Fixes use-after-free bug in QUIC.

Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in turn tries to access a QuicSession method via a non-owning pointer back to the session. This CL arranges for the non-owning pointer to be set to null before QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can happen since QuicSpdySession seems to freely assume that its streams are QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)

[Jana, 2016-05-11 21:37:29]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474

Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474

Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[Jana, 2016-05-11 21:37:29]

jri@chromium.org changed reviewers:
+ rch@chromium.org

[Ryan Hamilton, 2016-05-11 21:38:13]

The CQ bit was checked by rch@chromium.org

[Ryan Hamilton, 2016-05-11 21:38:14]

lgtm

[commit-bot: I haz the power, 2016-05-11 21:38:50]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1975483003/1
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1975483003/1

[commit-bot: I haz the power, 2016-05-11 21:38:51]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-05-11 21:38:51]

CLs for remote refs other than refs/pending/heads/master must contain NOTRY=true
and NOPRESUBMIT=true in order for the CQ to process them

[Jana, 2016-05-11 21:40:00]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474

Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474

NOTRY=true

NOPRESUBMIT=true

Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[Jana, 2016-05-11 21:40:19]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474

NOTRY=true

NOPRESUBMIT=true

Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[Jana, 2016-05-11 21:40:28]

The CQ bit was checked by jri@chromium.org

[commit-bot: I haz the power, 2016-05-11 21:41:08]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1975483003/1
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1975483003/1

[commit-bot: I haz the power, 2016-05-11 21:43:56]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[commit-bot: I haz the power, 2016-05-11 21:43:56]

Committed patchset #1 (id:1)

[jbudorick, 2016-05-12 01:31:41]

A revert of this CL (patchset #1 id:1) has been created in
https://codereview.chromium.org/1970073002/ by jbudorick@chromium.org.

The reason for reverting is: breaks M51:
https://bugs.chromium.org/p/chromium/issues/detail?id=611267.

[Jana, 2016-05-12 22:39:08]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[Jana, 2016-05-12 22:39:41]

The CQ bit was checked by jri@chromium.org

[Jana, 2016-05-12 22:39:41]

The patchset sent to the CQ was uploaded after l-g-t-m from rch@chromium.org
Link to the patchset: https://codereview.chromium.org/1975483003/#ps20001
(title: "Removes use of QuicHeaderList from merge CL.")

[commit-bot: I haz the power, 2016-05-12 22:39:58]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/1975483003/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/1975483003/20001

[commit-bot: I haz the power, 2016-05-12 22:40:53]

Description was changed from

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

to

==========
Fixes use-after-free bug in QUIC.

QuicSession destructor ends up calling the QuicSpdyStream destructor, which in
turn tries to access a QuicSession method via a non-owning pointer back to the
session. This CL arranges for the non-owning pointer to be set to null before
QuicSpdyStream destructor is called.

Merge Internal CL: 120973813

Creates a MockQuicSession for use in ReliableQuicStreamTest, which currently
incorrectly uses a MockQuicSpdySession.

The test class being fixed in this CL uses a MockQuicSpdySession, which is a
QuicSpdySession, with TestStreams, which are ReliableQuicStreams. Bad things can
happen since QuicSpdySession seems to freely assume that its streams are
QuicSpdyStreams. Bad things do happen, but they inexplicably seem to show up
only in Chromium tests.

Merge Internal CL: 120989117

BUG=605474
NOTRY=true
NOPRESUBMIT=true
Review-Url: https://codereview.chromium.org/1932653002
Cr-Commit-Position: refs/heads/master@{#390575}
(cherry picked from commit 4ee9d76953f16811186942971822cf12d48db7ae)
==========

[commit-bot: I haz the power, 2016-05-12 22:40:54]

Committed patchset #2 (id:20001)