How Uber Uses Generative AI to Quietly Kill Java Resource Leaks
Because some bugs whisper before they wreck your weekend
1 - The bug that does not yell
You are not chasing alarms. You are chasing a slow leak.
Java resource leaks do not explode. They drain. They hide in file handles. They wait. And then suddenly the app cannot open files or spin threads.
Uber saw the pattern. Quiet leaks at massive scale. So they built FixrLeak to stop them before the system started coughing.
2 - The real problem
Closing a resource sounds easy. Until you are staring at 900 services and legacy code with no tests.
Try-catch-finally is fragile. Try-with-resources is cleaner but retrofitting it is a nightmare. SonarQube catches the issue but never fixes it.
The real issue is this—how do you clean up safely without spending 6 weeks doing manual code surgery
3 - The fix that actually works
Uber did not say “let AI do it.” They said “build a guardrail first, then let AI step in.”
Here is the flow:
SonarQube finds the leak
Tree-sitter builds the abstract syntax tree
FixrLeak checks if the leak is safely local
If yes, it creates a prompt and asks GPT-4 to patch it
It runs tests, checks builds and opens a pull request
No wild rewrites. No breaking changes. Just high-trust fixes, on autopilot
4 - Results that are not just pretty numbers
They flagged 124 leaks.
102 passed FixrLeak’s checks
93 were fixed automatically
All builds passed
Reviewers just clicked approve
This is not a fancy proof of concept. It runs every week. It saves time without asking for attention.
5 - Why GenAI alone does not cut it
You throw a broken function into GPT and what comes back looks great—until your test suite falls apart.
Without static checks, AI can:
Close the resource too early
Break existing logic
Write code that compiles but behaves wrong
FixrLeak keeps AI in a box. That is what makes it work. Safe inputs, scoped logic, guardrails built by humans
6 - What senior engineers should actually take away
This is not about fixing bugs. This is about building fixers.
Use static analysis to pre-check before AI touches anything
Automate only when scope is fully owned
Use humans for edge cases, let AI eat the boring ones
Build end-to-end systems, not throwaway tools
FixrLeak’s real power is not perfection. It is consistency. Quiet, repeatable wins every single week.
7 - What comes next
Uber is scaling FixrLeak across new boundaries:
Handling leaks that cross methods
Using GenAI to detect leaks too
Expanding beyond Java into languages like Go
Building smarter context models before even suggesting a fix
This is not just “AI for code.” This is disciplined automation that plays well with your system, your people and your deadlines
Final take
FixrLeak proves what happens when you mix engineering restraint with real automation. It is not loud. It is not flashy. It just works.
And here is the kicker—you probably have 5 FixrLeaks hiding in your own codebase.
The question is—are you going to wait for them to blow up, or build your fix while things are calm
TLDR - What to do now
“Use static analysis to scope what AI is allowed to fix”
“Automate boring, repeatable bugs and skip the heroics”
“Build full pipelines that clean up code without a meeting”
“Do not ask AI to lead. Let it follow your rules”
https://www.uber.com/blog/fixrleak-fixing-java-resource-leaks-with-genai/?uclick_id=4c449421-1227-4621-8590-90af6ec80529&utm_source=chatgpt.com&utm_medium=email