[CGP] Ensure address offset is representable as int64_t

AddressingModeMatcher::matchAddr was calling getSExtValue for a constant before ensuring that we can actually represent the value as int64_t

Fixes PR46004 / OSSFuzz#22357

lib/CodeGen/CodeGenPrepare.cpp

@@ -4512,11 +4512,13 @@ bool AddressingModeMatcher::matchAddr(Value *Addr, unsigned Depth) {
   TypePromotionTransaction::ConstRestorationPt LastKnownGood =
       TPT.getRestorationPoint();
   if (ConstantInt *CI = dyn_cast<ConstantInt>(Addr)) {
-    // Fold in immediates if legal for the target.
-    AddrMode.BaseOffs += CI->getSExtValue();
-    if (TLI.isLegalAddressingMode(DL, AddrMode, AccessTy, AddrSpace))
-      return true;
-    AddrMode.BaseOffs -= CI->getSExtValue();
+    if (CI->getValue().isSignedIntN(64)) {
+      // Fold in immediates if legal for the target.
+      AddrMode.BaseOffs += CI->getSExtValue();
+      if (TLI.isLegalAddressingMode(DL, AddrMode, AccessTy, AddrSpace))
+        return true;
+      AddrMode.BaseOffs -= CI->getSExtValue();
+    }
   } else if (GlobalValue *GV = dyn_cast<GlobalValue>(Addr)) {
     // If this is a global variable, try to fold it into the addressing mode.
     if (!AddrMode.BaseGV) {

test/CodeGen/X86/pr46004.ll

@@ -0,0 +1,21 @@
+; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
+; RUN: llc < %s -mtriple=i686-unknown-unknown | FileCheck %s --check-prefix=X86
+; RUN: llc < %s -mtriple=x86_64-unknown-unknown | FileCheck %s --check-prefix=X64
+
+; OSS Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22357
+define void @fuzz22357(i128 %a0) {
+; X86-LABEL: fuzz22357:
+; X86:       # %bb.0:
+; X86-NEXT:    movb $0, (%eax)
+; X86-NEXT:    retl
+;
+; X64-LABEL: fuzz22357:
+; X64:       # %bb.0:
+; X64-NEXT:    movb $0, (%rax)
+; X64-NEXT:    retq
+  %1 = add i128 %a0, 170141183460469231731687303715884105727
+  %2 = add nuw nsw i128 %1, 22222
+  %3 = getelementptr i8, i8* undef, i128 %2
+  store i8 0, i8* %3, align 1
+  ret void
+}