Redis Probable division by zero in /src/redis-benchmark.c:975

Variable *histogram->total_count with floating-point type whose possible value set allows a zero value at redis-benchmark.c:953 by calling function 'hdr_init' is passed to function at redis-benchmark.c:975, where it is used as a denominator at redis-benchmark.c:837 by calling function 'hdr_mean'. The result of division is further used without a check for NaN, which leads to undefined program behavior

showLatencyReport();

https://github.com/redis/redis/blob/8.0.3/src/redis-benchmark.c#L975

Description hdr_mean

 while (hdr_iter_next(&iter))
    {
        if (0 != iter.count)
        {
            total += iter.count * hdr_median_equivalent_value(h, iter.value);
        }
    }

    return (total * 1.0) / h->total_count;

https://github.com/redis/redis/blob/8.0.3/deps/hdr_histogram/hdr_histogram.c#L749

During normal operation, the variable h->total_count will definitely be different from 0, but if a network problem occurs with sending requests to a Redis server that measures response time, or, for example, this server stops responding, then h->total_count may become equal to 0, which will lead to undefined program behavior.

It is recommended to include a check for 0 in the code.

Found by Linux Verification Center ( linuxtesting.org ) with SVACE Reporter: Gushchin Egor ( guschin058@yandex.ru)