`bt_conn_tx_processor` does not use reference-counting

[jori-nordic]

When upper layers want to send something, they add a conn object to a list. They do so by adding a node on struct conn rather than the object itself.

We forgot to increase the reference count of the connection object when doing so. This means that there can be a scenario where the conn object is destroyed and re-used while still being on the TX list/queue.

This is bad for obvious reasons.

To reproduce: Run this test, observe failing assert that conn->ref > 0 https://github.com/jori-nordic/zephyr/blob/ce2e1f2b5f1f9b725d6f26b9bb493c0ffbad211e/tests/bsim/bluetooth/host/l2cap/multilink_peripheral/test_scripts/run.sh#L27