KMSAN: use-after-free in rxrpc_put

=====================================================
BUG: KMSAN: use-after-free in arch_atomic_try_cmpxchg arch/x86/include/asm/atomic.h:200 [inline]
BUG: KMSAN: use-after-free in atomic_try_cmpxchg include/asm-generic/atomic-instrumented.h:695 [inline]
BUG: KMSAN: use-after-free in queued_spin_lock include/asm-generic/qspinlock.h:78 [inline]
BUG: KMSAN: use-after-free in do_raw_spin_lock include/linux/spinlock.h:181 [inline]
BUG: KMSAN: use-after-free in __raw_spin_lock_bh include/linux/spinlock_api_smp.h:136 [inline]
BUG: KMSAN: use-after-free in _raw_spin_lock_bh+0x72/0xb0 kernel/locking/spinlock.c:175
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x191/0x1f0 lib/dump_stack.c:113
 kmsan_report+0x14a/0x2f0 mm/kmsan/kmsan_report.c:109
 __msan_warning+0x73/0xf0 mm/kmsan/kmsan_instr.c:245
 arch_atomic_try_cmpxchg arch/x86/include/asm/atomic.h:200 [inline]
 atomic_try_cmpxchg include/asm-generic/atomic-instrumented.h:695 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:78 [inline]
 do_raw_spin_lock include/linux/spinlock.h:181 [inline]
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:136 [inline]
 _raw_spin_lock_bh+0x72/0xb0 kernel/locking/spinlock.c:175
 spin_lock_bh include/linux/spinlock.h:343 [inline]
 __rxrpc_put_peer net/rxrpc/peer_object.c:415 [inline]
 rxrpc_put_peer+0x333/0x7d0 net/rxrpc/peer_object.c:435
 rxrpc_rcu_destroy_call+0x8a/0x1e0 net/rxrpc/call_object.c:566
 __rcu_reclaim kernel/rcu/rcu.h:222 [inline]
 rcu_do_batch kernel/rcu/tree.c:2157 [inline]
 rcu_core+0xc99/0x1b10 kernel/rcu/tree.c:2377
 rcu_core_si+0xe/0x10 kernel/rcu/tree.c:2386
 __do_softirq+0x4a1/0x83a kernel/softirq.c:293
 run_ksoftirqd+0x25/0x40 kernel/softirq.c:607
 smpboot_thread_fn+0x4a3/0x990 kernel/smpboot.c:165
 kthread+0x4b5/0x4f0 kernel/kthread.c:256
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:150 [inline]
 kmsan_internal_poison_shadow+0x60/0x110 mm/kmsan/kmsan.c:133
 kmsan_slab_free+0x8d/0x100 mm/kmsan/kmsan_hooks.c:121
 slab_free_freelist_hook mm/slub.c:1473 [inline]
 slab_free mm/slub.c:3040 [inline]
 kfree+0x4c1/0x2e70 mm/slub.c:3990
 rxrpc_local_rcu+0x7a/0xe0 net/rxrpc/local_object.c:499
 __rcu_reclaim kernel/rcu/rcu.h:222 [inline]
 rcu_do_batch kernel/rcu/tree.c:2157 [inline]
 rcu_core+0xc99/0x1b10 kernel/rcu/tree.c:2377
 rcu_core_si+0xe/0x10 kernel/rcu/tree.c:2386
 __do_softirq+0x4a1/0x83a kernel/softirq.c:293
 invoke_softirq kernel/softirq.c:375 [inline]
 irq_exit+0x230/0x280 kernel/softirq.c:416
 exiting_irq+0xe/0x10 arch/x86/include/asm/apic.h:536
 smp_apic_timer_interrupt+0x48/0x70 arch/x86/kernel/apic/apic.c:1139
 apic_timer_interrupt+0x2e/0x40 arch/x86/entry/entry_64.S:837
 __msan_instrument_asm_store+0x102/0x150 mm/kmsan/kmsan_instr.c:75
 arch_atomic_inc arch/x86/include/asm/atomic.h:97 [inline]
 atomic_inc include/asm-generic/atomic-instrumented.h:240 [inline]
 page_ref_inc include/linux/page_ref.h:107 [inline]
 get_page include/linux/mm.h:1029 [inline]
 copy_one_pte mm/memory.c:773 [inline]
 copy_pte_range mm/memory.c:824 [inline]
 copy_pmd_range mm/memory.c:875 [inline]
 copy_pud_range mm/memory.c:909 [inline]
 copy_p4d_range mm/memory.c:931 [inline]
 copy_page_range+0x2de6/0x43a0 mm/memory.c:993
 dup_mmap+0x1510/0x1d60 kernel/fork.c:602
 dup_mm+0x1f2/0x710 kernel/fork.c:1363
 copy_mm kernel/fork.c:1419 [inline]
 copy_process+0x390c/0x89f0 kernel/fork.c:2014
 _do_fork+0x25c/0xeb0 kernel/fork.c:2368
 __do_sys_clone kernel/fork.c:2523 [inline]
 __se_sys_clone+0x32a/0x370 kernel/fork.c:2504
 __x64_sys_clone+0x62/0x80 kernel/fork.c:2504
 do_syscall_64+0xb6/0x160 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x63/0xe7
=====================================================