How does Facebook find bugs that crash their software?

Facebook uses both static and dynamic analysis tools to perform testing. What impresses me more is the dynamic analysis, but lets look at the static analysis first

 Static analysis, as the name implies, is only interested in the source code of the program

Facebook's static analyser is called Infer. The company open-sourced the tool in 2013, and a lot of big names (Uber, Spotify, Mozilla) use it.
It is on github for you to play around with https://github.com/facebook/infer

Facebook's dynamic analyser is called Sapienz.
"There are a lot of dynamic analysers out there, but none like Sapienz" - Facebook

Why is Sapienz so different?
The challenge with dynamic testing is finding the reight inputs that cause an app to crash.

Facebook says that most dynamic analysers use random sequences of inputs at apps, with up to 15,000 input events to force a crash.

Sapienz, on the other hand, only needs about 100-150 events to find a crashing bug. In practice, that means Facebook finds significantly more crashing bugs in a shorter amount of time.
  1. It uses a search-based evolutionary algorithm, rather than a random or model-based approach
  2. The fitness function that guides how the algorithm evolves is incredibly complex
  3. Facebook can run Sapienz on its One World test platform, which lets engineers find crashing bugs on hundreds of different Android devices simultaneously

Managing resources for large-scale testing

As more people across the world connect on Facebook, we want to make sure our apps and services work well in a variety of scenarios. At Facebook's scale, this means testing hundreds of important interactions across numerous types of devices and operating systems for both correctness and speed before we ship new code.




Source: https://arstechnica.com/information-technology/2017/08/facebook-dynamic-analysis-software-sapienz/

Comments

Popular posts from this blog

Software Testing @ Microsoft

Trim / Remove spaces in Xpath?