle::TYPE_INT)

#[link(name = "advapi32")]
extern "system" {
    fn TraceEvent(
        TraceHandle: u64,  // ULONGLONG
        EventTrace: *mut EVENT_TRACE_HEADER  // EVENT_TRACE_HEADER*
    ) -> u32;
}
// crates: windows-sys provides ready-made bindings for this API.

$sig = @"
[DllImport("ADVAPI32.dll")]
public static extern uint TraceEvent(ulong TraceHandle, IntPtr EventTrace);
"@
$api = Add-Type -MemberDefinition $sig -Name 'ADVAPI32_TraceEvent' -Namespace Win32 -PassThru
# $api::TraceEvent(TraceHandle, EventTrace)

#uselib "ADVAPI32.dll"
#func global TraceEvent "TraceEvent" sptr, sptr
; TraceEvent TraceHandle, varptr(EventTrace)   ; 戻り値は stat
; TraceHandle : ULONGLONG -> "sptr"
; EventTrace : EVENT_TRACE_HEADER* -> "sptr"
; ※HSP3.7は int64 引数(64bit値渡し)に非対応です。
; ※HSP3.7は #func のため戻り値はシステム変数 stat に格納されます。

#uselib "ADVAPI32.dll"
#cfunc global TraceEvent "TraceEvent" int64, var
; res = TraceEvent(TraceHandle, EventTrace)
; TraceHandle : ULONGLONG -> "int64"
; EventTrace : EVENT_TRACE_HEADER* -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。
; ※int64 引数の DLL 値渡しは x64 ランタイム(hsp3_64)のみ対応(x86 は未対応)。

; WIN32_ERROR TraceEvent(ULONGLONG TraceHandle, EVENT_TRACE_HEADER* EventTrace)
#uselib "ADVAPI32.dll"
#cfunc global TraceEvent "TraceEvent" int64, var
; res = TraceEvent(TraceHandle, EventTrace)
; TraceHandle : ULONGLONG -> "int64"
; EventTrace : EVENT_TRACE_HEADER* -> "var"
; ※出力/バッファ引数は var 方式(変数を直接渡す)。varptr 方式にも切替可。

import (
	"golang.org/x/sys/windows"
	"unsafe"
)

var (
	advapi32 = windows.NewLazySystemDLL("ADVAPI32.dll")
	procTraceEvent = advapi32.NewProc("TraceEvent")
)

// TraceHandle (ULONGLONG), EventTrace (EVENT_TRACE_HEADER*)
r1, _, err := procTraceEvent.Call(
	uintptr(TraceHandle),
	uintptr(EventTrace),
)
_ = err  // syscall.Errno (valid when the call sets last-error)
_ = r1   // WIN32_ERROR

function TraceEvent(
  TraceHandle: UInt64;   // ULONGLONG
  EventTrace: Pointer   // EVENT_TRACE_HEADER*
): DWORD; stdcall;
  external 'ADVAPI32.dll' name 'TraceEvent';

result := DllCall("ADVAPI32\TraceEvent"
    , "Int64", TraceHandle   ; ULONGLONG
    , "Ptr", EventTrace   ; EVENT_TRACE_HEADER*
    , "UInt")   ; return: WIN32_ERROR

●TraceEvent(TraceHandle, EventTrace) = DLL("ADVAPI32.dll", "dword TraceEvent(qword, void*)")
# 呼び出し: TraceEvent(TraceHandle, EventTrace)
# TraceHandle : ULONGLONG -> "qword"
# EventTrace : EVENT_TRACE_HEADER* -> "void*"
# なでしこ1は32bit・ANSI(Shift_JIS)。文字列=char*(ANSI)、ポインタ/ハンドル=void*(4byte)。