add offset check

Jinjie-Huang · Jinjie-Huang · commit de3f33140392 · 2025-11-14T17:12:15.000+08:00
diff --git a/bolt/lib/Core/BinaryContext.cpp b/bolt/lib/Core/BinaryContext.cpp
@@ -1421,9 +1421,6 @@ void BinaryContext::processInterproceduralReferences() {
     if (&Function == TargetFunction)
       continue;
 
-    if (!Function.validateExternalBranch(Address))
-      continue;
-
     if (TargetFunction) {
       if (TargetFunction->isFragment() &&
           !areRelatedFragments(TargetFunction, &Function)) {
@@ -1441,6 +1438,9 @@ void BinaryContext::processInterproceduralReferences() {
       continue;
     }
 
+    if (!Function.validateExternalBranch(Address))
+      continue;
+
     // Check if address falls in function padding space - this could be
     // unmarked data in code. In this case adjust the padding space size.
     ErrorOr<BinarySection &> Section = getSectionForAddress(Address);
diff --git a/bolt/lib/Core/BinaryFunction.cpp b/bolt/lib/Core/BinaryFunction.cpp
@@ -1919,6 +1919,11 @@ bool BinaryFunction::validateExternalBranch(uint64_t TargetAddress) {
 
   if (TargetFunction) {
     const uint64_t TargetOffset = TargetAddress - TargetFunction->getAddress();
+    // Skip empty functions and out-of-bounds offsets,
+    // as they may not be disassembled.
+    if (!TargetOffset || (TargetOffset > TargetFunction->getSize()))
+      return true;
+
     if (TargetFunction->CurrentState == State::Disassembled &&
         !TargetFunction->getInstructionAtOffset(TargetOffset))
       IsValid = false;
@@ -1949,8 +1954,12 @@ bool BinaryFunction::validateInternalBranch() {
       continue;
 
     const uint32_t Offset = KV.first;
+    // Skip empty functions and out-of-bounds offsets,
+    // as they may not be disassembled.
+    if (!Offset || (Offset > getSize()))
+      continue;
 
-    if (getInstructionAtOffset(Offset) || !Offset)
+    if (getInstructionAtOffset(Offset))
       continue;
 
     BC.errs() << "BOLT-WARNING: corrupted control flow detected in function "
