Illegal reflective access by org.springframework.cglib.core.ReflectUtils$1

Question

My JDK 9+181 Spring Boot 2.0.0.BUILD-SNAPSHOT CLI application displays this warning on startup:

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.springframework.cglib.core.ReflectUtils$1 (jar:file:/home/jan/src/fm-cli/target/fm-cli-0.1.0-SNAPSHOT.jar!/BOOT-INF/lib/spring-core-5.0.0.RELEASE.jar!/) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of org.springframework.cglib.core.ReflectUtils$1

This is a console application, so I need to disable this warning -- how can I do that?

Note: This question asks the specific question of how to disable this warning triggered by Spring; it is not a duplicate of JDK9: An illegal reflective access operation has occurred. org.python.core.PySystemState which deals with a similar symptom in a different library.

Answer 1

In JDK 9+, add the following option to the JVM to disable the warning from Spring's use of CGLIB:

--add-opens java.base/java.lang=ALL-UNNAMED

for example:

java --add-opens java.base/java.lang=ALL-UNNAMED -jar target/*.jar

No need to report it; it's a known Spring bug.

This happens because the new JDK 9 module system detected an illegal access that will be disallowed sometime in the (near) future. You can read more about the JDK 9 Module system here.

Update:

A fix for this issue is available JDK 9+ with Spring 5.1+.

Answer 2

This also happened to me on JDK 11 and Spring Boot 2.2.1 (Spring Core 5.2.1).

What helped was removing the dependency to org.springframework.boot:spring-boot-devtools, as suggested in some comments to Spring Framework issue #22814.

Answer 3

Adding to Jan Nielsen answer above, if you are using Intellij and Spring Boot 2.0.3, which depends on Spring core 5.0.7, you are still stuck and do not have the fix.

The way out for me needed two things:

• Add the --add-opens mentioned by Jan to your run/debug configuration. Just edit the configuration and look under Environment / VM Options. This takes care of silencing some of the "illegal access messages".

• I also needed to add a dependency to the jaxb-api library. I got the hint from ValentinBossi comment on this spring github issue.

Answer 4

When using the spring initializer, make sure you use the latest version of Spring Boot. It automatically gets Spring core 5.1 or greater for you and you won't see the error when you run the project.

So you don't have to worry about editing any JVM configuration.