diff --git a/llvm/lib/Target/X86/X86ISelLowering.cpp b/llvm/lib/Target/X86/X86ISelLowering.cpp
--- a/llvm/lib/Target/X86/X86ISelLowering.cpp
+++ b/llvm/lib/Target/X86/X86ISelLowering.cpp
@@ -44622,7 +44622,7 @@
       return SDValue();
     };
     if (SDValue Extract = IsExtractedElement(StoredVal)) {
-      SDValue Trunc = peekThroughOneUseBitcasts(Extract.getOperand(0));
+      SDValue Trunc = peekThroughOneUseBitcasts(Extract);
       if (Trunc.getOpcode() == X86ISD::VTRUNC) {
         SDValue Src = Trunc.getOperand(0);
         MVT DstVT = Trunc.getSimpleValueType();
diff --git a/llvm/test/CodeGen/X86/oss-fuzz-25184.ll b/llvm/test/CodeGen/X86/oss-fuzz-25184.ll
new file mode 100644
--- /dev/null
+++ b/llvm/test/CodeGen/X86/oss-fuzz-25184.ll
@@ -0,0 +1,18 @@
+; NOTE: Assertions have been autogenerated by utils/update_llc_test_checks.py
+; RUN: llc < %s -mtriple=x86_64-apple-darwin19.5.0 | FileCheck %s
+
+; OSS fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25184
+
+define <2 x double> @test_fpext() {
+; CHECK-LABEL: test_fpext:
+; CHECK:       ## %bb.0:
+; CHECK-NEXT:    movsd {{.*#+}} xmm0 = mem[0],zero
+; CHECK-NEXT:    retq
+  %tmp12 = insertelement <4 x float> undef, float 0.000000e+00, i32 3
+  %tmp5 = fpext <4 x float> %tmp12 to <4 x double>
+  %ret = shufflevector <4 x double> %tmp5, <4 x double> undef, <2 x i32> <i32 0, i32 1>
+  %E1 = extractelement <4 x double> %tmp5, i16 undef
+  %I2 = insertelement <2 x double> %ret, double 4.940660e-324, i16 undef
+  store double %E1, double* undef, align 8
+  ret <2 x double> %I2
+}