Sciweavers

OOPSLA
2015
Springer

Use at your own risk: the Java unsafe API in the wild

8 years 7 months ago
Use at your own risk: the Java unsafe API in the wild
Java is a safe language. Its runtime environment provides strong safety guarantees that any Java application can rely on. Or so we think. We show that the runtime actually does not provide these guarantees—for a large fraction of today’s Java code. Unbeknownst to many application developers, the Java runtime includes a “backdoor” that allows expert library and framework developers to circumvent Java’s safety guarantees. This backdoor is there by design, and is well known to experts, as it enables them to write high-performance “systems-level” code in Java. For much the same reasons that safe languages are preferred over unsafe languages, these powerful—but unsafe— capabilities in Java should be restricted. They should be made safe by changing the language, the runtime system, or the libraries. At the very least, their use should be restricted. This paper is a step in that direction. We analyzed 74 GB of compiled Java code, spread over 86,479 Java archives, to determi...
Luis Mastrangelo, Luca Ponzanelli, Andrea Mocci, M
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Where OOPSLA
Authors Luis Mastrangelo, Luca Ponzanelli, Andrea Mocci, Michele Lanza, Matthias Hauswirth, Nathaniel Nystrom
Comments (0)