Breaking Type-Safety in Go: An Empirical Study on the Usage of the unsafe Package

摘要: A decade after its first release, the Go programming language has become a major in development landscape. While praised for clean syntax and C-like performance, also contains strong static type-system that prevents arbitrary type casting memory access, making type-safe by design. However, to give developers possibility of implementing low-level code, ships with special package called unsafe offers way around type-safety programs. The gives greater flexibility but comes at higher risk runtime errors, chances non-portability, loss compatibility guarantees future versions Go. In this paper, we present large-scale study on usage 2,438 popular projects. Our investigation shows is used 24% projects, motivated primarily communicating operating systems C commonly as source performance optimization. Developers are willing use break specifications (e.g., string immutability) better 6% analyzed projects perform risky pointer conversions can lead program crashes unexpected behavior. Furthermore, report series real issues faced unsafe, from crashing errors non-deterministic behavior having their deployment restricted certain environments. findings be understand how why Go, help motivate further tools could make even safer.