The following revision refers to this bug:
  https://skia.googlesource.com/skia.git/+/1597628fa38d24f23ad505bfb40e70e7c8617457

commit 1597628fa38d24f23ad505bfb40e70e7c8617457
Author: caryclark <caryclark@google.com>
Date: Thu Jul 21 12:48:43 2016

fix fuzzer bug

Fix another fuzzer bug.

Some PathOps asserts only make sense if the incoming data is
well-behaved. Well-behaved tests set debugging state to
trigger these additional asserts.

Formalize this by creating macros similar to SkASSERT that
check to see if the assert should be skipped.

TBR=reed@google.com
BUG= 629962 
GOLD_TRYBOT_URL= https://gold.skia.org/search?issue=2169863002

Review-Url: https://codereview.chromium.org/2169863002

[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkDConicLineIntersection.cpp
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkOpCoincidence.cpp
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkOpCoincidence.h
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkOpSegment.cpp
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkOpSegment.h
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkOpSpan.cpp
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/src/pathops/SkPathOpsTypes.h
[modify] https://crrev.com/1597628fa38d24f23ad505bfb40e70e7c8617457/tests/PathOpsOpTest.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/80c8275a0224e98155648f61463f77e967537add

commit 80c8275a0224e98155648f61463f77e967537add
Author: skia-deps-roller <skia-deps-roller@chromium.org>
Date: Thu Jul 21 14:47:31 2016

Roll src/third_party/skia/ ec336deff..9b43094bf (2 commits).

https://chromium.googlesource.com/skia.git/+log/ec336deffbf5..9b43094bf207

$ git log ec336deff..9b43094bf --date=short --no-merges --format='%ad %ae %s'
2016-07-21 mtklein Roll buildtools for latest GN binary.
2016-07-21 caryclark fix fuzzer bug

BUG= 629962 

CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_blink_rel
TBR=jcgregorio@google.com

Review-Url: https://codereview.chromium.org/2165273002
Cr-Commit-Position: refs/heads/master@{#406850}

[modify] https://crrev.com/80c8275a0224e98155648f61463f77e967537add/DEPS

ClusterFuzz has detected this issue as fixed in range 406824:406932.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5154511169781760

Fuzzer: libfuzzer_skia_pathop_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  segment
  containsCoincidence
  SkOpSpan::insertCoincidence
  
Recommended Security Severity: Medium

Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=406010:406169
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=406824:406932

Minimized Testcase (0.43 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97BGafjVRRRvBnVQQOlVapUakT2LZj5euTDSMMw21fRGYnALfR25mmxQNyX7aPQw2mJkZ6EoZyICzD_1O84fBPGtg2Ss5zIjGBtm75fAaq1nltLmE_URlm-x4zL1U5vqjtz5wWdk3syyBGHyzDirgPJKjb8zA?testcase_id=5154511169781760

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot