vm_fault: Fix a racy copy of page valid bits

We do not hold the object lock or a page busy lock when copying src_m's
validity state. Prior to commit 45d72c7d7fca we marked dst_m as fully
valid.

Use the source object's read lock to ensure that valid bits are not
concurrently cleared.

Reviewed by: alc, kib
Fixes: 45d72c7d7fca ("vm_fault_copy_entry: accept invalid source pages.")
Sponsored by: The FreeBSD Foundation

(cherry picked from commit d0443e2b9832f01319bcaaece8102d998bf81f01)