That's true. However, the underlying JIT compiler only has to compile Java bytecode correctly. Java is a relatively simple and regular language for a compiler to digest. It also helps that the Graal/Truffle compilers are themselves written in Java. It's memory safe all the way down*, leaving the only safety problems being the logical correctness of the optimizations for Java. Which, sure, can still be incorrect, but as you observe, that's a much smaller surface area to defend and you only have to get it right once.

Also the Graal team do some pretty advanced stuff to find security problems in the optimizations, in particular:

1. Lots of fuzzing.

2. Comparisons between Graal's output and the output of C2, which is a totally independent codebase. So you've got two different compilers and if they compute very different machine code, and it's not known to be an expected difference, that is used as a trigger to investigate things.

There are also small amounts of unsafe code in Truffle where checks are bypassed for speed, because it can be proven to be safe.

So overall it's a big win even if it can't eliminate 100% of all safety problems. This is similar to how Rust works, where unsafe stuff is done but in clearly defined sections that are easy to locate and audit, and the bulk of the unsafe code that most apps need is in the standard library.

BTW you can implement language specific optimizations in Truffle. It couldn't be competitive with V8 if that wasn't possible. For example dynamically typed scripting languages often need an optimization called object shapes. That's a part of the Truffle framework so all scripting langs can benefit from it. It's irrelevant for Java-like langs though.

Disclosure: I wrote the article.

*exception, the GC