The problem is that sometimes _local_interfaces and _transitives_interfaces point to the same Array (see compute_transitive_interfaces()). But in fill_instance_klass() , the ownership of _local_interfaces is transferred from the ClassFileParser instance to the InstanceKlass before _transitive_interfaces . By doing so, _local_interfaces is set to NULL in the ClassFileParser instance, but _transitive_interfaces remains non-NULL (even when they point to the same Array). Then, if something goes wrong(*) before ownership of _transitive_interfaces is transferred to the InstanceKlass, the method deallocate_interfaces() is called from ~ClassFileParser() but it cannot detect that _local_interfaces and _transitive_interfaces were sharing the same Array and it de-allocates it when it shouldn’t. The Array would be de-allocated a second time in the destructor of the InstanceKlass.

(*) the only possible “something goes wrong” is that ik->initialize_supers(const_cast<InstanceKlass*>(_super_klass), _transitive_interfaces, CHECK); throws an exception, which in turns, is only possible if Array<Klass*>* s2 = MetadataFactory::new_array<Klass*>(class_loader_data(), new_length, CHECK); fails.

The issue has been triggered in an experiment with a custom repository and the StressDictionary test.