Module.addOpens should log if the package has been opened for illegal access for the caller

Alan Bateman Alan.Bateman at oracle.com
Thu Dec 10 07:59:53 UTC 2020


On 09/12/2020 22:45, Johannes Kuhn wrote:
> Hope I got the right mailing list, otherwise please direct me there.
>
> Module.addOpens currently doesn't produce an illegal access warning if 
> the target package has only be opened for illegal access.
>
The Module methods were not intended to emit warnings. The warnings are 
supposed to be emitted by calls to AccessibleObject methods that will 
fail when the default switches to deny illegal reflective access by default.

I think your argument is that if any of the standard or JDK modules 
opens a package for illegal reflective access then code on the class 
path can use Module.addOpens to open the package, which has the 
effective of suppressing warnings. That behavior is there to support the 
--add-opens command line option.

So I think this needs a bit of thinking time to see if it's worth trying 
to do anything here. The default has switched for Java 16 and the 
intention is that the --illegal-access option will be removed by a 
future JEP. I agree it would be sad to see hacks like this in 
production, it would be far better to channel the energy being put into 
hacking around warnings to fixing fragile code to not rely on JDK internals.

-Alan


More information about the jigsaw-dev mailing list