C# Memory Leak Torpedoed Princeton's DARPA Chances 560
nil0lab writes "In a case of 20/20 hindsight, Princeton DARPA Grand Challenge team member Bryan Cattle
reflects on how their code failed to forget obstacles it had passed. It was written in Microsoft's C#, which isn't supposed to let you have memory leaks. 'We kept noticing that the computer would begin to bog down after extended periods of driving. This problem was pernicious because it only showed up after 40 minutes to an hour of driving around and collecting obstacles. The computer performance would just gradually slow down until the car just simply stopped responding, usually with the gas pedal down, and would just drive off into the bush until we pulled the plug. We looked through the code on paper, literally line by line, and just couldn't for the life of us imagine what the problem was.'"
Shasdotvertisiment at is best (Score:3, Insightful)
Re:As a C kernel programmer... (Score:2, Insightful)
Re:Stupid Slashdot headline (Score:4, Insightful)
What is interesting is to see that garbage collection changes one class of bugs (forgetting to explicitly deallocate memory) to another one: unintentionally keeping objects around. Princeton's "obstacle object" lifetime policy was stepped upon by a Dotnet library; Java has similar problems in its libraries. For the Princeton car software, an explicit deallocation routine (like in C/C++) would have been easy to implement.
Problem is that both C/C++ style memory leaks and C#/Java hidden reference bugs usually remain hidden until the system crashes or trashes after some time. It makes them hard to find in the course of ordinary testing.
Re:Slashvertisement (Score:4, Insightful)
Re:I'll show you mine if you.. (Score:5, Insightful)
This just tells us once again that our wonderful editors on /. don't even try to understand what's behind an article, but they just find some sensationalistic title (the more AntiMS, the better) and done. This results in more comments of the type... "See, M$ id teh SuCkS", or "thanks god for my Linuzzz."..., so they got more profit for their /. ads (oh, the irony often MS ads, BTW).
Yellow press..... yes, I know, /. is not supposed to have any credibility like any other parasite news sites, but anyway....
Re:Slashvertisement (Score:5, Insightful)
But I do believe that articles written by companies pretending to be written by end-users are not terribly useful and probably shouldn't end up on
I mean, the article clearly states at the top "By Red Gate Software.".
So where did the "Bryan Cattle reflects on
Seriously.
"One of our team members downloaded the 14-day trial of ANTS Profiler"
"To our amazement, it was only minutes before we realized that our list of detected obstacles was never getting garbage collected"
"If Only We Had Used It Earlier..."
ANTS Profiler helped us fix a problem in minutes that would have taken us weeks to track down. If only we'd thought of it before the competition, we would most likely have finished the entire race and had a chance at the top prize money.
All this stuff sounds either very naive or very marketing. You choose.
Re:As a C kernel programmer... (Score:2, Insightful)
Re:Shasdotvertisiment at is best (Score:3, Insightful)
Or better yet, in C++ and use the RAII idiom. I.e. utilize the power of deterministic destruction, that C# and Java lack, to arrange it so that resources, including but not limited to just memory, are auto-freed. (You *can* run into this same kind of problem using reference-counted smart pointers in C++, but happily much of the time they aren't needed.)
Re:Stupid Slashdot headline (Score:5, Insightful)
I think you're getting hung up on the method name. There is no standard "delete" function that marks something as unused (dispose on the other hand sort of gets there). The article itself is unclear but I would assume that they were simply deleting the collision objects from a collection of potential hazards. Whilst that would remove the object from the collection itself it is *not* a delete. As references to the object existed elsewhere the object still exists (look ma, no null pointer exceptions) no delete happens. You cannot specifically say to the GC "We're done with this, delete it", the GC sweeps on a regular basis looking for objects with no references.
Would you really want the GC deciding that just because an object is no longer part of a collection it's safe to unsubscribe it from events and delete it? I know I wouldn't.
Re:Stupid Slashdot headline (Score:5, Insightful)
Decent programmers might understand that, but let's be honest, it's not like Java (and other GC languages) haven't been presented as if memory leaks were a thing of the past.
As a matter of fact, some people will probably still claim that it's technically not a memory leak, but instead an object life-span issue.
What surprises me is that outspoken proponents of managed languages use the garbage collection so often as a good thing, as if now you can be a sloppier programmer and get away with it.
In reality you have to identify/control the lifespan of objects anyway, so I personally never understood what the big deal is about freeing memory manually. Not to mention that memory leaks in say, C++ code, really aren't that hard to find. The tools have become pretty freakin decent.
And also not to mention that garbage collection might be handy for memory, but memory is only one of a plethora of resources that can be leaked. And since for many resources it isn't nearly as appropriate to 'lazy' free them, as a programmer you still have to be aware of the allocate/free paradigm. (as just one silly example, it would suck if you wouldn't be able to explicitly close a file, because you can't delete it before it's closed)
In other words, you are right. Of course you can have memory leaks in garbage collected languages. And I wish people would stop using GC as an argument why languages as Java are so much better to use than C++.
Re:Slashvertisement (Score:3, Insightful)
Kinda scary when they start writing systems for medical applications, industrial controllers and power supply chain management, let alone nationwide air traffic monitoring or emergency services interactions management.
"Hang on, we have to reboot our systems every 6 hours in order to manage this natural disaster - You can be advised when the flood waters will peak in about 15 minutes - did you say the bridge is washing away, and your phone lines are about to fall down? Ring us back in 15 minutes after the systems finish rebooting"
Re:Slashvertisement (Score:5, Insightful)
Some old Visual Basic programmer jokes come to mind when I read this article. People use to make fun of Visual Basic programmers because it was to easy to write programs in VB. They thought it would produce sloppy code with errors, and other similar things. To some extent, it appears that same case could be made for C#, and to a lesser extent Java. In the end this is simply a case of not stress testing their event stack.
Designed for safety ? (Score:3, Insightful)
Yikes. So these guys have the smarts to make a computer drive a car on its own, but managed to forget some basic safety mechanisms such as a watchdog and other failsafe mechanisms ?
Geez guys - real world engineering 101: Do not let a computer control anything that might have a remote chance of harming someone without appropriate safety mechanisms.
Re:don't these kids learn anything anymore? (Score:2, Insightful)
Whereas code written by people who "know what they're doing" has zero bugs - ever. Right. And to assert that they didn't test their software is ludicrous.
Re:Stupid Slashdot headline (Score:4, Insightful)
Re:I'll show you mine if you.. (Score:3, Insightful)
There is no leak in C# per se. They kept a reference to the objects, so the CLR wasn't even supposed to delete them.
Morons shouldn't be making car software.
Re:Slashvertisement (Score:5, Insightful)
Agreed. I was a good VB programmer. But my VB experience was an eight-month interval between C++ jobs. I've knocked out minor MS Office applications when needed since then, but that's it. I'm sorry to say that most of the VB programmers I've worked with were very poor engineers. Admittedly I've not worked in VB for wealthy companies whilst I have in C++, so that colours things somewhat. I don't doubt that there are some good VB programmers out there. But in the cases of most of those I worked with, I could very clearly see how VB led them to be poor engineers. The amount of shortcuts and wizards and instances where they would start their program by dragging a form object onto the design panel and dumping form objects onto it was obviously a leading reason for their poor skills. VB *led* them to take this approach. It works for small Excel apps, barely for database front-ends and not well at all for large projects.
As is common with the lower end of Microsoft products, the selling point is that they make it very easy to do what they think you want to do. The ability of VB to knock out an interactive form with near-zero knowledge of programming has encouraged a lot of colleges to sell people the idea that a ten-week course of dragging and dropping text box objects is programming whilst a lot of cheap or ignorant employers have taken the graduates at their word and plunged them in over their heads.
VB is a poor language in many ways and not, imo, suited to a large or sophisticated project. But you can find good VB programmers (was one). It's just that it encourages bad ones.
Oh, the summary is also wrong. C# hasn't started springing leaks. The programmers missed a reference to objects that they were creating and the garbage collection therefore never triggered to unallocate the memory. I don't doubt it's not easy to automate a vehicle to drive any even 9 miles, but this could have been detected with more thorough debugging. At any rate, the article submitter and overseeing editor should be ashamed of twisting this into an anti-Microsoft jab. I'm a Linux programmer. I can tell you that Linux can compete happily without sinking to the level of lies and misinformation.
Reference counting (Score:2, Insightful)
I just read TFA and it doesn't give any details. My guess? I just checked, and C# apparently uses reference-count garbage collection. That means that an object will stay around until there are zero references to it. The best way to create an object that will never go away is to create a circular linked list, then delete the reference to the list. All the items refer to each other, but there is nothing else that references them. But any complicated data structure that can have circular references will leak memory.
A mark-sweep garbage collector will catch this, but at the cost of interrupting the program temporarily to do GC. This isn't exactly friendly to real-time applications.
So basically this looks like a classic noob blunder. Just because there is "automatic" garbage collection doesn't mean that you can turn your brain off.
Re:Well, there's your problem! (Score:4, Insightful)
It obviously doesn't work in situations like this where the bug is in the runtime and not the application.
Re:only 10KLOC? (Score:4, Insightful)
Re:I'll show you mine if you.. (Score:2, Insightful)
Re:I'll show you mine if you.. (Score:5, Insightful)
However I take exception to your use of the world "Editor". Slashdot does not have Editors. They have guys who accept submissions.
They don't read The Fucking Articles, They don't check links, The don't edit submissions...
Re:Reference counting (Score:2, Insightful)
I highly doubt that. Got a link?
Re:Stupid Slashdot headline (Score:4, Insightful)
It is easy to leak memory in C++, if you don't know what you're doing. Its easy to leak memory in C#/Java if you don't know what you're doing. That the language makes it easy for you to avoid becoming a better programmer is NOT a good thing.
I have a good analogy - Firefox. I use FF a lot, I like it, but it does tend to increase its memory usage over time, and has been rightly criticised for it. Now, I'm sure the 'bug' is an aspect of its design and not a programming bug (and I don't want to start a FF memory discussion - I'm only using it as a real-world example) but just imagine if *every* program was like FF - slowly using more and more RAM over time until you restarted it.
This is what you're asking for when you say that its ok for the average programmer to use C# because the app will have fewer leaks: you'll get fewer leaks. Not none. If the app leaked like a sieve, it'd be spotted in development/test and fixed; if it leaks slowly enough so it passes an hour's testing in certification, then it'll be shipped - and its you that'll get to find the bug as you use it.
Re:Slashvertisement (Score:3, Insightful)
An interesting observation. Java is a lot harder to write bugs in and is easier to debug (with more runtime information), so coders spend a lot less time in the debug cycle and therefore get less experience doing it. So should we design our languages to be obtuse and hard to read (ie. C++) or continue trying to design languages that make it harder to get things wrong?
Java has made some wrong turns in this regard (ie. autoboxing-- I wonder if we can yank that from the language in JDK7), but in general has done a great job of making it difficult to tie that noose for yourself.
in the URL (Score:5, Insightful)
http://www.codeproject.com/showcase/IfOnlyWedUsedANTSProfiler.asp
"IfOnlyWedUsedANTSProfiler"? That didn't raise any flags?
Of course, I'm trying to assume good faith and not just conclude that the editors knew this was an advertisement, but they sure are making that difficult.
Would this even make it as a story... (Score:2, Insightful)
This is not a c# memory leak, it was a memory leak written in c#. The developers used a commerical tool to find there problem, a trail version even. So how about a title "Commercial Code Profiler Saves the Day For DARPA team"?
Oh because then it would never be a slash dot article, ugh.
Developers making a mistake != c# bug
The IDisposable interface is there for a reason.
Comment removed (Score:3, Insightful)
Re:Ummm... (Score:4, Insightful)
It's the programmer and the language. Give the world's best carpenter a ball-peen hammer and ask him to build you a beautiful armoire, see what happens.
You can say now that they'll be much further next year, but until then "Which means that the language did the job very nicely" should be "Which would mean that the language did the job very nicely." If you put in a reminder of some sort to come back and say I told you so, I'd be more than happy to eat my words if they continue using C# and place in the top 33%. Hell, I'd even concede that you might be right if they manage the top 50%.
I say, however, that there is a right language for the job. Sure, there's overlap, but you don't implement your FFT in Perl when the problem is that you need the fastest FFT possible, you don't write a word-processor in assembly, and you don't write anything in Brainfuck even though they're all Turing-complete. Anyone who says you can do anything in any language is trying to justify using their favorite language for absolutely everything.
Re:Ahahaha! (Score:3, Insightful)
Its my experience with it that apps written using it are poor too though. I've been headhunted twice now by companies that rewrote their old apps in this cool, new language only to find that it performed so badly they couldn't sell it. (I used to be a performance engineer/troubleshooter at my last job).
And its not just C#, its the
I'm not a fan of
Bad Bad article title (Score:3, Insightful)
if the moderator read the article he would have noticed that the article was an advertisement for the profiler product, not just a review of it (it was written directly by Red Gate).
Second, the article itself says that they found that the error was in how they coded the application, because they left some reference so the garbage collector didn't trow away the objects.
This is a really bad article and bad information.
Don't Slashvertise. Ever. (Score:5, Insightful)
You may think you're pulling one over on the editors, and maybe you are. But you aren't pulling one over on us, and I think after all these years, the editors know this. So, just don't. Unless your product or service is absolutely bulletproof people here are more likely to shoot it full of holes than rush out and buy it.
Re:Well, there's your problem! (Score:3, Insightful)
I think there's a rite of passage in programming. First, you see a bug and immediately assume your code is right and the compiler is wrong. With a little experience, you learn that it's actually a darn good bet that your code is the thing with the problem. With a lot of experience, you learn that while it's a darn good bet, on rare occasions the compiler really does get it wrong, but that it usually takes a horrendously long, assembly-level debugging session to prove it.
Much the same is true of the standard library that comes with your programming language, or any high quality third party library you use. Some of these are considerably more robust than others, but usually if it's something thousands of projects are using, it's going to be your project code that's wrong rather than the library.
Re:Slashvertisement (Score:3, Insightful)
We have to teach every new developer to share and reuse code and generally avoid continually reinventing the wheel because the anti-cheating rules in college keep them from learning it there. They were probably required to create it from scratch. There needs to be an upper level class where students are given projects that are impossible to complete in the allotted time unless they reuse code that is readily available.
Re:I'll show you mine if you.. (Score:5, Insightful)
...
O.K., I'll bite, what part of that line do you not understand? If /. billed itself as a "blog" then I'd understand your point. However, /. is a corporate based, self-billed "News" site. Whether reader submission driven or not, it is a news site. You are wrong. But, thanks for your thoughts.
Actually it's probably our fault (Score:3, Insightful)
I suspect it is the fault of slashdot user base as much as the editors. I bet a lot of users were in the firehose, saw the sensationalist title, etc, and rated it highly. The editor comes in, sees it has a sensationalist title and is now colored read, meaning users really think it is great, and posts it. So yes, the editor may not have read the article, but I'm sure the user base didn't either, at least not until after it got posted.
Re:Well, there's your problem! (Score:3, Insightful)
Re:only 10KLOC? (Score:5, Insightful)
Seriously, the performance of these cars is amazing, a huge step from just a few years ago. The hard part of this project was certainly not the programming, but the concepts behind the obstacle detection and such. This is not an implementation exercise, but more of an academic experiment to test out new ideas.
(Nice work on mentioning Haskell to guarantee an upmod btw.)
Re:I'll show you mine if you.. (Score:3, Insightful)
"We set a timer to restart the computer after 40 minutes".
Wait. What? Really? That's classic programming by accident. "I added one and it started working, so I moved on."
Re:Well, there's your problem! (Score:2, Insightful)
It seems to me that hiring barely-competent monkeys to maintain software you care about is the real problem.
Bad summary. but obvious FREE solution (Score:5, Insightful)
Just because you *can* do something doesn't mean you should.
Brett
Re:Slashvertisement (Score:3, Insightful)
I'm sure you're a much better programmer than I am, so I have to ask... why does using the form designer makes someone write bad database access? I'm also curious about what makes VB a poor language. I hear this pretty frequently, but have never gotten a honest explanation of why. Personally, I don't think I've ever encountered a task accomplished, or bit of code written in C# that I couldn't easily translate to VB, and vice-versa. Someone once told me there was some limitation on utilizing System.Reflection, but I just haven't encountered any problems yet. Also, don't the both compile to the same runtime language? I've always assumed it was a "6 and one half dozen" situation, and had more to do with syntax preference than anything.
Re:I'll show you mine if you.. (Score:3, Insightful)
Re:I'll show you mine if you.. (Score:3, Insightful)
There was a memory leak but it was due to their code, not with the Microsoft
Now on to flaming slashdot...
I really think Slashdot should pull articles like these either completely or at least from the front page when they realise they're misleading or factually incorrect.
This story simply isn't news worthy, it's not even interesting for anyone half competant in