Evntrace API: logs are not written after StartTrace() (using WPP tracing)

Question

I need to start Logging session when my app is being started. I wrote logging init / deinit functions, *.etl file is created but it's empty after the session. I'm using WPP tracing (for kernel as well as for user space). I can't figure out what I did wrong. I've read a lot of articles and docs about this API but couldn't have come up with solution.

I'm using VERBOSE flag to write everything related to my app, also I define guid for trace session (ToolSessionGuid) and GUID related to my application (GUID_APP).

Here is my realization of Init/deinit functions:

void traceLoggerDeinit(TRACEHANDLE* sessionHandle, EVENT_TRACE_PROPERTIES* sessionProperties) {
    if (!sessionHandle)
        return;
    if (*sessionHandle) {
        uint64_t retval = EnableTraceEx2(*sessionHandle, (GUID*)&GUID_APP, EVENT_CONTROL_CODE_DISABLE_PROVIDER, TRACE_LEVEL_INFORMATION, 0, 0, 0, NULL);
        if (retval != ERROR_SUCCESS)
            traceErr("Failed to disable trace, error %llu", retval);
        retval = ControlTrace(*sessionHandle, LOGSESSION_NAME, sessionProperties, EVENT_TRACE_CONTROL_STOP);
        if (retval != ERROR_SUCCESS)
            traceErr("Failed to stop trace, error %llu", retval);
    }
    sessionHandle = nullptr;
}

uint64_t traceLoggerInit(TRACEHANDLE* sessionHandle, EVENT_TRACE_PROPERTIES* sessionProperties, uint32_t bufferSize)
{
    sessionProperties->Wnode.BufferSize = bufferSize;
    sessionProperties->Wnode.Flags = WNODE_FLAG_TRACED_GUID;
    sessionProperties->Wnode.ClientContext = 1;
    sessionProperties->Wnode.Guid = ToolSessionGuid;
    sessionProperties->LogFileMode = EVENT_TRACE_FILE_MODE_SEQUENTIAL;
    sessionProperties->MaximumFileSize = 1;
    sessionProperties->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
    sessionProperties->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(LOGSESSION_NAME);
    StringCbCopy((wchar_t*)((char*)sessionProperties + sessionProperties->LogFileNameOffset), sizeof(LOGFILE_PATH), LOGFILE_PATH);

    uint64_t retval = StartTrace((TRACEHANDLE*)sessionHandle, LOGSESSION_NAME, sessionProperties);
    if (retval == ERROR_ALREADY_EXISTS) {
        traceErr("Trace logging already enabled. Disabling and enabling again");
        return ERROR_ALREADY_EXISTS;
    }
    if (retval != ERROR_SUCCESS) {
        traceErr("StartTrace() failed, error %llu", retval);
        return -1;
    }

    retval = EnableTraceEx2(*sessionHandle, (GUID*)&GUID_APP, EVENT_CONTROL_CODE_ENABLE_PROVIDER, TRACE_LEVEL_VERBOSE, 0, 0, 0, NULL);
    if (retval != ERROR_SUCCESS) {
        traceErr("EnableTrace() failed, error %llu", retval);
        return -1;
    }

    return 0;
}

In main function I'm initializing the structure and the handle:

uint32_t size = sizeof(EVENT_TRACE_PROPERTIES) + sizeof(LOGFILE_PATH) + sizeof(LOGSESSION_NAME) + 1024 * sizeof(wchar_t);
TRACEHANDLE sessionHandle = 0;
EVENT_TRACE_PROPERTIES* sessionProperties = (EVENT_TRACE_PROPERTIES*)malloc(size);
if (!sessionProperties) {
    traceErr("Unable to allocate %lu bytes for properties structure", size);
    return -1;
}
memset(sessionProperties, 0, size);

uint64_t retVal = traceLoggerInit(&sessionHandle, sessionProperties, size);
if (retVal == ERROR_ALREADY_EXISTS) {
    traceLoggerDeinit(&sessionHandle, sessionProperties);
    retVal = traceLoggerInit(&sessionHandle, sessionProperties, size);
    if (retVal != 0) {
        traceErr("Failed to enable trace Logging");
        traceLoggerDeinit(&sessionHandle, sessionProperties);
        free(sessionProperties);
        return -1;
    }
}
if (retVal != 0) {
    traceErr("Failed to enable trace Logging");
    traceLoggerDeinit(&sessionHandle, sessionProperties);
    free(sessionProperties);
    return -1;
}

Then do some stuffs with wpp trace and close the session with deinit function: