usb: diag_ipc_bridge: Fix kref_put handling in case of transfers

usb: diag_ipc_bridge: Fix kref_put handling in case of transfers

Currently the driver puts kref in the read/write completion
callback irrespective of whether the transaction was successful
or not. This is fine for diag transfers because the read/write
function is not waiting for completion.
But in case of IPC transfers, the read/write function waits for
completion. If the transfer fails for some reason, then it will
do a kref_put as well, along with the completion callback. This
leads to double put of kref counter leading to null pointer
dereference from diag_bridge_disconnect(on cable disconnect).
Fix this by doing kref_put in the completion callback only if the
URB is submitted successfully. Else do it from the error handling
in read/write functions.

Change-Id: I50645cac757293dd0b1df9afb356281b2922401b
Signed-off-by: Ajay Agarwal <ajaya@codeaurora.org>