Fravia's TOOLS OF OUR TRADE Messageboard ~ Moderated
Re: Re: Re: wait a minute
Tuesday, 16-Feb-99 01:14:35

a profiler will usually only tell you how many times code is accessed/how long it takes to run. I can;t see this being very helpful...as Giglio says, you can run save-save-save one time and print-print-print the next, but really this is vastly more inefficient than grepping a deadlisting for file-write interrupts/Save menu items, bpxing on system write routines, or even using filemon or smartcheck. And with a profiler, you will have to run it twice [once as 'save' and once as 'print'] in order to determine which heavily-used parts of the code are the save function and which are, say, the message loop.

It sounds like Giglio is asking for a 'telepathic ' tool ... i.e., it has to know what will interest you and what will not before it makes a report. Otherwise you will end up with results 10x as long as smartcheck or filemon...or even longer than the dead listing itself. W/o the source code, the profiler will have no idea which sections of code are routines and which are subroutines ... so you may have a subroutine that copys a string from point a to point b which turns out to be one of the most heavily used 'functions' or 'code areas' --having maybe 900 iterations-- according to the profiler, but which is in a larger routine that is only called once.

I cannot see a way of coding such a tool in a manner which would lessen the confusion of the report [short of, say, having a neural net run through it a few K times with you so that it 'learns' what you are looking for].

The reason regmon/filemon/vxdmon/etc work so well is that you decide what you are looking for, then you use the correct program to monitor it with. If you leave it up to the program to determine what to monitor, then either you're going to end up with a sh!tload of logs or the program is going to make a judgement which has every chance of being incorrect.

All that 'being/not being a great reverser' crap aside, you have to know what you're doing just a tiny bit. I am under the assumption that if you can't pick the correct tool for the job --providing there is one available-- then you wouldn't know what to do with the results of the tool, no matter how perfect it is. Except in a very limited sense, you cannot write a program to run another, watch it, then print out a report with a big red arrow saying 'here is where the protection is'.

_m

mammon_