eBPF can't count?!

A bug was discovered in the extended Berkeley Packet Filter (eBPF) that caused it to lose its ability to count when run as an unprivileged user. The issue arose due to a security fix in the eBPF verifier, which rewrote arithmetic operations on pointer values to ensure they remained within bounds. This unexpectedly affected scalar value subtraction, causing incorrect results. A workaround was found by using 32-bit ALU operations instead of 64-bit ones, and another solution involved tweaking the LLVM Intermediate Representation (IR) manually. The bug has since been fixed in newer kernel versions.