From: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Date: Fri, 6 Sep 2024 02:37:16 +0000 (+0900)
Subject: stat: fix the null io_u dereference in add_clat_sample()
X-Git-Tag: fio-3.38~19
X-Git-Url: https://git.kernel.dk/?a=commitdiff_plain;h=a0e2faaf7e5d0814f08f8ab337241372fd58be1e;p=fio.git

stat: fix the null io_u dereference in add_clat_sample()

As recorded in the Link, NULL pointer dereference happens when the
write_lat_log option is specified for the file operations IO engine.
This failure was caused by the commit 14d3134a5fc0 ("introduce the
log_issue_time option") which added the new field 'issue_time' to the
struct log_sample. To calculate the issue time, add_clat_sample() was
modified to refer to io_u->issue_time. However, the file operations IO
engine passes NULL as the io_u pointer. Hence the failure.

Fix this by skipping the io_u->issue_time reference when io_u is NULL.
Instead, set 0 as the issue time.

Link: https://lore.kernel.org/fio/0e2c84c9-f9e4-4073-a075-016393ca7bde@gmail.com/
Fixes: 14d3134a5fc0 ("introduce the log_issue_time option")
Signed-off-by: Shin'ichiro Kawasaki <shinichiro.kawasaki@wdc.com>
Link: https://lore.kernel.org/r/20240906023717.1464031-2-shinichiro.kawasaki@wdc.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
---

diff --git a/stat.c b/stat.c
index 2cfd6819..c5413f2f 100644
--- a/stat.c
+++ b/stat.c
@@ -3340,8 +3340,11 @@ void add_clat_sample(struct thread_data *td, enum fio_ddir ddir,
 
 	if (td->clat_log) {
 		struct log_sample sample = { sample_val(nsec), ddir, bs,
-			offset, ioprio,
-			ntime_since(&td->epoch, &io_u->issue_time) };
+			offset, ioprio, 0 };
+
+		if (io_u)
+			sample.issue_time =
+				ntime_since(&td->epoch, &io_u->issue_time);
 
 		add_log_sample(td, td->clat_log, &sample);
 	}