[GPOS] Make AnchorMatrix sanitize lazy again

Was reverted in the previous commit, because it was incomplete.

src/OT/Layout/GPOS/AnchorFormat3.hh

@@ -27,9 +27,6 @@ struct AnchorFormat3
     TRACE_SANITIZE (this);
     if (unlikely (!c->check_struct (this))) return_trace (false);
 
-    if (c->lazy_gpos_devices)
-      return_trace (true);
-
     return_trace (xDeviceTable.sanitize (c, this) && yDeviceTable.sanitize (c, this));
   }
 

src/OT/Layout/GPOS/AnchorMatrix.hh

@@ -22,18 +22,24 @@ struct AnchorMatrix
     unsigned int count = rows * cols;
     if (!c->check_array (matrixZ.arrayZ, count)) return_trace (false);
 
+    if (c->lazy_some_gpos)
+      return_trace (true);
+
     for (unsigned int i = 0; i < count; i++)
       if (!matrixZ[i].sanitize (c, this)) return_trace (false);
     return_trace (true);
   }
 
-  const Anchor& get_anchor (unsigned int row, unsigned int col,
-                            unsigned int cols, bool *found) const
+  const Anchor& get_anchor (hb_ot_apply_context_t *c,
+			    unsigned int row, unsigned int col,
+			    unsigned int cols, bool *found) const
   {
     *found = false;
     if (unlikely (row >= rows || col >= cols)) return Null (Anchor);
-    *found = !matrixZ[row * cols + col].is_null ();
-    return this+matrixZ[row * cols + col];
+    auto &offset = matrixZ[row * cols + col];
+    if (unlikely (!offset.sanitize (&c->sanitizer, this))) return Null (Anchor);
+    *found = !offset.is_null ();
+    return this+offset;
   }
 
   template <typename Iterator,

src/OT/Layout/GPOS/MarkArray.hh

@@ -28,7 +28,7 @@ struct MarkArray : Array16Of<MarkRecord>        /* Array of MarkRecords--in Cove
 
     const Anchor& mark_anchor = this + record.markAnchor;
     bool found;
-    const Anchor& glyph_anchor = anchors.get_anchor (glyph_index, mark_class, class_count, &found);
+    const Anchor& glyph_anchor = anchors.get_anchor (c, glyph_index, mark_class, class_count, &found);
     /* If this subtable doesn't have an anchor for this base and this class,
      * return false such that the subsequent subtables have a chance at it. */
     if (unlikely (!found)) return_trace (false);

src/OT/Layout/GPOS/ValueFormat.hh

@@ -360,7 +360,7 @@ struct ValueFormat : HBUINT16
 
     if (unlikely (!c->check_range (values, get_size ()))) return_trace (false);
 
-    if (c->lazy_gpos_devices)
+    if (c->lazy_some_gpos)
       return_trace (true);
 
     return_trace (!has_device () || sanitize_value_devices (c, base, values));
@@ -373,7 +373,7 @@ struct ValueFormat : HBUINT16
 
     if (!c->check_range (values, count, size)) return_trace (false);
 
-    if (c->lazy_gpos_devices)
+    if (c->lazy_some_gpos)
       return_trace (true);
 
     return_trace (sanitize_values_stride_unsafe (c, base, values, count, size));
@@ -384,7 +384,7 @@ struct ValueFormat : HBUINT16
   {
     TRACE_SANITIZE (this);
 
-    if (c->lazy_gpos_devices)
+    if (c->lazy_some_gpos)
       return_trace (true);
 
     if (!has_device ()) return_trace (true);

src/hb-ot-layout-gsubgpos.hh

@@ -4513,7 +4513,7 @@ struct GSUBGPOS
     accelerator_t (hb_face_t *face)
     {
       hb_sanitize_context_t sc;
-      sc.lazy_gpos_devices = true;
+      sc.lazy_some_gpos = true;
       this->table = sc.reference_table<T> (face);
 
       if (unlikely (this->table->is_blocklisted (this->table.get_blob (), face)))

src/hb-sanitize.hh

@@ -128,7 +128,7 @@ struct hb_sanitize_context_t :
 	blob (nullptr),
 	num_glyphs (65536),
 	num_glyphs_set (false),
-	lazy_gpos_devices (false) {}
+	lazy_some_gpos (false) {}
 
   const char *get_name () { return "SANITIZE"; }
   template <typename T, typename F>
@@ -442,7 +442,7 @@ struct hb_sanitize_context_t :
   unsigned int num_glyphs;
   bool  num_glyphs_set;
   public:
-  bool lazy_gpos_devices;
+  bool lazy_some_gpos;
 };
 
 struct hb_sanitize_with_object_t