[compiler-rt] [xray] Fix oob memory access in FDR BufferQueue iterator. (PR #90940)

[via llvm-commits]

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->

@llvm/pr-subscribers-xray

Author: Ricky Zhou (rickyz)

<details>
<summary>Changes</summary>

Before this change, the FDR BufferQueue iterator could access memory out
of due to checks of the form `!Buffers[Offset].Used && Offset != Max`,
which can potentially access `Buffers[Max]`, which is past the end of
the `Buffers`. Fix this by testing `Offset != Max` first.

---
Full diff: https://github.com/llvm/llvm-project/pull/90940.diff


1 Files Affected:

- (modified) compiler-rt/lib/xray/xray_buffer_queue.h (+2-2) 


``````````diff
diff --git a/compiler-rt/lib/xray/xray_buffer_queue.h b/compiler-rt/lib/xray/xray_buffer_queue.h
index e1739d050f3d0d..8d33f73576b5e2 100644
--- a/compiler-rt/lib/xray/xray_buffer_queue.h
+++ b/compiler-rt/lib/xray/xray_buffer_queue.h
@@ -87,7 +87,7 @@ class BufferQueue {
       DCHECK_NE(Offset, Max);
       do {
         ++Offset;
-      } while (!Buffers[Offset].Used && Offset != Max);
+      } while (Offset != Max && !Buffers[Offset].Used);
       return *this;
     }
 
@@ -107,7 +107,7 @@ class BufferQueue {
           Max(M) {
       // We want to advance to the first Offset where the 'Used' property is
       // true, or to the end of the list/queue.
-      while (!Buffers[Offset].Used && Offset != Max) {
+      while (Offset != Max && !Buffers[Offset].Used) {
         ++Offset;
       }
     }

``````````

</details>


https://github.com/llvm/llvm-project/pull/90940