Facebook can't root out fake news and hate talk, but – oh look – it has software to catch bugs
Plans to open source app, server-side code-fixing tool
Facebook may have to hire people to police the content coursing through its social network, but software looks to be sufficient to hunt down bugs in its mobile app code.
On Thursday, the information-harvesting biz revealed but did not release SapFix, a debugging tool that relies on artificial intelligence to suggest fixes for programming errors that software engineers can approve and deploy to production.
The name is a reference to a previously announced Facebook tool call Sapienz, which finds bugs in large scale systems. Once the bugs have been spotted, SapFix then attempts to repair them.
In a blog post, a trio of Facebook software engineers – Yue Jia, Ke Mao, and Mark Harman – explain that bug hunting begins with Sapienz and Infer, the company's open source static analysis tool. Once the cause of a code crash has been identified, the tools pass their findings to SapFix, which then decides on a few possible strategies for generating a patch.
It may fully or partially undo the past commit that introduced the bug, or it may fetch a fix from a library of templated repairs derived from code patches filed by company software engineers in the past. If those options don't work, SapFix tries making minor code changes to the abstract syntax tree of the statement responsible for the crash, in the hope that will ameliorate the problem.
Now that's a fortune cookie! Facebook splats $5k command-injection bug in one of its serversREAD MORE
According to Jia, Mao and Harman, SapFix in its current prototype form has already been used to hasten the deployment of updates to Facebook's Android app.
"To our knowledge, this marks the first time that a machine-generated fix – with automated end-to-end testing and repair – has been deployed into a codebase of Facebook’s scale," they say. "It’s an important milestone for AI hybrids and offers further evidence that search-based software engineering can reduce friction in software development."
Facebook is not alone in its desire to delegate code cleanup to other software. GitHub, for example, says it intends to turn its automated security flaw finder into a tool capable of submitting a fix in the form of a pull request. And automated bug fixing for years has been a topic of interest for academic researchers.
The trio say that both Sapienz and SapFix will be made available as open-source projects eventually, after a bit more testing. They hope the tools will not only catch crashes but also improve software speed and responsiveness through AI-driven assistance.
Earlier this week, Facebook teased details of machine-learning tools it has developed to extract text from shared images so that they can be checked over for fake news and hateful speech that plagues the gigantic social network. ®
Sponsored: Becoming a Pragmatic Security Leader