By eBPF I mean things like XDP network filters.
The issue here is the static formal validation the kernel does before loading your eBPF program.
(Even humans don't really know how it works. You need to use specific byte width types and access memory in specific patterns or the validation will fail.)
Respectfully, you don’t know what you’re talking about.
1. If you meant XDP, you should have said XDP, not eBPF.
2. The kernel does that validation on all ebpf code that it loads, regardless of whether XDP is involved.
3. Humans know how it works.