Fix UB in WebrtcTaskQueue::RunTask

by making WebrtcTaskQueue::RunTask properly static

RunTask supports running after WebrtcTaskQueue is destroyed, it has protection |this| is not accessed in that case, however calling non-static non-virtual function of a destroyed object is still an undefined behaviour

Bug: chromium:933851
Change-Id: Idc30bc59eff1193997d7e53537cd1493b668dd08
Reviewed-on: https://chromium-review.googlesource.com/c/1479233Reviewed-by: Per Kjellander <perkj@chromium.org>
Reviewed-by: Henrik Grunell <grunell@chromium.org>
Reviewed-by: Tommi <tommi@chromium.org>
Auto-Submit: Danil Chapovalov <danilchap@chromium.org>
Commit-Queue: Henrik Grunell <grunell@chromium.org>
Commit-Queue: Tommi <tommi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#634608}

third_party/webrtc_overrides/task_queue_factory.cc

@@ -32,8 +32,9 @@ class WebrtcTaskQueue final : public webrtc::TaskQueueBase {
  private:
   ~WebrtcTaskQueue() override = default;
 
-  void RunTask(scoped_refptr<base::RefCountedData<bool>> is_active,
-               std::unique_ptr<webrtc::QueuedTask> task);
+  static void RunTask(WebrtcTaskQueue* task_queue,
+                      scoped_refptr<base::RefCountedData<bool>> is_active,
+                      std::unique_ptr<webrtc::QueuedTask> task);
 
   const scoped_refptr<base::SequencedTaskRunner> task_runner_;
   // Value of |is_active_| is checked and set on |task_runner_|.
@@ -57,12 +58,13 @@ void WebrtcTaskQueue::Delete() {
 }
 
 void WebrtcTaskQueue::RunTask(
+    WebrtcTaskQueue* task_queue,
     scoped_refptr<base::RefCountedData<bool>> is_active,
     std::unique_ptr<webrtc::QueuedTask> task) {
   if (!is_active->data)
     return;
 
-  CurrentTaskQueueSetter set_current(this);
+  CurrentTaskQueueSetter set_current(task_queue);
   webrtc::QueuedTask* task_ptr = task.release();
   if (task_ptr->Run()) {
     // Delete task_ptr before CurrentTaskQueueSetter clears state that this code