In the following code, if k is a shared ArrayKlass, it may be passed to klass_closure->do_klass() before its InstanceKlass is in the is_loaded() state.
void ClassLoaderData::loaded_classes_do(KlassClosure* klass_closure) {
// Lock-free access requires load_acquire
for (Klass* k = Atomic::load_acquire(&_klasses); k != NULL; k = k->next_link()) {
// Do not filter ArrayKlass oops here...
if (k->is_array_klass() || (k->is_instance_klass() && InstanceKlass::cast(k)->is_loaded())) {
#ifdef ASSERT
oop m = k->java_mirror();
assert(m != NULL, "NULL mirror");
assert(m->is_a(vmClasses::Class_klass()), "invalid mirror");
#endif
klass_closure->do_klass(k);
}
}
}
Scenario:
[1] java/lang/Object is restored via InstanceKlass::restore_unshareable_info()
[2] [Ljava/lang/Object; is restored in when InstanceKlass::restore_unshareable_info() calls array_klasses()->restore_unshareable_info()
At this point, both Klasses are in the ClassLoaderData::_klasses list. However, java/lang/Object is not yet loaded. If another thread calls ClassLoaderData::loaded_classes_do(), it will see the ArrayKlass but not the InstanceKlass.
See discussions in https://github.com/openjdk/jdk/pull/5935