chore: cherry-pick 3ac8883297e1 from chromium (#23014)

patches/common/chromium/.patches

@@ -103,6 +103,7 @@ streams_convert_state_dchecks_to_checks.patch
 -_point_usrsctp_to_a68325e7d9ed844cc84ec134192d788586ea6cc1.patch
 audiocontext_haspendingactivity_unless_it_s_closed.patch
 protect_automatic_pull_handlers_with_mutex.patch
+break_connections_before_removing_from_active_source_handlers.patch
 speculative_fix_for_crashes_in_filechooserimpl.patch
 reland_sequentialise_access_to_callbacks_in.patch
 handle_err_cache_race_in_dodoneheadersaddtoentrycomplete.patch

patches/common/chromium/break_connections_before_removing_from_active_source_handlers.patch

@@ -0,0 +1,37 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Raymond Toy <[email protected]>
+Date: Mon, 2 Mar 2020 23:22:26 +0000
+Subject: Break connections before removing from active_source_handlers_.
+
+In DeferredTaskHandler::BreakConnections, we want to remove finished
+handlers and break the connection.  when a finished handler is removed
+from active_source_handlers_, it might be deleted, but we were still
+using that to create the connection.  Instead, break the connection
+first and then remove it.
+
+Manually ran test from the bug and it passes with this change.  Without
+this, it failed right away.
+
+Bug: 1057593
+Change-Id: I3c9346a6842f412100d608876adb268befb80470
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2083436
+Commit-Queue: Raymond Toy <[email protected]>
+Reviewed-by: Hongchan Choi <[email protected]>
+Cr-Commit-Position: refs/heads/master@{#746142}
+
+diff --git a/third_party/blink/renderer/modules/webaudio/deferred_task_handler.cc b/third_party/blink/renderer/modules/webaudio/deferred_task_handler.cc
+index 4bced21399ec23ad242bdb32d9f4472a51ae6f28..6e2c075b30aeea47973e14bda0ae121af738d0da 100644
+--- a/third_party/blink/renderer/modules/webaudio/deferred_task_handler.cc
++++ b/third_party/blink/renderer/modules/webaudio/deferred_task_handler.cc
+@@ -78,8 +78,10 @@ void DeferredTaskHandler::BreakConnections() {
+   wtf_size_t size = finished_source_handlers_.size();
+   if (size > 0) {
+     for (auto* finished : finished_source_handlers_) {
+-      active_source_handlers_.erase(finished);
++      // Break connection first and then remove from the list because that can
++      // cause the handler to be deleted.
+       finished->BreakConnectionWithLock();
++      active_source_handlers_.erase(finished);
+     }
+     finished_source_handlers_.clear();
+   }