Hello, First post so please be gentle :-) I've got an eBPF workload running on kernel 6.1 LTS and we're running great. Use case actually is using eBPF in combination with XDP and AF_XDP for volumetric DDoS mitigation. Makeup of the eBPF program is mostly packet parsing, LPM and map lookups, and 2x calls to the bpf_loop() helper. Currently no iterators, dynptrs, etc, but lots of switch-case blocks. I've started to test newer kernel versions in preparation to upgrade our stack from 6.1 LTS to 6.6 LTS to gain access to newer functionality and just for future proofing. However, when loading the BPF object code on a 6.6 kernel, the BPF verifier refuses to load the program that 6.1 accepts and runs well. This caught me by surprise, because I have witnessed our stack boot successfully on a 6.7 kernel. So, I've run veristat [0] on the exact same eBPF object file, compiled by clang17, but each time running on a different kernel version. Results fluctuate wildly! Results on 6.1.106: success: 53687 insns and 5114 states [1] Results on 6.6.52: failure: 1000001 insns and 39501 states [2] Results on 6.7.9: success: 131418 insns and 8839 states [3] I have done some searching around and have found references to faults with bpf_loop around kernel 6.5, patches being backported to 6.6, but also references to those fixes being difficult to backport to 6.1. Being truthful, it does feel like bpf_loop is perhaps not working properly in 6.6. I am going to undertake some more testing on much newer kernels. While 6.7.9 loads the program OK, it's still more than double the instruction count of 6.1, when obviously the binary isn't changing. In the meantime, I am wondering if someone might be able to advise if this is a known issue with 6.6 and the possibility of pending improvements in the 6.6 branch? Appreciate that isn't easy to answer without visiblity of the code. Happy to post a repo link if it would help. Perhaps it might be better to simply write off the 6.6 branch and wait for the next LTS branch as we are approaching end of year. Many thanks for any insight anyone can offer! Kind regards Alasdair [0] Exact command run each time is: $ sudo veristat -e verdict,duration,insns,states,peak_states krn.bpf [1] Results on 6.1.106: Verdict Duration (us) Insns States Peak states ------- ------------- ----- ------ ----------- success 23763 53687 5114 1953 ------- ------------- ----- ------ ----------- [2] Results on 6.6.52: Verdict Duration (us) Insns States Peak states ------- ------------- ------- ------ ----------- failure 325270 1000001 39501 866 ------- ------------- ------- ------ ----------- [3] Results on 6.7.9: Verdict Duration (us) Insns States Peak states ------- ------------- ------ ------ ----------- success 56959 131418 8839 2713 ------- ------------- ------ ------ -----------
