On Fri, May 19, 2017 at 1:05 PM, Alan Bateman <alan.bate...@oracle.com> wrote: > On 19/05/2017 10:48, Volker Simonis wrote: > >> : >> >> From my understanding, at run-time, "open" implicates "exports" (i.e. >> if a module M1 opens a package P for some other module M2 it also, >> implicitly exports P to M2). The "big kill switch" in both, its old >> and in the newly proposed form, usually only refers to "enabling >> reflective access" but doesn't explicitly mentions that it will also, >> implicitly export the respective packages. Also, the usage of the >> "kill switch" only produces warnings for reflective accesses which are >> enabled by the option itself (and not at the same time, explicitly >> allowed by --add-opens directives). But it doesn't warn about the >> simple, non-reflective accesses to packages which are implicitly >> exported by the kill switch as well. > > You are correct. If the package is opened at run-time: > > 1. All public members of public types in the package are accessible. This > includes both static and reflective access. > > 2. All members of all types in the package can be reflected on when using > setAccessible or privateLookupIn. > > The reason you don't get warnings with the static references is because > access checking in the VM is very low level and we deliberately decided to > avoid the invasive changes needs to report warnings here. The latest > proposal does not change this, it's just too late in JDK 9 to take on this > surgery. >
I understand. But than we should at least document it more thoroughly that "--illegal-access=warn" really only warns for reflective accesses and not for static ones (which are implicitly enabled by "--illegal-access=permit"). We must make it clear to developers that running an application warning-free with "--illegal-access=permit/warn" doesn't necessarily mean that the same application will also run correctly with "--illegal-access=deny". Regards, Volker > -Alan
