While looking at other stuff, a colleague found that bv_cnt was sometimes looked at without the corresponding bufobj being locked.
Proposed patch on Phabricator: https://reviews.freebsd.org/D4931
A commit references this bug:
Date: Sun Jan 17 01:04:20 UTC 2016
New revision: 294200
[PR 206224] bv_cnt is sometimes examined without holding the bufobj lock
Add locking around access to bv_cnt which is currently being done unlocked
Reviewed by: imp
Approved by: jhb
MFC after: 1 week
Sponsored by: Panasas, Inc.
Differential Revision: https://reviews.freebsd.org/D4931