Like MOVS, INS, and OUTS, STOS also has a special purpose hook, where
the hook function may legitimately have the same expectation as to the
request not straddling address space start/end.
Fixes: 5dfe4aa4eeb6 ("x86_emulate: Do not request emulation of REP instructions
beyond the")
Reported-by: Fabian Specht <[email protected]>
Signed-off-by: Jan Beulich <[email protected]>
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2221,7 +2221,7 @@ x86_emulate(
dst.bytes = src.bytes;
dst.mem.seg = x86_seg_es;
- dst.mem.off = truncate_ea(_regs.r(di));
+ dst.mem.off = truncate_ea_and_reps(_regs.r(di), nr_reps, dst.bytes);
if ( (nr_reps == 1) || !ops->rep_stos ||
((rc = ops->rep_stos(&src.val,
dst.mem.seg, dst.mem.off, dst.bytes,
