fix security bug

fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems here. Those problems are
addressed in a separate CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003

Committed: https://skia.googlesource.com/skia/+/2bec26a71698105729c6a7cb0163f499b4361840

[caryclark, 2016-05-26 15:30:47]

Description was changed from

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but change change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
==========

to

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but change change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

[caryclark, 2016-05-26 15:34:43]

Description was changed from

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but change change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

to

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but change change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

[caryclark, 2016-05-26 15:34:54]

The CQ bit was checked by caryclark@google.com to run a CQ dry run

[commit-bot: I haz the power, 2016-05-26 15:35:03]

Dry run: CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/2018513003/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/2018513003/20001

[commit-bot: I haz the power, 2016-05-26 15:57:47]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-05-26 15:57:48]

Dry run: This issue passed the CQ dry run.

[commit-bot: I haz the power, 2016-05-26 15:57:55]

Dry run: None

[caryclark, 2016-05-26 15:58:33]

Description was changed from

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but change change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

to

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

[caryclark, 2016-05-26 15:59:42]

Description was changed from

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems being addressed in a separate
CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

to

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems here. Those problems are
addressed in a separate CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

[caryclark, 2016-05-26 16:00:25]

The CQ bit was checked by caryclark@google.com

[commit-bot: I haz the power, 2016-05-26 16:00:36]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/2018513003/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/2018513003/20001

[commit-bot: I haz the power, 2016-05-26 16:01:51]

Description was changed from

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems here. Those problems are
addressed in a separate CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003
==========

to

==========
fix security bug

This fix is a tradeoff. It changes intersection to
treat a case where one coincident run is intersected at one point
and the other edge is not as continuing to be a span.

The old code tried to treat this as a single point.
The old code is probably right, but this change alone
made the data structures inconsistent. Later, extending
the coincident runs would fail by incorrectly discarding
the single point intersection.

As a result, this fixes the security test and one other, but
makes a different test fail. Isolating the failure uncovered
a reduced case that fails with and without the change, so
there are more serious problems here. Those problems are
addressed in a separate CL.

Many of the test edits below remove ill-thought out debugging
messaging that fire off global state, which isn't usable
in a multi-threaded test environment.

In the end, with this fix, all existing tests (modulo one
new failure and one new non-failure) pass in debug and
in the extended release test suites.

TBR=reed@google.com
BUG=614248
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2018513003

Committed:
https://skia.googlesource.com/skia/+/2bec26a71698105729c6a7cb0163f499b4361840
==========

[commit-bot: I haz the power, 2016-05-26 16:01:52]

Committed patchset #2 (id:20001) as
https://skia.googlesource.com/skia/+/2bec26a71698105729c6a7cb0163f499b4361840