Index: sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c
===================================================================
--- sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c
+++ sys/cddl/contrib/opensolaris/uts/common/dtrace/fasttrap.c
@@ -1089,6 +1089,8 @@
 		ASSERT(p->p_proc_flag & P_PR_LOCK);
 #endif
 		p->p_dtrace_count--;
+
+		atomic_add_rel_64(&p->p_fasttrap_tp_gen, 1);
 	}
 
 	/*
Index: sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c
===================================================================
--- sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c
+++ sys/cddl/contrib/opensolaris/uts/intel/dtrace/fasttrap_isa.c
@@ -967,6 +967,7 @@
 	struct reg reg, *rp;
 	proc_t *p = curproc, *pp;
 	struct rm_priotracker tracker;
+	uint64_t gen;
 	uintptr_t pc;
 	uintptr_t new_pc = 0;
 	fasttrap_bucket_t *bucket;
@@ -1026,8 +1027,22 @@
 	while (pp->p_vmspace == pp->p_pptr->p_vmspace)
 		pp = pp->p_pptr;
 	pid = pp->p_pid;
+	if (pp != p) {
+		PROC_LOCK(pp);
+		if ((pp->p_flag & P_WEXIT) != 0) {
+			/*
+			 * This can happen if the child was created with
+			 * rfork(2).  Userspace tracing cannot work reliably in
+			 * such a scenario, but we can at least try.
+			 */
+			PROC_UNLOCK(pp);
+			sx_sunlock(&proctree_lock);
+			return (-1);
+		}
+		_PHOLD_LITE(pp);
+		PROC_UNLOCK(pp);
+	}
 	sx_sunlock(&proctree_lock);
-	pp = NULL;
 
 	rm_rlock(&fasttrap_tp_lock, &tracker);
 #endif
@@ -1051,11 +1066,28 @@
 	if (tp == NULL) {
 #ifdef illumos
 		mutex_exit(pid_mtx);
+		return (-1);
 #else
 		rm_runlock(&fasttrap_tp_lock, &tracker);
-#endif
+		gen = atomic_load_acq_64(&pp->p_fasttrap_tp_gen);
+		if (pp != p)
+			PRELE(pp);
+		if (curthread->t_fasttrap_tp_gen != gen) {
+			/*
+			 * The tracepoint hash table has been updated at least
+			 * once since we hit the tracepoint.  Speculate that the
+			 * tracepoint has since been removed and retry the
+			 * instruction.
+			 */
+			curthread->t_fasttrap_tp_gen = gen;
+			tf->tf_rip = pc;
+			return (0);
+		}
 		return (-1);
+#endif
 	}
+	if (pp != p)
+		PRELE(pp);
 
 	/*
 	 * Set the program counter to the address of the traced instruction
Index: sys/cddl/dev/dtrace/dtrace_cddl.h
===================================================================
--- sys/cddl/dev/dtrace/dtrace_cddl.h
+++ sys/cddl/dev/dtrace/dtrace_cddl.h
@@ -37,7 +37,7 @@
 	u_int64_t	p_dtrace_count;		/* Number of DTrace tracepoints */
 	void		*p_dtrace_helpers;	/* DTrace helpers, if any */
 	int		p_dtrace_model;
-
+	uint64_t	p_fasttrap_tp_gen;	/* Tracepoint hash table gen */
 } kdtrace_proc_t;
 
 /*
@@ -86,6 +86,7 @@
 	u_int64_t	td_hrtime;	/* Last time on cpu. */
 	void		*td_dtrace_sscr; /* Saved scratch space location. */
 	void		*td_systrace_args; /* syscall probe arguments. */
+	uint64_t	td_fasttrap_tp_gen; /* Tracepoint hash table gen. */
 } kdtrace_thread_t;
 
 /*
@@ -113,10 +114,12 @@
 #define	t_dtrace_regv	td_dtrace->td_dtrace_regv
 #define	t_dtrace_sscr	td_dtrace->td_dtrace_sscr
 #define	t_dtrace_systrace_args	td_dtrace->td_systrace_args
+#define	t_fasttrap_tp_gen	td_dtrace->td_fasttrap_tp_gen
 #define	p_dtrace_helpers	p_dtrace->p_dtrace_helpers
 #define	p_dtrace_count	p_dtrace->p_dtrace_count
 #define	p_dtrace_probes	p_dtrace->p_dtrace_probes
 #define	p_model		p_dtrace->p_dtrace_model
+#define	p_fasttrap_tp_gen	p_dtrace->p_fasttrap_tp_gen
 
 #define	DATAMODEL_NATIVE	0
 #ifdef __amd64__