USB: ci13xxx_udc: Fix kernel panic during composition switch

The control endpoint requests are not nuked properly during
composition switch.  The stale request is getting completed
during enumeration of the new composition.  Kernel panics if
completion handler access already freed data.  This is happening
with RNDIS interface.

The Android composite driver dequeue the control request before
removing the composition.  The current code returns immediately
if the queue is empty.  The control endpoint queues are handled
differently.  The EP0 IN endpoint is only exposed to the composite
driver.  The controller driver takes care of queuing the request
on EP0 IN or EP0 OUT based on control transfer direction.  When
the composite driver dequeue request on control endpoint, check
both direction endpoints queues.

When USB bus is reset, nuke the control endpoints.  Flushing the
endpoint will not call completion handler.

Test endpoint queue list, request list, endpoint descriptor and
soft pull up status under spinlock to prevent any races between
dequeue and queue paths.

CRs-Fixed: 474578
Change-Id: I3d7ca4be4d6cee65707879c6c9b501f442e53018
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>