Accepted answer

heap pollution is a technical term. it refers to references which have a type that is not a supertype of the object they point to.

list<a> listofas = new arraylist<>();
list<b> listofbs = (list<b>)(object)listofas; // points to a list of as

this can lead to "unexplainable" classcastexceptions.

// if the heap never gets polluted, this should never throw a cce
b b = listofbs.get(0); 

@safevarargs does not prevent this at all. however, there are methods which provably will not pollute the heap, the compiler just can't prove it. previously, callers of such apis would get annoying warnings that were completely pointless but had to be suppressed at every call site. now the api author can suppress it once at the declaration site.

however, if the method actually is not safe, users will no longer be warned.


the reason is because varargs give the option of being called with a non-parametrized object array. so if your type was list < a > ... , it can also be called with list[] non-varargs type.

here is an example:

public static void testcode(){
    list[] b = new list[1];

public static void test(list<a>... a){

as you can see list[] b can contain any type of consumer, and yet this code compiles. if you use varargs, then you are fine, but if you use the method definition after type-erasure - void test(list[]) - then the compiler will not check the template parameter types. @safevarargs will suppress this warning.


it's rather safe to add @safevarargs annotation to the method when you can control the way it's called (e.g. a private method of a class). you must make sure that only the instances of the declared generic type are passed to the method.

if the method exposed externally as a library, it becomes hard to catch such mistakes. in this case it's best to avoid this annotation and rewrite the solution with a collection type (e.g. collection<type1<type2>>) input instead of varargs (type1<type2>...).

as for the naming, the term heap pollution phenomenon is quite misleading in my opinion. in the documentation the actual jvm heap is not event mentioned. there is a question at software engineering that contains some interesting thoughts on the naming of this phenomenon.


when you use varargs, it can result in the creation of an object[] to hold the arguments.

due to escape analysis, the jit can optimise away this array creation. (one of the few times i have found it does so) its not guaranteed to be optimised away, but i wouldn't worry about it unless you see its an issue in your memory profiler.

afaik @safevarargs suppresses a warning by the compiler and doesn't change how the jit behaves.


@safevarargs does not prevent it from happening, however it mandates that the compiler is stricter when compiling code that uses it. explains this in futher detail.

heap pollution is when you get a classcastexception when doing an operation on a generic interface and it contains another type than declared.


when you declare

public static <t> void foo(list<t>... bar) the compiler converts it to

public static <t> void foo(list<t>[] bar) then to

public static void foo(list[] bar)

the danger then arises that you'll mistakenly assign incorrect values into the list and the compiler will not trigger any error. for example, if t is a string then the following code will compile without error but will fail at runtime:

// first, strip away the array type (arrays allow this kind of upcasting)
object[] objectarray = bar;

// next, insert an element with an incorrect type into the array
objectarray[0] = arrays.aslist(new integer(42));

// finally, try accessing the original array. a runtime error will occur
// (classcastexception due to a casting from integer to string)
t firstelement = bar[0].get(0);

if you reviewed the method to ensure that it doesn't contain such vulnerabilities then you can annotate it with @safevarargs to suppress the warning. for interfaces, use @suppresswarnings("unchecked").

if you get this error message:

varargs method could cause heap pollution from non-reifiable varargs parameter

and you are sure that your usage is safe then you should use @suppresswarnings("varargs") instead. see is @safevarargs an appropriate annotation for this method? and for a nice explanation of this second kind of error.


Related Query

More Query from same tag