Fixes use-after-free with Server Migration

On server migration, the session pooling map (ip_aliases_) was not correctly updated by the QuicStreamFactory , leaving a zombie entry in the map, which subsequently led to a use-after-free. This CL corrects this behavior in the QuicStreamFactory.

BUG=639916
Committed: https://crrev.com/94ddc3149cc5e46ccb0f60b6227ebd0847586260
Cr-Commit-Position: refs/heads/master@{#414617}

[Jana, 2016-08-25 19:21:04]

Description was changed from

==========
Fixes use-after-free with Server Migration

BUG=
==========

to

==========
On server migration, the session pooling map (ip_aliases_) was not correctly
updated by the QuicStreamFactory , leaving a zombie entry in the map, which
subsequently led to a use-after-free. This CL corrects this behavior in the
QuicStreamFactory.

BUG=639916
==========

[Jana, 2016-08-25 19:21:05]

jri@chromium.org changed reviewers:
+ rch@chromium.org

[Jana, 2016-08-25 19:21:47]

Reproduced in test and fix done, PTAL.

[Ryan Hamilton, 2016-08-25 19:29:59]

lgtm, but what about the OnTimeout method we talked about earlier which also
removed things from the ip_aliases_ map?

https://codereview.chromium.org/2277953002/diff/20001/net/quic/chromium/quic_...
File net/quic/chromium/quic_stream_factory.cc (right):

https://codereview.chromium.org/2277953002/diff/20001/net/quic/chromium/quic_...
net/quic/chromium/quic_stream_factory.cc:1272: <<
peer_address.address().ToString();
nit: I think you can remove this logging since I doubt it'll be useful later.
But feel free to keep it if you like.

[Jana, 2016-08-25 21:41:26]

I'm removing the Timeout code in a separate CL. Since that method is not invoked
at the moment, this CL should be fine.

https://codereview.chromium.org/2277953002/diff/20001/net/quic/chromium/quic_...
File net/quic/chromium/quic_stream_factory.cc (right):

https://codereview.chromium.org/2277953002/diff/20001/net/quic/chromium/quic_...
net/quic/chromium/quic_stream_factory.cc:1272: <<
peer_address.address().ToString();
On 2016/08/25 19:29:59, Ryan Hamilton wrote:
> nit: I think you can remove this logging since I doubt it'll be useful later.
> But feel free to keep it if you like.

Meh. I wasn't sure, but I thought it might be useful. Removed.

[Jana, 2016-08-25 21:41:38]

The CQ bit was checked by jri@chromium.org

[Jana, 2016-08-25 21:41:39]

The patchset sent to the CQ was uploaded after l-g-t-m from rch@chromium.org
Link to the patchset: https://codereview.chromium.org/2277953002/#ps40001
(title: "Removed DVLOG")

[commit-bot: I haz the power, 2016-08-25 21:42:16]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-26 00:10:26]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-26 00:10:27]

Try jobs failed on following builders:
  win_chromium_x64_rel_ng on master.tryserver.chromium.win (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_...)

[Jana, 2016-08-26 00:22:29]

The CQ bit was checked by jri@chromium.org

[commit-bot: I haz the power, 2016-08-26 00:23:19]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-26 01:33:01]

Description was changed from

==========
On server migration, the session pooling map (ip_aliases_) was not correctly
updated by the QuicStreamFactory , leaving a zombie entry in the map, which
subsequently led to a use-after-free. This CL corrects this behavior in the
QuicStreamFactory.

BUG=639916
==========

to

==========
On server migration, the session pooling map (ip_aliases_) was not correctly
updated by the QuicStreamFactory , leaving a zombie entry in the map, which
subsequently led to a use-after-free. This CL corrects this behavior in the
QuicStreamFactory.

BUG=639916
==========

[commit-bot: I haz the power, 2016-08-26 01:33:02]

Committed patchset #3 (id:40001)

[commit-bot: I haz the power, 2016-08-26 01:34:34]

Description was changed from

==========
On server migration, the session pooling map (ip_aliases_) was not correctly
updated by the QuicStreamFactory , leaving a zombie entry in the map, which
subsequently led to a use-after-free. This CL corrects this behavior in the
QuicStreamFactory.

BUG=639916
==========

to

==========
On server migration, the session pooling map (ip_aliases_) was not correctly
updated by the QuicStreamFactory , leaving a zombie entry in the map, which
subsequently led to a use-after-free. This CL corrects this behavior in the
QuicStreamFactory.

BUG=639916

Committed: https://crrev.com/94ddc3149cc5e46ccb0f60b6227ebd0847586260
Cr-Commit-Position: refs/heads/master@{#414617}
==========

[commit-bot: I haz the power, 2016-08-26 01:34:35]

Patchset 3 (id:??) landed as
https://crrev.com/94ddc3149cc5e46ccb0f60b6227ebd0847586260
Cr-Commit-Position: refs/heads/master@{#414617}