Don't seek of out-of-bound value even if the result is not used

Fixes this -fno-sanitize-recover=undefined fail,

/set/iter: hb-algs.hh:1016:60: runtime error: index 4294967295 out of bounds for type 'unsigned long long const[8]'
    #0 0x4d1e09 in hb_vector_size_t<unsigned long long, 64u>::operator[](unsigned int) const /home/user/code/harfbuzz/src/./hb-algs.hh:1016:60
    #1 0x4d8b5f in hb_set_t::page_t::previous(unsigned int*) const /home/user/code/harfbuzz/src/./hb-set.hh:139:53
    #2 0x4d0ada in hb_set_t::previous(unsigned int*) const /home/user/code/harfbuzz/src/./hb-set.hh:602:36
    #3 0x4cd76f in hb_set_previous /home/user/code/harfbuzz/src/hb-set.cc:494:15
    #4 0x4ca8af in test_set_iter /home/user/code/harfbuzz/test/api/test-set.c:310:3
    #5 0x7f3a4f3e0f49  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x72f49)
    #6 0x7f3a4f3e0e7a  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x72e7a)
    #7 0x7f3a4f3e1121 in g_test_run_suite (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x73121)
    #8 0x7f3a4f3e1140 in g_test_run (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x73140)
    #9 0x4c8894 in hb_test_run /home/user/code/harfbuzz/test/api/./hb-test.h:88:10
    #10 0x4c8894 in main /home/user/code/harfbuzz/test/api/test-set.c:408:10
    #11 0x7f3a4e3d2b96 in __libc_start_main /build/glibc-OTsEL5/glibc-2.27/csu/../csu/libc-start.c:310
    #12 0x41e7d9 in _start (/home/user/code/harfbuzz/test/api/test-set+0x41e7d9)

src/hb-set.hh

@@ -136,12 +136,17 @@ struct hb_set_t
       unsigned int j = m & ELT_MASK;
 
       const elt_t vv = v[i] & ((elt_t (1) << (j + 1)) - 1);
-      for (const elt_t *p = &vv; (int) i >= 0; p = &v[--i])
+      const elt_t *p = &vv;
+      while (true)
+      {
 	if (*p)
 	{
 	  *codepoint = i * ELT_BITS + elt_get_max (*p);
 	  return true;
 	}
+	if ((int) i <= 0) break;
+	p = &v[--i];
+      }
 
       *codepoint = INVALID;
       return false;