Pointer 'dom' which was dereferenced at iommu.c:1993 
is compared to NULL value at iommu.c:1998.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Alexander Sapozhnikov <alsp705@gmail.com>
---
 drivers/iommu/amd/iommu.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index a0924144bac8..64a88e67be9c 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -1985,6 +1985,9 @@ static void amd_iommu_domain_free(struct iommu_domain *dom)
 {
 	struct protection_domain *domain;
 
+	if (!dom)
+		return;
+
 	domain = to_pdomain(dom);
 
 	if (domain->dev_cnt > 0)
-- 
2.40.1

On 12/19/2023 5:02 PM, Alexander Sapozhnikov wrote:
> Pointer 'dom' which was dereferenced at iommu.c:1993
> is compared to NULL value at iommu.c:1998.
> 
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
> 
> Signed-off-by: Alexander Sapozhnikov <alsp705@gmail.com>
> ---
>   drivers/iommu/amd/iommu.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
> index a0924144bac8..64a88e67be9c 100644
> --- a/drivers/iommu/amd/iommu.c
> +++ b/drivers/iommu/amd/iommu.c
> @@ -1985,6 +1985,9 @@ static void amd_iommu_domain_free(struct iommu_domain *dom)
>   {
>   	struct protection_domain *domain;
>   
> +	if (!dom)
> +		return;
> +
>   	domain = to_pdomain(dom);
>   
>   	if (domain->dev_cnt > 0)

This check is already added in the following commit in the next branch 
of the iommu.git repo.

3f4b87b959ea "iommu/amd: Make use of domain_alloc and domain_free"
(https://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu.git/commit/?h=next&id=3f4b87b959eab362b89fce6ceb9d1badd102e5ea)

Thanks,
Suravee