--- old/src/hotspot/share/runtime/sharedRuntime.cpp	2019-04-25 12:05:33.288813050 -0400
+++ new/src/hotspot/share/runtime/sharedRuntime.cpp	2019-04-25 12:05:32.652813061 -0400
@@ -64,8 +64,10 @@
 #include "runtime/interfaceSupport.inline.hpp"
 #include "runtime/java.hpp"
 #include "runtime/javaCalls.hpp"
+#include "runtime/objectMonitor.hpp"
 #include "runtime/sharedRuntime.hpp"
 #include "runtime/stubRoutines.hpp"
+#include "runtime/synchronizer.hpp"
 #include "runtime/vframe.inline.hpp"
 #include "runtime/vframeArray.hpp"
 #include "utilities/copy.hpp"
@@ -3110,9 +3112,13 @@
        kptr2 = fr.next_monitor_in_interpreter_frame(kptr2) ) {
     if (kptr2->obj() != NULL) {         // Avoid 'holes' in the monitor array
       BasicLock *lock = kptr2->lock();
+      // Disallow async deflation of the inflated monitor so the
+      // displaced header stays stable until we've copied it.
+      ObjectMonitorHandle omh;
       // Inflate so the displaced header becomes position-independent
-      if (lock->displaced_header()->is_unlocked())
-        ObjectSynchronizer::inflate_helper(kptr2->obj());
+      if (lock->displaced_header()->is_unlocked()) {
+        ObjectSynchronizer::inflate_helper(&omh, kptr2->obj());
+      }
       // Now the displaced header is free to move
       buf[i++] = (intptr_t)lock->displaced_header();
       buf[i++] = cast_from_oop<intptr_t>(kptr2->obj());