Possible null dereferencing in VPlanTransforms.cpp

Hi!

I’ve noticed during reviewing the code that in VPlanTransforms.cpp in the function VPlanTransforms::removeRedundantInductionCasts :

void VPlanTransforms::removeRedundantInductionCasts(VPlan &Plan) {
  for (auto &Phi : Plan.getVectorLoopRegion()->getEntryBasicBlock()->phis()) {
    auto *IV = dyn_cast<VPWidenIntOrFpInductionRecipe>(&Phi);
    if (!IV || IV->getTruncInst())
      continue;

    auto &Casts = IV->getInductionDescriptor().getCastInsts();
    VPValue *FindMyCast = IV;
    for (Instruction *IRCast : reverse(Casts)) {
      VPSingleDefRecipe *FoundUserCast = nullptr;
      for (auto *U : FindMyCast->users()) {
        auto *UserCast = dyn_cast<VPSingleDefRecipe>(U);
        if (UserCast && UserCast->getUnderlyingValue() == IRCast) {
          FoundUserCast = UserCast;
          break;
        }
      }
      FindMyCast = FoundUserCast;
    }
    FindMyCast->replaceAllUsesWith(IV);
  }
}

There is possibility of null dereferencing in FindMyCast->replaceAllUsesWith(IV); in case when FindMyCast has no users. In such situation FindMyCast == nullptr and as a result we might end up with error.

Is this actual possibility to have no users in this case, or it is guaranteed elsewhere?

Seems to be a bug. FindMyCast = FoundUserCast; probably needs to be under if (FoundUserCast). Not sure if it’s triggerable in practice.

That could be the simplest change even in the case that such event never happens. I will create simple PR for this. Let see what will be the response.

If you are able to construct a test case that shows the issue, a PR would be great!

Yeah, that might be an issue to show the issue. So far I couldn’t find any good example to expose it. Hence my question here hoping that someone might suggest some.