From e978e9ed9e1ff0dc326e72708ed03cac2ba41db8 Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Tue, 23 Apr 2019 16:18:29 +0100
Subject: [PATCH] xen/timers: Fix memory leak with cpu unplug/plug (take 2)

Previous attempts to fix this leak didn't identify the root cause, and
ultimately failed.  The cause is actually the CPU_UP_PREPARE case
(re)initialising ts->heap back to dummy_heap, which leaks the previous
allocation.

Rearrange the logic to only initialise ts once.  This also avoids the
redundant (but benign, due to ts->inactive always being empty) initialising of
the other ts fields.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
 xen/common/timer.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/xen/common/timer.c b/xen/common/timer.c
index 9ee500b3a7..c85273bf82 100644
--- a/xen/common/timer.c
+++ b/xen/common/timer.c
@@ -638,9 +638,13 @@ static int cpu_callback(
     switch ( action )
     {
     case CPU_UP_PREPARE:
-        INIT_LIST_HEAD(&ts->inactive);
-        spin_lock_init(&ts->lock);
-        ts->heap = dummy_heap;
+        /* Only initialise ts once. */
+        if ( !ts->heap )
+        {
+            INIT_LIST_HEAD(&ts->inactive);
+            spin_lock_init(&ts->lock);
+            ts->heap = dummy_heap;
+        }
         break;
 
     case CPU_UP_CANCELED:
-- 
2.30.2