I still don't understand how this "Linux never breaks userland" thing holds up, it's been proven false.
The 4.13 kernel introduced a change to effectively namespace sysctl settings (prevent the change from default from being copied to the host system into container processes). This broke any container runtimes that relied on host-wide sysctl settings.
In fact, prior to Linux 5.5, Linux had a direct sysctl syscall and removed it — which, uh, is clearly an ABI break.
With Linux's sysctl pseudo-fs model, you can argue the actual structure and behavior is just some aspect of sysfs, and the open/read/write syscalls are obviously not broken, but I think that's pretty simplistic. sysctls (and sysfs) are provided by the kernel.
Linux doesn't break ABIs that Linus judges to be worth more stable than rototilled. That's all. Usually Linus swings conservative on this.
The 4.13 kernel introduced a change to effectively namespace sysctl settings (prevent the change from default from being copied to the host system into container processes). This broke any container runtimes that relied on host-wide sysctl settings.
[1] https://github.com/aws/amazon-ecs-agent/issues/789
[2] https://success.docker.com/article/ipvs-connection-timeout-i...