sctp: Release the socket reference when detaching an association

Later in sctp_free_assoc(), when we clean up chunk lists,
sctp_free_spbufspace() is used to reset the byte count in the socket
send buffer. However, if the PCB is going away, the socket may already
have been detached from the PCB, in which case this becomes a use-after
free. Clear the socket reference from the association before detaching
it from the PCB, if the PCB has already lost its socket reference.

Reviewed by: tuexen
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 65f30a39e11bbbab927dbd2ca8de5ec5fc6af7ca)