[PATCH sched_ext/for-7.1-fixes] sched_ext: Drop %NONE early return in scx_disable_and_exit_task()

[Tejun Heo]

d3e73a0808dd ("sched_ext: Handle SCX_TASK_NONE in disable/switched_from
paths") skipped the trailing scx_set_task_sched(p, NULL) on %NONE tasks.
After scx_fail_parent() parks a task at %NONE/sched=parent and the
parent is later freed via queue_rcu_work() during root_disable, the
preserved p->scx.sched dangles - print_scx_info() from sched_show_task()
reads sch->ops.name from freed memory.

Drop the early return. __scx_disable_and_exit_task() already short-
circuits on %NONE and the SUB_INIT block was cleared by
scx_fail_parent()'s earlier call, so clearing p->scx.sched is the only
work left - and the one thing the path actually needs.

Fixes: d3e73a0808dd ("sched_ext: Handle SCX_TASK_NONE in disable/switched_from paths")
Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
---
 kernel/sched/ext.c | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/kernel/sched/ext.c b/kernel/sched/ext.c
index 9354da79e162..8861b2deb504 100644
--- a/kernel/sched/ext.c
+++ b/kernel/sched/ext.c
@@ -3703,15 +3703,6 @@ static void scx_sub_init_cancel_task(struct scx_sched *sch, struct task_struct *
 static void scx_disable_and_exit_task(struct scx_sched *sch,
 				      struct task_struct *p)
 {
-	/*
-	 * %NONE means @p is already detached at the SCX level (e.g. handed
-	 * back to the parent by scx_fail_parent() with no init to undo).
-	 * Skip to avoid clobbering scx_task_sched() and writing %NONE again
-	 * on a state that's already %NONE.
-	 */
-	if (scx_get_task_state(p) == SCX_TASK_NONE)
-		return;
-
 	__scx_disable_and_exit_task(sch, p);
 
 	/*
-- 
2.51.0