tools/sched_ext/scx_sdt.bpf.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-)
Replace the BPF verifier workaround in scx_sdt scheduler with a more
elegant solution that:
1. Uses volatile cast instead of bpf_printk to generate LD.IMM instruction
without producing unnecessary output
2. Adds conditional compilation based on __BPF_FEATURE_ADDR_SPACE_CAST
to eliminate the workaround entirely on modern toolchains
3. Updates documentation to reflect broader compatibility concerns
This eliminates the side effects of the previous hack while maintaining
compatibility across different kernel/BPF toolchain versions.
Signed-off-by: zhidao su <suzhidao@xiaomi.com>
---
tools/sched_ext/scx_sdt.bpf.c | 24 +++++++++++++++---------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/tools/sched_ext/scx_sdt.bpf.c b/tools/sched_ext/scx_sdt.bpf.c
index 31b09958e8d5..88ac3043a643 100644
--- a/tools/sched_ext/scx_sdt.bpf.c
+++ b/tools/sched_ext/scx_sdt.bpf.c
@@ -64,15 +64,15 @@ DEFINE_SDT_STAT(select_busy_cpu);
static __u64 zero = 0;
/*
- * XXX Hack to get the verifier to find the arena for sdt_exit_task.
- * As of 6.12-rc5, The verifier associates arenas with programs by
- * checking LD.IMM instruction operands for an arena and populating
- * the program state with the first instance it finds. This requires
- * accessing our global arena variable, but scx methods do not necessarily
- * do so while still using pointers from that arena. Insert a bpf_printk
- * statement that triggers at most once to generate an LD.IMM instruction
- * to access the arena and help the verifier.
+ * Helper to ensure BPF verifier can track arena usage.
+ * On older toolchains, the verifier may not automatically detect arena usage
+ * through indirect references, so we provide an explicit reference.
*/
+#if defined(__BPF_FEATURE_ADDR_SPACE_CAST)
+/* Modern toolchains don't need the workaround */
+#define scx_arena_subprog_init() do { } while (0)
+#else
+/* Older toolchains need explicit arena reference for verifier */
static volatile bool scx_arena_verify_once;
__hidden void scx_arena_subprog_init(void)
@@ -80,9 +80,15 @@ __hidden void scx_arena_subprog_init(void)
if (scx_arena_verify_once)
return;
- bpf_printk("%s: arena pointer %p", __func__, &arena);
+ /*
+ * Generate LD.IMM instruction to help BPF verifier track arena usage.
+ * The volatile cast ensures the compiler doesn't optimize away the reference.
+ */
+ (void)*(volatile void **)&arena;
+
scx_arena_verify_once = true;
}
+#endif
private(LOCK) struct bpf_spin_lock alloc_lock;
--
2.43.0On Mon Feb 2, 2026 at 10:19 PM EST, zhidao su wrote:
> Replace the BPF verifier workaround in scx_sdt scheduler with a more
> elegant solution that:
>
> 1. Uses volatile cast instead of bpf_printk to generate LD.IMM instruction
> without producing unnecessary output
> 2. Adds conditional compilation based on __BPF_FEATURE_ADDR_SPACE_CAST
> to eliminate the workaround entirely on modern toolchains
> 3. Updates documentation to reflect broader compatibility concerns
>
> This eliminates the side effects of the previous hack while maintaining
> compatibility across different kernel/BPF toolchain versions.
>
This code change is a bit of a non-sequitur (BPF_FEATURE_ADDR_SPACE_CAST
is unrelated to the problem scx_arena_subprog_init solves) and causes
the scheduler to fail to load for me. Could you please explain the logic behind
this patch? Does it work on your machine and if so could you let me know what
toolchain and kernel you're using?
> Signed-off-by: zhidao su <suzhidao@xiaomi.com>
> ---
> tools/sched_ext/scx_sdt.bpf.c | 24 +++++++++++++++---------
> 1 file changed, 15 insertions(+), 9 deletions(-)
>
> diff --git a/tools/sched_ext/scx_sdt.bpf.c b/tools/sched_ext/scx_sdt.bpf.c
> index 31b09958e8d5..88ac3043a643 100644
> --- a/tools/sched_ext/scx_sdt.bpf.c
> +++ b/tools/sched_ext/scx_sdt.bpf.c
> @@ -64,15 +64,15 @@ DEFINE_SDT_STAT(select_busy_cpu);
> static __u64 zero = 0;
>
> /*
> - * XXX Hack to get the verifier to find the arena for sdt_exit_task.
> - * As of 6.12-rc5, The verifier associates arenas with programs by
> - * checking LD.IMM instruction operands for an arena and populating
> - * the program state with the first instance it finds. This requires
> - * accessing our global arena variable, but scx methods do not necessarily
> - * do so while still using pointers from that arena. Insert a bpf_printk
> - * statement that triggers at most once to generate an LD.IMM instruction
> - * to access the arena and help the verifier.
> + * Helper to ensure BPF verifier can track arena usage.
> + * On older toolchains, the verifier may not automatically detect arena usage
> + * through indirect references, so we provide an explicit reference.
> */
> +#if defined(__BPF_FEATURE_ADDR_SPACE_CAST)
> +/* Modern toolchains don't need the workaround */
> +#define scx_arena_subprog_init() do { } while (0)
> +#else
> +/* Older toolchains need explicit arena reference for verifier */
> static volatile bool scx_arena_verify_once;
>
> __hidden void scx_arena_subprog_init(void)
> @@ -80,9 +80,15 @@ __hidden void scx_arena_subprog_init(void)
> if (scx_arena_verify_once)
> return;
>
> - bpf_printk("%s: arena pointer %p", __func__, &arena);
> + /*
> + * Generate LD.IMM instruction to help BPF verifier track arena usage.
> + * The volatile cast ensures the compiler doesn't optimize away the reference.
> + */
> + (void)*(volatile void **)&arena;
> +
> scx_arena_verify_once = true;
> }
> +#endif
>
>
> private(LOCK) struct bpf_spin_lock alloc_lock;
Thanks for catching this.To be honest, this change was primarily a result of my attempt to comb through and reorganize the code logic. I mistakenly thought it was applicable here and did not perform a complete runtime test for this specific modification.I apologize for the breakage. I will revert/fix this logic in the next revision to ensure the scheduler loads correctly. > 2026年2月3日 11:54,Emil Tsalapatis <emil@etsalapatis.com> 写道: > > This code change is a bit of a non-sequitur (BPF_FEATURE_ADDR_SPACE_CAST > is unrelated to the problem scx_arena_subprog_init solves) and causes > the scheduler to fail to load for me. Could you please explain the logic behind > this patch? Does it work on your machine and if so could you let me know what > toolchain and kernel you're using?
Replace bpf_printk() with volatile access in scx_sdt scheduler's
BPF verifier workaround to eliminate console output while maintaining
the required LD.IMM instruction generation for arena detection.
This addresses the side effect issue of the previous hack while
preserving the essential functionality needed by the BPF verifier.
Signed-off-by: zhidao su <suzhidao@xiaomi.com>
---
tools/sched_ext/scx_sdt.bpf.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/tools/sched_ext/scx_sdt.bpf.c b/tools/sched_ext/scx_sdt.bpf.c
index 31b09958e8d5..13d3060c99ff 100644
--- a/tools/sched_ext/scx_sdt.bpf.c
+++ b/tools/sched_ext/scx_sdt.bpf.c
@@ -64,14 +64,10 @@ DEFINE_SDT_STAT(select_busy_cpu);
static __u64 zero = 0;
/*
- * XXX Hack to get the verifier to find the arena for sdt_exit_task.
- * As of 6.12-rc5, The verifier associates arenas with programs by
- * checking LD.IMM instruction operands for an arena and populating
- * the program state with the first instance it finds. This requires
- * accessing our global arena variable, but scx methods do not necessarily
- * do so while still using pointers from that arena. Insert a bpf_printk
- * statement that triggers at most once to generate an LD.IMM instruction
- * to access the arena and help the verifier.
+ * Workaround to help BPF verifier track arena usage.
+ * The verifier needs to see an explicit reference to the arena variable
+ * to properly track arena memory usage. This generates the required
+ * LD.IMM instruction without producing unnecessary output.
*/
static volatile bool scx_arena_verify_once;
@@ -80,7 +76,11 @@ __hidden void scx_arena_subprog_init(void)
if (scx_arena_verify_once)
return;
- bpf_printk("%s: arena pointer %p", __func__, &arena);
+ /*
+ * Use volatile access to generate LD.IMM instruction without
+ * producing console output like bpf_printk does.
+ */
+ (void)*(volatile void **)&arena;
scx_arena_verify_once = true;
}
--
2.43.0© 2016 - 2026 Red Hat, Inc.