Proposal: Allow illegal reflective access by default in JDK 9

Volker Simonis volker.simonis at
Fri May 19 15:55:10 UTC 2017

On Fri, May 19, 2017 at 1:05 PM, Alan Bateman <Alan.Bateman at> wrote:
> On 19/05/2017 10:48, Volker Simonis wrote:
>> :
>>  From my understanding, at run-time, "open" implicates "exports" (i.e.
>> if a module M1 opens a package P for some other module M2 it also,
>> implicitly exports P to M2). The  "big kill switch" in both, its old
>> and in the newly proposed form, usually only refers to "enabling
>> reflective access" but doesn't explicitly mentions that it will also,
>> implicitly export the respective packages. Also, the usage of the
>> "kill switch" only produces warnings for reflective accesses which are
>> enabled by the option itself (and not at the same time, explicitly
>> allowed by --add-opens directives). But it doesn't warn about the
>> simple, non-reflective accesses to packages which are implicitly
>> exported by the kill switch as well.
> You are correct. If the package is opened at run-time:
> 1. All public members of public types in the package are accessible. This
> includes both static and reflective access.
> 2. All members of all types in the package can be reflected on when using
> setAccessible or privateLookupIn.
> The reason you don't get warnings with the static references is because
> access checking in the VM is very low level and we deliberately decided to
> avoid the invasive changes needs to report warnings here. The latest
> proposal does not change this, it's just too late in JDK 9 to take on this
> surgery.

I understand. But than we should at least document it more thoroughly
that "--illegal-access=warn" really only warns for reflective accesses
and not for static ones (which are implicitly enabled by
"--illegal-access=permit"). We must make it clear to developers that
running an application warning-free with
"--illegal-access=permit/warn" doesn't necessarily mean that the same
application will also run correctly with "--illegal-access=deny".


> -Alan

More information about the jigsaw-dev mailing list