x86emul: handle address wrapping for VMASKMOVP{S,D}

I failed to recognize the need to mirror the changes done by 7869e2bafe
("x86emul/fuzz: add rudimentary limit checking") into the earlier
written but later committed 2fe43d333f ("x86emul: support remaining AVX
insns"): Behavior here is the same as for multi-part reads or writes.

Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>

diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
index d9bcd314ecc951f72de4bfbc002dcc95fb450cad..54a275664ae1f0c89b6e2509847c3c9dd540054e 100644 (file)
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -7887,7 +7887,7 @@ x86_emulate(
             switch ( d & SrcMask )
             {
             case SrcMem:
-                rc = ops->read(ea.mem.seg, ea.mem.off + first_byte,
+                rc = ops->read(ea.mem.seg, truncate_ea(ea.mem.off + first_byte),
                                (void *)mmvalp + first_byte, op_bytes,
                                ctxt);
                 if ( rc != X86EMUL_OKAY )
@@ -7970,7 +7970,7 @@ x86_emulate(
         else
         {
             fail_if(!ops->write);
-            rc = ops->write(dst.mem.seg, dst.mem.off + first_byte,
+            rc = ops->write(dst.mem.seg, truncate_ea(dst.mem.off + first_byte),
                             !state->simd_size ? &dst.val
                                               : (void *)mmvalp + first_byte,
                             dst.bytes, ctxt);