zfs_get_data has unsafe access to znode in debug build
In zfs_vnops.c, in the zfs_get_data() function, there is an unsafe access to a znode after dropping its vnode reference.
error = dmu_sync(zio, lr->lr_common.lrc_txg, zfs_get_done, zgd);
ASSERT(error || lr->lr_length <= zp->z_blksz);
The assertion is referencing zp but in zfs_get_done() callback the vnode reference was dropped. Upon return from dmu_sync() the znode could have already been recycled and changed type (no longer a file!) and the test "lr->lr_length <= zp->z_blksz" could fail!
Found running fstorture against a debug build of zfs.