At the end of ClassFileParser::parseClassFile, we do:

  instanceKlassHandle this_klass (THREAD, preserve_this_klass);
  debug_only(this_klass->verify();)

Looking at the end of instanceKlass::verify_on (which is being called by Klass::verify):
  
  const Klass* host = host_klass();
  if (host != NULL) {
    guarantee(host->is_klass(), "should be klass");
  }

InstanceKlass::host_klass() has the following implementation:

  Klass* host_klass() const {
    Klass** hk = (Klass**)adr_host_klass();
    if (hk == NULL) {
      return NULL;
    } else {
      assert(*hk != NULL, "host klass should always be set if the address is not null");
      return *hk;
    }
  }

  
When loading a JSR-292 anonymous klass, ard_host_klass() will return a non-NULL value. But, since the Klass is allocated in Metaspace and Metaspace initialises all memory to NULL,*hk will be NULL and the assert will fail.

To trigger this code path, the following if statement (which is at the beginning of InstanceKlass::verify_on) must fail (since otherwise we won't do any verification):

#ifndef PRODUCT
  // Avoid redundant verifies, this really should be in product.
  if (_verify_count == Universe::verify_count()) return;
#endif

Universe::verify_count is unfortunately zero by default and so is _verify_count. You must also load a JSR-292 anonymous class since they are the only classes with a host_klass.

One possible fix is to simple do:
  
  this_klass->set_host_klass(host_klass)

before calling debug_only(this_klass->verify()).