Error for Spring Boot 1.5.x (1.5.19.RELEASE, using the latest spring-core-4.3.22.RELEASE.jar)
I have not seen this error before within previous boot 1.5.17.RELEASE.
And frankly upgrade to the latest 1.5.19.RELEASE/spring-core-4.3.22.RELEASE.jar was maybe 1-2 weeks ago.
So why this error appeared?
14:43:23.388 [main] INFO o.s.b.f.s.DefaultListableBeanFactory#registerBeanDefinition:826 - Overriding bean definition for bean 'managementServletContext' with a different definition: replacing [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.actuate.autoconfigure.EndpointWebMvcHypermediaManagementContextConfiguration; factoryMethodName=managementServletContext; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/actuate/autoconfigure/EndpointWebMvcHypermediaManagementContextConfiguration.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.boot.actuate.autoconfigure.EndpointWebMvcAutoConfiguration; factoryMethodName=managementServletContext; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/boot/actuate/autoconfigure/EndpointWebMvcAutoConfiguration.class]]
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils$1 (file:/C:/Users/myuserlogin/.m2/repository/org/springframework/spring-core/4.3.22.RELEASE/spring-core-4.3.22.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
14:43:25.687 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor#<init>:155 - JSR-330 'javax.inject.Inject' annotation found and supported for autowiring
ref https://github.com/spring-projects/spring-framework/issues/22019
Comment From: jhoeller
This is just a warning that appears on JDK 9+, caused by the use of internal JDK API in CGLIB. You may safely ignore this for the time being; a Spring Framework 4.3 based application will nevertheless run fine.
For full JDK 9+ support, please upgrade to Spring Framework 5.1+ / Spring Boot 2.1+.
Comment From: paulvi
This warning has been on JDK 8 u201
Comment From: jhoeller
Seriously, on a recent JDK 8 update? Could you please double-check that? This is only known to appear on JDK 9+ against the new module system foundation there.
In any case, those warnings will only disappear as of Spring Framework 5.1+. The alternative way of defining classes on JDK 9+ is quite involved and comes with side effects, so we are not going to backport it. With 4.3.x and 5.0.x, it's safe to ignore those warnings anyway, as far as we're aware.
Comment From: paulvi
OK, I will do java -version at work....
Comment From: paulvi
D:\Workspaces\Projectname>java -version
java version "1.8.0_201"
Java(TM) SE Runtime Environment (build 1.8.0_201-b09)
Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode)
OS Windows 10
Comment From: snicoll
@paulvi java -version is not a proof that the process you are running is using that version.
Comment From: paulvi
Indeed, my wrong:
while a have Java 8 on path, and have been using it for all projects,
my IDE chose JDK 11, when I was reimporting code into IDE yesterday, and I just noticed this.
The good news is that after using JDK 11 for a day, I have not noticed any other issues.
Comment From: sbrannen
@paulvi, thanks for the feedback.
Comment From: cy503328434
OS Windows 10, jdk-11.0.5, Spring boot 2.2.1,spring-core/5.2.1.RELEASE, I noticed stille has:WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/E:/dev/gradle/repository/caches/modules-2/files-2.1/org.springframework/spring-core/5.2.1.RELEASE/32b265ff5c7c35257b5a242b9628dcd321a2b010/spring-core-5.2.1.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Comment From: nilsign
@cy503328434 I am getting the same warning on OS Windows 10, jdk-11.0.2, Spring boot 2.2.1,spring-core/5.2.1.RELEASE!
Comment From: tezcan10
I am experiencing this warning on MacOS Catalina, oracle JDK11, spring 5.1.6 and spring boot 2.1.10 Can you please inform me of a solution (not the mentioned work around of --add jvm option as mention in stackoverflow)
Comment From: elue
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file://org/springframework/spring-core/5.2.2.RELEASE/spring-core-5.2.2.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Comment From: mariusstaicu
I'm getting the same on spring-core-5.1.10 with jdk 11. This should be reopened.
Comment From: herrsorgenfrei
same warning on openjdk64-11.0.2, spring-core-5.2.2.RELEASE.jar, spring boot 2.2.2.RELEASE
Comment From: KaranLala
Same issue Windows 10, jdk-11.0.3, spring-boot 2.0.6.Release, spring-core 5.0.10.RELEASE
Comment From: StevenHachel
Same Issue Windows 10 Prof., openjdk-12.0.2, spring-boot 2.1.4, openjfx 13
Comment From: johnstrickler
Same, Mac OS Mojave . openjdk 11.0.6 2020-01-14. spring boot 2.2.4.RELEASE
Comment From: ascheman
Same here (Spring Boot 2.2.4, OpenJDK 11, Alpine):
Illegal reflective access by org.springframework.cglib.core.ReflectUtils (jar:file:...jar!/BOOT-INF/lib/spring-core-5.2.3.RELEASE.jar!/) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
How many repeated reports are necessary to re-open the error, @jhoeller? This is No. 10 (with about 20 likes all-in-all in the last 3 months). Should we raise a new issue?
Comment From: funder7
Same on Windows 10 with Oracle JDK 11.0.6 LTS
Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:cC/<user-dir>/.gradle/caches/modules-2/files-2.1/org.springframework/spring-core/5.2.3.RELEASE/3734223040040e8c3fecd5faa3ae8a1ed6da146b/spring-core-5.2.3.RELEASE.jar
) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
Comment From: snicoll
Everyone, sharing the warning is not very useful unfortunately as the warning alone is no indication that it is the same problem. Please review this comment.
Comment From: jhoeller
Please note that this warning can still happen on Spring Framework 5.1+ in case of certain ClassLoader scenarios and certain kinds of application classes to be proxied. The root of the problem is that there is no full replacement for the (non-public) ClassLoader.defineClass mechanism in JDK 9+ since Lookup.defineClass does not allow for specifying the ClassLoader to define the class in (it rather always uses the ClassLoader of the given context class). For that reason, we have to keep using ClassLoader.defineClass in case of custom ClassLoader architectures such as OSGi, some Java EE scenarios, and also DevTools reloading. Some occurrences of that warning are therefore totally expected; we only ´fixed´ the case that we can actually address with the replacement API.
As for the warning itself, as Stéphane mentioned, unfortunately it only indicates that Spring's CGLIB variant has been used for creating a class in a specific ClassLoader where ClassLoader.defineClass still has to be used. What we really need to know about is the particular class that triggered the warning, the ClassLoader architecture in use, and the code path that led to the creation attempt.
Comment From: jhoeller
Note that launching the JVM with --illegal-access=deny will often work fine for Spring purposes, making the warning disappear and nevertheless being able to define the class at runtime since we'll automatically fall back to Lookup.defineClass, accepting its implicit ClassLoader choice. This is not a general recommendation since it will prevent OSGi and other custom ClassLoader architectures from working properly... but it may be a fine choice for many apps, as long as the third-party frameworks in use are not failing on such ´illegal´ access attempts either.
Comment From: funder7
@snicoll I think that you are receiving this reports because is the warning itself that says to report it here
Comment From: snicoll
@fadafez thank you. Adding a comment on a closed issue for something that could be totally unrelated is what I was trying to express. Hopefully you've reviewed the link in my comment.
Comment From: andrei-ivanov
I've tried with --illegal-access=deny, but it doesn't start anymore:
java.lang.reflect.InaccessibleObjectException: Unable to make protected final java.lang.Class java.lang.ClassLoader.findLoadedClass(java.lang.String) accessible: module java.base does not "opens java.lang" to unnamed module @dbb3c175
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(Unknown Source) ~[?:?]
at java.lang.reflect.AccessibleObject.checkCanSetAccessible(Unknown Source) ~[?:?]
at java.lang.reflect.Method.checkCanSetAccessible(Unknown Source) ~[?:?]
at java.lang.reflect.Method.setAccessible(Unknown Source) ~[?:?]
at org.springframework.util.ReflectionUtils.makeAccessible(ReflectionUtils.java:570) ~[spring-core-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.context.support.ContextTypeMatchClassLoader$ContextOverridingClassLoader.isEligibleForOverriding(ContextTypeMatchClassLoader.java:93) ~[spring-context-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.core.OverridingClassLoader.loadClass(OverridingClassLoader.java:87) ~[spring-core-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at java.lang.ClassLoader.loadClass(Unknown Source) ~[?:?]
at org.springframework.core.OverridingClassLoader.loadClass(OverridingClassLoader.java:82) ~[spring-core-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.context.support.ContextTypeMatchClassLoader.loadClass(ContextTypeMatchClassLoader.java:69) ~[spring-context-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doResolveBeanClass(AbstractBeanFactory.java:1528) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1468) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.determineTargetType(AbstractAutowireCapableBeanFactory.java:682) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:649) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:1604) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.doGetBeanNamesForType(DefaultListableBeanFactory.java:520) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeanNamesForType(DefaultListableBeanFactory.java:491) ~[spring-beans-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.context.support.PostProcessorRegistrationDelegate.registerBeanPostProcessors(PostProcessorRegistrationDelegate.java:191) ~[spring-context-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.registerBeanPostProcessors(AbstractApplicationContext.java:722) ~[spring-context-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:535) ~[spring-context-5.2.3.RELEASE.jar!/:5.2.3.RELEASE]
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215) ~[spring-boot-2.2.4.RELEASE.jar!/:2.2.4.RELEASE]
Running with a JDK 11.0.6_10_openj9-0.18.1 in a simple Spring Boot fat jar
Comment From: joshdcollins
@jhoeller
If it helps, for me it began occurring after I added a class which implements ApplicationListener<ApplicationReadyEvent>
This is happening with Spring 5.2.4 and Amazon JDK 11.0.6.
The warning appears in IntelliJ (IntelliJ IDEA 2019.3.4 (Ultimate Edition) Build #IU-193.6911.18) when running the springboot app in Debug mode. In a non-debug 'Run' the warning does not occur.
Comment From: oraculo-nl
this might help make the warning dissappear https://github.com/spring-projects/spring-framework/issues/22814#issuecomment-557456953
Comment From: BrunoYoshioka
For me it resolved, in Windows 10 In Intellij IDEA Community Edition 2019.2.3 follow the steps: * Go to the C:\Users\UserName.m2 directory and remove everything. * In Intellij, right click on the project, Maven > Reimport * Expect to load all dependencies. * Right click on the project, Open Module Settings > Change the SDK to 1.8.0_221.
In Eclipse IDE Jee 2019-09 follow the steps: * Go to the C:\Users\UserName.m2 directory and remove everything. * In Eclipse, right click on the project, Run As > Maven Build... and type clear install in the Goals field, and Run * Expect to load all dependencies. * Change the SDK to 1.8.0_221.
Hope this helps.
Comment From: mananmehta11
Illegal reflective access by org.springframework.cglib.core.ReflectUtils - spring-core-5.2.5.RELEASE.jar .m2/repository/org/springframework/spring-core/5.2.5.RELEASE/spring-core-5.2.5.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
For myself it started to appear when using Spring HATEOAS - linkTo(methodOn(Some.class))
Comment From: alsaghir
Using latest Spring boot with self auto-wiring a service (singleton bean) caused to show this message
Spring boot 2.2.6.RELEASE
Comment From: M0-AR
For me it resolved, in Windows 10 In Intellij IDEA Community Edition 2019.2.3 follow the steps:
- Go to the C:\Users\UserName.m2 directory and remove everything.
- In Intellij, right click on the project, Maven > Reimport
- Expect to load all dependencies.
- Right click on the project, Open Module Settings > Change the SDK to 1.8.0_221.
In Eclipse IDE Jee 2019-09 follow the steps:
- Go to the C:\Users\UserName.m2 directory and remove everything.
- In Eclipse, right click on the project, Run As > Maven Build... and type clear install in the Goals field, and Run
- Expect to load all dependencies.
- Change the SDK to 1.8.0_221.
Hope this helps.
Thank you so much. It's working.
Comment From: Tera
I have the same issue when I use spring.profiles.active property, without it, works perfectly
I use spring 2.3.0 and java 11.0.2
java -version
openjdk version "11.0.2" 2019-01-15
OpenJDK Runtime Environment 18.9 (build 11.0.2+9)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.2+9, mixed mode)
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector (file:~/.gradle/caches/modules-2/files-2.1/com.sun.xml.bind/jaxb-impl/2.3.0.1/2e979dabb3e5e74a0686115075956391a14dece8/jaxb-impl-2.3.0.1.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int)
WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Comment From: neeteshnarvaria
Hi,
I am getting warnings after upgrading java version from 1.8 to java 11 and spring-boot version1.5.3 to 2.3.0.
java version "11.0.7" 2020-04-14 LTS Java(TM) SE Runtime Environment 18.9 (build 11.0.7+8-LTS) Java HotSpot(TM) 64-Bit Server VM 18.9 (build 11.0.7+8-LTS, mixed mode)
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/C:/Users/..../.m2/repository/org/springframework/spring-core/5.2.6.RELEASE/spring-core-5.2.6.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/C:/Users/..../.m2/repository/org/springframework/spring-core/5.2.6.RELEASE/spring-core-5.2.6.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils
WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Comment From: Adriansun
AdoptOpenJdk 14.0.1 Spring Boot 2.3.1
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/C:/Users/condo/.m2/repository/org/springframework/spring-core/5.2.7.RELEASE/spring-core-5.2.7.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Edit | 2020-11-16: AdoptOpenJDK: 15.0.1+9 Spring Boot 2.4.0.
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/C:/Users/condo/.m2/repository/org/springframework/spring-core/5.3.1/spring-core-5.3.1.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Comment From: TalosDx
Azul Zulu 11.0.6 Zulu 11.37+17 4c3a2c98f1f6 OpenJSSE 1.1.2 549936e0c69481addad323098e23f307a0e98bce Spring Boot 2.2.4.RELEASE / on latest 2.2.*
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/C:/Users/talos/.m2/repository/org/springframework/spring-core/5.2.4.RELEASE/spring-core-5.2.4.RELEASE.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Comment From: aronfiechter
This has just happened for me.
I'm on spring-core/5.3.0-M1, spring-boot/2.4.0-M1.
If it helps, it started happening after I added a class implementing ApplicationContextAware to provide access to Beans from outside Spring code, as described in this article.
Comment From: napsterv
Happening to me as well. Windows 10 / Amazon Coretto JDK 11/ Spring Boot 2.3.4 RELEASE
Comment From: chattling
Happening to me as well. Windows 10 / Oracle JDK 11.0.8 / Spring Boot 2.3.4 RELEASE
Comment From: krzyk
@jhoeller Considering that there is now https://openjdk.java.net/jeps/396 which will replace this warning with an error (application will fail to start) are the plans on somehow fix the issue in all cases? This JEP doesn't yet have a target release, but both JDK 16 and 17 are likely.
Or maybe report issue to JDK that defineClass is lacking some feature?
I would gladly do that, but I don't know anything about reflection in Java :(
Comment From: jcantonio
Same issue Mac OS / Oracle JDK 11.0.9 / Spring Boot 2.3.4 and Mac OS / AdoptOpen JDK 11.0 / Spring Boot 2.3.4
Comment From: chattling
Resolved for me after upgrade to Spring Boot 2.4.0.
Comment From: RicoApfelbeck
still the same error with Spring Boot 2.4.0 and adopt openJDK 15.0.1 under macOS BigSur 11.0.1
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/Users/ra/.m2/repository/org/springframework/spring-core/5.3.1/spring-core-5.3.1.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
Comment From: gaurav2493
still the same error with Spring Boot 2.4.0 and adopt openJDK 15.0.1 under macOS BigSur 11.0.1
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:/Users/ra/.m2/repository/org/springframework/spring-core/5.3.1/spring-core-5.3.1.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
I'm getting the same in JDK 11(adopt-openj9-11.0.9)
Comment From: roeniss
same issue.
Mac OS 10.15.7 / Spring Boot 2.4.1
openjdk version "11.0.9.1" 2020-11-04 OpenJDK Runtime Environment AdoptOpenJDK (build 11.0.9.1+1) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11.0.9.1+1, mixed mode)
Comment From: jhoeller
A quick update: See my comment at https://github.com/spring-projects/spring-framework/issues/22814#issuecomment-762862757 -
We're fine-tuning our defineClass handling for Boot's DevTools where a significant number of warnings comes from at the moment. Proxying for JDK library classes remains tough, as explained there as well.
Please note that many scenarios are going to work ok even with --illegal-access=deny in JDK 16 since we have a fallback in place once our defineClass attempt fails. Nevertheless, we'd like to address all remaining Boot scenarios so that we do not need to reflectively call ClassLoader.defineClass at all anymore, avoiding warnings with --illegal-access=warn.
An easy way out is also --add-opens java.base/java.lang=ALL-UNNAMED on JVM startup, getting rid of the warning in any scenario and also making any scenario work with --illegal-access=deny. All we're trying to do is improve the default experience with Spring Boot 2.4.x / 2.5 on Spring Framework 5.3.x, given the advent of JDK 16 and then JDK 17 LTS.
Comment From: msiniy
I just reproduced warnings on openjdk 11.0.10 without any additional dependencies, just by unpacking the simplest starter archive and adding simple configuration:
@Configuration
public class TestConfiguration {
@Bean("testbean")
@Scope(value = ConfigurableBeanFactory.SCOPE_PROTOTYPE, proxyMode = ScopedProxyMode.TARGET_CLASS)
public Object testBean() {
return "hehe";
}
}
Probably this is related to the difficulties with proxying of JDK classes (java.lang.Object).
Comment From: TinaTiel
Can also confirm this issue, if it helps this only started happening after adding Spring Integration (via the spring-boot-starter-integration starter -- version 5.4.2 according to effective POM) Windows 10 Java 11.0.11 (adopt-open-j9-11) Spring Boot v2.4.1, Spring v5.3.2
Comment From: tkohegyi
Occurred for me too, after I started to create a new class with
@Component
@Scope(value = "session", proxyMode = ScopedProxyMode.TARGET_CLASS) //<- happened when inserted, and this class is used in other Component as @Autowired
WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils (file:.....jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release
JDK: azul-15.0.5 OS: Win10 Lib versions: orgSpringframework='5.3.24' orgSpringframeworkSecurity='5.8.1' (no spring boot libs at all)