The bpf-optimizer removes any unreachable blocks. As per the current implementation, these blocks are removed in the following manner. -------------------------------------------------------------------------------- // Remove any unreachable blocks. for (unsigned i = 0; i < nblocks; ++i) if (!visited[i]) delete p.blocks[i]; -------------------------------------------------------------------------------- However, there could be the case where some unused blocks may lead to other unused blocks. For example, Block 1 and Block 3 may be unused blocks, and Block 3 leads to Block 1. After Block 1 is deleted, the optimizer will attempt to delete Block 3 as well. At this time, it may run into a segmentation fault as Block 3 still contains some references to Block 1. This problem has been discovered in the work of PR22315.
Fixed in commit fbf9a32b7. The patch removes all references to the deleted unused blocks.