Add the missing lock_surface_destroy which was removed in dc7686c114
("session-lock: don't remove inert role resource"). Otherwise we never
remove the surface from our internal state, leading to us killing the
locking daemon with a protocol error that is totally our fault.
This increases type safety, makes it more obvious that role_data
must represent the role object, and will allow for automatic
cleanup when the resource is destroyed.
The invalid_destroy and invalid_unlock protocol errors aren't currently
sent by wlroots and instead left up to the compositor. However, we can
handle these as well without much additional complexity.
This also adds a missing wl_resource_destroy() call if the lock is inert
in lock_handle_unlock_and_destroy().