Fix threading bugs in workqueue.c causing ThreadSanitizer warnings

Title: Fix race conditions in workqueue.c causing ThreadSanitizer warnings

Description:

Problem

ThreadSanitizer detects two critical threading bugs in src/lib/evloop/workqueue.c:

Unlocking unowned mutex: Worker threads attempt to unlock control_lock during shutdown without having acquired it
Lock ordering inconsistency: Different lock acquisition orders between main thread and worker threads create deadlock potential

Impact

Race conditions in production builds (ThreadSanitizer warnings indicate real bugs)
Potential deadlocks during high worker thread turnover
Undefined behavior when unlocking unowned mutexes

Reproduction

./configure --enable-gcc-hardening 'CFLAGS=-fsanitize=thread -g -O2 -fno-omit-frame-pointer' LDFLAGS=-fsanitize=thread --disable-asciidoc
./src/test/test_workqueue

Solution

Fixed both issues:

Removed erroneous tor_mutex_release(&pool->control_lock) in worker exit path
Reordered lock acquisition in threadpool_start_threads() for consistency

Patch

Note: I was unable to create a fork on this GitLab instance (possibly a configuration issue). As a workaround, the patch is available at: https://gitlab.com/hello12324/tor/-/tree/fix/workqueue-unlock-bug

If this causes any inconvenience, I apologize. I can also provide the patch via email or generate it with git format-patch if preferred.

Testing: All tests pass, zero ThreadSanitizer warnings (Note: test-memwipe fails but this appears to be a pre-existing issue with the test itself, which relies on undefined behavior by reading uninitialized and freed memory)

Environment

Tor 0.4.9.3-alpha-dev
Ubuntu 25.04, GCC 14.2.0

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information