Broadly speaking, within the scope of these areas, there are two kinds of tools:
- Dynamic analysis tools
- Static analysis tools
Dynamic analysis tools work essentially by instrumenting the runtime process. Thus, to gain the most out of them, a lot of attention must be devoted to ensuring that the tools actually run over all possible code paths; done by carefully and painstakingly writing test cases to ensure complete code coverage. This is a key point and will be mentioned again (Importantly, Chapter 19, Troubleshooting and Best Practices, covers such points). While very powerful, dynamic analysis tools usually result in a significant runtime performance hit and more memory usage.
Static analysis tools, on the other hand, work upon source code; in this sense, they are similar to the compiler. They often go well beyond the typical compiler, aiding the developer in uncovering...