BLASTBufferQueue: Hold sp in transactionCallbackThunk

When expecting a callback we perform an incStrong on the BBQ in order
to ensure the lifetime extends at least as long as the callback. We
remove this reference in BBQ::transactionCallback. The current
implementation however has a bug, notice the scope of the lock around
mMutex in transactionCallback extends to the whole function. This means
after calling decStrong, we may then attempt to unlock the mutex when
exiting the function, but we've already destroyed the object. We could
move the decStrong to transactionCallbackThunk but the most clear/least
brittle fix seems to simply be to hold a sp from
transactionCallbackThunk and prevent the object from being destroyed
while in a member method.

Bug: 168506246
Test: Existing tests pass
Change-Id: I905469f58dc7a2e2831b3b29726a42abd394f819